Checking for 404 errors in your logs can reveal more than just broken links, it can also expose files and URLs that attackers are actively scanning for. To track this behavior, we set up hundreds of honeypots and analyzed live web traffic data, giving us insight into which files and URLs are being targeted across the internet.
The table bellow list the top URLs being scanned on WordPress sites. This list of updated daily and shows the top plugins, backdoors and files that attacker are lookin for specifically to WordPress.
Rank | Scanned URL | Counter |
---|---|---|
#1 | /wp-login.php | 396,160 |
#2 | /wp-json/oembed/1.0/embed | 33,086 |
#3 | /wp-content/plugins/hellopress/wp_filemanager.php | 18,917 |
#4 | /wordpress | 16,842 |
#5 | /wp-cron.php | 16,297 |
#6 | /wp-admin | 15,527 |
#7 | /wp | 15,180 |
#8 | /wp-content/plugins/fix/up.php | 13,745 |
#9 | /wp.php | 12,408 |
#10 | /wp-includes/wlwmanifest.xml | 11,300 |
#11 | /web/wp-includes/wlwmanifest.xml | 9,364 |
#12 | /wordpress/wp-includes/wlwmanifest.xml | 9,283 |
#13 | /wp/wp-includes/wlwmanifest.xml | 9,143 |
#14 | /blog/wp-includes/wlwmanifest.xml | 8,832 |
#15 | /2019/wp-includes/wlwmanifest.xml | 8,693 |
#16 | /shop/wp-includes/wlwmanifest.xml | 8,629 |
#17 | /website/wp-includes/wlwmanifest.xml | 8,413 |
#18 | /news/wp-includes/wlwmanifest.xml | 8,280 |
#19 | /wp-content/plugins/woocommerce/includes/gateways/locks.php | 7,910 |
#20 | /wordpress/wp-admin/setup-config.php | 7,545 |
#21 | /wp-admin/images/moon.php | 7,527 |
#22 | /wp-admin/css | 7,085 |
#23 | /wp-json/sfwd-assignment/1 | 6,906 |
#24 | /wp-admin/setup-config.php | 6,861 |
#25 | /wp-plain.php | 6,844 |
#26 | /wp-content/wp-conflg.php | 6,453 |
#27 | /wp-sitemap.xml | 6,448 |
#28 | /wp-api.php | 6,205 |
#29 | /wp-admin/classwithtostring.php | 6,096 |
#30 | /wp-setup.php | 6,003 |
#31 | /wp-includes/fonts/admin.php | 5,957 |
#32 | /wp-content/index.php | 5,925 |
#33 | /wp-admin/css/colors/blue/index.php | 5,805 |
#34 | /wp-admin/wp-conflg.php | 5,661 |
#35 | /wp-admin/js/index.php | 5,506 |
#36 | /appWP/lab/wp-admin/css/colors/blue/blue.php | 5,371 |
#37 | /wp-includes/IXR/autoload_classmap.php | 5,364 |
#38 | /wp-content/themes/seotheme/db.php | 5,301 |
#39 | /wp-admin/maint/about.php | 5,271 |
#40 | /wp-content/plugins/wpterm.php | 5,198 |
#41 | /wp-includes/fonts/index.php | 5,061 |
#42 | /wp-content/about.php | 4,945 |
#43 | /wp-json/custom/v1 | 4,922 |
#44 | /wp-json/sfwd-lessons/1 | 4,884 |
#45 | /wp-json/sfwd-topic/1 | 4,800 |
#46 | /wp-content/autoload_classmap.php | 4,751 |
#47 | /2020/wp-includes/wlwmanifest.xml | 4,669 |
#48 | /wp-content | 4,623 |
#49 | /wp-admin/js/autoload_classmap.php | 4,498 |
#50 | /wp-admin/index.php | 4,427 |
#51 | /wp-admin/js/widgets/cloud.php | 4,335 |
#52 | /wp-admin/file.php | 4,257 |
#53 | /wp-admin/edit-tags.php | 4,184 |
#54 | /2018/wp-includes/wlwmanifest.xml | 4,171 |
