Checking for 404 errors in your logs can reveal more than just broken links, it can also expose files and URLs that attackers are actively scanning for. To track this behavior, we set up hundreds of honeypots and analyzed live web traffic data, giving us insight into which files and URLs are being targeted across the internet.
The table bellow list the top URLs being scanned on WordPress sites in the past 72 hours. This list of updated daily and shows the top plugins, backdoors and files that attacker are lookin for specifically to WordPress.
Rank | Scanned URL | Counter |
---|---|---|
#1 | /wp-login.php | 17,844 |
#2 | /wp-content/plugins/fix/up.php | 4,531 |
#3 | /wp-cron.php | 3,482 |
#4 | /wp-sitemap.xml | 1,779 |
#5 | /wp-admin/edit-tags.php | 1,772 |
#6 | /wp-admin/post-new.php | 1,601 |
#7 | /wp-includes/wlwmanifest.xml | 1,398 |
#8 | /wp-json/sfwd-assignment/1 | 1,251 |
#9 | /wp-json/oembed/1.0/embed | 1,245 |
#10 | /wp-admin | 1,196 |
#11 | /web/wp-includes/wlwmanifest.xml | 1,129 |
#12 | /wordpress/wp-includes/wlwmanifest.xml | 1,128 |
#13 | /wp/wp-includes/wlwmanifest.xml | 1,106 |
#14 | /2019/wp-includes/wlwmanifest.xml | 1,065 |
#15 | /shop/wp-includes/wlwmanifest.xml | 1,063 |
#16 | /blog/wp-includes/wlwmanifest.xml | 1,059 |
#17 | /website/wp-includes/wlwmanifest.xml | 1,043 |
#18 | /news/wp-includes/wlwmanifest.xml | 1,035 |
#19 | /wp-json/wp-mail-smtp | 814 |
#20 | /wp-json/publishpress-authors | 810 |
#21 | /wp-json/wp | 799 |
#22 | /wp-json/penci | 788 |
#23 | /wp-json/oembed | 782 |
#24 | /wp-admin/images | 736 |
#25 | /wp-json/sfwd-lessons/1 | 726 |
#26 | /wp-admin/css | 723 |
#27 | /wp-json/wp-block-editor | 712 |
#28 | /wp-json/gravity-pdf | 704 |
#29 | /wp-json/gwiz | 702 |
#30 | /wp-json/elementor-pro | 694 |
#31 | /wp-json/sfwd-courses/17/prerequisites | 693 |
#32 | /wp-json/aioseo | 692 |
#33 | /wp-json/webp-converter | 690 |
#34 | /wordpress | 688 |
#35 | /wp-json/akismet | 682 |
#36 | /wp-json/elementor-ai | 682 |
#37 | /wp-json/wccom-site | 674 |
#38 | /wp-json/google-site-kit | 670 |
#39 | /wp-json/sfwd-courses/17/groups | 661 |
#40 | /wp-json/sfwd-topic/1 | 648 |
#41 | /wp.php | 636 |
#42 | /2018/wp-includes/wlwmanifest.xml | 630 |
#43 | /wp | 618 |
#44 | /wp-json/sfwd-assignment/0 | 532 |
#45 | /2020/wp-includes/wlwmanifest.xml | 477 |
#46 | /wp-content/plugins/hellopress/wp_filemanager.php | 434 |
#47 | /wp-json/sfwd-lessons | 397 |
#48 | /wp-json/wc/v2/products | 391 |
#49 | /wp-plain.php | 391 |
#50 | /wp-json/sfwd-courses | 388 |
#51 | /wp1/wp-includes/wlwmanifest.xml | 379 |
#52 | /wp-editor.php | 364 |
#53 | /wp-json/sfwd-topic | 359 |
#54 | /wp-json/sfwd-courses/[]/users | 359 |
#55 | /wp-content/themes/twentytwentythree/styles/about.php | 332 |
#56 | /wp-content/themes/seotheme/db.php | 319 |
