Seit Anfang letzten Jahres finde ich im Logfile Aufrufe der Form
,
mit einer massiven Zunahme seit August:
GET /wp-login.php
Monat | Aufrufe | Monat | Aufrufe |
---|---|---|---|
Januar | 4 | Juli | 43 |
Februar | 4 | August | 560 |
März | 8 | September | 250 |
April | 12 | Oktober | 309 |
Mai | 27 | November | 596 |
Juni | 43 | Dezember | 362 |
Ich gehe ich von Crack-Versuchen aus, denn aufgerufen wird diese URI aus der ganzen Welt, aber mit immer identischen User-Agent.
Meine Seite liegt auf einem Shared Host
, man findet sie also nur,
wenn man den DNS-Namen kennt, und nicht beim Durchprobieren aller IPs.
So steckt ein gewisser Aufwand hinter den Aufrufen, andererseits keine besondere Systematik, denn um neue Wordpress-Installationen zu finden, reichten ein paar Dutzend Zugriffe aus statt der über 2000 im letzten Jahr. Mit dem gleichen Aufwand könnte man auch 100 Seiten jeden Monat angreifen.
So sehen die Aufrufe im Dezember aus:
Datum / Zeit | IP (v4) | Methode und Pfad | User-Agent |
---|---|---|---|
01.12. 01:32:58 | 121.122.0.65 | GET /wp-login.php | Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1 |
01.12. 02:31:53 | 98.196.2.227 | GET /wp-login.php | |
01.12. 02:41:07 | 197.217.78.142 | GET /wp-login.php | |
01.12. 04:27:53 | 49.35.106.168 | GET /wp-login.php | |
01.12. 06:27:51 | 41.76.91.18 | GET /wp-login.php | |
01.12. 09:34:19 | 82.81.220.58 | GET /wp-login.php | |
01.12. 11:33:06 | 212.156.130.130 | GET /wp-login.php | |
01.12. 11:52:41 | 103.31.178.139 | GET /wp-login.php | |
01.12. 13:44:15 | 51.235.29.197 | GET /wp-login.php | |
01.12. 13:54:24 | 93.231.248.107 | GET /wp-login.php | |
01.12. 14:57:17 | 162.206.61.240 | GET /wp-login.php | |
01.12. 16:05:36 | 109.177.133.89 | GET /wp-login.php | |
01.12. 16:51:34 | 112.208.142.171 | GET /wp-login.php | |
01.12. 17:10:59 | 177.53.83.138 | GET /wp-login.php | |
01.12. 18:15:12 | 112.206.161.181 | GET /wp-login.php | |
01.12. 19:04:02 | 41.104.95.246 | GET /wp-login.php | |
01.12. 19:06:27 | 46.11.62.184 | GET /wp-login.php | |
01.12. 19:29:19 | 37.47.78.138 | GET /wp-login.php | |
01.12. 19:31:39 | 45.118.158.10 | GET /wp-login.php | |
01.12. 20:26:31 | 51.36.22.36 | GET /wp-login.php | |
01.12. 20:50:53 | 89.68.102.227 | GET /wp-login.php | |
01.12. 20:51:51 | 145.129.91.225 | GET /wp-login.php | |
01.12. 20:57:57 | 46.239.222.70 | GET /wp-login.php | |
01.12. 21:16:27 | 188.26.136.85 | GET /wp-login.php | |
01.12. 22:27:34 | 31.51.163.233 | GET /wp-login.php | |
02.12. 00:40:26 | 49.149.10.56 | GET /wp-login.php | |
02.12. 00:56:16 | 110.136.128.47 | GET /wp-login.php | |
02.12. 04:54:19 | 148.122.187.2 | GET /wp-login.php | |
02.12. 05:27:36 | 41.89.104.15 | GET /wp-login.php | |
02.12. 06:25:19 | 112.209.146.214 | GET /wp-login.php | |
02.12. 06:38:30 | 122.54.155.196 | GET /wp-login.php | |
02.12. 11:06:24 | 94.225.198.148 | GET /wp-login.php | |
02.12. 11:58:34 | 115.97.164.71 | GET /wp-login.php | |
