Checking for 404 errors in your logs can reveal more than just broken links, it can also expose files and URLs that attackers are actively scanning for. To track this behavior, we set up hundreds of honeypots and analyzed live web traffic data, giving us insight into which files and URLs are being targeted across the internet.
The table bellow list the top URLs being scanned all time and is updated daily. Most of the data contain WordPress specific URLs, certain plugins and config files that attackers can use.
Rank | Scanned URL | Counter |
---|---|---|
#1 | /wp-login.php | 396,160 |
#2 | /autodiscover/autodiscover.xml | 150,727 |
#3 | /xmlrpc.php | 107,567 |
#4 | /index.php | 74,353 |
#5 | /.env | 67,801 |
#6 | /sitemap.xml | 67,334 |
#7 | /2012 | 57,487 |
#8 | /404 | 35,067 |
#9 | /wp-json/oembed/1.0/embed | 33,086 |
#10 | /.well-known/traffic-advice | 31,265 |
#11 | /.git/config | 28,616 |
#12 | /module/ngmercadolivre/notificacao | 28,364 |
#13 | /info.php | 24,574 |
#14 | /file.php | 22,039 |
#15 | /admin.php | 20,508 |
#16 | /en/AutoDiscover/autodiscover.xml | 20,035 |
#17 | /wp-content/plugins/hellopress/wp_filemanager.php | 18,917 |
#18 | /api/catalog_system/pub/products/search | 18,890 |
#19 | /about.php | 18,055 |
#20 | /chosen.php | 18,023 |
#21 | /login | 17,108 |
#22 | /.well-known/nodeinfo | 17,076 |
#23 | /wordpress | 16,842 |
#24 | /wp-cron.php | 16,297 |
#25 | /wp-admin | 15,527 |
#26 | /backup | 15,399 |
#27 | /wp | 15,180 |
#28 | /_profiler/phpinfo | 14,797 |
#29 | /bk | 14,462 |
#30 | /bc | 14,399 |
#31 | /wp-content/plugins/fix/up.php | 13,745 |
#32 | /alfa.php | 13,123 |
#33 | /404testpage4525d2fdc | 12,910 |
#34 | /old | 12,823 |
#35 | /autoload_classmap.php | 12,709 |
#36 | /.well-known/acme-challenge/about.php | 12,425 |
#37 | /wp.php | 12,408 |
#38 | /main | 11,970 |
#39 | /admin | 11,726 |
#40 | /atomlib.php | 11,704 |
#41 | /lock360.php | 11,655 |
#42 | /file2.php | 11,647 |
#43 | /phpinfo | 11,641 |
#44 | /en/autodiscover/autodiscover.xml | 11,566 |
#45 | /simple.php | 11,544 |
#46 | /new | 11,379 |
#47 | /wp-includes/wlwmanifest.xml | 11,300 |
#48 | /1.php | 11,214 |
#49 | /goods.php | 10,904 |
#50 | /rest/V1/store/storeViews | 10,865 |
#51 | /classwithtostring.php | 10,823 |
#52 | /-/-/-/-/-/-/-/-/-/- | 10,697 |
#53 | /acessorios-cameras | 10,649 |
#54 | /aa.php | 10,509 |
#55 | /flower.php | 10,446 |
#56 | /makeasmtp.php | 10,246 |
#57 | /api/v2/categories/65 | 10,027 |
#58 | /ioxi-o.php | 9,789 |
#59 | /test.php | 9,727 |
#60 | /debug/default/view | 9,700 |
#61 | /edit.php | 9,514 |
#62 | /web/wp-includes/wlwmanifest.xml | 9,364 |
#63 | /wordpress/wp-includes/wlwmanifest.xml | 9,283 |
#64 | /v2/_catalog | 9,196 |
#65 | /server-status | 9,194 |
#66 | /wp/wp-includes/wlwmanifest.xml | 9,143 |
#67 | /.well-known/apple-app-site-association | 8,850 |
#68 | /blog/wp-includes/wlwmanifest.xml | 8,832 |
#69 | /2019/wp-includes/wlwmanifest.xml | 8,693 |
#70 | /cong.php | 8,691 |
#71 | /shop/wp-includes/wlwmanifest.xml | 8,629 |
#72 | /w.php | 8,522 |
