Ban Hackers

Back in the day, hackers were unemployed or unemployable programmers or teenagers with nothing to do.
Now days, it's criminal organizations and Programmers (with a capital P) with masters degrees hired by foreign (and not so foreign) governments to hack into every server they can find. They even try to scan every possible IP address for web servers. When they find one, somebody later tries to hack it.
So, I set up a website for them to visit. It says Coming Soon.
Then, it records their IP Address and bans it from the server with iptables. It also adds their IP Address and User Agent string to the database.

Here are the IP addresses I've banned over the last week:

BannedID	IP	User Agent String	Date Hacked	Banned Reason
68980	162.216.149.170	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	9/13/2025 10:04:22 PM	Tried to access http ip directly.
68979	46.98.128.239	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	9/13/2025 09:31:27 PM	Tried to access http ip directly.
68978	142.93.36.79	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/13/2025 06:32:03 PM	Evil 404 .env (AWS vulnerability)
68977	52.71.253.212	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	9/13/2025 04:47:49 PM	Tried to access http ip directly.
68976	185.93.89.60	Go-http-client/1.1	9/13/2025 01:37:22 PM	Evil 404 .env (AWS vulnerability)
68975	185.93.89.60	Go-http-client/1.1	9/13/2025 01:37:22 PM	Evil 404 .env (AWS vulnerability)
68974	69.5.7.86	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0	9/13/2025 01:27:35 PM	Evil 404 /boaform/admin/formLogin
68973	135.237.126.202	Mozilla/5.0 zgrab/0.x	9/13/2025 12:56:28 PM	User Agent Mozilla/5.0 zgrab/0.x
68972	165.22.61.231	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/13/2025 06:34:55 AM	Evil 404 .env (AWS vulnerability)
68971	185.107.44.224	libredtail-http	9/13/2025 05:58:29 AM	Tried to access http ip directly.
68970	222.112.53.206	curl/7.88.1	9/13/2025 04:24:42 AM	Tried to access http ip directly.
68969	23.95.184.98	Mozilla/5.0	9/13/2025 04:14:17 AM	Tried to access http ip directly.
68968	147.185.132.236	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	9/13/2025 03:11:54 AM	Tried to access http ip directly.
68967	216.180.246.165	'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)'	9/13/2025 01:12:28 AM	Tried to access http ip directly.
68966	45.156.130.31	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36	9/13/2025 12:41:46 AM	Tried to access http ip directly.
68965	2.57.122.112	curl/7.68.0	9/12/2025 10:37:35 PM	User Agent curl/7.68.0
68964	44.246.199.121	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36	9/12/2025 10:31:32 PM	Tried to access http ip directly.
68963	104.167.222.134	python-requests/2.28.1	9/12/2025 09:10:37 PM	User Agent python-requests/2.28.1
68962	205.169.39.11	Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36	9/12/2025 08:47:16 PM	Tried to access http ip directly.
68961	46.101.238.25	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/12/2025 06:15:46 PM	Evil 404 .env (AWS vulnerability)
68960	161.35.147.65	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	9/12/2025 05:21:34 PM	Tried to access http ip directly.
68959	20.29.24.90	Mozilla/5.0 zgrab/0.x	9/12/2025 02:27:09 PM	User Agent Mozilla/5.0 zgrab/0.x
68958	44.203.55.222	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	9/12/2025 01:40:11 PM	Tried to access http ip directly.
68957	114.37.117.226	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	9/12/2025 11:58:05 AM	Tried to access http ip directly.
68956	167.99.93.212	Mozilla/5.0 zgrab/0.x	9/12/2025 11:29:48 AM	User Agent Mozilla/5.0 zgrab/0.x
68955	91.184.95.206	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	9/12/2025 11:10:39 AM	Tried to access http ip directly.
68954	91.184.95.206	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	9/12/2025 11:10:39 AM	Tried to access http ip directly.
68953	165.154.217.223	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36	9/12/2025 10:35:52 AM	Evil 404 .env (AWS vulnerability)
68952	157.10.186.119	libredtail-http	9/12/2025 09:08:35 AM	Tried to access http ip directly.
68951	83.242.233.52	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	9/12/2025 08:32:02 AM	Tried to access http ip directly.
68950	143.110.191.82	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/12/2025 07:08:17 AM	Evil 404 .env (AWS vulnerability)
68949	111.247.1.139	libredtail-http	9/12/2025 06:09:16 AM	Tried to access http ip directly.