#57 | /wp-json/sfwd-assignment | 290 |
#58 | /wp-admin/wp-login.php | 273 |
#59 | /wp-content/plugins/about.php | 270 |
#60 | /appWP/lab/wp-admin/css/colors/blue/blue.php | 261 |
#61 | /wp-content/themes/modular/lib/scripts/timthumb/thumb.php | 259 |
#62 | /test/wp-includes/wlwmanifest.xml | 251 |
#63 | /wp-admin/setup-config.php | 249 |
#64 | /wp-content | 239 |
#65 | /wp-content/themes/style.php | 237 |
#66 | /site/wp-includes/wlwmanifest.xml | 236 |
#67 | /cms/wp-includes/wlwmanifest.xml | 235 |
#68 | /wp-content/style.php | 232 |
#69 | /wp-json/commerce/paypal/payments/order | 231 |
#70 | /wp-admin/style.php | 220 |
#71 | /wp-22.php | 211 |
#72 | /wpcx.php | 209 |
#73 | /wp-json/commerce/paypal/payments/start-trial | 207 |
#74 | /wpc.php | 200 |
#75 | /wp-content/uploads/oxygen/css/none | 191 |
#76 | /wp-json/wc/v2/orders | 191 |
#77 | /wp-json/wc/v2/settings/wc_admin/woocommerce_excluded_report_order_statuses | 191 |
#78 | /wp-json/wc/v2/payment_gateways | 191 |
#79 | /wp-content/plugins/hellopress/wp_mna.php | 190 |
#80 | /wp-json/wc/v2/taxes | 188 |
#81 | /wp-login | 185 |
#82 | /wp-includes/css | 182 |
#83 | /wp2/wp-includes/wlwmanifest.xml | 176 |
#84 | /wp-json/quentn/api/v1 | 166 |
#85 | /sito/wp-includes/wlwmanifest.xml | 163 |
#86 | /wp-content/plugins/pwnd/pwnd.php | 160 |
#87 | /wp-admin/js/about.php | 152 |
#88 | /wordpress/wp-admin/setup-config.php | 145 |
#89 | /features/wordpress-management-tools | 142 |
#90 | /wp-content/uploads/2020/06/Mercado-de- | 141 |
#91 | /wp-gr.php | 141 |
#92 | /wp-json/commerce/paypal/payments/payment-token | 140 |
#93 | /wp-admin/images/index.php | 139 |
#94 | /wp-content/plugins/newsletters-lite/newsletters-lite-ajax.php | 138 |
#95 | /wp-json/commerce/paypal/payments/setup-token | 137 |
#96 | /wp-admin.php | 134 |
#97 | /wp-content/themes/pridmag/db.php | 130 |
#98 | /wp-admin/admin-ajax.php | 127 |
#99 | /wp-activate.php | 127 |
#100 | /wp-admin/css/colors/blue | 121 |
#101 | /wp-2019.php | 120 |
#102 | /wp-admin/images/about.php | 119 |
#103 | /wp-json/wc/store/v2/products | 118 |
#104 | /wp-json/wp/v2/users | 118 |
#105 | /wp-admin/js | 115 |
#106 | /wp-content/plugins/pwnd-1/pwnd.php | 113 |
#107 | /media/wp-includes/wlwmanifest.xml | 112 |
#108 | /wp-admin/js/index.php | 111 |
#109 | /wp-admin/css/about.php | 111 |
#110 | /wp-admin/includes | 110 |
#111 | /wp-content/themes/wp-pridmag/init.php | 109 |
#112 | /wp-admin/css/colors/blue/about.php | 107 |
#113 | /wp-content/plugins/simple/simple.php | 107 |
#114 | /wp-json/commerce/paypal/payments/confirm | 105 |
#115 | /wp-json/commerce/paypal/payments/cancel | 105 |
#116 | /wp-json/commerce/paypal/onboarding/access_token | 105 |
#117 | /wp-json/wc/store/v3/products | 103 |
#118 | /wp-admin/dropdown.php | 103 |
#119 | /en_gb/wordp/wp-login.php | 102 |
