Title: Is This a Hacker?
Last modified: August 18, 2016

---

# Is This a Hacker?

 *  [thajacka](https://wordpress.org/support/users/thajacka/)
 * (@thajacka)
 * [18 years, 7 months ago](https://wordpress.org/support/topic/is-this-a-hacker/)
 * My website was recently hacked and deleted. I’m in the process of starting over,
   my website currently has nothing on it but the default template. My hosting company
   was no help they said they didn’t know what happend to my website I later learned
   that it was hacked and deleted. I was looking in the logs and found the information
   below. Is this normal activity for a vistor to my website site or is this someone
   attempting to hack it?
 * 71.166.xxx,xx – – [15/Oct/2007:22:13:34 -0500] “GET /wp-login.php?action=register
   HTTP/1.1” 302 5 “[http://www.google.com/search?q=The+Juke+Joint+user+name+%26+password&hl=en&start=50&sa=N&#8221](http://www.google.com/search?q=The+Juke+Joint+user+name+%26+password&hl=en&start=50&sa=N&#8221);“
   Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR
   2.0.50727)”
    71.166.xxx,xx – – [15/Oct/2007:22:13:35 -0500] “GET /wp-login.php?
   registration=disabled HTTP/1.1” 200 1895 “[http://www.google.com/search?q=The+Juke+Joint+user+name+%26+password&hl=en&start=50&sa=N&#8221](http://www.google.com/search?q=The+Juke+Joint+user+name+%26+password&hl=en&start=50&sa=N&#8221);“
   Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR
   2.0.50727)” 71.166.xxx,xx – – [15/Oct/2007:22:13:35 -0500] “GET /wp-admin/wp-
   admin.css?version=2.3 HTTP/1.1” 200 19794 “[http://www.thejukejointmp3.net/wp-login.php?registration=disabled&#8221](http://www.thejukejointmp3.net/wp-login.php?registration=disabled&#8221);“
   Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR
   2.0.50727)” 71.166.xxx,xx – – [15/Oct/2007:22:13:38 -0500] “GET /wp-admin/images/
   login-bkg-tile.gif HTTP/1.1” 200 19279 “[http://www.thejukejointmp3.net/wp-login.php?registration=disabled&#8221](http://www.thejukejointmp3.net/wp-login.php?registration=disabled&#8221);“
   Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR
   2.0.50727)” 71.166.xxx,xx – – [15/Oct/2007:22:13:38 -0500] “GET /wp-admin/images/
   login-bkg-bottom.gif HTTP/1.1” 200 704 “[http://www.thejukejointmp3.net/wp-login.php?registration=disabled&#8221](http://www.thejukejointmp3.net/wp-login.php?registration=disabled&#8221);“
   Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR
   2.0.50727)” 71.166.xxx,xx – – [15/Oct/2007:22:13:39 -0500] “GET /wp-admin/images/
   fade-butt.png HTTP/1.1” 200 785 “[http://www.thejukejointmp3.net/wp-login.php?registration=disabled&#8221](http://www.thejukejointmp3.net/wp-login.php?registration=disabled&#8221);“
   Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR
   2.0.50727)” 71.166.xxx,xx – – [15/Oct/2007:22:13:40 -0500] “GET /favicon.ico 
   HTTP/1.1” 301 5 “-” “Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET 
   CLR 1.1.4322; .NET CLR 2.0.50727)” 71.166.xxx,xx – – [15/Oct/2007:22:13:41 -0500]“
   GET /favicon.ico HTTP/1.1” 404 2618 “-” “Mozilla/4.0 (compatible; MSIE 7.0; Windows
   NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)” 71.166.xxx,xx – – [15/Oct/2007:
   22:19:02 -0500] “GET /wp-login.php?registration=disabled HTTP/1.1” 200 1895 “
   [http://www.google.com/search?q=The+Juke+Joint+user+name+%26+password&hl=en&start=50&sa=N&#8221](http://www.google.com/search?q=The+Juke+Joint+user+name+%26+password&hl=en&start=50&sa=N&#8221);“
   Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR
   2.0.50727)”
 * 64.208.xxx.xxx – – [16/Oct/2007:00:26:30 -0500] “GET /robots.txt HTTP/1.0” 301
   0 “-” “ia_archiver”
    64.208.xxx.xxx – – [16/Oct/2007:00:26:30 -0500] “GET /_private/
   HTTP/1.0” 404 2606 “-” “ia_archiver” 64.208.xxx.xxx – – [16/Oct/2007:00:26:34-
   0500] “GET /_vti_bin/ HTTP/1.0” 404 2606 “-” “ia_archiver” 64.208.xxx.xxx – –[
   16/Oct/2007:00:26:39 -0500] “GET /_vti_cnf/ HTTP/1.0” 404 2606 “-” “ia_archiver”
   64.208.xxx.xxx – – [16/Oct/2007:00:26:44 -0500] “GET /_vti_pvt/ HTTP/1.0” 404
   2606 “-” “ia_archiver” 64.208.xxx.xxx – – [16/Oct/2007:00:26:49 -0500] “GET /
   wp-content/ HTTP/1.0” 200 0 “-” “ia_archiver” 64.208.xxx.xxx – – [16/Oct/2007:
   00:26:54 -0500] “GET /wp-includes/ HTTP/1.0” 200 0 “-” “ia_archiver”

The topic ‘Is This a Hacker?’ is closed to new replies.

## Tags

 * [hacked](https://wordpress.org/support/topic-tag/hacked/)
 * [hacking](https://wordpress.org/support/topic-tag/hacking/)

 * In: [Everything else WordPress](https://wordpress.org/support/forum/miscellaneous/)
 * 0 replies
 * 1 participant
 * Last reply from: [thajacka](https://wordpress.org/support/users/thajacka/)
 * Last activity: [18 years, 7 months ago](https://wordpress.org/support/topic/is-this-a-hacker/)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics