Web logs 404 analysis

Web logs 404 analysis - all time

Dec 5, 2025

Automatically updated daily

Checking for 404 errors in your logs can reveal more than just broken links, it can also expose files and URLs that attackers are actively scanning for. To track this behavior, we set up hundreds of honeypots and analyzed live web traffic data, giving us insight into which files and URLs are being targeted across the internet.

The table bellow list the top URLs being scanned all time and is updated daily. Most of the data contain WordPress specific URLs, certain plugins and config files that attackers can use.

Rank	Scanned URL	Counter
#1	/wp-login.php	575,627
#2	/autodiscover/autodiscover.xml	266,136
#3	/xmlrpc.php	139,863
#4	/.env	97,103
#5	/index.php	88,495
#6	/.well-known/traffic-advice	87,975
#7	/sitemap.xml	82,698
#8	/2012	57,492
#9	/404	43,029
#10	/wp-json/oembed/1.0/embed	42,611
#11	/.git/config	40,210
#12	/module/ngmercadolivre/notificacao	35,689
#13	/info.php	31,273
#14	/manager/html	30,575
#15	/login	29,156
#16	/file.php	27,064
#17	/admin.php	26,082
#18	/en/AutoDiscover/autodiscover.xml	24,529
#19	/wp-cron.php	23,535
#20	/chosen.php	23,463
#21	/wordpress	22,968
#22	/about.php	22,718
#23	/wp-content/plugins/hellopress/wp_filemanager.php	21,853
#24	/backup	21,159
#25	/wp	19,848
#26	/wp-admin	19,787
#27	/api/catalog_system/pub/products/search	18,923
#28	/.well-known/nodeinfo	17,503
#29	/old	17,184
#30	/_profiler/phpinfo	16,998
#31	/wp-content/plugins/fix/up.php	16,992
#32	/404testpage4525d2fdc	16,317
#33	/bk	16,197
#34	/api/v2/marketplace/sellers/376/products/status-batch	16,186
#35	/api/v2/marketplace/sellers/376/products/stock-batch	16,088
#36	/api/v2/marketplace/sellers/376/products/price-batch	16,073
#37	/bc	16,072
#38	/alfa.php	16,063
#39	/wp-includes/wlwmanifest.xml	15,983
#40	/phpinfo	15,919
#41	/en/autodiscover/autodiscover.xml	15,703
#42	/.well-known/acme-challenge/about.php	15,598
#43	/new	15,320
#44	/1.php	15,257
#45	/main	15,213
#46	/autoload_classmap.php	15,091
#47	/atomlib.php	14,775
#48	/admin	14,751
#49	/rest/V1/store/storeViews	14,566
#50	/wp.php	14,477
#51	/api/v2/categories/65	13,887
#52	/api/.env	13,867
#53	/lock360.php	13,816
#54	/flower.php	13,799
#55	/test.php	13,725
#56	/file2.php	13,641
#57	/classwithtostring.php	13,583
#58	/web/wp-includes/wlwmanifest.xml	13,472
#59	/aa.php	13,407
#60	/wordpress/wp-includes/wlwmanifest.xml	13,340
#61	/wp/wp-includes/wlwmanifest.xml	13,111
#62	/goods.php	13,099
#63	/app	12,964
#64	/-/-/-/-/-/-/-/-/-/-	12,915
#65	/simple.php	12,737
#66	/admin/config.php	12,722
#67	/blog/wp-includes/wlwmanifest.xml	12,699
#68	/shop	12,622
#69	/2019/wp-includes/wlwmanifest.xml	12,573
#70	/debug/default/view	12,550
#71	/shop/wp-includes/wlwmanifest.xml	12,490
#72	/ioxi-o.php	12,144
#73	/makeasmtp.php	12,118
#74	/test	12,055
#75	/v2/_catalog	11,953
#76	/app_dev.php/_profiler/phpinfo	11,903
#77	/website/wp-includes/wlwmanifest.xml	11,834
#78	/AutoDiscover/autodiscover.xml	11,724
#79	/backend/.env	11,722
#80	/cdn-cgi/rum	11,716
#81	/server-status	11,704