#120 | /wp-admin/maint/fie.php | 101 |
#121 | /wp-json/litespeed/v1/cdn_status | 101 |
#122 | /wp-json/commerce/paypal/payments/capture | 101 |
#123 | /wp-login/wp-login.php | 99 |
#124 | /wp-json/sfwd-courses/1/groups | 98 |
#125 | /wp-admin/css/colors | 96 |
#126 | /wp-content/plugins/apikey/apikey.php | 96 |
#127 | /wp-content/themes/twentyfive/include.php | 94 |
#128 | /wp-content/plugins/core-plugin/include.php | 94 |
#129 | /wp-content/worksec.php | 93 |
#130 | /rcomeventos/wp-login.php | 93 |
#131 | /wp-content/plugins | 90 |
#132 | /wp-admin/css/index.php | 90 |
#133 | /wp-admin/install.php | 90 |
#134 | /wp-configs.php | 90 |
#135 | /wp-conflg.php | 88 |
#136 | /wp-content/plugins/WordPressCore | 88 |
#137 | /wp-json/code-snippets/v1 | 88 |
#138 | /wp-json/pencipdc-importer | 88 |
#139 | /wp-json/sfwd-courses/1/users | 88 |
#140 | /wp-content/admin.php | 87 |
#141 | /wp-content/plugins/apikey/apikey.php.suspected | 87 |
#142 | /wp-json/vimeography/v1/themes | 86 |
#143 | /wp-includes/Text/Diff/Engine/about.php | 85 |
#144 | /wpls.php | 84 |
#145 | /wp-admin/css/wp-conflg.php | 84 |
#146 | /wp-json/vimeography/v1 | 84 |
#147 | /wp-json/wordfence/v1 | 84 |
#148 | /wp-cliner.php | 83 |
#149 | /wp-xx.php | 83 |
#150 | /wp-admin/remote | 83 |
#151 | /wp-admin/undefinedjetpack/v4/site/benefits | 82 |
#152 | /wp-admin/undefinedjetpack/v4/connection/data | 82 |
#153 | /wp-trackback.php | 82 |
#154 | /wp-xm.php | 82 |
#155 | /wp-content/upgrade/index.php | 80 |
#156 | /wp-content/languages/index.php | 80 |
#157 | /wp-admin/includes/about.php | 80 |
#158 | /wp-json/whm/v3 | 80 |
#159 | /wp-admin/x.php | 78 |
#160 | /wp-admin/maint | 78 |
#161 | /wp-onta.php | 78 |
#162 | /wp-slie.php | 78 |
#163 | /wp-admin/index.php | 78 |
#164 | /wp-includes/js/thickbox/thickbox.php | 77 |
#165 | /wp-content/IXR | 76 |
#166 | /wp-content/plugins/pwnd/block-support.php | 76 |
#167 | /2021/wp-includes/wlwmanifest.xml | 74 |
#168 | /wp-includes/style.php | 73 |
#169 | /wp-admin/meta | 72 |
#170 | /wp-json/penci/v1 | 72 |
#171 | /wp-admin/maint/wp-login.php | 71 |
#172 | /wp-includes/autoload_classmap.php | 70 |
#173 | /wp-includes/Requests/Auth | 69 |
#174 | /wp-content/about.php | 68 |
#175 | /wp-json/wp/v2/posts | 68 |
#176 | /wp/wp-login.php | 68 |
#177 | /wp-includes/IXR/admin.php | 68 |
#178 | /wp-admin/css/colors/index.php | 67 |
#179 | /wp-content/403.php | 67 |
#180 | /wp-config.php.bak | 67 |
#181 | /wp-admin/user/about.php | 66 |
#182 | /wp-includes/theme-compat/wp-login.php | 66 |
#183 | /wp-content/themes/about.php | 65 |
#184 | /wp-info.php | 65 |
#185 | /wp-config | 65 |
#186 | /wp-admin/network/index.php | 63 |
#187 | /wp-content/index.php | 63 |
#188 | /wp-content/themes/seotheme/mar.php | 63 |
#189 | /wp-admin/images/plugins.php | 62 |
