Checking for 404 errors in your logs can reveal more than just broken links, it can also expose files and URLs that attackers are actively scanning for. To track this behavior, we set up hundreds of honeypots and analyzed live web traffic data, giving us insight into which files and URLs are being targeted across the internet.
The table bellow list the top URLs being scanned on WordPress sites. This list of updated daily and shows the top plugins, backdoors and files that attacker are lookin for specifically to WordPress.
| Rank | Scanned URL | Counter |
|---|---|---|
| #1 | /wp-login.php | 498,240 |
| #2 | /wp-json/oembed/1.0/embed | 38,241 |
| #3 | /wordpress | 21,147 |
| #4 | /wp-cron.php | 21,024 |
| #5 | /wp-content/plugins/hellopress/wp_filemanager.php | 20,808 |
| #6 | /wp-admin | 18,487 |
| #7 | /wp | 18,447 |
| #8 | /wp-content/plugins/fix/up.php | 16,004 |
| #9 | /wp-includes/wlwmanifest.xml | 14,476 |
| #10 | /wp.php | 13,799 |
| #11 | /web/wp-includes/wlwmanifest.xml | 12,150 |
| #12 | /wordpress/wp-includes/wlwmanifest.xml | 12,028 |
| #13 | /wp/wp-includes/wlwmanifest.xml | 11,820 |
| #14 | /blog/wp-includes/wlwmanifest.xml | 11,459 |
| #15 | /2019/wp-includes/wlwmanifest.xml | 11,323 |
| #16 | /shop/wp-includes/wlwmanifest.xml | 11,254 |
| #17 | /website/wp-includes/wlwmanifest.xml | 10,742 |
| #18 | /news/wp-includes/wlwmanifest.xml | 10,593 |
| #19 | /wp-plain.php | 9,104 |
| #20 | /wp-admin/css | 8,528 |
| #21 | /wordpress/wp-admin/setup-config.php | 8,081 |
| #22 | /wp-content/plugins/woocommerce/includes/gateways/locks.php | 7,910 |
| #23 | /wp-sitemap.xml | 7,830 |
| #24 | /wp-admin/images/moon.php | 7,719 |
| #25 | /wp-json/sfwd-assignment/1 | 7,595 |
| #26 | /wp-admin/setup-config.php | 7,294 |
| #27 | /appWP/lab/wp-admin/css/colors/blue/blue.php | 6,851 |
| #28 | /wp-content/wp-conflg.php | 6,848 |
| #29 | /wp-content/themes/seotheme/db.php | 6,636 |
| #30 | /wp-content/index.php | 6,341 |
| #31 | /wp-api.php | 6,311 |
| #32 | /wp-admin/classwithtostring.php | 6,223 |
| #33 | /wp-setup.php | 6,148 |
| #34 | /wp-includes/fonts/admin.php | 6,097 |
| #35 | /wp-admin/css/colors/blue/index.php | 6,048 |
| #36 | /wp-admin/wp-conflg.php | 5,917 |
| #37 | /2020/wp-includes/wlwmanifest.xml | 5,808 |
| #38 | /2018/wp-includes/wlwmanifest.xml | 5,688 |
| #39 | /wp-admin/js/index.php | 5,633 |
| #40 | /wp-includes/IXR/autoload_classmap.php | 5,539 |
| #41 | /wp-admin/maint/about.php | 5,347 |
| #42 | /wp-content/about.php | 5,291 |
| #43 | /wp-includes/fonts/index.php | 5,278 |
| #44 | /wp-admin/index.php | 5,225 |
| #45 | /wp-content/plugins/wpterm.php | 5,198 |
| #46 | /wp-admin/edit-tags.php | 5,033 |
| #47 | /wp-content | 5,033 |
| #48 | /wp-content/autoload_classmap.php | 4,928 |
| #49 | /wp-json/custom/v1 | 4,922 |
| #50 | /wp-json/sfwd-lessons/1 | 4,899 |
| #51 | /wp-json/sfwd-topic/1 | 4,819 |
| #52 | /wp-content/style.php | 4,628 |
| #53 | /wp-admin/js/autoload_classmap.php | 4,502 |
| #54 | /wp-admin/js/widgets/cloud.php | 4,344 |