02.12. 14:35:18 | 88.0.38.147 | GET /wp-login.php | |
02.12. 14:47:26 | 77.119.130.196 | GET /wp-login.php | |
02.12. 15:33:17 | 41.109.240.102 | GET /wp-login.php | |
02.12. 16:24:26 | 212.96.46.182 | GET /wp-login.php | |
02.12. 18:37:33 | 178.149.160.173 | GET /wp-login.php | |
02.12. 19:23:11 | 24.135.72.5 | GET /wp-login.php | |
02.12. 20:21:57 | 95.76.3.222 | GET /wp-login.php | |
03.12. 03:30:02 | 122.15.232.106 | GET /wp-login.php | |
03.12. 03:40:14 | 191.84.127.21 | GET /wp-login.php | |
03.12. 07:36:04 | 145.129.76.171 | GET /wp-login.php | |
03.12. 08:10:03 | 109.93.195.70 | GET /wp-login.php | |
03.12. 14:50:13 | 122.174.138.87 | GET /wp-login.php | |
03.12. 15:01:07 | 213.181.223.71 | GET /wp-login.php | |
03.12. 15:31:47 | 65.94.37.189 | GET /wp-login.php | |
03.12. 15:35:41 | 210.16.88.36 | GET /wp-login.php | |
03.12. 16:24:26 | 103.221.70.147 | GET /wp-login.php | |
03.12. 16:35:24 | 51.36.168.143 | GET /wp-login.php | |
03.12. 16:39:21 | 41.230.197.58 | GET /wp-login.php | |
03.12. 18:22:16 | 117.200.233.199 | GET /wp-login.php | |
03.12. 19:35:04 | 174.105.216.230 | GET /wp-login.php | |
03.12. 23:33:24 | 90.74.232.142 | GET /wp-login.php | |
04.12. 00:18:00 | 223.225.143.89 | GET /wp-login.php | |
04.12. 05:18:51 | 103.26.112.136 | GET /wp-login.php | |
04.12. 06:05:32 | 79.119.245.190 | GET /wp-login.php | |
04.12. 08:38:36 | 202.142.110.51 | GET /wp-login.php | |
04.12. 09:22:55 | 93.170.114.149 | GET /wp-login.php | |
04.12. 11:08:14 | 180.251.220.19 | GET /wp-login.php | |
04.12. 11:12:45 | 117.216.59.166 | GET /wp-login.php | |
04.12. 11:19:17 | 101.50.70.175 | GET /wp-login.php | |
04.12. 14:17:56 | 103.220.156.2 | GET /wp-login.php | |
04.12. 14:58:19 | 39.36.95.137 | GET /wp-login.php | |
04.12. 16:41:21 | 90.19.163.115 | GET /wp-login.php | |
04.12. 16:58:00 | 83.9.17.160 | GET /wp-login.php | |
04.12. 19:48:30 | 59.98.247.250 | GET /wp-login.php | |
04.12. 20:46:44 | 217.217.148.191 | GET /wp-login.php | |
05.12. 03:42:08 | 190.232.56.224 | GET /wp-login.php | |
05.12. 06:23:07 | 188.27.219.67 | GET /wp-login.php | |
05.12. 07:48:16 | 103.240.194.68 | GET /wp-login.php | |
05.12. 07:50:34 | 60.53.201.226 | GET /wp-login.php | |
05.12. 08:57:42 | 59.182.185.189 | GET /wp-login.php | |
05.12. 09:31:32 | 212.176.63.62 | GET /wp-login.php | |
05.12. 13:52:00 | 79.55.151.96 | GET /wp-login.php | |
05.12. 16:02:06 | 78.241.75.180 | GET /wp-login.php | |
05.12. 16:02:15 | 46.39.55.66 | GET /wp-login.php | |
05.12. 19:47:56 | 89.210.157.220 | GET /wp-login.php | |
05.12. 21:28:09 | 85.216.205.163 | GET /wp-login.php | |
05.12. 22:46:48 | 79.26.40.128 | GET /wp-login.php | |
05.12. 23:35:39 | 41.45.167.254 | GET /wp-login.php | |
06.12. 00:04:39 | 87.205.227.250 | GET /wp-login.php | |
06.12. 00:26:02 | 46.217.74.56 | GET /wp-login.php | |
06.12. 05:42:12 | 182.48.136.239 | GET /wp-login.php | |
06.12. 09:07:56 | 41.210.28.144 | GET /wp-login.php | |