#55 | /wp-content/themes/about.php | 4,039 |
#56 | /wordpress/wp-login.php | 4,010 |
#57 | /wp-content/themes/admin.php | 3,875 |
#58 | /wp-admin/includes/index.php | 3,854 |
#59 | /wp-content/admin.php | 3,805 |
#60 | /wp-admin/admin-ajax.php | 3,737 |
#61 | /wp-admin/network/network.php | 3,728 |
#62 | /wp-includes/blocks/about.php | 3,713 |
#63 | /wp-admin/install.php | 3,629 |
#64 | /wp-admin/wp-login.php | 3,611 |
#65 | /wp-admin/js/about.php | 3,583 |
#66 | /wp-trackback.php | 3,575 |
#67 | /wp-admin/js | 3,518 |
#68 | /wp-l0gin.php | 3,493 |
#69 | /wp-admin.php | 3,469 |
#70 | /wp-admin/css/colors/ectoplasm/about.php | 3,457 |
#71 | /wp-includes/wp-class.php | 3,445 |
#72 | /wp-admin/css/qPyYcxpHKCu.php | 3,410 |
#73 | /wp-json/sfwd-courses/1 | 3,363 |
#74 | /wp-admin/profile.php | 3,360 |
#75 | /wp-admin/plugins.php | 3,347 |
#76 | /wp-admin/mah.php | 3,330 |
#77 | /wp-admin/edit.php | 3,274 |
#78 | /wp-admin/css/colors/blue/about.php | 3,249 |
#79 | /wp-admin/css/colors/blue | 3,228 |
#80 | /wp-content/style.php | 3,221 |
#81 | /wp-aa.php | 3,195 |
#82 | /wp-admin/chosen.php | 3,133 |
#83 | /wp-conflg.php | 3,122 |
#84 | /wp-includes/about.php | 3,111 |
#85 | /wp-signin.php | 3,070 |
#86 | /wp-content/uploads/de_fb_uploads/b.php | 3,069 |
#87 | /wp-content/plugins/WordPressCore/include.php | 2,995 |
#88 | /wp-admin/wp-admins.php | 2,968 |
#89 | /wp-includes/ID3/index.php | 2,962 |
#90 | /wp-admin/wp.php | 2,929 |
#91 | /wp-admin/admin.php | 2,922 |
#92 | /wp-admin/post-new.php | 2,894 |
#93 | /wp-admin/css/colors/light/wp-login.php | 2,885 |
#94 | /wp-admin/js/wp-conflg.php | 2,874 |
#95 | /wp1/wp-includes/wlwmanifest.xml | 2,849 |
#96 | /wp-admin/css/colors/blue/atomlib.php | 2,840 |
#97 | /wp-content/plugins/pwnd/as.php | 2,821 |
#98 | /wp-content/plugins/autoload_classmap.php | 2,796 |
#99 | /wp-includes/html-api/about.php | 2,774 |
#100 | /wp-content/plugins/about.php | 2,774 |
#101 | /wp-admin/autoload_classmap.php | 2,728 |
#102 | /wp-admin/includes/colour.php | 2,721 |
#103 | /wp-admin/includes/header.php | 2,712 |
#104 | /wp-config.php.bak | 2,607 |
#105 | /wp-admin/maint | 2,601 |
#106 | /wp-content/1.php | 2,599 |
#107 | /wp-admin/style.php | 2,595 |
#108 | /wp-includes/ALFA_DATA/alfacgiapi/perl.alfa | 2,589 |
#109 | /wp-editor.php | 2,583 |
#110 | /es/wp-json/oembed/1.0/embed | 2,581 |
#111 | /wp-admin/includes/wp-conflg.php | 2,553 |
#112 | /wp-content/languages/autoload_classmap.php | 2,544 |
#113 | /wp-content/classwithtostring.php | 2,542 |
#114 | /wp-content/plugins/ioxi/ioxi/dropdown.php | 2,476 |
#115 | /wp-content/uploads/json.php | 2,465 |
#116 | /wp-logs.php | 2,435 |
#117 | /wp-wso.php | 2,434 |
#118 | /wp-content/plugins/up/main.php | 2,409 |
#119 | /wp-admin/includes/about.php | 2,401 |
#120 | /wp-config | 2,400 |
#121 | /wp-setting.php | 2,397 |
#122 | /wp_wrong_datlib.php | 2,393 |