| #55 | /wp-content/themes/about.php | 4,307 |
| #56 | /wp-admin/file.php | 4,277 |
| #57 | /wp-admin/admin-ajax.php | 4,252 |
| #58 | /wp-admin/install.php | 4,156 |
| #59 | /wordpress/wp-login.php | 4,091 |
| #60 | /wp-content/admin.php | 4,074 |
| #61 | /wp-content/plugins/WordPressCore/include.php | 4,051 |
| #62 | /wp-admin/profile.php | 4,004 |
| #63 | /wp-content/themes/admin.php | 3,979 |
| #64 | /wp-admin.php | 3,972 |
| #65 | /wp1/wp-includes/wlwmanifest.xml | 3,946 |
| #66 | /wp-admin/style.php | 3,934 |
| #67 | /wp-editor.php | 3,932 |
| #68 | /wp-admin/plugins.php | 3,902 |
| #69 | /wp-admin/js/about.php | 3,892 |
| #70 | /wp-admin/includes/index.php | 3,874 |
| #71 | /wp-admin/edit.php | 3,845 |
| #72 | /wp-trackback.php | 3,800 |
| #73 | /wp-includes/blocks/about.php | 3,731 |
| #74 | /wp-admin/network/network.php | 3,730 |
| #75 | /wp-admin/wp-login.php | 3,700 |
| #76 | /wp-content/themes/style.php | 3,651 |
| #77 | /wp-admin/js | 3,650 |
| #78 | /wp-l0gin.php | 3,558 |
| #79 | /wp-admin/post-new.php | 3,531 |
| #80 | /wp-admin/css/colors/ectoplasm/about.php | 3,471 |
| #81 | /wp-includes/wp-class.php | 3,462 |
| #82 | /wp-admin/css/qPyYcxpHKCu.php | 3,410 |
| #83 | /wp-admin/css/colors/blue | 3,397 |
| #84 | /wp-json/sfwd-courses/1 | 3,363 |
| #85 | /wp-conflg.php | 3,356 |
| #86 | /wp-admin/css/colors/blue/about.php | 3,334 |
| #87 | /wp-admin/mah.php | 3,331 |
| #88 | /wp-aa.php | 3,290 |
| #89 | /wp-json/sfwd-courses | 3,273 |
| #90 | /wp-admin/chosen.php | 3,237 |
| #91 | /wp-json/oembed | 3,181 |
| #92 | /wp-includes/about.php | 3,160 |
| #93 | /wp-json/wp | 3,145 |
| #94 | /wp-signin.php | 3,086 |
| #95 | /wp-content/uploads/de_fb_uploads/b.php | 3,069 |
| #96 | /wp-admin/js/wp-conflg.php | 3,041 |
| #97 | /wp-admin/admin.php | 3,008 |
| #98 | /wp-admin/css/colors/blue/atomlib.php | 2,980 |
| #99 | /wp-admin/wp-admins.php | 2,968 |
| #100 | /wp-includes/ID3/index.php | 2,967 |
| #101 | /wp-admin/wp.php | 2,967 |
| #102 | /wp-content/video | 2,962 |
| #103 | /wp-config.php.bak | 2,924 |
| #104 | /wp-content/plugins/autoload_classmap.php | 2,909 |
| #105 | /wp-content/plugins/about.php | 2,906 |
| #106 | /wp-admin/css/colors/light/wp-login.php | 2,887 |
| #107 | /wp-content/plugins/pwnd/pwnd.php | 2,856 |
| #108 | /wp-content/plugins/pwnd/as.php | 2,854 |
| #109 | /wp-admin/autoload_classmap.php | 2,807 |
| #110 | /wp-content/classwithtostring.php | 2,780 |
| #111 | /wp-includes/html-api/about.php | 2,774 |
| #112 | /test/wp-includes/wlwmanifest.xml | 2,724 |
| #113 | /wp-admin/includes/colour.php | 2,721 |
| #114 | /wp-admin/includes/header.php | 2,712 |
| #115 | /wp-config | 2,711 |
| #116 | /wp-admin/maint | 2,696 |
| #117 | /wp-json/sfwd-lessons | 2,662 |
| #118 | /wp-content/1.php | 2,605 |
| #119 | /es/wp-json/oembed/1.0/embed | 2,598 |
| #120 | /wp-includes/ALFA_DATA/alfacgiapi/perl.alfa | 2,591 |
| #121 | /wp-content/plugins/ioxi/ioxi/dropdown.php | 2,569 |
| #122 | /wp-json/sfwd-topic | 2,560 |
