Ban Hackers

Back in the day, hackers were unemployed or unemployable programmers or teenagers with nothing to do.
Now days, it's criminal organizations and Programmers (with a capital P) with masters degrees hired by foreign (and not so foreign) governments to hack into every server they can find. They even try to scan every possible IP address for web servers. When they find one, somebody later tries to hack it.
So, I set up a website for them to visit. It says Coming Soon.
Then, it records their IP Address and bans it from the server with iptables. It also adds their IP Address and User Agent string to the database.

Here are the IP addresses I've banned over the last week:

BannedID	IP	User Agent String	Date Hacked	Banned Reason
74379	18.97.26.3	Mozilla/5.0 (Windows NT 6.2;en-US) AppleWebKit/537.32.36 (KHTML, live Gecko) Chrome/54.0.3061.65 Safari/537.32	4/20/2026 09:06:55 PM	Tried to access http ip directly.
74378	85.217.149.39	Mozilla/5.0 (compatible; ModatScanner/1.2; +https://modat.io/)	4/20/2026 05:48:30 PM	Tried to access http ip directly.
74377	138.68.28.146	Mozilla/5.0 (Macintosh; Intel Mac OS X 11) AppleWebKit/538.41 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36	4/20/2026 05:17:22 PM	Tried to access http ip directly.
74376	217.15.165.251	Go-http-client/1.1	4/20/2026 04:55:54 PM	Tried to access http ip directly.
74375	195.178.110.34	Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0	4/20/2026 04:05:28 PM	Evil 404 /wp-content/plugins/elementor-pro/assets/js/woocom
74374	107.174.52.83	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36	4/20/2026 02:18:57 PM	Evil 404 .env (AWS vulnerability)
74373	83.27.84.13	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	4/20/2026 02:18:05 PM	Tried to access http ip directly.
74372	205.185.118.173	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36	4/20/2026 01:56:50 PM	Evil 404 /wp-login.php
74371	165.154.51.221	Mozilla/5.0 (Macintosh; Intel Mac OS X 9_0_2) AppleWebKit/597.35 (KHTML, like Gecko) Chrome/74.0.802 Safari/537.36	4/20/2026 01:25:43 PM	Tried to access http ip directly.
74370	173.212.216.253	libredtail-http	4/20/2026 12:13:25 PM	Tried to access http ip directly.
74369	18.215.169.92	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	4/20/2026 12:03:15 PM	Tried to access http ip directly.
74368	157.15.40.40	Go-http-client/1.1	4/20/2026 11:39:43 AM	Evil 404 /wp-content/w3tc-config/master-preview.php
74367	161.178.139.119	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0	4/20/2026 10:37:02 AM	Evil 404 .env (AWS vulnerability)
74366	8.211.5.31	curl/7.64.1	4/20/2026 09:29:22 AM	Tried to access http ip directly.
74365	165.154.42.209	curl/7.29.0	4/20/2026 06:21:29 AM	Tried to access http ip directly.
74364	45.55.80.228	Mozilla/5.0	4/20/2026 04:10:31 AM	Evil 404 /wp-login.php
74363	98.159.37.102	Go-http-client/1.1	4/20/2026 03:53:55 AM	Evil 404 /wp-includes/css/buttons.css
74362	185.241.208.115	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36	4/20/2026 03:13:22 AM	Evil 404 .env (AWS vulnerability)
74361	165.154.182.6	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:137.0) Gecko/20100101 Firefox/137.0	4/20/2026 02:05:16 AM	Tried to access http ip directly.
74360	152.32.235.160	curl/7.29.0	4/20/2026 12:38:34 AM	Tried to access http ip directly.
74359	61.184.87.135	Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/86.0.4240.111Safari/537.36	4/19/2026 11:09:48 PM	Tried to access http ip directly.
