- Tipps für sichere Homepage für jeden.

Hacker Protokoll Juli 2025

Das Hacker Protokoll Juli 2025

Dieses Hacker Protokoll Juli 2025 ist nicht mehr so umfangreich, da wir ja nicht jeden Zugriff dieser Hacker-Idioten posten. Trotzdem immer wieder diese unermüdlichen Login Idioten und Amateur Hacker, die es wieder und immer wieder versuchen, trotz einem 403, eine Homepage zu hacken.

Es wird bestimmt auch jeden „braven“ Besucher hier bestimmt amüsieren, denn hier findet man die Auszug von gewissen Taugenixe mit ihren lächerlichen und armseeligen Versuchen, um eine Homepage zu übernehmen bzw. zu hacken.

Dieses Hacker Protokoll Juli 2025 soll ebenfalls so einige Hosting-Provider und Provider für Cloud´s endlich mal wachrütteln, damit sie ENDLICH die Webspaces ihrer Kunden besser vor diesen ganzen Login- und Hacker-Müll schützen!!! Viele Mails an Abuse der jeweiligen verantwortlichen Provider wurden geschrieben. Oft kam nur Blabla aber es ändert sich absolut NICHTS!

Somit hier nun das Protokoll vom Juli. Man bedenke, die jeweiligen Tabellen sind immer nur ein ganz kleiner Auszug von dem, was da wirklich über den ganzen Tag auf den bestroffenen Websites versucht wurde. Zum Schutz der betroffenen Domains wurden diese ausgeschwärzt oder mit Stern (*) versehen.

WICHTIG! Wir posten nur noch etwas, das besonders auffällt oder eben besonders amüsant ist. Die meisten der Hacker-Idioten bekommen eh nur noch ein 403 oder eben ein 302! Wer auch hier gesperrt ist, landet mit seinem „Scheiss“ dann da, wo er hingehört, nämlich beim Klopapier! *LOL*

Protokoll-Auszüge ab 31.07.25 – TOP-PROVIDER und absolut fragwürdige Provider!

EIN ABSOLUT VORBILDLICHER PROVIDER:

AS214640 – Hostup AB – TOP! Antwortet sehr schnell, gibt Information über geschlossene Sicherheitslücke – VORBILDLICH!
noc@hostup.se
206.168.213.189 website*1.com – – [31/Jul/2025:07:41:58 +0200] „POST /wp-login.php HTTP/1.0“ 302 20 „http://irmsecure.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 Firefox/128.0“

Ein für uns sehr fragwürdiger und UNSICHERER PROVIDER – Täglich wiederkehrende Hacker-Idioten! ALIBABA ist absolut unerwünscht und komplett gesperrt:

AS37963 – Hangzhou Alibaba Advertising Co.,Ltd.
abuse@alibaba-inc.com
8.134.130.210 website*1.com – – [31/Jul/2025:07:29:46 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „https://irmsecure.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 Firefox/128.0“

Absolut IGNORANTER und UNSICHERER PROVIDER. Hacking-Versuche über gleiche IP gehen immer weiter! TENCENT ist absolut unerwünscht und komplett gesperrt:

AS132203 – Tencent Building, Kejizhongyi Avenue
qcloud_net_duty@tencent.com
43.156.242.13 website*1.de – – [31/Jul/2025:09:28:31 +0200] „GET /ss.php?f_c=1 HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36“

Auch andere, wie z.B. Abuseipdb haben da bzgl. TENCENT unzählige Abuse-Meldungen!

Info bzgl. unserer Abuse-Mails vom Wochenende sowie zweite Abuse-Mail vom 29.07.2025!

Diese 3 für uns jetzt sehr fragwürdige Provider, dessen Netzwerke sind jetzt über unser Security-Tool auf SEHR VIELEN Websites gesperrt!

Absolut IGNORANTE PROVIDER! KEINE REAKTION auf unsere Abuse-Mails, auch die zweite Abuse-Mail, KEINE ANTWORT… NICHTS!!!

AS9299 – Philippine Long Distance Telephone Company – VERY IGNORANT, VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@pldt.net
2001:4452:48a:6e00:963:cb55:3fae:b319 website*1.com – – [29/Jul/2025:05:59:46 +0200] „POST /xmlrpc.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/13.0.0.0 Safari/537.36“

AS262300 – SUPER CONNECT TELECOM LTDA – VERY IGNORANT, VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
jorge.iwano@gmail.com,betotb@hotmail.com
2804:788:510:1700:d984:89f6:23c:eeb2 website*1.com – – [29/Jul/2025:05:59:47 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 6.3; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/97.0.0.0 Safari/537.36“

AS9329 – Sri Lanka Telecom Internet – VERY IGNORANT, VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@slt.lk
2402:d000:8120:1a80:d51a:38db:e111:18c4 website*1.com – – [29/Jul/2025:05:59:51 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/85.0.0.0 Safari/537.36“

IGNORANZ und/oder ARROGANZ wird bei uns mit Veröffentlichung belohnt!!!

Protokoll-Auszüge ab 26.07.25 – Hier mal so einige der Hacker-Idioten vom Wochenende!

Heute Morgen gingen dann die ABUSE-MAILS an die MIT VERANTWORTLICHEN PROVIDER raus:

Samstag, 10 Abuse-Mails an jeweils 2 bis 4 Provider!
Sonntag, 11 Abuse-Mails an jeweils 2 bis 4 Provider!

Bei den Meldungen sind auch die entsprechenden Bemerkungen aufgeführt denn so einige scheinen das Thema SICHERHEIT nicht wirklich ernst zu nehmen. Auch die IGNORANZ so einger Provider ist absolut NICHT AKZEPTABEL!

Provider, die da untätig bleiben, unterstützen die Hacker-Idioten, dessen sollten sich so einige Provider mal klar sein!

SAMSTAG!

ABUSE-MAIL NR. 1

AS9299 – Philippine Long Distance Telephone Company – VERY IGNORANT, VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@pldt.net
112.201.135.152 website*x.com – – [26/Jul/2025:03:16:26 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/70.0.0.0 Safari/537.36“

AS8075 – Microsoft Corporation – VERY IGNORANT, VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@microsoft.com,msftcs@microsoft.com, azsafety@microsoft.com – Das ONLINE-FORMULAR IST EIN NoGo! Abuse per Emails ist STANDARD!!!
4.216.95.134 website*x.com – – [26/Jul/2025:12:41:05 +0200] „GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.0“ 403 – „-“ „-“
4.216.95.134 website*x.com – – [26/Jul/2025:12:41:05 +0200] „GET /wp-includes/blocks/button/ff2.php HTTP/1.0“ 403 – „-“ „-“
4.216.95.134 website*x.com – – [26/Jul/2025:12:41:06 +0200] „GET /wp-admin/includes/class-wp-filesystem-base.php HTTP/1.0“ 302 – „-“ „-“
4.216.95.134 website*x.com – – [26/Jul/2025:12:41:17 +0200] „GET /wp-content/plugins/wp-file-manager/lib/php/elFinderVolumeFTP.class.php HTTP/1.0“ 403 – „-“ „-“
4.216.95.134 website*x.com – – [26/Jul/2025:12:41:18 +0200] „GET /wp-content/plugins/file-manager-advanced/application/library/php/elFinderVolumeFTP.class.php HTTP/1.0“ 403 – „-“ „-“
4.216.95.134 website*x.com – – [26/Jul/2025:12:41:18 +0200] „GET /amp.php HTTP/1.0“ 302 – „-“ „-“
4.216.95.134 website*x.com – – [26/Jul/2025:12:41:18 +0200] „GET /wp-content/wp-conflg.php HTTP/1.0“ 403 – „-“ „-“
4.216.95.134 website*x.com – – [26/Jul/2025:12:41:19 +0200] „GET /networks.php HTTP/1.0“ 302 – „-“ „-“
4.216.95.134 website*x.com – – [26/Jul/2025:12:41:34 +0200] „GET /wp-includes/images/autoload_classmap.php HTTP/1.0“ 403 – „-“ „-“
4.216.95.134 website*x.com – – [26/Jul/2025:12:41:34 +0200] „GET /wp-includes/images/install.php HTTP/1.0“ 403 – „-“ „-“
4.216.95.134 website*x.com – – [26/Jul/2025:12:41:34 +0200] „GET /wp-includes/images/ORVX-l3B0tq.php HTTP/1.0“ 403 – „-“ „-“
4.216.95.134 website*x.com – – [26/Jul/2025:12:41:34 +0200] „GET /wp-includes/images/brand.php HTTP/1.0“ 403 – „-“ „-“
4.216.95.134 website*x.com – – [26/Jul/2025:12:41:35 +0200] „GET /wp-includes/images/chosen.php HTTP/1.0“ 403 – „-“ „-“
4.216.95.134 website*x.com – – [26/Jul/2025:12:41:35 +0200] „GET /wp-includes/images/mah.php HTTP/1.0“ 403 – „-“ „-“
4.216.95.134 website*x.com – – [26/Jul/2025:12:41:35 +0200] „GET /wp-includes/images/defaults.php/wp-admin/includes/class-wp-filesystem-base.php HTTP/1.0“ 403 – „-“ „-“
4.216.95.134 website*x.com – – [26/Jul/2025:12:41:35 +0200] „GET /buy.php HTTP/1.0“ 403 – „-“ „-“
4.216.95.134 website*x.com – – [26/Jul/2025:12:41:36 +0200] „GET /simple.php HTTP/1.0“ 302 – „-“ „-“
4.216.95.134 website*x.com – – [26/Jul/2025:12:41:51 +0200] „GET /chosen.php HTTP/1.0“ 302 – „-“ „-“
4.216.95.134 website*x.com – – [26/Jul/2025:12:42:06 +0200] „GET /core/includes/includes/includes/includes/includes/includes/includes/cache.php HTTP/1.0“ 403 – „-“ „-“

AS210558 – 1337 Services GmbH – VERY IGNORANT, VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@as210558.net,office@1337-service.de – DAILY REFERRER-SPAM TO THIS DUBIOUS WEBSITE AND THE PROVIDER DOES NOTHING!!!
45.80.158.232 website*x.com – – [26/Jul/2025:10:52:21 +0200] „GET /wp-admin/css/ HTTP/1.0“ 403 – „binance.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36“

ABUSE-MAIL NR. 2

AS8708 – DIGI ROMANIA S.A.
abuse@rcs-rds.ro
82.77.245.187 website*x.com – – [26/Jul/2025:03:55:44 +0200] „POST /xmlrpc.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/14.0.0.0 Safari/537.36“

AS270581 – JET NETWORK TELECOMUNICAÇÃO LTDA – VERY IGNORANT, VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
contato@jetnetwork.com.br,europadino13@icloud.com,gustavo@elevatenetwork.com.br
2804:6e30:ffff:e493:bddc:ee26:31a2:e647 website*x.com – – [26/Jul/2025:03:56:14 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/69.0.0.0 Safari/537.36“

AS140947 – SnTHostings – NO RESPONSE… NOTHING IN OUR ABUSE EMAILS! VERY IGNORANT! – NOW COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@snthostings.com
103.153.182.150 website*x.com – – [26/Jul/2025:04:45:50 +0200] „GET /log-mama/function.php HTTP/1.0“ 403 – „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
103.153.182.150 website*x.com – – [26/Jul/2025:04:45:50 +0200] „GET /bk/index.php HTTP/1.0“ 403 – „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“

AS8075 – Microsoft Corporation – VERY IGNORANT, VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@microsoft.com – – Das ONLINE-FORMULAR IST EIN NoGo! Abuse per Emails ist STANDARD!!!
130.33.61.100 website*x.com – – [26/Jul/2025:06:33:01 +0200] „GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.0“ 403 – „-“ „-“
130.33.61.100 website*x.com – – [26/Jul/2025:06:33:01 +0200] „GET /wp-links.php HTTP/1.0“ 302 – „-“ „-“
130.33.61.100 website*x.com – – [26/Jul/2025:06:33:16 +0200] „GET /lock6.php HTTP/1.0“ 302 – „-“ „-“
130.33.61.100 website*x.com – – [26/Jul/2025:06:33:31 +0200] „GET /abe.php HTTP/1.0“ 302 – „-“ „-“
130.33.61.100 website*x.com – – [26/Jul/2025:06:33:46 +0200] „GET /wp-includes/IXR/about.php HTTP/1.0“ 403 – „-“ „-“
130.33.61.100 website*x.com – – [26/Jul/2025:06:33:47 +0200] „GET /wp-content/plugins/wp-login.php HTTP/1.0“ 403 – „-“ „-“
130.33.61.100 website*x.com – – [26/Jul/2025:06:33:47 +0200] „GET /.well-known/index.php HTTP/1.0“ 403 – „-“ „-“
130.33.61.100 website*x.com – – [26/Jul/2025:06:33:47 +0200] „GET /cgi-bin/admin.phphttps://explorebabel.com/.well-known/acme-challenge/index.php HTTP/1.0“ 403 – „-“ „-“
130.33.61.100 website*x.com – – [26/Jul/2025:06:33:47 +0200] „GET /wp-admin/user/cloud.php HTTP/1.0“ 302 – „-“ „-“
… and so on!!!

ABUSE-MAIL NR. 3

AS214943 – Railnet LLC – VERY IGNORANT, VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@virtualine.org
213.209.143.116 website*x.de – – [26/Jul/2025:03:00:48 +0200] „GET / HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (X11; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0“
213.209.143.116 website*x.de – – [26/Jul/2025:03:00:49 +0200] „GET /.env HTTP/1.0“ 302 – „-“ „Mozilla/5.0“
213.209.143.116 website*x.de – – [26/Jul/2025:03:00:55 +0200] „GET /config.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0“
213.209.143.116 website*x.de – – [26/Jul/2025:03:00:55 +0200] „GET /settings.yaml HTTP/1.0“ 302 – „-“ „Mozilla/5.0“
213.209.143.116 website*x.de – – [26/Jul/2025:03:00:55 +0200] „GET /backup.sql HTTP/1.0“ 302 – „-“ „Mozilla/5.0“
213.209.143.116 website*x.de – – [26/Jul/2025:03:00:56 +0200] „GET /site.bak HTTP/1.0“ 302 – „-“ „Mozilla/5.0“

AS6805 – Telefonica Germany GmbH & Co.OHG – DAILY TRY TO COPY PICURES! – THERE ARE ALSO PICTURES WITH COPYRIGHT! NETWORK IS BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse.de@telefonica.com
176.2.189.207 www.website*x.de – – [26/Jul/2025:03:10:21 +0200] „GET /wp-content/uploads/202X/12/cropped-bildx-180×180.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.2.189.207 www.website*x.de – – [26/Jul/2025:03:10:21 +0200] „GET /wp-content/uploads/202X/05/Icon_bildx_150px.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.2.189.207 www.website*x.de – – [26/Jul/2025:03:10:21 +0200] „GET /wp-content/uploads/202X/12/cropped-bildx-192×192.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.2.189.207 www.website*x.de – – [26/Jul/2025:03:10:21 +0200] „GET /wp-content/uploads/202X/12/cropped-bildx-32×32.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.2.189.207 www.website*x.de – – [26/Jul/2025:03:10:21 +0200] „GET /wp-content/uploads/202X/01/Icon-bildx.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.2.189.207 www.website*x.de – – [26/Jul/2025:03:10:22 +0200] „GET /wp-content/uploads/202X/12/cropped-bildx-270×270.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“

AS199785 – Cloud Hosting Solutions, Limited. – ALSO NOW COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@standart.lv,abuse@chosting.solutions
176.126.103.125 website*x.de – – [26/Jul/2025:04:03:20 +0200] „GET /phpinfo HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
176.126.103.125 website*x.de – – [26/Jul/2025:04:03:20 +0200] „GET /phpinfo.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
176.126.103.125 website*x.de – – [26/Jul/2025:04:03:30 +0200] „GET /test.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
176.126.103.125 website*x.de – – [26/Jul/2025:04:03:40 +0200] „GET /_profiler/phpinfo HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
176.126.103.125 website*x.de – – [26/Jul/2025:04:03:40 +0200] „GET /info.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
176.126.103.125 website*x.de – – [26/Jul/2025:04:03:50 +0200] „GET /php.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
176.126.103.125 website*x.de – – [26/Jul/2025:04:04:00 +0200] „GET /php_info.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
176.126.103.125 website*x.de – – [26/Jul/2025:04:04:10 +0200] „GET /i.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
176.126.103.125 website*x.de – – [26/Jul/2025:04:04:20 +0200] „GET /pi.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
176.126.103.125 website*x.de – – [26/Jul/2025:04:04:30 +0200] „GET /config.phpinfo HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
176.126.103.125 website*x.de – – [26/Jul/2025:04:04:30 +0200] „GET /admin/phpinfo.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
176.126.103.125 website*x.de – – [26/Jul/2025:04:04:30 +0200] „GET /.aws/credentials HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
176.126.103.125 website*x.de – – [26/Jul/2025:04:04:30 +0200] „GET /pinfo.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
176.126.103.125 website*x.de – – [26/Jul/2025:04:04:40 +0200] „GET /phpinfo2.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
176.126.103.125 website*x.de – – [26/Jul/2025:04:04:50 +0200] „GET /php_version.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
176.126.103.125 website*x.de – – [26/Jul/2025:04:05:00 +0200] „GET /version.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
176.126.103.125 website*x.de – – [26/Jul/2025:04:05:10 +0200] „GET /server-info.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
176.126.103.125 website*x.de – – [26/Jul/2025:04:05:20 +0200] „GET /env.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
176.126.103.125 website*x.de – – [26/Jul/2025:04:05:30 +0200] „GET /init.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“

ABUSE-MAIL NR. 4

AS48693 – Rices Privately owned enterprise – VERY IGNORANT, VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@ntup.net
194.145.227.125 website*x.com – – [26/Jul/2025:08:54:43 +0200] „GET /administrator/components/com_maianmedia/utilities/charts/php-ofc-library/ofc_upload_image.php HTTP/1.0“ 403 – „-“ „ALittle Client“

AS56380 – “IT FRUIT“ S.R.L. – VERY IGNORANT, VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@vmbox.cloud,terletskydboss@gmail.com – NO RESPONSE… NOTHING IN OUR ABUSE EMAILS!!!
185.153.199.135 website*x.com – – [26/Jul/2025:09:55:30 +0200] „GET /administrator/components/com_maian15/charts/php-ofc-library/ofc_upload_image.php HTTP/1.0“ 403 – „-“ „ALittle Client“

ABUSE-MAIL NR. 5

AS210558 – 1337 Services GmbH – VERY IGNORANT, VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@as210558.net – DAILY REFERRER-SPAM TO THIS DUBIOUS WEBSITE AND THE PROVIDER DOES NOTHING!!!
45.80.158.232 website*x.com – – [26/Jul/2025:07:46:21 +0200] „GET /wp-admin/css/ HTTP/1.0“ 403 – „binance.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36“

AS24961 – WIIT AG – VERY IGNORANT, DAILY HACKER-IDIOTS! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@myloc.de
89.163.242.76 website*x.com – – [26/Jul/2025:08:15:24 +0200] „GET /thoms.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:08:15:45 +0200] „GET /thoms.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:08:16:20 +0200] „GET /inputs.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:08:16:51 +0200] „GET /inputs.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:08:17:23 +0200] „GET /userfuns.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:08:18:07 +0200] „GET /userfuns.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:08:18:42 +0200] „GET /delpaths.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:08:19:16 +0200] „GET /delpaths.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:08:19:51 +0200] „GET /gdftps.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:08:20:32 +0200] „GET /gdftps.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:08:21:13 +0200] „GET /hplfuns.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:08:21:44 +0200] „GET /hplfuns.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“

AS134761 – CHINANET NINGXIA province ZHONGWEI IDC network – CHINA IS COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
anti-spam@chinatelecom.cn – DAILY REFERRER-SPAM TO THIS DUBIOUS WEBSITE AND THE PROVIDER DOES NOTHING!!!
203.33.203.148 www.website*x.com – – [26/Jul/2025:08:43:52 +0200] „GET / HTTP/1.0“ 403 – „http:// gbnadvisors.com“ „Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1“

AS132203 – Tencent Building, Kejizhongyi Avenue – VERY IGNORANT, VERY UNSECURE! – TENCENT IS COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
qcloud_net_duty@tencent.com – DAILY REFERRER-SPAM TO THIS DUBIOUS WEBSITE AND THE PROVIDER DOES NOTHING!!!
43.164.195.17 www.website*x.com – – [26/Jul/2025:09:10:15 +0200] „GET / HTTP/1.0“ 403 – „http:// gbnadvisors.com“ „Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1“

ABUSE-MAIL NR. 6

AS8075 – Microsoft Corporation – VERY IGNORANT, VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@microsoft.com – Das ONLINE-FORMULAR IST EIN NoGo! Abuse per Emails ist STANDARD!!!
130.33.61.100 website*x.com – – [26/Jul/2025:06:33:01 +0200] „GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.0“ 403 – „-“ „-“
130.33.61.100 website*x.com – – [26/Jul/2025:06:33:01 +0200] „GET /wp-links.php HTTP/1.0“ 302 – „-“ „-“
130.33.61.100 website*x.com – – [26/Jul/2025:06:33:16 +0200] „GET /lock6.php HTTP/1.0“ 302 – „-“ „-“
130.33.61.100 website*x.com – – [26/Jul/2025:06:33:31 +0200] „GET /abe.php HTTP/1.0“ 302 – „-“ „-“
130.33.61.100 website*x.com – – [26/Jul/2025:06:33:46 +0200] „GET /wp-includes/IXR/about.php HTTP/1.0“ 403 – „-“ „-“
130.33.61.100 website*x.com – – [26/Jul/2025:06:33:47 +0200] „GET /wp-content/plugins/wp-login.php HTTP/1.0“ 403 – „-“ „-“
130.33.61.100 website*x.com – – [26/Jul/2025:06:33:47 +0200] „GET /.well-known/index.php HTTP/1.0“ 403 – „-“ „-“
130.33.61.100 website*x.com – – [26/Jul/2025:06:33:47 +0200] „GET /cgi-bin/admin.phphttps://explorebabel.com/.well-known/acme-challenge/index.php HTTP/1.0“ 403 – „-“ „-“
130.33.61.100 website*x.com – – [26/Jul/2025:06:33:47 +0200] „GET /wp-admin/user/cloud.php HTTP/1.0“ 302 – „-“ „-“
… and so on!!!

