Ban Hackers

Back in the day, hackers were unemployed or unemployable programmers or teenagers with nothing to do.
Now days, it's criminal organizations and Programmers (with a capital P) with masters degrees hired by foreign (and not so foreign) governments to hack into every server they can find. They even try to scan every possible IP address for web servers. When they find one, somebody later tries to hack it.
So, I set up a website for them to visit. It says Coming Soon.
Then, it records their IP Address and bans it from the server with iptables. It also adds their IP Address and User Agent string to the database.

Here are the IP addresses I've banned over the last week:

BannedID	IP	User Agent String	Date Hacked	Banned Reason
72601	62.201.244.25	Mozilla/5.0	2/5/2026 12:19:16 AM	Tried to access http ip directly.
72600	185.186.25.226	python-requests/2.32.4	2/5/2026 12:08:17 AM	User Agent python-requests/2.32.4
72599	176.65.148.201	Linux Gnu (cow)	2/4/2026 11:53:38 PM	Tried to access http ip directly.
72598	18.189.91.7	Go-http-client/1.1	2/4/2026 06:53:21 PM	Tried to access http ip directly.
72597	23.234.109.47	Mozilla/5.0 zgrab/0.x	2/4/2026 03:01:40 PM	Tried to access http ip directly.
72596	159.223.42.132	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36	2/4/2026 02:50:55 PM	Evil 404 /wp-includes/ID3/license.txt
72595	91.196.152.191	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:134.0) Gecko/20100101 Firefox/134.0	2/4/2026 12:14:31 PM	Tried to access http ip directly.
72594	20.210.129.57	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	2/4/2026 11:22:08 AM	Evil 404 /wp-admin/css/colors/blue/index.php
72593	54.227.131.131	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	2/4/2026 11:00:59 AM	Tried to access http ip directly.
72592	160.30.137.9	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36	2/4/2026 10:22:48 AM	Evil 404 /wp-login.php
72591	213.139.77.117	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML	2/4/2026 09:36:20 AM	Tried to access http ip directly.
72590	20.194.17.220	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	2/4/2026 08:57:48 AM	Evil 404 /wp-admin/css/colors/blue/index.php
72589	136.0.9.104	Mozilla/5.0 (Linux; Android 5.0; SM-G900V Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.84 Mobile Safari/537.36	2/4/2026 08:13:51 AM	Evil 404 .env (AWS vulnerability)
72588	20.219.8.139	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	2/4/2026 07:40:11 AM	Evil 404 /cgi-bin/
72587	47.245.81.50	Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0;	2/4/2026 06:11:53 AM	Tried to access http ip directly.
72586	35.233.94.99	python-requests/2.32.5	2/4/2026 05:29:03 AM	Tried to access http ip directly.
72585	120.48.123.57	libredtail-http	2/4/2026 05:11:51 AM	Tried to access http ip directly.
72584	134.209.92.127	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	2/4/2026 04:32:24 AM	Evil 404 .env (AWS vulnerability)
72583	125.99.250.202	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Edg/120.0.0.0	2/4/2026 04:07:34 AM	Tried to access http ip directly.
72582	147.185.132.204	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	2/4/2026 03:50:38 AM	Tried to access http ip directly.
72581	20.255.75.91	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	2/4/2026 02:18:04 AM	Evil 404 /cgi-bin/
72580	20.196.192.167	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	2/4/2026 01:31:59 AM	Evil 404 /wp-content/themes/admin.php
72579	31.171.130.151	Go-http-client/1.1	2/4/2026 01:16:39 AM	Tried to access http ip directly.
72578	20.64.105.194	Mozilla/5.0 zgrab/0.x	2/4/2026 12:55:09 AM	User Agent Mozilla/5.0 zgrab/0.x
72577	43.143.7.239	Go-http-client/1.1	2/4/2026 12:48:51 AM	Tried to access http ip directly.
72576	45.156.248.107	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36	2/3/2026 10:48:47 PM	Evil 404 .env (AWS vulnerability)
72575	176.65.139.12	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46	2/3/2026 10:01:19 PM	Tried to access http ip directly.