74358	104.248.79.109	Mozilla/5.0	4/19/2026 10:51:07 PM	Evil 404 /wp-login.php
74357	193.124.20.247	Mozilla/5.0 (compatible; Infrawatch/1.0; +https://infrawat.ch/)	4/19/2026 05:54:23 PM	Tried to access http ip directly.
74356	45.148.10.238	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	4/19/2026 05:18:36 PM	Evil 404 .env (AWS vulnerability)
74355	207.244.227.110	libredtail-http	4/19/2026 04:40:06 PM	Tried to access http ip directly.
74354	193.124.20.244	Mozilla/5.0 (compatible; Infrawatch/1.0; +https://infrawat.ch/)	4/19/2026 04:35:15 PM	Tried to access http ip directly.
74353	66.132.224.81	Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)	4/19/2026 03:52:56 PM	Tried to access http ip directly.
74352	46.101.166.128	Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)	4/19/2026 03:41:49 PM	Tried to access http ip directly.
74351	104.248.27.192	Go-http-client/1.1	4/19/2026 03:41:49 PM	Evil 404 /cgi-bin/authLogin.cgi
74350	209.38.211.125	Go-http-client/1.1	4/19/2026 03:41:49 PM	Evil 404 /solr/admin/info/system
74349	147.185.133.105	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	4/19/2026 02:57:10 PM	Tried to access http ip directly.
74348	195.178.110.101	Mozilla/5.0 (compatible; SecurityScanner/1.0)	4/19/2026 02:12:10 PM	Evil 404 .env (AWS vulnerability)
74347	152.32.247.22	Mozilla/5.0 (Windows NT 8_2_1; Win64; x64) AppleWebKit/595.51 (KHTML, like Gecko) Chrome/53.0.1663 Safari/537.36	4/19/2026 11:13:26 AM	Tried to access http ip directly.
74346	107.173.37.85	libredtail-http	4/19/2026 09:19:14 AM	Tried to access http ip directly.
74345	193.176.31.158	Mozilla/5.0 (compatible; Infrawatch/1.0; +https://infrawat.ch/)	4/19/2026 06:40:52 AM	Tried to access http ip directly.
74344	185.227.153.151	libredtail-http	4/19/2026 06:01:06 AM	Tried to access http ip directly.
74343	13.89.125.226	Mozilla/5.0 zgrab/0.x	4/19/2026 05:28:16 AM	User Agent Mozilla/5.0 zgrab/0.x
74342	124.198.131.162	Mozilla/5.0 (adaptive-bot)	4/19/2026 05:23:50 AM	Evil 404 .env (AWS vulnerability)
74341	85.239.35.153	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.3 Safari/605.1.15	4/19/2026 04:58:21 AM	Tried to access http ip directly.
74340	94.26.106.206	libredtail-http	4/19/2026 03:28:57 AM	Tried to access http ip directly.
74339	159.203.38.69	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36	4/19/2026 01:44:21 AM	Tried to access http ip directly.
74338	165.154.51.225	curl/7.29.0	4/19/2026 12:58:18 AM	Tried to access http ip directly.
74337	193.124.20.252	Mozilla/5.0 (compatible; Infrawatch/1.0; +https://infrawat.ch/)	4/19/2026 12:50:13 AM	Tried to access http ip directly.
74336	190.97.238.74	libredtail-http	4/19/2026 12:33:35 AM	Tried to access http ip directly.
74335	195.184.76.168	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:134.0) Gecko/20100101 Firefox/134.0	4/19/2026 12:31:18 AM	Tried to access http ip directly.
74334	152.32.206.74	curl/7.29.0	4/18/2026 11:51:34 PM	Tried to access http ip directly.
74333	40.124.173.115	Mozilla/5.0 zgrab/0.x	4/18/2026 11:07:43 PM	Tried to access http ip directly.
74332	34.14.59.22	python-requests/2.32.5	4/18/2026 10:50:53 PM	Tried to access http ip directly.
74331	165.154.135.215	curl/7.29.0	4/18/2026 10:19:13 PM	Tried to access http ip directly.
74330	152.32.245.186	curl/7.29.0	4/18/2026 08:26:09 PM	Tried to access http ip directly.
74329	165.154.36.105	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/561.49 (KHTML, like Gecko) Chrome/93.0.212 Safari/537.36	4/18/2026 08:24:38 PM	Tried to access http ip directly.
74328	103.25.231.252	curl/7.81.0	4/18/2026 07:36:39 PM	Tried to access http ip directly.
74327	103.134.117.23	Go-http-client/1.1	4/18/2026 07:10:51 PM	Tried to access http ip directly.
74326	147.185.132.143	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	4/18/2026 06:23:11 PM	Tried to access http ip directly.
74325	85.217.149.55	Mozilla/5.0 (compatible; ModatScanner/1.2; +https://modat.io/)	4/18/2026 05:36:01 PM	Tried to access http ip directly.
74324	13.60.168.56	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36	4/18/2026 05:33:37 PM	Evil 404 .env (AWS vulnerability)
74323	91.196.152.60	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:134.0) Gecko/20100101 Firefox/134.0	4/18/2026 04:41:18 PM	Tried to access http ip directly.
74322	66.132.195.82	Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)	4/18/2026 03:42:54 PM	Tried to access http ip directly.
74321	118.193.56.229	curl/7.29.0	4/18/2026 02:33:56 PM	Tried to access http ip directly.
74320	212.47.78.123	Go-http-client/1.1	4/18/2026 01:16:00 PM	Evil 404 /wp-includes/css/buttons.css
74319	18.97.26.80	Mozilla/5.0 (Windows NT 6.2;en-US) AppleWebKit/537.32.36 (KHTML, live Gecko) Chrome/59.0.3009.61 Safari/537.32	4/18/2026 01:08:51 PM	Tried to access http ip directly.
74318	165.154.129.220	curl/7.29.0	4/18/2026 12:29:29 PM	Tried to access http ip directly.
74317	168.144.108.157	Mozilla/5.0	4/18/2026 12:14:40 PM	Evil 404 /wp-login.php
74316	194.187.179.65	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0	4/18/2026 11:45:55 AM	Tried to access http ip directly.
74315	85.9.219.124	Go-http-client/1.1	4/18/2026 09:53:37 AM	Tried to access http ip directly.
74314	20.163.60.170	Mozilla/5.0 zgrab/0.x	4/18/2026 08:30:32 AM	User Agent Mozilla/5.0 zgrab/0.x
74313	37.10.113.214	Mozilla/5.0 (compatible; Infrawatch/1.0; +https://infrawat.ch/)	4/18/2026 08:20:47 AM	Tried to access http ip directly.
74312	208.115.230.231	Mozilla/6.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.7.43.25 Safari/537.36	4/18/2026 08:17:26 AM	Evil 404 /wp-login.php
74311	152.32.150.117	curl/7.29.0	4/18/2026 07:37:03 AM	Tried to access http ip directly.
74310	138.2.102.66	libredtail-http	4/18/2026 07:32:12 AM	Tried to access http ip directly.
74309	112.78.191.254	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	4/18/2026 06:25:45 AM	Tried to access http ip directly.
74308	66.132.186.198	Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)	4/18/2026 05:46:22 AM	Tried to access http ip directly.
74307	118.193.64.235	curl/7.29.0	4/18/2026 05:23:40 AM	Tried to access http ip directly.
74306	152.32.141.9	curl/7.29.0	4/18/2026 04:04:58 AM	Tried to access http ip directly.
74305	118.193.57.121	curl/7.29.0	4/18/2026 03:21:06 AM	Tried to access http ip directly.
74304	45.156.129.85	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36	4/18/2026 02:51:55 AM	Tried to access http ip directly.
74303	45.148.10.67	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36	4/17/2026 11:30:04 PM	Tried to access http ip directly.