AS24961 – WIIT AG – VERY IGNORANT, DAILY HACKER-IDIOTS! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@myloc.de
89.163.242.76 website*x.com – – [26/Jul/2025:10:25:16 +0200] „GET /thoms.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:10:26:46 +0200] „GET /thoms.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:10:28:17 +0200] „GET /inputs.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:10:29:52 +0200] „GET /inputs.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:10:31:21 +0200] „GET /userfuns.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:10:32:29 +0200] „GET /userfuns.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:10:33:56 +0200] „GET /delpaths.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:10:35:34 +0200] „GET /delpaths.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:10:37:10 +0200] „GET /gdftps.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:10:38:35 +0200] „GET /gdftps.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:10:40:04 +0200] „GET /hplfuns.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:10:41:34 +0200] „GET /hplfuns.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“

ABUSE-MAIL NR. 7

AS16276 – OVH SAS – OVH AGAIN AND AGAIN EVERY DAY!!!
abuse@ovh.net
145.239.10.137 website*x.com – – [26/Jul/2025:12:09:44 +0200] „GET /contact.php HTTP/1.0“ 302 20 „http://website*x.com/contact.php“ „Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1“
145.239.10.137 website*x.com – – [26/Jul/2025:12:09:44 +0200] „GET /function.php HTTP/1.0“ 302 20 „http://website*x.com/function.php“ „Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1“

AS24961 – WIIT AG – VERY IGNORANT, DAILY HACKER-IDIOTS! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@myloc.de – THIRD ABUSE ON THIS DAY!!! – VERY UNSECURE!!!
89.163.242.76 website*x.com – – [26/Jul/2025:12:12:57 +0200] „GET /thoms.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:12:13:13 +0200] „GET /thoms.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:12:13:31 +0200] „GET /inputs.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:12:13:47 +0200] „GET /inputs.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:12:14:05 +0200] „GET /userfuns.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:12:14:24 +0200] „GET /userfuns.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:12:14:40 +0200] „GET /delpaths.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.163.242.76 website*x.com – – [26/Jul/2025:12:14:57 +0200] „GET /delpaths.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“

AS8075 – Microsoft Corporation – VERY IGNORANT, VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@microsoft.com – Das ONLINE-FORMULAR IST EIN NoGo! Abuse per Emails ist STANDARD!!!
20.18.74.43 website*x.com – – [26/Jul/2025:15:53:23 +0200] „GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.0“ 403 – „-“ „-“
20.18.74.43 website*x.com – – [26/Jul/2025:15:53:24 +0200] „GET /about.php/wp-includes/Text/network.php HTTP/1.0“ 302 – „-“ „-“
20.18.74.43 website*x.com – – [26/Jul/2025:15:53:39 +0200] „GET /wp-admin/js/alfa-rex.php HTTP/1.0“ 302 – „-“ „-“
20.18.74.43 website*x.com – – [26/Jul/2025:15:53:54 +0200] „GET /wp-content/themes/wp-pridmag/lock.php/wp-admin/user/admin.php/wp-content/uploads/json.php HTTP/1.0“ 403 – „-“ „-“
20.18.74.43 website*x.com – – [26/Jul/2025:15:53:54 +0200] „GET /css/item.php HTTP/1.0“ 403 – „-“ „-“
20.18.74.43 website*x.com – – [26/Jul/2025:15:53:54 +0200] „GET /.well-known/acme-challenge/plugins.php/wp-includes/certificates/plugins.php HTTP/1.0“ 403 – „-“ „-“
20.18.74.43 website*x.com – – [26/Jul/2025:15:53:54 +0200] „GET /wp-mail.php/wp-includes/ID3/rk2.php HTTP/1.0“ 302 – „-“ „-“
20.18.74.43 website*x.com – – [26/Jul/2025:15:54:09 +0200] „GET /wp-content/themes/astra/inc/network.php HTTP/1.0“ 403 – „-“ „-“

ABUSE-MAIL NR. 8

AS51167 – Contabo GmbH – VERY IGNORANT, DAILY HACKER-IDIOTS! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@contabo.de – NO ANSWER… NO RESPONSE… NOTHING IN OUR ABUSE EMAILS!!!
167.86.74.247 website*x.com – – [26/Jul/2025:11:44:57 +0200] „GET /wp-login.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36“
167.86.74.247 website*x.com – – [26/Jul/2025:11:44:57 +0200] „GET /wp-login.php HTTP/1.0“ 403 – „https://duckduckgo.com/“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36“
167.86.74.247 website*x.com – – [26/Jul/2025:11:44:57 +0200] „GET /wp-admin/ HTTP/1.0“ 403 – „https://t.co/“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36“

AS7859 – pair Networks – VERY IGNORANT! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@pair.com – NO ANSWER… NO RESPONSE… NOTHING IN OUR ABUSE EMAILS!!!
2607:f440::4227:6d09 website*x.com – – [26/Jul/2025:12:26:18 +0200] „HEAD /backup.zip HTTP/1.0“ 403 – „-“ „-“
2607:f440::4227:6d09 website*x.com – – [26/Jul/2025:12:26:18 +0200] „HEAD /Archive.zip HTTP/1.0“ 403 – „-“ „-“
2607:f440::4227:6d09 website*x.com – – [26/Jul/2025:12:26:18 +0200] „HEAD /website*x.zip HTTP/1.0“ 403 – „-“ „-“
2607:f440::4227:6d09 website*x.com – – [26/Jul/2025:12:26:19 +0200] „HEAD /website*x.com.zip HTTP/1.0“ 403 – „-“ „-“

AS216071 – SERVERS TECH FZCO – REFERRER-SPAM AGAIN AND AGAIN TO THIS DUBIOUS WEBSITE! VERY UNWANTED! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@vdsina.com – NO ANSWER…NO RESPONSE… NOTHING IN OUR ABUSE EMAILS!!!
77.238.225.146 www.website*x.com – – [26/Jul/2025:12:32:17 +0200] „GET / HTTP/1.0“ 403 – „https://GBNADVISORS.COM“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36“

ABUSE-MAIL NR. 9

AS8560 – IONOS SE – IONOS EVERY DAY AGAIN AND AGAIN!!! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@ionos.com – NO ANSWER… NO RESPONSE… NOTHING IN OUR ABUSE EMAILS!!! – THIS IS VERY IGNORANT!
74.208.111.78 website*x.de – – [26/Jul/2025:12:39:47 +0200] „GET /style.php HTTP/1.0“ 403 – „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
74.208.111.78 website*x.de – – [26/Jul/2025:12:40:02 +0200] „GET /style.php HTTP/1.0“ 403 – „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“

AS6805 – Telefonica Germany GmbH & Co.OHG – DAILY TRY TO COPY PICTURES!!! – THERE ARE ALSO PICTURES WITH COPYRIGHT!!! – NETWORK IS BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse.de@telefonica.com – WE HAS REPORT THIS MANY TIMES! – THE PROVIDER DOES… NOTHING!!!
176.3.136.13 www.website*x.de – – [26/Jul/2025:13:22:48 +0200] „GET /wp-content/uploads/202X/12/bild*x-180×180.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.3.136.13 www.website*x.de – – [26/Jul/2025:13:22:49 +0200] „GET /wp-content/uploads/202X/05/bild*x_150px.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.3.136.13 www.website*x.de – – [26/Jul/2025:13:22:49 +0200] „GET /wp-content/uploads/202X/12/bild*x-192×192.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.3.136.13 www.website*x.de – – [26/Jul/2025:13:22:49 +0200] „GET /wp-content/uploads/202X/12/bild*x-32×32.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.3.136.13 www.website*x.de – – [26/Jul/2025:13:22:50 +0200] „GET /wp-content/uploads/202X/01/bild*x.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.3.136.13 www.website*x.de – – [26/Jul/2025:13:22:50 +0200] „GET /wp-content/uploads/202X/12/bild*x-270×270.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“

ABUSE-MAIL NR. 10

AS211138 – Private-Hosting di Cipriano oscar – EVERY DAY AGAIN AND AGAIN!!! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
info@fasthosting.net.za – NO ANSWER… NO RESPONSE… NOTHING IN OUR ABUSE EMAILS!!! – THIS IS VERY IGNORANT!
41.216.188.205 website*x.com – – [26/Jul/2025:17:24:24 +0200] „GET /wp-login.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1; rv:121.0) Gecko/20100101 Firefox/121.0“
41.216.188.205 website*x.com – – [26/Jul/2025:17:24:24 +0200] „GET /wp-login.php HTTP/1.0“ 403 – „“ „Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36“
41.216.188.205 website*x.com – – [26/Jul/2025:17:24:24 +0200] „GET /wp-admin/ HTTP/1.0“ 403 – „https://www.google.com/“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1; rv:119.0) Gecko/20100101 Firefox/119.0“

AS210278 – Sky Italia srl – THE NETWORK 2a0e:400::/25 IS NOW ALSO COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@skytv.it
2a0e:424:3a83:0:89da:e103:fd07:62d4 website*x.com – – [26/Jul/2025:19:14:34 +0200] „POST /xmlrpc.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“

AS8560 – IONOS SE – IONOS EVERY DAY AGAIN AND AGAIN!!! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@ionos.com – NO ANSWER… NO RESPONSE… NOTHING IN OUR ABUSE EMAILS!!! – THIS IS VERY IGNORANT!
74.208.111.78 website*x.com – – [26/Jul/2025:21:53:10 +0200] „GET /style.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
74.208.111.78 website*x.com – – [26/Jul/2025:21:53:22 +0200] „GET /style.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“

AS396982 – Google LLC – GOOGLE EVERY DAY AGAIN AND AGAIN!!! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
google-cloud-compliance@google.com
34.56.58.166 website*x.com – – [26/Jul/2025:22:51:52 +0200] „HEAD /wordpress HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.56.58.166 website*x.com – – [26/Jul/2025:22:51:52 +0200] „HEAD / HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.56.58.166 website*x.com – – [26/Jul/2025:22:51:53 +0200] „HEAD /wp HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.56.58.166 website*x.com – – [26/Jul/2025:22:51:53 +0200] „HEAD /bc HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.56.58.166 website*x.com – – [26/Jul/2025:22:51:53 +0200] „HEAD /bk HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.56.58.166 website*x.com – – [26/Jul/2025:22:51:53 +0200] „HEAD /backup HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.56.58.166 website*x.com – – [26/Jul/2025:22:51:53 +0200] „HEAD /old HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.56.58.166 website*x.com – – [26/Jul/2025:22:51:53 +0200] „HEAD /new HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.56.58.166 website*x.com – – [26/Jul/2025:22:51:53 +0200] „HEAD /main HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.56.58.166 website*x.com – – [26/Jul/2025:22:51:53 +0200] „HEAD /home HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“

SONNTAG, 11 Abuse-Mails an jeweils 2 bis 4 Provider!

ABUSE-MAIL NR. 1

AS23470 – ReliableSite.Net LLC – SEHR VORBILDLICHER PROVIDER, ANTWORTET AUF ABUSE-MAIL UND GIBT INFOS!!!
abuse@reliablesite.net
172.93.102.106 website*x.com – – [27/Jul/2025:03:00:17 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozila/5.0“

AS401116 – Nybula LLC – VERY UNWANTED! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@nybula.com – NO ANSWER… NO RESPONSE… NOTHING IN OUR ABUSE EMAILS!!! – THIS IS VERY IGNORANT!
196.251.66.105 website*x.com – – [27/Jul/2025:07:51:04 +0200] „GET /a.php HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36“

AS211590 – Bucklog SARL – ALSO VERY UNWANTED! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
bucklog@proton.me – NO ANSWER… NO RESPONSE… NOTHING IN OUR ABUSE EMAILS!!! – THIS IS VERY IGNORANT!
185.177.72.210 website*x.com – – [27/Jul/2025:08:09:08 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „-“
185.177.72.210 website*x.com – – [27/Jul/2025:08:09:18 +0200] „GET /httpd.conf HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.210 website*x.com – – [27/Jul/2025:08:09:18 +0200] „GET /apps/.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.210 website*x.com – – [27/Jul/2025:08:09:18 +0200] „GET /php_info.php HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
+
185.177.72.13 website*x.com – – [27/Jul/2025:15:36:19 +0200] „GET / HTTP/1.0“ 403 – „-“ „python-httpx/0.28.1“
185.177.72.13 website*x.com – – [27/Jul/2025:15:36:24 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „python-httpx/0.28.1“
185.177.72.13 website*x.com – – [27/Jul/2025:15:36:25 +0200] „GET /.env HTTP/1.0“ 403 – „-“ „python-httpx/0.28.1“
185.177.72.13 website*x.com – – [27/Jul/2025:15:36:25 +0200] „GET /api/.env HTTP/1.0“ 403 – „-“ „python-httpx/0.28.1“
185.177.72.13 website*x.com – – [27/Jul/2025:15:36:25 +0200] „GET /config/.env HTTP/1.0“ 403 – „-“ „python-httpx/0.28.1“
185.177.72.13 website*x.com – – [27/Jul/2025:15:36:25 +0200] „GET /_profiler/phpinfo HTTP/1.0“ 403 – „-“ „python-httpx/0.28.1“
185.177.72.13 website*x.com – – [27/Jul/2025:15:36:25 +0200] „GET /tool/view/phpinfo.view.php HTTP/1.0“ 403 – „-“ „python-httpx/0.28.1“
185.177.72.13 website*x.com – – [27/Jul/2025:15:36:25 +0200] „GET /phpinfo.php HTTP/1.0“ 302 20 „-“ „python-httpx/0.28.1“
185.177.72.13 website*x.com – – [27/Jul/2025:15:36:30 +0200] „GET /phpinfo HTTP/1.0“ 403 – „-“ „python-httpx/0.28.1“
185.177.72.13 website*x.com – – [27/Jul/2025:15:36:30 +0200] „GET /info.php HTTP/1.0“ 302 20 „-“ „python-httpx/0.28.1“

AS16276 – OVH SAS – OVH AGAIN AND AGAIN EVERY DAY!!!
abuse@ovh.net
51.89.3.212 website*x.com – – [27/Jul/2025:09:03:57 +0200] „GET /images/images/cache.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36“
51.89.3.212 website*x.com – – [27/Jul/2025:09:03:58 +0200] „GET /wp-content/themes/twentystd/ HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36“

ABUSE-MAIL NR. 2

AS4694 – IDC Frontier Inc. – THIS PENETRANT SummalyBot IS VERY UNWANTED! IS COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
hostmaster@nic.ad.jp,sindresorhus@gmail.com – NO ANSWER… NO RESPONSE… NOTHING IN OUR ABUSE EMAILS!!! – THIS IS VERY IGNORANT!
210.236.251.27 www.website*x.de – – [27/Jul/2025:02:01:34 +0200] „HEAD /fensterX/X HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (compatible; SummalyBot/5.2.1-io.2)“
210.236.251.27 www.website*x.de – – [27/Jul/2025:02:01:35 +0200] „GET /fensterX/X HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (compatible; SummalyBot/5.2.1-io.2)“

ABUSE-MAIL NR. 3

AS401116 – Nybula LLC – VERY UNWANTED! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@nybula.com – NO ANSWER… NO RESPONSE… NOTHING IN OUR ABUSE EMAILS!!! – THIS IS VERY IGNORANT!
196.251.118.216 website*x.com – – [27/Jul/2025:03:05:55 +0200] „GET //wp-content/plugins/fix/up.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36“

AS48693 – Rices Privately owned enterprise – VERY UNWANTED! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@ntup.net,abuse@demenin.net,dem@demenin.net – NO ANSWER… NO RESPONSE… NOTHING IN OUR ABUSE EMAILS!!! – THIS IS VERY IGNORANT!
194.145.227.125 website*x.com – – [27/Jul/2025:03:11:20 +0200] „GET /administrator/components/com_maianmedia/utilities/charts/php-ofc-library/ofc_upload_image.php HTTP/1.0“ 403 – „-“ „ALittle Client“

ABUSE-MAIL NR. 4

AS56380 – “IT FRUIT“ S.R.L. – VERY IGNORANT, VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@vmbox.cloud,terletskydboss@gmail.com – NO RESPONSE… NOTHING IN OUR ABUSE EMAILS!!!
185.153.199.135 website*x.com – – [27/Jul/2025:06:02:55 +0200] „GET /administrator/components/com_maian15/charts/php-ofc-library/ofc_upload_image.php HTTP/1.0“ 403 – „-“ „ALittle Client“

ABUSE-MAIL NR. 5

AS56380 – “IT FRUIT“ S.R.L. – VERY IGNORANT, VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@vmbox.cloud,terletskydboss@gmail.com – NO RESPONSE… NOTHING IN OUR ABUSE EMAILS!!!
185.153.199.135 website*x.com – – [27/Jul/2025:06:59:22 +0200] „GET /administrator/components/com_maian15/charts/php-ofc-library/ofc_upload_image.php HTTP/1.0“ 403 – „-“ „ALittle Client“

ABUSE-MAIL NR. 6

AS49981 – WorldStream – THE NETWORK 2a00:7c80::/32 IS NOW BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@worldstream.nl
2a00:7c80:0:11e::12 website*x.com – – [27/Jul/2025:07:12:34 +0200] „POST /xmlrpc.php HTTP/1.0“ 302 20 „http://website*x.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0.1) Gecko/20100101 Firefox/125.0.1“

AS22612 – Namecheap, Inc. – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@namecheaphosting.com
67.223.119.66 website*x.com – – [27/Jul/2025:11:53:22 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http://website*x.com“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 14_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15“

AS19871 – Network Solutions, LLC – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
IARPOC@Newfold.com,eig-net-team@endurance.com
50.6.153.28 website*x.com – – [27/Jul/2025:11:58:00 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http://website*x.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Edg/126.0.0.0“

AS26496 – GoDaddy.com, LLC – – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES! – – Das ONLINE-FORMULAR IST EIN NoGo! Abuse per Emails ist STANDARD!!!
abuse@godaddy.com, support@godaddy.com, contact@godaddy.com – NO ANSWER… NO RESPONSE… NOTHING IN OUR ABUSE EMAILS!!! – VERY IGNORANT!!!
184.168.114.3 website*x.com – – [27/Jul/2025:12:02:49 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http://website*x.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.138 Safari/537.36 Edg/112.0.1722.68“

ABUSE-MAIL NR. 7

AS396982 – Google LLC – GOOGLE EVERY DAY AGAIN AND AGAIN!!! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
google-cloud-compliance@google.com
34.56.58.166 website*x.com – – [27/Jul/2025:09:17:07 +0200] „HEAD /wordpress HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.56.58.166 website*x.com – – [27/Jul/2025:09:17:07 +0200] „HEAD / HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.56.58.166 website*x.com – – [27/Jul/2025:09:17:07 +0200] „HEAD /wp HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.56.58.166 website*x.com – – [27/Jul/2025:09:17:07 +0200] „HEAD /bc HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.56.58.166 website*x.com – – [27/Jul/2025:09:17:07 +0200] „HEAD /bk HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.56.58.166 website*x.com – – [27/Jul/2025:09:17:07 +0200] „HEAD /backup HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.56.58.166 website*x.com – – [27/Jul/2025:09:17:07 +0200] „HEAD /old HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.56.58.166 website*x.com – – [27/Jul/2025:09:17:08 +0200] „HEAD /new HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.56.58.166 website*x.com – – [27/Jul/2025:09:17:08 +0200] „HEAD /main HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.56.58.166 website*x.com – – [27/Jul/2025:09:17:08 +0200] „HEAD /home HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“

AS40021 – Contabo Inc. – VERY IGNORANT, DAILY HACKER-IDIOTS! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@contabo.de – NO ANSWER… NO RESPONSE… NOTHING IN OUR ABUSE EMAILS!!! – VERY IGNORANT!!!
194.238.27.120 website*x.com – – [27/Jul/2025:10:15:04 +0200] „GET /doiconvs.php HTTP/1.0“ 302 20 „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
194.238.27.120 website*x.com – – [27/Jul/2025:10:15:41 +0200] „GET /moddofuns.php HTTP/1.0“ 302 20 „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
194.238.27.120 website*x.com – – [27/Jul/2025:10:16:05 +0200] „GET /memberfuns.php HTTP/1.0“ 302 20 „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
194.238.27.120 website*x.com – – [27/Jul/2025:10:16:40 +0200] „GET /gdftps.php HTTP/1.0“ 302 20 „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
194.238.27.120 website*x.com – – [27/Jul/2025:10:17:12 +0200] „GET /inputs.php HTTP/1.0“ 302 20 „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“

AS132241 – SKSA TECHNOLOGY SDN BHD – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@internet-webhosting.com,noc@internet-webhosting.com
103.8.27.27 website*x.com – – [27/Jul/2025:11:59:22 +0200] „GET /admin/.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64)“
103.8.27.27 website*x.com – – [27/Jul/2025:11:59:22 +0200] „GET /laravel/.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64)“
103.8.27.27 website*x.com – – [27/Jul/2025:11:59:22 +0200] „GET /.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64)“
103.8.27.27 website*x.com – – [27/Jul/2025:11:59:22 +0200] „GET /core/.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64)“

ABUSE-MAIL NR. 8

AS8075 – Microsoft Corporation – VERY IGNORANT, VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@microsoft.com – Das ONLINE-FORMULAR IST EIN NoGo! Abuse per Emails ist STANDARD!!!
172.192.37.219 website*x.de – – [27/Jul/2025:07:48:11 +0200] „GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.0“ 403 – „-“ „-“
172.192.37.219 website*x.de – – [27/Jul/2025:07:48:11 +0200] „GET /wp-includes/assets/index.php HTTP/1.0“ 403 – „-“ „-“
172.192.37.219 website*x.de – – [27/Jul/2025:07:48:11 +0200] „GET /wp-includes/style-engine/autoload_classmap.php HTTP/1.0“ 403 – „-“ „-“
172.192.37.219 website*x.de – – [27/Jul/2025:07:48:12 +0200] „GET /wp-content/packed.php HTTP/1.0“ 403 – „-“ „-“
172.192.37.219 website*x.de – – [27/Jul/2025:07:48:12 +0200] „GET /wp-includes/js/codemirror/about.php HTTP/1.0“ 403 – „-“ „-“
172.192.37.219 website*x.de – – [27/Jul/2025:07:48:12 +0200] „GET /wp-content/upgrade/wp-sigunq.php HTTP/1.0“ 403 – „-“ „-“
172.192.37.219 website*x.de – – [27/Jul/2025:07:48:12 +0200] „GET /wp-content/uploads/chosen.php HTTP/1.0“ 403 – „-“ „-“
172.192.37.219 website*x.de – – [27/Jul/2025:07:48:13 +0200] „GET /simple.php HTTP/1.0“ 302 – „-“ „-“
… and so on….

