HoneyLabs
iAnonymous lookups: 10/min, 60/hr per source IP. Sign in (free) to lift the limit, run heavier queries, and get an API key for MCP / HTTP.

Filtered actors

ASN=214295

5 unique IPs · 319 events · 1 countries · 1 ASNs

Activity · last 7d

2026-06-24: 44 events2026-06-25: 238 events2026-06-26: 37 events

peak 238 on 2026-06-25

Top source networks · click to refine

Refine
Turn this query into a daily email digest or an IOC feed URL.Save as feed

Sample payloads

top distinct probes matching this query
ProtocolPortProbe / payloadHitsExample
HTTP3794GET /vpn/index.html
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.…
81 · 3 IPs45.142.193.24 →
HTTP1604GET /+CSCOE+/logon.html
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.…
76 · 3 IPs45.142.193.139 →
HTTP3550POST /cgi/login
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.…
41 · 3 IPs45.142.193.139 →
HTTP21270GET /login
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.…
29 · 3 IPs45.142.193.139 →
HTTP21270GET /remote/login
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.…
29 · 3 IPs45.142.193.139 →
RDP3389/RDPRDP (X.224)03 00 00 25 02 f0 80 64 00 00 03 eb 70 80 16 16 00 17 00 e9 03 00 00 00 …(46 bytes)1845.142.193.166 →
RDP3389/RDP*%�Cookie: mstshash=Test 1845.142.193.166 →
HTTP12349POST /
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.…
1445.142.193.142 →
HTTP20547GET /
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.…
1345.142.193.142 →
IPCountryASNTop portsEvents
Showing top 50 by event count. Window is the last 7d. Add or remove filters by clicking any value on a per-IP report.