Ban Hackers

Back in the day, hackers were unemployed or unemployable programmers or teenagers with nothing to do.
Now days, it's criminal organizations and Programmers (with a capital P) with masters degrees hired by foreign (and not so foreign) governments to hack into every server they can find. They even try to scan every possible IP address for web servers. When they find one, somebody later tries to hack it.
So, I set up a website for them to visit. It says Coming Soon.
Then, it records their IP Address and bans it from the server with iptables. It also adds their IP Address and User Agent string to the database.

Here are the IP addresses I've banned over the last week:

BannedID	IP	User Agent String	Date Hacked	Banned Reason
70331	104.248.240.71	Mozilla/5.0 (Macintosh; Intel Mac OS X 11) AppleWebKit/538.41 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36	11/6/2025 10:58:06 PM	Tried to access http ip directly.
70330	197.211.126.14	xfa1	11/6/2025 07:57:45 PM	Evil 404 /admin/config.php
70329	89.117.2.171	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36	11/6/2025 06:22:01 PM	Evil 404 .env (AWS vulnerability)
70328	35.203.210.7	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	11/6/2025 04:49:49 PM	Tried to access http ip directly.
70327	46.101.158.193	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	11/6/2025 04:18:10 PM	Evil 404 .env (AWS vulnerability)
70326	45.185.122.26	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	11/6/2025 02:47:13 PM	Tried to access http ip directly.
70325	199.45.155.88	Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)	11/6/2025 02:01:37 PM	Tried to access http ip directly.
70324	52.49.247.138	Mozilla/5.0 (compatible; NetcraftSurveyAgent/1.0; +info@netcraft.com)	11/6/2025 12:37:29 PM	Tried to access http ip directly.
70323	52.23.239.149	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	11/6/2025 11:27:26 AM	Tried to access http ip directly.
70322	134.209.157.35	libredtail-http	11/6/2025 11:06:09 AM	Tried to access http ip directly.
70321	34.26.143.178	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36	11/6/2025 09:29:13 AM	Evil 404 /wp-includes/js/jquery/jquery.js
70320	34.38.45.85	python-requests/2.32.5	11/6/2025 09:21:01 AM	Tried to access http ip directly.
70319	109.105.210.92	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36	11/6/2025 09:04:25 AM	Tried to access http ip directly.
70318	82.158.88.158	libredtail-http	11/6/2025 09:01:35 AM	Tried to access http ip directly.
70317	157.173.193.56	Go-http-client/1.1	11/6/2025 07:35:28 AM	Evil 404 /wp-content/style.php
70316	44.246.249.232	Mozilla/5.0	11/6/2025 07:15:05 AM	Evil 404 /wp-login.php
70315	20.14.73.63	Mozilla/5.0 zgrab/0.x	11/6/2025 06:38:44 AM	User Agent Mozilla/5.0 zgrab/0.x
70314	180.247.46.36	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7	11/6/2025 06:06:43 AM	Tried to access http ip directly.
70313	122.28.56.169	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36	11/6/2025 06:04:23 AM	Evil 404 /phpmyadmin2017/index.php?lang=en
70312	213.242.30.104	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	11/6/2025 04:51:11 AM	Tried to access http ip directly.
70311	34.77.191.38	python-requests/2.32.5	11/6/2025 04:11:49 AM	Tried to access http ip directly.
70310	91.196.152.5	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:134.0) Gecko/20100101 Firefox/134.0	11/6/2025 03:27:13 AM	Tried to access http ip directly.
70309	216.180.246.13	'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)'	11/6/2025 02:57:21 AM	Tried to access http ip directly.
70308	20.64.104.93	Mozilla/5.0 zgrab/0.x	11/5/2025 09:31:24 PM	User Agent Mozilla/5.0 zgrab/0.x
70307	174.138.6.88	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36	11/5/2025 09:19:03 PM	Tried to access http ip directly.
70306	162.216.150.163	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	11/5/2025 08:20:12 PM	Tried to access http ip directly.
70305	94.236.225.167	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36	11/5/2025 07:15:25 PM	Evil 404 /phpmyadmin3/index.php?lang=en
70304	54.79.235.27	python-httpx/0.24.1	11/5/2025 06:41:51 PM	User Agent python-httpx/0.24.1
70303	167.172.219.3	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	11/5/2025 04:13:26 PM	Evil 404 .env (AWS vulnerability)
70302	36.88.244.2	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7	11/5/2025 03:45:31 PM	Tried to access http ip directly.