#190 | /wp-content/plugins/index.php | 62 |
#191 | /wp-old | 60 |
#192 | /wp-content/plugins/seoplugins/mar.php | 60 |
#193 | /wp-json/buddyboss-app/v1/signup/form | 59 |
#194 | /wp-admin/css/colors/blue/atomlib.php | 59 |
#195 | /wp-admin/network/cloud.php | 59 |
#196 | /wp-admin/autoload_classmap.php | 59 |
#197 | /wp-json/intercom/v1/webhook | 58 |
#198 | /wp-includes/SimplePie/Content/Type | 58 |
#199 | /wp-load.php | 58 |
#200 | /nv/wp | 58 |
#201 | /wp-content/uploads | 57 |
#202 | /wp-content/plugins/linkpreview/db.php | 57 |
#203 | /wp-admin/maint/about.php | 57 |
#204 | /wp-admin/function.php | 57 |
#205 | /wp-json/sfwd-courses/all/steps | 57 |
#206 | /wp-admin/wp-conflg.php | 56 |
#207 | /wp-admin/css/colors/ectoplasm | 56 |
#208 | /wp-admin/admin-post.php | 56 |
#209 | /wp-content/plugins/TOPXOH/wDR.php | 56 |
#210 | /wp-content/plugins/WordPressCore/include.php | 55 |
#211 | /wp-links.php | 55 |
#212 | /wp-admin/images/admin.php | 54 |
#213 | /wp-includes/js/codemirror/index.php | 54 |
#214 | /wp-content/plugins/woocommerce/assets/fonts/star.eot | 53 |
#215 | /wp-content/plugins/erinyani/baxa1.php | 53 |
#216 | /wp-content/upgrade/about.php | 52 |
#217 | /wp-includes/assets/index.php | 52 |
#218 | /upload/wp-info.php | 52 |
#219 | /wp-includes/js/crop/zmFM.php | 52 |
#220 | /wp-includes/html-api/wp-conflg.php | 52 |
#221 | /blog/wp-login.php | 52 |
#222 | /wp-includes/Requests/about.php | 51 |
#223 | /wp-admin/maint/file.php | 51 |
#224 | /wp-content/languages | 51 |
#225 | /wp-content/autoload_classmap.php | 51 |
#226 | /wp-admin/classwithtostring.php | 51 |
#227 | /wp-includes/ID3/rk2.php | 51 |
#228 | /wp-signup.php | 50 |
#229 | /wp-content.php | 50 |
#230 | /wp-admin/js/about.php7 | 50 |
#231 | /wp-includes/system_log.php | 50 |
#232 | /wp-admin/maint/maint.php | 50 |
#233 | /wp-content/item.php | 49 |
#234 | /wp-files.php | 48 |
#235 | /wp-content/uploads/2025/02/WFHResearch_updates_%20February2025.pdf | 48 |
#236 | /wp-includes/Requests/Auth/index.php | 47 |
#237 | /wp-includes/about.php | 47 |
#238 | /wp-includes/rest-api/fields/index.php | 46 |
#239 | /wp-json/sure-triggers/v1/automation/action | 45 |
#240 | /index.php/wp-json/litespeed/v1/cdn_status | 45 |
#241 | /wp-admin/images/wp-conflg.php | 45 |
#242 | /wp-admin/js/widgets/about.php7 | 45 |
#243 | /loja/wp-login.php | 45 |
#244 | /wp-content/uploads/2025/09/IMG_4473.heic | 44 |
#245 | /wp-content/plugins/revslider/includes/external/page | 44 |
#246 | /wp-atom.php | 44 |
#247 | /wp-json/advanced-ads | 44 |
#248 | /wp-json/wordfence | 44 |
#249 | /wp-mn.php | 44 |
#250 | /wp-admin/images/moon.php | 43 |
#251 | /wp-includes/ID3/about.php | 43 |
#252 | /wp-l0gin.php | 43 |
#253 | /wp-content/languages/about.php | 43 |
#254 | /shop/wp-login.php | 43 |