#82	/news/wp-includes/wlwmanifest.xml	11,672
#83	/pagamento/mercadopago/ipn.php	11,611
#84	/web_api/auth	11,581
#85	/admin/.env	11,534
#86	/feed	11,342
#87	/style.php	11,091
#88	/.env.example	11,055
#89	/.well-known/passkey-endpoints	11,016
#90	/api	11,013
#91	/telescope/requests	10,992
#92	/cong.php	10,922
#93	/edit.php	10,898
#94	/contrato/wap/crons/enviar-email.php	10,867
#95	/acessorios-cameras	10,809
#96	/akc.php	10,642
#97	/.well-known/apple-app-site-association	10,356
#98	/asasx.php	10,198
#99	/api/v2/categories/64	10,154
#100	/api/graphql	9,916
#101	/home	9,898
#102	/login.action	9,830
#103	/wp-plain.php	9,830
#104	/inputs.php	9,703
#105	/phpinfo.php	9,666
#106	/css.php	9,631
#107	/about	9,516
#108	/as.php	9,330
#109	/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application	9,300
#110	/w.php	9,285
#111	/radio.php	9,243
#112	/user/login	9,226
#113	/wp-admin/css	9,191
#114	/server	9,063
#115	/@vite/env	9,028
#116	/_all_dbs	9,024
#117	/actuator/env	8,947
#118	/buy.php	8,911
#119	/goat.php	8,900
#120	/cgi-bin/luci/;stok=/locale	8,701
#121	/wp-json/sfwd-assignment/1	8,681
#122	/api/v2/customers/login	8,675
#123	/dropdown.php	8,672
#124	/loja/login_layout.php	8,612
#125	/wordpress/wp-admin/setup-config.php	8,449
#126	/HNAP1	8,353
#127	/api/sessions	8,318
#128	/lv.php	8,293
#129	/gecko.php	8,230
#130	/wp-sitemap.xml	7,980
#131	/07550e18	7,958
#132	/config.php	7,923
#133	/wp-content/plugins/woocommerce/includes/gateways/locks.php	7,910
#134	/k.php	7,854
#135	/autoload_classmap/function.php	7,782
#136	/loja/catalogo.php	7,759
#137	/wp-admin/images/moon.php	7,756
#138	/wsa.php	7,555
#139	/contato	7,533
#140	/akcc.php	7,502
#141	/wp-admin/setup-config.php	7,499
#142	/nc4.php	7,436
#143	/wiki	7,431
#144	/appWP/lab/wp-admin/css/colors/blue/blue.php	7,428
#145	/.well-known/acme-challenge/cloud.php	7,423
#146	/php.php	7,408
#147	/api/v2/auth	7,370
#148	/wp-content/wp-conflg.php	7,361
#149	/f35.php	7,288
#150	/tinyfilemanager.php	7,273
#151	/admin/index.php	7,272
#152	/abcd.php	7,265
#153	/gmo.php	7,219
#154	/mar.php	7,203
#155	/files	7,192
#156	/wp-content/themes/seotheme/db.php	7,168
#157	/403.php	7,140
#158	/api/v3/community	7,103
#159	/g/collect	7,089
#160	/users.php	7,062
#161	/administrator	7,041
#162	/mm.php	6,970
#163	/s/1313e2236313e20373e2538313/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties	6,958
#164	/404.php	6,894
#165	/zwso.php	6,890
#166	/wp-content/index.php	6,838
#167	/cms	6,807
#168	/doc.php	6,790
#169	/system_log.php	6,753
#170	/filemanager.php	6,724
#171	/content.php	6,537
#172	/blog	6,534
#173	/.env.bak	6,517
#174	/2018/wp-includes/wlwmanifest.xml	6,497
#175	/index/function.php	6,416
#176	/feed/mnpodcast	6,413
#177	/wp-admin/wp-conflg.php	6,397
#178	/wp-admin/index.php	6,387
#179	/wp-admin/css/colors/blue/index.php	6,375
#180	/images/images/cache.php	6,374
#181	/wp-api.php	6,338
#182	/wp-admin/classwithtostring.php	6,328
#183	/manager.php	6,318
#184	/boaform/admin/formLogin	6,306
#185	/shell.php	6,279
#186	/.aws/credentials	6,269
#187	/g.php	6,261
#188	/pb	6,255
#189	/2020/wp-includes/wlwmanifest.xml	6,233
