Prober.dev checks for the headers of each of these files and compiles a summary of what it finds at the end of the scan. Since it’s a lot of files and I give a ~1 second breath time per request as not to trigger any ddos protection or ddos the server itself it takes about 10-15mins to do an entire scan.
If it finds your “wp-login.php” it’s not a big deal but it does mean it’s an easy attack vector that bots are actively targeting, it’s best to rename it something more obscure or find a plugin or something that does it for you.
Source: Prober.Dev