| #123 | /wp-admin/includes/wp-conflg.php | 2,555 |
| #124 | /wp-content/languages/autoload_classmap.php | 2,549 |
| #125 | /site/wp-includes/wlwmanifest.xml | 2,530 |
| #126 | /cms/wp-includes/wlwmanifest.xml | 2,516 |
| #127 | /wp-content/wp.php | 2,494 |
| #128 | /wp-admin/includes/about.php | 2,476 |
| #129 | /wp-content/uploads/json.php | 2,465 |
| #130 | /wp-logs.php | 2,435 |
| #131 | /wp-wso.php | 2,435 |
| #132 | /wp-admin/includes | 2,427 |
| #133 | /wp-content/plugins/up/main.php | 2,412 |
| #134 | /wp_wrong_datlib.php | 2,398 |
| #135 | /wp-setting.php | 2,397 |
| #136 | /wp-content/plugin.php | 2,382 |
| #137 | /wp-content/x.php | 2,373 |
| #138 | /wp-admin/images | 2,350 |
| #139 | /wp-content/file.php | 2,327 |
| #140 | /wp-admin/images/about.php | 2,327 |
| #141 | /wp-2019.php | 2,304 |
| #142 | /wp-includes/fonts/autoload_classmap.php | 2,254 |
| #143 | /wp-error.php | 2,251 |
| #144 | /wp-content/click.php | 2,248 |
| #145 | /wp-includes/IXR/chosen.php | 2,242 |
| #146 | /wp-includes/widgets/autoload_classmap.php | 2,236 |
| #147 | /wp-comments.php | 2,236 |
| #148 | /wp-includes/style-engine/autoload_classmap.php | 2,232 |
| #149 | /wp-json/wp-block-editor | 2,230 |
| #150 | /wp-includes/pomo/about.php | 2,216 |
| #151 | /wp-gr.php | 2,210 |
| #152 | /wp-content/plugins/simple/simple.php | 2,204 |
| #153 | /wp-includes/wp_class_datlib.php | 2,193 |
| #154 | /wp-includes/css/autoload_classmap.php | 2,190 |
| #155 | /wp-includes/js/tinymce/langs/about.php | 2,179 |
| #156 | /wp-includes/PHPMailer/file.php | 2,175 |
| #157 | /wp-content/uploads/index.php | 2,172 |
| #158 | /wp-admin/css/about.php | 2,158 |
| #159 | /wp-file.php | 2,155 |
| #160 | /sanitas-bk/wp-json/metform/v1/forms/views/654 | 2,147 |
| #161 | /wp-includes/certificates/chosen.php | 2,132 |
| #162 | /wp-content/uploads/chosen.php | 2,114 |
| #163 | /wp-includes/SimplePie/chosen.php | 2,110 |
| #164 | /wp-content/plugins/apikey/apikey.php | 2,108 |
| #165 | /wp-json/litespeed/v1/cdn_status | 2,098 |
| #166 | /wp-includes/autoload_classmap.php | 2,097 |
| #167 | /wp-content/themes/seotheme/mar.php | 2,092 |
| #168 | /wp-content/uploads | 2,085 |
| #169 | /wp-content/plugins/revslider/includes/external/page/index.php | 2,012 |
| #170 | /wp-json/sfwd-assignment | 2,012 |
| #171 | /wp-admin/js/widgets/index.php | 2,006 |
| #172 | /wp-content/plugins/wp-conflg.php | 1,961 |
| #173 | /wp-includes/ID3 | 1,950 |
| #174 | /wp-content/themes/pridmag/db.php | 1,918 |
| #175 | /wp-content/plugins/apikey/apikey.php.suspected | 1,877 |
| #176 | /wp-includes/css | 1,858 |
| #177 | /wp-admin/js/widgets | 1,834 |
| #178 | /wpc.php | 1,819 |
| #179 | /wp-admin/maint/index.php | 1,814 |
| #180 | /wp-includes/Text/about.php | 1,807 |
| #181 | /wp-configs.php | 1,806 |
| #182 | /wp-includes | 1,802 |
| #183 | /wp-json/wordfence | 1,790 |
| #184 | /wp-includes/ID3/about.php | 1,786 |
| #185 | /wp-admin/function.php | 1,784 |
| #186 | /wp-json/elementor-ai | 1,771 |
