Ban Hackers

Back in the day, hackers were unemployed or unemployable programmers or teenagers with nothing to do.
Now days, it's criminal organizations and Programmers (with a capital P) with masters degrees hired by foreign (and not so foreign) governments to hack into every server they can find. They even try to scan every possible IP address for web servers. When they find one, somebody later tries to hack it.
So, I set up a website for them to visit. It says Coming Soon.
Then, it records their IP Address and bans it from the server with iptables. It also adds their IP Address and User Agent string to the database.

Here are the IP addresses I've banned over the last week:

BannedID	IP	User Agent String	Date Hacked	Banned Reason
72677	138.68.154.106	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.137 Safari/537.36	2/7/2026 10:02:04 PM	Evil 404 .env (AWS vulnerability)
72676	171.12.10.164	Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36	2/7/2026 09:58:00 PM	Tried to access http ip directly.
72675	37.202.144.184	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	2/7/2026 09:43:39 PM	Tried to access http ip directly.
72674	157.245.103.95	Mozilla/5.0 (compatible; IPScanner/1.0)	2/7/2026 09:28:03 PM	Tried to access http ip directly.
72673	107.189.29.166	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36	2/7/2026 08:58:00 PM	Evil 404 /wp-login.php
72672	195.184.76.244	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:134.0) Gecko/20100101 Firefox/134.0	2/7/2026 08:51:03 PM	Tried to access http ip directly.
72671	185.180.141.57	python-httpx/0.28.1	2/7/2026 07:36:16 PM	User Agent python-httpx/0.28.1
72670	185.180.141.60	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36	2/7/2026 07:36:16 PM	Tried to access http ip directly.
72669	159.65.111.243	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	2/7/2026 06:52:52 PM	Tried to access http ip directly.
72668	147.185.133.134	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	2/7/2026 06:51:06 PM	Tried to access http ip directly.
72667	115.159.105.88	libredtail-http	2/7/2026 05:21:45 PM	Tried to access http ip directly.
72666	1.94.6.230	libredtail-http	2/7/2026 04:52:21 PM	Tried to access http ip directly.
72665	172.215.144.32	Mozilla/5.0 zgrab/0.x	2/7/2026 04:44:55 PM	Tried to access http ip directly.
72664	209.97.160.184	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36	2/7/2026 03:10:08 PM	Evil 404 /wp-includes/ID3/license.txt
72663	62.133.62.102	libredtail-http	2/7/2026 03:04:55 PM	Tried to access http ip directly.
72662	18.219.216.206	visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36	2/7/2026 11:55:43 AM	Tried to access http ip directly.
72661	13.59.157.137	visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36	2/7/2026 11:52:05 AM	Tried to access http ip directly.
72660	3.137.194.242	visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36	2/7/2026 11:46:19 AM	Tried to access http ip directly.
72659	54.224.230.196	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	2/7/2026 11:00:46 AM	Tried to access http ip directly.
72658	199.45.155.68	Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)	2/7/2026 05:51:31 AM	Tried to access http ip directly.
72657	45.156.87.50	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46	2/7/2026 05:18:40 AM	Tried to access http ip directly.
72656	167.71.91.232	Mozilla/5.0	2/7/2026 05:13:29 AM	Tried to access http ip directly.
72655	193.22.146.182	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36	2/7/2026 04:01:27 AM	Tried to access http ip directly.
72654	89.187.187.74	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36	2/7/2026 03:22:54 AM	Evil 404 /wp-includes/wlwmanifest.xml
72653	20.102.108.84	Mozilla/5.0 zgrab/0.x	2/7/2026 02:22:45 AM	User Agent Mozilla/5.0 zgrab/0.x
72652	185.247.137.41	Mozilla/5.0 (compatible; InternetMeasurement/1.0; +https://internet-measurement.com/)	2/7/2026 02:16:39 AM	Tried to access http ip directly.
