I captured many hacking attempts by IP address 222.88.240.132 to one of my websites using these URLs:

[0] => join.php
[1] => signup
[2] => signup
[3] => signup
[4] => wp-login.php
[5] => tiki-register.php
[6] => user/register
[7] => sign_up.html
[8] => signup/
[9] => signup.php
[10] => signup.php
[11] => forums/index.php
[12] => registration_rules.asp
[13] => register.php
[14] => register.php
[15] => profile.php
[16] => ucp.php
[17] => register.php
[18] => signup.php
[19] => account/register.php
[20] => join.php
[21] => join_form.php
[22] => signup
[23] => signup
[24] => join.php
[25] => signup.php
[26] => member/register
[27] => register/
[28] => signup.php
[29] => signup.php
[30] => register.php
[31] => join.php
[32] => blogs/load/recent
[33] => member/join.php
[34] => join.php
[35] => signup
[36] => signup
[37] => signup
[38] => wp-login.php
[39] => tiki-register.php
[40] => user/register
[41] => sign_up.html
[42] => login.php
[43] => member.php
[44] => member.php
[45] => member/
[46] => modules.php
[47] => signup/
[48] => member/reg.php
[49] => reg.asp
[50] => reg.asp
[51] => logging.php
[52] => register.php
[53] => login.php
[54] => login.php
[55] => login.php
[56] => reg.asp
[57] => bokeindex.asp
[58] => bokeapply.asp
[59] => signup.php
[60] => signup.php
[61] => register.php
[62] => forums/index.php
[63] => registration_rules.asp
[64] => register.php
[65] => register.php
[66] => profile.php
[67] => ucp.php
[68] => register.php
[69] => member/index_do.php
[70] => signup.php
[71] => account/register.php
[72] => register.aspx
[73] => post.php
[74] => register.php
[75] => member/register.php
[76] => member.php/register.php
[77] => register.php
[78] => member/register.php
[79] => member.php/register.php
[80] => register.php
[81] => reg.php
[82] => login.php
[83] => join.php
[84] => join_form.php
[85] => signup
[86] => signup
[87] => join.php
[88] => signup.php
[89] => member/register
[90] => register/
[91] => signup.php
[92] => login.php
[93] => signup.php
[94] => register.php
[95] => join.php
[96] => blogs/load/recent
[97] => member/join.php

98 requests (with some rotation of the HTTP_USER_AGENT value) over a period of exactly 9 hours.