70301	23.185.120.115	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36	11/5/2025 02:52:35 PM	Evil 404 .env (AWS vulnerability)
70300	154.16.10.170	libredtail-http	11/5/2025 02:14:18 PM	Tried to access http ip directly.
70299	34.201.34.132	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	11/5/2025 11:24:57 AM	Tried to access http ip directly.
70298	43.153.115.134	Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1	11/5/2025 10:34:56 AM	Tried to access http ip directly.
70297	45.142.193.171	Mozilla/5.0	11/5/2025 10:15:58 AM	Tried to access http ip directly.
70296	35.190.190.67	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36	11/5/2025 09:32:43 AM	Evil 404 /wp-includes/js/jquery/jquery.js
70295	165.154.182.53	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/566.37 (KHTML, like Gecko) Chrome/58.0.303 Safari/537.36	11/5/2025 09:11:38 AM	Tried to access http ip directly.
70294	78.135.107.199	xfa1	11/5/2025 09:11:24 AM	Evil 404 /admin/config.php
70293	118.193.59.142	curl/7.29.0	11/5/2025 09:11:16 AM	Tried to access http ip directly.
70292	20.15.163.73	Mozilla/5.0 zgrab/0.x	11/5/2025 08:35:55 AM	Tried to access http ip directly.
70291	36.255.98.88	python-requests/2.26.0	11/5/2025 07:09:27 AM	User Agent python-requests/2.26.0
70290	216.180.246.164	'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)'	11/5/2025 04:54:35 AM	Tried to access http ip directly.
70289	216.24.219.141	Go-http-client/1.1	11/5/2025 03:59:11 AM	Evil 404 /wp-content/style.php
70288	35.203.211.72	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	11/5/2025 12:02:55 AM	Tried to access http ip directly.
70287	45.185.68.245	xfa1	11/4/2025 10:49:53 PM	Evil 404 /admin/config.php
70286	44.220.188.201	Mozilla/5.0 (Windows NT 6.2;en-US) AppleWebKit/537.32.36 (KHTML, live Gecko) Chrome/55.0.3041.92 Safari/537.32	11/4/2025 10:30:32 PM	Tried to access http ip directly.
70285	51.158.54.10	xfa1	11/4/2025 09:36:04 PM	Evil 404 /admin/config.php
70284	157.230.30.169	Go-http-client/1.1	11/4/2025 07:19:21 PM	Tried to access http ip directly.
70283	139.59.134.212	Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)	11/4/2025 07:19:20 PM	Tried to access http ip directly.
70282	164.90.214.41	Go-http-client/1.1	11/4/2025 07:19:20 PM	Evil 404 /cgi-bin/authLogin.cgi
70281	164.92.160.210	Go-http-client/1.1	11/4/2025 07:19:20 PM	Evil 404 /solr/admin/info/system
70280	157.245.136.7	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	11/4/2025 07:06:00 PM	Tried to access http ip directly.
70279	45.148.10.160	Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0	11/4/2025 04:50:09 PM	Evil 404 .env (AWS vulnerability)
70278	104.248.203.50	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36	11/4/2025 04:18:29 PM	Tried to access http ip directly.
70277	139.59.89.220	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	11/4/2025 04:08:12 PM	Evil 404 .env (AWS vulnerability)
70276	20.168.113.228	Mozilla/5.0 zgrab/0.x	11/4/2025 02:52:53 PM	User Agent Mozilla/5.0 zgrab/0.x
70275	135.233.112.109	Mozilla/5.0 zgrab/0.x	11/4/2025 02:06:35 PM	User Agent Mozilla/5.0 zgrab/0.x
70274	54.165.201.203	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	11/4/2025 01:27:29 PM	Tried to access http ip directly.
70273	194.50.16.73	libwww-perl/6.05	11/4/2025 01:18:42 PM	Tried to access http ip directly.
70272	34.86.248.188	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36	11/4/2025 09:19:44 AM	Evil 404 /wp-includes/wlwmanifest.xml
70271	147.185.132.85	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	11/4/2025 07:13:44 AM	Tried to access http ip directly.
70270	20.106.56.86	Mozilla/5.0 zgrab/0.x	11/4/2025 07:13:33 AM	User Agent Mozilla/5.0 zgrab/0.x
70269	35.187.114.229	python-requests/2.32.5	11/4/2025 06:38:18 AM	Tried to access http ip directly.
70268	103.253.146.153	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36	11/4/2025 05:18:47 AM	Evil 404 /wp-includes/ID3/license.txt
70267	54.197.178.250	python-httpx/0.28.1	11/4/2025 05:02:40 AM	User Agent python-httpx/0.28.1
70266	162.216.149.189	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	11/4/2025 04:54:01 AM	Tried to access http ip directly.
