HoneyLabs
iAnonymous lookups: 10/min, 60/hr per source IP. Sign in (free) to lift the limit, run heavier queries, and get an API key for MCP / HTTP.

Filtered actors

ASN=202425

45 unique IPs · 15.0K events · 2 countries · 1 ASNs

Activity · last 7d

2026-06-24: 537 events2026-06-25: 2.8K events2026-06-26: 2.3K events2026-06-27: 2.3K events2026-06-28: 1.9K events2026-06-29: 2.4K events2026-06-30: 1.8K events2026-07-01: 909 events

peak 2.8K on 2026-06-25

Top source networks · click to refine

Refine
Turn this query into a daily email digest or an IOC feed URL.Save as feed

Sample payloads

top distinct probes matching this query
ProtocolPortProbe / payloadHitsExample
HTTP7777/OracleGET /
UA: Python/3.10 aiohttp/3.8.4
14.4K · 42 IPs80.82.77.202 →
HTTP119/NNTPGET /favicon.ico
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36
207 · 7 IPs93.174.95.106 →
TLS88890a83 · 4 IPs89.248.167.131 →
HTTP60000GET HTTP://ip-api.com/ HTTP/1.02189.248.168.36 →
HTTP8545POST /
UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.89 Safari/537.36
17 · 3 IPs185.242.226.103 →
HTTP27017/MongoDBGET /aab9
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36
1380.82.77.202 →
HTTP27017/MongoDBGET /aaa9
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36
1380.82.77.202 →
HTTP443/HTTPSGET /.well-known/security.txt10 · 3 IPs80.82.77.33 →
HTTP443/HTTPSGET /sitemap.xml10 · 3 IPs80.82.77.33 →
HTTP443/HTTPSGET /robots.txt10 · 3 IPs80.82.77.33 →
-9600/Logstash46 49 4e 53 00 00 00 0c 00 00 00 00 00 00 00 00 00 00 00 008 · 3 IPs93.174.95.106 →
HTTP5984/CouchDBGET /_all_dbs
UA: Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)
8185.242.226.92 →
IPCountryASNTop portsEvents
Showing top 50 by event count. Window is the last 7d. Add or remove filters by clicking any value on a per-IP report.