Web logs 404 analysis

Web logs 404 analysis - all time

Oct 7, 2025

Automatically updated daily

Checking for 404 errors in your logs can reveal more than just broken links, it can also expose files and URLs that attackers are actively scanning for. To track this behavior, we set up hundreds of honeypots and analyzed live web traffic data, giving us insight into which files and URLs are being targeted across the internet.

The table bellow list the top URLs being scanned all time and is updated daily. Most of the data contain WordPress specific URLs, certain plugins and config files that attackers can use.

Rank	Scanned URL	Counter
#1	/wp-login.php	396,160
#2	/autodiscover/autodiscover.xml	150,727
#3	/xmlrpc.php	107,567
#4	/index.php	74,353
#5	/.env	67,801
#6	/sitemap.xml	67,334
#7	/2012	57,487
#8	/404	35,067
#9	/wp-json/oembed/1.0/embed	33,086
#10	/.well-known/traffic-advice	31,265
#11	/.git/config	28,616
#12	/module/ngmercadolivre/notificacao	28,364
#13	/info.php	24,574
#14	/file.php	22,039
#15	/admin.php	20,508
#16	/en/AutoDiscover/autodiscover.xml	20,035
#17	/wp-content/plugins/hellopress/wp_filemanager.php	18,917
#18	/api/catalog_system/pub/products/search	18,890
#19	/about.php	18,055
#20	/chosen.php	18,023
#21	/login	17,108
#22	/.well-known/nodeinfo	17,076
#23	/wordpress	16,842
#24	/wp-cron.php	16,297
#25	/wp-admin	15,527
#26	/backup	15,399
#27	/wp	15,180
#28	/_profiler/phpinfo	14,797
#29	/bk	14,462
#30	/bc	14,399
#31	/wp-content/plugins/fix/up.php	13,745
#32	/alfa.php	13,123
#33	/404testpage4525d2fdc	12,910
#34	/old	12,823
#35	/autoload_classmap.php	12,709
#36	/.well-known/acme-challenge/about.php	12,425
#37	/wp.php	12,408
#38	/main	11,970
#39	/admin	11,726
#40	/atomlib.php	11,704
#41	/lock360.php	11,655
#42	/file2.php	11,647
#43	/phpinfo	11,641
#44	/en/autodiscover/autodiscover.xml	11,566
#45	/simple.php	11,544
#46	/new	11,379
#47	/wp-includes/wlwmanifest.xml	11,300
#48	/1.php	11,214
#49	/goods.php	10,904
#50	/rest/V1/store/storeViews	10,865
#51	/classwithtostring.php	10,823
#52	/-/-/-/-/-/-/-/-/-/-	10,697
#53	/acessorios-cameras	10,649
#54	/aa.php	10,509
#55	/flower.php	10,446
#56	/makeasmtp.php	10,246
#57	/api/v2/categories/65	10,027
#58	/ioxi-o.php	9,789
#59	/test.php	9,727
#60	/debug/default/view	9,700
#61	/edit.php	9,514
#62	/web/wp-includes/wlwmanifest.xml	9,364
#63	/wordpress/wp-includes/wlwmanifest.xml	9,283
#64	/v2/_catalog	9,196
#65	/server-status	9,194
#66	/wp/wp-includes/wlwmanifest.xml	9,143
#67	/.well-known/apple-app-site-association	8,850
#68	/blog/wp-includes/wlwmanifest.xml	8,832
#69	/2019/wp-includes/wlwmanifest.xml	8,693
#70	/cong.php	8,691
#71	/shop/wp-includes/wlwmanifest.xml	8,629
#72	/w.php	8,522
#73	/as.php	8,519
#74	/telescope/requests	8,475
#75	/api/v2/categories/64	8,446
#76	/akc.php	8,434
#77	/website/wp-includes/wlwmanifest.xml	8,413
#78	/inputs.php	8,407
#79	/news/wp-includes/wlwmanifest.xml	8,280
#80	/asasx.php	8,272
#81	/goat.php	8,232
#82	/cgi-bin/luci/;stok=/locale	8,077
#83	/css.php	7,950
#84	/radio.php	7,949
#85	/wp-content/plugins/woocommerce/includes/gateways/locks.php	7,910
#86	/pagamento/mercadopago/ipn.php	7,876
#87	/style.php	7,743
#88	/login.action	7,670
