Ban Hackers

Back in the day, hackers were unemployed or unemployable programmers or teenagers with nothing to do.
Now days, it's criminal organizations and Programmers (with a capital P) with masters degrees hired by foreign (and not so foreign) governments to hack into every server they can find. They even try to scan every possible IP address for web servers. When they find one, somebody later tries to hack it.
So, I set up a website for them to visit. It says Coming Soon.
Then, it records their IP Address and bans it from the server with iptables. It also adds their IP Address and User Agent string to the database.

Here are the IP addresses I've banned over the last week:

BannedID	IP	User Agent String	Date Hacked	Banned Reason
69026	66.132.153.121	Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)	9/15/2025 08:29:32 PM	Tried to access http ip directly.
69025	143.110.164.219	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/15/2025 06:59:49 PM	Evil 404 .env (AWS vulnerability)
69024	163.53.83.165	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	9/15/2025 06:45:15 PM	Tried to access http ip directly.
69023	192.210.160.141	libredtail-http	9/15/2025 06:00:36 PM	Tried to access http ip directly.
69022	36.88.6.203	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	9/15/2025 03:17:45 PM	Tried to access http ip directly.
69021	193.36.224.247	Go-http-client/1.1	9/15/2025 09:08:01 AM	Evil 404 /wp-content/style.php
69020	172.178.83.199	Mozilla/5.0 zgrab/0.x	9/15/2025 08:27:42 AM	User Agent Mozilla/5.0 zgrab/0.x
69019	38.110.46.239	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.3	9/15/2025 08:13:29 AM	Tried to access http ip directly.
69018	159.65.201.158	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	9/15/2025 07:36:58 AM	Tried to access http ip directly.
69017	64.227.175.243	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/15/2025 07:32:54 AM	Evil 404 .env (AWS vulnerability)
69016	109.120.150.64		9/15/2025 04:17:11 AM	Tried to log in as root with no password.
69015	170.106.35.137	Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1	9/15/2025 02:38:16 AM	Tried to access http ip directly.
69014	20.64.105.124	Mozilla/5.0 zgrab/0.x	9/15/2025 01:56:06 AM	User Agent Mozilla/5.0 zgrab/0.x
69013	176.123.225.43	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	9/15/2025 01:25:32 AM	Tried to access http ip directly.
69012	15.236.39.25	Mozilla/5.0 (Windows; U; MSIE 6.1; Windows NT 6.3; .NET CLR 1.1.22664; Win64; x64)	9/15/2025 01:18:24 AM	Tried to access http ip directly.
69011	94.156.232.40	Mozilla/5.0 (Macintosh: Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15	9/15/2025 12:12:43 AM	Evil 404 .env (AWS vulnerability)
69010	135.119.96.68	Mozilla/5.0 zgrab/0.x	9/15/2025 12:07:47 AM	User Agent Mozilla/5.0 zgrab/0.x
69009	188.166.189.122	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36	9/14/2025 10:40:14 PM	Evil 404 /wp-includes/wlwmanifest.xml
69008	216.24.219.96	Go-http-client/1.1	9/14/2025 10:10:36 PM	Evil 404 /wp-content/style.php
69007	18.234.127.249	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	9/14/2025 08:39:13 PM	Tried to access http ip directly.
69006	84.247.144.217	python-requests/2.27.1	9/14/2025 07:46:26 PM	User Agent python-requests/2.27.1
69005	68.183.229.60	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/14/2025 06:41:33 PM	Evil 404 .env (AWS vulnerability)
69004	216.180.246.192	'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)'	9/14/2025 06:08:05 PM	Tried to access http ip directly.
69003	162.216.150.228	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	9/14/2025 06:01:50 PM	Tried to access http ip directly.
69002	45.142.193.144	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46	9/14/2025 04:44:35 PM	Tried to access http ip directly.
69001	41.215.88.73	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	9/14/2025 04:23:54 PM	Tried to access http ip directly.
69000	78.128.114.62	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46	9/14/2025 03:20:49 PM	Tried to access http ip directly.
68999	147.185.132.57	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	9/14/2025 03:19:41 PM	Tried to access http ip directly.
68998	35.216.163.139	abuse.xmco.fr	9/14/2025 02:52:56 PM	Tried to access http ip directly.
68997	78.153.140.123	Mozilla/5.0 (X11; CrOS x86_64 8350.68.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	9/14/2025 02:01:06 PM	Evil 404 .env (AWS vulnerability)
68996	35.233.68.216	python-requests/2.32.4	9/14/2025 12:19:11 PM	Tried to access http ip directly.