#190	/api/v2/freights/316	6,214
#191	/wp-setup.php	6,181
#192	/wp-includes/fonts/admin.php	6,160
#193	/php_info.php	6,126
#194	/class.php	6,121
#195	/wp-content/video	6,110
#196	/api/shared/config/config.env	6,086
#197	/moon.php	6,076
#198	/file17.php	6,044
#199	/wso.php	6,036
#200	/null	6,023
#201	/laravel/.env	6,003
#202	/cc.php	5,924
#203	/foq.php	5,827
#204	/contact	5,806
#205	/.well-known/acme-challenge/xmrlpc.php	5,794
#206	/Form	5,773
#207	/wp-admin/js/index.php	5,761
#208	/app/.env	5,753
#209	/.env.local	5,747
#210	/wp-admin/maint/about.php	5,708
#211	/assets/images/accesson.php	5,652
#212	/mini.php	5,649
#213	/sdk	5,647
#214	/gg.php	5,643
#215	/core/.env	5,633
#216	/loja/busca.php	5,588
#217	/evox/about	5,576
#218	/images	5,576
#219	/themes.php	5,574
#220	/wp-includes/IXR/autoload_classmap.php	5,561
#221	/admin/function.php	5,536
#222	/wp-includes/fonts/index.php	5,474
#223	/wp-content/about.php	5,458
#224	/adminfuns.php	5,457
#225	/bless.php	5,442
#226	/wp-json/sfwd-lessons/1	5,437
#227	/install.php	5,429
#228	/file5.php	5,423
#229	/wp-content	5,316
#230	/wp-json/sfwd-topic/1	5,302
#231	/undefined	5,269
#232	/sk_es/vozik	5,216
#233	/wp-admin/edit-tags.php	5,216
#234	/default.php	5,211
#235	/wp-content/plugins/wpterm.php	5,198
#236	/saiga.php	5,172
#237	/byp.php	5,167
#238	/loja/cartService.php	5,145
#239	/wp-content/plugins/WordPressCore/include.php	5,109
#240	/comment.php	5,096
#241	/wp-content/style.php	5,078
#242	/about/function.php	5,062
#243	/sitemap_index.xml	5,045
#244	/.git/HEAD	5,026
#245	/admin/controller/extension/extension	4,972
#246	/pinfo.php	4,951
#247	/bolt.php	4,943
#248	/password.php	4,937
#249	/uploads	4,934
#250	/wp-content/autoload_classmap.php	4,931
#251	/wp-json/custom/v1	4,922
#252	/apps/.env	4,864
#253	/a.php	4,864
#254	/ty.php	4,800
#255	/new.php	4,789
#256	/index.html	4,786
#257	/api/v2/marketplace/sellers/615/products/queue	4,740
#258	/wp-admin/admin-ajax.php	4,732
#259	/form.html	4,729
#260	/files.php	4,709
#261	/m.php	4,708
#262	/mah.php	4,703
#263	/function/function.php	4,698
#264	/web/.env	4,658
#265	/error.php	4,629
#266	/.git/index	4,628
#267	/.env.prod	4,623
#268	/upl.php	4,622
#269	/we.php	4,601
#270	/systembc/password.php	4,594
#271	/t4	4,587
#272	/geoip	4,585
#273	/pesca/login/index.php	4,584
#274	/.well-known/change-password	4,566
#275	/api/v2/products/386	4,566
#276	/wp-content/themes/about.php	4,546
#277	/.well-known/web-identity	4,517
#278	/graphql	4,509
#279	/wp-admin/js/autoload_classmap.php	4,502
#280	/13.php	4,497
#281	/s.php	4,494
#282	/.well-known/webauthn	4,474
#283	/.well-known/resource-that-should-not-exist-whose-status-code-should-not-be-200	4,471
#284	/wp1/wp-includes/wlwmanifest.xml	4,469
#285	/wp-editor.php	4,445
#286	/version	4,436
#287	/site	4,428
#288	/sites/default/files	4,422
#289	/tytyd.php	4,414
#290	/public/.env	4,410
#291	/new/.env	4,407
#292	/gifclass.php	4,393
#293	/x.php	4,392
#294	/dev/.env	4,358
#295	/sitemap.php	4,354
#296	/wp-admin/js/widgets/cloud.php	4,344
#297	/admin/admin.php	4,344
#298	/wp-admin/style.php	4,344