06.12. 10:40:00 | 122.160.172.24 | GET /wp-login.php | |
06.12. 14:53:06 | 112.202.24.73 | GET /wp-login.php | |
06.12. 18:19:50 | 188.146.87.188 | GET /wp-login.php | |
06.12. 18:56:38 | 185.11.224.24 | GET /wp-login.php | |
06.12. 21:19:18 | 77.28.217.201 | GET /wp-login.php | |
06.12. 22:33:48 | 109.175.99.151 | GET /wp-login.php | |
07.12. 00:24:44 | 88.162.223.28 | GET /wp-login.php | |
07.12. 04:33:03 | 169.1.93.214 | GET /wp-login.php | |
07.12. 05:33:27 | 36.68.12.11 | GET /wp-login.php | |
07.12. 10:39:16 | 213.197.86.21 | GET /wp-login.php | |
07.12. 11:44:58 | 41.136.114.121 | GET /wp-login.php | |
07.12. 12:06:00 | 160.238.76.157 | GET /wp-login.php | |
07.12. 14:21:10 | 83.10.110.46 | GET /wp-login.php | |
07.12. 14:46:48 | 27.34.90.25 | GET /wp-login.php | |
07.12. 15:08:36 | 180.253.122.221 | GET /wp-login.php | |
07.12. 16:41:39 | 210.103.59.253 | GET /wp-login.php | |
07.12. 17:39:16 | 67.168.121.73 | GET /wp-login.php | |
07.12. 17:54:29 | 175.141.212.2 | GET /wp-login.php | |
07.12. 19:32:36 | 70.53.217.117 | GET /wp-login.php | |
07.12. 20:16:32 | 79.116.242.140 | GET /wp-login.php | |
07.12. 21:06:05 | 212.15.177.176 | GET /wp-login.php | |
08.12. 02:44:51 | 36.38.241.72 | GET /wp-login.php | |
08.12. 03:18:26 | 187.250.108.47 | GET /wp-login.php | |
08.12. 09:19:54 | 86.6.209.8 | GET /wp-login.php | |
08.12. 09:31:26 | 178.221.145.233 | GET /wp-login.php | |
08.12. 09:48:05 | 92.255.98.22 | GET /wp-login.php | |
08.12. 12:38:26 | 121.157.134.43 | GET /wp-login.php | |
08.12. 12:40:20 | 176.74.124.47 | GET /wp-login.php | |
08.12. 13:41:50 | 203.212.145.31 | GET /wp-login.php | |
08.12. 13:59:27 | 111.125.208.170 | GET /wp-login.php | |
08.12. 16:51:05 | 78.231.38.138 | GET /wp-login.php | |
08.12. 17:51:19 | 180.252.149.224 | GET /wp-login.php | |
08.12. 18:55:26 | 182.178.77.134 | GET /wp-login.php | |
08.12. 18:59:34 | 43.231.56.59 | GET /wp-login.php | |
08.12. 19:39:46 | 109.172.150.137 | GET /wp-login.php | |
08.12. 20:11:33 | 107.19.105.141 | GET /wp-login.php | |
08.12. 20:49:08 | 93.94.184.193 | GET /wp-login.php | |
08.12. 22:54:00 | 85.5.39.164 | GET /wp-login.php | |
09.12. 08:53:44 | 95.7.107.2 | GET /wp-login.php | |
09.12. 09:49:49 | 60.50.14.243 | GET /wp-login.php | |
09.12. 10:54:02 | 197.133.29.144 | GET /wp-login.php | |
09.12. 12:55:24 | 110.171.182.56 | GET /wp-login.php | |
09.12. 13:07:27 | 210.195.108.206 | GET /wp-login.php | |
09.12. 14:04:17 | 86.127.131.203 | GET /wp-login.php | |
09.12. 16:14:41 | 120.29.85.162 | GET /wp-login.php | |
10.12. 00:50:03 | 188.162.237.71 | GET /wp-login.php | |
10.12. 04:54:12 | 112.203.167.143 | GET /wp-login.php | |
10.12. 05:23:18 | 124.40.246.86 | GET /wp-login.php | |
10.12. 06:06:13 | 175.125.79.76 | GET /wp-login.php | |
10.12. 06:55:09 | 24.37.224.98 | GET /wp-login.php | |
10.12. 08:00:54 | 220.122.93.170 | GET /wp-login.php | |
10.12. 08:12:08 | 59.178.50.117 | GET /wp-login.php | |