#73 | /as.php | 8,519 |
#74 | /telescope/requests | 8,475 |
#75 | /api/v2/categories/64 | 8,446 |
#76 | /akc.php | 8,434 |
#77 | /website/wp-includes/wlwmanifest.xml | 8,413 |
#78 | /inputs.php | 8,407 |
#79 | /news/wp-includes/wlwmanifest.xml | 8,280 |
#80 | /asasx.php | 8,272 |
#81 | /goat.php | 8,232 |
#82 | /cgi-bin/luci/;stok=/locale | 8,077 |
#83 | /css.php | 7,950 |
#84 | /radio.php | 7,949 |
#85 | /wp-content/plugins/woocommerce/includes/gateways/locks.php | 7,910 |
#86 | /pagamento/mercadopago/ipn.php | 7,876 |
#87 | /style.php | 7,743 |
#88 | /login.action | 7,670 |
#89 | /gecko.php | 7,557 |
#90 | /wordpress/wp-admin/setup-config.php | 7,545 |
#91 | /wp-admin/images/moon.php | 7,527 |
#92 | /test | 7,365 |
#93 | /user/login | 7,323 |
#94 | /about | 7,228 |
#95 | /feed | 7,140 |
#96 | /api | 7,126 |
#97 | /home | 7,112 |
#98 | /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application | 7,110 |
#99 | /config.php | 7,109 |
#100 | /api/v3/community | 7,103 |
#101 | /loja/login_layout.php | 7,100 |
#102 | /wp-admin/css | 7,085 |
#103 | /autoload_classmap/function.php | 7,079 |
#104 | /dropdown.php | 7,024 |
#105 | /buy.php | 6,941 |
#106 | /@vite/env | 6,941 |
#107 | /07550e18 | 6,918 |
#108 | /wp-json/sfwd-assignment/1 | 6,906 |
#109 | /_all_dbs | 6,902 |
#110 | /server | 6,895 |
#111 | /AutoDiscover/autodiscover.xml | 6,869 |
#112 | /wp-admin/setup-config.php | 6,861 |
#113 | /k.php | 6,861 |
#114 | /actuator/env | 6,851 |
#115 | /wp-plain.php | 6,844 |
#116 | /wsa.php | 6,814 |
#117 | /lv.php | 6,811 |
#118 | /HNAP1 | 6,764 |
#119 | /users.php | 6,754 |
#120 | /mm.php | 6,723 |
#121 | /f35.php | 6,614 |
#122 | /api/graphql | 6,533 |
#123 | /wp-content/wp-conflg.php | 6,453 |
#124 | /wp-sitemap.xml | 6,448 |
#125 | /wiki | 6,379 |
#126 | /web_api/auth | 6,355 |
#127 | /tinyfilemanager.php | 6,325 |
#128 | /.well-known/acme-challenge/cloud.php | 6,318 |
#129 | /contato | 6,284 |
#130 | /mar.php | 6,238 |
#131 | /phpinfo.php | 6,232 |
#132 | /wp-api.php | 6,205 |
#133 | /403.php | 6,190 |
#134 | /admin/index.php | 6,097 |
#135 | /wp-admin/classwithtostring.php | 6,096 |
#136 | /php.php | 6,051 |
#137 | /wp-setup.php | 6,003 |
#138 | /wp-includes/fonts/admin.php | 5,957 |
#139 | /api/.env | 5,940 |
#140 | /wp-content/index.php | 5,925 |
#141 | /wp-admin/css/colors/blue/index.php | 5,805 |
#142 | /.well-known/passkey-endpoints | 5,797 |
#143 | /404.php | 5,794 |
#144 | /index/function.php | 5,785 |
#145 | /images/images/cache.php | 5,740 |
#146 | /class.php | 5,697 |
#147 | /wp-admin/wp-conflg.php | 5,661 |
#148 | /system_log.php | 5,644 |
#149 | /api/shared/config/config.env | 5,632 |
#150 | /filemanager.php | 5,616 |
#151 | /file17.php | 5,609 |
#152 | /gmo.php | 5,609 |
#153 | /cc.php | 5,533 |
#154 | /wp-admin/js/index.php | 5,506 |
#155 | /loja/catalogo.php | 5,450 |
#156 | /g.php | 5,449 |
#157 | /nc4.php | 5,443 |
#158 | /php_info.php | 5,437 |
#159 | /gg.php | 5,416 |
#160 | /appWP/lab/wp-admin/css/colors/blue/blue.php | 5,371 |
#161 | /wp-includes/IXR/autoload_classmap.php | 5,364 |