#255 | /wp-json/commerce/paypal/payments/cards | 42 |
#256 | /wp-json/commerce/paypal/onboarding/signup_url | 42 |
#257 | /wp-includes/Text/about.php | 41 |
#258 | /wp-includes/SimplePie/about.php | 41 |
#259 | /wp-includes/rest-api/about.php | 41 |
#260 | /wp-content/upgrade | 41 |
#261 | /wp-includes/images/about.php | 41 |
#262 | /wp-content/themes.php | 41 |
#263 | /wp-admin/css/colors/blue/admin.php | 41 |
#264 | /wp-content/plugins/WordPressCore/index.php | 40 |
#265 | /wp-includes/IXR/about.php | 40 |
#266 | /wp-admin/css/colors/blue/index.php | 39 |
#267 | /wp-mail.php | 39 |
#268 | /wp-content/json.php | 39 |
#269 | /wp-admin/includes/index.php | 39 |
#270 | /wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php | 39 |
#271 | /wp-content/themes/travel/issue.php | 38 |
#272 | /wp-content/themes/pridmag/1.php | 38 |
#273 | /wp-header.php | 38 |
#274 | /wordpress/wp-content/plugins | 38 |
#275 | /wp-json/sfwd-topic/false | 38 |
#276 | /wp-content/plugins/quiz-master-next/tests/_support/AcceptanceTester.php | 37 |
#277 | /wp-content/plugins/quiz-master-next/README.md | 37 |
#278 | /wp-content/classwithtostring.php | 37 |
#279 | /wp-content/plugins/wp-conflg.php | 37 |
#280 | /wp-admin/maint/index.php | 37 |
#281 | /wp-content/themes/admin.php | 37 |
#282 | /wp-json/sfwd-lessons/false | 37 |
#283 | /wp-content/plugins/woocommerce/assets/fonts/WooCommerce.eot | 36 |
#284 | /wp-includes/themes.php | 36 |
#285 | /wp-content/file.php | 36 |
#286 | /wp-admin/class-db.php | 36 |
#287 | /wp-admin/js/wp-conflg.php | 36 |
#288 | /wp-json/commerce/paypal/onboarding/reconnect | 36 |
#289 | /wp-includes/certificates/plugins.php | 35 |
#290 | /wp-includes/customize/plugins.php | 35 |
#291 | /wp-includes/style-engine/about.php | 35 |
#292 | /wp-content/plugins/erinyani/baxa1.php7 | 35 |
#293 | /wp-content/themes/wp-pridmag/up.php | 35 |
#294 | /wp-json/sfwd-courses/false | 35 |
#295 | /wp-json/sfwd-courses/[]/groups | 35 |
#296 | /wp-json/sfwd-courses/ZMskyuza/users | 35 |
#297 | /wp-admin/js/widgets | 34 |
#298 | /wp-content/plugins/seoplugins/db.php | 34 |
#299 | /wp-content/IXR/index.php | 34 |
#300 | /wp-content/plugins/pwnd/1.php | 34 |
#301 | /wp-file.php | 34 |
#302 | /wp-content/themes/deeto/login.php | 34 |
#303 | /wp-content/cong.php | 34 |
#304 | /wp-content/plugins/view-more/ioxi.php | 34 |
#305 | /wp-content/plugins/classic-editor/wp-login.php | 33 |
#306 | /wp-content/plugins/seoplugins | 33 |
#307 | /wp-includes/SimplePie/Content/Type/index.php | 33 |
#308 | /wp-content/uploads/2025/10/edital_v1.pdf | 33 |
#309 | /wp-config-sample.php | 33 |
#310 | /wp-json/sure-triggers/v1 | 33 |
#311 | /wp-admin/images/xmrlpc.php | 32 |
#312 | /wp-json | 32 |
#313 | /wp-content/plugins/linkpreview | 32 |
#314 | /wp-content/plugins/dummyyummy/wp-signup.php | 32 |