72651	185.226.196.18	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36	2/7/2026 12:58:20 AM	Evil 404 /admin/
72650	185.226.196.19	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36	2/7/2026 12:55:54 AM	Evil 404 /cgi-bin/authLogin.cgi
72649	185.226.196.20	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36	2/7/2026 12:55:53 AM	Tried to access http ip directly.
72648	185.226.196.17	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36	2/7/2026 12:55:32 AM	Tried to access http ip directly.
72647	85.217.149.30	Mozilla/5.0 (compatible; ModatScanner/1.2; +https://modat.io/)	2/7/2026 12:11:10 AM	Tried to access http ip directly.
72646	3.135.20.78	visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36	2/6/2026 10:49:16 PM	Tried to access http ip directly.
72645	3.148.178.131	visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36	2/6/2026 10:45:59 PM	Tried to access http ip directly.
72644	18.218.81.94	visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36	2/6/2026 10:44:58 PM	Tried to access http ip directly.
72643	123.207.47.252	Go-http-client/1.1	2/6/2026 10:35:55 PM	Tried to access http ip directly.
72642	147.185.133.239	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	2/6/2026 09:50:50 PM	Tried to access http ip directly.
72641	118.193.33.130	curl/7.29.0	2/6/2026 09:30:49 PM	Tried to access http ip directly.
72640	182.100.119.4	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0	2/6/2026 06:33:48 PM	Tried to access http ip directly.
72639	167.71.118.212	Mozilla/5.0 (Linux; Android 12) Chrome/112.0	2/6/2026 05:45:05 PM	Evil 404 /admin/kcfinder/upload.php
72638	147.185.132.249	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	2/6/2026 05:21:46 PM	Tried to access http ip directly.
72637	165.22.58.37	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36	2/6/2026 04:37:35 PM	Evil 404 /wp-includes/ID3/license.txt
72636	79.52.91.13	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	2/6/2026 04:08:14 PM	Tried to access http ip directly.
72635	167.172.136.13	Mozilla/5.0 zgrab/0.x	2/6/2026 02:23:41 PM	Tried to access http ip directly.
72634	13.217.231.214	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	2/6/2026 11:01:51 AM	Tried to access http ip directly.
72633	1.12.226.163	Go-http-client/1.1	2/6/2026 09:32:04 AM	Tried to access http ip directly.
72632	40.124.185.240	Mozilla/5.0 zgrab/0.x	2/6/2026 09:06:36 AM	User Agent Mozilla/5.0 zgrab/0.x
72631	34.76.200.20	python-requests/2.32.5	2/6/2026 06:51:23 AM	Tried to access http ip directly.
72630	119.40.84.186	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36	2/6/2026 06:17:41 AM	Evil 404 .env (AWS vulnerability)
72629	157.245.95.82	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:130.0) Gecko/20100101 Firefox/130.0	2/6/2026 12:55:18 AM	Tried to access http ip directly.
72628	143.198.231.45	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:130.0) Gecko/20100101 Firefox/130.0	2/6/2026 12:51:36 AM	Tried to access http ip directly.
72627	147.185.133.204	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	2/5/2026 10:45:16 PM	Tried to access http ip directly.
72626	45.171.254.161	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	2/5/2026 09:10:18 PM	Tried to access http ip directly.
72625	195.184.76.156	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:134.0) Gecko/20100101 Firefox/134.0	2/5/2026 09:00:16 PM	Tried to access http ip directly.
72624	199.45.155.92	Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)	2/5/2026 08:19:11 PM	Tried to access http ip directly.
72623	106.119.184.3	Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/86.0.4240.111Safari/537.36	2/5/2026 07:25:30 PM	Tried to access http ip directly.
72622	165.154.227.13	libredtail-http	2/5/2026 07:17:20 PM	Tried to access http ip directly.
72621	167.71.150.79	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36	2/5/2026 06:49:07 PM	Evil 404 .env (AWS vulnerability)
72620	45.156.128.202	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36	2/5/2026 06:12:15 PM	Tried to access http ip directly.