ABUSE-MAIL NR. 9

AS26042 – FiberState, LLC – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@cogentco.com
38.46.220.226 website*x.com – – [27/Jul/2025:12:07:39 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http://website*x.com“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15“

AS140815 – HTTVSERVER TECHNOLOGY COMPANY LIMITED – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
hm-changed@vnnic.vn,network.gtsvn@gmail.com – NO ANSWER… NO RESPONSE… NOTHING IN OUR ABUSE EMAILS!!! – VERY IGNORANT!!!
113.192.8.160 website*x.com – – [27/Jul/2025:12:12:38 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http://website*x.com“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36“

AS63023 – GTHost – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@globaltelehost.com – NO ANSWER… NO RESPONSE… NOTHING IN OUR ABUSE EMAILS!!! – VERY IGNORANT!!!
38.91.101.159 website*x.com – – [27/Jul/2025:12:17:34 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http://website*x.com“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15“

AS36352 – HostPapa – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
hostmaster@centriohost.com,noc-admin@zelt.ae
172.245.155.10 website*x.com – – [27/Jul/2025:12:22:35 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http://website*x.com“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:129.0) Gecko/20100101 Firefox/129.0“

ABUSE-MAIL NR. 10

AS8860 – Delta HighTech Ltd. – NOW ALSO COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@delta.bg – NO ANSWER… NO RESPONSE… NOTHING IN OUR ABUSE EMAILS!!! – VERY IGNORANT!!!
2a02:80e0:3::2 website*x.com – – [27/Jul/2025:12:27:33 +0200] „POST /wp-login.php HTTP/1.0“ 302 20 „http://website*x.com“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:128.0) Gecko/20100101 Firefox/128.0“

AS16276 – OVH SAS – OVH AGAIN AND AGAIN EVERY DAY!!!
abuse@ovh.net
2402:1f00:8000:800::2903 website*x.com – – [27/Jul/2025:12:32:26 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http://website*x.com“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Edg/126.0.0.0“

AS32475 – Internap Holding LLC – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@horizoniq.com,mdavis@inap.com
23.92.177.29 website*x.com – – [27/Jul/2025:12:37:15 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http://website*x.com“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 14_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15“

AS35916 – MULTACOM CORPORATION – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@multacom.com
2607:f130:0:103:ff:ff:f02c:3079 website*x.com – – [27/Jul/2025:12:42:08 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http://website*x.com“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:126.0) Gecko/20100101 Firefox/126.0“

ABUSE-MAIL NR. 11

AS12876 – SCALEWAY S.A.S. – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@scaleway.com – NO ANSWER… NO RESPONSE… NOTHING IN OUR ABUSE EMAILS!!! – VERY IGNORANT!!!
163.172.187.89 website*x.com – – [27/Jul/2025:12:46:55 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http://website*x.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 Firefox/128.0“

AS35206 – NovaTrend Services GmbH – SEHR VORBILDLICHER PROVIDER! HAT SOFORT GEANTWORTET, SOFORT REAGIERT!
abuse@novatrend.ch
194.150.248.202 website*x.com – – [27/Jul/2025:12:51:45 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http://website*x.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0.1) Gecko/20100101 Firefox/125.0.1“

AS16509 – Amazon.com, Inc. – VERY GOOD PROVIDER ABOUT ABUSE-MAIL! GIVES ALWAYS FEEDBACK!
abuse@amazonaws.com, trustandsafety@support.aws.com
2a05:d01c:6fa:4600:ec48:6763:d328:d75e website*x.com – – [27/Jul/2025:12:56:28 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http://website*x.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.134 Safari/537.36“

AS19318 – Interserver, Inc – AGAIN AND AGAIN THIS WEEKEND!!!
abusencc@interserver.net
173.225.104.114 website*x.com – – [27/Jul/2025:13:01:13 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http://website*x.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36“

Nun schauen wir mal, wie die versch. Provider diesmal in Bezug auf sichere Webspaces, Server und Netwerke reagieren!

Protokoll-Auszüge ab 18.07.25 – Was war so am Wochenende los?

Sämtliche Versuche, Website-Hacking, Referrer-Spam, Kopierversuche (auch Bilder mit Copyright!) und etc. sind an sämtliche, MIT VERANTWORTLICHE PROVIDER auch bemeldet worden. Insgesamt 27 MELDUNGEN an im Schnitt 3 Provider gleichzeitig!

Das geht bei uns Ratzfats, kaum Arbeit, Haha! Reihenfolge (oft an mehrere Provider in einer Abuse-Meldung, so sieht auch die Konkurrenz, wie unsicher andere Netze sind!):

Meldungs-Nummer
Alle Empfänger pro Meldung
Provider ASN – Teilweise mit ANMERKUNG!
Email
Zugriffsversuch IP, Website*X, Datum und Uhrzeit, Aktion, ggf. Quelle/Verweis, Agent

Hier nun die Protokoll-Auszüge ab dem 18.07.25:

MAIL NR. 1 TODAY!
abuse@convergeict.com,abuse-reports@cloudzy.com,abuse@infomaniak.ch,bucklog@proton.me
4 PROVIDER!
AS17639 – Converge ICT Solutions Inc.
abuse@convergeict.com
136.158.27.179 website*x.com – – [18/Jul/2025:15:32:07 +0200] „POST /xmlrpc.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
AS14956 – RouterHosting LLC – HERE WITH 2 IP´S! AGAIN AND AGAIN! STOP THIS NOW!!!
abuse-reports@cloudzy.com
2602:fa59:10:681::1 website*x.com – – [18/Jul/2025:19:06:45 +0200] „GET /wp-content/plugins/about.php HTTP/1.0“ 403 – „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
2602:fa59:10:681::1 website*x.com – – [18/Jul/2025:19:07:11 +0200] „GET /geju.php HTTP/1.0“ 302 20 „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
2602:fa59:10:681::1 website*x.com – – [18/Jul/2025:19:08:06 +0200] „GET /wp.php HTTP/1.0“ 302 20 „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
+
2602:fa59:9:7ad::1 website*x.com – – [20/Jul/2025:08:51:33 +0200] „GET /wp-content/plugins/about.php HTTP/1.0“ 403 – „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
2602:fa59:9:7ad::1 website*x.com – – [20/Jul/2025:08:52:16 +0200] „GET /geju.php HTTP/1.0“ 302 20 „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
2602:fa59:9:7ad::1 website*x.com – – [20/Jul/2025:08:53:21 +0200] „GET /wp.php HTTP/1.0“ 302 20 „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
AS29222 – Infomaniak Network SA
abuse@infomaniak.ch
2001:1600:4:11::44e website*x.com – – [18/Jul/2025:22:34:53 +0200] „GET /sftp.json HTTP/1.0“ 403 – „-“ „http://Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.120 Safari/537.36“
2001:1600:4:11::44e website*x.com – – [18/Jul/2025:22:34:53 +0200] „GET /sftp-config.json HTTP/1.0“ 403 – „-“ „http://Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36 TheWorld 6“
2001:1600:4:11::44e website*x.com – – [18/Jul/2025:22:34:53 +0200] „GET /.vscode/sftp.json HTTP/1.0“ 403 – „-“ „http://Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; NP02; rv:11.0) like Gecko“
2001:1600:4:11::44e website*x.com – – [18/Jul/2025:22:34:53 +0200] „GET /.vscode/ftp-sync.json HTTP/1.0“ 403 – „-“ „http://Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.152 Safari/537.36 LBBROWSER“
AS211590 – Bucklog SARL – BUCKLOG AGAIN AND AGAIN! NO ANSWER,NO INFO! VERY IGNORANT AND VERY UNSECURE!!!
bucklog@proton.me
185.177.72.7 website*x.com – – [19/Jul/2025:08:14:16 +0200] „GET /.git/ HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.7 website*x.com – – [19/Jul/2025:08:14:19 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.7 website*x.com – – [19/Jul/2025:08:14:25 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.7 website*x.com – – [19/Jul/2025:08:14:25 +0200] „GET /.git/index HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.7 website*x.com – – [19/Jul/2025:08:14:26 +0200] „GET /phpinfo.php HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“

–

MAIL NR. 2 TODAY!
abuse@ipxo.com, abuse@contabo.de, noc@contabo.de, sascha.wintz@contabo.de,google-cloud-compliance@google.com, network-abuse@google.com,abuse@ovh.net, abuse@ovh.us, abuse@ovh.ca
AS141995 – Contabo Asia Private Limited – CONTABO AGAIN AND AGAIN! NO ANSWER, NO INFO! VERY IGNORANT AND VERY UNSECURE!!!
abuse@contabo.de
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:29 +0200] „GET /backup.zip HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:29 +0200] „GET /websites.zip HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:29 +0200] „GET /website.zip HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:29 +0200] „GET /app.zip HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:29 +0200] „GET /db_backup.zip HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:29 +0200] „GET /assets.zip HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:29 +0200] „GET /lib.zip HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:29 +0200] „GET /main.zip HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:29 +0200] „GET /theme.zip HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:30 +0200] „GET /vendor.tar.gz HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:30 +0200] „GET /support.tar.gz HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:30 +0200] „GET /db.zip HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:30 +0200] „GET /api.zip HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:30 +0200] „GET /src.zip HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:30 +0200] „GET /s3.zip HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:31 +0200] „GET /api.tar.gz HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:31 +0200] „GET /back_up.tar.gz HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:32 +0200] „GET /uploads.zip HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:32 +0200] „GET /www.zip HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:32 +0200] „GET /log.zip HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:32 +0200] „GET /views.zip HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:32 +0200] „GET /index.php.zip HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:32 +0200] „GET /bin.zip HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:32 +0200] „GET /images.zip HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:32 +0200] „GET /dist.zip HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:33 +0200] „GET /data.tar.gz HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
217.15.162.128 website*x.com – – [18/Jul/2025:23:28:33 +0200] „GET /s3.tar.gz HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36“
AS396982 – Google LLC – ALSO GOOGLE AGAIN AND AGAIN! VERY UNSECURE NETWORKS!!!
google-cloud-compliance@google.com
34.168.107.7 website*x.com – – [19/Jul/2025:03:10:51 +0200] „HEAD /wordpress HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.168.107.7 website*x.com – – [19/Jul/2025:03:10:52 +0200] „HEAD / HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.168.107.7 website*x.com – – [19/Jul/2025:03:10:52 +0200] „HEAD /wp HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.168.107.7 website*x.com – – [19/Jul/2025:03:10:52 +0200] „HEAD /bc HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.168.107.7 website*x.com – – [19/Jul/2025:03:10:52 +0200] „HEAD /bk HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.168.107.7 website*x.com – – [19/Jul/2025:03:10:52 +0200] „HEAD /backup HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.168.107.7 website*x.com – – [19/Jul/2025:03:10:53 +0200] „HEAD /old HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.168.107.7 website*x.com – – [19/Jul/2025:03:10:53 +0200] „HEAD /new HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.168.107.7 website*x.com – – [19/Jul/2025:03:10:53 +0200] „HEAD /main HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.168.107.7 website*x.com – – [19/Jul/2025:03:10:53 +0200] „HEAD /home HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
AS16276 – OVH SAS – OVH ALSO AGAIN AND AGAIN EVERY DAY!!!
abuse@ovh.net
51.89.3.212 website*x.com – – [19/Jul/2025:07:51:53 +0200] „GET /images/images/cache.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36“
51.89.3.212 website*x.com – – [19/Jul/2025:07:52:09 +0200] „GET /blog-verify HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36“

–

MAIL NR. 3 TODAY!
abuse.pt@vodafone.com,abuse@vodafone.com,abuse@snthostings.com,abuse@ovh.net, abuse@ovh.us, abuse@ovh.ca,abuse@ipxo.com, abuse@contabo.de, noc@contabo.de, sascha.wintz@contabo.de
AS12353 – Vodafone Portugal – IS NOW COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
WE BLOCK ALSO ISP WITH HACKER-IDIOTS!
abuse.pt@vodafone.com
89.114.156.172 website*x.com – – [19/Jul/2025:03:36:20 +0200] „GET /uploaded_script.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
89.114.156.172 website*x.com – – [19/Jul/2025:03:36:23 +0200] „GET /uploaded_script.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
AS16276 – OVH SAS – OVH AGAIN AND AGAIN! OVH IS ALSO COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@ovh.net
51.89.232.21 website*x.com – – [19/Jul/2025:04:28:17 +0200] „GET /xmlrpc.php?rsd HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
51.89.232.21 website*x.com – – [19/Jul/2025:04:28:17 +0200] „GET /blog/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
51.89.232.21 website*x.com – – [19/Jul/2025:04:28:17 +0200] „GET /web/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
51.89.232.21 website*x.com – – [19/Jul/2025:04:28:17 +0200] „GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
51.89.232.21 website*x.com – – [19/Jul/2025:04:28:17 +0200] „GET /wp/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
51.89.232.21 website*x.com – – [19/Jul/2025:04:28:17 +0200] „GET /2020/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
51.89.232.21 website*x.com – – [19/Jul/2025:04:28:17 +0200] „GET /2019/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
51.89.232.21 website*x.com – – [19/Jul/2025:04:28:17 +0200] „GET /2021/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
51.89.232.21 website*x.com – – [19/Jul/2025:04:28:17 +0200] „GET /shop/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
51.89.232.21 website*x.com – – [19/Jul/2025:04:28:17 +0200] „GET /wp1/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
51.89.232.21 website*x.com – – [19/Jul/2025:04:28:17 +0200] „GET /test/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
51.89.232.21 website*x.com – – [19/Jul/2025:04:28:17 +0200] „GET /site/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
51.89.232.21 website*x.com – – [19/Jul/2025:04:28:17 +0200] „GET /cms/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
AS40021 – Contabo Inc. – CONTABO AGAIN AND AGAIN! NO ANSWER, NO INFO! VERY IGNORANT AND VERY UNSECURE!!!
abuse@contabo.de
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:08 +0200] „GET /wp-admin/network/natural.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:08 +0200] „GET /natural.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:08 +0200] „GET /simple.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:08 +0200] „GET /wp-admin/network/index.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:08 +0200] „GET /inputs.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:08 +0200] „GET /wp-includes/ID3/index.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:08 +0200] „GET /autoload_classmap.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:08 +0200] „GET /wp-includes/bk/index.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:09 +0200] „GET /file2.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:09 +0200] „GET /wp-content/upgrade/index.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:09 +0200] „GET /file.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:09 +0200] „GET /chosen.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:09 +0200] „GET /item.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:09 +0200] „GET /wp-content/uploads/2025/04/natural.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:09 +0200] „GET /wp-includes/theme-compat/chosen.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:09 +0200] „GET /zwso.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:10 +0200] „GET /wp-conflg.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:10 +0200] „GET /wp-includes/IXR/chosen.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:10 +0200] „GET /wp-includes/js/chosen.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:10 +0200] „GET /wp-includes/pomo/wp-conflg.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:10 +0200] „GET /wp-admin/js/autoload_classmap.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:10 +0200] „GET /wp-includes/certificates/chosen.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:10 +0200] „GET /bitrix/admin/htmleditor2/natural.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:10 +0200] „GET /wp-includes/Requests/Auth/index.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:11 +0200] „GET /wp-admin/images/index.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:11 +0200] „GET /templates/natural.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:11 +0200] „GET /cong.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:11 +0200] „GET /wp-content/plugins/apikey/natural.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:11 +0200] „GET /wp-admin/js/index.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:11 +0200] „GET /dropdown.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:11 +0200] „GET /wp-includes/style-engine/wp-conflg.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:11 +0200] „GET /wp-includes/ID3/wp-conflg.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:12 +0200] „GET /wp-content/plugins/up/main.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:12 +0200] „GET /repeater.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:12 +0200] „GET /wp-2019.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:12 +0200] „GET /atomlib.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:12 +0200] „GET /css.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36“
94.72.112.3 website*x.com – – [19/Jul/2025:04:33:12 +0200] „GET /log.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36″
… and so on… and so on!!!

–

MAIL NR. 4 TODAY!
terletskydboss@gmail.com, qcloud_net_duty@tencent.com, abuse@vdsina.ru,abuse@datalix.de
4 PROVIDER
AS56380 – “IT FRUIT“ S.R.L. – VERY IGNORANT PROVIDER!!! HACKER-IDIOTS EVERY DAY!!!
terletskydboss@gmail.com
185.153.199.135 website*x.com – – [19/Jul/2025:05:28:51 +0200] „GET /elfinder/connectors/php/connector.php HTTP/1.0“ 403 – „-“ „ALittle Client“
+
185.153.199.135 website*x.com – – [20/Jul/2025:09:56:17 +0200] „GET /elfinder/src/connectors/php/connector.php HTTP/1.0“ 403 – „-“ „ALittle Client“
AS132203 – Tencent Building, Kejizhongyi Avenue – TENCENT IS COMPLETE BLOCKED, COMPLETE UNWANTED! VERY IGNORANT, VERY UNSECURE!!!
ALSO THIS REFERRER-SPAM IS COMING EVERY DAY!!!
qcloud_net_duty@tencent.com
43.167.232.38 www.website*x.com – – [19/Jul/2025:05:28:51 +0200] „GET / HTTP/1.0“ 403 – „http://gbnadvisors.com“ „Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1“
AS216071 – SERVERS TECH FZCO – VDSINA IS COMPLETE UNWANTED, COMPLETE BLOCKED! RUSSIA ALSO COMPLETE UNWANTED, COMPLETE BLOCKED!
ALSO THIS REFERRER-SPAM IS COMING EVERY DAY!!!
abuse@vdsina.ru
212.118.43.65 www.website*x.com – – [19/Jul/2025:07:20:31 +0200] „GET / HTTP/1.0“ 403 – „https://GBNADVISORS.COM“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36“
AS58087 – Florian Kolb – THIS IS NOT THE FIRST ABUSE-MAIL! STOP THIS HACKER-IDIOTS IN YOUR NETWORKS NOW!!!
abuse@datalix.de
45.133.74.53 website*x.com – – [19/Jul/2025:11:11:51 +0200] „GET /wp-config.php_hlt HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36“
45.133.74.53 website*x.com – – [19/Jul/2025:11:11:51 +0200] „GET /wp-config.php.tpl HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36“
45.133.74.53 website*x.com – – [19/Jul/2025:11:11:51 +0200] „GET /wp-config.php.mlehr.bak HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36“
45.133.74.53 website*x.com – – [19/Jul/2025:11:11:52 +0200] „GET /wp-config.php_old2 HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36“
45.133.74.53 website*x.com – – [19/Jul/2025:11:11:52 +0200] „GET /wp-config.php_OLD_BK HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36“
45.133.74.53 website*x.com – – [19/Jul/2025:11:11:52 +0200] „GET /wp-config.php_antigo HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36“
45.133.74.53 website*x.com – – [19/Jul/2025:11:11:53 +0200] „GET /.wp-config.php.swo HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36“
45.133.74.53 website*x.com – – [19/Jul/2025:11:11:53 +0200] „GET /.wp-config.php.swp HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36“
45.133.74.53 website*x.com – – [19/Jul/2025:11:11:53 +0200] „GET /wp-config.phpoldd HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36“
45.133.74.53 website*x.com – – [19/Jul/2025:11:11:54 +0200] „GET /wp-config.php.old HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36″

–

MAIL NR. 5 TODAY!
terletskydboss@gmail.com,bucklog@proton.me,abuse@microsoft.com, msftcs@microsoft.com, azsafety@microsoft.com
AS56380 – “IT FRUIT“ S.R.L. – VERY IGNORANT PROVIDER!!! HACKER-IDIOTS EVERY DAY!!!
terletskydboss@gmail.com
185.153.199.135 website*x.com – – [19/Jul/2025:06:28:16 +0200] „GET /elfinder/connectors/php/connector.php HTTP/1.0“ 403 – „-“ „ALittle Client“
AS211590 – Bucklog SARL – BUCKLOG AGAIN AND AGAIN! NO ANSWER,NO INFO! VERY IGNORANT AND VERY UNSECURE!!!
bucklog@proton.me
185.177.72.44 website*x.com – – [19/Jul/2025:09:46:10 +0200] „GET /.gitlab-ci.yml HTTP/1.0“ 403 – „-“ „fasthttp“
AS8075 – Microsoft Corporation – MICROSOFT ALSO AGAIN AND AGAIN! VERY UNSECURE!!!
abuse@microsoft.com
20.186.178.10 website*x.com – – [19/Jul/2025:10:08:59 +0200] „GET //wp-content/plugins/fix/up.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36“

–

MAIL NR. 6 TODAY!
abuse@nybula.com, abuse@microsoft.com, msftcs@microsoft.com, azsafety@microsoft.com,google-cloud-compliance@google.com, network-abuse@google.com
AS401116 – Nybula LLC IS COMPLETE BLOCKED, COMPLETE UNWANTED! VERY IGNORANT, VERY UNSECURE!!!
ALSO THIS REFERRER-SPAM IST COMING EVERY DAY!!!
abuse@nybula.com
196.251.66.28 website*x.com – – [19/Jul/2025:06:35:58 +0200] „GET /wp-admin/css/ HTTP/1.0“ 403 – „binance.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36“
AS8075 – Microsoft Corporation IS ALSO COMPLETE BLOCKED, COMPLETE UNWANTED! VERY IGNORANT, VERY UNSECURE!!!
abuse@microsoft.com
68.218.118.71 website*x.com – – [19/Jul/2025:06:52:56 +0200] „GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.0“ 403 – „-“ „-“
68.218.118.71 website*x.com – – [19/Jul/2025:06:52:57 +0200] „GET /file.php HTTP/1.0“ 302 – „-“ „-“
68.218.118.71 website*x.com – – [19/Jul/2025:06:53:12 +0200] „GET /moon.php HTTP/1.0“ 403 – „-“ „-“
68.218.118.71 website*x.com – – [19/Jul/2025:06:53:12 +0200] „GET /admin.php HTTP/1.0“ 302 – „-“ „-“
68.218.118.71 website*x.com – – [19/Jul/2025:06:53:27 +0200] „GET /radio.php HTTP/1.0“ 302 – „-“ „-“
68.218.118.71 website*x.com – – [19/Jul/2025:06:53:42 +0200] „GET /log.php HTTP/1.0“ 302 – „-“ „-“
68.218.118.71 website*x.com – – [19/Jul/2025:06:53:57 +0200] „GET /wp-trackback.php HTTP/1.0“ 302 – „-“ „-“
AS396982 – Google LLC – ALSO GOOGLE AGAIN AND AGAIN! VERY UNSECURE NETWORKS!!!
google-cloud-compliance@google.com
34.83.32.148 website*x.com – – [19/Jul/2025:06:59:34 +0200] „HEAD /wordpress HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.83.32.148 website*x.com – – [19/Jul/2025:06:59:34 +0200] „HEAD / HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.83.32.148 website*x.com – – [19/Jul/2025:06:59:35 +0200] „HEAD /wp HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.83.32.148 website*x.com – – [19/Jul/2025:06:59:35 +0200] „HEAD /bc HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.83.32.148 website*x.com – – [19/Jul/2025:06:59:35 +0200] „HEAD /bk HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.83.32.148 website*x.com – – [19/Jul/2025:06:59:35 +0200] „HEAD /backup HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.83.32.148 website*x.com – – [19/Jul/2025:06:59:35 +0200] „HEAD /old HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.83.32.148 website*x.com – – [19/Jul/2025:06:59:35 +0200] „HEAD /new HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.83.32.148 website*x.com – – [19/Jul/2025:06:59:36 +0200] „HEAD /main HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.83.32.148 website*x.com – – [19/Jul/2025:06:59:36 +0200] „HEAD /home HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“

–

MAIL NR. 7 TODAY!

