WordPress - Last scanned URLs
Oct 27, 2025
Automatically updated daily

Checking for 404 errors in your logs can reveal more than just broken links, it can also expose files and URLs that attackers are actively scanning for. To track this behavior, we set up hundreds of honeypots and analyzed live web traffic data, giving us insight into which files and URLs are being targeted across the internet.


The table bellow list the top URLs being scanned on WordPress sites in the past 72 hours. This list of updated daily and shows the top plugins, backdoors and files that attacker are lookin for specifically to WordPress.


Rank Scanned URL Counter
#1 /wp-login.php40,178
#2 /wp-json/oembed/1.0/embed1,523
#3 /wp-cron.php1,335
#4 /wordpress1,000
#5 /wp-includes/wlwmanifest.xml902
#6 /wp-content/plugins/WordPressCore/include.php884
#7 /web/wp-includes/wlwmanifest.xml880
#8 /wordpress/wp-includes/wlwmanifest.xml872
#9 /wp/wp-includes/wlwmanifest.xml863
#10 /blog/wp-includes/wlwmanifest.xml831
#11 /2019/wp-includes/wlwmanifest.xml827
#12 /shop/wp-includes/wlwmanifest.xml823
#13 /wp765
#14 /website/wp-includes/wlwmanifest.xml704
#15 /news/wp-includes/wlwmanifest.xml701
#16 /wp-admin648
#17 /wp-cli.php515
#18 /wp-content/plugins/hellopress/wp_filemanager.php504
#19 /wp-json/intercom/v1/webhook504
#20 /wp.php495
#21 /2018/wp-includes/wlwmanifest.xml483
#22 /wp-cli.phar469
#23 /wp-content/plugins/fix/up.php467
#24 /wp-plain.php442
#25 /wp-admin/css396
#26 /appWP/lab/wp-admin/css/colors/blue/blue.php392
#27 /2020/wp-includes/wlwmanifest.xml373
#28 /wp-content/style.php361
#29 /wp-content/themes/style.php361
#30 /wp-admin/style.php345
#31 /wp-editor.php338
#32 /wp1/wp-includes/wlwmanifest.xml331
#33 /wp-content/plugins/hellopress/wp_mna.php306
#34 /wp-admin/index.php305
#35 /wp-content/themes/seotheme/db.php300
#36 /test/wp-includes/wlwmanifest.xml269
#37 /wp-json/bbp-api/v1/users263
#38 /site/wp-includes/wlwmanifest.xml251
#39 /cms/wp-includes/wlwmanifest.xml250
#40 /wp-json/buddypress/v1/members249
#41 /wp-json/ldlms/v2/users224
#42 /wp-admin.php221
#43 /wp-admin/edit-tags.php220
#44 /wp-admin/edit.php219
#45 /wp-cron213
#46 /wp-content/plugins/one_images_user/one_images_user.php207
#47 /wp-content/plugins/one_images_usder/oned_images_user.php204
#48 /wp-content/plugins/pwnd/pwnd.php187
#49 /wp-admin/post-new.php184
#50 /wp-admin/profile.php181
#51 /wp-2019.php175
#52 /wp-json/wc/v3/customers175
#53 /wp-admin/plugins.php173
#54 /wp-content/admin.php168
#55 /wp-content/about.php160
#56 /wp-content/themes/wp-pridmag/init.php151
#57 /wp-trackback.php150
#58 /wp-content/function.php148
#59 /2021/wp-includes/wlwmanifest.xml147
#60 /wp-content/classwithtostring.php141
#61 /wp-admin/install.php138
#62 /wp-admin/css/wp-conflg.php135
#63 /wp-admin/setup-config.php133
#64 /wp-json125
#65 /wp-22.php125
#66 /wp-sitemap-users-1.xml124
#67 /wp-content/wp-conflg.php123
#68 /wp-content/autoload_classmap.php122
#69 /wordpress/wp-admin/setup-config.php121
#70 /wp-content/plugins/apikey/apikey.php118
#71 /wp-content/wp.php111
#72 /wp-content/index.php110
#73 /wp-content/abcd.php109
#74 /wpssl.php108
#75 /wp-content/moon.php108
#76 /wp-content/ioxi-o.php108
#77 /wpo.php107
#78 /wp2/wp-includes/wlwmanifest.xml106
#79 /wp-activate.php105
#80 /wp-sitemap.xml103
#81 /wp-includes/fonts/themes.php102
#82 /sito/wp-includes/wlwmanifest.xml101
#83 /wp-content/install.php99
#84 /wp-good.php98
#85 /wp-content/file.php96
#86 /wp-admin/zwso.php94
#87 /wp-configs.php89
#88 /wp-content/goods.php88
