INFO: Accessible HTTP Report

DESCRIPTION LAST UPDATED:  2023-12-12

DEFAULT SEVERITY LEVEL: INFO

This report identifies hosts that have the Hypertext Transfer Protocol (HTTP) running on some port and are accessible on the Internet.

This is just a population/external surface exposure scan. We are not highlighting any vulnerabilities in this report, just the fact there is an HTTP server running. This allows you to track your daily asset exposure. If you prefer not to receive it, contact us to opt-out.

Severity levels are described here.

For more information on our scanning efforts, check out our Internet scanning summary page.

This report has an IPv4 and IPv6 version.

Filename(s): scan_http, scan6_http

Fields

  • timestamp
    Time that the IP was probed in UTC+0
  • severity
    Severity level
  • ip
    The IP address of the device in question
  • protocol
    Protocol that the HTTP response came on (always TCP)
  • port
    Port that the HTTP response came from (8080/TCP)
  • hostname
    Reverse DNS name of the device in question
  • tag
    This will always be http
  • asn
    ASN of where the device in question resides
  • geo
    Country where the device in question resides
  • region
    State / Province / Administrative region where the device in question resides
  • city
    City in which the device in question resides
  • naics
    North American Industry Classification System Code
  • hostname_source
    Hostname source
  • http
    Hypertext Transfer Protocol Version
  • http_code
    HTTP Response code: e.g., 200, 401, 404
  • http_reason
    The text reason to go with the HTTP Code
  • content_type
    The MIME type of the body of the request (used with POST and PUT requests)
  • connection
    Control options for the current connection and list of hop-by-hop request fields
  • www_authenticate
    Indicates the authentication scheme that should be used to access the requested entity
  • set_cookie
    The HTTP Cookie to be set
  • server
    HTTP Server type
  • content_length
    The length of the response body in octets
  • transfer_encoding
    The form of encoding used to safely transfer the entity to the user
  • http_date
    The date and time that the message was sent

Sample

"timestamp","severity","ip","protocol","port","hostname","tag","sector","asn","geo","region","city","naics","hostname_source","http","http_code","http_reason","content_type","connection","www_authenticate","set_cookie","server","content_length","transfer_encoding","http_date"
"2010-02-10 00:00:00",info,192.168.0.1,tcp,10001,node01.example.com,http,,64512,ZZ,Region,City,0,,HTTP/1.1,400,"Bad Request",text/html,close,,,WAF,664,,"Wed, 10 Feb 2010 00:00:00 GMT"
"2010-02-10 00:00:01",info,192.168.0.2,tcp,10001,node02.example.com,http,,64512,ZZ,Region,City,0,,HTTP/1.1,400,"Bad Request","text/html; charset=utf-8",close,,,nginx,650,,"Wed, 10 Feb 2010 00:00:01 GMT"
"2010-02-10 00:00:02",info,192.168.0.3,tcp,10001,node03.example.com,http,,64512,ZZ,Region,City,0,,HTTP/1.1,400,"Bad Request",text/html,close,,,WAF,664,,"Wed, 10 Feb 2010 00:00:02 GMT"

Our 124 Report Types