| #187 | /wp-json/elementor-pro | 1,757 |
| #188 | /wp-includes/Requests/about.php | 1,735 |
| #189 | /wp-json/sure-triggers/v1 | 1,725 |
| #190 | /wp-admin/images/index.php | 1,711 |
| #191 | /wp-blog.php | 1,679 |
| #192 | /wp-includes/blocks/wp-conflg.php | 1,677 |
| #193 | /wp-activate.php | 1,670 |
| #194 | /wp-admin/dropdown.php | 1,650 |
| #195 | /wp-signup.php | 1,640 |
| #196 | /wp-links.php | 1,627 |
| #197 | /wp-content/plugins/index.php | 1,606 |
| #198 | /wp-content/upgrade/index.php | 1,605 |
| #199 | /wp-content/themes/classwithtostring.php | 1,602 |
| #200 | /wp2/wp-includes/wlwmanifest.xml | 1,589 |
| #201 | /wp-includes/SimplePie/about.php | 1,586 |
| #202 | /wp-content/themes/wp-pridmag/init.php | 1,581 |
| #203 | /wp-admin/css/index.php | 1,572 |
| #204 | /wp-includes/style-engine/about.php | 1,554 |
| #205 | /wp-admin/images/cloud.php | 1,552 |
| #206 | /wp-admin/css/colors/blue/admin.php | 1,540 |
| #207 | /wp-json/sfwd-courses/17/groups | 1,534 |
| #208 | /wp-content/themes/twentytwenty/404.php | 1,534 |
| #209 | /wp-content/plugins/admin.php | 1,522 |
| #210 | /wp-includes/Text/autoload_classmap.php | 1,518 |
| #211 | /wp-includes/js/jcrop/Jcrop.php | 1,517 |
| #212 | /wp-includes/rest-api/index.php | 1,512 |
| #213 | /wp-includes/blocks/calendar/index.php | 1,506 |
| #214 | /wp-json/sfwd-courses/17/prerequisites | 1,497 |
| #215 | /wp-includes/assets/index.php | 1,492 |
| #216 | /wp-json/sure-triggers/v1/automation/action | 1,476 |
| #217 | /sito/wp-includes/wlwmanifest.xml | 1,469 |
| #218 | /wp-content/plugins/pwnd-1/pwnd.php | 1,453 |
| #219 | /wp-content/plugins/revslider/includes/external/page | 1,450 |
| #220 | /wp-admin/css/colors | 1,450 |
| #221 | /wp-includes/customize/about.php | 1,446 |
| #222 | /wp-admin/includes/xmrlpc.php | 1,436 |
| #223 | /wp-content/themes | 1,432 |
| #224 | /wp-includes/customize/chosen.php | 1,423 |
| #225 | /wp-content/languages/about.php | 1,421 |
| #226 | /wp-update.php | 1,416 |
| #227 | /wp-content/plugins/dummyyummy/wp-signup.php | 1,413 |
| #228 | /wp-includes/blocks/site-title/index.php | 1,398 |
| #229 | /wp-content/plugins/janus/janus.php | 1,385 |
| #230 | /wp-json/wp-site-health | 1,375 |
| #231 | /wp-includes/widgets/about.php | 1,374 |
| #232 | /wp-json/google-site-kit | 1,354 |
| #233 | /wp-admin/images/admin.php | 1,341 |
| #234 | /wp-json/intercom/v1/webhook | 1,334 |
| #235 | /wp-json/storychief | 1,332 |
| #236 | /wp-includes/pomo/pomo.php | 1,326 |
| #237 | /wp-json/elementor | 1,314 |
| #238 | /wp-info.php | 1,306 |
| #239 | /wp-includes/SimplePie | 1,298 |
| #240 | /wp-json | 1,297 |
| #241 | /wp-json/v1/u | 1,296 |
| #242 | /wp-admin/css/colors/ectoplasm | 1,291 |
| #243 | /wp-class.php | 1,283 |
| #244 | /wp-old | 1,279 |
| #245 | /wp-content/plugins/core-plugin/include.php | 1,273 |
| #246 | /wp-admin/css/colors/index.php | 1,270 |
| #247 | /wp-json/aioseo | 1,267 |
| #248 | /wp-content/upgrade | 1,267 |
| #249 | /wp-json/webp-converter | 1,260 |