10.12. 09:29:51 | 49.147.124.147 | GET /wp-login.php | |
10.12. 10:04:00 | 188.247.75.186 | GET /wp-login.php | |
10.12. 14:40:06 | 174.95.73.163 | GET /wp-login.php | |
10.12. 15:50:50 | 175.138.201.29 | GET /wp-login.php | |
10.12. 16:41:53 | 90.194.215.244 | GET /wp-login.php | |
10.12. 17:46:32 | 93.122.248.71 | GET /wp-login.php | |
10.12. 18:20:08 | 176.41.248.226 | GET /wp-login.php | |
10.12. 21:10:24 | 37.125.159.51 | GET /wp-login.php | |
11.12. 01:21:04 | 175.138.223.31 | GET /wp-login.php | |
11.12. 04:44:36 | 103.218.151.60 | GET /wp-login.php | |
11.12. 09:20:09 | 24.135.97.161 | GET /wp-login.php | |
11.12. 10:21:55 | 1.235.69.132 | GET /wp-login.php | |
11.12. 13:09:55 | 78.56.93.69 | GET /wp-login.php | |
11.12. 13:50:08 | 139.195.103.220 | GET /wp-login.php | |
11.12. 16:04:31 | 183.87.114.186 | GET /wp-login.php | |
11.12. 20:23:16 | 83.240.68.234 | GET /wp-login.php | |
12.12. 02:10:37 | 79.141.243.82 | GET /wp-login.php | |
12.12. 02:12:39 | 118.200.170.211 | GET /wp-login.php | |
12.12. 03:04:34 | 119.94.172.164 | GET /wp-login.php | |
12.12. 06:50:25 | 103.226.206.114 | GET /wp-login.php | |
12.12. 10:44:04 | 45.248.26.228 | GET /wp-login.php | |
12.12. 11:30:00 | 94.25.188.67 | GET /wp-login.php | |
12.12. 13:12:14 | 178.59.168.210 | GET /wp-login.php | |
12.12. 15:15:26 | 109.239.19.118 | GET /wp-login.php | |
12.12. 15:17:25 | 170.78.250.206 | GET /wp-login.php | |
12.12. 22:20:04 | 86.27.179.55 | GET /wp-login.php | |
12.12. 23:28:23 | 81.215.156.111 | GET /wp-login.php | |
13.12. 08:55:33 | 41.105.43.233 | GET /wp-login.php | |
13.12. 08:58:42 | 5.38.141.6 | GET /wp-login.php | |
13.12. 10:06:32 | 24.131.222.233 | GET /wp-login.php | |
13.12. 12:44:05 | 122.53.31.204 | GET /wp-login.php | |
13.12. 14:13:12 | 187.19.185.168 | GET /wp-login.php | |
13.12. 17:18:23 | 182.77.116.89 | GET /wp-login.php | |
13.12. 18:25:54 | 177.132.110.114 | GET /wp-login.php | |
13.12. 20:24:33 | 95.234.66.99 | GET /wp-login.php | |
13.12. 20:49:42 | 41.104.22.127 | GET /wp-login.php | |
13.12. 20:51:05 | 31.17.252.157 | GET /wp-login.php | |
13.12. 21:02:57 | 66.191.196.120 | GET /wp-login.php | |
13.12. 21:58:25 | 106.201.94.103 | GET /wp-login.php | |
13.12. 23:24:17 | 87.3.230.129 | GET /wp-login.php | |
14.12. 02:18:14 | 78.155.236.35 | GET /wp-login.php | |
14.12. 14:45:26 | 200.193.248.228 | GET /wp-login.php | |
14.12. 16:37:39 | 93.86.237.237 | GET /wp-login.php | |
14.12. 17:48:38 | 182.48.232.19 | GET /wp-login.php | |
14.12. 19:52:30 | 92.44.125.195 | GET /wp-login.php | |
14.12. 19:55:48 | 117.202.12.237 | GET /wp-login.php | |
15.12. 04:21:58 | 41.140.0.218 | GET /wp-login.php | |
15.12. 07:56:43 | 1.9.97.204 | GET /wp-login.php | |
15.12. 09:30:48 | 78.93.237.171 | GET /wp-login.php | |
15.12. 10:56:56 | 139.5.236.52 | GET /wp-login.php | |
15.12. 11:31:36 | 115.186.136.55 | GET /wp-login.php | |
15.12. 11:37:12 | 45.124.193.17 | GET /wp-login.php | |