abuse.de@telefonica.com, abuse@virtualine.org,abuse@microsoft.com, msftcs@microsoft.com, azsafety@microsoft.com
AS6805 – Telefonica Germany GmbH & Co.OHG – HERE WITH 3 IP´S! – PENETRANT DAILY TRY TO COPY PICTURES! THERE ARE ALSO PICTURES WITH COPYRIGHT!!!
abuse.de@telefonica.com
176.3.184.45 www.website*x.de – – [19/Jul/2025:03:06:09 +0200] „GET /wp-content/uploads/2021/12/cropped-xxx.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.3.184.45 www.website*x.de – – [19/Jul/2025:03:06:09 +0200] „GET /wp-content/uploads/2022/05/Icon_xxx.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.3.184.45 www.website*x.de – – [19/Jul/2025:03:06:09 +0200] „GET /wp-content/uploads/2021/12/cropped-xxx.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.3.184.45 www.website*x.de – – [19/Jul/2025:03:06:09 +0200] „GET /wp-content/uploads/2021/12/cropped-xxx.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.3.184.45 www.website*x.de – – [19/Jul/2025:03:06:09 +0200] „GET /wp-content/uploads/2022/01/Icon-xxx.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.3.184.45 www.website*x.de – – [19/Jul/2025:03:06:09 +0200] „GET /wp-content/uploads/2021/12/cropped-xxx.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
+
176.2.10.105 www.website*x.de – – [19/Jul/2025:04:59:42 +0200] „GET /wp-content/uploads/2021/12/cropped-xxx.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.2.10.105 www.website*x.de – – [19/Jul/2025:04:59:42 +0200] „GET /wp-content/uploads/2022/05/Icon_xxx.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.2.10.105 www.website*x.de – – [19/Jul/2025:04:59:42 +0200] „GET /wp-content/uploads/2021/12/cropped-xxx.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.2.10.105 www.website*x.de – – [19/Jul/2025:04:59:42 +0200] „GET /wp-content/uploads/2021/12/cropped-xxx.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.2.10.105 www.website*x.de – – [19/Jul/2025:04:59:42 +0200] „GET /wp-content/uploads/2022/01/Icon-xxx.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.2.10.105 www.website*x.de – – [19/Jul/2025:04:59:42 +0200] „GET /wp-content/uploads/2021/12/cropped-xxx.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
+
176.3.179.8 www.website*x.de – – [19/Jul/2025:09:49:39 +0200] „GET /wp-content/uploads/2021/12/cropped-xxx.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.3.179.8 www.website*x.de – – [19/Jul/2025:09:49:39 +0200] „GET /wp-content/uploads/2022/05/Icon_xxx.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.3.179.8 www.website*x.de – – [19/Jul/2025:09:49:39 +0200] „GET /wp-content/uploads/2021/12/cropped-xxx HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.3.179.8 www.website*x.de – – [19/Jul/2025:09:49:39 +0200] „GET /wp-content/uploads/2021/12/cropped-xxx.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.3.179.8 www.website*x.de – – [19/Jul/2025:09:49:39 +0200] „GET /wp-content/uploads/2022/01/Icon-xxx.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
176.3.179.8 www.website*x.de – – [19/Jul/2025:09:49:39 +0200] „GET /wp-content/uploads/2021/12/cropped-xxx.jpg HTTP/1.0“ 403 – „-“ „MozacFetch/57.0.5“
AS214940 – KPROHOST LLC – VERY IGNORANT PROVIDER – DAILY HACKING-ATTEMPTS – HE DOES NOTHING!!!
abuse@virtualine.org
198.55.98.91 www.website*x.de – – [19/Jul/2025:04:28:01 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36“
AS8075 – Microsoft Corporation IS ALSO COMPLETE BLOCKED, COMPLETE UNWANTED! VERY IGNORANT, VERY UNSECURE!!!
abuse@microsoft.com
172.207.129.169 website*x.de – – [19/Jul/2025:05:56:27 +0200] „GET /wp-login.php HTTP/1.0“ 403 – „-“ „-“

–

MAIL NR. 8 TODAY!
google-cloud-compliance@google.com, network-abuse@google.com,ip.abuse@ril.com,ip.management@ril.com,abuse@virtualine.org
AS396982 – Google LLC – GOOGLE AGAIN AND AGAIN! VERY UNSECURE NETWORKS!!!
google-cloud-compliance@google.com
34.83.32.148 website*x.de – – [19/Jul/2025:06:57:45 +0200] „HEAD /wordpress HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.83.32.148 website*x.de – – [19/Jul/2025:06:57:45 +0200] „HEAD / HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.83.32.148 website*x.de – – [19/Jul/2025:06:57:45 +0200] „HEAD /wp HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.83.32.148 website*x.de – – [19/Jul/2025:06:57:46 +0200] „HEAD /bc HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.83.32.148 website*x.de – – [19/Jul/2025:06:57:46 +0200] „HEAD /bk HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.83.32.148 website*x.de – – [19/Jul/2025:06:57:46 +0200] „HEAD /backup HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.83.32.148 website*x.de – – [19/Jul/2025:06:57:46 +0200] „HEAD /old HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.83.32.148 website*x.de – – [19/Jul/2025:06:57:46 +0200] „HEAD /new HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.83.32.148 website*x.de – – [19/Jul/2025:06:57:46 +0200] „HEAD /main HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.83.32.148 website*x.de – – [19/Jul/2025:06:57:46 +0200] „HEAD /home HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
AS55836 – Reliance Jio Infocomm Limited – VERY IGNORAT PROVIDER! – WE HAS SEND SOME ABUSE-MAILS! – THIS NOT A GOOGLE-BOT, THIS IS A HACKER-IDIOT IN YOUR NETWORK!!!
ip.abuse@ril.com
2405:201:a016:c832:8973:56a:f8ed:851d website*x.de – – [19/Jul/2025:07:39:55 +0200] „GET / HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)“
2405:201:a016:c832:8973:56a:f8ed:851d website*x.de – – [19/Jul/2025:07:39:56 +0200] „GET / HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:104.0) Gecko/20100101 Firefox/104.0“
AS214940 – KPROHOST LLC – VERY IGNORANT PROVIDER – DAILY HACKING-ATTEMPTS – HE DOES NOTHING!!!
abuse@virtualine.org
198.55.98.91 website*x.de – – [19/Jul/2025:09:19:51 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Linux; Android 9; SAMSUNG SM-N950F Build/PPR1.180610.011) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/9.4 Chrome/67.0.3396.87 Mobile Safari/537.36“

–

MAIL NR. 9 TODAY!
abuse@ionos.com,qcloud_net_duty@tencent.com, abuse@ntup.net,abuse@microsoft.com, msftcs@microsoft.com, azsafety@microsoft.com
4 Provider!
AS8560 – IONOS SE – IONOS AGAIN AND AGAIN – STOP THIS NOW!!!
abuse@ionos.com
82.165.88.219 website*x.com – – [19/Jul/2025:09:37:49 +0200] „GET /wp-config.php_old HTTP/1.0“ 403 – „-“ „-“
82.165.88.219 website*x.com – – [19/Jul/2025:09:37:49 +0200] „GET /wp-config.php-old HTTP/1.0“ 403 – „-“ „-“
82.165.88.219 website*x.com – – [19/Jul/2025:09:37:49 +0200] „GET /wp-config.php~ HTTP/1.0“ 403 – „-“ „-“
82.165.88.219 website*x.com – – [19/Jul/2025:09:37:49 +0200] „GET /wp-config.php.backup HTTP/1.0“ 403 – „-“ „-“
AS132203 – Tencent Building, Kejizhongyi Avenue – TENCENT IS COMPLETE BLOCKED, COMPLETE UNWANTED! VERY IGNORANT, VERY UNSECURE!!!
qcloud_net_duty@tencent.com
43.156.172.59 website*x.com – – [19/Jul/2025:11:57:22 +0200] „GET /ss.php?f_c=1 HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36“
AS48693 – Rices Privately owned enterprise – AGAIN AND AGAIN! NO ANSWER, NO INFO! VERY IGNORANT AND VERY UNSECURE!!!
abuse@ntup.net
194.145.227.125 website*x.com – – [19/Jul/2025:12:07:22 +0200] „GET /wp-content/plugins/wp-business-intelligence-lite/resources/open-flash-chart/php-ofc-library/ofc_upload_image.php HTTP/1.0“ 403 – „-“ „ALittle Client“
AS8075 – Microsoft Corporation – ALSO COMPLETE BLOCKED, COMPLETE UNWANTED! VERY IGNORANT, VERY UNSECURE!!!
abuse@microsoft.com
4.196.96.212 website*x.com – – [19/Jul/2025:12:09:33 +0200] „GET //wp-content/plugins/fix/up.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36“

–

MAIL NR. 10 TODAY!
abuse@ipxo.com, abuse@contabo.de, noc@contabo.de, sascha.wintz@contabo.de,abuse@myloc.de, abuse@unifique.com.br
AS51167 – Contabo GmbH – CONTABO AGAIN AND AGAIN! NO ANSWER, NO INFO! VERY IGNORANT AND VERY UNSECURE!!!
abuse@contabo.de
167.86.74.247 website*x.com – – [19/Jul/2025:11:28:35 +0200] „GET /wp-login.php HTTP/1.0“ 403 – „https://t.co/“ „Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36“
167.86.74.247 website*x.com – – [19/Jul/2025:11:28:35 +0200] „GET /wp-login.php HTTP/1.0“ 403 – „https://wordpress.org/“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36“
167.86.74.247 website*x.com – – [19/Jul/2025:11:28:35 +0200] „GET /wp-admin/ HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Safari/605.1.15“
AS24961 – WIIT AG – NOW ALSO AGAIN AND AGAIN! – STOP THIS HACKER-IDIOTS IN YOUR NETWORKS NOW!!!
abuse@myloc.de
89.163.242.76 website*x.com – – [19/Jul/2025:18:09:29 +0200] „GET /export.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
AS28343 – UNIFIQUE TELECOMUNICACOES S/A – VERY IGNORANT! THERE IST COMING NO ANSWER ABOUT OUR MAILS!!!
abuse@unifique.com.br
2804:30c:1e72:4901:40b2:9f0a:c711:7f3a website*x.com – – [19/Jul/2025:22:22:16 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; x86) AppleWebKit/537.36 (KHTML, like Gecko) Edge/86.0.0.0 Safari/537.36“

–

MAIL NR. 11 TODAY!
abuse@ovh.net, abuse@ovh.us, abuse@ovh.ca,abuse@namecheaphosting.com,abuse@ipxo.com, abuse@contabo.de, noc@contabo.de, sascha.wintz@contabo.de
AS16276 – OVH SAS – OVH AGAIN AND AGAIN! OVH IS ALSO COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@ovh.net
145.239.10.137 website*x.com – – [19/Jul/2025:22:55:03 +0200] „GET /outscout.php HTTP/1.0“ 302 20 „http://website*x.com/outscout.php“ „Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1“
145.239.10.137 website*x.com – – [19/Jul/2025:22:55:03 +0200] „GET /libs.php HTTP/1.0“ 302 20 „http://website*x.com/libs.php“ „Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1“
AS22612 – Namecheap, Inc.
abuse@namecheaphosting.com
199.188.203.83 website*x.com – – [19/Jul/2025:23:18:29 +0200] „GET /.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64)“
199.188.203.83 website*x.com – – [19/Jul/2025:23:18:29 +0200] „GET /core/.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64)“
199.188.203.83 website*x.com – – [19/Jul/2025:23:18:29 +0200] „GET /laravel/.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64)“
AS51167 – Contabo GmbH – CONTABO AGAIN AND AGAIN! NO ANSWER, NO INFO! VERY IGNORANT AND VERY UNSECURE!!!
abuse@contabo.de
167.86.74.247 website*x.com – – [20/Jul/2025:01:22:25 +0200] „GET /wp-login.php HTTP/1.0“ 403 – „https://duckduckgo.com/“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1; rv:120.0) Gecko/20100101 Firefox/120.0“
167.86.74.247 website*x.com – – [20/Jul/2025:01:22:25 +0200] „GET /wp-login.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36“
167.86.74.247 website*x.com – – [20/Jul/2025:01:22:25 +0200] „GET /wp-admin/ HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:119.0) Gecko/20100101 Firefox/119.0“

–

MAIL NR. 12 TODAY!
abuse@ionos.com, abuse@fasthosts.co.uk, abuse@strato.de,abuse@ovh.net, abuse@ovh.us, abuse@ovh.ca
AS8560 – IONOS SE – IONOS AGAIN AND AGAIN! – VERY UNSECURE NETWORKS!
abuse@ionos.com
213.171.211.146 website*x.com – – [20/Jul/2025:06:31:35 +0200] „GET /wp-login.php HTTP/1.0“ 403 – „https://duckduckgo.com/“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:119.0) Gecko/20100101 Firefox/119.0“
213.171.211.146 website*x.com – – [20/Jul/2025:06:31:35 +0200] „GET /wp-login.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15“
213.171.211.146 website*x.com – – [20/Jul/2025:06:31:35 +0200] „GET /wp-admin/ HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36“
AS16276 – OVH SAS – NEXT ONE OVH! – AGAIN AND AGAIN! OVH IS ALSO COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@ovh.net,abuse@fasthosts.co.uk
51.89.3.212 website*x.com – – [20/Jul/2025:06:38:40 +0200] „GET /admin.php?520 HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36“
51.89.3.212 website*x.com – – [20/Jul/2025:06:38:40 +0200] „GET /about.php?520 HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36“
AS8560 – IONOS SE – IONOS AGAIN AND AGAIN! – VERY UNSECURE NETWORKS!
abuse@ionos.com,abuse@strato.de
85.215.154.81 website*x.com – – [20/Jul/2025:06:51:32 +0200] „GET /style.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
85.215.154.81 website*x.com – – [20/Jul/2025:06:51:46 +0200] „GET /style.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“

–

MAIL NR. 13 TODAY!
xlluan@bluewave-web.com.cn,klayliang@tencent.com,johnsonqu@tencent.com,abuse@ionos.com,abuse@sriwijayahost.co.id,admin@sriwijayahost.co.id
AS45090 – Shenzhen Tencent Computer Systems Company Limited – DAILY REFERRER-SPAM TO gbnadvisors.com! – NO ANSWER… NOTHING – HE DOES NOTHING ABOUT ABUSE-MAILS FROM US!!!
TENCENT IS ALSO COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
xlluan@bluewave-web.com.cn,klayliang@tencent.com
110.40.186.63 www.website*x.com – – [20/Jul/2025:02:58:47 +0200] „GET / HTTP/1.0“ 403 – „http://gbnadvisors.com“ „Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1“
AS8560 – IONOS SE – IONOS AGAIN AND AGAIN! – VERY UNSECURE NETWORKS!
abuse@ionos.com
85.215.154.81 website*x.com – – [20/Jul/2025:04:59:44 +0200] „GET /style.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
85.215.154.81 website*x.com – – [20/Jul/2025:04:59:58 +0200] „GET /style.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
AS58477 – Argon Data Communication
abuse@sriwijayahost.co.id,admin@sriwijayahost.co.id
157.66.56.52 website*x.com – – [20/Jul/2025:05:33:12 +0200] „GET /sftp-config.json HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0“
157.66.56.52 website*x.com – – [20/Jul/2025:05:33:12 +0200] „GET /.vscode/sftp.json HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0“

–

MAIL NR. 14 TODAY!
bucklog@proton.me,abuse@mbs763.kz,report@abuseradar.com,abuses@cyberzonehub.com,abuse@aoiot.ru
AS211590 – Bucklog SARL – VERY IGNORANT AND UNSECURE PROVIDER – DAILY THE SAME HACKING-ATTEMPTS! – NO ANSWER… NOTHING – HE DOES NOTHING ABOUT ABUSE-MAILS FROM US!!!
bucklog@proton.me
185.177.72.27 website*x.com – – [20/Jul/2025:02:34:39 +0200] „GET / HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.27 website*x.com – – [20/Jul/2025:02:34:40 +0200] „GET /phpinfo.php HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.27 website*x.com – – [20/Jul/2025:02:34:48 +0200] „GET /info.php HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.27 website*x.com – – [20/Jul/2025:02:34:56 +0200] „GET /phpinfo HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.27 website*x.com – – [20/Jul/2025:02:34:56 +0200] „GET /php_info.php HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.27 website*x.com – – [20/Jul/2025:02:35:05 +0200] „GET /test.php HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.27 website*x.com – – [20/Jul/2025:02:35:12 +0200] „GET /_profiler/phpinfo HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.27 website*x.com – – [20/Jul/2025:02:35:13 +0200] „GET /.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.27 website*x.com – – [20/Jul/2025:02:35:15 +0200] „GET /config/.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.27 website*x.com – – [20/Jul/2025:02:35:16 +0200] „GET /.env.production HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.27 website*x.com – – [20/Jul/2025:02:35:17 +0200] „GET /.env.local HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.27 website*x.com – – [20/Jul/2025:02:35:19 +0200] „GET /api/shared/config/config.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.27 website*x.com – – [20/Jul/2025:02:35:20 +0200] „GET /api/.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.27 website*x.com – – [20/Jul/2025:02:35:21 +0200] „GET / HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.27 website*x.com – – [20/Jul/2025:02:35:22 +0200] „GET /register/ HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.27 website*x.com – – [20/Jul/2025:02:35:24 +0200] „GET /contact/ HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.27 website*x.com – – [20/Jul/2025:02:35:25 +0200] „GET /.AWS_/credentials HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.27 website*x.com – – [20/Jul/2025:02:35:27 +0200] „GET /karma.conf.json HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.27 website*x.com – – [20/Jul/2025:02:35:28 +0200] „GET /index.php HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.27 website*x.com – – [20/Jul/2025:02:35:37 +0200] „GET /.aws/credentials HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
AS209854 – Cyberzone S.A. – THIS NETWORK IS ALSO COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@mbs763.kz
report@abuseradar.com – IGNORE OUR ABUSE-MAILS! – THAT IS NOT SERIOUS!!!
212.116.231.23 website*x.com – – [20/Jul/2025:03:58:06 +0200] „POST /xmlrpc.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
AS29182 – JSC IOT – VERY UNWANTED! – COMPLETE BLOCKED – ALSO RUSSIA IS VERY UNWANTED AND COMPLETE BLOCKED!!!
abuse@aoiot.ru
91.228.225.143 website*x.com – – [20/Jul/2025:06:38:13 +0200] „GET /wp-content/plugins/customer-reviews-woocommerce/js/form.js HTTP/1.0“ 403 – „https://www.google.com/“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36“

–

MAIL NR. 15 TODAY!
abuse@ionos.com,abuse@cheapy.host,abuse@ipxo.com, abuse@contabo.de, noc@contabo.de, sascha.wintz@contabo.de
4 PROVIDER
AS8560 – IONOS SE – IONOS AGAIN AND AGAIN! – VERY UNSECURE NETWORKS!
abuse@ionos.com
109.228.53.70 website*x.com – – [19/Jul/2025:13:51:16 +0200] „GET /wp-login.php HTTP/1.0“ 403 – „https://wordpress.org/“ „Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0“
109.228.53.70 website*x.com – – [19/Jul/2025:13:51:16 +0200] „GET /wp-login.php HTTP/1.0“ 403 – „https://www.facebook.com/“ „Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36“
109.228.53.70 website*x.com – – [19/Jul/2025:13:51:16 +0200] „GET /wp-admin/ HTTP/1.0“ 403 – „https://wordpress.org/“ „Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0“
+
109.228.53.70 website*x.com – – [20/Jul/2025:10:34:49 +0200] „GET /wp-login.php HTTP/1.0“ 403 – „https://wordpress.org/“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36“
109.228.53.70 website*x.com – – [20/Jul/2025:10:34:49 +0200] „GET /wp-admin/ HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36“
AS401120 – cheapy.host LLC – DAILY THE SAME HACKING-ATTEMPTS! – NO ANSWER… NOTHING – HE DOES NOTHING ABOUT ABUSE-MAILS FROM US!!!
abuse@cheapy.host
196.251.85.8 website*x.com – – [20/Jul/2025:02:36:27 +0200] „GET /wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
196.251.85.8 website*x.com – – [20/Jul/2025:02:36:37 +0200] „GET /wp-content/plugins/cherry-plugin/admin/import-export/download-content.php?file=../../../../../wp-config.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
196.251.85.8 website*x.com – – [20/Jul/2025:02:36:37 +0200] „GET /wp-config.php.orig HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
196.251.85.8 website*x.com – – [20/Jul/2025:02:36:37 +0200] „GET /wp-config.backup HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
196.251.85.8 website*x.com – – [20/Jul/2025:02:36:37 +0200] „GET /wp-admin/admin-ajax.php?action=ai1wm_export HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
196.251.85.8 website*x.com – – [20/Jul/2025:02:36:47 +0200] „GET /wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
196.251.85.8 website*x.com – – [20/Jul/2025:02:36:57 +0200] „GET /wp-config.txt HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
196.251.85.8 website*x.com – – [20/Jul/2025:02:36:58 +0200] „GET /wp-config.php.bak HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
196.251.85.8 website*x.com – – [20/Jul/2025:02:36:58 +0200] „GET /wp-config.php HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
196.251.85.8 website*x.com – – [20/Jul/2025:02:37:08 +0200] „GET /wp-config.php.old HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
196.251.85.8 website*x.com – – [20/Jul/2025:02:37:08 +0200] „GET /wp-config.php.save HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
196.251.85.8 website*x.com – – [20/Jul/2025:02:37:08 +0200] „GET /wp-config.bak HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
196.251.85.8 website*x.com – – [20/Jul/2025:02:37:08 +0200] „GET /wp-config.old HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
AS51167 – Contabo GmbH – CONTABO AGAIN AND AGAIN! NO ANSWER, NO INFO! VERY IGNORANT AND VERY UNSECURE!!!
abuse@contabo.de
167.86.74.247 website*x.com – – [20/Jul/2025:07:12:45 +0200] „GET /wp-login.php HTTP/1.0“ 403 – „https://www.google.com/“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36“
167.86.74.247 website*x.com – – [20/Jul/2025:07:12:45 +0200] „GET /wp-login.php HTTP/1.0“ 403 – „https://wordpress.org/“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36“
167.86.74.247 website*x.com – – [20/Jul/2025:07:12:46 +0200] „GET /wp-admin/ HTTP/1.0“ 403 – „https://duckduckgo.com/“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36“

–

MAIL NR. 16 TODAY!
abuse@ovh.net, abuse@ovh.us, abuse@ovh.ca,abuse@fasthosts.co.uk,abuse@all-inkl.com
AS16276 – OVH SAS – OVH AGAIN AND AGAIN! OVH IS ALSO COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@ovh.net
51.89.3.212 www.website*x.de – – [19/Jul/2025:11:08:41 +0200] „GET /blog-verify HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36“
51.89.3.212 www.website*x.de – – [19/Jul/2025:11:08:41 +0200] „GET /images/images/cache.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36“
AS34788 – Neue Medien Muennich GmbH
abuse@all-inkl.com
85.13.163.146 www.website*x.de – – [20/Jul/2025:05:25:38 +0200] „GET /wp-login.php HTTP/1.0“ 302 – „“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0“
AS16276 – OVH SAS – NEXT ONE OVH! – AGAIN AND AGAIN! OVH IS ALSO COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@ovh.net,abuse@fasthosts.co.uk
51.89.3.212 www.website*x.de – – [20/Jul/2025:09:27:21 +0200] „GET /about.php?520 HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36“
51.89.3.212 www.website*x.de – – [20/Jul/2025:09:27:21 +0200] „GET /admin.php?520 HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36“