68995	34.116.170.75	Mozilla/5.0 (iPhone13,2; U; CPU iPhone OS 14_0 like Mac OS X) AppleWebKit/602.1.50 (KHTML, like Gecko) Version/10.0 Mobile/15E148 Safari/602.1	9/14/2025 11:43:37 AM	Tried to access http ip directly.
68994	13.86.112.154	Mozilla/5.0 zgrab/0.x	9/14/2025 11:34:13 AM	User Agent Mozilla/5.0 zgrab/0.x
68993	34.207.177.41	Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0	9/14/2025 11:19:25 AM	Evil 404 .env (AWS vulnerability)
68992	104.152.52.231	curl/7.61.1	9/14/2025 10:19:18 AM	Tried to access http ip directly.
68991	64.227.160.48	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36	9/14/2025 09:38:45 AM	Tried to access http ip directly.
68990	45.88.186.32	Mozilla/5.0 (bang2012@protonmail.com)	9/14/2025 08:38:38 AM	Evil 404 /cgi-bin/luci/;stok=/locale?form=country&operation
68989	102.129.252.185	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36	9/14/2025 08:27:02 AM	Evil 404 /wp-includes/ID3/license.txt
68988	138.68.19.176	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/14/2025 08:13:04 AM	Evil 404 .env (AWS vulnerability)
68987	156.228.0.171	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36	9/14/2025 08:07:42 AM	Evil 404 /cgi-bin/weblogin.cgi
68986	20.65.193.170	Mozilla/5.0 zgrab/0.x	9/14/2025 07:45:57 AM	User Agent Mozilla/5.0 zgrab/0.x
68985	45.153.34.242	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46	9/14/2025 07:03:15 AM	Tried to access http ip directly.
68984	165.154.179.204		9/14/2025 03:38:44 AM	Tried to log in as root with no password.
68983	185.65.134.208	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36	9/14/2025 02:52:18 AM	Evil 404 .env (AWS vulnerability)
68982	164.92.219.121	Mozilla/5.0 (X11; Linux x86_64; rv:137.0) Gecko/20100101 Firefox/137.0	9/14/2025 01:42:09 AM	Tried to access http ip directly.
68981	159.223.128.233	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	9/14/2025 01:17:13 AM	Tried to access http ip directly.
68980	162.216.149.170	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	9/13/2025 10:04:22 PM	Tried to access http ip directly.
68979	46.98.128.239	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	9/13/2025 09:31:27 PM	Tried to access http ip directly.
68978	142.93.36.79	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/13/2025 06:32:03 PM	Evil 404 .env (AWS vulnerability)
68977	52.71.253.212	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	9/13/2025 04:47:49 PM	Tried to access http ip directly.
68976	185.93.89.60	Go-http-client/1.1	9/13/2025 01:37:22 PM	Evil 404 .env (AWS vulnerability)
68975	185.93.89.60	Go-http-client/1.1	9/13/2025 01:37:22 PM	Evil 404 .env (AWS vulnerability)
68974	69.5.7.86	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0	9/13/2025 01:27:35 PM	Evil 404 /boaform/admin/formLogin
68973	135.237.126.202	Mozilla/5.0 zgrab/0.x	9/13/2025 12:56:28 PM	User Agent Mozilla/5.0 zgrab/0.x
68972	165.22.61.231	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/13/2025 06:34:55 AM	Evil 404 .env (AWS vulnerability)
68971	185.107.44.224	libredtail-http	9/13/2025 05:58:29 AM	Tried to access http ip directly.
68970	222.112.53.206	curl/7.88.1	9/13/2025 04:24:42 AM	Tried to access http ip directly.
68969	23.95.184.98	Mozilla/5.0	9/13/2025 04:14:17 AM	Tried to access http ip directly.
68968	147.185.132.236	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	9/13/2025 03:11:54 AM	Tried to access http ip directly.
68967	216.180.246.165	'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)'	9/13/2025 01:12:28 AM	Tried to access http ip directly.
68966	45.156.130.31	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36	9/13/2025 12:41:46 AM	Tried to access http ip directly.
68965	2.57.122.112	curl/7.68.0	9/12/2025 10:37:35 PM	User Agent curl/7.68.0
68964	44.246.199.121	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36	9/12/2025 10:31:32 PM	Tried to access http ip directly.