72574	213.209.159.55	Go-http-client/1.1	2/3/2026 06:00:49 PM	Evil 404 .env (AWS vulnerability)
72573	185.247.137.169	Mozilla/5.0 (compatible; InternetMeasurement/1.0; +https://internet-measurement.com/)	2/3/2026 04:58:09 PM	Tried to access http ip directly.
72572	212.90.61.10	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	2/3/2026 04:43:56 PM	Tried to access http ip directly.
72571	104.248.193.254	Mozilla/5.0 (X11; Linux x86_64; rv:142.0) Gecko/20100101 Firefox/142.0	2/3/2026 11:25:24 AM	Tried to access http ip directly.
72570	3.90.6.14	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	2/3/2026 10:57:23 AM	Tried to access http ip directly.
72569	20.163.2.151	Mozilla/5.0 zgrab/0.x	2/3/2026 10:45:20 AM	User Agent Mozilla/5.0 zgrab/0.x
72568	67.205.180.128	Mozilla/5.0 (X11; Linux x86_64; rv:142.0) Gecko/20100101 Firefox/142.0	2/3/2026 09:37:01 AM	Tried to access http ip directly.
72567	152.32.192.230	Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36	2/3/2026 09:30:56 AM	Tried to access http ip directly.
72566	159.203.123.9	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	2/3/2026 09:03:06 AM	Tried to access http ip directly.
72565	172.174.236.56	Mozilla/5.0 zgrab/0.x	2/3/2026 07:50:04 AM	User Agent Mozilla/5.0 zgrab/0.x
72564	45.135.193.11	Go-http-client/1.1	2/3/2026 07:37:05 AM	Tried to access http ip directly.
72563	20.98.128.111	Mozilla/5.0 zgrab/0.x	2/3/2026 05:07:37 AM	Tried to access http ip directly.
72562	185.2.104.81	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	2/3/2026 03:45:25 AM	Tried to access http ip directly.
72561	45.148.10.244	Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0	2/3/2026 12:42:39 AM	Evil 404 .env (AWS vulnerability)
72560	34.118.63.78	Mozilla/5.0 (iPhone13,2; U; CPU iPhone OS 14_0 like Mac OS X) AppleWebKit/602.1.50 (KHTML, like Gecko) Version/10.0 Mobile/15E148 Safari/602.1	2/3/2026 12:06:38 AM	Tried to access http ip directly.
72559	181.113.30.194	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	2/2/2026 09:53:43 PM	Tried to access http ip directly.
72558	64.226.84.104	Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)	2/2/2026 07:49:17 PM	Tried to access http ip directly.
72557	103.172.78.45	masscan/1.3 (https://github.com/robertdavidgraham/masscan)	2/2/2026 06:51:25 PM	Tried to access http ip directly.
72556	89.185.81.112	libredtail-http	2/2/2026 06:40:06 PM	Tried to access http ip directly.
72555	47.250.95.30	curl/7.64.1	2/2/2026 06:33:30 PM	Tried to access http ip directly.
72554	104.248.130.58	Go-http-client/1.1	2/2/2026 05:38:34 PM	Tried to access http ip directly.
72553	209.38.211.43	Go-http-client/1.1	2/2/2026 05:38:34 PM	Evil 404 /cgi-bin/authLogin.cgi
72552	165.227.158.182	Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)	2/2/2026 05:38:33 PM	Tried to access http ip directly.
72551	43.204.119.140	Go-http-client/1.1	2/2/2026 05:33:29 PM	Tried to access http ip directly.
72550	3.145.168.139	Go-http-client/1.1	2/2/2026 05:14:05 PM	Tried to access http ip directly.
72549	139.59.210.36	Go-http-client/1.1	2/2/2026 04:18:08 PM	Evil 404 /solr/admin/info/system
72548	164.92.174.223	Go-http-client/1.1	2/2/2026 04:18:08 PM	Evil 404 /cgi-bin/authLogin.cgi
72547	159.223.38.93	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	2/2/2026 03:17:42 PM	Evil 404 .env (AWS vulnerability)
72546	176.65.139.7	Go-http-client/1.1	2/2/2026 03:02:19 PM	Tried to access http ip directly.