#162 | /doc.php | 5,327 |
#163 | /wp-content/themes/seotheme/db.php | 5,301 |
#164 | /api/v2/freights/316 | 5,284 |
#165 | /wp-admin/maint/about.php | 5,271 |
#166 | /s/1313e2236313e20373e2538313/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties | 5,263 |
#167 | /feed/mnpodcast | 5,237 |
#168 | /sk_es/vozik | 5,216 |
#169 | /.well-known/acme-challenge/xmrlpc.php | 5,206 |
#170 | /wp-content/plugins/wpterm.php | 5,198 |
#171 | /admin/function.php | 5,192 |
#172 | /app_dev.php/_profiler/phpinfo | 5,169 |
#173 | /contrato/wap/crons/enviar-email.php | 5,121 |
#174 | /contact | 5,114 |
#175 | /mini.php | 5,090 |
#176 | /file5.php | 5,075 |
#177 | /wp-includes/fonts/index.php | 5,061 |
#178 | /wso.php | 5,033 |
#179 | /manager.php | 4,983 |
#180 | /zwso.php | 4,962 |
#181 | /wp-content/about.php | 4,945 |
#182 | /wp-json/custom/v1 | 4,922 |
#183 | /wp-json/sfwd-lessons/1 | 4,884 |
#184 | /boaform/admin/formLogin | 4,850 |
#185 | /administrator | 4,841 |
#186 | /pb | 4,812 |
#187 | /wp-json/sfwd-topic/1 | 4,800 |
#188 | /files | 4,772 |
#189 | /wp-content/autoload_classmap.php | 4,751 |
#190 | /.git/HEAD | 4,699 |
#191 | /api/v2/customers/login | 4,686 |
#192 | /2020/wp-includes/wlwmanifest.xml | 4,669 |
#193 | /Form | 4,632 |
#194 | /wp-content | 4,623 |
#195 | /shell.php | 4,585 |
#196 | /byp.php | 4,574 |
#197 | /about/function.php | 4,574 |
#198 | /themes.php | 4,568 |
#199 | /ty.php | 4,550 |
#200 | /sdk | 4,545 |
#201 | /assets/images/accesson.php | 4,529 |
#202 | /wp-admin/js/autoload_classmap.php | 4,498 |
#203 | /evox/about | 4,484 |
#204 | /undefined | 4,447 |
#205 | /.env.bak | 4,441 |
#206 | /wp-admin/index.php | 4,427 |
#207 | /admin/config.php | 4,356 |
#208 | /blog | 4,354 |
#209 | /wp-admin/js/widgets/cloud.php | 4,335 |
#210 | /adminfuns.php | 4,304 |
#211 | /wp-admin/file.php | 4,257 |
#212 | /admin/.env | 4,251 |
#213 | /wp-admin/edit-tags.php | 4,184 |
#214 | /2018/wp-includes/wlwmanifest.xml | 4,171 |
#215 | /foq.php | 4,143 |
#216 | /.aws/credentials | 4,137 |
#217 | /backend/.env | 4,115 |
#218 | /.git/index | 4,081 |
#219 | /m.php | 4,045 |
#220 | /wp-content/themes/about.php | 4,039 |
#221 | /cms | 4,013 |
#222 | /wordpress/wp-login.php | 4,010 |
#223 | /pinfo.php | 4,001 |
#224 | /.env.example | 3,973 |
#225 | /install.php | 3,970 |
#226 | /app/.env | 3,966 |
#227 | /laravel/.env | 3,960 |
#228 | /.well-known/change-password | 3,955 |
#229 | /13.php | 3,949 |
#230 | /.well-known/web-identity | 3,947 |
#231 | /fox.php | 3,942 |
#232 | /akcc.php | 3,927 |
#233 | /.well-known/webauthn | 3,910 |
#234 | /al.php | 3,903 |
#235 | /wp-content/themes/admin.php | 3,875 |
#236 | /content.php | 3,872 |
#237 | /themes/zMousse/otuz1.php | 3,862 |
#238 | /.well-known/resource-that-should-not-exist-whose-status-code-should-not-be-200 | 3,861 |
#239 | /wp-admin/includes/index.php | 3,854 |
#240 | /.env.local | 3,832 |
#241 | /admin/controller/extension/extension | 3,828 |
#242 | /wp-content/admin.php | 3,805 |
#243 | /function/function.php | 3,805 |
#244 | /version | 3,775 |
