Attempts continue daily trying to hack my web site. On multiple occasions I have approached IP address holder via the WHOIS service to complain and received bland reassurances. An example of the recent IP address is below the table. Once a host has been established from where the hacking attempt is coming from, you then have to fill in the contact form or abuse form for the host company. A few days later you’ll get a bland reassurance back and the hacks continue sometimes from the same IP address. In the table below, I have listed some of these hacking attempts over the last month. I get 50-100 every 24 hours. I’ll probably get more now.
UPDATE
Nothing back from web sites about IP addresses and in last 48 hours 1-3 Aug 2023 I’ve logged over 500 attempts. Waste of bandwidth….
Purpose of Trying To Hack My Web Site
It’s unclear why these bots or their instigators are trying to hack my site. The site has reputational value to me, but has no e-commerce element except links to book sites. It does not hold membership lists of thousands – in fact no members with no private data, except cookie lists – see privacy policy. It may be fun but it’s just a pain and so far unsuccessful. I’m not saying what my user account name is for admin access. Nor am I giving out a password/phrase but it’s strong and then there is 2FA, Two-Factor Authentication. That means these brute force attempts get nowhere even if they did get my username and password.
It’s all a colossal waste of time and resources for all parties. Having worked in the cyber security field, I know how much effort this costs for a company and what sort of reward these criminals are after. The databases or monetary ransom from encryption, but again why my site?
Dear hackers give it a rest. Why not use your skills for the betterment of human life? Mind you with the endless efforts of Government agencies some of which have leaked into the open this is an ongoing battle. Hadn’t realised this comes 10 years after Snowden’s revelations.
Table of IP Addresses
| Date | IP Address | User Account attempted |
| June 22, 2023 07:24 | 152.32.189.117 | admin (3 lockouts) |
| June 22, 2023 06:12 | 148.72.244.186 | phenweb (1 lockouts) |
| June 21, 2023 20:14 | 45.120.69.121 | admin (1 lockouts) |
| June 21, 2023 01:23 | 2a03:b0c0:1:d0::e6c:f001 | phenweb (1 lockouts) |
| June 20, 2023 06:10 | 148.72.214.194 | admin (2 lockouts) |
| June 19, 2023 15:32 | 66.94.96.129 | admin (2 lockouts) |
| June 19, 2023 12:51 | 103.179.56.32 | admin (2 lockouts) |
| June 19, 2023 06:15 | 35.187.58.136 | admin (1 lockouts) |
| June 19, 2023 05:50 | 134.122.123.193 | admin (1 lockouts) |
| June 18, 2023 03:50 | 2a03:b0c0:1:d0::ee2:c001 | wwwadmin (1 lockouts) |
| June 13, 2023 00:03 | 2607:f298:5:6000::cb9:8de4 | admin (1 lockouts) |
| June 09, 2023 13:22 | 2a03:b0c0:1:d0::ee2:c001 | admin (1 lockouts) |
| June 09, 2023 07:18 | 167.99.86.104 | admin (1 lockouts) |
| June 09, 2023 03:46 | 2a00:d680:20:50::4379 | admin (3 lockouts) |
| June 07, 2023 00:40 | 5.188.62.21 | pghadmin (9 lockouts) |
| June 05, 2023 22:35 | 150.109.148.216 | admin (1 lockouts) |
| June 05, 2023 12:13 | 185.2.4.134 | wadminw (1 lockouts) |
| June 04, 2023 09:13 | 46.105.29.21 | admin (1 lockouts) |
| June 03, 2023 11:35 | 2001:41d0:403:1680:: | admin (1 lockouts) |
| June 03, 2023 05:13 | 2a00:d680:20:50::f4dc | admin (2 lockouts) |
| June 02, 2023 00:58 | 195.154.184.235 | admin (1 lockouts) |
| June 01, 2023 15:25 | 157.230.249.54 | admin (1 lockouts) |
| May 25, 2023 20:51 | 47.111.116.44 | admin (1 lockouts) |
| May 25, 2023 12:44 | 2607:f298:5:6000::d15:5580 | admin (1 lockouts) |
| May 25, 2023 11:17 | 116.109.45.9 | wwwadmin (1 lockouts) |
| May 25, 2023 05:14 | 2400:6180:0:d0::f6f:3001 | admin (3 lockouts) |
| May 24, 2023 19:15 | 23.99.229.218 | admin (1 lockouts) |
| May 24, 2023 18:32 | 24.199.86.99 | admin (1 lockouts) |
| May 23, 2023 01:51 | 51.79.144.41 | admin (2 lockouts) |
| May 22, 2023 12:22 | 2001:41d0:403:1680:: | wadminw (1 lockouts) |
WHOIS Trying to Hack My Web Site
Whois IP 152.32.189.117
The IP is registered to Hong Kong and UCloud. They have an abuse email hegui@ucloud.cn. I won’t hold out any hope of a response but I’ve tried.
% [whois.apnic.net] % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html % Information related to '152.32.128.0 - 152.32.255.255' % Abuse contact for '152.32.128.0 - 152.32.255.255' is '@ucloud.cn' inetnum: 152.32.128.0 - 152.32.255.255 netname: UCLOUD-HK descr: UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED country: HK org: ORG-UITL1-AP admin-c: UITH2-AP tech-c: UITH2-AP abuse-c: AU164-AP status: ALLOCATED PORTABLE remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-UCLOUD-HK mnt-routes: MAINT-UCLOUD-HK mnt-irt: IRT-UCLOUD-HK last-modified: 2022-05-16T03:40:43Z source: APNIC irt: IRT-UCLOUD-HK address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong e-mail: @ucloud.cn abuse-mailbox: @ucloud.cn admin-c: UITH2-AP tech-c: UITH2-AP auth: # Filtered remarks: @ucloud.cn was validated on 2022-12-29 remarks: @ucloud.cn was validated on 2022-12-30 mnt-by: MAINT-UCLOUD-HK last-modified: 2022-12-30T07:26:18Z source: APNIC organisation: ORG-UITL1-AP org-name: UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED country: HK address: FLAT/RM 603 6/F address: LAWS COMMERCIAL PLAZA address: 788 CHEUNG SHA WAN ROAD, KL, phone: +86-18221224857 e-mail: @ucloud.cn mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2019-12-10T12:58:29Z source: APNIC role: ABUSE UCLOUDHK address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong country: ZZ phone: +000000000 e-mail: @ucloud.cn admin-c: UITH2-AP tech-c: UITH2-AP nic-hdl: AU164-AP remarks: Generated from irt object IRT-UCLOUD-HK remarks: @ucloud.cn was validated on 2022-12-29 remarks: @ucloud.cn was validated on 2022-12-30 abuse-mailbox: @ucloud.cn mnt-by: APNIC-ABUSE
English (UK) 
Español