72545	43.224.137.203	Go-http-client/1.1	2/2/2026 02:02:26 PM	Tried to access http ip directly.
72544	129.204.4.253	Go-http-client/1.1	2/2/2026 01:21:39 PM	Tried to access http ip directly.
72543	20.75.89.92	Mozilla/5.0 (Linux x86_64; X11) Gecko/20022702 Firefox/20.0	2/2/2026 12:23:03 PM	Tried to access http ip directly.
72542	43.128.81.242	libredtail-http	2/2/2026 11:45:47 AM	Tried to access http ip directly.
72541	103.155.161.119	Go-http-client/1.1	2/2/2026 11:24:35 AM	Tried to access http ip directly.
72540	54.152.220.72	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	2/2/2026 10:56:44 AM	Tried to access http ip directly.
72539	40.115.138.186	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	2/2/2026 09:00:25 AM	Evil 404 /cgi-bin/
72538	20.118.240.192	Mozilla/5.0 zgrab/0.x	2/2/2026 08:00:47 AM	Tried to access http ip directly.
72537	2.58.56.147	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36	2/2/2026 07:12:27 AM	Tried to access http ip directly.
72536	35.238.109.167	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36	2/2/2026 07:12:22 AM	Evil 404 /wp-includes/wlwmanifest.xml
72535	3.110.191.144	Go-http-client/1.1	2/2/2026 06:49:11 AM	Tried to access http ip directly.
72534	34.134.185.102	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36	2/2/2026 06:45:12 AM	Evil 404 /wp-includes/wlwmanifest.xml
72533	68.183.188.59	Linux Gnu (cow)	2/2/2026 06:43:49 AM	Tried to access http ip directly.
72532	170.64.149.23	Mozilla/5.0	2/2/2026 04:45:13 AM	Tried to access http ip directly.
72531	147.185.133.118	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	2/2/2026 04:31:09 AM	Tried to access http ip directly.
72530	94.138.144.38	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	2/2/2026 04:30:57 AM	Tried to access http ip directly.
72529	106.53.123.143	Go-http-client/1.1	2/2/2026 02:59:58 AM	Tried to access http ip directly.
72528	185.102.115.142	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36	2/1/2026 11:03:34 PM	Evil 404 /wp-login.php
72527	104.28.214.117	Go-http-client/1.1	2/1/2026 09:44:38 PM	Evil 404 /wp-content/style.php
72526	195.40.154.8	libredtail-http	2/1/2026 07:54:59 PM	Tried to access http ip directly.
72525	170.64.215.143	Mozilla/5.0	2/1/2026 07:31:16 PM	Tried to access http ip directly.
72524	140.245.124.110	python-requests/2.32.5	2/1/2026 06:40:48 PM	User Agent python-requests/2.32.5
72523	5.63.19.3	Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36	2/1/2026 06:37:47 PM	Evil 404 /wp-login.php
72522	20.200.210.155	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	2/1/2026 06:16:51 PM	Evil 404 /wp-content/upgrade/index.php
72521	204.76.203.210	Mozilla/5.0 zgrab/0.x	2/1/2026 05:19:23 PM	Tried to access http ip directly.
72520	104.211.72.80	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	2/1/2026 05:15:37 PM	Evil 404 /wp-admin/css/colors/coffee/
72519	164.92.88.230	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36	2/1/2026 03:14:34 PM	Tried to access http ip directly.
72518	109.205.211.39	Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15	2/1/2026 02:41:12 PM	Evil 404 /wp-admin/
72517	20.64.106.118	Mozilla/5.0 zgrab/0.x	2/1/2026 01:52:18 PM	User Agent Mozilla/5.0 zgrab/0.x
72516	146.19.24.133	python-requests/2.31.0	2/1/2026 12:19:56 PM	Tried to access http ip directly.
72515	44.204.29.60	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	2/1/2026 10:59:43 AM	Tried to access http ip directly.
72514	51.96.134.13	Go-http-client/1.1	2/1/2026 10:25:35 AM	Tried to access http ip directly.