70265	196.251.84.213	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36	11/4/2025 04:47:15 AM	Evil 404 .env (AWS vulnerability)
70264	176.65.148.246	Hello World	11/4/2025 04:22:27 AM	Tried to access http ip directly.
70263	82.202.180.163	ivre-masscan/1.3 https://github.com/robertdavidgraham/	11/4/2025 03:22:42 AM	Tried to access http ip directly.
70262	204.76.203.25	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.3	11/4/2025 03:18:21 AM	Evil 404 .env (AWS vulnerability)
70261	172.203.245.49	Mozilla/5.0 zgrab/0.x	11/4/2025 01:49:47 AM	Tried to access http ip directly.
70260	216.180.246.40	'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)'	11/4/2025 01:34:42 AM	Tried to access http ip directly.
70259	176.65.149.253	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36	11/3/2025 11:41:34 PM	Evil 404 .env (AWS vulnerability)
70258	2.133.56.194	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	11/3/2025 07:47:50 PM	Tried to access http ip directly.
70257	188.93.95.126	libredtail-http	11/3/2025 07:32:05 PM	Tried to access http ip directly.
70256	139.59.224.88	Mozilla/5.0 (X11; Linux x86_64; rv:83.0) Gecko/20100101 Firefox/83.0	11/3/2025 07:00:07 PM	Evil 404 .env (AWS vulnerability)
70255	185.180.141.9	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36	11/3/2025 05:01:52 PM	Tried to access http ip directly.
70254	2.58.113.138	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	11/3/2025 04:55:43 PM	Evil 404 /wp-login.php
70253	167.172.22.235	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	11/3/2025 04:04:40 PM	Evil 404 .env (AWS vulnerability)
70252	157.15.40.60	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36	11/3/2025 02:44:30 PM	Evil 404 .env (AWS vulnerability)
70251	196.251.70.130	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36	11/3/2025 01:28:03 PM	Evil 404 /wp-includes/wlwmanifest.xml
70250	54.160.230.90	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	11/3/2025 12:54:25 PM	Tried to access http ip directly.
70249	103.101.216.218	libredtail-http	11/3/2025 10:45:19 AM	Tried to access http ip directly.
70248	128.203.201.208	Mozilla/5.0 zgrab/0.x	11/3/2025 07:46:02 AM	User Agent Mozilla/5.0 zgrab/0.x
70247	212.227.3.26	libredtail-http	11/3/2025 06:44:52 AM	Tried to access http ip directly.
70246	216.180.246.69	'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)'	11/3/2025 04:28:56 AM	Tried to access http ip directly.
70245	144.31.64.70	libredtail-http	11/3/2025 03:40:00 AM	Tried to access http ip directly.
70244	74.235.122.210	Mozilla/5.0 zgrab/0.x	11/3/2025 03:26:35 AM	User Agent Mozilla/5.0 zgrab/0.x
70243	196.251.71.49	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0	11/3/2025 01:32:41 AM	Evil 404 .env (AWS vulnerability)
70242	20.14.74.238	Mozilla/5.0 zgrab/0.x	11/3/2025 12:40:54 AM	User Agent Mozilla/5.0 zgrab/0.x
70241	137.184.236.192	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36	11/3/2025 12:22:47 AM	Evil 404 /wp-includes/wlwmanifest.xml
70240	157.245.105.149	libredtail-http	11/2/2025 11:57:00 PM	Tried to access http ip directly.
70239	64.23.145.249	Mozilla/5.0	11/2/2025 11:01:42 PM	Evil 404 /wp-login.php
70238	89.19.190.11	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	11/2/2025 10:35:25 PM	Tried to access http ip directly.
70237	89.121.209.61	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	11/2/2025 07:20:57 PM	Tried to access http ip directly.
70236	193.228.134.161	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	11/2/2025 06:48:21 PM	Tried to access http ip directly.
70235	161.35.18.88	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	11/2/2025 06:15:00 PM	Evil 404 .env (AWS vulnerability)
70234	66.154.119.223	libredtail-http	11/2/2025 05:51:53 PM	Tried to access http ip directly.
70233	45.135.194.32	Mozilla/5.0 (bang2013@atomicmail.io)	11/2/2025 05:49:26 PM	Tried to access http ip directly.
70232	20.171.8.157	Mozilla/5.0 zgrab/0.x	11/2/2025 05:30:31 PM	Tried to access http ip directly.
70231	185.16.139.122	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	11/2/2025 04:37:51 PM	Tried to access http ip directly.
