Per our records, PHP is far and away the most attacked language - and we don't even host it.
These are the URLS various hackers have been scanning our boxes for in the past few months:
/phpAdsNew/adxmlrpc.php
/index.php
/profile.php
/cmd.php
/Ads/adxmlrpc.php
/register.php
/thisdoesnotexistahaha.php
/stats/cmd.php
/portal/cmd.php
/adserver/adxmlrpc.php
/adxmlrpc.php
/a1b2c3d4e5f6g7h8i9/nonexistentfile.php
/phpads/adxmlrpc.php
/web/e-commerce/database/index.php/administration/module/module/index.php
/portal/cacti/cmd.php
/xmlrpc.php
/xmlrpc/xmlrpc.php
/xmlsrv/xmlrpc.php
/blog/xmlrpc.php
/cacti/cmd.php
/drupal/xmlrpc.php
/web/phpMyAdmin/main.php
/web/phpMyAdmin/main.phpmain.php
/w3c/p3p.xml
/_vti_bin/_vti_aut/author.dll
/admin/login/index.php
/admin/pages/index.php
/admin/pages/settings.php
/admin/start/index.php
/public.php
/web/.../work/index.php
/web//work/index.php
And here are the IPs that have been up to this mischeif along with number of hits:
39 213.186.50.160
25 62.39.119.241
24 208.72.168.27
16 64.208.172.181
12 216.218.196.210
7 206.169.110.66
4 203.121.69.154
3 212.145.93.63
3 81.196.150.45
2 89.110.131.89
2 74.6.74.225
2 72.10.45.38
2 212.8.197.79
2 212.138.64.171
2 125.248.244.131
1 195.175.37.6
1 195.175.37.71
1 200.88.125.9
1 200.88.223.98
1 212.138.64.172
1 212.138.64.175
1 212.138.64.179
1 125.244.164.69
1 62.150.130.26
1 216.129.105.149
1 72.3.139.176
1 72.30.252.98
1 74.6.71.59
1 74.6.72.189
1 74.6.72.225
1 80.95.160.188
1 64.28.23.49
1 82.114.68.194
1 85.214.45.212
1 86.145.147.223