#89 /wp-content/edit.php88
#90 /wp-admin/maint/index.php87
#91 /wp-content/mm.php87
#92 /wp-content/makeasmtp.php87
#93 /wp-content/gecko.php87
#94 /wp-content/buy.php87
#95 /wp-content/akc.php87
#96 /wp-content/themes/include.php87
#97 /wp-content/code.php86
#98 /wp-content/asasx.php86
#99 /wp-content/aa.php86
#100 /wp-content/ova.php86
#101 /wp-content/ab.php86
#102 /wp-content/lock360.php86
#103 /wp-content/wsa.php86
#104 /wp-content/themes/about.php85
#105 /wp-content/bala.php85
#106 /wp-content/alfa.php85
#107 /wp-content/themes/hello_dolly_v2.php82
#108 /wp-content/plugins/HelloDollyV2/hello_dolly_v2.php82
#109 /wp-conflg.php81
#110 /wp-content/themes/seotheme/mar.php80
#111 /wp-admin/images79
#112 /wp-content/plugins/TOPXOH/wDR.php78
#113 /wp-content/plugins/apikey/apikey.php.suspected76
#114 /wp-content/403.php76
#115 /wp-includes/autoload_classmap.php76
#116 /wp-includes/fonts/about.php74
#117 /wp-content/cong.php72
#118 /wpc.php72
#119 /upload/wp-info.php71
#120 /wp-includes/IXR/admin.php71
#121 /wp-includes/js/crop/zmFM.php69
#122 /wp-includes/html-api/wp-conflg.php69
#123 /wp-includes/ID3/rk2.php69
#124 /wp-includes/Text/Diff/Engine/about.php69
#125 /wp-includes/theme-compat/wp-login.php68
#126 /wp-admin/css/colors/blue/index.php67
#127 /media/wp-includes/wlwmanifest.xml66
#128 /wp-includes/system_log.php66
#129 /wp-admin/css/about.php66
#130 /wp-content/w.php64
#131 /wp-content/chosen.php64
#132 /wp-content/autoload_classmap/function.php64
#133 /wp-content/tinyfilemanager.php64
#134 /wp-content/users.php64
#135 /wp-content/goat.php64
#136 /wp-config.php.bak63
#137 /wp-content/plugins/WordPressCore-1/include.php63
#138 /wp-content/flower.php63
#139 /wp-content/file2.php63
#140 /wp-content/atomlib.php63
#141 /wp-admin/admin-wolf.php63
#142 /wp-admin/maint/maint.php62
#143 /wp-includes/assets/index.php62
#144 /wp-content/plugins/include.php62
#145 /wp-json/litespeed/v1/cdn_status59
#146 /wp-json/sure-triggers/v1/automation/action59
#147 /wp-content/plugins/HelloDollyV2-1/hello_dolly_v2.php59
#148 /wp-content/plugins/HelloDollyV2_ncvt/hello_dolly_v2.php58
#149 /wp-content/plugins/hello_dolly_v2.php58
#150 /wp-content/plugins/admin.php53
#151 /wp-includes/style.php53
#152 /wp-admin/maint/admin.php52
#153 /wp-admin/wp-conflg.php52
#154 /wp-admin/js/wp-conflg.php52
#155 /wp-admin/maint/about.php51
#156 /wp-includes/ID3/about.php51
#157 /wp-content51
#158 /wp-admin/network/wp-conflg.php50
#159 /wp-content/plugins/wps-hide-login/wps-hide-login.php50
#160 /wp-includes/js/codemirror/index.php48
#161 /wp-includes/ID348
#162 /wp-admin/images/index.php48
#163 /wp-includes/style-engine/about.php47
#164 /wp-content/themes/pridmag/db.php47
#165 /wp-admin/includes/xmrlpc.php46
#166 /wp-content/plugins/pwnd-1/pwnd.php46
#167 /wp-setup.php45
#168 /wp-content/plugins/index.php43
#169 /wp-includes/rest-api/fields/index.php43
#170 /wp-content/edit-wolf.php43
#171 /wp-content/edit-fox.php43
#172 /wp-includes/IXR/autoload_classmap.php42
#173 /wp-setup.sh42
#174 /wp-config.php-backup42
#175 /wp-content/themes/travel/issue.php42
#176 /wp-content/radio.php41
#177 /wp-content/mysql.bak41
#178 /wp-content/uploads/dump.bak41
#179 /wp-content/mysql.sql41
#180 /wp-content/uploads/dump.sql41
#181 /wp-config41
#182 /wp-content/uploads41
#183 /wp-f.php41
#184 /wp-content/themes/oxygen-is-not-a-theme/assets/fonts/inter/Inter-VariableFont_slnt,wght.woff241
#185 /wp-includes/images/wp-login.php40
#186 /wp-content/plugins/seoplugins/db.php40
#187 /wp-content/plugins/linkpreview/db.php40