72513	52.231.68.175	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	2/1/2026 10:10:53 AM	Evil 404 /cgi-bin/
72512	101.43.79.101	Go-http-client/1.1	2/1/2026 08:54:10 AM	Tried to access http ip directly.
72511	138.118.241.89	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	2/1/2026 06:23:56 AM	Tried to access http ip directly.
72510	18.205.63.110	Go-http-client/1.1	2/1/2026 06:08:58 AM	Tried to access http ip directly.
72509	199.45.155.109	Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)	2/1/2026 05:41:05 AM	Tried to access http ip directly.
72508	206.189.187.126	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	2/1/2026 03:53:47 AM	Evil 404 .env (AWS vulnerability)
72507	62.171.180.237	libredtail-http	2/1/2026 03:21:58 AM	Tried to access http ip directly.
72506	185.193.89.25	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:147.0) Gecko/20100101 Firefox/147.0	2/1/2026 02:46:46 AM	Evil 404 .env (AWS vulnerability)
72505	20.29.23.198	Mozilla/5.0 zgrab/0.x	2/1/2026 02:40:31 AM	User Agent Mozilla/5.0 zgrab/0.x
72504	185.213.174.141	Mozilla/5.0	2/1/2026 01:11:10 AM	Tried to access http ip directly.
72503	205.185.116.204	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36	2/1/2026 12:45:12 AM	Evil 404 /wp-login.php
72502	43.225.157.162	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36	2/1/2026 12:40:40 AM	Evil 404 .env (AWS vulnerability)
72501	129.159.56.14	Mozilla/5.0 (X11; Linux x86_64; rv:83.0) Gecko/20100101 Firefox/83.0	1/31/2026 09:04:25 PM	Evil 404 .env (AWS vulnerability)
72500	91.230.168.165	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:134.0) Gecko/20100101 Firefox/134.0	1/31/2026 08:48:11 PM	Tried to access http ip directly.
72499	135.237.126.194	Mozilla/5.0 zgrab/0.x	1/31/2026 08:36:54 PM	User Agent Mozilla/5.0 zgrab/0.x
72498	135.237.127.14	Mozilla/5.0 zgrab/0.x	1/31/2026 07:21:30 PM	User Agent Mozilla/5.0 zgrab/0.x
72497	115.159.124.100	Go-http-client/1.1	1/31/2026 07:10:38 PM	Tried to access http ip directly.
72496	3.26.66.253	Go-http-client/1.1	1/31/2026 06:59:23 PM	Tried to access http ip directly.
72495	48.217.233.215	Mozilla/5.0 zgrab/0.x	1/31/2026 06:24:27 PM	User Agent Mozilla/5.0 zgrab/0.x
72494	104.236.115.66	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	1/31/2026 05:47:48 PM	Tried to access http ip directly.
72493	170.64.146.87	Mozilla/5.0	1/31/2026 04:11:39 PM	Tried to access http ip directly.
72492	161.97.110.246	libredtail-http	1/31/2026 03:59:34 PM	Tried to access http ip directly.
72491	170.64.152.230	Mozilla/5.0	1/31/2026 02:30:54 PM	Tried to access http ip directly.
72490	148.135.136.171	Go-http-client/1.1	1/31/2026 01:56:36 PM	Tried to access http ip directly.
72489	135.225.84.187	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.137 Safari/537.36	1/31/2026 12:08:37 PM	Evil 404 .env (AWS vulnerability)
72488	20.212.211.10	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	1/31/2026 11:24:36 AM	Evil 404 /wp-includes/Requests/src/Response/about.php
72487	54.83.72.14	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	1/31/2026 11:00:14 AM	Tried to access http ip directly.
72486	45.78.235.65	libredtail-http	1/31/2026 10:40:15 AM	Tried to access http ip directly.
72485	165.154.174.27	curl/7.29.0	1/31/2026 10:08:26 AM	Tried to access http ip directly.
72484	20.188.62.49	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	1/31/2026 09:51:13 AM	Evil 404 /wp-admin.php
72483	84.105.19.130	python-requests/2.27.1	1/31/2026 09:23:56 AM	User Agent python-requests/2.27.1
72482	193.138.218.204	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	1/31/2026 07:16:08 AM	Tried to access http ip directly.