74302	176.65.148.196	Shodan-Pull/1.0	4/17/2026 10:07:47 PM	Tried to access http ip directly.
74301	143.92.53.33	libredtail-http	4/17/2026 06:21:01 PM	Tried to access http ip directly.
74300	212.237.121.194	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36	4/17/2026 05:09:30 PM	Evil 404 /wp-content/plugins/backup-backup/includes/backup-
74299	162.216.149.52	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	4/17/2026 04:55:25 PM	Tried to access http ip directly.
74298	172.233.24.189	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	4/17/2026 04:45:30 PM	Evil 404 .env (AWS vulnerability)
74297	152.32.206.87	curl/7.29.0	4/17/2026 03:58:21 PM	Tried to access http ip directly.
74296	43.228.157.67	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 Chrome/120.0.0.0 Safari/537.36	4/17/2026 03:01:48 PM	Evil 404 .env (AWS vulnerability)
74295	20.163.74.93	Mozilla/5.0 zgrab/0.x	4/17/2026 01:45:55 PM	Tried to access http ip directly.
74294	52.91.1.143	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	4/17/2026 12:01:28 PM	Tried to access http ip directly.
74293	93.189.222.80	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	4/17/2026 10:54:20 AM	Tried to access http ip directly.
74292	176.65.139.254	Linux Gnu (cow)	4/17/2026 09:33:13 AM	Tried to access http ip directly.
74291	183.96.173.196	Go-http-client/1.1	4/17/2026 08:54:51 AM	Tried to access http ip directly.
74290	118.194.251.145	curl/7.29.0	4/17/2026 08:31:31 AM	Tried to access http ip directly.
74289	89.117.146.239	Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Mobile Safari/537.36	4/17/2026 07:16:00 AM	Evil 404 .env (AWS vulnerability)
74288	89.117.148.9	Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Mobile Safari/537.36	4/17/2026 07:16:00 AM	Evil 404 .env (AWS vulnerability)
74287	88.151.32.168	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:138.0) Gecko/20100101 Firefox/138.0	4/17/2026 07:15:30 AM	Evil 404 .env (AWS vulnerability)
74286	66.132.172.45	Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)	4/17/2026 04:59:18 AM	Tried to access http ip directly.
74285	64.23.159.132	libredtail-http	4/17/2026 04:06:27 AM	Tried to access http ip directly.
74284	195.154.37.24	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36	4/17/2026 03:49:33 AM	Tried to access http ip directly.
74283	177.66.247.44	Go-http-client/1.1	4/17/2026 03:08:49 AM	Tried to access http ip directly.
74282	147.185.133.42	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	4/17/2026 02:26:30 AM	Tried to access http ip directly.
74281	107.150.109.174	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36	4/17/2026 02:13:45 AM	Tried to access http ip directly.
74280	20.168.122.6	Mozilla/5.0 zgrab/0.x	4/17/2026 01:27:59 AM	User Agent Mozilla/5.0 zgrab/0.x
74279	152.32.135.81	Mozilla/5.0 (Macintosh; Intel Mac OS X 9_1_1) AppleWebKit/542.47 (KHTML, like Gecko) Chrome/92.0.2016 Safari/537.36	4/17/2026 01:21:33 AM	Tried to access http ip directly.
74278	88.151.34.143	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:138.0) Gecko/20100101 Firefox/138.0	4/17/2026 01:14:48 AM	Evil 404 .env (AWS vulnerability)
74277	46.250.248.115	Go-http-client/1.1	4/17/2026 12:44:15 AM	Tried to access http ip directly.
74276	157.245.103.79	Go-http-client/1.1	4/16/2026 11:09:34 PM	Tried to access http ip directly.
74275	176.65.139.101	Shodan-Pull/1.0	4/16/2026 10:24:02 PM	Tried to access http ip directly.
74274	45.55.158.168	Mozilla/5.0 (compatible; InternetMeasurement/1.0; +https://internet-measurement.com/)	4/16/2026 08:35:04 PM	Tried to access http ip directly.