#245 | /s.php | 3,766 |
#246 | /core/.env | 3,744 |
#247 | /a.php | 3,739 |
#248 | /mah.php | 3,738 |
#249 | /wp-admin/admin-ajax.php | 3,737 |
#250 | /wp-admin/network/network.php | 3,728 |
#251 | /error.php | 3,727 |
#252 | /default.php | 3,715 |
#253 | /wp-includes/blocks/about.php | 3,713 |
#254 | /ar.php | 3,712 |
#255 | /admin/admin.php | 3,704 |
#256 | /new.php | 3,702 |
#257 | /moon.php | 3,698 |
#258 | /images | 3,691 |
#259 | /x.php | 3,678 |
#260 | /.well-known/acme-challenge/mariju.php | 3,665 |
#261 | /file15.php | 3,654 |
#262 | /php8.php | 3,651 |
#263 | /moddofuns.php | 3,649 |
#264 | /10.php | 3,638 |
#265 | /form.html | 3,629 |
#266 | /wp-admin/install.php | 3,629 |
#267 | /infos.php | 3,627 |
#268 | /wp-admin/wp-login.php | 3,611 |
#269 | /acessorios-cameras/capa-de-silicone | 3,590 |
#270 | /wp-admin/js/about.php | 3,583 |
#271 | /.env.prod | 3,581 |
#272 | /NewFile.php | 3,577 |
#273 | /wp-trackback.php | 3,575 |
#274 | /function.php | 3,567 |
#275 | /sts.php | 3,561 |
#276 | /public/.env | 3,551 |
#277 | /upl.php | 3,544 |
#278 | /doiconvs.php | 3,536 |
#279 | /uploads | 3,536 |
#280 | /systembc/password.php | 3,521 |
#281 | /wp-admin/js | 3,518 |
#282 | /images/class-config.php | 3,515 |
#283 | /t4 | 3,512 |
#284 | /geoip | 3,511 |
#285 | /password.php | 3,508 |
#286 | /fix.php | 3,499 |
#287 | /wp-l0gin.php | 3,493 |
#288 | /.well-known/acme-challenge/makeasmtp.php | 3,483 |
#289 | /item.php | 3,481 |
#290 | /wp-admin.php | 3,469 |
#291 | /file3.php | 3,468 |
#292 | /dev/.env | 3,462 |
#293 | /wp-admin/css/colors/ectoplasm/about.php | 3,457 |
#294 | /api/sessions | 3,449 |
#295 | /wp-includes/wp-class.php | 3,445 |
#296 | /we.php | 3,436 |
#297 | /c/linha-glass/robo-aspirador | 3,421 |
#298 | /index.html | 3,414 |
#299 | /file9.php | 3,413 |
#300 | /wp-admin/css/qPyYcxpHKCu.php | 3,410 |
#301 | /wp-json/sfwd-courses/1 | 3,363 |
#302 | /contact-us | 3,361 |
#303 | /wp-admin/profile.php | 3,360 |
#304 | /.well-known/classwithtostring.php | 3,356 |
#305 | /wp-admin/plugins.php | 3,347 |
#306 | /api/config.env | 3,347 |
#307 | /wp-admin/mah.php | 3,330 |
#308 | /y.php | 3,324 |
#309 | /ws.php | 3,312 |
#310 | /gel4y.php | 3,305 |
#311 | /application/.env | 3,297 |
#312 | /member-signup | 3,280 |
#313 | /wp-admin/edit.php | 3,274 |
#314 | /gelay.php | 3,271 |
#315 | /api/shared/config.env | 3,253 |
#316 | /sites/default/files | 3,251 |
#317 | /wp-admin/css/colors/blue/about.php | 3,249 |
#318 | /wp-admin/css/colors/blue | 3,228 |
#319 | /cdn-cgi/rum | 3,222 |
#320 | /wp-content/style.php | 3,221 |
#321 | /ola-mundo | 3,220 |
#322 | /_phpinfo.php | 3,211 |
#323 | /backend | 3,207 |
#324 | /epinyins.php | 3,203 |
#325 | /loja/busca.php | 3,200 |
#326 | /ab2h | 3,198 |
#327 | /wp-aa.php | 3,195 |
#328 | /ab2g | 3,195 |
#329 | /pages.php | 3,193 |
#330 | /ini.php | 3,178 |
#331 | /inc.php | 3,175 |
#332 | /alive.php | 3,172 |
#333 | /loja/cartService.php | 3,172 |
#334 | /teorema505 | 3,166 |
#335 | /sitemap.php | 3,145 |
#336 | /wp-admin/chosen.php | 3,133 |