68948	47.85.0.193	libredtail-http	9/12/2025 05:16:21 AM	Tried to access http ip directly.
68947	216.180.246.98	'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)'	9/12/2025 04:25:18 AM	Tried to access http ip directly.
68946	165.22.72.144	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0	9/12/2025 03:06:38 AM	Tried to access http ip directly.
68945	162.216.150.73	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	9/12/2025 02:54:24 AM	Tried to access http ip directly.
68944	141.98.11.152	Go-http-client/1.1	9/12/2025 02:39:54 AM	Evil 404 .env (AWS vulnerability)
68943	35.205.129.113	python-requests/2.32.4	9/12/2025 02:18:28 AM	Tried to access http ip directly.
68942	168.126.112.150	libredtail-http	9/12/2025 01:41:04 AM	Tried to access http ip directly.
68941	176.58.105.230	Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20100101 Firefox/8.0	9/11/2025 11:58:08 PM	Tried to access http ip directly.
68940	202.154.55.69	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	9/11/2025 11:54:19 PM	Tried to access http ip directly.
68938	159.89.198.71	Mozilla/5.0 (X11; Linux x86_64)	9/11/2025 11:45:54 PM	Evil 404 .env (AWS vulnerability)
68939	159.89.198.71	Mozilla/5.0 (X11; Linux x86_64)	9/11/2025 11:45:54 PM	Evil 404 .env (AWS vulnerability)
68937	20.65.193.159	Mozilla/5.0 zgrab/0.x	9/11/2025 11:39:09 PM	Tried to access http ip directly.
68936	196.251.69.32	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0	9/11/2025 11:37:04 PM	Evil 404 .env (AWS vulnerability)
68935	45.67.138.250	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.3.1 Safari/605.1.15	9/11/2025 10:32:12 PM	Tried to access http ip directly.
68934	40.124.184.27	Mozilla/5.0 zgrab/0.x	9/11/2025 08:57:23 PM	User Agent Mozilla/5.0 zgrab/0.x
68933	78.128.113.2	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0	9/11/2025 08:33:24 PM	Tried to access http ip directly.
68932	54.221.187.42	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	9/11/2025 08:24:13 PM	Tried to access http ip directly.
68931	147.185.132.48	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	9/11/2025 07:04:11 PM	Tried to access http ip directly.
68930	167.172.81.17	Mozilla/5.0 (iPad; CPU OS 8_4 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Mobile/12H143	9/11/2025 07:03:42 PM	Tried to access http ip directly.
68929	137.184.125.220	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/11/2025 06:12:30 PM	Evil 404 .env (AWS vulnerability)
68928	147.185.132.213	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	9/11/2025 04:09:26 PM	Tried to access http ip directly.
68927	80.210.26.80	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7	9/11/2025 02:59:36 PM	Tried to access http ip directly.
68926	159.65.136.3	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36	9/11/2025 01:35:58 PM	Evil 404 /wp-includes/ID3/license.txt
68925	162.243.211.116	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	9/11/2025 12:03:41 PM	Tried to access http ip directly.
68924	15.223.240.17	l9tcpid/v1.1.0	9/11/2025 11:04:23 AM	Tried to access http ip directly.
68923	18.61.78.179	l9tcpid/v1.1.0	9/11/2025 11:03:11 AM	Tried to access http ip directly.
68922	98.130.60.103	l9tcpid/v1.1.0	9/11/2025 10:58:30 AM	Tried to access http ip directly.
68921	3.96.168.145	l9tcpid/v1.1.0	9/11/2025 10:56:28 AM	Tried to access http ip directly.
68920	162.55.212.128	libredtail-http	9/11/2025 10:50:37 AM	Tried to access http ip directly.
68919	35.183.134.118	l9tcpid/v1.1.0	9/11/2025 10:25:38 AM	Tried to access http ip directly.
68918	89.36.78.122	masscan/1.0 (https://github.com/robertdavidgraham/masscan)	9/11/2025 10:01:12 AM	Tried to access http ip directly.
68917	3.99.46.229	l9tcpid/v1.1.0	9/11/2025 09:58:03 AM	Tried to access http ip directly.
68916	3.96.140.188	l9tcpid/v1.1.0	9/11/2025 09:21:20 AM	Tried to access http ip directly.
68915	216.180.246.179	'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)'	9/11/2025 09:19:09 AM	Tried to access http ip directly.