72619	45.156.128.203	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36	2/5/2026 05:50:32 PM	Tried to access http ip directly.
72618	104.152.52.67	curl/7.61.1	2/5/2026 04:18:06 PM	Tried to access http ip directly.
72617	161.35.216.122	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	2/5/2026 03:58:26 PM	Evil 404 .env (AWS vulnerability)
72616	138.197.139.21	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	2/5/2026 01:03:37 PM	Tried to access http ip directly.
72615	18.207.126.200	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	2/5/2026 10:59:49 AM	Tried to access http ip directly.
72614	40.124.179.252	Mozilla/5.0 zgrab/0.x	2/5/2026 10:29:35 AM	User Agent Mozilla/5.0 zgrab/0.x
72613	172.239.103.164	Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20100101 Firefox/8.0	2/5/2026 08:25:13 AM	Tried to access http ip directly.
72612	54.248.96.35	Go-http-client/1.1	2/5/2026 08:08:45 AM	Tried to access http ip directly.
72611	60.165.238.170	Go-http-client/1.1	2/5/2026 08:06:08 AM	Tried to access http ip directly.
72610	216.180.246.32	'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)'	2/5/2026 07:32:20 AM	Tried to access http ip directly.
72609	175.178.116.123	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36	2/5/2026 07:26:30 AM	Evil 404 .env (AWS vulnerability)
72608	77.90.185.215	Mozilla/5.0 (X11; Linux x86_64; rv:140.0) Gecko/20100101 Firefox/140.0	2/5/2026 07:06:53 AM	Tried to access http ip directly.
72607	159.89.6.36	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36	2/5/2026 04:53:06 AM	Tried to access http ip directly.
72606	162.216.149.37	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	2/5/2026 03:39:54 AM	Tried to access http ip directly.
72605	13.86.116.180	Mozilla/5.0 zgrab/0.x	2/5/2026 01:58:16 AM	User Agent Mozilla/5.0 zgrab/0.x
72604	64.23.164.163	Mozilla/5.0 (X11; Linux x86_64; rv:142.0) Gecko/20100101 Firefox/142.0	2/5/2026 01:31:00 AM	Tried to access http ip directly.
72603	194.187.179.95	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0	2/5/2026 12:57:45 AM	Tried to access http ip directly.
72602	101.108.51.244	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15	2/5/2026 12:43:10 AM	Tried to access http ip directly.
72601	62.201.244.25	Mozilla/5.0	2/5/2026 12:19:16 AM	Tried to access http ip directly.
72600	185.186.25.226	python-requests/2.32.4	2/5/2026 12:08:17 AM	User Agent python-requests/2.32.4
72599	176.65.148.201	Linux Gnu (cow)	2/4/2026 11:53:38 PM	Tried to access http ip directly.
72598	18.189.91.7	Go-http-client/1.1	2/4/2026 06:53:21 PM	Tried to access http ip directly.
72597	23.234.109.47	Mozilla/5.0 zgrab/0.x	2/4/2026 03:01:40 PM	Tried to access http ip directly.
72596	159.223.42.132	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36	2/4/2026 02:50:55 PM	Evil 404 /wp-includes/ID3/license.txt
72595	91.196.152.191	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:134.0) Gecko/20100101 Firefox/134.0	2/4/2026 12:14:31 PM	Tried to access http ip directly.
72594	20.210.129.57	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	2/4/2026 11:22:08 AM	Evil 404 /wp-admin/css/colors/blue/index.php
72593	54.227.131.131	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	2/4/2026 11:00:59 AM	Tried to access http ip directly.
72592	160.30.137.9	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36	2/4/2026 10:22:48 AM	Evil 404 /wp-login.php
72591	213.139.77.117	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML	2/4/2026 09:36:20 AM	Tried to access http ip directly.