–

MAIL NR. 17 TODAY!
abuse@snthostings.com,abuse@microsoft.com, msftcs@microsoft.com, azsafety@microsoft.com,ripe@bkm.uz,abuse@aoiot.ru,abuse.irt@ptcl.net,csirt@ptcl.net
4 PROVIDER
AS140947 – SnTHostings – THIS PROVIDER IS NOW ALSO COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@snthostings.com
103.153.183.1 website*x.de – – [19/Jul/2025:04:23:09 +0200] „GET /wp-content/themes/travelscape/json.php HTTP/1.0“ 403 – „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
103.153.183.1 website*x.de – – [19/Jul/2025:04:23:11 +0200] „GET /wp-content/themes/aahana/json.php HTTP/1.0“ 403 – „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
103.153.183.1 website*x.de – – [19/Jul/2025:04:23:12 +0200] „GET /wp-content/themes/travel/issue.php HTTP/1.0“ 403 – „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
103.153.183.1 website*x.de – – [19/Jul/2025:04:23:14 +0200] „GET /about.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
AS8075 – Microsoft Corporation – MICROSOFT ALSO AGAIN AND AGAIN! VERY UNSECURE!!! YOU ONLINE-FORM IS A NOGO!!!
abuse@microsoft.com
172.207.130.126 website*x.de – – [19/Jul/2025:11:26:47 +0200] „GET /wp-login.php HTTP/1.0“ 403 – „-“ „-“
AS8193 – „Uzbektelekom“ Joint Stock Company – VERY IGNORANT PROVIDER! NO ANSWER… NOTHING! – IS COMLETE UNWANTED AND COMPLETE BLOCKED!
ALSO RUSSIA IST COMPLETE UNWANTED! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
ripe@bkm.uz,abuse@aoiot.ru
84.54.71.39 website*x.de – – [20/Jul/2025:08:16:37 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
AS17557 – Pakistan Telecommunication Company Limited – IS ALSO NOW COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse.irt@ptcl.net,csirt@ptcl.net
119.152.4.210 website*x.de – – [20/Jul/2025:08:16:37 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Linux; Android 10; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/76.0.0.0 Safari/537.36“

–

MAIL NR. 18 TODAY!
google-cloud-compliance@google.com, network-abuse@google.com,abuse@cloudflare.com,abuse@microsoft.com, msftcs@microsoft.com, azsafety@microsoft.com
AS396982 – Google LLC – WE HAS SEND THIS AGAIN AND AGAIN!!! – VERY UNSECURE NETWORKS!!!
34.168.103.200 website*x.com – – [21/Jul/2025:01:35:56 +0200] „HEAD /wordpress HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.168.103.200 website*x.com – – [21/Jul/2025:01:35:56 +0200] „HEAD / HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.168.103.200 website*x.com – – [21/Jul/2025:01:35:57 +0200] „HEAD /wp HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.168.103.200 website*x.com – – [21/Jul/2025:01:35:57 +0200] „HEAD /bc HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.168.103.200 website*x.com – – [21/Jul/2025:01:35:57 +0200] „HEAD /bk HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.168.103.200 website*x.com – – [21/Jul/2025:01:35:57 +0200] „HEAD /backup HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.168.103.200 website*x.com – – [21/Jul/2025:01:35:57 +0200] „HEAD /old HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.168.103.200 website*x.com – – [21/Jul/2025:01:35:57 +0200] „HEAD /new HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.168.103.200 website*x.com – – [21/Jul/2025:01:35:57 +0200] „HEAD /main HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
34.168.103.200 website*x.com – – [21/Jul/2025:01:35:58 +0200] „HEAD /home HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36“
AS13335 – Cloudflare, Inc.
abuse@cloudflare.com
2a09:bac5:50c8:432::6b:6a website*x.com – – [21/Jul/2025:03:42:21 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
AS8075 – Microsoft Corporation – MICROSOFT ALSO AGAIN AND AGAIN! VERY UNSECURE!!!
abuse@microsoft.com
52.164.221.236 website*x.com – – [21/Jul/2025:03:57:01 +0200] „GET /admin.php HTTP/1.0“ 302 – „-“ „-“
52.164.221.236 website*x.com – – [21/Jul/2025:03:57:02 +0200] „GET /lock360.php HTTP/1.0“ 302 – „-“ „-“
52.164.221.236 website*x.com – – [21/Jul/2025:03:57:02 +0200] „GET /classwithtostring.php HTTP/1.0“ 302 – „-“ „-“
52.164.221.236 website*x.com – – [21/Jul/2025:03:57:03 +0200] „GET /flower.php HTTP/1.0“ 302 – „-“ „-“
52.164.221.236 website*x.com – – [21/Jul/2025:03:57:03 +0200] „GET /link.php HTTP/1.0“ 302 – „-“ „-“
52.164.221.236 website*x.com – – [21/Jul/2025:03:57:03 +0200] „GET /wp-fmfile.php HTTP/1.0“ 302 – „-“ „-“
52.164.221.236 website*x.com – – [21/Jul/2025:03:57:03 +0200] „GET /wi.php HTTP/1.0“ 302 – „-“ „-“
52.164.221.236 website*x.com – – [21/Jul/2025:03:57:03 +0200] „GET /function.php HTTP/1.0“ 302 – „-“ „-“
52.164.221.236 website*x.com – – [21/Jul/2025:03:57:03 +0200] „GET /autoload_classmap.php HTTP/1.0“ 302 – „-“ „-“
52.164.221.236 website*x.com – – [21/Jul/2025:03:57:04 +0200] „GET /wp-includes/about.php HTTP/1.0“ 403 – „-“ „-“
52.164.221.236 website*x.com – – [21/Jul/2025:03:57:04 +0200] „GET /.well-known/classwithtostring.php HTTP/1.0“ 403 – „-“ „-“
52.164.221.236 website*x.com – – [21/Jul/2025:03:57:04 +0200] „GET /admin/controller/extension/extension/ultra.php HTTP/1.0“ 403 – „-“ „-“
52.164.221.236 website*x.com – – [21/Jul/2025:03:57:04 +0200] „GET /wp-content/ HTTP/1.0“ 403 – „-“ „-“
52.164.221.236 website*x.com – – [21/Jul/2025:03:57:04 +0200] „GET /403.php HTTP/1.0“ 302 – „-“ „-“
52.164.221.236 website*x.com – – [21/Jul/2025:03:57:04 +0200] „GET /13.php HTTP/1.0“ 302 – „-“ „-“
52.164.221.236 website*x.com – – [21/Jul/2025:03:57:04 +0200] „GET /wp-content.php.php HTTP/1.0“ 302 – „-“ „-“
… and so on… VERY UNSECURE!!!

–

MAIL NR. 19 TODAY!
abuse@as210558.net,abuse@nothingtohide.nl
2 PROVIDERS
AS23470 – ReliableSite.Net LLC – VERY IGNORANT PROVIDER! – NO ANSWER ABOUT MAILS… NOTHING!!! COMPLETE BLOCKED!
abuse@as210558.net
45.88.186.92 www.website*x.com – – [21/Jul/2025:04:52:39 +0200] „GET /.git/config HTTP/1.0“ 403 – „https://website*x.com/.git/config“ „Go-http-client/1.1“
AS1101 – IP-EEND BV – TOR-EXIT S H I T IS VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@nothingtohide.nl
192.42.116.215 www.website*x.com – – [21/Jul/2025:04:52:40 +0200] „GET /.git/config HTTP/1.0“ 403 – „http://website*x.com/.git/config“ „Go-http-client/1.1“
+
192.42.116.196 www.website*x.com – – [21/Jul/2025:04:52:47 +0200] „GET /.DS_Store HTTP/1.0“ 403 – „https://website*x.com/.DS_Store“ „Go-http-client/1.1“
AS210558 – 1337 Services GmbH – TOR-EXIT S H I T IS VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@as210558.net
124.198.132.52 www.website*x.com – – [21/Jul/2025:04:52:42 +0200] „GET /.DS_Store HTTP/1.0“ 403 – „https://website*x.com/.DS_Store“ „Go-http-client/1.1“

–

MAIL NR. 20 TODAY!
bucklog@proton.me,abuse@ntup.net,abuse@virtualine.org
AS211590 – Bucklog SARL – VERY IGNORANT AND UNSECURE PROVIDER – DAILY THE SAME HACKING-ATTEMPTS! – NO ANSWER… NOTHING – HE DOES NOTHING ABOUT ABUSE-MAILS FROM US!!!
bucklog@proton.me
185.177.72.38 website*x.com – – [21/Jul/2025:02:51:40 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Linux; Android 5.1.1; Coolpad 3622A Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.83 Mobile Safari/537.36“
AS48693 – Rices Privately owned enterprise – VERY IGNORANT! – VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@ntup.net
194.145.227.125 website*x.com – – [21/Jul/2025:03:16:52 +0200] „GET /joobi/inc/openflashchart/php-ofc-library/ofc_upload_image.php HTTP/1.0“ 403 – „-“ „ALittle Client“
AS214940 – KPROHOST LLC – VERY IGNORANT AND UNSECURE PROVIDER – DAILY THE SAME HACKING-ATTEMPTS! – NO ANSWER… NOTHING – HE DOES NOTHING ABOUT ABUSE-MAILS FROM US!!!
abuse@virtualine.org
198.55.98.182 website*x.com – – [21/Jul/2025:07:27:57 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (SymbianOS/9.4; Series60/5.0 NokiaN97-1/10.0.012; Profile/MIDP-2.1 Configuration/CLDC-1.1; en-us) AppleWebKit/525 (KHTML, like Gecko) WicKed/7.1.12344“

–

MAIL NR. 21 TODAY!
info@smartlink-isp.com,admin@frantech.ca,fdias@frantech.ca,abuse@ovh.net, abuse@ovh.us, abuse@ovh.ca
AS210413 – Smart Link Company for Internet Service, special company and limited – IRAQ IS COMPETE BLOCKED – TO IGNORANT, NO ANSWER!
info@smartlink-isp.com
45.157.54.21 website*x.com – – [21/Jul/2025:06:35:00 +0200] „GET /files.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36“
AS53667 – FranTech Solutions – NEXT ONE!!! STOP THIS NOW! – ANSWER ABOUT OUR ABUSE-MAILS!
admin@frantech.ca,fdias@frantech.ca
209.141.47.37 website*x.com – – [21/Jul/2025:07:40:23 +0200] „POST /wp-json/sure-triggers/v1/automation/action HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36“
209.141.47.37 website*x.com – – [21/Jul/2025:07:40:30 +0200] „GET / HTTP/1.0“ 403 – „http://www.google.com.hk“ „Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36“
AS16276 – OVH SAS – OVH ALSO AGAIN AND AGAIN EVERY DAY!!!
abuse@ovh.net
145.239.10.137 website*x.com – – [21/Jul/2025:09:08:11 +0200] „GET /static2.php HTTP/1.0“ 302 20 „http://website*x.com/static2.php“ „Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1“

–

MAIL NR. 22 TODAY!
abuse@ntup.net,qcloud_net_duty@tencent.com,abuse@microsoft.com, msftcs@microsoft.com, azsafety@microsoft.com
AS48693 – Rices Privately owned enterprise – VERY IGNORANT! – VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
abuse@ntup.net
194.145.227.125 website*x.com – – [21/Jul/2025:02:28:08 +0200] „GET /joobi/inc/openflashchart/php-ofc-library/ofc_upload_image.php HTTP/1.0“ 403 – „-“ „ALittle Client“
AS132203 – Tencent Building, Kejizhongyi Avenue – DAILY REFERRER-SPAM – VERY IGNORANT! – VERY UNSECURE! – COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!
qcloud_net_duty@tencent.com
43.130.102.223 www.website*x.com – – [21/Jul/2025:02:37:47 +0200] „GET / HTTP/1.0“ 403 – „http://gbnadvisors.com“ „Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1“
AS8075 – Microsoft Corporation – MICROSOFT ALSO AGAIN AND AGAIN! VERY UNSECURE!!!
abuse@microsoft.com
68.218.88.48 website*x.com – – [21/Jul/2025:04:04:21 +0200] „GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.0“ 403 – „-“ „-“
68.218.88.48 website*x.com – – [21/Jul/2025:04:04:21 +0200] „GET /wp-includes/Text/network.php HTTP/1.0“ 403 – „-“ „-“
68.218.88.48 website*x.com – – [21/Jul/2025:04:04:21 +0200] „GET /wp-content/upgrade-temp-backup/wp-login.php HTTP/1.0“ 403 – „-“ „-“
68.218.88.48 website*x.com – – [21/Jul/2025:04:04:22 +0200] „GET /js/fm.php HTTP/1.0“ 403 – „-“ „-“
68.218.88.48 website*x.com – – [21/Jul/2025:04:04:22 +0200] „GET /wp-content/themes/astra/inc/ki1k.php HTTP/1.0“ 403 – „-“ „-“
68.218.88.48 website*x.com – – [21/Jul/2025:04:04:22 +0200] „GET /WordPress/wp-admin/includes/zmFM.php HTTP/1.0“ 403 – „-“ „-“
68.218.88.48 website*x.com – – [21/Jul/2025:04:04:22 +0200] „GET /default.php HTTP/1.0“ 302 – „-“ „-“
+ DAILY REFERRER-SPAM TO THIS DUBIOUS WEBSITE AND MICROSOFT DOES NOTHING ABOUT THIS!!!
20.193.136.32 website*x.com – – [21/Jul/2025:04:28:55 +0200] „GET /wp-admin/css/ HTTP/1.0“ 403 – „binance.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36“

–

MAIL NR. 23 TODAY!
abuse@m247.ro,abuse@ipxo.com, abuse@contabo.de, noc@contabo.de, sascha.wintz@contabo.de
AS9009 – M247 Europe SRL
abuse@m247.ro
130.195.241.7 website*x.com – – [21/Jul/2025:02:06:12 +0200] „GET /xmlrpc.php?rsd HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
130.195.241.7 website*x.com – – [21/Jul/2025:02:06:12 +0200] „GET /blog/wp-includes/wlwmanifest.xml HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
130.195.241.7 website*x.com – – [21/Jul/2025:02:06:12 +0200] „GET /web/wp-includes/wlwmanifest.xml HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
130.195.241.7 website*x.com – – [21/Jul/2025:02:06:13 +0200] „GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
130.195.241.7 website*x.com – – [21/Jul/2025:02:06:14 +0200] „GET /wp/wp-includes/wlwmanifest.xml HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
130.195.241.7 website*x.com – – [21/Jul/2025:02:06:14 +0200] „GET /2020/wp-includes/wlwmanifest.xml HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
130.195.241.7 website*x.com – – [21/Jul/2025:02:06:15 +0200] „GET /2019/wp-includes/wlwmanifest.xml HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
130.195.241.7 website*x.com – – [21/Jul/2025:02:06:15 +0200] „GET /2021/wp-includes/wlwmanifest.xml HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
130.195.241.7 website*x.com – – [21/Jul/2025:02:06:16 +0200] „GET /shop/wp-includes/wlwmanifest.xml HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
130.195.241.7 website*x.com – – [21/Jul/2025:02:06:16 +0200] „GET /wp1/wp-includes/wlwmanifest.xml HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
130.195.241.7 website*x.com – – [21/Jul/2025:02:06:17 +0200] „GET /test/wp-includes/wlwmanifest.xml HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
130.195.241.7 website*x.com – – [21/Jul/2025:02:06:18 +0200] „GET /site/wp-includes/wlwmanifest.xml HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
130.195.241.7 website*x.com – – [21/Jul/2025:02:06:18 +0200] „GET /cms/wp-includes/wlwmanifest.xml HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
+
AS9009 – M247 Europe SRL – STOP THIS REFERRER-SPAM NOW!!!
abuse@m247.ro
141.98.103.162 website*x.com – – [21/Jul/2025:10:13:00 +0200] „GET / HTTP/1.0“ 403 – „https://ithouse.pro/“ „Mozilla/4.0 (compatible; MSIE 6.0; Windows NT) ::ELNSB50::000061100320025802a00111000000000507000900000000“
141.98.103.162 website*x.com – – [21/Jul/2025:10:13:00 +0200] „GET / HTTP/1.0“ 403 – „https://ithouse.pro/“ „Mozilla/4.0 (compatible; MSIE 6.0; Windows NT) ::ELNSB50::000061100320025802a00111000000000507000900000000“
141.98.103.162 website*x.com – – [21/Jul/2025:10:13:00 +0200] „GET / HTTP/1.0“ 403 – „https://ithouse.pro/“ „Mozilla/4.0 (compatible; MSIE 6.0; Windows NT) ::ELNSB50::000061100320025802a00111000000000507000900000000“
AS51167 – Contabo GmbH – CONTABO AGAIN AND AGAIN! NO ANSWER, NO INFO! VERY IGNORANT AND VERY UNSECURE!!!
abuse@contabo.de
167.86.74.247 website*x.com – – [21/Jul/2025:06:32:56 +0200] „GET /wp-login.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36“
167.86.74.247 website*x.com – – [21/Jul/2025:06:32:56 +0200] „GET /wp-admin/ HTTP/1.0“ 403 – „https://t.co/“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15“

–

MAIL NR. 24 TODAY!
abuse-team@tier.net,netops@tier.net,admin@frantech.ca,abuse.de@telefonica.com
AS53667 – FranTech Solutions – AGAIN AND AGAIN – STOP THIS HACKER-IDIOTS IN YOUR NETWORKS NOW!!!
admin@frantech.ca
45.61.184.222 website*x.com – – [21/Jul/2025:10:58:48 +0200] „POST /wp-json/sure-triggers/v1/automation/action HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36“
AS6805 – Telefonica Germany GmbH & Co.OHG AGAIN AND AGAIN – STOP THIS HACKER-IDIOTS IN YOUR NETWORKS NOW!!!
abuse.de@telefonica.com
92.226.2.70 website*x.com – – [21/Jul/2025:12:07:24 +0200] „GET /static2.php HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36“
AS397423 – Tier.Net Technologies LLC
abuse-team@tier.net
147.124.195.73 website*x.com – – [21/Jul/2025:13:39:34 +0200] „GET /.well-known/ HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36“
147.124.195.73 website*x.com – – [21/Jul/2025:13:39:34 +0200] „GET /.well-known/pki-validation/ HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36“
147.124.195.73 website*x.com – – [21/Jul/2025:13:39:34 +0200] „GET /.well-known/acme-challenge/ HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36“
147.124.195.73 website*x.com – – [21/Jul/2025:13:39:34 +0200] „GET /vendor/phpunit/phpunit/src/Util/PHP/ HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36“
147.124.195.73 website*x.com – – [21/Jul/2025:13:39:35 +0200] „GET /wp-content/uploads/ HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36“
147.124.195.73 website*x.com – – [21/Jul/2025:13:39:35 +0200] „GET /wp-content/themes/tflow/ HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0“
147.124.195.73 website*x.com – – [21/Jul/2025:13:39:35 +0200] „GET /wp-admin/ HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95“
147.124.195.73 website*x.com – – [21/Jul/2025:13:39:35 +0200] „GET /wordpress/wp-admin/includes HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36“
147.124.195.73 website*x.com – – [21/Jul/2025:13:39:35 +0200] „GET /wp-admin/js/ HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36“
147.124.195.73 website*x.com – – [21/Jul/2025:13:39:36 +0200] „GET /ALFA_DATA/ HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36“
… and so on…!

–

MAIL NR. 25 TODAY!
abuse@as210558.net,abuse@2cloud.eu
AS210558 – 1337 Services GmbH – VERY IGNORANT AND UNSECURE PROVIDER – DAILY THE SAME HACKING-ATTEMPTS! – NO ANSWER!
abuse@as210558.net
45.141.215.30 website*x.de – – [19/Jul/2025:11:43:22 +0200] „GET /wp-admin/install.php?step=1 HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/7.0.3 Safari/7046A194A“
AS39845 – 2 Cloud Ltd. – HERE WITH REFERRER-SPAM TO schott-autoteile.eu!!!
abuse@2cloud.eu
185.176.220.76 website*x.de – – [19/Jul/2025:12:41:28 +0200] „GET / HTTP/1.0“ 403 – „http://schott-autoteile.eu“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36“

–

MAIL NR. 26 TODAY!
abuse@iana.org,abuse@ntup.net,abuse@chinamobile.com
IANA – Internet Assigned Numbers Authority
abuse@iana.org
2002:9df5:9f75::9df5:9f75 website*x.com – – [21/Jul/2025:15:15:46 +0200] „GET /wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „python-requests/2.27.1“
2002:9df5:9f75::9df5:9f75 website*x.com – – [21/Jul/2025:15:16:05 +0200] „GET /administrator/index.php HTTP/1.0“ 403 – „-“ „python-requests/2.27.1“
2002:9df5:9f75::9df5:9f75 website*x.com – – [21/Jul/2025:15:16:15 +0200] „GET /view-source: HTTP/1.0“ 403 – „-“ „python-requests/2.27.1“
2002:9df5:9f75::9df5:9f75 website*x.com – – [21/Jul/2025:15:16:34 +0200] „GET /misc/ajax.js HTTP/1.0“ 403 – „-“ „python-requests/2.27.1“
AS48693 – Rices Privately owned enterprise – VERY IGNORANT – VERY UNSECURE – NO ANSWER ABOUT ABUSE-MAILS SINCE MONTHS!
abuse@ntup.net
194.145.227.125 website*x.com – – [21/Jul/2025:13:07:51 +0200] „GET /joobi/inc/openflashchart/php-ofc-library/ofc_upload_image.php HTTP/1.0“ 403 – „-“ „ALittle Client“
AS9808 – China Mobile – CHINA IS VERY UNWANTED AND COMPLETE BLOCKED WITH OUR SECURITY-TOOL AT MANY WEBSITES!!!
STUPID REFERRER-SPAM HERE!
abuse@chinamobile.com
2409:8a34:407f:7d20:a00:27ff:fe40:545a website*x.com – – [21/Jul/2025:13:53:44 +0200] „GET / HTTP/1.0“ 403 – „http://www.encmbtia.online/“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36“

–

MAIL NR. 27 TODAY!
abuse@nl.leaseweb.com,abuse@iana.org,google-cloud-compliance@google.com, network-abuse@google.com
AS60781 – LeaseWeb Netherlands B.V.
abuse@nl.leaseweb.com
95.168.173.5 website*x.de – – [21/Jul/2025:08:38:21 +0200] „GET /pinfo.php HTTP/1.0“ 302 20 „-“ „python-requests/2.32.4“
95.168.173.5 website*x.de – – [21/Jul/2025:08:38:21 +0200] „GET /info.php HTTP/1.0“ 302 20 „-“ „python-requests/2.32.4“
95.168.173.5 website*x.de – – [21/Jul/2025:08:38:21 +0200] „GET /test.php HTTP/1.0“ 302 20 „-“ „python-requests/2.32.4“
95.168.173.5 website*x.de – – [21/Jul/2025:08:38:21 +0200] „GET /phpinfo.php HTTP/1.0“ 302 20 „-“ „python-requests/2.32.4“
IANA – Internet Assigned Numbers Authority
abuse@iana.org
2002:9df5:9f75::9df5:9f75 website*x.de – – [21/Jul/2025:14:49:08 +0200] „GET /administrator/index.php HTTP/1.0“ 403 – „-“ „python-requests/2.27.1“
2002:9df5:9f75::9df5:9f75 website*x.de – – [21/Jul/2025:14:49:23 +0200] „GET /view-source: HTTP/1.0“ 403 – „-“ „python-requests/2.27.1“
2002:9df5:9f75::9df5:9f75 website*x.de – – [21/Jul/2025:14:49:43 +0200] „GET /misc/ajax.js HTTP/1.0“ 403 – „-“ „python-requests/2.27.1“
AS396982 – Google LLC – ALSO GOOGLE AGAIN AND AGAIN! VERY UNSECURE NETWORKS!!!
google-cloud-compliance@google.com
34.169.112.254 website*x.de – – [21/Jul/2025:15:41:32 +0200] „GET /media/system/js/core.js HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36“
34.169.112.254 website*x.de – – [21/Jul/2025:15:41:32 +0200] „GET /wp-includes/js/jquery/jquery.js HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36“

Nach all diesen Meldungen sind die Hacking-Versuche massiv zurückgegangen, haha! Die Hacker-Idioten sollten sich so langsam ganz genau überlegen, was sie tun und es am besten GANZ LASSEN!