#123 | /wp-content/plugin.php | 2,378 |
#124 | /wp-content/x.php | 2,371 |
#125 | /wp-content/wp.php | 2,350 |
#126 | /wp-includes/fonts/autoload_classmap.php | 2,251 |
#127 | /wp-content/click.php | 2,248 |
#128 | /wp-content/themes/style.php | 2,246 |
#129 | /wp-includes/IXR/chosen.php | 2,241 |
#130 | /wp-includes/widgets/autoload_classmap.php | 2,236 |
#131 | /wp-comments.php | 2,236 |
#132 | /wp-includes/style-engine/autoload_classmap.php | 2,228 |
#133 | /wp-admin/images/about.php | 2,212 |
#134 | /wp-json/oembed | 2,211 |
#135 | /wp-includes/wp_class_datlib.php | 2,193 |
#136 | /wp-error.php | 2,192 |
#137 | /wp-includes/css/autoload_classmap.php | 2,188 |
#138 | /wp-admin/images | 2,183 |
#139 | /wp-json/sfwd-courses | 2,175 |
#140 | /wp-includes/js/tinymce/langs/about.php | 2,175 |
#141 | /wp-includes/PHPMailer/file.php | 2,173 |
#142 | /wp-admin/includes | 2,169 |
#143 | /wp-json/wp | 2,159 |
#144 | /sanitas-bk/wp-json/metform/v1/forms/views/654 | 2,147 |
#145 | /wp-json/wp-block-editor | 2,138 |
#146 | /wp-includes/certificates/chosen.php | 2,130 |
#147 | /wp-includes/pomo/about.php | 2,128 |
#148 | /wp-content/plugins/pwnd/pwnd.php | 2,123 |
#149 | /wp-content/uploads/chosen.php | 2,114 |
#150 | /wp-includes/SimplePie/chosen.php | 2,110 |
#151 | /wp-content/plugins/simple/simple.php | 2,087 |
#152 | /wp-file.php | 2,060 |
#153 | /wp-content/file.php | 2,058 |
#154 | /wp-content/plugins/revslider/includes/external/page/index.php | 2,008 |
#155 | /wp-admin/css/about.php | 2,003 |
#156 | /wp-json/sfwd-lessons | 2,002 |
#157 | /wp-admin/js/widgets/index.php | 1,991 |
#158 | /wp-gr.php | 1,979 |
#159 | /wp-includes/autoload_classmap.php | 1,970 |
#160 | /wp-json/sfwd-topic | 1,939 |
#161 | /wp-2019.php | 1,929 |
#162 | /test/wp-includes/wlwmanifest.xml | 1,920 |
#163 | /wp-content/uploads/index.php | 1,903 |
#164 | /wp-content/uploads | 1,888 |
#165 | /wp-content/themes/seotheme/mar.php | 1,887 |
#166 | /wp-content/plugins/wp-conflg.php | 1,849 |
#167 | /wp-json/litespeed/v1/cdn_status | 1,827 |
#168 | /wp-includes/ID3 | 1,785 |
#169 | /wp-includes/css | 1,784 |
#170 | /site/wp-includes/wlwmanifest.xml | 1,773 |
#171 | /wp-admin/js/widgets | 1,765 |
#172 | /cms/wp-includes/wlwmanifest.xml | 1,762 |
#173 | /wp-includes/Text/about.php | 1,738 |
#174 | /wp-content/themes/pridmag/db.php | 1,704 |
#175 | /wp-admin/function.php | 1,693 |
#176 | /wp-includes/ID3/about.php | 1,681 |
#177 | /wp-json/elementor-ai | 1,679 |
#178 | /wp-includes | 1,679 |
#179 | /wp-includes/blocks/wp-conflg.php | 1,677 |
#180 | /wp-includes/Requests/about.php | 1,664 |
#181 | /wp-json/elementor-pro | 1,663 |
#182 | /wp-admin/images/index.php | 1,631 |
#183 | /wp-admin/maint/index.php | 1,625 |
#184 | /wp-content/plugins/apikey/apikey.php | 1,619 |
#185 | /wp-configs.php | 1,607 |
#186 | /wp-signup.php | 1,607 |
#187 | /wp-links.php | 1,582 |
#188 | /wp-blog.php | 1,551 |
