Ban Hackers

Back in the day, hackers were unemployed or unemployable programmers or teenagers with nothing to do.
Now days, it's criminal organizations and Programmers (with a capital P) with masters degrees hired by foreign (and not so foreign) governments to hack into every server they can find. They even try to scan every possible IP address for web servers. When they find one, somebody later tries to hack it.
So, I set up a website for them to visit. It says Coming Soon.
Then, it records their IP Address and bans it from the server with iptables. It also adds their IP Address and User Agent string to the database.

Here are the IP addresses I've banned over the last week:

BannedID	IP	User Agent String	Date Hacked	Banned Reason
70991	20.89.210.112	Mozilla/5.0 (Linux; Android 12; V2134) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Mobile Safari/537.36	12/6/2025 11:41:13 PM	Evil 404 /.well-known/acme-challenge/wp-login.php
70990	152.32.213.68	Mozilla/5.0 (Macintosh; Intel Mac OS X 9_0_1) AppleWebKit/602.49 (KHTML, like Gecko) Chrome/71.0.1745 Safari/537.36	12/6/2025 11:15:18 PM	Tried to access http ip directly.
70989	165.154.120.89	curl/7.29.0	12/6/2025 11:14:51 PM	Tried to access http ip directly.
70988	15.235.236.87	Mozilla/5.0 (compatible; ModatScanner/1.2; +https://modat.io/)	12/6/2025 10:27:32 PM	Tried to access http ip directly.
70987	147.185.133.158	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	12/6/2025 09:56:43 PM	Tried to access http ip directly.
70986	114.46.135.44	libredtail-http	12/6/2025 09:49:21 PM	Tried to access http ip directly.
70985	20.89.192.194	Mozilla/5.0 (iPad; CPU OS 16_7_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Mobile/15E148 Safari/604.1	12/6/2025 09:48:15 PM	Evil 404 /.well-known/acme-challenge/wp-login.php
70984	20.239.59.60	Mozilla/5.0 (Linux; Android 11; 21081111RG) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Mobile Safari/537.36	12/6/2025 09:04:23 PM	Evil 404 /.well-known/acme-challenge/wp-login.php
70982	18.158.191.233	Mozilla/5.0 (X11; U; Linux x86_64; en-GB; rv:116.0) Gecko/20061209 Firefox/116.0	12/6/2025 08:34:40 PM	Tried to access http ip directly.
70981	135.235.173.66	Mozilla/5.0 (Linux; Android 13; SM-G991U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36	12/6/2025 08:12:11 PM	Evil 404 /.well-known/acme-challenge/wp-login.php
70980	178.128.235.191	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	12/6/2025 07:50:26 PM	Tried to access http ip directly.
70979	35.240.65.85	python-requests/2.32.5	12/6/2025 07:17:38 PM	Tried to access http ip directly.
70978	4.197.60.90	Mozilla/5.0 (Linux; Android 12; 2201116SG) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Mobile Safari/537.36	12/6/2025 07:06:31 PM	Evil 404 /.well-known/acme-challenge/wp-login.php
70977	4.217.237.240	Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36	12/6/2025 07:02:38 PM	Evil 404 /.well-known/acme-challenge/wp-login.php
70976	20.118.216.221	Mozilla/5.0 zgrab/0.x	12/6/2025 06:59:42 PM	User Agent Mozilla/5.0 zgrab/0.x
70975	147.185.132.58	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	12/6/2025 06:51:51 PM	Tried to access http ip directly.
70974	103.61.9.6	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	12/6/2025 05:45:35 PM	Tried to access http ip directly.
70973	68.218.89.6	Mozilla/5.0 (iPhone; CPU iPhone OS 15_7_9 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.5 Mobile/15E148 Safari/604.1	12/6/2025 05:36:43 PM	Evil 404 /.well-known/acme-challenge/wp-login.php
70972	45.88.186.148	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0	12/6/2025 05:32:10 PM	Evil 404 .env (AWS vulnerability)
70971	196.251.100.206		12/6/2025 11:57:55 AM	Tried to log in as root with no password.
70970	117.57.168.67		12/6/2025 02:37:33 AM	Tried to log in as root with no password.
70969	195.24.237.29		12/6/2025 12:39:28 AM	Tried to log in as root with no password.
70968	195.24.237.28		12/5/2025 06:47:31 PM	Tried to log in as root with no password.
70967	196.251.100.209		12/5/2025 11:03:32 AM	Tried to log in as root with no password.