68914	98.130.143.236	l9tcpid/v1.1.0	9/11/2025 08:34:36 AM	Tried to access http ip directly.
68913	3.96.48.139	l9tcpid/v1.1.0	9/11/2025 08:31:08 AM	Tried to access http ip directly.
68912	35.181.65.167	l9tcpid/v1.1.0	9/11/2025 08:22:30 AM	Tried to access http ip directly.
68911	15.168.13.153	l9tcpid/v1.1.0	9/11/2025 08:15:43 AM	Tried to access http ip directly.
68910	15.168.12.109	l9tcpid/v1.1.0	9/11/2025 08:12:50 AM	Tried to access http ip directly.
68909	3.96.210.41	l9tcpid/v1.1.0	9/11/2025 08:12:09 AM	Tried to access http ip directly.
68908	16.52.92.122	l9tcpid/v1.1.0	9/11/2025 08:11:08 AM	Tried to access http ip directly.
68907	18.60.217.49	l9tcpid/v1.1.0	9/11/2025 08:08:19 AM	Tried to access http ip directly.
68906	98.130.120.187	l9tcpid/v1.1.0	9/11/2025 08:06:59 AM	Tried to access http ip directly.
68905	35.245.23.181	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36	9/11/2025 08:06:40 AM	Evil 404 /wp-includes/js/jquery/jquery.js
68904	3.99.33.88	l9tcpid/v1.1.0	9/11/2025 07:59:14 AM	Tried to access http ip directly.
68903	209.38.98.22	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/11/2025 07:56:16 AM	Evil 404 .env (AWS vulnerability)
68902	15.156.63.229	l9tcpid/v1.1.0	9/11/2025 07:41:11 AM	Tried to access http ip directly.
68901	35.182.17.24	l9tcpid/v1.1.0	9/11/2025 07:12:04 AM	Tried to access http ip directly.
68900	98.130.129.37	l9tcpid/v1.1.0	9/11/2025 06:53:06 AM	Tried to access http ip directly.
68899	91.196.152.218	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:134.0) Gecko/20100101 Firefox/134.0	9/11/2025 06:46:12 AM	Tried to access http ip directly.
68898	18.61.230.159	l9tcpid/v1.1.0	9/11/2025 06:45:47 AM	Tried to access http ip directly.
68897	35.182.253.139	l9tcpid/v1.1.0	9/11/2025 06:40:39 AM	Tried to access http ip directly.
68896	15.223.3.4	l9tcpid/v1.1.0	9/11/2025 06:25:56 AM	Tried to access http ip directly.
68895	5.237.3.1	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	9/11/2025 06:25:22 AM	Tried to access http ip directly.
68894	3.96.183.210	l9tcpid/v1.1.0	9/11/2025 06:24:36 AM	Tried to access http ip directly.
68893	35.182.141.39	l9tcpid/v1.1.0	9/11/2025 06:18:37 AM	Tried to access http ip directly.
68892	98.130.56.76	l9tcpid/v1.1.0	9/11/2025 06:09:57 AM	Tried to access http ip directly.
68891	35.183.45.28	l9tcpid/v1.1.0	9/11/2025 06:03:53 AM	Tried to access http ip directly.
68890	13.89.124.213	Mozilla/5.0 zgrab/0.x	9/11/2025 05:54:28 AM	User Agent Mozilla/5.0 zgrab/0.x
68889	15.223.119.210	l9tcpid/v1.1.0	9/11/2025 05:23:23 AM	Tried to access http ip directly.
68888	34.140.92.201	python-requests/2.32.4	9/11/2025 04:49:12 AM	Tried to access http ip directly.
68887	43.203.117.241	l9tcpid/v1.1.0	9/11/2025 04:46:40 AM	Tried to access http ip directly.
68886	101.32.49.171	Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1	9/11/2025 04:28:05 AM	Tried to access http ip directly.
68885	15.223.226.7	l9tcpid/v1.1.0	9/11/2025 04:09:44 AM	Tried to access http ip directly.
68884	18.61.84.132	l9tcpid/v1.1.0	9/11/2025 04:09:20 AM	Tried to access http ip directly.
68883	35.183.105.49	l9tcpid/v1.1.0	9/11/2025 04:01:28 AM	Tried to access http ip directly.
68882	3.39.25.155	l9tcpid/v1.1.0	9/11/2025 03:55:50 AM	Tried to access http ip directly.
