Scanning for exposed Anthropic Models

    Published: 2026-02-02. Last Updated: 2026-02-02 15:14:47 UTC
    by Johannes Ullrich (Version: 1)
    0 comment(s)

    Yesterday, a single IP address (204.76.203.210) scanned a number of our sensors for what looks like an anthropic API node. The IP address is known to be a Tor exit node.

    The requests are pretty simple:

    GET /anthropic/v1/models
    Host: 67.171.182.193:8000
    X-Api-Key: password
    Anthropic-Version: 2023-06-01

    It looks like this is scanning for locally hosted Anthropic models, but it is not clear to me if this would be successful. If anyone has any insights, please let me know. The API Key is a commonly used key in documentation, and not a key that anybody would expect to work.

    At the same time, we are also seeing a small increase in requests for "/v1/messages". These requests have been more common in the past, but the URL may be associated with Anthropic (it is, however, somewhat generic, and it is likely other APIs use the same endpoint. These requests originate from 154.83.103.179, an IP address with a bit a complex geolocation and routing footprint.

    --
    Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
    Twitter|

    Keywords: anthorpic ai
    0 comment(s)
    ISC Stormcast For Monday, February 2nd, 2026 https://isc.sans.edu/podcastdetail/9790

      Comments

      Login here to join the discussion.


      Diary Archives