72481	34.78.140.118	python-requests/2.32.5	1/31/2026 07:07:07 AM	Tried to access http ip directly.
72480	20.211.1.249	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	1/31/2026 04:24:02 AM	Evil 404 /wp-admin.php
72479	18.230.218.179	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Safari/605.1.15	1/31/2026 03:28:33 AM	Tried to access http ip directly.
72478	20.64.104.31	Mozilla/5.0 zgrab/0.x	1/31/2026 03:24:35 AM	User Agent Mozilla/5.0 zgrab/0.x
72477	56.125.174.238	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.1 Safari/605.1.15	1/31/2026 03:09:50 AM	Tried to access http ip directly.
72476	18.97.26.13	Mozilla/5.0 (Windows NT 6.2;en-US) AppleWebKit/537.32.36 (KHTML, live Gecko) Chrome/60.0.3011.108 Safari/537.32	1/31/2026 02:06:10 AM	Tried to access http ip directly.
72475	217.154.69.208	libredtail-http	1/31/2026 01:34:26 AM	Tried to access http ip directly.
72474	104.200.30.32	ANK-WALK Internet Research Project - see https://your-domain.com	1/30/2026 11:56:33 PM	Tried to access http ip directly.
72473	147.185.132.37	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	1/30/2026 11:29:24 PM	Tried to access http ip directly.
72472	216.180.246.42	'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)'	1/30/2026 10:47:46 PM	Tried to access http ip directly.
72471	135.237.125.221	Mozilla/5.0 zgrab/0.x	1/30/2026 09:41:14 PM	User Agent Mozilla/5.0 zgrab/0.x
72470	20.169.81.111	Mozilla/5.0 zgrab/0.x	1/30/2026 07:50:55 PM	Tried to access http ip directly.
72469	20.46.176.183	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	1/30/2026 07:23:17 PM	Evil 404 /wp-content/upgrade/index.php
72468	4.193.194.148	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	1/30/2026 07:22:23 PM	Evil 404 /cgi-bin/
72467	147.185.133.175	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	1/30/2026 07:12:19 PM	Tried to access http ip directly.
72466	157.173.199.44	libredtail-http	1/30/2026 06:01:14 PM	Tried to access http ip directly.
72465	194.180.49.39	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Safari/605.1.15	1/30/2026 05:44:06 PM	Evil 404 /wp-login.php
72464	115.190.108.231	libredtail-http	1/30/2026 05:19:01 PM	Tried to access http ip directly.
72463	20.214.137.92	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	1/30/2026 04:25:13 PM	Evil 404 /shell.php
72462	20.78.152.240	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	1/30/2026 03:08:37 PM	Evil 404 /cgi-bin/
72461	20.211.164.12	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	1/30/2026 02:42:19 PM	Evil 404 /admin/function.php
72460	138.124.66.86	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:147.0) Gecko/20100101 Firefox/147.0	1/30/2026 02:36:01 PM	Evil 404 .env (AWS vulnerability)
72459	164.92.103.174	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	1/30/2026 02:15:27 PM	Evil 404 .env (AWS vulnerability)
72458	52.140.123.244	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	1/30/2026 01:31:52 PM	Evil 404 /cgi-bin/
72457	185.187.99.159	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	1/30/2026 12:44:28 PM	Tried to access http ip directly.
72456	13.75.54.243	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	1/30/2026 12:40:59 PM	Evil 404 /wp-includes/Requests/src/Response/about.php
72455	139.255.40.124	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	1/30/2026 12:23:35 PM	Tried to access http ip directly.
72454	20.89.106.10	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	1/30/2026 11:50:00 AM	Evil 404 /cgi-bin/
72453	192.227.159.123	Mozilla/5.0 (Macintosh; Intel Mac OS X 15_7_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.0 Safari/605.1.15	1/30/2026 11:46:32 AM	Tried to access http ip directly.
72452	93.123.109.205	Mozilla/5.0 (Macintosh; arm64 Mac OS X 12_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.1 Safari/605.1.15	1/30/2026 09:49:40 AM	Tried to access http ip directly.