#188 /module/wpblog/archive40
#189 /wp-content/themes/astra/inc/ki1k.php38
#190 /wp-admin/js/index.php38
#191 /wp-aaa.php38
#192 /wpls.php38
#193 /wp-admin/admin-ajax.php38
#194 /wp-content/uploads/2020/06/Mercado-de-38
#195 /wp-includes/css/dist/preferences/wp-login.php37
#196 /wp-includes/SimplePie/wp-login.php37
#197 /wp-update.php37
#198 /wp-content/plugins/pwnd/as.php36
#199 /features/wordpress-management-tools36
#200 /wp-includes/customize/about.php35
#201 /wp-includes/Requests/Text/admin.php35
#202 /wp-content/product.php35
#203 /wp-content/upgrade/about.php34
#204 /wp-includes/theme-compat/chosen.php34
#205 /wp-includes/certificates/plugins.php34
#206 /wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php34
#207 /wp/wp-login.php34
#208 /wp-includes/fonts/index.php33
#209 /wp-content/themes/twentytwentytwo32
#210 /wp-admin/alfa.php30
#211 /wp-admin/user/about.php29
#212 /wp-gr.php29
#213 /wp-admin/images/admin.php29
#214 /wp-content/video29
#215 /wp-admin/classwithtostring.php28
#216 /wp-content/themes28
#217 /wp-sigunq.php28
#218 /wp-admin/js/about.php28
#219 /wp-includes/class-wp-recovery-mode-file-service.php28
#220 /wp-admin/network/chosen.php27
#221 /wp-admin/js/widgets/about.php27
#222 /wp-includes/pomo27
#223 /wp-admin/dropdown.php27
#224 /wp-content/plugins/newsletters-lite/newsletters-lite-ajax.php27
#225 /wp-admin/wsa.php26
#226 /wp-admin/wp.php26
#227 /wp-admin/lock360.php26
#228 /wp-admin/js26
#229 /wp-admin/code.php26
#230 /wp-admin/asasx.php26
#231 /wp-admin/ab.php26
#232 /wp-admin/ioxi-o.php26
#233 /wp-blog-header.php26
#234 /wp-includes/js/codemirror26
#235 /wp-content/plugins/contact-form-726
#236 /wp-json/wp/v2/media/52524
#237 /wp-json/wp/v2/media/52424
#238 /wp-json/wp/v2/media/50124
#239 /wp-json/wp/v2/media/57124
#240 /wp-json/wp/v2/media/52224
#241 /wp-content/themes/news-portal/error.php24
#242 /wp-admin/css/colors/blue24
#243 /wp-content/plugins/woocommerce24
#244 /wp-includes/js/thickbox/thickbox.php24
#245 /wp-admin/maint23
#246 /wp-json/oembed/1.0/embed/activity23
#247 /wp-content/plugins/wp-automatic/inc/csv.php23
#248 /wordpress/wp-login.php23
#249 /wp-content/plugins/about.php23
#250 /wp-includes/ID3/code.php22
#251 /wp-includes/ID3/autoload_classmap.php22
#252 /wp-includes/ioxi-o.php22
#253 /wp-content/plugins/revsliderswp/wp-login.php22
#254 /loja/wp-login.php22
#255 /wp-api.php22
#256 /wp-admin/images/moon.php22
#257 /wp-content/plugins/ph-file-manager/wp-file.php21
#258 /wp-content/plugins/shell/about.php21
#259 /wp-aa.php21
#260 /wp-content/plugins/linkpreview21
#261 /shop/wp-login.php21
#262 /wp-content/plugins/simple/simple.php21
#263 /wp-content/uploads/Vi%CC%81deo-Banner.mp420
#264 /wp-includes/assets20
#265 /wp-content/themes/divi20
#266 /wp-content/themes/astra20
#267 /wp-content/plugins/wp-help/admin/wp-fclass.php20
#268 /blog/wp-login.php20
#269 /store/wp-login.php20
#270 /wp-includes20
#271 /wp-includes/fonts/admin.php20
#272 /wp-json/wp/v2/users19
#273 /wp-content/themes/twentytwentytwo/index.php19
#274 /wp-content/themes/jaida/lang.php19
#275 /wp-content/themes/twentytwentythree19
#276 /wp-file.php19
#277 /wp-includes/blocks/comments18
#278 /wp-admin/js/widgets18
#279 /wp-mail.php18
#280 /wp-mn.php18
#281 /wp-content/themes/fix.php18
#282 /wp-content/fix.php18
#283 /wp-content/mu-plugins-old18
#284 /wp-admin/css/colors/midnight/about.php18
#285 /wp-includes/Text/index.php17
#286 /wp-includes/block-patterns/index.php17
#287 /wp-includes/rest-api/fields17
#288 /wp-includes/js/crop17
#289 /wp-includes/Text17