15.12. 17:13:09 | 46.175.47.171 | GET /wp-login.php | |
15.12. 19:46:11 | 191.178.187.139 | GET /wp-login.php | |
15.12. 20:26:20 | 31.215.120.167 | GET /wp-login.php | |
15.12. 20:37:01 | 47.8.24.138 | GET /wp-login.php | |
15.12. 22:31:05 | 112.211.202.241 | GET /wp-login.php | |
16.12. 00:14:58 | 108.251.193.39 | GET /wp-login.php | |
16.12. 00:16:55 | 217.72.90.20 | GET /wp-login.php | |
16.12. 02:03:21 | 189.29.116.120 | GET /wp-login.php | |
16.12. 10:02:47 | 117.207.149.128 | GET /wp-login.php | |
16.12. 10:22:20 | 46.107.77.43 | GET /wp-login.php | |
16.12. 10:23:45 | 122.178.176.74 | GET /wp-login.php | |
16.12. 11:39:55 | 185.75.110.10 | GET /wp-login.php | |
16.12. 12:06:40 | 181.92.77.219 | GET /wp-login.php | |
16.12. 13:15:53 | 41.107.242.249 | GET /wp-login.php | |
16.12. 14:04:29 | 83.13.210.38 | GET /wp-login.php | |
16.12. 14:25:39 | 77.244.197.36 | GET /wp-login.php | |
16.12. 18:10:10 | 84.15.184.226 | GET /wp-login.php | |
16.12. 19:43:06 | 189.76.60.110 | GET /wp-login.php | |
16.12. 19:50:47 | 134.3.49.160 | GET /wp-login.php | |
16.12. 21:36:14 | 88.156.128.16 | GET /wp-login.php | |
17.12. 01:51:38 | 36.76.227.146 | GET /wp-login.php | |
17.12. 05:35:50 | 109.93.191.185 | GET /wp-login.php | |
17.12. 06:48:04 | 103.240.206.19 | GET /wp-login.php | |
17.12. 07:10:10 | 223.222.80.78 | GET /wp-login.php | |
17.12. 07:49:59 | 112.207.117.153 | GET /wp-login.php | |
17.12. 12:43:17 | 154.67.109.123 | GET /wp-login.php | |
17.12. 13:19:58 | 110.8.201.127 | GET /wp-login.php | |
17.12. 15:43:21 | 190.19.182.156 | GET /wp-login.php | |
17.12. 17:22:44 | 45.113.236.82 | GET /wp-login.php | |
17.12. 21:25:04 | 5.133.252.178 | GET /wp-login.php | |
17.12. 21:47:14 | 178.132.219.160 | GET /wp-login.php | |
17.12. 23:55:43 | 111.88.7.177 | GET /wp-login.php | |
18.12. 01:26:20 | 95.90.192.210 | GET /wp-login.php | |
18.12. 03:41:15 | 94.52.190.81 | GET /wp-login.php | |
18.12. 06:54:44 | 113.254.38.126 | GET /wp-login.php | |
18.12. 08:29:48 | 151.50.195.161 | GET /wp-login.php | |
18.12. 08:35:51 | 79.178.112.204 | GET /wp-login.php | |
18.12. 10:41:23 | 124.141.77.34 | GET /wp-login.php | |
18.12. 10:52:19 | 78.98.94.147 | GET /wp-login.php | |
18.12. 10:52:32 | 182.66.105.94 | GET /wp-login.php | |
18.12. 11:05:51 | 111.94.206.130 | GET /wp-login.php | |
18.12. 12:16:11 | 85.82.219.215 | GET /wp-login.php | |
18.12. 14:07:22 | 175.101.18.100 | GET /wp-login.php | |
18.12. 14:19:54 | 93.40.201.222 | GET /wp-login.php | |
18.12. 17:52:02 | 46.17.150.39 | GET /wp-login.php | |
18.12. 20:01:33 | 201.3.222.93 | GET /wp-login.php | |
18.12. 21:48:17 | 81.182.188.220 | GET /wp-login.php | |
18.12. 23:44:26 | 109.121.67.41 | GET /wp-login.php | |
19.12. 00:28:03 | 36.79.31.205 | GET /wp-login.php | |
19.12. 11:09:25 | 93.176.214.10 | GET /wp-login.php | |
19.12. 13:20:07 | 79.62.171.43 | GET /wp-login.php | |
19.12. 14:09:22 | 178.129.0.217 | GET /wp-login.php | |