74273	45.196.196.187	Go-http-client/1.1	4/16/2026 08:24:08 PM	Tried to access http ip directly.
74272	159.203.10.9	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36	4/16/2026 07:51:12 PM	Tried to access http ip directly.
74271	202.58.242.242	Go-http-client/1.1	4/16/2026 07:29:07 PM	Tried to access http ip directly.
74270	66.132.224.86	Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)	4/16/2026 07:03:37 PM	Tried to access http ip directly.
74269	20.78.172.67	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	4/16/2026 06:01:40 PM	Evil 404 /wp-content/plugins/twenty/login.php
74268	85.217.149.6	Mozilla/5.0 (compatible; ModatScanner/1.2; +https://modat.io/)	4/16/2026 04:30:33 PM	Tried to access http ip directly.
74267	118.193.65.212	curl/7.29.0	4/16/2026 04:07:54 PM	Tried to access http ip directly.
74266	20.29.23.166	Mozilla/5.0 zgrab/0.x	4/16/2026 04:05:13 PM	User Agent Mozilla/5.0 zgrab/0.x
74265	101.36.118.148	curl/7.29.0	4/16/2026 03:29:51 PM	Tried to access http ip directly.
74264	35.195.138.45	python-requests/2.32.5	4/16/2026 03:28:11 PM	Tried to access http ip directly.
74263	32.192.252.248	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36	4/16/2026 03:11:56 PM	Evil 404 .env (AWS vulnerability)
74262	193.124.20.243	Mozilla/5.0 (compatible; Infrawatch/1.0; +https://infrawat.ch/)	4/16/2026 03:03:23 PM	Tried to access http ip directly.
74261	103.9.159.151	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0	4/16/2026 02:37:19 PM	Tried to access http ip directly.
74260	52.90.1.24	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	4/16/2026 12:01:09 PM	Tried to access http ip directly.
74259	45.148.10.51	Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36	4/16/2026 11:40:27 AM	Evil 404 .env (AWS vulnerability)
74258	149.102.240.182	Mozilla/5.0 (X11; Linux aarch64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36	4/16/2026 11:17:29 AM	Tried to access http ip directly.
74257	156.251.25.57	Go-http-client/1.1	4/16/2026 11:08:34 AM	Tried to access http ip directly.
74256	193.176.31.151	Mozilla/5.0 (compatible; Infrawatch/1.0; +https://infrawat.ch/)	4/16/2026 10:09:02 AM	Tried to access http ip directly.
74255	165.154.173.35	curl/7.29.0	4/16/2026 10:05:50 AM	Tried to access http ip directly.
74254	195.178.110.204	Mozilla/5.0 (X11; Linux x86_64; rv:101.0) Gecko/20100101 Firefox/101.0	4/16/2026 09:20:31 AM	Evil 404 /cgi-bin/httpd.cgi
74253	47.251.22.83	curl/7.64.1	4/16/2026 08:48:39 AM	Tried to access http ip directly.
74252	178.62.24.229	Mozilla/5.0	4/16/2026 08:32:46 AM	Evil 404 /wp-login.php
74251	167.71.180.252	Mozilla/5.0	4/16/2026 08:05:42 AM	Evil 404 /wp-login.php
74250	8.229.143.57	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36	4/16/2026 06:00:16 AM	Evil 404 /wp-includes/wlwmanifest.xml
74249	165.154.172.244	curl/7.29.0	4/16/2026 05:46:34 AM	Tried to access http ip directly.
74248	118.193.65.175	curl/7.29.0	4/16/2026 04:34:42 AM	Tried to access http ip directly.