68963	104.167.222.134	python-requests/2.28.1	9/12/2025 09:10:37 PM	User Agent python-requests/2.28.1
68962	205.169.39.11	Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36	9/12/2025 08:47:16 PM	Tried to access http ip directly.
68961	46.101.238.25	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/12/2025 06:15:46 PM	Evil 404 .env (AWS vulnerability)
68960	161.35.147.65	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	9/12/2025 05:21:34 PM	Tried to access http ip directly.
68959	20.29.24.90	Mozilla/5.0 zgrab/0.x	9/12/2025 02:27:09 PM	User Agent Mozilla/5.0 zgrab/0.x
68958	44.203.55.222	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	9/12/2025 01:40:11 PM	Tried to access http ip directly.
68957	114.37.117.226	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	9/12/2025 11:58:05 AM	Tried to access http ip directly.
68956	167.99.93.212	Mozilla/5.0 zgrab/0.x	9/12/2025 11:29:48 AM	User Agent Mozilla/5.0 zgrab/0.x
68955	91.184.95.206	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	9/12/2025 11:10:39 AM	Tried to access http ip directly.
68954	91.184.95.206	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	9/12/2025 11:10:39 AM	Tried to access http ip directly.
68953	165.154.217.223	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36	9/12/2025 10:35:52 AM	Evil 404 .env (AWS vulnerability)
68952	157.10.186.119	libredtail-http	9/12/2025 09:08:35 AM	Tried to access http ip directly.
68951	83.242.233.52	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	9/12/2025 08:32:02 AM	Tried to access http ip directly.
68950	143.110.191.82	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/12/2025 07:08:17 AM	Evil 404 .env (AWS vulnerability)
68949	111.247.1.139	libredtail-http	9/12/2025 06:09:16 AM	Tried to access http ip directly.
68948	47.85.0.193	libredtail-http	9/12/2025 05:16:21 AM	Tried to access http ip directly.
68947	216.180.246.98	'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)'	9/12/2025 04:25:18 AM	Tried to access http ip directly.
68946	165.22.72.144	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0	9/12/2025 03:06:38 AM	Tried to access http ip directly.
68945	162.216.150.73	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	9/12/2025 02:54:24 AM	Tried to access http ip directly.
68944	141.98.11.152	Go-http-client/1.1	9/12/2025 02:39:54 AM	Evil 404 .env (AWS vulnerability)
68943	35.205.129.113	python-requests/2.32.4	9/12/2025 02:18:28 AM	Tried to access http ip directly.
68942	168.126.112.150	libredtail-http	9/12/2025 01:41:04 AM	Tried to access http ip directly.
68941	176.58.105.230	Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20100101 Firefox/8.0	9/11/2025 11:58:08 PM	Tried to access http ip directly.
68940	202.154.55.69	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	9/11/2025 11:54:19 PM	Tried to access http ip directly.
68939	159.89.198.71	Mozilla/5.0 (X11; Linux x86_64)	9/11/2025 11:45:54 PM	Evil 404 .env (AWS vulnerability)
68938	159.89.198.71	Mozilla/5.0 (X11; Linux x86_64)	9/11/2025 11:45:54 PM	Evil 404 .env (AWS vulnerability)
68937	20.65.193.159	Mozilla/5.0 zgrab/0.x	9/11/2025 11:39:09 PM	Tried to access http ip directly.
68936	196.251.69.32	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0	9/11/2025 11:37:04 PM	Evil 404 .env (AWS vulnerability)
68935	45.67.138.250	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.3.1 Safari/605.1.15	9/11/2025 10:32:12 PM	Tried to access http ip directly.
68934	40.124.184.27	Mozilla/5.0 zgrab/0.x	9/11/2025 08:57:23 PM	User Agent Mozilla/5.0 zgrab/0.x
68933	78.128.113.2	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0	9/11/2025 08:33:24 PM	Tried to access http ip directly.
68932	54.221.187.42	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	9/11/2025 08:24:13 PM	Tried to access http ip directly.
68931	147.185.132.48	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	9/11/2025 07:04:11 PM	Tried to access http ip directly.
68930	167.172.81.17	Mozilla/5.0 (iPad; CPU OS 8_4 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Mobile/12H143	9/11/2025 07:03:42 PM	Tried to access http ip directly.