#189 | /wp-admin/images/cloud.php | 1,541 |
#190 | /wp-content/plugins/index.php | 1,531 |
#191 | /wp-content/themes/classwithtostring.php | 1,529 |
#192 | /wp-activate.php | 1,528 |
#193 | /wp-content/themes/twentytwenty/404.php | 1,527 |
#194 | /wp-includes/SimplePie/about.php | 1,526 |
#195 | /wp-admin/css/colors/blue/admin.php | 1,519 |
#196 | /wp-admin/css/index.php | 1,519 |
#197 | /wp-json/sfwd-courses/17/groups | 1,517 |
#198 | /wp-includes/Text/autoload_classmap.php | 1,515 |
#199 | /wp-includes/rest-api/index.php | 1,512 |
#200 | /wp-includes/js/jcrop/Jcrop.php | 1,512 |
#201 | /wp-includes/blocks/calendar/index.php | 1,506 |
#202 | /wp-admin/dropdown.php | 1,500 |
#203 | /wp-content/video | 1,491 |
#204 | /wp-json/sfwd-courses/17/prerequisites | 1,476 |
#205 | /wp-includes/style-engine/about.php | 1,469 |
#206 | /wp-content/plugins/admin.php | 1,462 |
#207 | /wp-content/plugins/apikey/apikey.php.suspected | 1,436 |
#208 | /wp-includes/assets/index.php | 1,434 |
#209 | /wp-content/themes/wp-pridmag/init.php | 1,424 |
#210 | /wp-includes/customize/chosen.php | 1,423 |
#211 | /wp-includes/customize/about.php | 1,404 |
#212 | /wp-includes/blocks/site-title/index.php | 1,397 |
#213 | /wp-json/sure-triggers/v1 | 1,396 |
#214 | /wp-content/upgrade/index.php | 1,396 |
#215 | /wp-content/plugins/revslider/includes/external/page | 1,390 |
#216 | /wp-content/languages/about.php | 1,388 |
#217 | /wp-content/plugins/janus/janus.php | 1,385 |
#218 | /wp-content/plugins/dummyyummy/wp-signup.php | 1,382 |
#219 | /wp-admin/css/colors | 1,375 |
#220 | /wp-content/themes | 1,356 |
#221 | /wp-json/google-site-kit | 1,354 |
#222 | /wp-admin/includes/xmrlpc.php | 1,344 |
#223 | /wp-update.php | 1,338 |
#224 | /wp-includes/widgets/about.php | 1,334 |
#225 | /wp-json/storychief | 1,332 |
#226 | /wp-includes/pomo/pomo.php | 1,326 |
#227 | /wp-json/v1/u | 1,296 |
#228 | /wp-includes/SimplePie | 1,284 |
#229 | /wp-json/wp-site-health | 1,283 |
#230 | /wp-json/aioseo | 1,267 |
#231 | /wp-json/webp-converter | 1,260 |
#232 | /wp-admin/css/colors/ectoplasm | 1,256 |
#233 | /wp-admin/css/colors/index.php | 1,251 |
#234 | /wp-admin/css/admin.php | 1,237 |
#235 | /wp-class.php | 1,237 |
#236 | /wp-json/sfwd-assignment/0 | 1,235 |
#237 | /wp-content/upgrade | 1,231 |
#238 | /wp-admin/images/admin.php | 1,225 |
#239 | /wp-content/plugins/core-plugin/include.php | 1,223 |
#240 | /wp-json/elementor | 1,221 |
#241 | /wp-info.php | 1,214 |
#242 | /wp-includes/images/smilies/about.php | 1,212 |
#243 | /wp-content/plugins/pwnd-1/pwnd.php | 1,208 |
#244 | /wp-admin/user/xmrlpc.php | 1,201 |
#245 | /sanitas-bk/wp-json/metform/v1/forms/views/727 | 1,195 |
#246 | /wp2/wp-includes/wlwmanifest.xml | 1,172 |
#247 | /wp-old | 1,152 |
#248 | /wp-content/plugins/xt | 1,149 |
#249 | /wp-admin/maint/admin.php | 1,147 |
#250 | /wp-includes/css/index.php | 1,144 |
