What's in a name?

Yodarub is under attack

They’re probably accessing it directly using the IP address. I doubt they’re doing a DNS lookup for yodarub.com and likely don’t care what the domain name is.

These are actual login attempts to the wordpress, with username and password attempts.

Somehow it got indexed and bots continously try to brute force any random wordpress they come across.

EDIT: Oh do you mean they just step through ips? Maybe.

Yes. Then, if the attack requires a domain name, they’ll do a reverse DNS lookup using the IP address.

Does that even work for shared hosting? I think it’s based off crawling