68929	137.184.125.220	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/11/2025 06:12:30 PM	Evil 404 .env (AWS vulnerability)
68928	147.185.132.213	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	9/11/2025 04:09:26 PM	Tried to access http ip directly.
68927	80.210.26.80	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7	9/11/2025 02:59:36 PM	Tried to access http ip directly.
68926	159.65.136.3	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36	9/11/2025 01:35:58 PM	Evil 404 /wp-includes/ID3/license.txt
68925	162.243.211.116	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	9/11/2025 12:03:41 PM	Tried to access http ip directly.
68924	15.223.240.17	l9tcpid/v1.1.0	9/11/2025 11:04:23 AM	Tried to access http ip directly.
68923	18.61.78.179	l9tcpid/v1.1.0	9/11/2025 11:03:11 AM	Tried to access http ip directly.
68922	98.130.60.103	l9tcpid/v1.1.0	9/11/2025 10:58:30 AM	Tried to access http ip directly.
68921	3.96.168.145	l9tcpid/v1.1.0	9/11/2025 10:56:28 AM	Tried to access http ip directly.
68920	162.55.212.128	libredtail-http	9/11/2025 10:50:37 AM	Tried to access http ip directly.
68919	35.183.134.118	l9tcpid/v1.1.0	9/11/2025 10:25:38 AM	Tried to access http ip directly.
68918	89.36.78.122	masscan/1.0 (https://github.com/robertdavidgraham/masscan)	9/11/2025 10:01:12 AM	Tried to access http ip directly.
68917	3.99.46.229	l9tcpid/v1.1.0	9/11/2025 09:58:03 AM	Tried to access http ip directly.
68916	3.96.140.188	l9tcpid/v1.1.0	9/11/2025 09:21:20 AM	Tried to access http ip directly.
68915	216.180.246.179	'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)'	9/11/2025 09:19:09 AM	Tried to access http ip directly.
68914	98.130.143.236	l9tcpid/v1.1.0	9/11/2025 08:34:36 AM	Tried to access http ip directly.
68913	3.96.48.139	l9tcpid/v1.1.0	9/11/2025 08:31:08 AM	Tried to access http ip directly.
68912	35.181.65.167	l9tcpid/v1.1.0	9/11/2025 08:22:30 AM	Tried to access http ip directly.
68911	15.168.13.153	l9tcpid/v1.1.0	9/11/2025 08:15:43 AM	Tried to access http ip directly.
68910	15.168.12.109	l9tcpid/v1.1.0	9/11/2025 08:12:50 AM	Tried to access http ip directly.
68909	3.96.210.41	l9tcpid/v1.1.0	9/11/2025 08:12:09 AM	Tried to access http ip directly.
68908	16.52.92.122	l9tcpid/v1.1.0	9/11/2025 08:11:08 AM	Tried to access http ip directly.
68907	18.60.217.49	l9tcpid/v1.1.0	9/11/2025 08:08:19 AM	Tried to access http ip directly.
68906	98.130.120.187	l9tcpid/v1.1.0	9/11/2025 08:06:59 AM	Tried to access http ip directly.
68905	35.245.23.181	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36	9/11/2025 08:06:40 AM	Evil 404 /wp-includes/js/jquery/jquery.js
68904	3.99.33.88	l9tcpid/v1.1.0	9/11/2025 07:59:14 AM	Tried to access http ip directly.
68903	209.38.98.22	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/11/2025 07:56:16 AM	Evil 404 .env (AWS vulnerability)
68902	15.156.63.229	l9tcpid/v1.1.0	9/11/2025 07:41:11 AM	Tried to access http ip directly.
68901	35.182.17.24	l9tcpid/v1.1.0	9/11/2025 07:12:04 AM	Tried to access http ip directly.
68900	98.130.129.37	l9tcpid/v1.1.0	9/11/2025 06:53:06 AM	Tried to access http ip directly.
68899	91.196.152.218	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:134.0) Gecko/20100101 Firefox/134.0	9/11/2025 06:46:12 AM	Tried to access http ip directly.
68898	18.61.230.159	l9tcpid/v1.1.0	9/11/2025 06:45:47 AM	Tried to access http ip directly.
68897	35.182.253.139	l9tcpid/v1.1.0	9/11/2025 06:40:39 AM	Tried to access http ip directly.
68896	15.223.3.4	l9tcpid/v1.1.0	9/11/2025 06:25:56 AM	Tried to access http ip directly.
68895	5.237.3.1	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36	9/11/2025 06:25:22 AM	Tried to access http ip directly.
68894	3.96.183.210	l9tcpid/v1.1.0	9/11/2025 06:24:36 AM	Tried to access http ip directly.
68893	35.182.141.39	l9tcpid/v1.1.0	9/11/2025 06:18:37 AM	Tried to access http ip directly.
68892	98.130.56.76	l9tcpid/v1.1.0	9/11/2025 06:09:57 AM	Tried to access http ip directly.
68891	35.183.45.28	l9tcpid/v1.1.0	9/11/2025 06:03:53 AM	Tried to access http ip directly.
68890	13.89.124.213	Mozilla/5.0 zgrab/0.x	9/11/2025 05:54:28 AM	User Agent Mozilla/5.0 zgrab/0.x
68889	15.223.119.210	l9tcpid/v1.1.0	9/11/2025 05:23:23 AM	Tried to access http ip directly.
68888	34.140.92.201	python-requests/2.32.4	9/11/2025 04:49:12 AM	Tried to access http ip directly.
68887	43.203.117.241	l9tcpid/v1.1.0	9/11/2025 04:46:40 AM	Tried to access http ip directly.
68886	101.32.49.171	Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1	9/11/2025 04:28:05 AM	Tried to access http ip directly.
68885	15.223.226.7	l9tcpid/v1.1.0	9/11/2025 04:09:44 AM	Tried to access http ip directly.
68884	18.61.84.132	l9tcpid/v1.1.0	9/11/2025 04:09:20 AM	Tried to access http ip directly.
68883	35.183.105.49	l9tcpid/v1.1.0	9/11/2025 04:01:28 AM	Tried to access http ip directly.
68882	3.39.25.155	l9tcpid/v1.1.0	9/11/2025 03:55:50 AM	Tried to access http ip directly.
68881	15.164.163.58	l9tcpid/v1.1.0	9/11/2025 03:49:45 AM	Tried to access http ip directly.
68880	98.130.143.187	l9tcpid/v1.1.0	9/11/2025 03:32:59 AM	Tried to access http ip directly.
68879	18.61.226.85	l9tcpid/v1.1.0	9/11/2025 03:18:10 AM	Tried to access http ip directly.
68878	35.183.125.15	l9tcpid/v1.1.0	9/11/2025 03:10:18 AM	Tried to access http ip directly.
68877	16.52.148.62	l9tcpid/v1.1.0	9/11/2025 03:07:52 AM	Tried to access http ip directly.
68876	16.52.34.51	l9tcpid/v1.1.0	9/11/2025 03:04:45 AM	Tried to access http ip directly.
68875	20.65.194.58	Mozilla/5.0 zgrab/0.x	9/11/2025 02:30:33 AM	User Agent Mozilla/5.0 zgrab/0.x
68874	15.156.204.153	l9tcpid/v1.1.0	9/11/2025 02:23:59 AM	Tried to access http ip directly.
68873	18.60.48.97	l9tcpid/v1.1.0	9/11/2025 02:20:32 AM	Tried to access http ip directly.
68872	15.222.24.184	l9tcpid/v1.1.0	9/11/2025 01:51:28 AM	Tried to access http ip directly.
68871	195.184.76.215	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:134.0) Gecko/20100101 Firefox/134.0	9/11/2025 01:50:15 AM	Tried to access http ip directly.
68870	15.223.92.146	l9tcpid/v1.1.0	9/11/2025 01:36:42 AM	Tried to access http ip directly.
68869	35.183.137.198	l9tcpid/v1.1.0	9/11/2025 01:32:53 AM	Tried to access http ip directly.
68868	35.245.158.50	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36	9/11/2025 01:09:54 AM	Evil 404 /wp-includes/js/jquery/jquery.js
68867	16.52.162.213	l9tcpid/v1.1.0	9/11/2025 01:09:04 AM	Tried to access http ip directly.
68866	99.79.47.128	l9tcpid/v1.1.0	9/11/2025 12:50:28 AM	Tried to access http ip directly.
68865	3.38.145.253	l9tcpid/v1.1.0	9/11/2025 12:43:26 AM	Tried to access http ip directly.
68864	34.79.62.169	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36	9/11/2025 12:19:38 AM	Evil 404 /wp-includes/js/jquery/jquery.js
68863	52.78.192.211	l9tcpid/v1.1.0	9/11/2025 12:17:29 AM	Tried to access http ip directly.
68862	98.130.59.123	l9tcpid/v1.1.0	9/10/2025 11:49:06 PM	Tried to access http ip directly.
68861	35.203.210.100	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	9/10/2025 11:43:34 PM	Tried to access http ip directly.
68860	35.182.225.68	l9tcpid/v1.1.0	9/10/2025 11:42:51 PM	Tried to access http ip directly.
68859	144.172.104.19	Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36	9/10/2025 11:42:06 PM	Evil 404 /wp-admin/network/index.php
68858	15.223.33.170	l9tcpid/v1.1.0	9/10/2025 11:41:10 PM	Tried to access http ip directly.
68857	18.61.25.253	l9tcpid/v1.1.0	9/10/2025 11:39:04 PM	Tried to access http ip directly.
68856	172.236.228.111	Mozilla/5.0 (Macintosh; Intel Mac OS X 13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	9/10/2025 11:36:55 PM	Tried to access http ip directly.
68855	40.192.27.144	l9tcpid/v1.1.0	9/10/2025 11:33:04 PM	Tried to access http ip directly.
68854	15.156.69.58	l9tcpid/v1.1.0	9/10/2025 11:32:31 PM	Tried to access http ip directly.
68853	18.60.247.66	l9tcpid/v1.1.0	9/10/2025 11:25:24 PM	Tried to access http ip directly.
68852	18.60.60.165	l9tcpid/v1.1.0	9/10/2025 11:25:20 PM	Tried to access http ip directly.
68851	34.77.35.25	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36	9/10/2025 11:04:54 PM	Evil 404 /wp-includes/js/jquery/jquery.js
68850	3.98.67.46	l9tcpid/v1.1.0	9/10/2025 10:57:49 PM	Tried to access http ip directly.
68849	18.61.28.167	l9tcpid/v1.1.0	9/10/2025 10:53:07 PM	Tried to access http ip directly.
68848	15.222.253.80	l9tcpid/v1.1.0	9/10/2025 10:44:08 PM	Tried to access http ip directly.
68847	35.183.6.233	l9tcpid/v1.1.0	9/10/2025 10:43:29 PM	Tried to access http ip directly.
68846	35.182.158.100	l9tcpid/v1.1.0	9/10/2025 10:40:42 PM	Tried to access http ip directly.
68845	18.60.53.39	l9tcpid/v1.1.0	9/10/2025 10:24:42 PM	Tried to access http ip directly.
68844	16.112.19.219	l9tcpid/v1.1.0	9/10/2025 09:51:28 PM	Tried to access http ip directly.
68843	18.60.110.45	l9tcpid/v1.1.0	9/10/2025 09:47:26 PM	Tried to access http ip directly.
68842	18.60.47.59	l9tcpid/v1.1.0	9/10/2025 09:02:23 PM	Tried to access http ip directly.
68841	18.61.29.13	l9tcpid/v1.1.0	9/10/2025 08:52:02 PM	Tried to access http ip directly.
68840	193.24.123.88	ivre-masscan/1.3 https://github.com/robertdavidgraham/	9/10/2025 08:34:17 PM	Tried to access http ip directly.
68839	13.38.219.58	l9tcpid/v1.1.0	9/10/2025 08:27:28 PM	Tried to access http ip directly.
68838	18.61.2.76	l9tcpid/v1.1.0	9/10/2025 08:16:22 PM	Tried to access http ip directly.
68837	161.35.28.209	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36	9/10/2025 08:12:13 PM	Tried to access http ip directly.
68836	18.60.255.46	l9tcpid/v1.1.0	9/10/2025 07:54:16 PM	Tried to access http ip directly.
68835	137.184.99.120	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/10/2025 07:52:06 PM	Evil 404 .env (AWS vulnerability)
68834	18.60.204.117	l9tcpid/v1.1.0	9/10/2025 07:22:57 PM	Tried to access http ip directly.
68833	18.60.57.179	l9tcpid/v1.1.0	9/10/2025 07:19:34 PM	Tried to access http ip directly.
68832	18.206.199.56	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	9/10/2025 07:11:42 PM	Tried to access http ip directly.
68831	131.108.197.230	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7	9/10/2025 07:03:15 PM	Tried to access http ip directly.
68830	98.130.142.253	l9tcpid/v1.1.0	9/10/2025 06:59:23 PM	Tried to access http ip directly.
68829	98.130.129.5	l9tcpid/v1.1.0	9/10/2025 06:54:27 PM	Tried to access http ip directly.