#89	/gecko.php	7,557
#90	/wordpress/wp-admin/setup-config.php	7,545
#91	/wp-admin/images/moon.php	7,527
#92	/test	7,365
#93	/user/login	7,323
#94	/about	7,228
#95	/feed	7,140
#96	/api	7,126
#97	/home	7,112
#98	/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application	7,110
#99	/config.php	7,109
#100	/api/v3/community	7,103
#101	/loja/login_layout.php	7,100
#102	/wp-admin/css	7,085
#103	/autoload_classmap/function.php	7,079
#104	/dropdown.php	7,024
#105	/buy.php	6,941
#106	/@vite/env	6,941
#107	/07550e18	6,918
#108	/wp-json/sfwd-assignment/1	6,906
#109	/_all_dbs	6,902
#110	/server	6,895
#111	/AutoDiscover/autodiscover.xml	6,869
#112	/wp-admin/setup-config.php	6,861
#113	/k.php	6,861
#114	/actuator/env	6,851
#115	/wp-plain.php	6,844
#116	/wsa.php	6,814
#117	/lv.php	6,811
#118	/HNAP1	6,764
#119	/users.php	6,754
#120	/mm.php	6,723
#121	/f35.php	6,614
#122	/api/graphql	6,533
#123	/wp-content/wp-conflg.php	6,453
#124	/wp-sitemap.xml	6,448
#125	/wiki	6,379
#126	/web_api/auth	6,355
#127	/tinyfilemanager.php	6,325
#128	/.well-known/acme-challenge/cloud.php	6,318
#129	/contato	6,284
#130	/mar.php	6,238
#131	/phpinfo.php	6,232
#132	/wp-api.php	6,205
#133	/403.php	6,190
#134	/admin/index.php	6,097
#135	/wp-admin/classwithtostring.php	6,096
#136	/php.php	6,051
#137	/wp-setup.php	6,003
#138	/wp-includes/fonts/admin.php	5,957
#139	/api/.env	5,940
#140	/wp-content/index.php	5,925
#141	/wp-admin/css/colors/blue/index.php	5,805
#142	/.well-known/passkey-endpoints	5,797
#143	/404.php	5,794
#144	/index/function.php	5,785
#145	/images/images/cache.php	5,740
#146	/class.php	5,697
#147	/wp-admin/wp-conflg.php	5,661
#148	/system_log.php	5,644
#149	/api/shared/config/config.env	5,632
#150	/filemanager.php	5,616
#151	/file17.php	5,609
#152	/gmo.php	5,609
#153	/cc.php	5,533
#154	/wp-admin/js/index.php	5,506
#155	/loja/catalogo.php	5,450
#156	/g.php	5,449
#157	/nc4.php	5,443
#158	/php_info.php	5,437
#159	/gg.php	5,416
#160	/appWP/lab/wp-admin/css/colors/blue/blue.php	5,371
#161	/wp-includes/IXR/autoload_classmap.php	5,364
#162	/doc.php	5,327
#163	/wp-content/themes/seotheme/db.php	5,301
#164	/api/v2/freights/316	5,284
#165	/wp-admin/maint/about.php	5,271
#166	/s/1313e2236313e20373e2538313/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties	5,263
#167	/feed/mnpodcast	5,237
#168	/sk_es/vozik	5,216
#169	/.well-known/acme-challenge/xmrlpc.php	5,206
#170	/wp-content/plugins/wpterm.php	5,198
#171	/admin/function.php	5,192
#172	/app_dev.php/_profiler/phpinfo	5,169
#173	/contrato/wap/crons/enviar-email.php	5,121
#174	/contact	5,114
#175	/mini.php	5,090
#176	/file5.php	5,075
#177	/wp-includes/fonts/index.php	5,061
#178	/wso.php	5,033
#179	/manager.php	4,983
#180	/zwso.php	4,962
#181	/wp-content/about.php	4,945
#182	/wp-json/custom/v1	4,922
#183	/wp-json/sfwd-lessons/1	4,884
#184	/boaform/admin/formLogin	4,850
#185	/administrator	4,841
#186	/pb	4,812
#187	/wp-json/sfwd-topic/1	4,800
#188	/files	4,772
#189	/wp-content/autoload_classmap.php	4,751
#190	/.git/HEAD	4,699
#191	/api/v2/customers/login	4,686
#192	/2020/wp-includes/wlwmanifest.xml	4,669
#193	/Form	4,632
#194	/wp-content	4,623
#195	/shell.php	4,585
#196	/byp.php	4,574
#197	/about/function.php	4,574