68881	15.164.163.58	l9tcpid/v1.1.0	9/11/2025 03:49:45 AM	Tried to access http ip directly.
68880	98.130.143.187	l9tcpid/v1.1.0	9/11/2025 03:32:59 AM	Tried to access http ip directly.
68879	18.61.226.85	l9tcpid/v1.1.0	9/11/2025 03:18:10 AM	Tried to access http ip directly.
68878	35.183.125.15	l9tcpid/v1.1.0	9/11/2025 03:10:18 AM	Tried to access http ip directly.
68877	16.52.148.62	l9tcpid/v1.1.0	9/11/2025 03:07:52 AM	Tried to access http ip directly.
68876	16.52.34.51	l9tcpid/v1.1.0	9/11/2025 03:04:45 AM	Tried to access http ip directly.
68875	20.65.194.58	Mozilla/5.0 zgrab/0.x	9/11/2025 02:30:33 AM	User Agent Mozilla/5.0 zgrab/0.x
68874	15.156.204.153	l9tcpid/v1.1.0	9/11/2025 02:23:59 AM	Tried to access http ip directly.
68873	18.60.48.97	l9tcpid/v1.1.0	9/11/2025 02:20:32 AM	Tried to access http ip directly.
68872	15.222.24.184	l9tcpid/v1.1.0	9/11/2025 01:51:28 AM	Tried to access http ip directly.
68871	195.184.76.215	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:134.0) Gecko/20100101 Firefox/134.0	9/11/2025 01:50:15 AM	Tried to access http ip directly.
68870	15.223.92.146	l9tcpid/v1.1.0	9/11/2025 01:36:42 AM	Tried to access http ip directly.
68869	35.183.137.198	l9tcpid/v1.1.0	9/11/2025 01:32:53 AM	Tried to access http ip directly.
68868	35.245.158.50	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36	9/11/2025 01:09:54 AM	Evil 404 /wp-includes/js/jquery/jquery.js
68867	16.52.162.213	l9tcpid/v1.1.0	9/11/2025 01:09:04 AM	Tried to access http ip directly.
68866	99.79.47.128	l9tcpid/v1.1.0	9/11/2025 12:50:28 AM	Tried to access http ip directly.
68865	3.38.145.253	l9tcpid/v1.1.0	9/11/2025 12:43:26 AM	Tried to access http ip directly.
68864	34.79.62.169	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36	9/11/2025 12:19:38 AM	Evil 404 /wp-includes/js/jquery/jquery.js
68863	52.78.192.211	l9tcpid/v1.1.0	9/11/2025 12:17:29 AM	Tried to access http ip directly.
68862	98.130.59.123	l9tcpid/v1.1.0	9/10/2025 11:49:06 PM	Tried to access http ip directly.
68861	35.203.210.100	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	9/10/2025 11:43:34 PM	Tried to access http ip directly.
68860	35.182.225.68	l9tcpid/v1.1.0	9/10/2025 11:42:51 PM	Tried to access http ip directly.
68859	144.172.104.19	Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36	9/10/2025 11:42:06 PM	Evil 404 /wp-admin/network/index.php
68858	15.223.33.170	l9tcpid/v1.1.0	9/10/2025 11:41:10 PM	Tried to access http ip directly.
68857	18.61.25.253	l9tcpid/v1.1.0	9/10/2025 11:39:04 PM	Tried to access http ip directly.
68856	172.236.228.111	Mozilla/5.0 (Macintosh; Intel Mac OS X 13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	9/10/2025 11:36:55 PM	Tried to access http ip directly.
68855	40.192.27.144	l9tcpid/v1.1.0	9/10/2025 11:33:04 PM	Tried to access http ip directly.
68854	15.156.69.58	l9tcpid/v1.1.0	9/10/2025 11:32:31 PM	Tried to access http ip directly.
68853	18.60.247.66	l9tcpid/v1.1.0	9/10/2025 11:25:24 PM	Tried to access http ip directly.
68852	18.60.60.165	l9tcpid/v1.1.0	9/10/2025 11:25:20 PM	Tried to access http ip directly.
68851	34.77.35.25	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36	9/10/2025 11:04:54 PM	Evil 404 /wp-includes/js/jquery/jquery.js
68850	3.98.67.46	l9tcpid/v1.1.0	9/10/2025 10:57:49 PM	Tried to access http ip directly.
68849	18.61.28.167	l9tcpid/v1.1.0	9/10/2025 10:53:07 PM	Tried to access http ip directly.