| #250 | /wp-json/code-snippets | 1,257 |
| #251 | /wp-includes/IXR/about.php | 1,253 |
| #252 | /wp-includes/rest-api | 1,250 |
| #253 | /wp-json/sfwd-assignment/0 | 1,248 |
| #254 | /wp-admin/css/admin.php | 1,246 |
| #255 | /wp-admin/user/xmrlpc.php | 1,246 |
| #256 | /wp-includes/block-patterns/about.php | 1,236 |
| #257 | /wp-content/plugins | 1,230 |
| #258 | /wp-content/cong.php | 1,226 |
| #259 | /wp-includes/images/smilies/about.php | 1,220 |
| #260 | /wp-admin/meta | 1,211 |
| #261 | /wp-content/plugins/hellopress/wp_mna.php | 1,211 |
| #262 | /wp-admin/maint/admin.php | 1,196 |
| #263 | /sanitas-bk/wp-json/metform/v1/forms/views/727 | 1,195 |
| #264 | /wp-json/commerce/paypal/payments/start-trial | 1,182 |
| #265 | /wp-content/plugins/wp-automatic/inc/csv.php | 1,182 |
| #266 | /wp-admin/user/chosen.php | 1,159 |
| #267 | /features/wordpress-management-tools | 1,153 |
| #268 | /blog/wp-login.php | 1,152 |
| #269 | /wp-includes/css/index.php | 1,150 |
| #270 | /wp-content/plugins/xt | 1,149 |
| #271 | /cgi-bin/wp-login.php | 1,142 |
| #272 | /wp-includes/images/about.php | 1,142 |
| #273 | /wp-admin/css/colors/midnight | 1,130 |
| #274 | /wp-content/themes/index.php | 1,129 |
| #275 | /wp-includes/sitemaps/providers | 1,126 |
| #276 | /wp-includes/fonts | 1,126 |
| #277 | /wp-includes/rest-api/about.php | 1,124 |
| #278 | /wp-json/commerce/paypal/payments/order | 1,116 |
| #279 | /wp-admin/x.php | 1,114 |
| #280 | /wp-admin/network/index.php | 1,114 |
| #281 | /wp-admin/css/colors/about.php | 1,086 |
| #282 | /wp-includes/fonts/about.php | 1,079 |
| #283 | /wp-admin/js/js/cache.php | 1,078 |
| #284 | /wp-admin/css/css/cache.php | 1,078 |
| #285 | /wp-admin/images/images/cache.php | 1,076 |
| #286 | /wp-includes/customize | 1,067 |
| #287 | /wp-content/upgrade-temp-backup/about.php | 1,065 |
| #288 | /wp-includes/install.php | 1,063 |
| #289 | /wp-admin/network/chosen.php | 1,057 |
| #290 | /wp-includes/certificates | 1,050 |
| #291 | /wp-22.php | 1,039 |
| #292 | /wp-blog-header.php | 1,038 |
| #293 | /wp-mail.php | 1,034 |
| #294 | /wp-includes/PHPMailer | 1,028 |
| #295 | /wp-includes/wp-includes_function.php | 1,026 |
| #296 | /wp-includes/Text/wp-conflg.php | 1,020 |
| #297 | /wp-admin/css/colors/sunrise | 1,011 |
| #298 | /wp-content/plugins/janusv5/janus.php | 1,010 |
| #299 | /sim.php/wp-includes/certificates/plugins.php | 1,009 |
| #300 | /wp-content/plugins/linkpreview/db.php | 1,007 |
| #301 | /wp-admin/css/colors/midnight/colors.php | 986 |
| #302 | /wp-admin/user | 986 |
| #303 | /wp-includes/html-api | 986 |
| #304 | /wp-json/akismet | 980 |
| #305 | /wp-includes/assets | 975 |
| #306 | /wp-content/languages/index.php | 975 |
| #307 | /wp-admin/css/colors/blue/xboom.php | 973 |
| #308 | /wp-admin/users.php | 967 |
| #309 | /wp-admin/js/widgets/about.php | 967 |
| #310 | /wp-includes/pomo | 966 |
| #311 | /wp-json/vimeography | 965 |
| #312 | /wp-admin/user/wp-login.php | 963 |