72451	138.124.66.84	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:147.0) Gecko/20100101 Firefox/147.0	1/30/2026 09:46:29 AM	Evil 404 .env (AWS vulnerability)
72450	40.115.138.121	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	1/30/2026 08:23:07 AM	Evil 404 /wp-includes/
72449	176.65.139.8	Python-urllib/3.10	1/30/2026 07:00:32 AM	User Agent Python-urllib/3.10
72448	45.83.31.168	Mozilla/5.0 (adaptive-bot)	1/30/2026 05:14:46 AM	Evil 404 .env (AWS vulnerability)
72447	20.163.1.211	Mozilla/5.0 zgrab/0.x	1/30/2026 02:59:24 AM	User Agent Mozilla/5.0 zgrab/0.x
72446	43.153.9.143	Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1	1/30/2026 02:39:53 AM	Tried to access http ip directly.
72445	106.53.114.19	Go-http-client/1.1	1/30/2026 02:13:54 AM	Tried to access http ip directly.
72444	45.55.32.64	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36	1/30/2026 01:34:18 AM	Tried to access http ip directly.
72443	158.94.211.37	Mozilla/6.6.6	1/30/2026 12:40:57 AM	Tried to access http ip directly.
72442	172.202.49.251	Mozilla/5.0 zgrab/0.x	1/29/2026 08:30:13 PM	User Agent Mozilla/5.0 zgrab/0.x
72441	40.124.173.173	Mozilla/5.0 zgrab/0.x	1/29/2026 07:31:16 PM	Tried to access http ip directly.
72440	165.227.46.34	Mozilla/5.0 (X11; Linux x86_64; rv:142.0) Gecko/20100101 Firefox/142.0	1/29/2026 07:08:00 PM	Tried to access http ip directly.
72439	193.46.255.154	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36	1/29/2026 06:43:26 PM	Tried to access http ip directly.
72438	52.230.35.34	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	1/29/2026 05:50:44 PM	Evil 404 /wp-includes/
72437	162.216.150.156	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	1/29/2026 04:45:51 PM	Tried to access http ip directly.
72436	172.239.127.5	Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20100101 Firefox/8.0	1/29/2026 03:17:49 PM	Tried to access http ip directly.
72435	188.166.252.103	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36	1/29/2026 03:03:41 PM	Evil 404 /wp-includes/ID3/license.txt
72434	212.244.129.14	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	1/29/2026 12:27:00 PM	Tried to access http ip directly.
72433	134.209.202.86	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	1/29/2026 12:01:17 PM	Evil 404 .env (AWS vulnerability)
72432	206.189.48.148	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36	1/29/2026 11:36:03 AM	Tried to access http ip directly.
72431	100.24.34.255	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	1/29/2026 11:04:18 AM	Tried to access http ip directly.
72430	52.87.225.23	Go-http-client/1.1	1/29/2026 08:24:22 AM	Tried to access http ip directly.
72429	94.74.70.65	libredtail-http	1/29/2026 07:44:06 AM	Tried to access http ip directly.
72428	143.198.239.150	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	1/29/2026 06:55:52 AM	Tried to access http ip directly.
72427	139.186.178.91	Go-http-client/1.1	1/29/2026 06:40:12 AM	Tried to access http ip directly.
72426	170.64.195.95	Mozilla/5.0	1/29/2026 06:24:45 AM	Tried to access http ip directly.
72425	101.36.123.102	libredtail-http	1/29/2026 05:34:33 AM	Tried to access http ip directly.
72424	134.199.164.102	Mozilla/5.0	1/29/2026 03:57:23 AM	Tried to access http ip directly.
72423	20.205.97.28	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	1/29/2026 03:48:10 AM	Evil 404 /wp-includes/
72422	20.219.8.79	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	1/29/2026 03:12:18 AM	Evil 404 /wp-includes/
72421	209.38.27.37	Mozilla/5.0	1/29/2026 02:16:57 AM	Tried to access http ip directly.
72420	194.146.42.105	libredtail-http	1/29/2026 01:07:51 AM	Tried to access http ip directly.