#337 | /wp-conflg.php | 3,122 |
#338 | /.well-known/acme-challenge/doc.php | 3,121 |
#339 | /manager/html | 3,121 |
#340 | /0x.php | 3,119 |
#341 | /wp-includes/about.php | 3,111 |
#342 | /pp.php | 3,110 |
#343 | /cabelos/creme-tratamento-silicon-mix | 3,104 |
#344 | /ms-edit.php | 3,077 |
#345 | /wp-signin.php | 3,070 |
#346 | /wp-content/uploads/de_fb_uploads/b.php | 3,069 |
#347 | /222.php | 3,069 |
#348 | /setup.php | 3,069 |
#349 | /12.php | 3,066 |
#350 | /dashboard | 3,043 |
#351 | /categoria-produto/aneis/feminino | 3,041 |
#352 | /web/.env | 3,038 |
#353 | /b.php | 3,024 |
#354 | /SistemaEAD_CPREM/login/index.php | 3,023 |
#355 | /pesca/login/index.php | 3,012 |
#356 | /config/aws.yml | 3,008 |
#357 | /local/.env | 2,997 |
#358 | /wp-content/plugins/WordPressCore/include.php | 2,995 |
#359 | /api/config/config.yml | 2,989 |
#360 | /bugz.php | 2,979 |
#361 | /file6.php | 2,971 |
#362 | /wp-admin/wp-admins.php | 2,968 |
#363 | /assets/images/doc.php | 2,968 |
#364 | /wp-includes/ID3/index.php | 2,962 |
#365 | /robots.php | 2,955 |
#366 | /file7.php | 2,952 |
#367 | /sitemap_index.xml | 2,949 |
#368 | /abcd.php | 2,945 |
#369 | /not_found | 2,945 |
#370 | /h.php | 2,936 |
#371 | /wp-admin/wp.php | 2,929 |
#372 | /wp-admin/admin.php | 2,922 |
#373 | /tool/view/phpinfo.view.php | 2,913 |
#374 | /groups%22%22 | 2,912 |
#375 | /dynip/f282640c | 2,901 |
#376 | /.AWS_/credentials | 2,899 |
#377 | /panel | 2,896 |
#378 | /test1.php | 2,895 |
#379 | /wp-admin/post-new.php | 2,894 |
#380 | /wp-admin/css/colors/light/wp-login.php | 2,885 |
#381 | /apps/.env | 2,882 |
#382 | /.aws/config | 2,878 |
#383 | /xx.php | 2,877 |
#384 | /wp-admin/js/wp-conflg.php | 2,874 |
#385 | /geju.php | 2,870 |
#386 | /CLA.php | 2,866 |
#387 | /ee.php | 2,849 |
#388 | /wp1/wp-includes/wlwmanifest.xml | 2,849 |
#389 | /.well-known/acme-challenge/muse.php | 2,844 |
#390 | /wp-admin/css/colors/blue/atomlib.php | 2,840 |
#391 | /aws.yml | 2,832 |
#392 | /wp-content/plugins/pwnd/as.php | 2,821 |
#393 | /prod/.env | 2,820 |
#394 | /site/.env | 2,816 |
#395 | /new/.env | 2,811 |
#396 | /ova.php | 2,809 |
#397 | /en/assets/images/logos/HTB.JPG | 2,808 |
#398 | /g/collect | 2,797 |
#399 | /wp-content/plugins/autoload_classmap.php | 2,796 |
#400 | /loja/carrinho.php | 2,788 |
#401 | /api/objects/codes.php.save | 2,786 |
#402 | /v.php | 2,777 |
#403 | /wp-includes/html-api/about.php | 2,774 |
#404 | /wp-content/plugins/about.php | 2,774 |
#405 | /composer.php | 2,772 |
#406 | /www/.env | 2,766 |
#407 | /auth.php | 2,749 |
#408 | /crm/.env | 2,737 |
#409 | /blog/fw.php | 2,731 |
#410 | /wp-admin/autoload_classmap.php | 2,728 |
#411 | /wp-admin/includes/colour.php | 2,721 |
#412 | /plugins.php | 2,716 |
#413 | /api/v2/categories/86 | 2,715 |
#414 | /wp-admin/includes/header.php | 2,712 |
#415 | /images/admin.php | 2,706 |
#416 | /settings.py | 2,701 |
#417 | /docker/.env | 2,699 |
#418 | /i.php | 2,692 |
#419 | /contato.html | 2,691 |
#420 | /log.php | 2,685 |
#421 | /.bod/.ll/ss.php | 2,682 |
#422 | /cron/.env | 2,676 |