| #313 | /wp-admin/css/colors/ocean | 959 |
| #314 | /wp-json/wccom-site | 955 |
| #315 | /wp-admin/includes/cloud.php | 955 |
| #316 | /wp-includes/images | 954 |
| #317 | /wp-includes/js/codemirror/index.php | 950 |
| #318 | /wpls.php | 949 |
| #319 | /wp-config.php | 947 |
| #320 | /wp-content/mu-plugins-old | 935 |
| #321 | /wp-files.php | 932 |
| #322 | /wp-config-sample.php | 930 |
| #323 | /wp-json/wp/v2/users | 928 |
| #324 | /wp-includes/block-supports/index.php | 920 |
| #325 | /wp-content/themes/alera/alpha.php | 918 |
| #326 | /wp-admin/maint/siteone.php | 912 |
| #327 | /wp-json/whm | 908 |
| #328 | /wp-cli.php | 904 |
| #329 | /wp-admin/images/xmrlpc.php | 903 |
| #330 | /2021/wp-includes/wlwmanifest.xml | 899 |
| #331 | /wp-admin/css/colors/light | 898 |
| #332 | /wp-includes/IXR | 894 |
| #333 | /wp-content/plugins/seoplugins/db.php | 892 |
| #334 | /wp-content/plugins/Cache/Cache.php | 889 |
| #335 | /wp-includes/Text/Diff/Renderer | 888 |
| #336 | /wp-cron | 888 |
| #337 | /wp-admin/js/let.php | 879 |
| #338 | /wp-admin/about.php | 874 |
| #339 | /wp-admin/css/colors/light/browser.php | 872 |
| #340 | /wp-includes/Text/Diff/Engine/about.php | 872 |
| #341 | /wp-json/sfwd-courses/[]/users | 867 |
| #342 | /wp-json/buddypress/v1/members | 866 |
| #343 | /wp-admin/maint/techl.php | 863 |
| #344 | /wp-admin/maint/wp-login.php | 856 |
| #345 | /wp/wp-login.php | 856 |
| #346 | /wp-admin/css/colors/blue/uploader.php | 851 |
| #347 | /wp-content/plugins/seoplugins/mar.php | 849 |
| #348 | /wp-admin/network | 845 |
| #349 | /wp-includes/images/wp-login.php | 845 |
| #350 | /wp-admin/css/wp-admins.php | 841 |
| #351 | /wp-admin/images/lightspped.php | 840 |
| #352 | /wp-content/themes/twentyfive/include.php | 839 |
| #353 | /wp-includes/index.php | 825 |
| #354 | /wp-json/publishpress-authors | 824 |
| #355 | /wp-mn.php | 822 |
| #356 | /wp-content/content.php | 817 |
| #357 | /wp-json/wp-mail-smtp | 812 |
| #358 | /wp/wp-admin/includes | 803 |
| #359 | /wp-fmfile.php | 796 |
| #360 | /wp-content/uploads/wp-conflg.php | 796 |
| #361 | /wp-admin/maint/fie.php | 795 |
| #362 | /wp-includes/sitemaps/rz.php | 793 |
| #363 | /wp-content/worksec.php | 792 |
| #364 | /wp-admin/includes/port.php | 790 |
| #365 | /wp-json/penci | 786 |
| #366 | /wp-json/commerce/paypal/payments/payment-token | 786 |
| #367 | /wp-admin/maint/akcc.php | 784 |
| #368 | /wp-admin/network/xmrlpc.php | 783 |
| #369 | /wp-includes/SimplePie/index.php | 781 |
| #370 | /wp-includes/sitemaps | 781 |
| #371 | /wp-confiq.php | 780 |
| #372 | /wordpress-vs-html | 776 |
| #373 | /wp-json/commerce/paypal/payments/setup-token | 775 |
| #374 | /wp-json/buddyboss-app/v1/signup/form | 775 |
| #375 | /wp-includes/admin.php | 775 |
| #376 | /wp-admin/network/cloud.php | 774 |
| #377 | /wp-admin/css/colors/ectoplasm/wp-login.php | 773 |
| #378 | /wp-head.php | 773 |
| #379 | /wp-includes/Text/Diff/Renderer/about.php | 771 |
| #380 | /wp-sigunq.php | 770 |
| #381 | /wp-content/themes/twenty/twenty.php | 769 |