#198	/themes.php	4,568
#199	/ty.php	4,550
#200	/sdk	4,545
#201	/assets/images/accesson.php	4,529
#202	/wp-admin/js/autoload_classmap.php	4,498
#203	/evox/about	4,484
#204	/undefined	4,447
#205	/.env.bak	4,441
#206	/wp-admin/index.php	4,427
#207	/admin/config.php	4,356
#208	/blog	4,354
#209	/wp-admin/js/widgets/cloud.php	4,335
#210	/adminfuns.php	4,304
#211	/wp-admin/file.php	4,257
#212	/admin/.env	4,251
#213	/wp-admin/edit-tags.php	4,184
#214	/2018/wp-includes/wlwmanifest.xml	4,171
#215	/foq.php	4,143
#216	/.aws/credentials	4,137
#217	/backend/.env	4,115
#218	/.git/index	4,081
#219	/m.php	4,045
#220	/wp-content/themes/about.php	4,039
#221	/cms	4,013
#222	/wordpress/wp-login.php	4,010
#223	/pinfo.php	4,001
#224	/.env.example	3,973
#225	/install.php	3,970
#226	/app/.env	3,966
#227	/laravel/.env	3,960
#228	/.well-known/change-password	3,955
#229	/13.php	3,949
#230	/.well-known/web-identity	3,947
#231	/fox.php	3,942
#232	/akcc.php	3,927
#233	/.well-known/webauthn	3,910
#234	/al.php	3,903
#235	/wp-content/themes/admin.php	3,875
#236	/content.php	3,872
#237	/themes/zMousse/otuz1.php	3,862
#238	/.well-known/resource-that-should-not-exist-whose-status-code-should-not-be-200	3,861
#239	/wp-admin/includes/index.php	3,854
#240	/.env.local	3,832
#241	/admin/controller/extension/extension	3,828
#242	/wp-content/admin.php	3,805
#243	/function/function.php	3,805
#244	/version	3,775
#245	/s.php	3,766
#246	/core/.env	3,744
#247	/a.php	3,739
#248	/mah.php	3,738
#249	/wp-admin/admin-ajax.php	3,737
#250	/wp-admin/network/network.php	3,728
#251	/error.php	3,727
#252	/default.php	3,715
#253	/wp-includes/blocks/about.php	3,713
#254	/ar.php	3,712
#255	/admin/admin.php	3,704
#256	/new.php	3,702
#257	/moon.php	3,698
#258	/images	3,691
#259	/x.php	3,678
#260	/.well-known/acme-challenge/mariju.php	3,665
#261	/file15.php	3,654
#262	/php8.php	3,651
#263	/moddofuns.php	3,649
#264	/10.php	3,638
#265	/form.html	3,629
#266	/wp-admin/install.php	3,629
#267	/infos.php	3,627
#268	/wp-admin/wp-login.php	3,611
#269	/acessorios-cameras/capa-de-silicone	3,590
#270	/wp-admin/js/about.php	3,583
#271	/.env.prod	3,581
#272	/NewFile.php	3,577
#273	/wp-trackback.php	3,575
#274	/function.php	3,567
#275	/sts.php	3,561
#276	/public/.env	3,551
#277	/upl.php	3,544
#278	/doiconvs.php	3,536
#279	/uploads	3,536
#280	/systembc/password.php	3,521
#281	/wp-admin/js	3,518
#282	/images/class-config.php	3,515
#283	/t4	3,512
#284	/geoip	3,511
#285	/password.php	3,508
#286	/fix.php	3,499
#287	/wp-l0gin.php	3,493
#288	/.well-known/acme-challenge/makeasmtp.php	3,483
#289	/item.php	3,481
#290	/wp-admin.php	3,469
#291	/file3.php	3,468
#292	/dev/.env	3,462
#293	/wp-admin/css/colors/ectoplasm/about.php	3,457
#294	/api/sessions	3,449
#295	/wp-includes/wp-class.php	3,445
#296	/we.php	3,436
#297	/c/linha-glass/robo-aspirador	3,421
#298	/index.html	3,414
#299	/file9.php	3,413
#300	/wp-admin/css/qPyYcxpHKCu.php	3,410
#301	/wp-json/sfwd-courses/1	3,363
#302	/contact-us	3,361
#303	/wp-admin/profile.php	3,360
#304	/.well-known/classwithtostring.php	3,356
#305	/wp-admin/plugins.php	3,347
#306	/api/config.env	3,347
#307	/wp-admin/mah.php	3,330
#308	/y.php	3,324
#309	/ws.php	3,312
