Sonntag, 29. November 2015

46.105.8.133 - Scanning host via Python-urllib

BEGIN OF HTTP DATA:
2015-11-29 11:01:38
Source IP: 46.105.8.133
GET / HTTP/1.1
Accept-Encoding: identity
Host: 109.234.106.8:8080
Connection: close
User-Agent: Python-urllib/2.7


 END OF DATA
GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1
GET / HTTP/1.1
GET /script HTTP/1.1
GET /jenkins/script HTTP/1.1
GET /hudson/script HTTP/1.1
GET /login HTTP/1.1
GET /jenkins/login HTTP/1.1
GET /hudson/login HTTP/1.1
GET /jmx-console HTTP/1.1
GET / HTTP/1.1
GET / HTTP/1.1
GET /manager/html HTTP/1.1
GET / HTTP/1.1
GET / HTTP/1.1
GET /msd HTTP/1.1
GET /mySqlDumper HTTP/1.1
GET /msd1.24stable HTTP/1.1
GET /msd1.24.4 HTTP/1.1
GET /mysqldumper HTTP/1.1
GET /MySQLDumper HTTP/1.1
GET /mysql HTTP/1.1
GET /sql HTTP/1.1
GET /phpmyadmin HTTP/1.1
GET /phpMyAdmin HTTP/1.1
GET /mysql HTTP/1.1
GET /sql HTTP/1.1
GET /myadmin HTTP/1.1
GET /phpMyAdmin-4.2.1-all-languages HTTP/1.1
GET /phpMyAdmin-4.2.1-english HTTP/1.1
GET / HTTP/1.1
GET /sqlite/main.php HTTP/1.1
GET /SQLite/SQLiteManager-1.2.4/main.php HTTP/1.1
GET /SQLiteManager-1.2.4/main.php HTTP/1.1
GET /sqlitemanager/main.php HTTP/1.1
GET /SQlite/main.php HTTP/1.1
GET /SQLiteManager/main.php HTTP/1.1

46.105.8[.]133

    Static Source: GeoIP data
  • Country: France
  • ASN: AS16276 OVH SAS
    Dynamic Source: SANS Internet Storm Cast
  • comment:IP is listed on SANS ISC
  • Reference: https://isc.sans.edu/api/ip/46.105.8.133
    Static Source: panwdbl.appspot.com
  • Comment: Listed in open blacklist
  • Reference: https://panwdbl.appspot.com/lists/openbl.txt
    Static Source: http://sendmespamids.blogspot.nl/ Blacklist
  • Comment: Listed on Honeypot blacklist
  • Reference: https://raw.githubusercontent.com/johestephan/smsids-blacklist/master/blacklist.txt