Ansonsten haben diese oft sehr dummen SCRIPT-KIDDIES bald kaum noch SPIELZEUG!

Protokoll vom 14.07.25 bis heute Mittag!

Protokoll vom Wochenende ist weiter unten!

Wir werden diesen Hacker-Idioten und absolut dummen Script-Kiddies vom Wochenende IHR SPIELZEUG nach und nach wegnehmen!

Bis heute Mittag sind nochmal über 10 Abuse-Mails raus! Immer an 2 bis 4 Empfänger gleichzeitig. Haha, so sieht auch die Konkurrenz, wie UNSICHER die WEBSPACES, SERVER und NETZWERKE der Konkurrenz ist!

Hier die Liste der Abuse-Meldungen von heute Morgen:

hostmaster@nic.ad.jp – VERY IGNORANT PROVIDER – NO ANSWER, NO INFO!
160.251.96.90 website*x.com – – [14/Jul/2025:10:24:56 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@digitalocean.com – HERE WITH 2 IP´S!
165.227.84.186 website*x.com – – [14/Jul/2025:11:30:03 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
68.183.106.79 website*x.com – – [14/Jul/2025:11:51:47 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

info@smartlink-isp.com – VERY IGNORANT PROVIDER – NO ANSWER, NO INFO!
45.157.54.24 www.website*x.de – – [14/Jul/2025:10:30:30 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36“
45.157.54.24 www.website*x.de – – [14/Jul/2025:11:10:44 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36“

abuse@myloc.de
89.163.242.76 website*x.com – – [14/Jul/2025:10:08:13 +0200] „GET /gdftps.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“

anush@advinservers.com
2602:fb54:cc2:: website*x.com – – [14/Jul/2025:10:12:51 +0200] „GET /ioxi-o.php HTTP/1.0“ 302 20 „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“

abuse@contabo.de
81.0.219.251 website*x.com – – [14/Jul/2025:08:49:40 +0200] „POST /xmlrpc.php HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@ovh.net
2001:41d0:203:b338:: website*x.com – – [14/Jul/2025:10:32:43 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@digitalocean.com – HERE WITH 2 IP´S!
2a03:b0c0:1:e0::550:4001 website*x.com – – [14/Jul/2025:10:59:22 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
+
167.71.222.191 website*x.com – – [14/Jul/2025:09:13:22 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@vmbox.cloud
185.153.199.135 website*x.com – – [14/Jul/2025:10:42:52 +0200] „GET /js/elfinder/php/connector.php HTTP/1.0“ 403 – „-“ „ALittle Client“

abuse@proximus.com
2a02:a03f:e5bc:ba00:a5b8:4875:184e:e4c3 website*x.com – – [14/Jul/2025:10:59:26 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“

abuse@kusuma.net.id
103.42.117.165 website*x.com – – [14/Jul/2025:11:22:10 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@amazonaws.com
2600:1f16:49a:9100:e737:8dcf:4962:9c0c website*x.com – – [14/Jul/2025:12:03:29 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@ovh.net
2001:41d0:336:ce00:: website*x.com – – [14/Jul/2025:07:14:56 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

support@appletec.ru – RUSSIA IS COMPLETE UNWANTED AND COMPLETE BLOCKED!
193.164.17.45 website*x.com – – [14/Jul/2025:08:04:28 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@digitalocean.com
157.245.131.229 website*x.com – – [14/Jul/2025:08:42:52 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@horizoniq.com
173.236.127.48 website*x.com – – [14/Jul/2025:09:40:21 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@namecheaphosting.com
159.198.79.246 website*x.com – – [14/Jul/2025:07:20:21 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

domain-abuse@dreamhost.com
75.119.221.53 website*x.com – – [14/Jul/2025:07:40:44 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

tencent_idc@tencent.com – TENCENT IS COMPLETE UNWANTED AND COMPLETE BLOCKED!
45.40.241.160 website*x.com – – [14/Jul/2025:08:23:45 +0200] „GET /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249 Safari/537.36“

isabel.paz@tigo.com.hn
190.242.26.213 website*x.com – – [14/Jul/2025:08:25:19 +0200] „GET /xmlrpc.php?rsd HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36“

info@smartlink-isp.com
45.157.54.24 website*x.com – – [14/Jul/2025:07:41:40 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36“
45.157.54.24 website*x.com – – [14/Jul/2025:07:41:40 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36“

abuse@ovh.net – HERE WITH 2 IP´S!!!
92.222.181.205 website*x.com – – [14/Jul/2025:08:39:30 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
+
51.254.199.77 website*x.com – – [14/Jul/2025:10:20:56 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@vialis.net
85.95.216.149 website*x.com – – [14/Jul/2025:09:33:26 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

Protokoll ab 11.07.25 + Wochenende!

Wir werden diesen Hacker-Idioten und absolut dummen Script-Kiddies vom Wochenende IHR SPIELZEUG nach und nach wegnehmen!

Heute Morgen sind 42 Abuse-Mails raus! Immer an 2 bis 4 Empfänger gleichzeitig. Haha, so sieht auch die Konkurrenz, wie UNSICHER die WEBSPACES, SERVER und NETZWERKE der Konkurrenz ist!

Einige auch mit ZUSATZBEMERKUNG, wenn der Provider sehr IGNORANT oder sehr UNSICHER ist!

Hier die Liste, was heute morgen per ABUSE-MAIL raus ist, ein ABSATZ war immer eine Email an mehrere PROVIDER:

abuse@bell.ca
70.50.107.99 website*1.com – – [11/Jul/2025:15:28:55 +0200] „POST /xmlrpc.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
abuse.pt@vodafone.com
2001:818:ebf0:d100:530f:ba80:903:c585 website*1.com – – [11/Jul/2025:15:29:01 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
abuse@hosteurope.de
92.205.182.254 website*1.com – – [11/Jul/2025:18:11:46 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@jink.host
195.182.25.241 website*1.com – – [11/Jul/2025:14:44:10 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; U; Linux; i686; en-US; rv:1.6) Gecko Debian/1.6-7“

admin@idcloudhost.com
116.193.190.94 website*1.com – – [11/Jul/2025:19:02:56 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@scalahosting.com
209.142.66.4 website*1.com – – [11/Jul/2025:20:12:12 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@contabo.de
157.173.126.116 website*1.com – – [11/Jul/2025:21:59:47 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

domain-abuse@dreamhost.com
67.205.34.113 website*1.com – – [11/Jul/2025:22:48:13 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@arsys.es,abuse@ionos.com
82.223.0.222 website*1.com – – [12/Jul/2025:00:25:37 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
admin@scicube.com
103.11.101.122 website*1.com – – [12/Jul/2025:02:17:15 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@amazonaws.com, trustandsafety@support.aws.com
3.111.171.205 website*1.com – – [12/Jul/2025:03:10:18 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
eig-abuse@endurance.com,eig-noc@endurance.com
50.6.3.45 website*1.com – – [12/Jul/2025:05:49:12 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@godaddy.com
92.204.89.200 website*1.com – – [12/Jul/2025:07:30:49 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@sunrise.net
194.230.160.226 website*1.com – – [12/Jul/2025:08:17:15 +0200] „POST /xmlrpc.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
gayatricustomercare@gmail.com
103.70.155.83 website*1.com – – [12/Jul/2025:08:18:55 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
hostmaster@telkomsel.co.id
2404:c0:5c10::751d:f53f website*1.com – – [12/Jul/2025:08:20:13 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“

abuse-fr@eurofiber.com
185.75.143.243 website*1.com – – [12/Jul/2025:08:57:17 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; U; Linux i686; en-US; rv:96.0) Gecko/20071914 Firefox/96.0“
abuse@publicdomainregistry.com
43.225.54.44 website*1.com – – [12/Jul/2025:09:47:32 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
director_ejecutivo@ruav.edu.co
45.183.196.214 website*1.com – – [12/Jul/2025:10:32:17 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@ovh.net – HERE WITH 3 IP´S! VERY UNSECURE!!!
2001:41d0:304:200::d23b website*1.com – – [12/Jul/2025:11:30:40 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
2001:41d0:203:b338:: website*1.com – – [12/Jul/2025:23:09:12 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
2001:41d0:2:3ea5:: website*1.com – – [13/Jul/2025:00:03:00 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@oracleemaildelivery.com – HERE WITH 2 IP´S! VERY UNSECURE!!!
152.67.193.32 website*1.com – – [12/Jul/2025:12:22:02 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
51.254.199.77 website*1.com – – [12/Jul/2025:13:29:30 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuses@abelohost.net – HERE WITH 2 ATTEMPTS – VERY UNSECURE!!!
185.231.220.198 website*1.com – – [12/Jul/2025:15:47:38 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
185.231.220.198 website*1.com – – [12/Jul/2025:19:56:09 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

reportabuse@advancedserverdns.com
43.230.201.87 website*1.com – – [12/Jul/2025:16:56:51 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@vtx.ch
212.147.5.172 website*1.com – – [12/Jul/2025:18:25:17 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@hostinger.com
2a02:4780:12:d924::1 website*1.com – – [12/Jul/2025:19:17:07 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

noc.mltl@gmail.com
103.120.223.44 www. website*2.de – – [12/Jul/2025:04:20:31 +0200] „GET /.ftpconfig HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36“
abuse@sriwijayahost.co.id – HERE WITH 2 ATTEMPTS!
157.66.56.183 website*2.de – – [12/Jul/2025:08:41:48 +0200] „GET /sftp-config.json HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0“
157.66.56.183 website*2.de – – [12/Jul/2025:08:41:50 +0200] „GET /.vscode/sftp.json HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0“
abuse@microsoft.com – VERY UNSAFE PROVIDER! VERY MUCH HACKING-ATTEMPTS EVERY DAY!
52.169.251.137 website*2.de – – [13/Jul/2025:05:38:03 +0200] „GET /wp-content/uploads/wpr-addons/forms/b1ack.php HTTP/1.0“ 403 – „-“ „-“
52.169.251.137 website*2.de – – [13/Jul/2025:05:38:03 +0200] „GET /wp-content/plugins/fix/up.php HTTP/1.0“ 403 – „-“ „-“
52.169.251.137 website*2.de – – [13/Jul/2025:05:38:03 +0200] „GET /wp-content/themes/twentyfive/include.php HTTP/1.0“ 403 – „-“ „-“
52.169.251.137 website*2.de – – [13/Jul/2025:05:38:03 +0200] „GET /wp-content/plugins/wordpresss3cll/includes.php HTTP/1.0“ 403 – „-“ „-“
52.169.251.137 website*2.de – – [13/Jul/2025:05:38:03 +0200] „GET /defaults.php HTTP/1.0“ 302 – „-“ „-“

abuse@ipxo.com, abuse@contabo.de, noc@contabo.de, sascha.wintz@contabo.de
158.220.102.209 website*3.com – – [12/Jul/2025:02:25:23 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuseteam@phoenixnap.com
103.243.172.242 website*3.com – – [12/Jul/2025:03:15:15 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
admin@internetnamesforbusiness.com
2001:1810:4181:120:0:4:42af:2c16 website*3.com – – [12/Jul/2025:04:29:19 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@biznetgio.com
103.127.134.129 website*3.com – – [12/Jul/2025:05:53:58 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@sioru.com
80.251.219.111 website*3.com – – [12/Jul/2025:06:21:53 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
network@abuse.team
2001:67c:2070:c810::1 website*3.com – – [12/Jul/2025:07:03:11 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@hosteons.com
2402:d0c0:11:7b3::1 website*3.com – – [12/Jul/2025:07:33:39 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

noc@perfectip.net
74.81.43.210 website*3.com – – [12/Jul/2025:08:23:21 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@horizoniq.com – HERE WITH 2 ATTEMPTS – VERY UNSECURE!
173.236.127.48 website*3.com – – [12/Jul/2025:09:00:50 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
173.236.127.48 website*3.com – – [13/Jul/2025:05:04:33 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@contabo.de
45.134.226.158 website*3.com – – [12/Jul/2025:09:54:13 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@ovh.net
141.95.53.61 website*3.com – – [12/Jul/2025:10:36:25 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@microsoft.com
20.198.224.111 website*3.com – – [12/Jul/2025:12:26:40 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
m2310@emax.net.tw
203.217.101.237 website*3.com – – [13/Jul/2025:02:51:11 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@nexcess.net
173.249.144.86 website*1.com – – [12/Jul/2025:20:26:51 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
info@zhost.vn
2406:30c0:0:66:be24:11ff:fe2e:3b02 website*1.com – – [12/Jul/2025:21:06:16 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
ispnochfcl@infotelconnect.com
112.196.0.228 website*1.com – – [13/Jul/2025:01:52:56 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@worldhost.group
65.181.112.107 website*4.com – – [12/Jul/2025:03:23:43 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@roeth-und-beck.de
2a0e:6a80:3:439:: website*4.com – – [12/Jul/2025:03:54:12 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
net-arin@velia.net
50.30.32.22 website*4.com – – [12/Jul/2025:05:36:08 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@thegigabit.com
103.205.211.78 website*4.com – – [12/Jul/2025:06:27:04 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
trustandsafety@support.aws.com
13.202.153.160 website*4.com – – [12/Jul/2025:07:39:44 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@bluehost.com
162.241.174.216 website*4.com – – [12/Jul/2025:09:07:08 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@ntup.net – VERY IGNORANT AND VERY UNSECURE PROVIDER – COMPLETE BLOCKED AT MANY WEBSITES!!!
194.145.227.125 website*5.de – – [12/Jul/2025:02:28:25 +0200] „GET /administrator/components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_image.php HTTP/1.0“ 403 – „-“ „ALittle Client“
bucklog@proton.me – VERY IGNORANT AND UNSECURE PROVIDER – COMPLETE BLOCKED AT MANY WEBSITES!!!
185.177.72.204 website*5.de – – [12/Jul/2025:04:29:37 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „-“
185.177.72.204 website*5.de – – [12/Jul/2025:04:29:37 +0200] „GET / HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
abuse@ionos.com
74.208.78.13 website*5.de – – [13/Jul/2025:04:42:20 +0200] „GET /.env.example HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0“
74.208.78.13 website*5.de – – [13/Jul/2025:04:42:24 +0200] „GET /.env.local HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0“
74.208.78.13 website*5.de – – [13/Jul/2025:04:42:27 +0200] „GET /.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0“

abuse@telstra.net
2001:8004:1680:4a2f:5c40:1a63:20be:74c7 website*5.de – – [13/Jul/2025:11:13:29 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
abuse@virtualine.org
198.55.98.222 website*5.de – – [13/Jul/2025:13:39:36 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Linux; U; Android 3.0.1; fr-fr; A500 Build/HRI66) AppleWebKit/534.13 (KHTML, like Gecko) Version/4.0 Safari/534.13“

anush@advinservers.com – HERE WITH 2 ATTEMPTS! – VERY UNSECURE!
2602:fb54:9fa:: www.website*6.de – – [13/Jul/2025:05:14:04 +0200] „GET /wp-content/plugins/yanierin/akc.php HTTP/1.0“ 403 – „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
2602:fb54:9fa:: www.website*6.de – – [13/Jul/2025:05:14:14 +0200] „GET /akc.php HTTP/1.0“ 302 – „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
abuse@ovh.net – – HERE WITH 2 ATTEMPTS! – VERY UNSECURE!
141.95.4.134 www.website*6.de – – [13/Jul/2025:05:45:26 +0200] „GET /wp-content/plugins/HelloDollyV2/hello_dolly_v2.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36“
141.95.4.134 www.website*6.de – – [13/Jul/2025:05:45:26 +0200] „GET /wp-content/plugins/WordPressCore/include.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36“
abuse@colocatel.com – MANY ATTEMPTS, VERY UNSECURE!!!
193.142.147.5 www.website*6.de – – [13/Jul/2025:12:57:32 +0200] „GET /wp-content/uploads/ HTTP/1.0“ 403 – „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
193.142.147.5 www.website*6.de – – [13/Jul/2025:12:57:33 +0200] „GET /wp-includes/ HTTP/1.0“ 403 – „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
193.142.147.5 www.website*6.de – – [13/Jul/2025:12:57:34 +0200] „GET /wp-content/ HTTP/1.0“ 403 – „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
193.142.147.5 www.website*6.de – – [13/Jul/2025:12:57:34 +0200] „GET /wp-content/plugins/ HTTP/1.0“ 403 – „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
193.142.147.5 www.website*6.de – – [13/Jul/2025:12:57:35 +0200] „GET /wp-content/themes/ HTTP/1.0“ 403 – „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
193.142.147.5 www.website*6.de – – [13/Jul/2025:12:57:36 +0200] „GET /wp-admin/ HTTP/1.0“ 403 – „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
193.142.147.5 www.website*6.de – – [13/Jul/2025:12:57:36 +0200] „GET /.well-known/ HTTP/1.0“ 403 – „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
193.142.147.5 www.website*6.de – – [13/Jul/2025:12:57:42 +0200] „GET /.well-known/pki-validation/ HTTP/1.0“ 403 – „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
193.142.147.5 www.website*6.de – – [13/Jul/2025:12:57:44 +0200] „GET /.well-known/acme-challenge/ HTTP/1.0“ 403 – „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
193.142.147.5 www.website*6.de – – [13/Jul/2025:12:57:45 +0200] „GET /css/ HTTP/1.0“ 403 – „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“

abuse@shinjiru.com.my,noc@shinjiru.com.my
101.99.88.163 website*2.de – – [13/Jul/2025:11:20:03 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Linux; Android 8.1.0; Moto G (5S) Plus) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.143 Mobile Safari/537.36“
abuse@ionos.com – NEXT ONE TODAY! – VERY UNSECURE!
74.208.58.23 website*2.de – – [13/Jul/2025:13:37:50 +0200] „GET /wp-config.php.old HTTP/1.0“ 403 – „-“ „-“
74.208.58.23 website*2.de – – [13/Jul/2025:13:37:50 +0200] „GET /wp-config.php_ HTTP/1.0“ 403 – „-“ „-“
74.208.58.23 website*2.de – – [13/Jul/2025:13:37:50 +0200] „GET /wp-config.php.save HTTP/1.0“ 403 – „-“ „-“
74.208.58.23 website*2.de – – [13/Jul/2025:13:37:50 +0200] „GET /wp-config.php.orig HTTP/1.0“ 403 – „-“ „-“
abuse@virtualine.org – AND THE NEXT ONE TODAY!!! – VERY UNSECURE PROVIDER!!!
198.55.98.222 website*2.de – – [13/Jul/2025:13:55:18 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Links/0.9.1 (Linux 2.4.24; i386;)“
198.55.98.222 website*2.de – – [13/Jul/2025:14:22:44 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36 OPR/62.0.3331.99“
198.55.98.222 website*2.de – – [13/Jul/2025:14:23:58 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 1083) AppleWebKit/537.36 (KHTML like Gecko) Chrome/28.0.1469.0 Safari/537.36“
198.55.98.222 website*2.de – – [13/Jul/2025:14:42:51 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.122 Safari/537.36“

noc@perfectip.net
2607:fa98:1000:3:20c:29ff:fee8:42ef website*4.com – – [12/Jul/2025:11:09:06 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@contabo.de
194.233.93.24 website*4.com – – [13/Jul/2025:02:59:48 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@ovh.ca, abuse@ovh.net – OVH HERE WITH 3 IP´S! – VERY UNSECURE!
167.114.172.130 website*4.com – – [13/Jul/2025:04:20:23 +0200] „GET /.well-known/gpc.json HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:136.0) Gecko/20100101 Firefox/136.0“
54.38.94.117 website*4.com – – [13/Jul/2025:04:36:49 +0200] „GET /.well-known/openid-configuration HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 OPR/118.0.0.0“
137.74.223.84 website*4.com – – [13/Jul/2025:05:19:05 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „https://website*4.com“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15“

dmzhostabuse@gmail.com – VERY IGNORANT, VERY UNSECURE!
45.148.10.80 website*4.com – – [13/Jul/2025:04:54:03 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0“
abuse@clouding.io
185.254.204.30 website*4.com – – [13/Jul/2025:05:10:40 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http://website*4.com“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36“
abuse@myloc.de
89.163.242.76 website*4.com – – [13/Jul/2025:05:39:50 +0200] „GET /gdftps.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“

klayliang@tencent.com – TENCENT IST COMPLETE UNWANTED – COMPLETE BLOCKED!
111.230.35.97 website*4.com – – [13/Jul/2025:05:45:57 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http://website*4.com“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:126.0) Gecko/20100101 Firefox/126.0“
tech@cloudinnovation.org
154.91.179.26 website*4.com – – [13/Jul/2025:05:50:13 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@netcup.de
89.58.55.156 website*4.com – – [13/Jul/2025:06:19:28 +0200] „GET /atom.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 OPR/118.0.0.0“