#315 | /wordpress/wp-admin/includes/class-wp-filesystem-base.php | 32 |
#316 | /wp-admin/css/colors/sunrise | 31 |
#317 | /wp-add.php | 31 |
#318 | /wp-ostro.php | 31 |
#319 | /wp-includes/makeasmtp.php | 30 |
#320 | /wp-includes/pomo/about.php | 30 |
#321 | /wp-content/themes/digital-download/new.php | 30 |
#322 | /wp-content/plugins/Core-EconX/up.php | 30 |
#323 | /wp-content/plugins/wp-theme-editor/include.php | 30 |
#324 | /wp-ori.php | 30 |
#325 | /wp-content/plugins/wp-automatic/inc/csv.php | 30 |
#326 | /wp-includes/js/,b | 29 |
#327 | /wp-includes/block-patterns/about.php | 29 |
#328 | /wp-content/uploads/woo-product-feed-pro/xml/2rKZFluWvc5XOYD0PaT2cufBIocuT84d.xml | 29 |
#329 | /wp-includes/widgets/about.php | 29 |
#330 | /wp-content/themes/index.php | 29 |
#331 | /wp-admin/wso.php | 29 |
#332 | /wp-admin/js/chosen.php | 29 |
#333 | /wp-comments-post.php | 29 |
#334 | /wp-json/whm | 29 |
#335 | /wp-json/profile/remove-card | 29 |
#336 | /wp-admin/network | 28 |
#337 | /wp-content/shell20211028.php | 28 |
#338 | /wp-content/plugins/tolly-t/hello.php | 28 |
#339 | /wp-content/themes/pridmag/j.php | 28 |
#340 | /wp-admin/css/wp-login.php | 28 |
#341 | /wp-content/mu-plugins-old | 28 |
#342 | /wp-json/price-types/view | 28 |
#343 | /wp-admin/user/xmrlpc.php | 27 |
#344 | /wp-admin/network/xmrlpc.php | 27 |
#345 | /wp-includes | 27 |
#346 | /wp-content/plugins/hello.php | 27 |
#347 | /wp-content/updates.php | 27 |
#348 | /wordpress/wp-content/plugins/tolly-t/hello.php | 27 |
#349 | /wp-admin/includes/nav.php | 27 |
#350 | /wp-content/plugins/erinyani | 27 |
#351 | /wp-admin/css/colors/ocean/Module.php | 26 |
#352 | /wp-admin/network/plugins.php | 26 |
#353 | /wp-content/themes/alera/alpha.php | 26 |
#354 | /wp-sitemap-users-1.xml | 26 |
#355 | /wp-admin/product.php | 26 |
#356 | /wp-ampif.php | 26 |
#357 | /wp-admin/admin-wolf.php | 26 |
#358 | /wp-crom.php | 26 |
#359 | /wp-content/packed.php | 26 |
#360 | /wp-includes/fonts | 25 |
#361 | /wp-admin/user/index.php | 25 |
#362 | /wp-content/plugins/admin.php | 25 |
#363 | /wp-admin/includes/class_api.php | 24 |
#364 | /wp-content/themes/bltm/wp-login.php | 24 |
#365 | /wp-blog-header.php | 24 |
#366 | /wp-content/plugins/erinyani/default.php | 24 |
#367 | /wp-update.php | 24 |
#368 | /wp-admin/ccx | 23 |
#369 | /wp-includes/wp-class.php | 23 |
#370 | /wp-content/plugins/erinyani/gebase.php | 23 |
#371 | /wp-content/radio.php | 23 |
#372 | /wp-xrm.php | 23 |
#373 | /wp-includes/fonts/plugins.php | 22 |
#374 | /wp-content/plugins/phpad/as.php | 22 |
#375 | /wp-config.php | 22 |
#376 | /wp-content/plugins/erinyani/asasx.php | 22 |
#377 | /wp-json/vimeography | 22 |
#378 | /wp-mt.php | 22 |
#379 | /wp-admin/css/colors/midnight | 21 |
#380 | /wp-head.php | 21 |
#381 | /wp-includes/assets | 21 |