74247	107.189.7.189	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36	4/16/2026 04:27:39 AM	Evil 404 /wp-login.php
74246	137.184.74.47	Mozilla/5.0	4/16/2026 04:17:28 AM	Evil 404 /wp-login.php
74245	67.207.94.250	Mozilla/5.0	4/16/2026 04:05:59 AM	Evil 404 /wp-login.php
74244	88.151.33.247	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	4/16/2026 03:35:50 AM	Evil 404 /config.inc.php
74243	101.36.97.131	curl/7.29.0	4/16/2026 12:25:49 AM	Tried to access http ip directly.
74242	172.236.3.108	Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20100101 Firefox/8.0	4/16/2026 12:25:01 AM	Tried to access http ip directly.
74241	118.193.39.117	Mozilla/5.0 (Windows NT 8_1_2; Win64; x64) AppleWebKit/597.53 (KHTML, like Gecko) Chrome/75.0.2043 Safari/537.36	4/16/2026 12:19:42 AM	Tried to access http ip directly.
74240	20.89.234.204	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	4/15/2026 11:39:20 PM	Evil 404 /wp-includes/Requests/about.php
74239	157.245.199.184	Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.130 Safari/537.36	4/15/2026 11:15:43 PM	Evil 404 /wp-login.php
74238	88.151.34.138	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	4/15/2026 11:14:06 PM	Evil 404 .env (AWS vulnerability)
74237	88.151.34.138	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:138.0) Gecko/20100101 Firefox/138.0	4/15/2026 11:14:06 PM	Evil 404 .env (AWS vulnerability)
74236	20.24.192.90	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	4/15/2026 11:13:01 PM	Evil 404 /wp-includes/Requests/about.php
74235	37.10.113.210	Mozilla/5.0 (compatible; Infrawatch/1.0; +https://infrawat.ch/)	4/15/2026 10:40:29 PM	Tried to access http ip directly.
74234	20.219.218.121	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	4/15/2026 09:40:17 PM	Evil 404 /wp-content/plugins/twenty/login.php
74233	152.32.157.173	curl/7.29.0	4/15/2026 09:39:56 PM	Tried to access http ip directly.
74232	2.26.82.219	libredtail-http	4/15/2026 08:45:16 PM	Tried to access http ip directly.
74231	118.193.64.15	curl/7.29.0	4/15/2026 08:19:14 PM	Tried to access http ip directly.
74230	195.140.214.23	Mozilla/5.0 (compatible; Infrawatch/1.0; +https://infrawat.ch/)	4/15/2026 08:07:57 PM	Tried to access http ip directly.
74229	104.28.155.20	Mozilla/5.0	4/15/2026 07:33:27 PM	Evil 404 /wp-login.php
74228	4.196.165.107	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	4/15/2026 07:31:12 PM	Evil 404 /wp-includes/Requests/about.php
74227	47.245.143.74	curl/7.64.1	4/15/2026 06:45:10 PM	Tried to access http ip directly.
74226	113.228.199.222	Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)	4/15/2026 06:43:27 PM	Tried to access http ip directly.
74225	165.154.129.201	curl/7.29.0	4/15/2026 06:05:50 PM	Tried to access http ip directly.
74224	66.132.186.205	Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)	4/15/2026 06:01:46 PM	Tried to access http ip directly.
74223	148.72.244.169	Go-http-client/1.1	4/15/2026 04:35:28 PM	Tried to access http ip directly.
74222	101.36.108.191	Mozilla/5.0 (Windows NT 7_1_2; Win64; x64) AppleWebKit/593.49 (KHTML, like Gecko) Chrome/101.0.2042 Safari/537.36	4/15/2026 04:22:36 PM	Tried to access http ip directly.
74221	147.93.4.185	Go-http-client/1.1	4/15/2026 03:17:53 PM	Tried to access http ip directly.
74220	47.77.223.125	curl/7.64.1	4/15/2026 02:56:46 PM	Tried to access http ip directly.
74219	35.203.211.219	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	4/15/2026 02:45:36 PM	Tried to access http ip directly.
74218	41.110.4.106	libredtail-http	4/15/2026 02:44:42 PM	Tried to access http ip directly.