google-cloud-compliance@google.com – EVERY DAY TO MANY HACKING ATTEMPTS!
35.211.191.91 website*4.com – – [13/Jul/2025:06:30:04 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „https://website*4.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Edg/116.0.1938.62“
abuse@ionos.com
194.164.54.162 website*4.com – – [13/Jul/2025:06:57:22 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http://website*4.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:129.0) Gecko/20100101 Firefox/129.0“
abuse.gh@vodafone.com
102.176.65.174 website*4.com – – [13/Jul/2025:07:03:32 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“

ip-admin@telkom.net.id
125.165.98.90 website*4.com – – [13/Jul/2025:07:03:54 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
abuse@idnic.net
103.189.104.3 website*4.com – – [13/Jul/2025:07:50:26 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@microsoft.com – VERY UNSAFE PROVIDER! VERY MUCH HACKING-ATTEMPTS EVERY DAY!
20.198.224.111 website*4.com – – [13/Jul/2025:08:31:29 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@microsoft.com
20.198.224.111 website*4.com – – [13/Jul/2025:10:48:54 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@vialis.net
85.95.216.149 website*4.com – – [13/Jul/2025:11:35:34 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@horizoniq.com
173.236.127.48 website*1.com – – [13/Jul/2025:02:46:30 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@telekom.de
84.143.170.204 website*1.com – – [13/Jul/2025:04:58:43 +0200] „POST /xmlrpc.php HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
rsteward@velia.net
50.30.32.22 website*1.com – – [13/Jul/2025:06:21:10 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@mammothmedia.com.au
110.232.114.55 website*1.com – – [13/Jul/2025:06:36:53 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http:// website*1.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 Firefox/128.0“
abuse@ovh.us
51.81.207.12 website*1.com – – [13/Jul/2025:06:53:11 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „https:// website*1.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.171 Safari/537.36 Edg/115.0.1901.203“
abuse@ovh.net
193.70.81.186 website*1.com – – [13/Jul/2025:11:09:40 +0200] „GET /.well-known/gpc.json HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36“
abuse@ovh.ca
158.69.120.60 website*1.com – – [13/Jul/2025:14:56:32 +0200] „GET /?blackhole HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 OPR/118.0.0.0“
abuse@hostinger.com
2a02:4780:d:b623::1 website*1.com – – [13/Jul/2025:07:32:47 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

hostmaster@nic.ad.jp
49.212.148.38 website*1.com – – [13/Jul/2025:09:06:33 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
kornet_ip@kt.com
121.144.120.196 website*1.com – – [13/Jul/2025:10:28:50 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
soc@viettel.com.vn – MANY PROVIDERS IN VIETNAM ARE VERY UNSECURE – TO MANY HACKER-IDIOTS EVERY DAY!!!
171.244.0.91 website*1.com – – [13/Jul/2025:12:16:05 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

hostmaster@nic.ad.jp
49.212.148.38 website*3.com – – [13/Jul/2025:04:06:14 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@ionos.com – HERE WITH 3 ATTEMPTS – VERY UNSECURE!
74.208.78.13 website*3.com – – [13/Jul/2025:04:21:37 +0200] „GET /.env.example HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0“
74.208.78.13 website*3.com – – [13/Jul/2025:04:21:40 +0200] „GET /.env.local HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0“
74.208.78.13 website*3.com – – [13/Jul/2025:04:21:43 +0200] „GET /.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0“
network.gtsvn@gmail.com
113.192.8.160 website*3.com – – [13/Jul/2025:05:08:20 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „https:// website*3.com“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36“

abuse@namecheaphosting.com
159.198.64.48 website*3.com – – [13/Jul/2025:05:28:32 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http:// website*3.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.199 Safari/537.36 Edg/114.0.1823.67“
reportabuse@racknerd.com
104.168.22.92 website*3.com – – [13/Jul/2025:06:04:06 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http:// website*3.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Edg/113.0.1774.50“
soc@viettel.com.vn
2402:800:63b8:d004:be24:11ff:fee4:a8ca website*3.com – – [13/Jul/2025:06:32:44 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@latitude.sh – HERE WITH 2 ATTEMPTS – VERY UNSECURE!
103.14.26.234 website*3.com – – [13/Jul/2025:06:37:36 +0200] „GET /randkeyword.PhP7 HTTP/1.0“ 403 – „-“ „-“
103.14.26.234 website*3.com – – [13/Jul/2025:06:37:36 +0200] „GET /admin.php HTTP/1.0“ 302 – „-“ „-“
ripe@tana.ir
194.60.230.112 website*3.com – – [13/Jul/2025:06:39:51 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http:// website*3.com“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:129.0) Gecko/20100101 Firefox/129.0“
abuse@hidata.org
185.222.163.90 website*3.com – – [13/Jul/2025:07:16:03 +0200] „POST /wp-login.php HTTP/1.0“ 403 – „http:// website*3.com“ „Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Edg/126.0.0.0“

abuse@amazonaws.com – HERE WITH 2 IP´S!
52.49.169.239 website*3.com – – [13/Jul/2025:07:39:11 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
18.158.88.235 website*3.com – – [13/Jul/2025:09:18:36 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
bucklog@proton.me – HERE WITH 5 ATTEMPTS – VERY IGNORANT AND UNSECURE PROVIDER!!!
185.177.72.205 website*3.com – – [13/Jul/2025:09:54:56 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „-“
185.177.72.205 website*3.com – – [13/Jul/2025:09:55:06 +0200] „GET /.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.205 website*3.com – – [13/Jul/2025:09:55:06 +0200] „GET /phpinfo HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.205 website*3.com – – [13/Jul/2025:09:55:06 +0200] „GET /_profiler/phpinfo HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.205 website*3.com – – [13/Jul/2025:09:55:06 +0200] „GET /info.php HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
bucklog@proton.me – NEXT IP! HERE ALSO WITH 5 ATTEMPTS – VERY IGNORANT AND UNSECURE PROVIDER!!!
185.177.72.11 website*3.com – – [13/Jul/2025:11:59:37 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „-“
185.177.72.11 website*3.com – – [13/Jul/2025:11:59:52 +0200] „GET /.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.11 website*3.com – – [13/Jul/2025:11:59:52 +0200] „GET /phpinfo HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.11 website*3.com – – [13/Jul/2025:11:59:52 +0200] „GET /_profiler/phpinfo HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.11 website*3.com – – [13/Jul/2025:11:59:52 +0200] „GET /info.php HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
abuse@virtualine.org – HERE WITH 3 HACKER-IDIOTS!
198.55.98.182 website*3.com – – [13/Jul/2025:14:06:55 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36“
abuse@virtualine.org – VERY STUPID HACKER-IDIOT! – THIS IN NOT THE Googlebot!!!
198.55.98.91 website*3.com – – [13/Jul/2025:10:17:07 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (compatible; Googlebot/2.1; http://www.google.com/bot.html)“
abuse@virtualine.org – VERY UNSECURE PROVIDER!!!
198.55.98.222 website*3.com – – [13/Jul/2025:15:08:15 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Links (2.3pre1; Linux 2.6.38-8-generic x86_64; 170×48)“

abuse@publicdomainregistry.com – NEXT ONE TODAY, VERY UNSECURE!
43.225.54.44 website*3.com – – [13/Jul/2025:10:35:20 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@amazonaws.com
2600:1f16:49a:9100:e737:8dcf:4962:9c0c website*3.com – – [13/Jul/2025:12:29:20 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
soc@viettel.com.vn – VERY IGNORANT AND UNSECURE PROVIDER!!!
115.78.7.179 website*3.com – – [13/Jul/2025:13:55:21 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@ionos.com – HERE WITH 4 ATTEMPTS – VERY UNSECURE!
74.208.59.233 website*7.com – – [13/Jul/2025:03:17:11 +0200] „GET /wp-config.php1 HTTP/1.0“ 403 – „-“ „-“
74.208.59.233 website*7.com – – [13/Jul/2025:03:17:11 +0200] „GET /wp-config.phpold HTTP/1.0“ 403 – „-“ „-“
74.208.59.233 website*7.com – – [13/Jul/2025:03:17:12 +0200] „GET /wp-config.php.org HTTP/1.0“ 403 – „-“ „-“
74.208.59.233 website*7.com – – [13/Jul/2025:03:17:12 +0200] „GET /wp-config HTTP/1.0“ 403 – „-“ „-“
anush@advinservers.com – VERY IGNORANT PROVIDER! – VERY UNSECURE!
2602:fb54:372:: website*7.com – – [13/Jul/2025:11:28:53 +0200] „GET /style.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
2602:fb54:372:: website*7.com – – [13/Jul/2025:11:29:10 +0200] „GET /style.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
2602:fb54:372:: website*7.com – – [13/Jul/2025:11:29:28 +0200] „GET /ss.php?f_c=1 HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
2602:fb54:372:: website*7.com – – [13/Jul/2025:11:29:45 +0200] „GET /ss.php?f_c=1 HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
abuse@microsoft.com – EVERY DAY MANY HACKING-ATTEMPTS – VERY UNSECURE!
20.127.100.39 website*7.com – – [13/Jul/2025:13:30:25 +0200] „HEAD /wordpress HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36“
20.127.100.39 website*7.com – – [13/Jul/2025:13:36:15 +0200] „HEAD /Wordpress HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36“
20.127.100.39 website*7.com – – [13/Jul/2025:13:38:58 +0200] „HEAD /WORDPRESS HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36“
20.127.100.39 website*7.com – – [13/Jul/2025:13:43:44 +0200] „HEAD /WordPress HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36“
20.127.100.39 website*7.com – – [13/Jul/2025:13:56:20 +0200] „HEAD /WP HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36“
20.127.100.39 website*7.com – – [13/Jul/2025:14:01:47 +0200] „HEAD /old HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36“
20.127.100.39 website*7.com – – [13/Jul/2025:14:04:49 +0200] „HEAD /Old HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36“
20.127.100.39 website*7.com – – [13/Jul/2025:14:09:29 +0200] „HEAD /OLD HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36“
20.127.100.39 website*7.com – – [13/Jul/2025:14:11:06 +0200] „HEAD /oldsite HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36“
20.127.100.39 website*7.com – – [13/Jul/2025:14:17:20 +0200] „HEAD /new HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36“
20.127.100.39 website*7.com – – [13/Jul/2025:14:19:26 +0200] „HEAD /New HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36“
20.127.100.39 website*7.com – – [13/Jul/2025:14:25:18 +0200] „HEAD /NEW HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36“
20.127.100.39 website*7.com – – [13/Jul/2025:14:27:39 +0200] „HEAD /wp-old HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36“
20.127.100.39 website*7.com – – [13/Jul/2025:14:31:20 +0200] „HEAD /2022 HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36“
20.127.100.39 website*7.com – – [13/Jul/2025:14:35:47 +0200] „HEAD /2023 HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36“
20.127.100.39 website*7.com – – [13/Jul/2025:14:41:06 +0200] „HEAD /2024 HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36“
20.127.100.39 website*7.com – – [13/Jul/2025:14:43:30 +0200] „HEAD /2017 HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36“
… and so on… VERY UNSECURE PROVIDER!!!

abuse@virtualine.org
198.55.98.222 website*7.com – – [13/Jul/2025:13:58:02 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.26 Safari/537.36 Core/1.63.5977.400 LBBROWSER/10.1.3752.400“
198.55.98.222 website*7.com – – [13/Jul/2025:14:24:49 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.186 YaBrowser/18.3.1.1220 Yowser/2.5 Safari/537.36“
abuse@microsoft.com – EVERY DAY MANY HACKING-ATTEMPTS – VERY UNSECURE!
20.127.100.39 website*7.com – – [13/Jul/2025:15:00:52 +0200] „HEAD /backup HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36“
20.127.100.39 website*7.com – – [13/Jul/2025:15:03:37 +0200] „HEAD /test HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36“
20.127.100.39 website*7.com – – [13/Jul/2025:15:07:02 +0200] „HEAD /Test HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36“

noc@perfectip.net
74.81.43.210 website*1.com – – [14/Jul/2025:01:36:55 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
ipadm@lguplus.co.kr
2406:5900:3:6742:5708:3958:16b7:f19f website*1.com – – [14/Jul/2025:00:46:39 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@netcup.de
89.58.51.117 website*1.com – – [14/Jul/2025:03:20:22 +0200] „GET /app-ads.txt HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36“

abuse@register.it
185.2.4.33 website*1.com – – [14/Jul/2025:03:38:33 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@host4.biz
185.151.245.30 website*1.com – – [14/Jul/2025:04:48:35 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@ovh.net
2001:41d0:203:b338:: website*1.com – – [14/Jul/2025:05:24:53 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@microsoft.com
13.74.181.217 website*4.com – – [14/Jul/2025:02:14:05 +0200] „GET /randkeyword.PhP7 HTTP/1.0“ 403 – „-“ „-“
13.74.181.217 website*4.com – – [14/Jul/2025:02:14:05 +0200] „GET /admin.php HTTP/1.0“ 302 – „-“ „-“
abuse@contabo.de
173.249.2.8 website*4.com – – [14/Jul/2025:02:18:51 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@contabo.de – NEXT ONE CONTABO!
194.233.93.24 website*4.com – – [14/Jul/2025:04:04:48 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

abuse@charter.net
76.181.194.204 website*5.de – – [14/Jul/2025:02:55:23 +0200] „POST /xmlrpc.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
abuse@oracleemaildelivery.com
132.145.196.107 website*4.com – – [14/Jul/2025:04:55:53 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; U; Linux i686; en-US; rv:96.0) Gecko/20071914 Firefox/96.0“
abuse@sioru.com
80.251.219.111 website*4.com – – [14/Jul/2025:05:11:01 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

network-abuse@google.com
34.32.140.37 website*3.com – – [14/Jul/2025:02:52:24 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@worldhost.group
103.120.176.224 website*3.com – – [14/Jul/2025:03:41:59 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@vultr.com
149.28.128.19 website*3.com – – [14/Jul/2025:04:51:27 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@as210558.net – VERY IGNORANT PROVIDER – NO ANSWER AT ABUSE-MAILS!
45.141.215.30 website*3.com – – [14/Jul/2025:05:00:13 +0200] „GET /wp-admin/setup-config.php HTTP/1.0“ 302 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64)“
45.141.215.30 website*3.com – – [14/Jul/2025:05:00:13 +0200] „GET /wp/wp-admin/setup-config.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64)“
45.141.215.30 website*3.com – – [14/Jul/2025:05:00:13 +0200] „GET /blog/wp-admin/setup-config.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64)“
45.141.215.30 website*3.com – – [14/Jul/2025:05:00:13 +0200] „GET /new/wp-admin/setup-config.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64)“

abuse@liquidweb.com
104.207.254.234 website*3.com – – [14/Jul/2025:05:29:38 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@hostgator.in
50.116.87.40 website*3.com – – [14/Jul/2025:05:58:30 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
abuse@as41281.net
193.189.100.203 website*3.com – – [14/Jul/2025:06:12:00 +0200] „GET /bitcoin-bank-breaker/index-pl.html HTTP/1.0“ 403 – „-“ „python-requests/2.32.3“

Nun schauen wir mal, wie viele Provider verantwortungsbewusst sind, sich seriös verhalten, ihre Sicherheitslücken beseitigen!!!

Die Provider sind da mit VERANTWORTLICH!

Protokoll-Auszüge vom 10 Juli 2025 – Wenn schon der PROVIDER selber VERSEUCHT ist!

Es ist z.T. echt unglaublich, was man so mit einigen eh fragwürdigen Providern erlebt. Dazu aber später mal mehr. 😉

HEUTE, fiel uns folgendes auf!

Ein absolut IGNORANTER und ARROGANTER PROVIDER ist:

AS214940 – KPROHOST LLC
Hosting Abuse: abuse@virtualine.org

Keinerlei Reaktion oder Antwort in Bezug auf unsere ABUSE-MELDUNGEN!

Hacker-Idioten, die über diesen fragwürdigen Provider kamen:

198.55.98.216 website*1.com – – [10/Jul/2025:02:42:52 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36“
198.55.98.216 website*2.de – – [10/Jul/2025:02:44:28 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „SAMSUNG-SGH-E250/1.0 Profile/MIDP-2.0 Configuration/CLDC-1.1 UP.Browser/6.2.3.3.c.1.101 (GUI) MMP/2.0 (compatible; Googlebot-Mobile/2.1; http://www.google.com/bot.html)“
198.55.98.216 website*2.de – – [10/Jul/2025:02:46:49 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Linux; Android 9; SM-A505F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36“
198.55.98.216 website*3.com – – [10/Jul/2025:02:57:05 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Linux; Android 9; MI 8 SE Build/PKQ1.181121.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/66.0.3359.126 MQQBrowser/6.2 TBS/044807 Mobile Safari/537.36 MMWEBID/7941 MicroMessenger/7.0.6.1460(0x27000634) Process/tools NetType/WIFI Language/zh_CN“
198.55.98.216 website*3.com – – [10/Jul/2025:02:57:10 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36“
198.55.98.216 website*4.de – – [10/Jul/2025:03:00:31 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux; rv:67.0) Gecko/20100101 Firefox/67.0“
198.55.98.216 website*4.de – – [10/Jul/2025:03:04:19 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Linux; Android 8.1.0; MI 5X Build/OPM1.171019.019) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Mobile Safari/537.36“
198.55.98.216 website*4.de – – [10/Jul/2025:03:10:32 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (iPhone; CPU iPhone OS 12_4 like Mac OS X) AppleWebKit/602.1.50 (KHTML, like Gecko) CriOS/56.0.2924.79 Mobile/16G77 Safari/602.1“
198.55.98.216 website*5.com – – [10/Jul/2025:03:11:25 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36 OPR/28.0.1750.40“

und etc… etc…

Naja, wenn der Provider schon selber versucht ist, das sagt ja wohl alles!

Provider Virtualine.ORG Verseucht

Solche Provider gehören SOFORT KOMPLETT GESPERRT! ABSOLUT VERANTWORTUNGSLOS in Bezug auf SICHERHEIT!

Protokoll-Auszüge vom 08 Juli 2025 – Wir nehmen diesen Hacker-Idioten ihre Spielzeuge weg!

Heute haben wir mal wieder so einige Abuse-Mails rausgeschickt! Immer eine Meldung an 5 mit verantwortliche Provider!

Bedauerlicherweise sind auch hier bisher nur von wenigen Providern eine Antwort und/oder Reaktion gekommen. Nun ja, alleine schon, das jeder sieht, was bei der Konkurrenz so abgeht, wird eine ganz bestimmte Wirkung haben, Haha!

Vielleicht kapieren auch diese kriminellen Hacker-Idioten und dummen Script-Kiddies, was ein 403 bedeutet und das die xmlrpc.php eh gesperrt ist!

Hier mal die Liste mit jeweils den Email-Adressen, Provider-Kennung, armseeliger Zugriffsversuch:

abuse@goteborg.se, ipadmin@cantv.com.ve,abuse@ptvtelecom.com, eig-abuse@endurance.com,eig-net-team@endurance.com,abuse@oracleemaildelivery.com

AS25387 – Goteborg Kommun
62.88.129.75 website*1.com – – [08/Jul/2025:05:30:07 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „https:// website*1“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 14_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15“
AS8048 – CANTV Servicios, Venezuela
186.89.59.222 website*2.com – – [08/Jul/2025:05:32:44 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „http:// website*2.com“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:125.0.1) Gecko/20100101 Firefox/125.0.1“
AS34977 – PROCONO S.A.
37.61.155.189 website*2.com – – [08/Jul/2025:05:41:23 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „https:// website*2.com“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 14.3) AppleWebKit/614.31.14 (KHTML, like Gecko) Version/17.0.96 Safari/614.31.14“
AS19871 – Network Solutions, LLC
50.6.155.36 website*1 – – [08/Jul/2025:05:48:38 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
AS31898 – Oracle Corporation – THIRD ABUSE-MAIL TODAY!!!
64.110.114.22 website*3.com – – [08/Jul/2025:05:49:20 +0200] „POST /xmlrpc.php HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
—

csoc-hybridcloud@ans.co.uk, hm-changed@vnnic.vn,domain@inet.vn, abuse@ipxo.com, abuse@contabo.de, noc@contabo.de, sascha.wintz@contabo.de,info@interdata.vn, abuse@korbank.pl

AS61323 – ANS ACADEMY LIMITED
31.193.2.236 website*1 – – [08/Jul/2025:05:51:01 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „http:// website*1“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.138 Safari/537.36 Edg/112.0.1722.68“
AS149068 – iNET software one member company limited
103.72.97.210 website*1 – – [08/Jul/2025:06:05:46 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „https:// website*1“ „Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Edg/126.0.0.0“
AS51167 – Contabo GmbH
2a02:c202:2069:1889::1 website*2.com – – [08/Jul/2025:06:08:14 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „http:// website*2.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.138 Safari/537.36 Edg/112.0.1722.68“
AS151858 – INTERDIGI JOINT STOCK COMPANY
103.173.227.188 website*1 – – [08/Jul/2025:06:26:40 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „http:// website*1“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Edg/126.0.0.0“
AS35179 – Korbank S. A.
2a01:96e0:0:545:3::6 website*2.com – – [08/Jul/2025:06:44:13 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „http:// website*2.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0.1) Gecko/20100101 Firefox/125.0.1“
—

tencent_noc@tencent.com,tencent_idc@tencent.com,abuse@ovh.net, ncn@symphony.net.th, ip-admin@violin.co.th, abuse@worldhost.group,ipas@cnnic.cn,abuse@alibaba-inc.com

AS45090 – Shenzhen Tencent Computer Systems Company Limited – TENCENT IS COMPLETE UNWANTED – COMPLETE BLOCKED!
94.191.24.214 website*2.com – – [08/Jul/2025:04:26:27 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „https:// website*2.com“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:128.0) Gecko/20100101 Firefox/128.0“
AS16276 – OVH SAS – THIRD ABUSE MAIL TODAY!!!
198.244.233.124 website*1 – – [08/Jul/2025:04:36:39 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „http:// website*1“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Edg/113.0.1774.50“
AS132280 – Symphony Communication (Thailand) PCL.
161.82.200.37 website*1 – – [08/Jul/2025:04:52:41 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „https:// website*1“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36“
AS199404 – WHG Hosting Services Ltd
190.92.174.33 website*2.com – – [08/Jul/2025:04:55:19 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „http:// website*2.com“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36“
AS37963 – Hangzhou Alibaba Advertising Co.,Ltd. – THIRD ABUSE-MAIL TODAY! – ALIBABA IS COMPLETE UNWANTED – COMPLETE BLOCKED!
120.76.230.30 website*2.com – – [08/Jul/2025:05:04:33 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „https:// website*2.com“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:126.0) Gecko/20100101 Firefox/126.0“
—

ipas@cnnic.cn,abuse@alibaba-inc.com,abuse@ote.gr,registro_br@lpnet.com.br, abuse@namecheaphosting.com,manager@ipv4broker.eu,