70966	196.251.100.205		12/5/2025 06:48:03 AM	Tried to log in as root with no password.
70965	85.11.167.11		12/5/2025 05:21:09 AM	Tried to log in as root with no password.
70964	85.11.167.2		12/5/2025 04:46:09 AM	Tried to log in as root with no password.
70963	44.201.127.18	python-httpx/0.27.0	12/3/2025 10:16:17 AM	User Agent python-httpx/0.27.0
70962	52.65.43.178	python-httpx/0.27.0	12/3/2025 09:54:39 AM	User Agent python-httpx/0.27.0
70961	136.112.155.201	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36	12/3/2025 08:49:13 AM	Evil 404 /wp-includes/wlwmanifest.xml
70960	146.70.165.62	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	12/3/2025 07:24:26 AM	Tried to access http ip directly.
70959	13.89.125.30	Mozilla/5.0 zgrab/0.x	12/3/2025 07:07:33 AM	Tried to access http ip directly.
70958	4.241.185.18	Mozilla/5.0 (iPhone; CPU iPhone OS 16_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Mobile/15E148 Safari/604.1	12/3/2025 05:51:17 AM	Evil 404 /cgi-bin/
70957	103.108.174.23	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36	12/3/2025 04:37:08 AM	Evil 404 /wp-login.php
70956	159.89.120.5	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	12/3/2025 02:46:42 AM	Evil 404 .env (AWS vulnerability)
70955	135.237.125.109	Mozilla/5.0 zgrab/0.x	12/3/2025 01:29:57 AM	User Agent Mozilla/5.0 zgrab/0.x
70954	3.255.229.16	Mozilla/5.0 (compatible; NetcraftSurveyAgent/1.0; +info@netcraft.com)	12/2/2025 11:37:15 PM	Tried to access http ip directly.
70953	24.144.92.251	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36	12/2/2025 10:42:17 PM	Tried to access http ip directly.
70952	103.179.190.78	libredtail-http	12/2/2025 07:30:33 PM	Tried to access http ip directly.
70951	45.131.155.103	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 Firefox/128.0	12/2/2025 05:51:46 PM	Tried to access http ip directly.
70950	162.240.226.121	python-requests/2.25.1	12/2/2025 05:43:24 PM	Tried to access http ip directly.
70949	35.203.211.25	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	12/2/2025 05:19:40 PM	Tried to access http ip directly.
70948	67.205.190.249	Mozilla/5.0 zgrab/0.x	12/2/2025 04:45:18 PM	Tried to access http ip directly.
70947	8.221.141.254	curl/7.64.1	12/2/2025 03:35:26 PM	Tried to access http ip directly.
70946	164.92.148.118	CGrab/v6.4.3	12/2/2025 01:01:23 PM	Tried to access http ip directly.
70945	213.109.147.35	Mozilla/5.0 (compatible; IP-Scanner/1.0)	12/2/2025 12:28:46 PM	Tried to access http ip directly.
70944	4.218.18.48	Mozilla/5.0 (Linux; Android 13; SM-S908E) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Mobile Safari/537.36	12/2/2025 11:52:55 AM	Evil 404 /cgi-bin/
70943	98.81.211.21	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	12/2/2025 11:21:13 AM	Tried to access http ip directly.
70942	52.141.42.126	Mozilla/5.0 (Linux; Android 12; V2134) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Mobile Safari/537.36	12/2/2025 10:29:14 AM	Evil 404 /cgi-bin/file.php
70941	4.218.11.183	Mozilla/5.0 (Linux; Android 12; 2201116SG) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Mobile Safari/537.36	12/2/2025 09:10:46 AM	Evil 404 /cgi-bin/
70940	45.86.86.145	Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50	12/2/2025 07:01:48 AM	Evil 404 .env (AWS vulnerability)
70939	109.105.209.33	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36	12/2/2025 06:09:30 AM	Tried to access http ip directly.
70938	95.214.52.170	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36	12/2/2025 05:49:12 AM	Tried to access http ip directly.
70937	13.86.116.162	Mozilla/5.0 zgrab/0.x	12/2/2025 05:41:26 AM	Tried to access http ip directly.
70936	217.182.213.59	Mozilla/5.0 (compatible; ModatScanner/1.2; +https://modat.io/)	12/2/2025 03:53:22 AM	Tried to access http ip directly.
70935	157.230.106.141	Mozilla/5.0 (X11; Linux x86_64; rv:139.0) Gecko/20100101 Firefox/139.0	12/2/2025 01:53:11 AM	Tried to access http ip directly.