68848	15.222.253.80	l9tcpid/v1.1.0	9/10/2025 10:44:08 PM	Tried to access http ip directly.
68847	35.183.6.233	l9tcpid/v1.1.0	9/10/2025 10:43:29 PM	Tried to access http ip directly.
68846	35.182.158.100	l9tcpid/v1.1.0	9/10/2025 10:40:42 PM	Tried to access http ip directly.
68845	18.60.53.39	l9tcpid/v1.1.0	9/10/2025 10:24:42 PM	Tried to access http ip directly.
68844	16.112.19.219	l9tcpid/v1.1.0	9/10/2025 09:51:28 PM	Tried to access http ip directly.
68843	18.60.110.45	l9tcpid/v1.1.0	9/10/2025 09:47:26 PM	Tried to access http ip directly.
68842	18.60.47.59	l9tcpid/v1.1.0	9/10/2025 09:02:23 PM	Tried to access http ip directly.
68841	18.61.29.13	l9tcpid/v1.1.0	9/10/2025 08:52:02 PM	Tried to access http ip directly.
68840	193.24.123.88	ivre-masscan/1.3 https://github.com/robertdavidgraham/	9/10/2025 08:34:17 PM	Tried to access http ip directly.
68839	13.38.219.58	l9tcpid/v1.1.0	9/10/2025 08:27:28 PM	Tried to access http ip directly.
68838	18.61.2.76	l9tcpid/v1.1.0	9/10/2025 08:16:22 PM	Tried to access http ip directly.
68837	161.35.28.209	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36	9/10/2025 08:12:13 PM	Tried to access http ip directly.
68836	18.60.255.46	l9tcpid/v1.1.0	9/10/2025 07:54:16 PM	Tried to access http ip directly.
68835	137.184.99.120	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/10/2025 07:52:06 PM	Evil 404 .env (AWS vulnerability)
68834	18.60.204.117	l9tcpid/v1.1.0	9/10/2025 07:22:57 PM	Tried to access http ip directly.
68833	18.60.57.179	l9tcpid/v1.1.0	9/10/2025 07:19:34 PM	Tried to access http ip directly.
68832	18.206.199.56	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	9/10/2025 07:11:42 PM	Tried to access http ip directly.
68831	131.108.197.230	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7	9/10/2025 07:03:15 PM	Tried to access http ip directly.
68830	98.130.142.253	l9tcpid/v1.1.0	9/10/2025 06:59:23 PM	Tried to access http ip directly.
68829	98.130.129.5	l9tcpid/v1.1.0	9/10/2025 06:54:27 PM	Tried to access http ip directly.
68828	135.119.96.82	Mozilla/5.0 zgrab/0.x	9/10/2025 06:29:08 PM	Tried to access http ip directly.
68827	18.60.115.7	l9tcpid/v1.1.0	9/10/2025 05:49:26 PM	Tried to access http ip directly.
68826	18.60.144.178	l9tcpid/v1.1.0	9/10/2025 05:36:05 PM	Tried to access http ip directly.
68825	20.221.56.85	Mozilla/5.0 zgrab/0.x	9/10/2025 05:21:18 PM	User Agent Mozilla/5.0 zgrab/0.x
68824	18.61.156.44	l9tcpid/v1.1.0	9/10/2025 05:10:07 PM	Tried to access http ip directly.
68823	196.251.69.55	Mozilla/5.0	9/10/2025 04:01:56 PM	Evil 404 /wp-login.php
68822	165.227.38.1	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	9/10/2025 08:46:18 AM	Tried to access http ip directly.
68821	164.90.221.194	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/10/2025 06:27:17 AM	Evil 404 .env (AWS vulnerability)
68820	20.29.49.134	Mozilla/5.0 zgrab/0.x	9/10/2025 06:04:58 AM	User Agent Mozilla/5.0 zgrab/0.x
68819	35.195.226.12	python-requests/2.32.4	9/10/2025 05:37:37 AM	Tried to access http ip directly.
68818	216.180.246.173	'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)'	9/10/2025 03:10:57 AM	Tried to access http ip directly.
68817	162.216.150.67	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	9/10/2025 03:04:24 AM	Tried to access http ip directly.
68816	216.180.246.181	'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)'	9/10/2025 02:27:50 AM	Tried to access http ip directly.
68815	196.251.84.66	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46	9/10/2025 01:24:26 AM	Tried to access http ip directly.