19.12. 18:17:51 | 86.127.97.207 | GET /wp-login.php | |
20.12. 01:26:21 | 81.190.34.190 | GET /wp-login.php | |
20.12. 04:03:44 | 91.140.213.7 | GET /wp-login.php | |
20.12. 04:22:18 | 68.100.68.184 | GET /wp-login.php | |
20.12. 05:01:39 | 121.200.62.170 | GET /wp-login.php | |
20.12. 05:55:51 | 92.86.27.58 | GET /wp-login.php | |
20.12. 07:02:19 | 190.224.232.52 | GET /wp-login.php | |
20.12. 07:02:56 | 110.93.236.85 | GET /wp-login.php | |
20.12. 10:38:23 | 171.232.114.119 | GET /wp-login.php | |
20.12. 17:26:10 | 195.122.29.67 | GET /wp-login.php | |
21.12. 00:36:07 | 112.209.143.191 | GET /wp-login.php | |
21.12. 03:51:39 | 49.148.190.12 | GET /wp-login.php | |
21.12. 08:34:07 | 121.6.112.30 | GET /wp-login.php | |
21.12. 09:17:33 | 185.171.62.214 | GET /wp-login.php | |
21.12. 10:51:06 | 177.39.255.196 | GET /wp-login.php | |
21.12. 11:08:31 | 103.252.202.66 | GET /wp-login.php | |
21.12. 11:20:41 | 91.105.51.108 | GET /wp-login.php | |
21.12. 13:11:13 | 61.6.93.17 | GET /wp-login.php | |
21.12. 15:31:27 | 121.121.63.94 | GET /wp-login.php | |
21.12. 15:33:13 | 41.75.126.14 | GET /wp-login.php | |
21.12. 15:37:18 | 89.42.159.181 | GET /wp-login.php | |
21.12. 17:28:05 | 1.180.208.17 | GET /wp-login.php | |
21.12. 19:01:01 | 124.123.77.138 | GET /wp-login.php | |
21.12. 21:11:41 | 36.84.13.206 | GET /wp-login.php | |
21.12. 21:38:13 | 95.131.128.98 | GET /wp-login.php | |
22.12. 02:32:32 | 109.66.5.170 | GET /wp-login.php | |
22.12. 04:03:34 | 86.121.175.99 | GET /wp-login.php | |
22.12. 05:42:56 | 41.34.225.238 | GET /wp-login.php | |
22.12. 05:44:08 | 182.64.162.88 | GET /wp-login.php | |
22.12. 13:33:27 | 81.215.185.207 | GET /wp-login.php | |
22.12. 16:20:08 | 95.95.249.151 | GET /wp-login.php | |
22.12. 17:08:47 | 103.212.145.247 | GET /wp-login.php | |
22.12. 20:13:09 | 79.202.100.62 | GET /wp-login.php | |
22.12. 22:16:51 | 79.129.183.99 | GET /wp-login.php | |
23.12. 02:47:59 | 117.196.174.146 | GET /wp-login.php | |
23.12. 06:33:25 | 180.33.37.243 | GET /wp-login.php | |
23.12. 07:54:14 | 103.51.134.61 | GET /wp-login.php | |
23.12. 08:10:12 | 85.138.24.91 | GET /wp-login.php | |
23.12. 17:14:15 | 210.195.7.242 | GET /wp-login.php | |
23.12. 17:18:02 | 77.176.255.145 | GET /wp-login.php | |
23.12. 19:54:27 | 94.114.188.30 | GET /wp-login.php | |
23.12. 21:56:48 | 186.247.177.25 | GET /wp-login.php | |
24.12. 04:12:16 | 37.21.63.175 | GET /wp-login.php | |
24.12. 07:04:18 | 171.232.11.235 | GET /wp-login.php | |
24.12. 08:49:30 | 176.210.23.233 | GET /wp-login.php | |
24.12. 08:57:06 | 195.68.234.183 | GET /wp-login.php | |
24.12. 16:03:23 | 59.153.103.220 | GET /wp-login.php | |
24.12. 16:56:53 | 122.177.221.240 | GET /wp-login.php | |
24.12. 17:56:50 | 93.143.231.71 | GET /wp-login.php | |
25.12. 02:15:09 | 217.66.160.7 | GET /wp-login.php | |
25.12. 02:57:50 | 212.199.11.115 | GET /wp-login.php | |
25.12. 08:50:01 | 213.233.92.28 | GET /wp-login.php | |
25.12. 14:12:35 | 80.48.178.114 | GET /wp-login.php | |
