| Hostname | Request Count |
|---|---|
| www.darcherif.fr | 909 |
| Path | Request Count |
|---|---|
| chosen.php | 11 |
| file.php | 11 |
| defaults.php | 10 |
| autoload_classmap.php | 10 |
| admin.php | 10 |
| goods.php | 10 |
| inputs.php | 9 |
| xmlrpc.php | 9 |
| about.php | 8 |
| classwithtostring.php | 7 |
| as.php | 7 |
| info.php | 6 |
| themes.php | 6 |
| wp-login.php | 6 |
| function/function.php | 6 |
| wp-content/themes/admin.php | 6 |
| dropdown.php | 6 |
| wp-admin.php | 6 |
| ioxi-o.php | 6 |
| ws.php | 6 |
| index/function.php | 6 |
| radio.php | 6 |
| flower.php | 6 |
| adminfuns.php | 6 |
| install.php | 6 |
| abc.php | 5 |
| cloud.php | 5 |
| wp-configs.php | 5 |
| plugin.php | 5 |
| alfa-rex.php | 5 |
| wp-conf.php | 5 |
| files.php | 5 |
| feeds.php | 5 |
| cookie.php | 5 |
| wp-admin/css/colors/ectoplasm/ | 5 |
| wp-admin/images/ | 5 |
| disagreed.php | 5 |
| wp-2019.php | 5 |
| cron.php | 5 |
| text.php | 5 |
| alfa-rex.php7 | 5 |
| an.php | 5 |
| wp-contentt.php | 5 |
| update.php | 5 |
| input.php | 5 |
| class_api.php | 5 |
| functions.php | 5 |
| alfa-rex1.php | 5 |
| .well-known/ | 5 |
| class-t.api.php | 5 |
Accessed multiple suspicious and non-standard PHP files (e.g., wxo.php, hehe.php, 2.php) often associated with web shells or reconnaissance, alongside legitimate WordPress paths. Although no explicit WAF flags or threat detections, the access pattern suggests potential scanning or exploitation attempts.
No current malicious activity detected. All 84 requests show 0 detected threats, no WAF flags, and no security rule hits, despite previous watchlist entry.
Repeated access to highly suspicious PHP file names and paths (e.g., wxo.php, hehe.php, alfa-rex.php, wp-includes/*.php) commonly associated with web shell uploads, exploitation attempts, or compromised systems.