AS37963 – Hangzhou Alibaba Advertising Co.,Ltd. – SECOND ABUSE-MAIL TODAY! – ALIBABA IS COMPLETE UNWANTED – COMPLETE BLOCKED!
120.24.23.234 website*2.com – – [08/Jul/2025:03:48:43 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „https:// website*2.com“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36“
AS6799 – Ote SA (Hellenic Telecommunications Organisation)
2a02:587:b47f:3300:3948:c8d3:1c6e:ef34 website*4.de – – [08/Jul/2025:03:49:31 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 6.2; x86) AppleWebKit/537.36 (KHTML, like Gecko) Edge/84.0.0.0 Safari/537.36“
AS28668 – Desktop Sigmanet Comunicação Multimídia SA
179.108.1.20 website*4.de – – [08/Jul/2025:03:51:15 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/60.0.0.0 Safari/537.36“
AS22612 – Namecheap, Inc.
198.54.125.232 website*1 – – [08/Jul/2025:04:14:35 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „https:// website*1“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36“
AS212607 – Saeid Shahrokhi
5.10.248.130 website*2.com – – [08/Jul/2025:04:17:18 +0200] „POST /xmlrpc.php HTTP/1.0“ 302 20 „http:// website*2.com“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36“
—

hm-changed@vnnic.vn,abuse@ovh.net,operations-support@expedient.com,ipm@expedient.com,hostmaster@nic.ad.jp, ipas@cnnic.cn,abuse@alibaba-inc.com

AS45899 – VNPT Corp
14.160.24.238 website*2.com – – [08/Jul/2025:03:03:34 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „http:// website*2.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Edg/116.0.1938.62“
ASN AS16276 – OVH SAS – SECOND ABUSE MAIL TODAY!
2001:41d0:401:3000::2309 website*2.com – – [08/Jul/2025:03:12:13 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „https:// website*2.com“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Edg/116.0.1938.62“
AS17054 – Expedient
216.37.42.34 website*1 – – [08/Jul/2025:03:31:11 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
AS7506 – GMO Internet Group, Inc.
2400:8500:1301:738:133:130:103:36 website*3.com – – [08/Jul/2025:03:33:50 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“
AS37963 – Hangzhou Alibaba Advertising Co.,Ltd. – ALIBABA IS COMPLETE UNWANTED – COMPLETE BLOCKED!
59.110.47.144 website*1 – – [08/Jul/2025:03:37:07 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „https:// website*1“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:126.0) Gecko/20100101 Firefox/126.0“
—

dsltac2north.unoc@airtel.com, shankar.B@airtel.com, abuse@oracleemaildelivery.com, abuse@vultr.com,tlynch@vultr.com,abuse@timeweb.ru, abuse@ovh.net

ASN AS24560 – Bharti Airtel Ltd., Telemedia Services
122.180.244.216 website*1 – – [08/Jul/2025:02:10:14 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „http:// website*1“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36“
AS31898 – Oracle Corporation
152.67.193.32 website*1 – – [08/Jul/2025:02:25:15 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „https:// website*1“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36“
AS20473 – The Constant Company, LLC
2001:19f0:7402:5c2:5400:4ff:fe0b:48fc website*2.com – – [08/Jul/2025:02:36:23 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „https:// website*2.com“ „Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36“
AS210976 – Timeweb, LLP – RUSSIA IS COMPLETE BLOCKED – COMPLETE UNWANTED!
147.45.136.104 website*1 – – [08/Jul/2025:02:46:08 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „http:// website*1“ „Mozilla/5.0 (Macintosh; Intel Mac OS X 14_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15“
ASN AS16276 – OVH SAS
2402:1f00:8000:800::1c87 website*2.com – – [08/Jul/2025:02:47:25 +0200] „POST /xmlrpc.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/91.0“

Soviel für heute, den 08.07.25! 😉

Protokoll-Auszüge vom 03/06 Juli 2025 – Was war so los, über das Wochenende?

Zuerst einmal ein Hacker-Idiot über den Provider AS401120 – cheapy.host LLC , Abuse-Mails an abuse@cheapy.host ohne jegliche Reaktion. Naja, das kennen wir ja schon, es sind immer die gleichen Provider, die hier anscheinend NUR DURCH IGNORANZ und ARROGANZ glänzen:

196.251.84.49 website*1.com – – [03/Jul/2025:13:18:49 +0200] „POST /ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.0“ 403 – „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
196.251.84.49 website*1.com – – [03/Jul/2025:13:18:49 +0200] „GET / HTTP/1.0“ 403 – „-“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
196.251.84.49 website*1.com – – [03/Jul/2025:13:18:49 +0200] „POST /wp-plain.php HTTP/1.0“ 302 – „www.google.com“ „Mozilla/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
196.251.84.49 website*1.com – – [03/Jul/2025:13:18:49 +0200] „POST /alfacgiapi/perl.alfa HTTP/1.0“ 403 – „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
196.251.84.49 website*1.com – – [03/Jul/2025:13:18:49 +0200] „GET /wp-content/themes/seotheme/db.php?u HTTP/1.0“ 403 – „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
196.251.84.49 website*1.com – – [03/Jul/2025:13:18:49 +0200] „GET /wp-content/plugins/fix/up.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36“
196.251.84.49 website*1.com – – [03/Jul/2025:13:18:49 +0200] „GET /wp-content/themes/seotheme/db.php?u HTTP/1.0“ 403 – „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
+
196.251.85.93 website*1.com – – [04/Jul/2025:02:32:33 +0200] „GET /style.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
196.251.85.93 website*1.com – – [04/Jul/2025:02:32:54 +0200] „GET /style.php HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
+
196.251.85.48 website*2.com – – [05/Jul/2025:17:17:18 +0200] „GET //wp-content/plugins/fix/up.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36“
+
196.251.83.252 website*3.com – – [06/Jul/2025:07:56:22 +0200] „GET /wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36“
196.251.83.252 website*3.com – – [06/Jul/2025:07:56:22 +0200] „GET /xmlrpc.php?rsd HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36“
196.251.83.252 website*3.com – – [06/Jul/2025:07:56:23 +0200] „GET / HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36“
196.251.83.252 website*3.com – – [06/Jul/2025:07:56:23 +0200] „GET /blog/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36“
196.251.83.252 website*3.com – – [06/Jul/2025:07:56:23 +0200] „GET /web/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36“
196.251.83.252 website*3.com – – [06/Jul/2025:07:56:23 +0200] „GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36“
196.251.83.252 website*3.com – – [06/Jul/2025:07:56:23 +0200] „GET /website/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36“
196.251.83.252 website*3.com – – [06/Jul/2025:07:56:23 +0200] „GET /wp/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36“
196.251.83.252 website*3.com – – [06/Jul/2025:07:56:23 +0200] „GET /news/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36“
196.251.83.252 website*3.com – – [06/Jul/2025:07:56:23 +0200] „GET /2020/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36“
196.251.83.252 website*3.com – – [06/Jul/2025:07:56:23 +0200] „GET /2019/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36“
196.251.83.252 website*3.com – – [06/Jul/2025:07:56:23 +0200] „GET /shop/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36“
196.251.83.252 website*3.com – – [06/Jul/2025:07:56:23 +0200] „GET /wp1/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36“
196.251.83.252 website*3.com – – [06/Jul/2025:07:56:23 +0200] „GET /test/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36“
196.251.83.252 website*3.com – – [06/Jul/2025:07:56:24 +0200] „GET /wp2/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36“
196.251.83.252 website*3.com – – [06/Jul/2025:07:56:24 +0200] „GET /site/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36“
196.251.83.252 website*3.com – – [06/Jul/2025:07:56:24 +0200] „GET /cms/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36“
196.251.83.252 website*3.com – – [06/Jul/2025:07:56:24 +0200] „GET /sito/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36“

The next one!

Auch hier erfolgen an den mit verantwortlichen Provider AS211590 – Bucklog SARL keinerlei Reaktionen gzgl. Abuse-Mails an bucklog@proton.me!

Diese Art von Verantwortungslosigkeit ist ein absolutes NoGo!!!

185.177.72.107 website*2.com – – [05/Jul/2025:16:55:19 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „-“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:19 +0200] „GET /.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:19 +0200] „GET /.env.local HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:19 +0200] „GET /.env.dev HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:20 +0200] „GET /.env.development HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:20 +0200] „GET /.env.prod HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:20 +0200] „GET /.env.production HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:20 +0200] „GET /.env.stage HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:20 +0200] „GET /.env.test HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:20 +0200] „GET /.env.example HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:20 +0200] „GET /.env.bak HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:20 +0200] „GET /.env.old HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:20 +0200] „GET /config/.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:20 +0200] „GET /config/config.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:21 +0200] „GET /app/.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:21 +0200] „GET /admin/.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:21 +0200] „GET /api/.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:21 +0200] „GET /apps/.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:21 +0200] „GET /server/.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:21 +0200] „GET /backend/.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:21 +0200] „GET /aws/credentials HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:22 +0200] „GET /.aws/credentials HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:22 +0200] „GET /.aws/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:22 +0200] „GET /config/aws.yml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:22 +0200] „GET /config/aws.json HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:22 +0200] „GET /docker-compose.yml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:22 +0200] „GET /docker-compose.override.yml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:22 +0200] „GET /docker-compose.prod.yml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:22 +0200] „GET /docker-compose.dev.yml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:22 +0200] „GET /config/config.json HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:22 +0200] „GET /config.json HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:23 +0200] „GET /config.yaml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:23 +0200] „GET /config.yml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:23 +0200] „GET /secrets.json HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:23 +0200] „GET /secrets.yml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:23 +0200] „GET /credentials.json HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:23 +0200] „GET /.git-credentials HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
185.177.72.107 website*2.com – – [05/Jul/2025:16:55:23 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36“
und etc… und etc…
+
185.177.72.22 website*2.com – – [06/Jul/2025:05:49:40 +0200] „GET / HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.22 website*2.com – – [06/Jul/2025:05:49:40 +0200] „GET /test/info.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.22 website*2.com – – [06/Jul/2025:05:49:40 +0200] „GET /admin/info.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.22 website*2.com – – [06/Jul/2025:05:49:40 +0200] „GET /info HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.22 website*2.com – – [06/Jul/2025:05:49:40 +0200] „GET /config/.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.22 website*2.com – – [06/Jul/2025:05:49:40 +0200] „GET /test/phpinfo.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.22 website*2.com – – [06/Jul/2025:05:49:40 +0200] „GET /.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.22 website*2.com – – [06/Jul/2025:05:49:40 +0200] „GET /settings.properties HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.22 website*2.com – – [06/Jul/2025:05:49:40 +0200] „GET /phpinfo.php HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.22 website*2.com – – [06/Jul/2025:05:49:40 +0200] „GET /info.php HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.22 website*2.com – – [06/Jul/2025:05:49:40 +0200] „GET /admin/phpinfo.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.22 website*2.com – – [06/Jul/2025:05:49:40 +0200] „GET /php.php HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.22 website*2.com – – [06/Jul/2025:05:49:40 +0200] „GET /phpinfo HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.22 website*2.com – – [06/Jul/2025:05:49:40 +0200] „GET /phpinfo/index.php HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.22 website*2.com – – [06/Jul/2025:05:49:40 +0200] „GET /debug.php HTTP/1.0“ 302 20 „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“
185.177.72.22 website*2.com – – [06/Jul/2025:05:49:40 +0200] „GET /api/.env HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3“

Protokoll-Auszüge vom 03/04 Juli 2025 – Täglich Grüßen gewisse IDIOTEN, die bekannte Provider missbrauchen!

Abuse- Meldungen gingen schon gestern an AS396982 – Google LLC!

Das Ergebnis danach war, dass diese Bot/Scannings und/oder Hacking-Versuche immens zunahmen!

Alleine das ist schon sehr fragwürdig, denn von einem verantwortungsvollen Provider erwarten man, DASS DAS AUFHÖRT!

Da durch unsere Abuse-Meldungen von gestern eben das Gegenteil erreicht wurde, wird das nun hier veröffentlicht!

Zum Schutz des Website-Besitzers haben wir HIER die betroffene Domain in website*1 umbenannt.

JETZT HAT AS396982 – Google LLC DAFÜR ZU SORGEN, DASS DAS SOFORT AUFHÖRT!!!

Folgende Bot / Scannings und/oder Hacking-Versuche gab es:

34.162.249.193 website*1.com – – [03/Jul/2025:17:37:53 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.249.193 website*1.com – – [03/Jul/2025:17:37:54 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
+
34.162.213.98 website*1.com – – [03/Jul/2025:17:57:12 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.213.98 website*1.com – – [03/Jul/2025:17:57:12 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
+
34.162.165.185 website*1.com – – [03/Jul/2025:19:41:57 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.165.185 website*1.com – – [03/Jul/2025:19:41:57 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.165.185 website*1.com – – [03/Jul/2025:19:41:57 +0200] „GET /.git/config HTTP/1.0“ 403 – „https://www. website*1.com/.git/config“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.165.185 website*1.com – – [03/Jul/2025:19:41:57 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „https://www. website*1.com/.git/HEAD“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
+
34.162.69.221 website*1.com – – [03/Jul/2025:20:01:28 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.69.221 website*1.com – – [03/Jul/2025:20:01:28 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.69.221 website*1.com – – [03/Jul/2025:20:01:28 +0200] „GET /.git/config HTTP/1.0“ 403 – „https://www. website*1.com/.git/config“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.69.221 website*1.com – – [03/Jul/2025:20:01:28 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „https://www. website*1.com/.git/HEAD“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
+
34.162.141.202 website*1.com – – [03/Jul/2025:20:20:19 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.141.202 website*1.com – – [03/Jul/2025:20:20:19 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.141.202 website*1.com – – [03/Jul/2025:20:20:29 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „https://www. website*1.com/.git/HEAD“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
+
34.162.51.109 website*1.com – – [03/Jul/2025:20:22:11 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.51.109 website*1.com – – [03/Jul/2025:20:22:11 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
+
34.162.79.88 website*1.com – – [03/Jul/2025:20:30:47 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.79.88 website*1.com – – [03/Jul/2025:20:30:47 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
+
34.162.94.5 website*1.com – – [03/Jul/2025:20:45:00 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.94.5 website*1.com – – [03/Jul/2025:20:45:00 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
+
34.162.128.241 website*1.com – – [03/Jul/2025:20:54:46 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.128.241 website*1.com – – [03/Jul/2025:20:54:46 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
+
34.162.162.39 website*1.com – – [03/Jul/2025:22:49:47 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.162.39 website*1.com – – [03/Jul/2025:22:49:47 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.162.39 website*1.com – – [03/Jul/2025:22:49:47 +0200] „GET /.git/config HTTP/1.0“ 403 – „https://www. website*1.com/.git/config“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.162.39 website*1.com – – [03/Jul/2025:22:49:47 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „https://www. website*1.com/.git/HEAD“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
+
34.162.156.234 website*1.com – – [03/Jul/2025:22:53:53 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.156.234 website*1.com – – [03/Jul/2025:22:53:53 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.156.234 website*1.com – – [03/Jul/2025:22:53:53 +0200] „GET /.git/config HTTP/1.0“ 403 – „https://www. website*1.com/.git/config“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.156.234 website*1.com – – [03/Jul/2025:22:53:53 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „https://www. website*1.com/.git/HEAD“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
+
34.162.79.88 website*1.com – – [04/Jul/2025:00:02:30 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.79.88 website*1.com – – [04/Jul/2025:00:02:30 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.79.88 website*1.com – – [04/Jul/2025:00:02:30 +0200] „GET /.git/config HTTP/1.0“ 403 – „https://www. website*1.com/.git/config“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.79.88 website*1.com – – [04/Jul/2025:00:02:31 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „https://www. website*1.com/.git/HEAD“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
+
34.162.236.120 website*1.com – – [04/Jul/2025:00:36:13 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.236.120 website*1.com – – [04/Jul/2025:00:36:13 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
+
34.162.249.22 website*1.com – – [04/Jul/2025:01:27:32 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.249.22 website*1.com – – [04/Jul/2025:01:27:32 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
+
34.162.52.235 website*1.com – – [04/Jul/2025:01:30:22 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.52.235 website*1.com – – [04/Jul/2025:01:30:22 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
+
34.162.152.80 website*1.com – – [04/Jul/2025:01:49:46 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.152.80 website*1.com – – [04/Jul/2025:01:49:46 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
+
34.162.201.127 website*1.com – – [04/Jul/2025:02:31:42 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.201.127 website*1.com – – [04/Jul/2025:02:31:43 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
+
34.162.171.203 website*1.com – – [04/Jul/2025:04:26:47 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.171.203 website*1.com – – [04/Jul/2025:04:26:47 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
+
34.162.225.105 website*1.com – – [04/Jul/2025:06:45:10 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.225.105 website*1.com – – [04/Jul/2025:06:45:11 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
+
34.162.213.107 website*1.com – – [04/Jul/2025:06:49:32 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.213.107 website*1.com – – [04/Jul/2025:06:49:32 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
+
34.162.33.156 website*1.com – – [04/Jul/2025:07:06:58 +0200] „GET /.git/config HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“
34.162.33.156 website*1.com – – [04/Jul/2025:07:06:58 +0200] „GET /.git/HEAD HTTP/1.0“ 403 – „-“ „ct\xe2\x80\x91git\xe2\x80\x91scanner/0.4“

Schauen wir mal, ob AS396982 – Google LLC das nun in den Griff bekommt!

Protokoll-Auszüge vom 03 Juli 2025 – Täglich Grüßen die Hacker-Idioten!

Über diverse Provider ist es ja immer das gleiche Muster, immer die gleichen Files!

Bei einigen verschiedenen Providern ist als Meldeadresse für Abuse report@abuseradar.com aufgeführt!

Bedauerlicherweise gibt es von report@abuseradar.com weder eine Antwort, noch eine Statusmeldung! Naja, somit ist auch das für uns mehr als FRAGWÜRDIG!

Bei diesen folgen Versuchen eines Hacker-Idioten über den Provider AS174 – Cogent Communications haben wir daher neben der für uns fragwürdigen Emailadresse report@abuseradar.com dann als zweite Adresse direkt den MIT VERANTWORTLICHEN PROVIDER mit abuse@cogentco.com angeschrieben!

Hier noch die armseeligen Versuche eines Hacker-Idioten:

191.101.31.167 website*1.com – – [03/Jul/2025:05:39:10 +0200] „GET /xmlrpc.php?rsd HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
191.101.31.167 website*1.com – – [03/Jul/2025:05:39:10 +0200] „GET /blog/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
191.101.31.167 website*1.com – – [03/Jul/2025:05:39:10 +0200] „GET /web/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
191.101.31.167 website*1.com – – [03/Jul/2025:05:39:11 +0200] „GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
191.101.31.167 website*1.com – – [03/Jul/2025:05:39:11 +0200] „GET /wp/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
191.101.31.167 website*1.com – – [03/Jul/2025:05:39:11 +0200] „GET /2020/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
191.101.31.167 website*1.com – – [03/Jul/2025:05:39:11 +0200] „GET /2019/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
191.101.31.167 website*1.com – – [03/Jul/2025:05:39:11 +0200] „GET /2021/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
191.101.31.167 website*1.com – – [03/Jul/2025:05:39:11 +0200] „GET /shop/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
191.101.31.167 website*1.com – – [03/Jul/2025:05:39:11 +0200] „GET /wp1/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
191.101.31.167 website*1.com – – [03/Jul/2025:05:39:11 +0200] „GET /test/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
191.101.31.167 website*1.com – – [03/Jul/2025:05:39:12 +0200] „GET /site/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“
191.101.31.167 website*1.com – – [03/Jul/2025:05:39:12 +0200] „GET /cms/wp-includes/wlwmanifest.xml HTTP/1.0“ 403 – „-“ „Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36“

Diese Vollidioten von Amateur-Hackern kapieren anscheinend immer noch nicht, was eine Statusmeldung 403 bedeutet. Naja… anscheinend mal wieder dumme SCRIPT-KIDDIES, die keine Ahnung vom Hacking haben. Den Knopf eines Hacker-Tools drücken kann ja auch jeder Vollidiot, dazu braucht man kein Fachwissen!

Protokoll-Auszüge von Anfang Juli 2025 – Schauen wir mal, was wir diesen Monat für Hacker-Idioten haben!

Tägliche penetrante Zugriffe! Absolute IGNORANZ bei Emails an abuse@nybula.com!

Zum Schutz des Website-Besitzers haben wir um Auszug vom Logfile die Website in website*1 umbenannt!

Es gibt ja so einige fragwürdige Provider, die der Meinung sind, sie können über fremde Websites bestimmen und einfach machen, was sie wollen!

Diese Ignoranz wird von uns dann mit VERÖFFENTLICHUNG belohnt:

Provider: AS401116 – Nybula LLC

196.251.117.231 website*1.com – – [01/Jul/2025:06:02:57 +0200] „GET /about.php?520 HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
196.251.117.231 website*1.com – – [01/Jul/2025:06:03:30 +0200] „GET /admin.php?520 HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“

196.251.117.231 website*1.com – – [01/Jul/2025:08:50:38 +0200] „GET /about.php?action=p&api=p&path=p&token= HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
196.251.117.231 website*1.com – – [01/Jul/2025:08:50:38 +0200] „GET /about.php?action=p&api=p&path=p&token= HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
196.251.117.231 website*1.com – – [01/Jul/2025:08:50:52 +0200] „GET /admin.php?action=p&api=p&path=p&token= HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“
196.251.117.231 website*1.com – – [01/Jul/2025:08:50:52 +0200] „GET /admin.php?action=p&api=p&path=p&token= HTTP/1.0“ 302 20 „www.google.com“ „Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36“

Schauen wir nun mal, ob diese IGNORANZ weiter geht!

Seit wir viele Hacking-Versuche fast täglich melden, werden einige dieser Hacker-Idioten vorsichtiger. Man macht das erst mal ein ganz vorsichtiges GET! Kommt da ein 403, hören sie meist auf.

NUR ZU DUMM für all diese armseeligen Hacker-Idioten denn auch das melden wir nun schon seit DEZEMBER 2024!

Hier schicken wir nun ebenfalls ABUSE-MAILS an die mit verantwortlichen Provider! Seriöse Provider reagieren auch schon positiv darauf! Die uns eh bekannten fragwürdigen und/oder gar unseriösen Provider interessieren uns eh nicht mehr denn dessen NETZWERKE sind mittl. komplett gesperrt!

Es ist wirklich immer wieder sehr amüsant, was für Idioten man unter diesen Möchtegern-Hackern erlebt. Teilweise kann man echt nur noch lachen, wie dumm da so manche Amateure und Scriptkiddies vorgehen.

Die Hacker Vollpfosten des Monats

Weitere Auszüge der Logs von vielen Websites in Bezug auf diese Hacker-Idioten folgen diese Tage. 😉

Übrigens, da auch immer wieder für uns zwielichtige Provider auftaucht, hier mal eine Tabelle der Provider dazu. Es spiegelt Erfahrungen wider, aufgrund der erfolgreiche Abuse-Meldungen bis hin zu gewissen ignoranten Provider!

Tipps, wie man die Website schützen kann findest du über den Link.

Kategorie: Hacker Protokoll Juli 2025