68814	78.128.113.59	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0	9/10/2025 12:11:48 AM	Tried to access http ip directly.
68813	74.235.104.219	Mozilla/5.0 zgrab/0.x	9/9/2025 11:43:01 PM	User Agent Mozilla/5.0 zgrab/0.x
68812	91.105.18.1	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	9/9/2025 08:53:52 PM	Tried to access http ip directly.
68811	46.101.125.252	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/9/2025 07:44:03 PM	Evil 404 .env (AWS vulnerability)
68810	223.167.169.68	Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36	9/9/2025 07:12:32 PM	Tried to access http ip directly.
68809	100.25.216.250	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	9/9/2025 06:53:18 PM	Tried to access http ip directly.
68808	23.225.178.154	masscan/1.0 (https://github.com/robertdavidgraham/masscan)	9/9/2025 04:32:59 PM	Tried to access http ip directly.
68807	68.235.46.45	python-requests/2.32.3	9/9/2025 02:43:20 PM	User Agent python-requests/2.32.3
68806	220.248.224.228	ivre-masscan/1.3 https://github.com/robertdavidgraham/	9/9/2025 12:04:30 PM	Tried to access http ip directly.
68805	61.72.67.30	curl/7.88.1	9/9/2025 10:04:14 AM	Tried to access http ip directly.
68804	207.244.238.24	Python-urllib/3.8	9/9/2025 07:48:54 AM	Tried to access http ip directly.
68803	41.205.90.51	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7	9/9/2025 06:54:49 AM	Tried to access http ip directly.
68802	134.122.20.41		9/9/2025 06:22:34 AM	Tried to log in as root with no password.
68801	206.189.20.193	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/9/2025 06:13:05 AM	Evil 404 .env (AWS vulnerability)
68800	81.17.20.98	Python-urllib/2.5	9/9/2025 06:03:56 AM	User Agent Python-urllib/2.5
68799	35.222.106.164	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36	9/9/2025 04:21:10 AM	Evil 404 /wp-includes/wlwmanifest.xml
68798	180.149.126.3	Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36	9/9/2025 04:19:46 AM	Tried to access http ip directly.
68797	192.241.154.229	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	9/9/2025 03:53:18 AM	Tried to access http ip directly.
68796	216.180.246.191	'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)'	9/9/2025 01:54:34 AM	Tried to access http ip directly.
68795	64.62.156.182	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0	9/9/2025 01:28:09 AM	Tried to access http ip directly.
68794	118.191.0.204	libredtail-http	9/8/2025 10:26:12 PM	Tried to access http ip directly.
68793	35.203.210.37	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	9/8/2025 08:12:41 PM	Tried to access http ip directly.
68792	134.209.110.22	Mozilla/5.0 (iPad; CPU OS 8_4_1 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Mobile/12H321	9/8/2025 08:04:52 PM	Tried to access http ip directly.
68791	67.205.162.140	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/8/2025 07:37:06 PM	Evil 404 .env (AWS vulnerability)
68790	54.224.190.116	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	9/8/2025 06:05:22 PM	Tried to access http ip directly.
68789	20.51.234.214	Mozilla/5.0 zgrab/0.x	9/8/2025 05:34:54 PM	User Agent Mozilla/5.0 zgrab/0.x
68788	41.226.30.81		9/8/2025 02:35:20 PM	Tried to log in as root with no password.
68787	74.235.140.14	Mozilla/5.0 zgrab/0.x	9/8/2025 02:02:55 PM	User Agent Mozilla/5.0 zgrab/0.x
68786	176.65.149.28	Go-http-client/1.1	9/8/2025 12:09:11 PM	Tried to access http ip directly.
68785	64.227.87.58	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.1 Safari/605.1.15	9/8/2025 09:37:40 AM	Evil 404 /wp-content/plugins/wp-automatic/inc/csv.php
68784	159.65.143.163	masscan/1.0 (https://github.com/robertdavidgraham/masscan)	9/8/2025 09:25:48 AM	Tried to access http ip directly.
68783	20.12.240.74	Mozilla/5.0 zgrab/0.x	9/8/2025 06:54:15 AM	Tried to access http ip directly.
68782	143.244.142.110	libredtail-http	9/8/2025 06:01:21 AM	Tried to access http ip directly.
68781	162.216.149.213	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	9/8/2025 05:49:38 AM	Tried to access http ip directly.
