I run a NodeJS web application with packages up to date and secured with a strong password and RSA for ssh.
The application runs on two domains. I check the request headers to get the domain and found some weird requests that had no headers:
console.log(req.headers); // prints `{}`
Near the time of these requests, I also get other weird ones, such as /nmaplowercheck1602743285, /HNAP1, and /evox/about.
I could throttle or black-list the IP of origin, though probably these are only proxy IPs. The last two routes are from 5-6 different countries.
What is this behavior, and is it anything to worry about?
0 Answers