#251 | /wp-includes/block-patterns/about.php | 1,144 |
#252 | /cgi-bin/wp-login.php | 1,139 |
#253 | /wp-admin/meta | 1,137 |
#254 | /wp-includes/sitemaps/providers | 1,117 |
#255 | /wp-includes/IXR/about.php | 1,115 |
#256 | /wp-admin/user/chosen.php | 1,114 |
#257 | /wp-admin/css/colors/midnight | 1,113 |
#258 | /wp-includes/rest-api | 1,105 |
#259 | /wp-content/themes/index.php | 1,094 |
#260 | /wp-includes/images/about.php | 1,091 |
#261 | /wp-content/cong.php | 1,090 |
#262 | /wp-admin/css/colors/about.php | 1,083 |
#263 | /wp-admin/js/js/cache.php | 1,078 |
#264 | /wp-admin/css/css/cache.php | 1,078 |
#265 | /wp-admin/images/images/cache.php | 1,076 |
#266 | /sito/wp-includes/wlwmanifest.xml | 1,076 |
#267 | /wp-admin/x.php | 1,068 |
#268 | /wp-includes/rest-api/about.php | 1,061 |
#269 | /wp-includes/customize | 1,059 |
#270 | /blog/wp-login.php | 1,058 |
#271 | /wp-content/plugins | 1,056 |
#272 | /wp-includes/install.php | 1,049 |
#273 | /wp-admin/network/index.php | 1,048 |
#274 | /wp-includes/certificates | 1,034 |
#275 | /wp-content/upgrade-temp-backup/about.php | 1,029 |
#276 | /wp-includes/wp-includes_function.php | 1,024 |
#277 | /wp-includes/PHPMailer | 1,019 |
#278 | /wp-content/plugins/janusv5/janus.php | 1,010 |
#279 | /wp-blog-header.php | 1,009 |
#280 | /sim.php/wp-includes/certificates/plugins.php | 1,008 |
#281 | /wp-content/plugins/wp-automatic/inc/csv.php | 1,004 |
#282 | /wp-json/sfwd-assignment | 998 |
#283 | /wp-admin/css/colors/sunrise | 993 |
#284 | /wp-admin/css/colors/midnight/colors.php | 986 |
#285 | /wp-mail.php | 983 |
#286 | /wp-admin/user | 976 |
#287 | /wp-includes/Text/wp-conflg.php | 975 |
#288 | /wp-admin/css/colors/blue/xboom.php | 973 |
#289 | /wp-includes/html-api | 972 |
#290 | /wp-includes/fonts | 963 |
#291 | /wp-admin/user/wp-login.php | 957 |
#292 | /wp-json/wccom-site | 955 |
#293 | /wp-admin/includes/cloud.php | 949 |
#294 | /features/wordpress-management-tools | 949 |
#295 | /wp-admin/css/colors/ocean | 946 |
#296 | /wp-includes/images | 940 |
#297 | /wp-json/akismet | 939 |
#298 | /wp-admin/users.php | 938 |
#299 | /wp-config-sample.php | 926 |
#300 | /wp-content/languages/index.php | 925 |
#301 | /wp-includes/assets | 922 |
#302 | /wp-includes/fonts/about.php | 921 |
#303 | /wp-includes/pomo | 921 |
#304 | /wp-includes/block-supports/index.php | 917 |
#305 | /wp-admin/js/widgets/about.php | 915 |
#306 | /wp-admin/maint/siteone.php | 912 |
#307 | /wp-json | 912 |
#308 | /wp-files.php | 911 |
#309 | /wp-admin/network/chosen.php | 905 |
#310 | /wp-config.php | 898 |
#311 | /wp-content/mu-plugins-old | 888 |
#312 | /wp-admin/css/colors/light | 885 |
#313 | /wp-json/sure-triggers/v1/automation/action | 884 |
#314 | /wp-admin/js/let.php | 879 |
#315 | /wp-content/themes/alera/alpha.php | 878 |
#316 | /wp-admin/css/colors/light/browser.php | 872 |
#317 | /wp-admin/maint/techl.php | 863 |