#290 /wp-content/plugins/root-file-manager/wp-file.php17
#291 /wp-content/plugins/ql-cost-calculator/js/jquery.qtip.min.map17
#292 /wp-content/item.php17
#293 /wp-admin/css/index.php16
#294 /wp-content/plugins/wp-help/mini.php16
#295 /wp-json/jetpack/v4/module/protect/data16
#296 /wp-admin/fix.php16
#297 /wp-blog.php15
#298 /wp-content/themes/shell20250630.php15
#299 /wp-content/shell20250630.php15
#300 /wp-content/plugins/woocommerce/assets/fonts/WooCommerce.eot14
#301 /wp-json/buddyboss-app/v1/signup/form14
#302 /wp-admin/about.php13
#303 /wp-l0gin.php13
#304 /wp-includes/rest-api/about.php13
#305 /wp-includes/images/about.php13
#306 /wp-info.php13
#307 /wp-includes/Text/about.php13
#308 /wp-admin/images/about.php13
#309 /wp-includes/Requests/about.php13
#310 /wp-admin/undefinedjetpack/v4/site/benefits13
#311 /wp-admin/undefinedjetpack/v4/connection/data13
#312 /wp-includes/IXR/about.php12
#313 /wp-content/plugins/seoplugins/mar.php12
#314 /wp-includes/SimplePie/about.php12
#315 /wp-admin/includes/about.php12
#316 /wp-content/themes/twentyfive/include.php12
#317 /wp-login12
#318 /wp-content/plugins/WordPressCore12
#319 /wp-admin/shell20250630.php12
#320 /wp-content/plugins/WordPressCore_lvig/include.php12
#321 /wp-content/plugins/HelloDollyV2_tuga/hello_dolly_v2.php12
#322 /wpbrclci_adm11
#323 /wp-content/themes/digital-download/new.php11
#324 /wp-admin/remote11
#325 /wp-head.php11
#326 /wp-admin/admin.php11
#327 /wp-includes/about.php11
#328 /wp-content/uploads/2023/07/EVENTO-PRESENCIAL-Inauguracao-Oficial-Demarest-Brasilia.ics11
#329 /wp-header.php11
#330 /wp-content/plugins/erinyani/default.php11
#331 /wp-content/themes/classwithtostring.php11
#332 /wp-signup.php10
#333 /about-us/wp-login.php10
#334 /wp-config.php10
#335 /wp-content/plugins10
#336 /wp-content/themes/modular/lib/scripts/timthumb/thumb.php10
#337 /wpx.php10
#338 /wp-content/plugins/pwnd/block-support.php10
#339 /wp-admin/network/plugins.php9
#340 /new/wp-admin/setup-config.php9
#341 /wp/wp-admin/setup-config.php9
#342 /staging/wp-admin/setup-config.php9
#343 /backup/wp-admin/setup-config.php9
#344 /root/wp-login.php9
#345 /.well-known/wp-signup.php9
#346 /wp-includes/style-engine9
#347 /wp-content/themes/neve9
#348 /wp-content/themes/oceanwp9
#349 /wp-content/plugins/elementor9
#350 /wp-json/wp/v2/posts9
#351 /wp-admin/includes/admin-ajax.php9
#352 /wp-content/plugins/ioxi/ioxi/dropdown.php9
#353 /wp-content/uploads/2025/09/Resultados-Jan.-a-Julho-2025.pdf8
#354 /wp-files.php8
#355 /design/wp-content/thumb/timthumb.php8
#356 /wp-content/worksec.php8
#357 /wp-content/plugins/litespeed-cache/guest.vary.php8
#358 /wp-atom.php7
#359 /wp-admin/meta7
#360 /wp-content.php7
#361 /wp-admin/maint/fie.php7
#362 /wp-json/wc/v2/products6
#363 /wp-admin/network/index.php6
#364 /wp-content/languages/index.php6
#365 /wp-content/mu-plugins6


Data was last updated on: Oct 27, 2025



Logging Research

We love logs. In this section we will share some of the data we are parsing from our logs and honeypots we have live.

Trunc Logging

Logging for fun and a good night of sleep.

  • Real time search
  • Google simple
  • Cheap
  • Just works
  • PCI compliance
Trunc Research

Latest log-based threat analysis added.

Contact us!

Do you have an idea for a research that is not here? See something wrong? Contact us at support@noc.org

Tired of price gouging
  • Clear pricing
  • No need to guess
  • Real people
  • Real logging

Simple, Affordable, Log Management and Analysis.

14 days free trial. No credit card required.