HoneyLabs
iAnonymous lookups: 10/min, 60/hr per source IP. Sign in (free) to lift the limit, run heavier queries, and get an API key for MCP / HTTP.

Filtered actors

ASN=44244

4 unique IPs · 18 events · 1 countries · 1 ASNs

Activity · last 7d

2026-06-27: 1 events2026-06-29: 16 events2026-06-30: 1 events

peak 16 on 2026-06-29

Top source networks · click to refine

Refine
Turn this query into a daily email digest or an IOC feed URL.Save as feed

Sample payloads

top distinct probes matching this query
ProtocolPortProbe / payloadHitsExample
-445/SMB00 00 00 88 ff 53 4d 42 73 00 00 00 00 18 07 c0 00 00 00 00 00 00 00 00 …(140 bytes)2 · 2 IPs2.145.211.43 →
-445/SMB00 00 00 4a ff 53 4d 42 25 00 00 00 00 18 01 28 00 00 00 00 00 00 00 00 …(78 bytes)2 · 2 IPs2.145.211.43 →
-445/SMB00 00 00 5c ff 53 4d 42 75 00 00 00 00 18 07 c0 00 00 00 00 00 00 00 00 …(96 bytes)2 · 2 IPs2.145.211.43 →
-445/SMB00 00 00 63 ff 53 4d 42 73 00 00 00 00 18 01 20 00 00 00 00 00 00 00 00 …(103 bytes)2 · 2 IPs2.145.211.43 →
-445/SMB00 00 00 4e ff 53 4d 42 32 00 00 00 00 18 07 c0 00 00 00 00 00 00 00 00 …(82 bytes)2 · 2 IPs2.145.211.43 →
-445/SMB��SMBrS���@bPC NETWORK PROGRAM 1.0LANMAN1.0Windows for Workgroups 3.1aLM1.2X002LANMAN2.1NT LM 0.122 · 2 IPs2.145.211.43 →
-445/SMBT�SMBr(/K�^1LANMAN1.0LM1.2X002NT LANMAN 1.0NT LM 0.122 · 2 IPs2.145.211.43 →
HTTP2053POST /login
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36
15.120.133.230 →
-445/SMBE�SMBrH��"NT LM 0.12SMB 2.002SMB 2.???15.125.253.132 →
-445/SMB[�SMBu /K�^�\\66.179.248.54\IPC$?????PATH_REPLACE__?????12.145.211.43 →
-445/SMB[�SMBu /K�^�\\172.16.30.6\IPC$?????EEPATH_REPLACE__?????15.121.208.16 →
IPCountryASNTop portsEvents
Showing top 50 by event count. Window is the last 7d. Add or remove filters by clicking any value on a per-IP report.