I check my custom logs and I see this:
[REDACTED IP],[REDACTED IP],[REDACTED IP],[REDACTED IP] - GET .
[REDACTED IP],undefined,[REDACTED IP] - GET .
[REDACTED IP],[REDACTED IP],[REDACTED IP] - HEAD .
What is the HEAD request, and should I be worried?
A head request is a request to get the “headers” of a website. Headers are information a server gives the client that tells the client (browser, cURL) information about the website, how to display the website, and more. Sending a HEAD request to Glitch returns this:
$ curl -I https://glitch.com
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Length: 4345
Connection: keep-alive
Date: Mon, 11 Jan 2021 23:26:34 GMT
X-Powered-By: Express
Strict-Transport-Security: max-age=2628000; includeSubDomains; preload
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: base-uri 'self'; report-uri https://csp-reporting-server.glitch.me/report; frame-ancestors https://glitch.com https://glitch.development
X-Content-Security-Policy: base-uri 'self'; report-uri https://csp-reporting-server.glitch.me/report; frame-ancestors https://glitch.com https://glitch.development
X-WebKit-CSP: base-uri 'self'; report-uri https://csp-reporting-server.glitch.me/report; frame-ancestors https://glitch.com https://glitch.development
X-Frame-Options: DENY
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 05 Jan 2021 21:43:38 GMT
ETag: W/"10f9-176d4816310"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 aa68d5eaf078dffca4154e55039dbb84.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: PHL50-C1
X-Amz-Cf-Id: r4jVzGUaphV-iSgXd0sMC8C-C_kgQa3nu1uJGqqRH_KapqoK6d7VMQ==
Age: 23
I hope this helps! But check the IP that sent the HEAD request on abuseipdb.com, sometimes scanners will use them.
This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.