72590	20.194.17.220	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	2/4/2026 08:57:48 AM	Evil 404 /wp-admin/css/colors/blue/index.php
72589	136.0.9.104	Mozilla/5.0 (Linux; Android 5.0; SM-G900V Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.84 Mobile Safari/537.36	2/4/2026 08:13:51 AM	Evil 404 .env (AWS vulnerability)
72588	20.219.8.139	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	2/4/2026 07:40:11 AM	Evil 404 /cgi-bin/
72587	47.245.81.50	Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0;	2/4/2026 06:11:53 AM	Tried to access http ip directly.
72586	35.233.94.99	python-requests/2.32.5	2/4/2026 05:29:03 AM	Tried to access http ip directly.
72585	120.48.123.57	libredtail-http	2/4/2026 05:11:51 AM	Tried to access http ip directly.
72584	134.209.92.127	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	2/4/2026 04:32:24 AM	Evil 404 .env (AWS vulnerability)
72583	125.99.250.202	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Edg/120.0.0.0	2/4/2026 04:07:34 AM	Tried to access http ip directly.
72582	147.185.132.204	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	2/4/2026 03:50:38 AM	Tried to access http ip directly.
72581	20.255.75.91	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	2/4/2026 02:18:04 AM	Evil 404 /cgi-bin/
72580	20.196.192.167	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	2/4/2026 01:31:59 AM	Evil 404 /wp-content/themes/admin.php
72579	31.171.130.151	Go-http-client/1.1	2/4/2026 01:16:39 AM	Tried to access http ip directly.
72578	20.64.105.194	Mozilla/5.0 zgrab/0.x	2/4/2026 12:55:09 AM	User Agent Mozilla/5.0 zgrab/0.x
72577	43.143.7.239	Go-http-client/1.1	2/4/2026 12:48:51 AM	Tried to access http ip directly.
72576	45.156.248.107	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36	2/3/2026 10:48:47 PM	Evil 404 .env (AWS vulnerability)
72575	176.65.139.12	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46	2/3/2026 10:01:19 PM	Tried to access http ip directly.
72574	213.209.159.55	Go-http-client/1.1	2/3/2026 06:00:49 PM	Evil 404 .env (AWS vulnerability)
72573	185.247.137.169	Mozilla/5.0 (compatible; InternetMeasurement/1.0; +https://internet-measurement.com/)	2/3/2026 04:58:09 PM	Tried to access http ip directly.
72572	212.90.61.10	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	2/3/2026 04:43:56 PM	Tried to access http ip directly.
72571	104.248.193.254	Mozilla/5.0 (X11; Linux x86_64; rv:142.0) Gecko/20100101 Firefox/142.0	2/3/2026 11:25:24 AM	Tried to access http ip directly.
72570	3.90.6.14	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	2/3/2026 10:57:23 AM	Tried to access http ip directly.
72569	20.163.2.151	Mozilla/5.0 zgrab/0.x	2/3/2026 10:45:20 AM	User Agent Mozilla/5.0 zgrab/0.x
72568	67.205.180.128	Mozilla/5.0 (X11; Linux x86_64; rv:142.0) Gecko/20100101 Firefox/142.0	2/3/2026 09:37:01 AM	Tried to access http ip directly.
72567	152.32.192.230	Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36	2/3/2026 09:30:56 AM	Tried to access http ip directly.
72566	159.203.123.9	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	2/3/2026 09:03:06 AM	Tried to access http ip directly.
72565	172.174.236.56	Mozilla/5.0 zgrab/0.x	2/3/2026 07:50:04 AM	User Agent Mozilla/5.0 zgrab/0.x
72564	45.135.193.11	Go-http-client/1.1	2/3/2026 07:37:05 AM	Tried to access http ip directly.
72563	20.98.128.111	Mozilla/5.0 zgrab/0.x	2/3/2026 05:07:37 AM	Tried to access http ip directly.
72562	185.2.104.81	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	2/3/2026 03:45:25 AM	Tried to access http ip directly.
