Lookup

Explore

CVEs Payloads Campaigns AEI Index Ports User-agents

Integrations

Overview MCP Feeds API / Enrich

iAnonymous lookups: 10/min, 60/hr per source IP. Sign in (free) to lift the limit, run heavier queries, and get an API key for MCP / HTTP.

Filtered actors

port=9228

32 unique IPs · 37 events · 7 countries · 7 ASNs

Activity · last 7d

peak 8 on 2026-06-22

Top source networks · click to refine

AS396982 Google LLC54.1%

AS209334 Modat B.V.13.5%

AS45102 Alibaba US Technology Co., Ltd.10.8%

AS206264 Amarutu Technology Ltd10.8%

port: 9228×window1h 24h7d30d🔒90d🔒

Turn this query into a daily email digest or an IOC feed URL.Save as feed

Sample payloads

top distinct probes matching this query

Protocol	Port	Probe / payload	Hits	Example
HTTP	9228	GET / UA: Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpan…	23 · 20 IPs	35.203.211.48 →
HTTP	9228	GET /..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:146.0) Gecko/20100101 Firefox/146.0	4 · 3 IPs	5.187.35.142 →
-	9228	0a	3 · 3 IPs	85.217.140.51 →
HTTP	9228	GET /.well-known/security.txt UA: Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpan…	3 · 2 IPs	162.216.149.177 →
HTTP	9228	GET /squid-internal-mgr/cachemgr.cgi UA: Mozilla/5.0 zgrab/0.x	2 · 2 IPs	142.93.72.196 →
HTTP	9228	GET /favicon.ico UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	1	47.77.228.238 →
TPKT	9228	TPKT / COTP (ISO-TSAP)03 00 00 13 0e e0 00 00 00 00 00 01 00 08 00 03 00 00 00	1	15.204.244.83 →

IPCountryASNTop portsEvents

162.216.150.181181.150.216.162.bc.googleusercontent.com 🇺🇸US AS396982 Google LLC92282

35.203.211.140140.211.203.35.bc.googleusercontent.com 🇬🇧GB AS396982 Google LLC92282

8.209.107.26 🇩🇪DE AS45102 Alibaba US Technology Co., Ltd.92282

5.187.35.26 🇳🇱NL AS206264 Amarutu Technology Ltd92282

147.185.132.134 🇺🇸US AS396982 Google LLC92282

31.14.32.4n300.scanner.modat.io 🇳🇱NL AS201401 NewVM B.V.92281

142.93.72.196 🇺🇸US AS14061 DigitalOcean, LLC92281

47.77.228.238 🇺🇸US AS45102 Alibaba US Technology Co., Ltd.92281

85.217.140.35o334.scanner.modat.io 🇫🇷FR AS209334 Modat B.V.92281

35.203.211.4848.211.203.35.bc.googleusercontent.com 🇬🇧GB AS396982 Google LLC92281

162.216.150.44.150.216.162.bc.googleusercontent.com 🇺🇸US AS396982 Google LLC92281

15.204.244.83vps-d5c078c1.vps.ovh.us 🇺🇸US AS16276 OVH SAS92281

162.216.149.125125.149.216.162.bc.googleusercontent.com 🇺🇸US AS396982 Google LLC92281

85.217.140.51o350.scanner.modat.io 🇫🇷FR AS209334 Modat B.V.92281

85.217.149.55o055.scanner.modat.io 🇨🇦CA AS209334 Modat B.V.92281

5.187.35.142 🇳🇱NL AS206264 Amarutu Technology Ltd92281

35.203.211.115115.211.203.35.bc.googleusercontent.com 🇬🇧GB AS396982 Google LLC92281

162.216.149.177177.149.216.162.bc.googleusercontent.com 🇺🇸US AS396982 Google LLC92281

35.203.210.202202.210.203.35.bc.googleusercontent.com 🇬🇧GB AS396982 Google LLC92281

35.203.211.5959.211.203.35.bc.googleusercontent.com 🇬🇧GB AS396982 Google LLC92281

85.217.140.24o323.scanner.modat.io 🇫🇷FR AS209334 Modat B.V.92281

162.216.149.3434.149.216.162.bc.googleusercontent.com 🇺🇸US AS396982 Google LLC92281

147.185.133.40 🇺🇸US AS396982 Google LLC92281

35.203.210.225225.210.203.35.bc.googleusercontent.com 🇬🇧GB AS396982 Google LLC92281

85.217.149.12o013.scanner.modat.io 🇨🇦CA AS209334 Modat B.V.92281

35.203.210.174174.210.203.35.bc.googleusercontent.com 🇬🇧GB AS396982 Google LLC92281

35.203.210.6666.210.203.35.bc.googleusercontent.com 🇬🇧GB AS396982 Google LLC92281

147.185.133.17 🇺🇸US AS396982 Google LLC92281

165.227.107.139 🇺🇸US AS14061 DigitalOcean, LLC92281

5.61.209.224 🇸🇨SC AS206264 Amarutu Technology Ltd92281

162.216.149.250250.149.216.162.bc.googleusercontent.com 🇺🇸US AS396982 Google LLC92281

47.251.89.134 🇺🇸US AS45102 Alibaba US Technology Co., Ltd.92281

Showing top 50 by event count. Window is the last 7d. Add or remove filters by clicking any value on a per-IP report.