#318 | /wp-json/sfwd-courses/[]/users | 856 |
#319 | /wp-admin/images/xmrlpc.php | 853 |
#320 | /wp-json/wordfence | 852 |
#321 | /wp-admin/css/colors/blue/uploader.php | 851 |
#322 | /wp-22.php | 844 |
#323 | /wp-content/plugins/Cache/Cache.php | 843 |
#324 | /wp-admin/css/wp-admins.php | 841 |
#325 | /wp-admin/images/lightspped.php | 840 |
#326 | /wp-json/publishpress-authors | 824 |
#327 | /wp-admin/network | 824 |
#328 | /wp-content/plugins/linkpreview/db.php | 824 |
#329 | /wp-json/commerce/paypal/payments/start-trial | 822 |
#330 | /wp-includes/index.php | 821 |
#331 | /wp-includes/js/codemirror/index.php | 814 |
#332 | /wp-json/wp-mail-smtp | 812 |
#333 | /wp-includes/images/wp-login.php | 801 |
#334 | /wp-fmfile.php | 796 |
#335 | /wp-admin/maint/wp-login.php | 794 |
#336 | /wp-includes/sitemaps/rz.php | 793 |
#337 | /wp-admin/includes/port.php | 790 |
#338 | /wp/wp-admin/includes | 789 |
#339 | /wp-json/penci | 786 |
#340 | /wp-admin/maint/akcc.php | 783 |
#341 | /wp-admin/about.php | 780 |
#342 | /wpls.php | 778 |
#343 | /wp-content/content.php | 777 |
#344 | /wordpress-vs-html | 776 |
#345 | /wp-content/plugins/seoplugins/mar.php | 775 |
#346 | /wp-admin/css/colors/ectoplasm/wp-login.php | 766 |
#347 | /wp-includes/sitemaps | 766 |
#348 | /wp-includes/admin.php | 765 |
#349 | /wp-content/uploads/wp-conflg.php | 761 |
#350 | /wp-includes/Text/Diff/Engine/about.php | 759 |
#351 | /wp-content/plugins/seoplugins/db.php | 752 |
#352 | /wp-includes/Requests/Response | 748 |
#353 | /wp/wp-login.php | 748 |
#354 | /wp-includes/customize/index.php | 744 |
#355 | /wp-content/themes/twenty/twenty.php | 742 |
#356 | /wp-includes/images/smilies/index.php | 741 |
#357 | /wp-includes/class-wp-network-cron.php | 740 |
#358 | /wp-admin/css/colors/light/about.php | 739 |
#359 | /wp-admin/network/xmrlpc.php | 739 |
#360 | /wp-includes/IXR | 739 |
#361 | /wp-includes/Text/Diff/Renderer | 739 |
#362 | /wp-admin/js/wp-login.php | 738 |
#363 | /wp-json/commerce/paypal/payments/order | 738 |
#364 | /wp-includes/Text/Diff/Renderer/about.php | 736 |
#365 | /wp-seo.php | 731 |
#366 | /wp-includes/SimplePie/index.php | 731 |
#367 | /wp-includes/Requests/Cookie | 729 |
#368 | /wp-admin/network/cloud.php | 727 |
#369 | /wp-load.php | 723 |
#370 | /wp-admin/css/colors/coffee/index.php | 722 |
#371 | /.well-known/pki-validation/wp-login.php | 720 |
#372 | /wp-includes/Requests | 720 |
#373 | /wp-json/wp/v2/users | 714 |
#374 | /wp-includes/ID3/el.php | 713 |
#375 | /wp-admin/user/index.php | 711 |
#376 | /wp-head.php | 710 |
#377 | /wp-content/cache/index.php | 709 |
#378 | /wp-includes/js/tinymce/skins/lightgray/img/index.php | 707 |
#379 | /wp-admin/maint/fie.php | 707 |
#380 | /wp-sigunq.php | 707 |
#381 | /wp-admin/css/colors/blue/wp-login.php | 705 |
#382 | /wp-content/worksec.php | 704 |
#383 | /wp-json/gravity-pdf | 702 |
