iAnonymous lookups: 30/hr per source IP. Sign in (free) to lift the limit, run heavier queries, and get an API key for MCP / HTTP.
Filtered actors
port=9229
32 unique IPs · 55 events · 11 countries · 14 ASNs
Activity · last 7d
peak 19 on 2026-07-03
port: 9229×window1h24h7d30d🔒90d🔒
Turn this query into a daily email digest or an IOC feed URL.Save as feed
Sample payloads
top distinct probes matching this query| Protocol | Port | Probe / payload | Hits | Example |
|---|---|---|---|---|
| HTTP | 9229 | GET / UA: Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpan… | 23 · 20 IPs | 147.185.133.235 → |
| HTTP | 9229 | GET /.well-known/security.txt UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4 240.111 Safari/537.36 | 6 · 5 IPs | 154.197.56.163 → |
| HTTP | 9229 | GET /favicon.ico UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4 240.111 Safari/537.36 | 4 · 3 IPs | 154.197.56.163 → |
| HTTP | 9229 | GET /json | 3 | 45.195.83.137 → |
| HTTP | 9229 | GET /json/version UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 | 3 · 3 IPs | 45.198.224.81 → |
| RDP | 9229 | /*� Cookie: mstshash=Administr | 3 · 2 IPs | 80.94.95.221 → |
| - | 9229 | �<HONEYPOT>$ | 2 | 151.240.63.161 → |
| HTTP | 9229 | GET /sitemap.xml UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4 240.111 Safari/537.36 | 2 | 154.197.56.163 → |
| HTTP | 9229 | GET /robots.txt UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4 240.111 Safari/537.36 | 2 | 154.197.56.163 → |
| HTTP | 9229 | GET /llms.txt UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4 240.111 Safari/537.36 | 2 | 154.197.56.163 → |
| HTTP | 9229 | GET /jolokia/list UA: Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpan… | 1 | 147.185.133.132 → |
| HTTP | 9229 | GET /squid-internal-mgr/cachemgr.cgi UA: Mozilla/5.0 zgrab/0.x | 1 | 68.183.5.101 → |
IPCountryASNTop portsEvents