#310	/gel4y.php	3,305
#311	/application/.env	3,297
#312	/member-signup	3,280
#313	/wp-admin/edit.php	3,274
#314	/gelay.php	3,271
#315	/api/shared/config.env	3,253
#316	/sites/default/files	3,251
#317	/wp-admin/css/colors/blue/about.php	3,249
#318	/wp-admin/css/colors/blue	3,228
#319	/cdn-cgi/rum	3,222
#320	/wp-content/style.php	3,221
#321	/ola-mundo	3,220
#322	/_phpinfo.php	3,211
#323	/backend	3,207
#324	/epinyins.php	3,203
#325	/loja/busca.php	3,200
#326	/ab2h	3,198
#327	/wp-aa.php	3,195
#328	/ab2g	3,195
#329	/pages.php	3,193
#330	/ini.php	3,178
#331	/inc.php	3,175
#332	/alive.php	3,172
#333	/loja/cartService.php	3,172
#334	/teorema505	3,166
#335	/sitemap.php	3,145
#336	/wp-admin/chosen.php	3,133
#337	/wp-conflg.php	3,122
#338	/.well-known/acme-challenge/doc.php	3,121
#339	/manager/html	3,121
#340	/0x.php	3,119
#341	/wp-includes/about.php	3,111
#342	/pp.php	3,110
#343	/cabelos/creme-tratamento-silicon-mix	3,104
#344	/ms-edit.php	3,077
#345	/wp-signin.php	3,070
#346	/wp-content/uploads/de_fb_uploads/b.php	3,069
#347	/222.php	3,069
#348	/setup.php	3,069
#349	/12.php	3,066
#350	/dashboard	3,043
#351	/categoria-produto/aneis/feminino	3,041
#352	/web/.env	3,038
#353	/b.php	3,024
#354	/SistemaEAD_CPREM/login/index.php	3,023
#355	/pesca/login/index.php	3,012
#356	/config/aws.yml	3,008
#357	/local/.env	2,997
#358	/wp-content/plugins/WordPressCore/include.php	2,995
#359	/api/config/config.yml	2,989
#360	/bugz.php	2,979
#361	/file6.php	2,971
#362	/wp-admin/wp-admins.php	2,968
#363	/assets/images/doc.php	2,968
#364	/wp-includes/ID3/index.php	2,962
#365	/robots.php	2,955
#366	/file7.php	2,952
#367	/sitemap_index.xml	2,949
#368	/abcd.php	2,945
#369	/not_found	2,945
#370	/h.php	2,936
#371	/wp-admin/wp.php	2,929
#372	/wp-admin/admin.php	2,922
#373	/tool/view/phpinfo.view.php	2,913
#374	/groups%22%22	2,912
#375	/dynip/f282640c	2,901
#376	/.AWS_/credentials	2,899
#377	/panel	2,896
#378	/test1.php	2,895
#379	/wp-admin/post-new.php	2,894
#380	/wp-admin/css/colors/light/wp-login.php	2,885
#381	/apps/.env	2,882
#382	/.aws/config	2,878
#383	/xx.php	2,877
#384	/wp-admin/js/wp-conflg.php	2,874
#385	/geju.php	2,870
#386	/CLA.php	2,866
#387	/ee.php	2,849
#388	/wp1/wp-includes/wlwmanifest.xml	2,849
#389	/.well-known/acme-challenge/muse.php	2,844
#390	/wp-admin/css/colors/blue/atomlib.php	2,840
#391	/aws.yml	2,832
#392	/wp-content/plugins/pwnd/as.php	2,821
#393	/prod/.env	2,820
#394	/site/.env	2,816
#395	/new/.env	2,811
#396	/ova.php	2,809
#397	/en/assets/images/logos/HTB.JPG	2,808
#398	/g/collect	2,797
#399	/wp-content/plugins/autoload_classmap.php	2,796
#400	/loja/carrinho.php	2,788
#401	/api/objects/codes.php.save	2,786
#402	/v.php	2,777
#403	/wp-includes/html-api/about.php	2,774
#404	/wp-content/plugins/about.php	2,774
#405	/composer.php	2,772
#406	/www/.env	2,766
#407	/auth.php	2,749
#408	/crm/.env	2,737
#409	/blog/fw.php	2,731
#410	/wp-admin/autoload_classmap.php	2,728
#411	/wp-admin/includes/colour.php	2,721
#412	/plugins.php	2,716
#413	/api/v2/categories/86	2,715
#414	/wp-admin/includes/header.php	2,712
#415	/images/admin.php	2,706
#416	/settings.py	2,701
#417	/docker/.env	2,699
#418	/i.php	2,692
#419	/contato.html	2,691
#420	/log.php	2,685
