Hi forum friends,
I can monitor this from time to time - connection service type: outbound http - Interface: 10.0.0.XXX - Remote port: 80 - for hostname 38.100.19.124 and IP address 38.100.19.124, see http://www.ipillion.com/ip/38.100.19.124
What can be the background of this outbound connection, all my connections are stealth?
Ping online data:
64 bytes from 38.100.19.124: icmp_req=1 ttl=115 time=104 ms
64 bytes from 38.100.19.124: icmp_req=2 ttl=115 time=104 ms
64 bytes from 38.100.19.124: icmp_req=3 ttl=115 time=104 ms
64 bytes from 38.100.19.124: icmp_req=4 ttl=115 time=104 ms
— 38.100.19.124 ping statistics —
packets transmitted 4
received 4
packet loss 0 %
time 3003 ms
— Round Trip Time (rtt) —
min 104.116 ms
avg 104.190 ms
max 104.227 ms
mdev 0.043 ms
polonus
Still see them on the Net-Monitor: interface 10.0.0.2
Read why I post here: http://hphosts.blogspot.nl/2010/02/crimeware-friendly-isps-cogent-psi.html
See: https://www.virustotal.com/nl/ip-address/38.100.19.124/information/
Get this json info {“ip”: “38.100.19.124”, “prefix”: “38.0.0.0/8”, “country_code”: “US”, “asn”: “AS174”, “city”: “Washington”, “country”: “United States”, “region”: “District of Columbia”, “hostname”: “38.100.19.124”, “longitude”: -77.0763, “latitude”: 38.9144, “organization”: “COGENT Cogent/PSI”}
80/tcp open http Microsoft IIS httpd *
|_http-methods: No Allow or Public header in OPTIONS response (status code 400)
|_http-title: Site doesn’t have a title (text/html).
HTTP/1.1 400 Bad Request
Content-Length: 39
Content-Type: text/html
Date: Sat, 18 Jan 2014 14:09:42 GMT
Connection: close
HTTP/1.1 400 Bad Request
Content-Type: text/html
Date: Sat, 18 Jan 2014 14:10:07 GMT
Connection: close
Content-Length: 39
Bad Request (Invalid Hostname)
See: http://myip.ms/info/whois/38.100.19.124
IPBlock domains: http://www.tagorbit.com/iprange/38.100 → http://www.ipillion.com/ip/38.100.19.124
What is this?
polonus