#384 | /wp-content/uploads/autoload_classmap.php | 701 |
#385 | /wp-json/gwiz | 700 |
#386 | /wp-includes/we2.php | 698 |
#387 | /wp-includes/x.php | 696 |
#388 | /wp-includes/js/codemirror | 694 |
#389 | /wp-content/languages/chosen.php | 693 |
#390 | /wp-login | 693 |
#391 | /wp-includes/images/smilies | 688 |
#392 | /wp-theme.php | 687 |
#393 | /wp-content/themes/twentyfive/include.php | 687 |
#394 | /wp-index.php | 686 |
#395 | /wp-json/buddyboss-app/v1/signup/form | 681 |
#396 | /wp-content/plugins/elementor/assets/js/undefined | 680 |
#397 | /wp-content/plugins/wp-help/admin/wp-fclass.php | 678 |
#398 | /wp-content/plugins/simple-local-avatars/sldebar.php | 675 |
#399 | /wp-includes/css/wp-conflg.php | 675 |
#400 | /wp-includes/images/media | 675 |
#401 | /wp-admin/css/wp-css.php | 674 |
#402 | /wp-includes/IXR/admin.php | 674 |
#403 | /wp-admin/radio.php | 669 |
#404 | /wp-admin/css/colors/modern | 666 |
#405 | /wp-mn.php | 664 |
#406 | /wp-content/themes/file.php | 661 |
#407 | /wp-admin/admin-post.php | 657 |
#408 | /wp-xm.php | 655 |
#409 | /wp-admin/js/widgets/about.php7 | 652 |
#410 | /wp-admin/alfa.php | 648 |
#411 | /wp-includes/IXR/index.php | 646 |
#412 | /wp-admin/wp-admin.php | 644 |
#413 | /wp-remote-api | 642 |
#414 | /wp-admin/css/wp-login.php | 642 |
#415 | /wp-admin/css/colors/blue/ff.php | 637 |
#416 | /wpc.php | 637 |
#417 | /wp-admin/js/admin.php | 636 |
#418 | /wp-content/themes/aahana/json.php | 632 |
#419 | /wp-includes/PHPMailer/admin.php | 631 |
#420 | /wp-admin/includes/class-core-upgrader-first.php | 630 |
#421 | /wp-content/radio.php | 630 |
#422 | /wp-includes/images/crystal | 630 |
#423 | /wp-includes/blocks | 626 |
#424 | /wp-admin/images/download.php | 624 |
#425 | /wp-includes/block-patterns | 623 |
#426 | /wp-includes/Text/Diff/alfa-rex.php | 617 |
#427 | /wp-content/themes/twentytwentytwo/index.php | 617 |
#428 | /wp-includes/block-supports | 615 |
#429 | /wp-admin/css/colors/blue/aurora%20(1).php | 614 |
#430 | /wp-xx.php | 614 |
#431 | /wp-content/plugins/bdthemes-prime-slider-lite/images/backgrounds | 613 |
#432 | /wp-includes/ID3/autoload_classmap.php | 611 |
#433 | /wp-includes/IXR/goto.php | 606 |
#434 | /wp-json/wp-rocket | 597 |
#435 | /wp-admin/css/colors/midnight/gmail.php | 596 |
#436 | /wp-includes/SimplePie/admin.php | 594 |
#437 | /wp-admin/css/colors/blue/VzlaTeam.php | 593 |
#438 | /wp-activat.php | 593 |
#439 | /wp-content/upgrade/about.php | 593 |
#440 | /wp-includes/html-api/wp-login.php | 592 |
#441 | /wp-content/uploads/about.php | 592 |
#442 | /wp-admin/images/install.php | 591 |
#443 | /shop/wp-login.php | 590 |
#444 | /wp-includes/IXR/wp-login.php | 589 |
#445 | /wp-cliner.php | 589 |
#446 | /wp-includes/plugins.php | 584 |
#447 | /wp-admin/includes/BDKR28_shell.php | 580 |
#448 | /wp-json/hfe | 579 |
#449 | /wp-admin/css/colors/blue/info.php | 578 |
