Why am I receiving connection attempts from this machine?

These connections are part of an Internet-wide research study being conducted by computer scientists at RWTH Aachen University. The research involves benign HTTP requests to a large body of websites. By visiting them, we are able to analyze global patterns and trends in protocol deployment, performance and security.

All our requests are RFC-compliant. We never attempt to exploit security problems, guess passwords, or change device configuration. We only receive data that is publicly visible to anyone who visits a particular homepage.

Why are you collecting this data?

The data collected through these connections helps computer scientists study the deployment, configuration and performance of network protocols and security technologies. For example, we use it to help web browser makers and other software developers understand the impact of proposed protocol changes and security improvements. In some cases, we are able to detect vulnerable systems and report the problems to the system operators.

Can I request that my server be excluded?

To have your host or network excluded from future scans conducted by RWTH Aachen University, please contact researchscan@comsys.rwth-aachen.de with your IP address or CIDR block. Alternatively, you can configure your firewall to drop traffic from the subnet we use for scanning: 137.226.113.0/26.