70229	206.174.162.8	Mozilla/5.0 (Linux; arm_64; Android 13; M2101K6G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.7204.105 YaBrowser/25.8.5.105.00 SA/3 Mobile Safari/537.36	11/2/2025 04:08:17 PM	Tried to access http ip directly.
70230	79.142.77.75	Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Mobile Safari/537.36	11/2/2025 04:08:17 PM	Tried to access http ip directly.
70228	205.169.39.57	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36	11/2/2025 03:16:31 PM	Tried to access http ip directly.
70227	34.118.12.4	Mozilla/5.0 (iPhone13,2; U; CPU iPhone OS 14_0 like Mac OS X) AppleWebKit/602.1.50 (KHTML, like Gecko) Version/10.0 Mobile/15E148 Safari/602.1	11/2/2025 03:13:55 PM	Tried to access http ip directly.
70226	167.71.175.236	Go-http-client/1.1	11/2/2025 03:12:02 PM	Evil 404 .env (AWS vulnerability)
70225	146.190.63.248	Go-http-client/1.1	11/2/2025 03:12:00 PM	Evil 404 .env (AWS vulnerability)
70224	96.41.38.202	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:139.0) Gecko/20100101 Firefox/139.0	11/2/2025 03:11:53 PM	Evil 404 .env (AWS vulnerability)
70223	176.65.148.212	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.3	11/2/2025 03:07:35 PM	Evil 404 .env (AWS vulnerability)
70222	216.24.219.90	Go-http-client/1.1	11/2/2025 02:56:53 PM	Evil 404 /wp-content/style.php
70221	218.104.149.58	Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36	11/2/2025 02:44:54 PM	Tried to access http ip directly.
70220	159.223.142.50	Mozilla/5.0 zgrab/0.x	11/2/2025 02:42:55 PM	Tried to access http ip directly.
70219	45.153.34.156	Mozilla/5.0 (bang2013@atomicmail.io)	11/2/2025 01:54:45 PM	Evil 404 /cgi-bin/luci/;stok=/locale?form=country&operation
70218	18.209.9.204	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	11/2/2025 12:49:04 PM	Tried to access http ip directly.
70217	164.68.123.140	libredtail-http	11/2/2025 08:20:49 AM	Tried to access http ip directly.
70216	202.46.113.51	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7	11/2/2025 07:15:22 AM	Tried to access http ip directly.
70215	65.49.1.202	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/120.0.6099.28 Safari/537.36	11/2/2025 06:12:06 AM	Tried to access http ip directly.
70214	162.216.150.171	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	11/2/2025 04:50:31 AM	Tried to access http ip directly.
70213	94.74.191.120	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36	11/2/2025 04:24:58 AM	Evil 404 .env (AWS vulnerability)
70212	185.213.154.182	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	11/2/2025 02:40:10 AM	Evil 404 .env (AWS vulnerability)
70211	217.154.8.176	libredtail-http	11/2/2025 02:10:17 AM	Tried to access http ip directly.
70210	13.89.125.229	Mozilla/5.0 zgrab/0.x	11/2/2025 02:03:17 AM	User Agent Mozilla/5.0 zgrab/0.x
70209	35.241.212.143	python-requests/2.32.5	11/2/2025 01:24:09 AM	Tried to access http ip directly.
70208	98.142.247.134	Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30	11/2/2025 01:01:07 AM	Evil 404 .env (AWS vulnerability)
70207	217.154.8.112	libredtail-http	11/2/2025 12:49:35 AM	Tried to access http ip directly.
70206	91.224.92.120	Mozilla/5.0 (X11; Linux x86_64) Gecko/20100101 Firefox/122.0	11/1/2025 11:41:54 PM	Evil 404 /wp-login.php
70205	107.170.45.102	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	11/1/2025 10:55:14 PM	Tried to access http ip directly.
70204	209.38.34.183	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36	11/1/2025 09:05:30 PM	Tried to access http ip directly.
70203	167.172.73.213	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36	11/1/2025 08:55:40 PM	Evil 404 /wp-includes/ID3/license.txt
70202	45.142.154.25	Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36	11/1/2025 07:13:31 PM	Tried to access http ip directly.
70201	68.183.82.182	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	11/1/2025 07:06:16 PM	Evil 404 .env (AWS vulnerability)
70200	143.244.187.201	ivre-masscan/1.3 https://github.com/robertdavidgraham/	11/1/2025 05:41:27 PM	Tried to access http ip directly.
70199	44.212.1.106	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	11/1/2025 01:45:15 PM	Tried to access http ip directly.