#421	/.bod/.ll/ss.php	2,682
#422	/cron/.env	2,676
#423	/conf/.env	2,675
#424	/item/Caique-Brudden-Explorer-Fishing-Up-.html	2,674
#425	/alfanew.php	2,662
#426	/null	2,658
#427	/login.php	2,643
#428	/servicos	2,640
#429	/.env.production.local	2,628
#430	/rt.php	2,626
#431	/dashboard/phpinfo.php	2,622
#432	/.alf.php	2,620
#433	/main/.env	2,618
#434	/.env.stage	2,617
#435	/search	2,614
#436	/ms-themes.php	2,611
#437	/.env.old	2,609
#438	/wp-config.php.bak	2,607
#439	/wp-admin/maint	2,601
#440	/.well-known/radio.php	2,600
#441	/wp-content/1.php	2,599
#442	/env/.env	2,597
#443	/wp-admin/style.php	2,595
#444	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	2,594
#445	/wp-includes/ALFA_DATA/alfacgiapi/perl.alfa	2,589
#446	/api/v2/products/386	2,586
#447	/mail/.env	2,583
#448	/wp-editor.php	2,583
#449	/es/wp-json/oembed/1.0/embed	2,581
#450	/bless.php	2,581
#451	/memberfuns.php	2,574
#452	/development/.env	2,571
#453	/.vscode/.env	2,566
#454	/2.php	2,566
#455	/contatos.html	2,554
#456	/wp-admin/includes/wp-conflg.php	2,553
#457	/privacidade	2,549
#458	/wp-content/languages/autoload_classmap.php	2,544
#459	/wp-content/classwithtostring.php	2,542
#460	/js/.env	2,537
#461	/aws-secret.yaml	2,536
#462	/contatos	2,533
#463	/awstats/.env	2,533
#464	/mailer/.env	2,532
#465	/faleconosco	2,531
#466	/a2.php	2,530
#467	/.well-known	2,510
#468	/mini	2,509
#469	/options-writing.php	2,504
#470	/options-reading.php	2,503
#471	/server-info.php	2,495
#472	/fale-conosco	2,491
#473	/_profiler/phpinfo/phpinfo.php	2,487
#474	/lara/info.php	2,487
#475	/site	2,485
#476	/13k.php	2,482
#477	/jp.php	2,482
#478	/server-info	2,481
#479	/post.php	2,478
#480	/wp-content/plugins/ioxi/ioxi/dropdown.php	2,476
#481	/xampp/phpinfo.php	2,469
#482	/file8.php	2,468
#483	/projetos	2,466
#484	/wp-content/uploads/json.php	2,465
#485	/lara/phpinfo.php	2,464
#486	/laravel/core/.env	2,462
#487	/index.bak.php	2,450
#488	/_profiler/phpinfo/info.php	2,448
#489	/projetos/italiaetal	2,445
#490	/env.backup	2,445
#491	/portal/.env	2,443
#492	/bak.php	2,441
#493	/wp-logs.php	2,435
#494	/new/.env.local	2,435
#495	/wp-wso.php	2,434
#496	/87.php	2,432
#497	/nginx/.env	2,431
#498	/new/.env.staging	2,425
#499	/sitemap_index_16.xml	2,419
#500	/kyc/.env	2,416

Data was last updated on: Oct 7, 2025

Logging Research

We love logs. In this section we will share some of the data we are parsing from our logs and honeypots we have live.

Trunc Logging

Logging for fun and a good night of sleep.

Real time search
Google simple
Cheap
Just works
PCI compliance

Trunc Research

Latest log-based threat analysis added.

2025-09-03WordPress - Last scanned URLs
2025-08-22Web logs 404 analysis - past 72 hours
2025-08-21WordPress most scanned URLs - all time
2025-08-21Web logs 404 analysis - all time

Contact us!

Do you have an idea for a research that is not here? See something wrong? Contact us at support@noc.org

Tired of price gouging

Clear pricing
No need to guess
Real people
Real logging

Web logs 404 analysis - all time

Logging Research

Trunc Logging

Trunc Research

Contact us!

Tired of price gouging

Simple, Affordable, Log Management and Analysis.

PRODUCTS

USEFUL LINKS

CONTACT US