68828	135.119.96.82	Mozilla/5.0 zgrab/0.x	9/10/2025 06:29:08 PM	Tried to access http ip directly.
68827	18.60.115.7	l9tcpid/v1.1.0	9/10/2025 05:49:26 PM	Tried to access http ip directly.
68826	18.60.144.178	l9tcpid/v1.1.0	9/10/2025 05:36:05 PM	Tried to access http ip directly.
68825	20.221.56.85	Mozilla/5.0 zgrab/0.x	9/10/2025 05:21:18 PM	User Agent Mozilla/5.0 zgrab/0.x
68824	18.61.156.44	l9tcpid/v1.1.0	9/10/2025 05:10:07 PM	Tried to access http ip directly.
68823	196.251.69.55	Mozilla/5.0	9/10/2025 04:01:56 PM	Evil 404 /wp-login.php
68822	165.227.38.1	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	9/10/2025 08:46:18 AM	Tried to access http ip directly.
68821	164.90.221.194	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/10/2025 06:27:17 AM	Evil 404 .env (AWS vulnerability)
68820	20.29.49.134	Mozilla/5.0 zgrab/0.x	9/10/2025 06:04:58 AM	User Agent Mozilla/5.0 zgrab/0.x
68819	35.195.226.12	python-requests/2.32.4	9/10/2025 05:37:37 AM	Tried to access http ip directly.
68818	216.180.246.173	'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)'	9/10/2025 03:10:57 AM	Tried to access http ip directly.
68817	162.216.150.67	Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity	9/10/2025 03:04:24 AM	Tried to access http ip directly.
68816	216.180.246.181	'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)'	9/10/2025 02:27:50 AM	Tried to access http ip directly.
68815	196.251.84.66	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46	9/10/2025 01:24:26 AM	Tried to access http ip directly.
68814	78.128.113.59	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0	9/10/2025 12:11:48 AM	Tried to access http ip directly.
68813	74.235.104.219	Mozilla/5.0 zgrab/0.x	9/9/2025 11:43:01 PM	User Agent Mozilla/5.0 zgrab/0.x
68812	91.105.18.1	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36	9/9/2025 08:53:52 PM	Tried to access http ip directly.
68811	46.101.125.252	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/9/2025 07:44:03 PM	Evil 404 .env (AWS vulnerability)
68810	223.167.169.68	Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36	9/9/2025 07:12:32 PM	Tried to access http ip directly.
68809	100.25.216.250	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	9/9/2025 06:53:18 PM	Tried to access http ip directly.
68808	23.225.178.154	masscan/1.0 (https://github.com/robertdavidgraham/masscan)	9/9/2025 04:32:59 PM	Tried to access http ip directly.
68807	68.235.46.45	python-requests/2.32.3	9/9/2025 02:43:20 PM	User Agent python-requests/2.32.3
68806	220.248.224.228	ivre-masscan/1.3 https://github.com/robertdavidgraham/	9/9/2025 12:04:30 PM	Tried to access http ip directly.
68805	61.72.67.30	curl/7.88.1	9/9/2025 10:04:14 AM	Tried to access http ip directly.
68804	207.244.238.24	Python-urllib/3.8	9/9/2025 07:48:54 AM	Tried to access http ip directly.
68803	41.205.90.51	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7	9/9/2025 06:54:49 AM	Tried to access http ip directly.
68802	134.122.20.41		9/9/2025 06:22:34 AM	Tried to log in as root with no password.
68801	206.189.20.193	Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about);	9/9/2025 06:13:05 AM	Evil 404 .env (AWS vulnerability)
68800	81.17.20.98	Python-urllib/2.5	9/9/2025 06:03:56 AM	User Agent Python-urllib/2.5
68799	35.222.106.164	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36	9/9/2025 04:21:10 AM	Evil 404 /wp-includes/wlwmanifest.xml
68798	180.149.126.3	Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36	9/9/2025 04:19:46 AM	Tried to access http ip directly.
68797	192.241.154.229	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36	9/9/2025 03:53:18 AM	Tried to access http ip directly.
68796	216.180.246.191	'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)'	9/9/2025 01:54:34 AM	Tried to access http ip directly.
68795	64.62.156.182	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0	9/9/2025 01:28:09 AM	Tried to access http ip directly.
68794	118.191.0.204	libredtail-http	9/8/2025 10:26:12 PM	Tried to access http ip directly.