| #382 | /wp-includes/block-supports | 766 |
| #383 | /.well-known/pki-validation/wp-login.php | 758 |
| #384 | /wp-login | 756 |
| #385 | /wp-load.php | 752 |
| #386 | /wp-includes/customize/index.php | 751 |
| #387 | /wp-includes/Requests/Response | 749 |
| #388 | /wp-includes/images/smilies/index.php | 746 |
| #389 | /wp-includes/style-engine | 745 |
| #390 | /revendedor/wp-login.php | 745 |
| #391 | /wp-admin/css/colors/coffee/index.php | 744 |
| #392 | /wp-includes/js/codemirror | 743 |
| #393 | /wp-includes/IXR/admin.php | 743 |
| #394 | /wp-includes/class-wp-network-cron.php | 740 |
| #395 | /wp-admin/js/wp-login.php | 740 |
| #396 | /wp-admin/css/colors/light/about.php | 739 |
| #397 | /wp-includes/ID3/autoload_classmap.php | 738 |
| #398 | /wp-includes/Requests | 736 |
| #399 | /wp-content/install.php | 736 |
| #400 | /wp-seo.php | 732 |
| #401 | /wp-content/languages/chosen.php | 730 |
| #402 | /wp-includes/Requests/Cookie | 730 |
| #403 | /wp-admin/user/index.php | 718 |
| #404 | /wp-includes/ID3/el.php | 713 |
| #405 | /wp-content/plugins/wp-help/admin/wp-fclass.php | 713 |
| #406 | /wp-content/themes/aahana/json.php | 712 |
| #407 | /wp-content/cache/index.php | 711 |
| #408 | /wp-admin/js/widgets/about.php7 | 711 |
| #409 | /wp-content/uploads/autoload_classmap.php | 711 |
| #410 | /wp-includes/js/tinymce/skins/lightgray/img/index.php | 710 |
| #411 | /wp-includes/IXR/index.php | 710 |
| #412 | /wp-admin/css/colors/blue/wp-login.php | 705 |
| #413 | /wp-index.php | 704 |
| #414 | /wp-json/wc/v2/products | 703 |
| #415 | /wp-json/gravity-pdf | 702 |
| #416 | /wp-json/gwiz | 700 |
| #417 | /wp-content/themes/file.php | 699 |
| #418 | /wp-includes/we2.php | 698 |
| #419 | /wp-includes/images/smilies | 697 |
| #420 | /wp-includes/x.php | 696 |
| #421 | /wp-admin/alfa.php | 692 |
| #422 | /wp-admin/admin-post.php | 691 |
| #423 | /wp-content/plugins/elementor/assets/js/undefined | 691 |
| #424 | /wp-json/wc/v3/customers | 691 |
| #425 | /wp-theme.php | 687 |
| #426 | /wp-includes/images/media | 687 |
| #427 | /wp-admin/css/colors/modern | 686 |
| #428 | /wp-content/radio.php | 685 |
| #429 | /media/wp-includes/wlwmanifest.xml | 681 |
| #430 | /wp-content/plugins/simple-local-avatars/sldebar.php | 675 |
| #431 | /wp-includes/css/wp-conflg.php | 675 |
| #432 | /wp-content/themes/twentytwentytwo/index.php | 675 |
| #433 | /wp-admin/css/wp-css.php | 674 |
| #434 | /wp-admin/radio.php | 672 |
| #435 | /wp-includes/SimplePie/admin.php | 664 |
| #436 | /shop/wp-login.php | 658 |
| #437 | /wp-xm.php | 655 |
| #438 | /wp-json/commerce/paypal/onboarding/access_token | 654 |
| #439 | /wp-admin/css/wp-conflg.php | 653 |
| #440 | /wp-includes/Text/Diff/alfa-rex.php | 651 |
| #441 | /wp-admin/remote | 651 |
| #442 | /wp-content/uploads/admin.php | 650 |
| #443 | /wp-admin/css/wp-login.php | 647 |
| #444 | /wp-includes/style.php | 646 |
| #445 | /wp-admin/wp-admin.php | 644 |
| #446 | /wp-json/commerce/paypal/payments/capture | 644 |