#382 | /wp-includes/js | 21 |
#383 | /wp-content/plugins/revslider/includes/external/page/index.php | 21 |
#384 | /wp-admin/buy.php | 21 |
#385 | /wp-admin/includes/admin-ajax.php | 21 |
#386 | /wp-koseko.php | 21 |
#387 | /wp-content/BypassBest.php | 21 |
#388 | /wp-content/plugins/ioxi/ioxi/dropdown.php | 21 |
#389 | /wp-json/price-types | 21 |
#390 | /wp-apxupx.php | 20 |
#391 | /wp-sigunq.php | 20 |
#392 | /login_app/shop/wp-includes/wlwmanifest.xml | 20 |
#393 | /login_app/2019/wp-includes/wlwmanifest.xml | 20 |
#394 | /login_app/news/wp-includes/wlwmanifest.xml | 20 |
#395 | /login_app/wp/wp-includes/wlwmanifest.xml | 20 |
#396 | /login_app/website/wp-includes/wlwmanifest.xml | 20 |
#397 | /login_app/wordpress/wp-includes/wlwmanifest.xml | 20 |
#398 | /login_app/web/wp-includes/wlwmanifest.xml | 20 |
#399 | /login_app/blog/wp-includes/wlwmanifest.xml | 20 |
#400 | /login_app/wp-includes/wlwmanifest.xml | 20 |
#401 | /wp-content/uploads/wpr-addons/forms/b1ack.php | 20 |
#402 | /wp-includes/css/about.php | 20 |
#403 | /wp-admin/rcc.php | 20 |
#404 | /wp-oteso.php | 20 |
#405 | /wp-Owl.php | 20 |
#406 | /wp-resso.php | 20 |
#407 | /wp-links-opml.php | 20 |
#408 | /wp-content/plugins/seoxx/randkeyword.php | 20 |
#409 | /wp-blog.php | 19 |
#410 | /wp-admin/js/widgets/index.php | 19 |
#411 | /wp-includes/customize/about.php | 19 |
#412 | /wp-seno.php | 19 |
#413 | /wp-esp.php | 19 |
#414 | /wp-hfjd.php | 19 |
#415 | /wp-seto.php | 19 |
#416 | /wp-admin/css/admin.php | 19 |
#417 | /wp-includes/rest-api | 18 |
#418 | /wp-includes/block-supports | 18 |
#419 | /wp-pano.php | 18 |
#420 | /wp-includes/theme-compat | 18 |
#421 | /wp-includes/Text/network.php | 18 |
#422 | /wp-includes/assets/about.php | 18 |
#423 | /wp-includes/wp-includes_function.php | 18 |
#424 | /wp-includes/blocks/about.php | 18 |
#425 | /wp-content/themes/sketch/404.php | 18 |
#426 | /wp-content/themes/pridmag/404.php | 18 |
#427 | /wp-xiomi.php | 18 |
#428 | /wp-onto.php | 18 |
#429 | /wp-content/plugins/wp-file-manager/lib/php/connector.minimal.old.php | 18 |
#430 | /wp-json/sfwd-courses/1/steps | 18 |
#431 | /en/wp-login.php | 17 |
#432 | /wp-includes/widgets | 17 |
#433 | /wp-includes/Text/Diff/Renderer | 17 |
#434 | /wp-content/plugins/Cache/Cache.php | 17 |
#435 | /wp-includes/js/codemirror | 17 |
#436 | /wp-includes/mah.php | 17 |
#437 | /wp-content/mah.php | 17 |
#438 | /wp-content/uploads/autoload_classmap.php | 17 |
#439 | /wp-json/post-smtp/v1/connect-app | 17 |
#440 | /wp-content/uploads/2024/12/V0ZIUmVzZW | 17 |
#441 | /wp-radiot.php | 17 |
#442 | /wp-content/plugins/mainhosting/asasx.php | 17 |
#443 | /wp-signin.php | 17 |
#444 | /wp-trocs.php | 17 |
#445 | /wp-conf.php | 17 |
#446 | /wp-sose.php | 17 |
#447 | /wp-content/plugins/apikey/1.php | 17 |
#448 | /wp-good.php | 16 |
