| Hostname | Request Count |
|---|---|
| www.darcherif.fr | 1160 |
| Path | Request Count |
|---|---|
| wp-content/themes/admin.php | 17 |
| wp-content/uploads/ | 17 |
| ioxi-o.php | 17 |
| admin.php | 17 |
| adminfuns.php | 17 |
| file.php | 14 |
| wp-content/admin.php | 12 |
| wp-content/uploads/admin.php | 12 |
| bolt.php | 12 |
| wp-admin/js/widgets/ | 12 |
| about.php | 11 |
| ms-edit.php | 11 |
| cgi-bin/ | 10 |
| wp-includes/ | 10 |
| wp-includes/ID3/ | 9 |
| goods.php | 9 |
| info.php | 9 |
| edit.php | 9 |
| wp-admin/js/index.php | 8 |
| wp-admin/ | 8 |
| inputs.php | 8 |
| class-t.api.php | 8 |
| index/function.php | 8 |
| wp-content/plugins/admin.php | 8 |
| wp-content/upgrade/index.php | 8 |
| abcd.php | 8 |
| as.php | 8 |
| aa.php | 8 |
| rip.php | 7 |
| wp-content/themes/ | 7 |
| .well-known/ | 7 |
| wp-content/themes/about.php | 7 |
| wp-includes/images/media/ | 7 |
| wp-includes/block-patterns/ | 7 |
| buy.php | 7 |
| wp-includes/style-engine/ | 7 |
| wp-act.php | 7 |
| wp-content/index.php | 7 |
| wp-includes/blocks/ | 7 |
| wp-content/uploads/2025/ | 7 |
| wp-includes/PHPMailer/ | 7 |
| wp-admin/js/ | 7 |
| wp-includes/js/crop/ | 7 |
| wp-includes/Requests/about.php | 7 |
| wp.php | 6 |
| wp-admin/includes/ | 6 |
| wp-includes/images/smilies/about.php | 6 |
| wp-content/themes/theme/about.php | 6 |
| wp-admin/maint/ | 6 |
| wk/index.php | 6 |
This IP is actively accessing multiple highly suspicious PHP file names and WordPress-related paths commonly associated with web shells, backdoors, or vulnerability scanning attempts (e.g., 'ms.php', 'wp-access.php', 'yas.php', 'vx.php'). This pattern indicates potential malicious activity despite no explicit WAF flags.