70198	194.187.176.157	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0	11/1/2025 01:29:17 PM	Tried to access http ip directly.
70197	135.237.127.112	Mozilla/5.0 zgrab/0.x	11/1/2025 01:24:32 PM	User Agent Mozilla/5.0 zgrab/0.x
70196	159.223.0.20	Mozilla/5.0 zgrab/0.x	11/1/2025 01:20:13 PM	Tried to access http ip directly.
70195	216.180.246.60	'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)'	11/1/2025 12:14:12 PM	Tried to access http ip directly.
70194	158.220.115.215	libredtail-http	11/1/2025 09:14:14 AM	Tried to access http ip directly.
70193	91.224.92.180	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36	11/1/2025 07:09:53 AM	Evil 404 /wp-login.php
70192	173.254.215.92	libredtail-http	11/1/2025 05:59:03 AM	Tried to access http ip directly.
70191	185.180.140.135	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36	11/1/2025 03:17:53 AM	Tried to access http ip directly.
70190	45.156.128.126	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36	11/1/2025 02:37:31 AM	Tried to access http ip directly.
70189	165.227.142.251	libredtail-http	11/1/2025 01:44:35 AM	Tried to access http ip directly.
70188	90.187.158.237	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36	11/1/2025 01:28:50 AM	Evil 404 /db/phpmyadmin/index.php?lang=en
70187	35.203.210.22	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	11/1/2025 12:59:47 AM	Tried to access http ip directly.
70186	165.154.233.77	libredtail-http	11/1/2025 12:49:09 AM	Tried to access http ip directly.
70185	82.165.93.136	ivre-masscan/1.3 https://github.com/robertdavidgraham/	10/31/2025 11:23:47 PM	Tried to access http ip directly.
70184	3.26.51.36	python-httpx/0.24.1	10/31/2025 07:13:25 PM	User Agent python-httpx/0.24.1
70183	107.170.44.115	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	10/31/2025 07:06:56 PM	Evil 404 .env (AWS vulnerability)
70182	148.113.221.28	Mozilla/5.0 (compatible; ModatScanner/1.1; +https://modat.io/)	10/31/2025 04:05:10 PM	Tried to access http ip directly.
70181	23.234.78.118	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	10/31/2025 03:26:18 PM	Tried to access http ip directly.
70180	54.196.205.163	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	10/31/2025 01:47:58 PM	Tried to access http ip directly.
70179	208.84.101.119	Mozilla/5.0 (Windows NT 10.0; Win64; x64)	10/31/2025 10:38:47 AM	Evil 404 /wp-admin/setup-config.php
70178	136.144.19.12	Go-http-client/1.1	10/31/2025 10:26:10 AM	Evil 404 /wp-content/style.php
70177	208.84.101.102	Mozilla/5.0 (Windows NT 10.0; Win64; x64)	10/31/2025 08:46:59 AM	Evil 404 /wp-admin/setup-config.php
70176	52.146.21.82	Mozilla/5.0 zgrab/0.x	10/31/2025 08:23:57 AM	User Agent Mozilla/5.0 zgrab/0.x
70175	91.232.238.112	ivre-masscan/1.3 https://github.com/robertdavidgraham/	10/31/2025 07:24:14 AM	Tried to access http ip directly.
70174	94.141.161.246	libredtail-http	10/31/2025 07:14:51 AM	Tried to access http ip directly.
70173	45.126.209.102	ivre-masscan/1.3 https://github.com/robertdavidgraham/	10/31/2025 06:21:01 AM	Tried to access http ip directly.
70172	172.237.118.18	Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20100101 Firefox/8.0	10/31/2025 03:55:39 AM	Tried to access http ip directly.
70171	45.119.85.39	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36	10/31/2025 03:48:04 AM	Evil 404 /wp-login.php
70170	192.241.154.87	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0	10/31/2025 03:07:05 AM	Tried to access http ip directly.
70169	2.58.56.112	Mozilla/5.0 (Windows NT 10.0; Win64; x64)	10/31/2025 02:50:01 AM	Evil 404 /wp-admin/setup-config.php
70168	138.197.164.219	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	10/31/2025 01:04:04 AM	Tried to access http ip directly.
70167	45.82.78.103	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:142.0) Gecko/20100101 Firefox/142.0	10/31/2025 12:27:57 AM	Tried to access http ip directly.
70166	80.94.95.226	Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36	10/31/2025 12:18:24 AM	Evil 404 /cgi-bin/luci/;stok=/locale?form=country
70165	194.61.40.76	Go-http-client/1.1	10/30/2025 11:08:54 PM	Evil 404 /wp-includes/css/buttons.css