72561	45.148.10.244	Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0	2/3/2026 12:42:39 AM	Evil 404 .env (AWS vulnerability)
72560	34.118.63.78	Mozilla/5.0 (iPhone13,2; U; CPU iPhone OS 14_0 like Mac OS X) AppleWebKit/602.1.50 (KHTML, like Gecko) Version/10.0 Mobile/15E148 Safari/602.1	2/3/2026 12:06:38 AM	Tried to access http ip directly.
72559	181.113.30.194	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	2/2/2026 09:53:43 PM	Tried to access http ip directly.
72558	64.226.84.104	Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)	2/2/2026 07:49:17 PM	Tried to access http ip directly.
72557	103.172.78.45	masscan/1.3 (https://github.com/robertdavidgraham/masscan)	2/2/2026 06:51:25 PM	Tried to access http ip directly.
72556	89.185.81.112	libredtail-http	2/2/2026 06:40:06 PM	Tried to access http ip directly.
72555	47.250.95.30	curl/7.64.1	2/2/2026 06:33:30 PM	Tried to access http ip directly.
72554	104.248.130.58	Go-http-client/1.1	2/2/2026 05:38:34 PM	Tried to access http ip directly.
72553	209.38.211.43	Go-http-client/1.1	2/2/2026 05:38:34 PM	Evil 404 /cgi-bin/authLogin.cgi
72552	165.227.158.182	Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)	2/2/2026 05:38:33 PM	Tried to access http ip directly.
72551	43.204.119.140	Go-http-client/1.1	2/2/2026 05:33:29 PM	Tried to access http ip directly.
72550	3.145.168.139	Go-http-client/1.1	2/2/2026 05:14:05 PM	Tried to access http ip directly.
72549	139.59.210.36	Go-http-client/1.1	2/2/2026 04:18:08 PM	Evil 404 /solr/admin/info/system
72548	164.92.174.223	Go-http-client/1.1	2/2/2026 04:18:08 PM	Evil 404 /cgi-bin/authLogin.cgi
72547	159.223.38.93	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	2/2/2026 03:17:42 PM	Evil 404 .env (AWS vulnerability)
72546	176.65.139.7	Go-http-client/1.1	2/2/2026 03:02:19 PM	Tried to access http ip directly.
72545	43.224.137.203	Go-http-client/1.1	2/2/2026 02:02:26 PM	Tried to access http ip directly.
72544	129.204.4.253	Go-http-client/1.1	2/2/2026 01:21:39 PM	Tried to access http ip directly.
72543	20.75.89.92	Mozilla/5.0 (Linux x86_64; X11) Gecko/20022702 Firefox/20.0	2/2/2026 12:23:03 PM	Tried to access http ip directly.
72542	43.128.81.242	libredtail-http	2/2/2026 11:45:47 AM	Tried to access http ip directly.
72541	103.155.161.119	Go-http-client/1.1	2/2/2026 11:24:35 AM	Tried to access http ip directly.
72540	54.152.220.72	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	2/2/2026 10:56:44 AM	Tried to access http ip directly.
72539	40.115.138.186	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	2/2/2026 09:00:25 AM	Evil 404 /cgi-bin/
72538	20.118.240.192	Mozilla/5.0 zgrab/0.x	2/2/2026 08:00:47 AM	Tried to access http ip directly.
72537	2.58.56.147	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36	2/2/2026 07:12:27 AM	Tried to access http ip directly.
72536	35.238.109.167	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36	2/2/2026 07:12:22 AM	Evil 404 /wp-includes/wlwmanifest.xml
72535	3.110.191.144	Go-http-client/1.1	2/2/2026 06:49:11 AM	Tried to access http ip directly.
72534	34.134.185.102	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36	2/2/2026 06:45:12 AM	Evil 404 /wp-includes/wlwmanifest.xml
72533	68.183.188.59	Linux Gnu (cow)	2/2/2026 06:43:49 AM	Tried to access http ip directly.