70934	134.122.12.9	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	12/2/2025 01:49:28 AM	Evil 404 .env (AWS vulnerability)
70933	51.159.103.10	curl/7.81.0	12/2/2025 01:12:53 AM	Tried to access http ip directly.
70932	1.9.238.116	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36	12/2/2025 12:54:37 AM	Evil 404 .env (AWS vulnerability)
70931	4.241.192.251	Mozilla/5.0 (Linux; Android 12; 2201116SG) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Mobile Safari/537.36	12/1/2025 11:58:55 PM	Evil 404 /admin/function.php
70930	204.76.203.52	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46	12/1/2025 11:28:40 PM	Tried to access http ip directly.
70929	35.203.211.185	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	12/1/2025 11:28:34 PM	Tried to access http ip directly.
70928	111.250.96.203	libredtail-http	12/1/2025 10:36:07 PM	Tried to access http ip directly.
70927	148.251.136.40	Mozilla/5.0 (X11; Linux x86_64)	12/1/2025 09:14:29 PM	Evil 404 .env (AWS vulnerability)
70926	168.90.140.81	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	12/1/2025 07:38:28 PM	Tried to access http ip directly.
70925	185.16.39.146	Wget	12/1/2025 07:01:45 PM	Tried to access http ip directly.
70924	101.36.121.22	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Edg/120.0.0.0	12/1/2025 07:01:24 PM	Tried to access http ip directly.
70923	16.144.240.99	python-httpx/0.28.1	12/1/2025 06:25:40 PM	User Agent python-httpx/0.28.1
70922	147.185.132.174	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	12/1/2025 03:57:01 PM	Tried to access http ip directly.
70921	165.22.56.158	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	12/1/2025 03:22:43 PM	Tried to access http ip directly.
70920	20.41.85.28	Mozilla/5.0 (iPhone; CPU iPhone OS 17_0_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.1 Mobile/15E148 Safari/604.1	12/1/2025 02:44:56 PM	Evil 404 /admin/function.php
70919	20.40.217.42	Mozilla/5.0 zgrab/0.x	12/1/2025 02:24:28 PM	User Agent Mozilla/5.0 zgrab/0.x
70918	20.64.105.133	Mozilla/5.0 zgrab/0.x	12/1/2025 01:07:17 PM	User Agent Mozilla/5.0 zgrab/0.x
70917	20.64.105.127	Mozilla/5.0 zgrab/0.x	12/1/2025 11:59:29 AM	User Agent Mozilla/5.0 zgrab/0.x
70916	54.173.125.196	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	12/1/2025 11:25:51 AM	Tried to access http ip directly.
70915	4.189.136.80	Mozilla/5.0 (iPhone; CPU iPhone OS 16_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/118.0 Mobile/15E148 Safari/605.1.15	12/1/2025 11:12:22 AM	Evil 404 /admin/controller/extension/extension/
70914	75.119.139.162	Mozilla/5.0 (X11; Linux x86_64)	12/1/2025 11:09:23 AM	Evil 404 .env (AWS vulnerability)
70913	75.119.139.162	Mozilla/5.0 (X11; Linux x86_64)	12/1/2025 11:09:23 AM	Evil 404 .env (AWS vulnerability)
70912	4.241.185.10	Mozilla/5.0 (Linux; Android 12; SM-A525F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36	12/1/2025 10:22:19 AM	Evil 404 /admin/controller/extension/extension/
70911	149.13.91.105	python-requests/2.32.4	12/1/2025 10:04:49 AM	Tried to access http ip directly.
70910	4.217.180.63	Mozilla/5.0 (Linux; Android 11; 21081111RG) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Mobile Safari/537.36	12/1/2025 09:47:02 AM	Evil 404 /admin/function.php
70909	4.230.41.104	Mozilla/5.0 (Linux; Android 12; SM-A525F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36	12/1/2025 06:29:42 AM	Evil 404 /admin/controller/extension/extension/
70908	34.63.98.132	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36	12/1/2025 03:12:29 AM	Evil 404 /wp-includes/js/jquery/jquery.js
70907	137.184.84.186	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	12/1/2025 02:27:29 AM	Evil 404 .env (AWS vulnerability)
70906	35.202.124.59	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36	12/1/2025 01:35:30 AM	Evil 404 /wp-includes/js/jquery/jquery.js
70905	2.57.122.173	Mozilla/5.0 (Debian; Linux x86_64; rv:134.0) Gecko/20100101 Firefox/134.0	12/1/2025 01:32:39 AM	Evil 404 .env (AWS vulnerability)
70904	35.203.210.180	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	12/1/2025 01:09:31 AM	Tried to access http ip directly.