25.12. 19:00:27 | 84.117.209.252 | GET /wp-login.php | |
26.12. 08:58:29 | 211.26.203.67 | GET /wp-login.php | |
26.12. 11:59:03 | 39.115.85.214 | GET /wp-login.php | |
26.12. 12:45:00 | 182.69.214.47 | GET /wp-login.php | |
26.12. 15:29:18 | 87.78.79.96 | GET /wp-login.php | |
26.12. 15:43:43 | 88.162.177.95 | GET /wp-login.php | |
26.12. 17:35:36 | 27.145.137.202 | GET /wp-login.php | |
26.12. 18:38:50 | 177.220.213.155 | GET /wp-login.php | |
26.12. 19:57:31 | 178.165.130.87 | GET /wp-login.php | |
26.12. 20:11:04 | 46.147.148.48 | GET /wp-login.php | |
27.12. 05:30:49 | 192.162.96.79 | GET /wp-login.php | |
27.12. 07:18:10 | 130.43.16.43 | GET /wp-login.php | |
27.12. 08:52:24 | 117.198.114.133 | GET /wp-login.php | |
27.12. 10:14:55 | 187.178.250.34 | GET /wp-login.php | |
27.12. 11:40:26 | 118.101.9.99 | GET /wp-login.php | |
27.12. 13:08:52 | 197.27.75.147 | GET /wp-login.php | |
28.12. 06:15:00 | 93.190.62.162 | GET /wp-login.php | |
28.12. 10:34:05 | 110.9.196.139 | GET /wp-login.php | |
28.12. 14:52:06 | 176.152.195.83 | GET /wp-login.php | |
28.12. 15:23:02 | 89.205.79.156 | GET /wp-login.php | |
28.12. 15:33:42 | 60.50.57.120 | GET /wp-login.php | |
28.12. 18:25:04 | 157.49.116.53 | GET /wp-login.php | |
28.12. 19:53:07 | 1.23.163.202 | GET /wp-login.php | |
29.12. 06:33:07 | 106.240.186.212 | GET /wp-login.php | |
29.12. 07:20:05 | 103.242.219.105 | GET /wp-login.php | |
29.12. 07:42:09 | 175.101.88.218 | GET /wp-login.php | |
29.12. 16:11:05 | 93.137.16.47 | GET /wp-login.php | |
29.12. 17:29:04 | 41.102.153.234 | GET /wp-login.php | |
29.12. 19:52:55 | 178.172.146.43 | GET /wp-login.php | |
30.12. 00:59:24 | 111.93.69.178 | GET /wp-login.php | |
30.12. 03:17:09 | 95.84.4.39 | GET /wp-login.php | |
30.12. 03:17:26 | 59.88.185.135 | GET /wp-login.php | |
30.12. 09:17:00 | 87.171.37.218 | GET /wp-login.php | |
30.12. 10:15:17 | 37.231.167.230 | GET /wp-login.php | |
30.12. 16:47:50 | 87.2.90.245 | GET /wp-login.php | |
30.12. 21:05:24 | 24.122.121.83 | GET /wp-login.php | |
31.12. 06:46:06 | 93.110.86.122 | GET /wp-login.php | |
31.12. 08:28:00 | 151.182.176.73 | GET /wp-login.php | |
31.12. 08:56:40 | 126.4.165.199 | GET /wp-login.php | |
31.12. 11:25:30 | 84.13.147.46 | GET /wp-login.php |
Es gibt auch Zugriffsversuche mit anderen User-Agents:
Datum / Zeit | IP (v4) | Methode und Pfad | User-Agent |
---|---|---|---|
07.12. 18:29:59 | 150.70.173.21 | GET /wp-login.php | Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.2 (KHTML, like Gecko) Chrome/22.0.1216.0 Safari/537.2 |
04.12. 18:29:58 | 195.154.255.131 | GET /wp-login.php | Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36 |
05.12. 19:03:36 | GET /wp-login.php | ||
06.12. 10:51:50 | 195.154.167.219 | GET /wp-login.php | |
07.12. 18:46:27 | 195.154.253.233 | GET /wp-login.php | |
08.12. 17:50:07 | GET /wp-login.php | ||
12.12. 07:07:15 | 195.154.255.131 | GET /wp-login.php | |