#449 | /wp-includes/IXR | 16 |
#450 | /wp-json/elementor/v1/globals/typography/6524214 | 16 |
#451 | /wp-includes/css/dist | 16 |
#452 | /wordpress/wp-login.php | 16 |
#453 | /wp-content/uploads/2024/02/Catalogo-2024_spread.pdf | 16 |
#454 | /wp-content/plugins/ql-cost-calculator/js/jquery.qtip.min.map | 16 |
#455 | /wp-content/themes/news-portal/error.php | 16 |
#456 | /wpx.php | 16 |
#457 | /wp-json/commerce/paypal/onboarding/disconnect | 16 |
#458 | /wp-includes/style-engine | 15 |
#459 | /wp-content/uploads/satispress-Vddqas0rOdmO/packages/elementor-pro/elementor-pro-3.9.2.zip | 15 |
#460 | /wp-includes/ID3 | 15 |
#461 | /wp-content/plugins/core/include.php | 15 |
#462 | /wp-content/plugins/apikey/iizfz/xlq9bx9.php | 15 |
#463 | /wp-content/mu-plugins | 14 |
#464 | /wp-includes/Requests | 14 |
#465 | /wp-includes/blocks/table/int/tmpl/index.php | 14 |
#466 | /WP_Router/wp-router-placeholder-page-5174 | 14 |
#467 | /wp-admin/about.php | 14 |
#468 | /wordpress/wp-admin | 14 |
#469 | /wp-json/embedpress/v1/analytics/browser-info | 14 |
#470 | /wp-admin/css/colors/coffee/index.php | 14 |
#471 | /wp-admin/ALFA_DATA/alfacgiapi/perl.alfa | 14 |
#472 | /wp-settings.php | 14 |
#473 | /wp-includes/sitemaps | 13 |
#474 | /wp-includes/images | 13 |
#475 | /wp-includes/certificates | 13 |
#476 | /wp-includes/blocks | 13 |
#477 | /wp-json/fcom-mobile/api/v1/feeds/by/slug | 13 |
#478 | /wp-content/languages/plugins.php | 13 |
#479 | /wp-includes/pomo/plugins.php | 13 |
#480 | /wp-admin/maint/plugins.php | 13 |
#481 | /wp-admin/css/plugins.php | 13 |
#482 | /wp-admin/css/colors/blue/plugins.php | 13 |
#483 | /wp-admin/js/widgets/about.php | 12 |
#484 | /wp-admin/network/chosen.php | 12 |
#485 | /wp-content/wp-conflg.php | 12 |
#486 | /login_app/2018/wp-includes/wlwmanifest.xml | 12 |
#487 | /wp-json/elementor/v1/globals/colors/e777cd9 | 12 |
#488 | /wp-includes/random_compat/plugins.php | 12 |
#489 | /wp-includes/IXR/plugins.php | 12 |
#490 | /wp-includes/ID3/plugins.php | 12 |
#491 | /wp-includes/SimplePie/plugins.php | 12 |
#492 | /wp-includes/sodium_compat | 12 |
#493 | /wp-includes/pomo | 12 |
#494 | /wp-includes/customize | 12 |
#495 | /wp-includes/Text | 12 |
#496 | /wp-includes/SimplePie | 12 |
#497 | /wp-content/plugins/BrutalShell | 12 |
#498 | /wp-content/plugins/aryabot | 12 |
#499 | /wp-content/ALFA_DATA/alfacgiapi | 12 |
#500 | /wp-includes/PHPMailer | 12 |
Data was last updated on: Oct 7, 2025
We love logs. In this section we will share some of the data we are parsing from our logs and honeypots we have live.
Logging for fun and a good night of sleep.
Latest log-based threat analysis added.
Do you have an idea for a research that is not here? See something wrong? Contact us at support@noc.org
14 days free trial. No credit card required.