70903	34.14.118.150	python-requests/2.32.5	12/1/2025 12:40:23 AM	Tried to access http ip directly.
70902	20.41.75.148	Mozilla/5.0 (iPad; CPU OS 17_0_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.1 Mobile/15E148 Safari/604.1	11/30/2025 11:48:14 PM	Evil 404 /admin/function.php
70901	20.98.136.63	Mozilla/5.0 zgrab/0.x	11/30/2025 11:15:24 PM	Tried to access http ip directly.
70900	216.24.219.62	Go-http-client/1.1	11/30/2025 10:43:15 PM	Evil 404 /wp-content/txets.php
70899	87.120.191.38	Mozilla/5.0	11/30/2025 10:09:27 PM	Tried to access http ip directly.
70898	178.158.17.232	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	11/30/2025 09:29:29 PM	Tried to access http ip directly.
70897	4.241.249.26	Mozilla/5.0 (Linux; Android 12; 2201116SG) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Mobile Safari/537.36	11/30/2025 09:02:20 PM	Evil 404 /wp-admin/classwithtostring.php
70896	196.251.100.189	Hello World	11/30/2025 08:46:51 PM	Tried to access http ip directly.
70895	95.214.54.147	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46	11/30/2025 07:38:34 PM	Tried to access http ip directly.
70894	103.40.61.98	libredtail-http	11/30/2025 07:19:59 PM	Tried to access http ip directly.
70893	4.217.237.166	Mozilla/5.0 (iPhone; CPU iPhone OS 16_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Mobile/15E148 Safari/604.1	11/30/2025 06:59:53 PM	Evil 404 /wp-admin/classwithtostring.php
70892	149.50.97.212	Wget/1.12 (freebsd8.1)	11/30/2025 05:42:15 PM	User Agent Wget/1.12 (freebsd8.1)
70891	45.135.194.99	Hello World	11/30/2025 03:27:45 PM	Tried to access http ip directly.
70890	172.174.250.151	Mozilla/5.0 zgrab/0.x	11/30/2025 03:13:48 PM	User Agent Mozilla/5.0 zgrab/0.x
70889	3.129.23.188	python-requests/2.31.0	11/30/2025 02:27:39 PM	User Agent python-requests/2.31.0
70888	52.168.1.86	Mozilla/5.0 (iPhone; CPU iPhone OS 17_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/119.0.6045.109 Mobile/15E148 Safari/604.1	11/30/2025 01:59:12 PM	Evil 404 /admin/controller/extension/extension/
70887	44.220.48.213	python-httpx/0.28.1	11/30/2025 12:50:39 PM	User Agent python-httpx/0.28.1
70885	167.172.190.36	Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)	11/30/2025 11:36:54 AM	Tried to access http ip directly.
70886	46.101.225.54	Go-http-client/1.1	11/30/2025 11:36:54 AM	Tried to access http ip directly.
70884	138.197.191.158	Go-http-client/1.1	11/30/2025 11:25:01 AM	Evil 404 /cgi-bin/authLogin.cgi
70883	167.99.243.138	Go-http-client/1.1	11/30/2025 11:25:01 AM	Evil 404 /solr/admin/info/system
70882	3.84.163.153	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	11/30/2025 11:24:08 AM	Tried to access http ip directly.
70881	4.218.17.104	Mozilla/5.0 (Linux; Android 11; 21081111RG) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Mobile Safari/537.36	11/30/2025 10:20:47 AM	Evil 404 /admin/controller/extension/extension/
70880	137.184.167.209	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36	11/30/2025 07:30:45 AM	Tried to access http ip directly.
70879	111.237.111.115	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	11/30/2025 07:24:19 AM	Tried to access http ip directly.
70878	172.202.117.178	Mozilla/5.0 zgrab/0.x	11/30/2025 06:34:49 AM	User Agent Mozilla/5.0 zgrab/0.x
70877	199.45.155.93	Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)	11/30/2025 04:36:19 AM	Tried to access http ip directly.
70876	86.54.42.197	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36	11/30/2025 04:25:41 AM	Evil 404 .env (AWS vulnerability)
70875	158.220.103.210	libredtail-http	11/30/2025 04:18:41 AM	Tried to access http ip directly.
70874	106.219.68.2	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	11/30/2025 12:49:04 AM	Tried to access http ip directly.