| #447 | /wp-remote-api | 642 |
| #448 | /wp-admin/maint/maint.php | 642 |
| #449 | /wp-includes/images/crystal | 639 |
| #450 | /wp-includes/blocks | 638 |
| #451 | /wp-header.php | 638 |
| #452 | /wp-admin/css/colors/blue/ff.php | 637 |
| #453 | /wp-admin/js/admin.php | 636 |
| #454 | /wp-includes/PHPMailer/admin.php | 635 |
| #455 | /wp-includes/widgets | 634 |
| #456 | /wp-content/upgrade/about.php | 634 |
| #457 | /wp-includes/block-patterns | 633 |
| #458 | /wp-content/plugins/newsletters-lite/newsletters-lite-ajax.php | 633 |
| #459 | /wp-admin/includes/class-core-upgrader-first.php | 630 |
| #460 | /wp-json/wp/v2/posts | 630 |
| #461 | /wp-includes/html-api/wp-login.php | 626 |
| #462 | /wp-admin/images/download.php | 624 |
| #463 | /wp-content/uploads/about.php | 623 |
| #464 | /wp-content/themes/travel/issue.php | 623 |
| #465 | /wp-admin/css/colors/blue/aurora%20(1).php | 614 |
| #466 | /wp-xx.php | 614 |
| #467 | /wp-content/plugins/bdthemes-prime-slider-lite/images/backgrounds | 613 |
| #468 | /wp-includes/plugins.php | 612 |
| #469 | /wp-admin/images/install.php | 610 |
| #470 | /wp-sitemap-users-1.xml | 608 |
| #471 | /wp-content/themes/twentytwentytwo | 608 |
| #472 | /wp-includes/IXR/goto.php | 606 |
| #473 | /wp-json/bbp-api/v1/users | 606 |
| #474 | /wp-json/wp-rocket | 597 |
| #475 | /wp-admin/css/colors/midnight/gmail.php | 596 |
| #476 | /wp-admin/css/colors/blue/VzlaTeam.php | 593 |
| #477 | /wp-activat.php | 593 |
| #478 | /wp-json/profile | 591 |
| #479 | /wp-content/themes/astra/inc/ki1k.php | 590 |
| #480 | /wp-includes/IXR/wp-login.php | 589 |
| #481 | /wp-cliner.php | 589 |
| #482 | /wp-comments-post.php | 587 |
| #483 | /wp-content/uploads/2024/index.php | 583 |
| #484 | /wp-json/commerce/paypal/payments/cancel | 582 |
| #485 | /wp-admin/includes/BDKR28_shell.php | 580 |
| #486 | /wp-json/hfe | 579 |
| #487 | /wp-content/plugins/view-more/ioxi.php | 579 |
| #488 | /wp-admin/css/colors/blue/info.php | 578 |
| #489 | /wp-admin/includes/class-wp-privacy-data-removal-requests-list-table-package.php | 578 |
| #490 | /wp-admin/css/colors/coffee | 577 |
| #491 | /wp-admin/includes/el.php | 576 |
| #492 | /wp-good.php | 576 |
| #493 | /wp-admin/css/colors/ectoplasm/upload.php | 573 |
| #494 | /wp-admin/css/colors/coffee/cloud.php | 572 |
| #495 | /wp-admin/js/widgets/zip.php | 571 |
| #496 | /wp-admin/user/about.php | 570 |
| #497 | /wp-json/elementor-hello-elementor | 569 |
| #498 | /wp-includes/css/about.php | 566 |
| #499 | /wp-content/mu-plugins | 565 |
| #500 | /wp-includes/Requests/Text/admin.php | 564 |
Data was last updated on: Oct 27, 2025
We love logs. In this section we will share some of the data we are parsing from our logs and honeypots we have live.
Logging for fun and a good night of sleep.
Latest log-based threat analysis added.
Do you have an idea for a research that is not here? See something wrong? Contact us at support@noc.org
14 days free trial. No credit card required.