74217	165.154.41.50	curl/7.29.0	4/15/2026 02:33:18 PM	Tried to access http ip directly.
74216	66.132.172.221	Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)	4/15/2026 01:28:20 PM	Tried to access http ip directly.
74215	172.202.118.46	Mozilla/5.0 zgrab/0.x	4/15/2026 01:08:30 PM	User Agent Mozilla/5.0 zgrab/0.x
74214	66.228.53.204	Mozilla/5.0 (Macintosh; Intel Mac OS X 13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	4/15/2026 12:27:02 PM	Tried to access http ip directly.
74213	152.32.235.36	curl/7.29.0	4/15/2026 12:16:00 PM	Tried to access http ip directly.
74212	50.19.163.240	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	4/15/2026 12:04:02 PM	Tried to access http ip directly.
74211	34.61.126.163	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36	4/15/2026 10:20:21 AM	Evil 404 /wp-includes/wlwmanifest.xml
74210	37.10.113.222	Mozilla/5.0 (compatible; Infrawatch/1.0; +https://infrawat.ch/)	4/15/2026 10:08:57 AM	Tried to access http ip directly.
74209	34.77.175.80	python-requests/2.32.5	4/15/2026 07:16:42 AM	Tried to access http ip directly.
74208	13.86.115.189	Mozilla/5.0 zgrab/0.x	4/15/2026 07:09:04 AM	User Agent Mozilla/5.0 zgrab/0.x
74207	144.172.116.102	Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Mobile Safari/537.36	4/15/2026 06:18:14 AM	Evil 404 .env (AWS vulnerability)
74206	20.219.1.89	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	4/15/2026 04:31:15 AM	Evil 404 /wp-content/plugins/twenty/login.php
74205	103.180.237.169	Go-http-client/1.1	4/15/2026 04:20:08 AM	Tried to access http ip directly.
74204	66.228.53.78	Mozilla/5.0 (Macintosh; Intel Mac OS X 13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	4/15/2026 04:06:35 AM	Tried to access http ip directly.
74203	144.91.64.234	Go-http-client/1.1	4/15/2026 03:05:13 AM	Tried to access http ip directly.
74202	182.138.158.144	Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36	4/15/2026 01:38:13 AM	Tried to access http ip directly.
74201	147.185.132.52	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	4/15/2026 12:29:54 AM	Tried to access http ip directly.
74200	185.209.228.250	libredtail-http	4/14/2026 10:35:44 PM	Tried to access http ip directly.
74199	212.47.78.119	Go-http-client/1.1	4/14/2026 09:31:18 PM	Evil 404 /wp-includes/css/buttons.css
74198	147.185.133.186	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	4/14/2026 08:24:30 PM	Tried to access http ip directly.
74197	46.101.46.29	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0	4/14/2026 07:47:45 PM	Evil 404 /boaform/admin/formLogin
74196	2.26.86.54	libredtail-http	4/14/2026 06:58:40 PM	Tried to access http ip directly.
74195	85.217.149.0	Mozilla/5.0 (compatible; ModatScanner/1.2; +https://modat.io/)	4/14/2026 04:21:18 PM	Tried to access http ip directly.
74194	195.178.110.103	Mozilla/5.0 (compatible; SecurityScanner/1.0)	4/14/2026 03:32:23 PM	Evil 404 /wp-content/phpinfo.php
74193	195.178.110.103	Mozilla/5.0 (compatible; SecurityScanner/1.0)	4/14/2026 03:32:23 PM	Evil 404 /admin/phpinfo.php
74192	173.239.214.223	Go-http-client/1.1	4/14/2026 03:14:54 PM	Evil 404 /wp-includes/css/buttons.css
74191	164.90.225.199	Go-http-client/1.1	4/14/2026 01:53:33 PM	Evil 404 /cgi-bin/authLogin.cgi
74190	206.189.19.19	Mozilla/5.0 (l9scan/2.0.232313e21323e20313e27363; +https://leakix.net)	4/14/2026 01:44:10 PM	Evil 404 .env (AWS vulnerability)
74189	146.190.63.48	Mozilla/5.0 (l9scan/2.0.232313e21323e20313e27363; +https://leakix.net)	4/14/2026 01:44:09 PM	Evil 404 .env (AWS vulnerability)
74188	152.32.251.174	Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36	4/14/2026 01:09:13 PM	Tried to access http ip directly.