#450 | /wp-admin/includes/class-wp-privacy-data-removal-requests-list-table-package.php | 578 |
#451 | /wp-content/plugins/view-more/ioxi.php | 577 |
#452 | /wp-json/wp/v2/posts | 577 |
#453 | /wp-admin/includes/el.php | 576 |
#454 | /wp-includes/style-engine | 576 |
#455 | /wp-admin/css/colors/ectoplasm/upload.php | 573 |
#456 | /wp-admin/js/widgets/zip.php | 571 |
#457 | /wp-comments-post.php | 570 |
#458 | /wp-json/elementor-hello-elementor | 569 |
#459 | /wp-header.php | 569 |
#460 | /wp-admin/css/colors/coffee/cloud.php | 568 |
#461 | /2021/wp-includes/wlwmanifest.xml | 566 |
#462 | /wp-admin/css/colors/coffee | 564 |
#463 | /wp-content/install.php | 558 |
#464 | /wp-admin/includes/theme-install.php.INFECTED.php | 555 |
#465 | /wp-includes/css/about.php | 554 |
#466 | /wp-includes/feed-rsss.php | 553 |
#467 | /wp-content/uploads/elementor/css/link%20da%20imagem | 550 |
#468 | /wp-includes/php-compat | 547 |
#469 | /wp-includes/certificates/about.php | 547 |
#470 | /wp-includes/sodium_compat | 547 |
#471 | /wp-content/uploads/2022/10/upload.php | 542 |
#472 | /wp-content/themes/astra/inc/ki1k.php | 542 |
#473 | /wp-includes/block-bindings | 542 |
#474 | /wp-content/plugins/litespeed-cache/guest.vary.php | 541 |
#475 | /wp-content/plugins/up/up.php | 541 |
#476 | /wp-admin/maint/edit.php | 539 |
#477 | /revendedor/wp-login.php | 536 |
#478 | /wp-admin/includes/template.php.INFECTED.php | 535 |
#479 | /wp-includes/assets/autoload_classmap.php | 534 |
#480 | /wp-admin/js/chosen.php | 534 |
#481 | /wp-content/mu-plugins | 534 |
#482 | /wp-admin/includes/plugin-install.php.INFECTED.php | 533 |
#483 | /wp-content/plugins/wordpress-core/wordpress-core.php | 531 |
#484 | /wp-includes/Text/Diff | 531 |
#485 | /wp-includes/css/dist | 531 |
#486 | /wp-content/plugins/ninja-forms | 529 |
#487 | /wp-admin/includes/menu-cookie.php | 527 |
#488 | /wp-content/uploads/2024/index.php | 527 |
#489 | /wp-includes/pomo/index.php | 527 |
#490 | /wp-admin/images/profile.php | 526 |
#491 | /wp-content/plugins/wordpress-corde/wordpresse-kore.php | 524 |
#492 | /wp-includes/certificates/wp-login.php | 520 |
#493 | /wp-includes/rest-api/endpoints | 519 |
#494 | /wp-includes/rest-api/search | 516 |
#495 | /wp-content/plugins/newsletters-lite/newsletters-lite-ajax.php | 512 |
#496 | /wp-content/x | 512 |
#497 | /wp-includes/class-wp-feed-cache-transient-part.php | 511 |
#498 | /wp-includes/sitemaps/autoload_classmap.php | 511 |
#499 | /wp-includes/images/wlw | 510 |
#500 | /wp-includes/embed-database.php | 507 |
Data was last updated on: Oct 7, 2025
We love logs. In this section we will share some of the data we are parsing from our logs and honeypots we have live.
Logging for fun and a good night of sleep.
Latest log-based threat analysis added.
Do you have an idea for a research that is not here? See something wrong? Contact us at support@noc.org
14 days free trial. No credit card required.