68780	162.243.36.56	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/8/2025 05:29:43 AM	Evil 404 .env (AWS vulnerability)
68779	34.140.71.81	python-requests/2.32.4	9/8/2025 05:07:13 AM	Tried to access http ip directly.
68778	5.129.182.168	libredtail-http	9/8/2025 02:49:04 AM	Tried to access http ip directly.
68777	178.19.39.223	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	9/8/2025 02:43:59 AM	Tried to access http ip directly.
68776	216.180.246.46	'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)'	9/8/2025 02:15:44 AM	Tried to access http ip directly.
68775	178.47.141.25	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	9/8/2025 12:50:49 AM	Tried to access http ip directly.
68774	117.208.238.62	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	9/7/2025 11:53:33 PM	Tried to access http ip directly.
68773	34.106.91.109	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36	9/7/2025 11:36:19 PM	Evil 404 /wp-includes/js/jquery/jquery.js
68772	43.131.23.154	Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1	9/7/2025 09:49:20 PM	Tried to access http ip directly.
68771	20.169.105.57	Mozilla/5.0 zgrab/0.x	9/7/2025 09:20:54 PM	User Agent Mozilla/5.0 zgrab/0.x
68770	68.183.212.213	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	9/7/2025 08:57:59 PM	Tried to access http ip directly.
68769	174.142.1.12	Mozilla/5.0	9/7/2025 06:45:37 PM	Evil 404 /admin/config?cmd=cat+/root/.aws/credentials
68768	187.228.199.76		9/7/2025 06:34:52 PM	Tried to log in as root with no password.
68767	44.203.130.154	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	9/7/2025 06:19:23 PM	Tried to access http ip directly.
68766	107.170.49.160	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/7/2025 05:32:49 PM	Evil 404 .env (AWS vulnerability)
68765	146.148.26.145	python-requests/2.32.4	9/7/2025 05:25:48 PM	Tried to access http ip directly.
68764	96.44.154.147	python-requests/2.32.5	9/7/2025 04:44:42 PM	User Agent python-requests/2.32.5
68763	94.229.237.204	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	9/7/2025 03:50:00 PM	Tried to access http ip directly.
68762	104.152.52.202	curl/7.61.1	9/7/2025 03:37:04 PM	Tried to access http ip directly.
68761	167.99.57.242	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36	9/7/2025 02:14:05 PM	Tried to access http ip directly.
68760	45.134.140.234	Opera/8.01 (Windows NT 5.1; U; pl)	9/7/2025 01:25:21 PM	Tried to access http ip directly.
68759	40.124.175.26	Mozilla/5.0 zgrab/0.x	9/7/2025 01:00:50 PM	User Agent Mozilla/5.0 zgrab/0.x
68758	148.113.212.55	Mozilla/5.0 (compatible; ModatScanner/1.1; +https://modat.io/)	9/7/2025 11:48:56 AM	Tried to access http ip directly.
68757	43.166.130.123	Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1	9/7/2025 10:56:04 AM	Tried to access http ip directly.
68756	172.96.169.2	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	9/7/2025 10:46:14 AM	Tried to access http ip directly.
68755	176.65.148.43	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.3	9/7/2025 09:59:42 AM	Evil 404 .env (AWS vulnerability)
68754	18.97.26.61	Mozilla/5.0 (Windows NT 6.2;en-US) AppleWebKit/537.32.36 (KHTML, live Gecko) Chrome/60.0.3010.86 Safari/537.32	9/7/2025 09:01:36 AM	Tried to access http ip directly.
68753	93.123.109.41	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:138.0) Gecko/20100101 Firefox/138.0	9/7/2025 08:12:23 AM	Tried to access http ip directly.
68752	164.92.213.69	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/7/2025 07:25:58 AM	Evil 404 .env (AWS vulnerability)
68751	43.157.98.187	Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1	9/7/2025 06:05:02 AM	Tried to access http ip directly.
68750	176.118.43.234	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	9/7/2025 04:38:33 AM	Tried to access http ip directly.
68749	20.64.105.88	Mozilla/5.0 zgrab/0.x	9/7/2025 02:31:26 AM	User Agent Mozilla/5.0 zgrab/0.x
68748	13.86.115.97	Mozilla/5.0 zgrab/0.x	9/7/2025 01:54:14 AM	Tried to access http ip directly.
68747	79.194.244.93	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	9/7/2025 01:07:43 AM	Tried to access http ip directly.