72532	170.64.149.23	Mozilla/5.0	2/2/2026 04:45:13 AM	Tried to access http ip directly.
72531	147.185.133.118	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	2/2/2026 04:31:09 AM	Tried to access http ip directly.
72530	94.138.144.38	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	2/2/2026 04:30:57 AM	Tried to access http ip directly.
72529	106.53.123.143	Go-http-client/1.1	2/2/2026 02:59:58 AM	Tried to access http ip directly.
72528	185.102.115.142	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36	2/1/2026 11:03:34 PM	Evil 404 /wp-login.php
72527	104.28.214.117	Go-http-client/1.1	2/1/2026 09:44:38 PM	Evil 404 /wp-content/style.php
72526	195.40.154.8	libredtail-http	2/1/2026 07:54:59 PM	Tried to access http ip directly.
72525	170.64.215.143	Mozilla/5.0	2/1/2026 07:31:16 PM	Tried to access http ip directly.
72524	140.245.124.110	python-requests/2.32.5	2/1/2026 06:40:48 PM	User Agent python-requests/2.32.5
72523	5.63.19.3	Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36	2/1/2026 06:37:47 PM	Evil 404 /wp-login.php
72522	20.200.210.155	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	2/1/2026 06:16:51 PM	Evil 404 /wp-content/upgrade/index.php
72521	204.76.203.210	Mozilla/5.0 zgrab/0.x	2/1/2026 05:19:23 PM	Tried to access http ip directly.
72520	104.211.72.80	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	2/1/2026 05:15:37 PM	Evil 404 /wp-admin/css/colors/coffee/
72519	164.92.88.230	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36	2/1/2026 03:14:34 PM	Tried to access http ip directly.
72518	109.205.211.39	Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15	2/1/2026 02:41:12 PM	Evil 404 /wp-admin/
72517	20.64.106.118	Mozilla/5.0 zgrab/0.x	2/1/2026 01:52:18 PM	User Agent Mozilla/5.0 zgrab/0.x
72516	146.19.24.133	python-requests/2.31.0	2/1/2026 12:19:56 PM	Tried to access http ip directly.
72515	44.204.29.60	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	2/1/2026 10:59:43 AM	Tried to access http ip directly.
72514	51.96.134.13	Go-http-client/1.1	2/1/2026 10:25:35 AM	Tried to access http ip directly.
72513	52.231.68.175	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	2/1/2026 10:10:53 AM	Evil 404 /cgi-bin/
72512	101.43.79.101	Go-http-client/1.1	2/1/2026 08:54:10 AM	Tried to access http ip directly.
72511	138.118.241.89	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	2/1/2026 06:23:56 AM	Tried to access http ip directly.
72510	18.205.63.110	Go-http-client/1.1	2/1/2026 06:08:58 AM	Tried to access http ip directly.
72509	199.45.155.109	Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)	2/1/2026 05:41:05 AM	Tried to access http ip directly.
72508	206.189.187.126	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	2/1/2026 03:53:47 AM	Evil 404 .env (AWS vulnerability)
72507	62.171.180.237	libredtail-http	2/1/2026 03:21:58 AM	Tried to access http ip directly.
72506	185.193.89.25	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:147.0) Gecko/20100101 Firefox/147.0	2/1/2026 02:46:46 AM	Evil 404 .env (AWS vulnerability)
72505	20.29.23.198	Mozilla/5.0 zgrab/0.x	2/1/2026 02:40:31 AM	User Agent Mozilla/5.0 zgrab/0.x
72504	185.213.174.141	Mozilla/5.0	2/1/2026 01:11:10 AM	Tried to access http ip directly.
72503	205.185.116.204	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36	2/1/2026 12:45:12 AM	Evil 404 /wp-login.php
72502	43.225.157.162	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36	2/1/2026 12:40:40 AM	Evil 404 .env (AWS vulnerability)