12.12. 18:42:27 | 195.154.253.233 | GET /wp-login.php | |
14.12. 18:21:05 | GET /wp-login.php | ||
20.12. 23:46:19 | 195.154.233.238 | GET /wp-login.php | |
24.12. 17:59:28 | 195.154.240.10 | GET /wp-login.php |
Auch ohne User-Agent:
Datum / Zeit | IP (v4) | Methode und Pfad |
---|---|---|
11.12. 08:13:58 | 195.154.230.187 | GET /wp-login.php |
Andere schauen (auch ohne User-Agent) erst einmal nach, ob überhaupt was zu holen ist:
Datum / Zeit | IP (v4) | Methode und Pfad |
---|---|---|
26.12. 05:47:05 | 43.252.228.133 | HEAD /wp-login.php |
04.12. 23:24:21 | 45.64.113.156 | HEAD /wp-login.php |
08.12. 10:22:53 | 103.243.24.51 | HEAD /wp-login.php |
09.12. 09:50:56 | 139.129.14.230 | HEAD /wp-login.php |
14.12. 14:54:29 | 139.129.130.253 | HEAD /wp-login.php |
16.12. 14:38:09 | 43.251.17.62 | HEAD /wp-login.php |
17.12. 23:25:36 | 43.252.228.133 | HEAD /wp-login.php |
18.12. 06:45:07 | 120.76.132.64 | HEAD /wp-login.php |
18.12. 13:50:50 | 118.69.173.152 | HEAD /wp-login.php |
20.12. 07:01:52 | 103.243.24.51 | HEAD /wp-login.php |
20.12. 15:39:10 | 103.30.43.168 | HEAD /wp-login.php |
23.12. 21:22:28 | 223.73.47.1 | HEAD /wp-login.php |
26.12. 19:49:21 | 115.28.71.161 | HEAD /wp-login.php |
30.12. 03:40:38 | 61.31.89.198 | HEAD /wp-login.php |
Neben
werden auch andere URIs gefragt:/wp-login.php
Datum / Zeit | IP (v4) | Methode und Pfad | User-Agent |
---|---|---|---|
28.12. 22:08:04 | 195.154.199.56 | GET //wp-content/plugins/ubh/up.php | Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36 |
31.12. 15:24:04 | 195.154.191.64 | ||
31.12. 14:09:13 | 195.154.199.101 | GET //wp-includes/registration-functions.php | |
16.12. 06:15:31 | 176.61.136.150 | GET /wp-admin | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.71 Safari/537.36 |
08.12. 20:57:57 | 192.42.130.13 | GET /wp-content | Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/534.14 (KHTML, like Gecko) Chrome/9.0.601.0 Safari/534.14 |
15.12. 05:27:19 | 210.91.40.66 | GET /wp-content/plugins/fckeditor_for_wordpress/fckeditor | WebFuck V2.1 T0PHackTeam www.t0p.xyz |
21.12. 07:53:36 | 203.189.235.253 | ||
18.12. 08:16:58 | 62.210.181.123 | GET /wp-content/plugins/hb-audio-gallery-lite/gallery/audio-download.php?file_path=../../../../wp-config.php&file_size=10 | Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko |
24.12. 13:44:56 | |||
18.12. 08:16:58 | GET /wp-content/themes/mTheme-Unus/css/css.php?files=../../../../wp-config.php | ||
24.12. 13:44:56 | |||
09.12. 01:56:22 | 195.154.199.145 | GET /wp-content/upgrade/theme-compat/popup-pomo.php | |
13.12. 12:16:49 |
Mich würde interessieren, wer hinter diesen Angriffen steckt? Was sie bezwecken? Und wie oft sie Erfolg haben?
Und ich denke, dass Nutzer von Wordpress die Sicherheitsupdates jeweils sehr schnell einspielen sollten, auch für Themen und Plugins.
Nachtrag:
Hadmut Danisch analysiert den Hack einer feministischen Wordpress-Pornoseite. So schnell kann's gehen.