iAnonymous lookups: 30/hr per source IP. Sign in (free) to lift the limit, run heavier queries, and get an API key for MCP / HTTP.
Filtered actors
port=18072
11 unique IPs · 28 events · 9 countries · 7 ASNs
Activity · last 7d
peak 12 on 2026-07-04
port: 18072×window1h24h7d30d🔒90d🔒
Turn this query into a daily email digest or an IOC feed URL.Save as feed
Sample payloads
top distinct probes matching this query| Protocol | Port | Probe / payload | Hits | Example |
|---|---|---|---|---|
| HTTP | 18072 | GET / UA: Mozilla/5.0 (compatible; ModatScanner/1.2; +https://modat.io/) | 9 · 7 IPs | 85.217.140.3 → |
| HTTP | 18072 | GET /favicon.ico UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Ed… | 3 · 3 IPs | 152.32.197.166 → |
| HTTP | 18072 | GET /squid-internal-mgr/cachemgr.cgi UA: Mozilla/5.0 zgrab/0.x | 1 | 157.230.26.229 → |
| TPKT | 18072 | TPKT / COTP (ISO-TSAP)03 00 00 0b 06 e0 00 00 00 00 00 | 1 | 152.32.197.166 → |
| - | 18072 | �<HONEYPOT>F� | 1 | 151.240.102.64 → |
| HTTP | 18072 | GET /global-protect/login.esp UA: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_0; en-US) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/4.0.202.0 Safari/5… | 1 | 79.124.58.126 → |
| RDP | 18072 | 3.� Cookie: mstshash=Administrator | 1 | 152.32.197.166 → |
| - | 18072 | 1 | 151.240.102.64 → | |
| HTTP | 18072 | GET /sslvpn_logon.shtml UA: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_0; en-US) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/4.0.202.0 Safari/5… | 1 | 79.124.58.126 → |
| HTTP | 18072 | GET /remote/login UA: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_0; en-US) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/4.0.202.0 Safari/5… | 1 | 79.124.58.126 → |
| HTTP | 18072 | GET /+CSCOE+/logon.html UA: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_0; en-US) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/4.0.202.0 Safari/5… | 1 | 79.124.58.126 → |
| HTTP | 18072 | GET /sslmgr UA: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_0; en-US) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/4.0.202.0 Safari/5… | 1 | 79.124.58.126 → |
IPCountryASNTop portsEvents