74187	20.252.27.216	Linux Gnu (cow)	4/14/2026 12:08:57 PM	Tried to access http ip directly.
74186	13.222.182.239	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	4/14/2026 12:01:06 PM	Tried to access http ip directly.
74185	178.128.21.252	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36	4/14/2026 11:50:24 AM	Evil 404 /wp-includes/ID3/license.txt
74184	43.163.95.253	Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1	4/14/2026 11:16:54 AM	Tried to access http ip directly.
74183	66.132.172.109	Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)	4/14/2026 10:48:28 AM	Tried to access http ip directly.
74182	20.83.27.50	Mozilla/5.0 zgrab/0.x	4/14/2026 10:31:20 AM	User Agent Mozilla/5.0 zgrab/0.x
74181	192.248.189.92	Go-http-client/1.1	4/14/2026 08:45:12 AM	Tried to access http ip directly.
74180	37.10.113.220	Mozilla/5.0 (compatible; Infrawatch/1.0; +https://infrawat.ch/)	4/14/2026 08:43:40 AM	Tried to access http ip directly.
74179	72.56.5.167	Go-http-client/1.1	4/14/2026 08:10:27 AM	Tried to access http ip directly.
74178	165.245.224.73	Mozilla/5.0	4/14/2026 06:58:41 AM	Evil 404 /wp-login.php
74177	167.71.167.10	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36	4/14/2026 06:49:39 AM	Tried to access http ip directly.
74176	45.12.146.29	Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:24.0) Gecko/20100101 Firefox/24.0	4/14/2026 06:33:52 AM	Tried to access http ip directly.
74175	88.151.33.234	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:138.0) Gecko/20100101 Firefox/138.0	4/14/2026 06:24:21 AM	Evil 404 .env (AWS vulnerability)
74174	88.151.32.201	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:138.0) Gecko/20100101 Firefox/138.0	4/14/2026 06:14:15 AM	Evil 404 .env (AWS vulnerability)
74173	194.195.90.64	Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Mobile Safari/537.36	4/14/2026 06:01:32 AM	Evil 404 .env (AWS vulnerability)
74172	185.111.159.226	Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Mobile Safari/537.36	4/14/2026 05:55:12 AM	Evil 404 .env (AWS vulnerability)
74171	137.184.27.155	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36	4/14/2026 05:17:16 AM	Tried to access http ip directly.
74170	34.9.39.168	Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Mobile Safari/537.36	4/14/2026 03:22:40 AM	Evil 404 .env (AWS vulnerability)
74169	80.87.206.72	curl/8.5.0	4/14/2026 03:09:51 AM	Tried to access http ip directly.
74168	45.205.1.3	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36	4/14/2026 01:51:52 AM	Evil 404 .env (AWS vulnerability)
74167	172.208.25.111	Mozilla/5.0 zgrab/0.x	4/14/2026 01:21:03 AM	Tried to access http ip directly.
74166	172.236.16.29	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	4/14/2026 01:09:52 AM	Evil 404 .env (AWS vulnerability)
74165	159.65.238.246	Mozilla/5.0 zgrab/0.x	4/14/2026 12:03:23 AM	Tried to access http ip directly.
74164	88.151.32.234	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	4/13/2026 10:37:23 PM	Evil 404 .env (AWS vulnerability)
74163	35.88.178.60	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36	4/13/2026 09:58:46 PM	Evil 404 /admin/phpinfo.php