iAnonymous lookups: 10/min, 60/hr per source IP. Sign in (free) to lift the limit, run heavier queries, and get an API key for MCP / HTTP.
Filtered actors
ASN=202425
45 unique IPs · 15.0K events · 2 countries · 1 ASNs
Activity · last 7d
peak 2.8K on 2026-06-25
Top source networks · click to refine
ASN: 202425×window1h24h7d30d🔒90d🔒
Turn this query into a daily email digest or an IOC feed URL.Save as feed
Sample payloads
top distinct probes matching this query| Protocol | Port | Probe / payload | Hits | Example |
|---|---|---|---|---|
| HTTP | 7777/Oracle | GET / UA: Python/3.10 aiohttp/3.8.4 | 14.4K · 42 IPs | 80.82.77.202 → |
| HTTP | 119/NNTP | GET /favicon.ico UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36 | 207 · 7 IPs | 93.174.95.106 → |
| TLS | 8889 | 0a | 83 · 4 IPs | 89.248.167.131 → |
| HTTP | 60000 | GET HTTP://ip-api.com/ HTTP/1.0 | 21 | 89.248.168.36 → |
| HTTP | 8545 | POST / UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.89 Safari/537.36 | 17 · 3 IPs | 185.242.226.103 → |
| HTTP | 27017/MongoDB | GET /aab9 UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36 | 13 | 80.82.77.202 → |
| HTTP | 27017/MongoDB | GET /aaa9 UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36 | 13 | 80.82.77.202 → |
| HTTP | 443/HTTPS | GET /.well-known/security.txt | 10 · 3 IPs | 80.82.77.33 → |
| HTTP | 443/HTTPS | GET /sitemap.xml | 10 · 3 IPs | 80.82.77.33 → |
| HTTP | 443/HTTPS | GET /robots.txt | 10 · 3 IPs | 80.82.77.33 → |
| - | 9600/Logstash | 46 49 4e 53 00 00 00 0c 00 00 00 00 00 00 00 00 00 00 00 00 | 8 · 3 IPs | 93.174.95.106 → |
| HTTP | 5984/CouchDB | GET /_all_dbs UA: Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html) | 8 | 185.242.226.92 → |
IPCountryASNTop portsEvents
80.82.77.202rnd.group-ib.com🇳🇱NLAS202425 IP Volume inc2715 50050 6379/Redis 5900/VNC 7777/Oracle8.8K
93.174.95.106battery.census.shodan.io🇳🇱NLAS202425 IP Volume inc5601/Kibana 6666 4567 2379 119/NNTP131
89.248.167.131mason.census.shodan.io🇳🇱NLAS202425 IP Volume inc7777/Oracle 7171 1024 23/Telnet 8889125
185.242.226.93security.criminalip.com🇺🇸USAS202425 IP Volume inc5007 47001 25565/Minecraft 502 2020132
185.242.226.17security.criminalip.com🇺🇸USAS202425 IP Volume inc5985 143/IMAP 22/SSH 7547/TR-069 8419