#423 | /conf/.env | 2,675 |
#424 | /item/Caique-Brudden-Explorer-Fishing-Up-.html | 2,674 |
#425 | /alfanew.php | 2,662 |
#426 | /null | 2,658 |
#427 | /login.php | 2,643 |
#428 | /servicos | 2,640 |
#429 | /.env.production.local | 2,628 |
#430 | /rt.php | 2,626 |
#431 | /dashboard/phpinfo.php | 2,622 |
#432 | /.alf.php | 2,620 |
#433 | /main/.env | 2,618 |
#434 | /.env.stage | 2,617 |
#435 | /search | 2,614 |
#436 | /ms-themes.php | 2,611 |
#437 | /.env.old | 2,609 |
#438 | /wp-config.php.bak | 2,607 |
#439 | /wp-admin/maint | 2,601 |
#440 | /.well-known/radio.php | 2,600 |
#441 | /wp-content/1.php | 2,599 |
#442 | /env/.env | 2,597 |
#443 | /wp-admin/style.php | 2,595 |
#444 | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | 2,594 |
#445 | /wp-includes/ALFA_DATA/alfacgiapi/perl.alfa | 2,589 |
#446 | /api/v2/products/386 | 2,586 |
#447 | /mail/.env | 2,583 |
#448 | /wp-editor.php | 2,583 |
#449 | /es/wp-json/oembed/1.0/embed | 2,581 |
#450 | /bless.php | 2,581 |
#451 | /memberfuns.php | 2,574 |
#452 | /development/.env | 2,571 |
#453 | /.vscode/.env | 2,566 |
#454 | /2.php | 2,566 |
#455 | /contatos.html | 2,554 |
#456 | /wp-admin/includes/wp-conflg.php | 2,553 |
#457 | /privacidade | 2,549 |
#458 | /wp-content/languages/autoload_classmap.php | 2,544 |
#459 | /wp-content/classwithtostring.php | 2,542 |
#460 | /js/.env | 2,537 |
#461 | /aws-secret.yaml | 2,536 |
#462 | /contatos | 2,533 |
#463 | /awstats/.env | 2,533 |
#464 | /mailer/.env | 2,532 |
#465 | /faleconosco | 2,531 |
#466 | /a2.php | 2,530 |
#467 | /.well-known | 2,510 |
#468 | /mini | 2,509 |
#469 | /options-writing.php | 2,504 |
#470 | /options-reading.php | 2,503 |
#471 | /server-info.php | 2,495 |
#472 | /fale-conosco | 2,491 |
#473 | /_profiler/phpinfo/phpinfo.php | 2,487 |
#474 | /lara/info.php | 2,487 |
#475 | /site | 2,485 |
#476 | /13k.php | 2,482 |
#477 | /jp.php | 2,482 |
#478 | /server-info | 2,481 |
#479 | /post.php | 2,478 |
#480 | /wp-content/plugins/ioxi/ioxi/dropdown.php | 2,476 |
#481 | /xampp/phpinfo.php | 2,469 |
#482 | /file8.php | 2,468 |
#483 | /projetos | 2,466 |
#484 | /wp-content/uploads/json.php | 2,465 |
#485 | /lara/phpinfo.php | 2,464 |
#486 | /laravel/core/.env | 2,462 |
#487 | /index.bak.php | 2,450 |
#488 | /_profiler/phpinfo/info.php | 2,448 |
#489 | /projetos/italiaetal | 2,445 |
#490 | /env.backup | 2,445 |
#491 | /portal/.env | 2,443 |
#492 | /bak.php | 2,441 |
#493 | /wp-logs.php | 2,435 |
#494 | /new/.env.local | 2,435 |
#495 | /wp-wso.php | 2,434 |
#496 | /87.php | 2,432 |
#497 | /nginx/.env | 2,431 |
#498 | /new/.env.staging | 2,425 |
#499 | /sitemap_index_16.xml | 2,419 |
#500 | /kyc/.env | 2,416 |
Data was last updated on: Oct 7, 2025
We love logs. In this section we will share some of the data we are parsing from our logs and honeypots we have live.
Logging for fun and a good night of sleep.
Latest log-based threat analysis added.
Do you have an idea for a research that is not here? See something wrong? Contact us at support@noc.org
14 days free trial. No credit card required.