#299	/fox.php	4,339
#300	/ws.php	4,339
#301	/wp-content/admin.php	4,339
#302	/wp-admin/profile.php	4,337
#303	/.well-known/acme-challenge/mariju.php	4,319
#304	/222.php	4,306
#305	/ar.php	4,287
#306	/wordpress/wp-login.php	4,284
#307	/wp-admin/file.php	4,277
#308	/info	4,251
#309	/NewFile.php	4,246
#310	/ab2g	4,238
#311	/ab2h	4,236
#312	/web	4,227
#313	/wp-admin/install.php	4,213
#314	/SistemaEAD_CPREM/login/index.php	4,209
#315	/alive.php	4,203
#316	/teorema505	4,196
#317	/item.php	4,193
#318	/wp-admin/plugins.php	4,189
#319	/wp-admin.php	4,185
#320	/wp-trackback.php	4,169
#321	/wp-json/sfwd-courses	4,142
#322	/i.php	4,136
#323	/wp-admin/edit.php	4,133
#324	/10.php	4,119
#325	/backend	4,113
#326	/wp-content/themes/admin.php	4,109
#327	/wp-content/themes/style.php	4,099
#328	/file15.php	4,095
#329	/wp-admin/js/about.php	4,082
#330	/al.php	4,078
#331	/portal/.env	4,059
#332	/xmrlpc.php	4,018
#333	/sts.php	3,997
#334	/wp-admin/includes/index.php	3,946
#335	/application/.env	3,937
#336	/file9.php	3,935
#337	/0x.php	3,929
#338	/infos.php	3,925
#339	/dashboard	3,895
#340	/themes/zMousse/otuz1.php	3,873
#341	/api/v2/marketplace/sellers/376/products/queue	3,871
#342	/fix.php	3,815
#343	/api/v2/marketplace/sellers/655/products/queue	3,815
#344	/config/aws.yml	3,753
#345	/ini.php	3,752
#346	/panel	3,750
#347	/function.php	3,748
#348	/pp.php	3,742
#349	/wp-includes/blocks/about.php	3,736
#350	/wp-admin/network/network.php	3,735
#351	/php8.php	3,732
#352	/member-signup	3,731
#353	/api/config.env	3,723
#354	/groups%22%22	3,720
#355	/moddofuns.php	3,714
#356	/wp-admin/wp-login.php	3,703
#357	/wp-admin/js	3,703
#358	/images/class-config.php	3,694
#359	/wp-l0gin.php	3,672
#360	/www/.env	3,659
#361	/_phpinfo.php	3,650
#362	/js/.env	3,648
#363	/api/shared/config.env	3,647
#364	/ola-mundo	3,640
#365	/crm/.env	3,636
#366	/contact-us	3,626
#367	/2.php	3,622
#368	/wp-admin/post-new.php	3,618
#369	/login.php	3,602
#370	/ee.php	3,601
#371	/wp-conflg.php	3,599
#372	/acessorios-cameras/capa-de-silicone	3,590
#373	/gel4y.php	3,586
#374	/wp-includes/wp-class.php	3,551
#375	/file3.php	3,549
#376	/xx.php	3,542
#377	/doiconvs.php	3,536
#378	/app/config/parameters.yml	3,536
#379	/api/v2/brands/4718	3,532
#380	/CLA.php	3,519
#381	/api/v2/products/5518	3,517
#382	/epinyins.php	3,506
#383	/aws.yml	3,500
#384	/test1.php	3,495
#385	/cursogratuito/ola-mundo	3,488
#386	/dynip/f282640c	3,486
#387	/.well-known/acme-challenge/makeasmtp.php	3,483
#388	/fr	3,473
#389	/wp-admin/css/colors/ectoplasm/about.php	3,471
#390	/docker/.env	3,471
#391	/en/assets/images/logos/HTB.JPG	3,463
#392	/wp-admin/css/colors/blue	3,459
#393	/item/Caique-Brudden-Explorer-Fishing-Up-.html	3,449
#394	/file7.php	3,437
#395	/c/linha-glass/robo-aspirador	3,421
#396	/cron/.env	3,421
#397	/env/.env	3,419
#398	/wp-admin/css/qPyYcxpHKCu.php	3,410
#399	/cabelo/marcas-de-salao/wella-professionals/wella-professionals-invigo-color-brilliance-2-produtos	3,408
#400	/loja/carrinho.php	3,400
#401	/wp-json/oembed	3,395
#402	/wp-json/sfwd-lessons	3,394
#403	/local/.env	3,393
#404	/12.php	3,390
#405	/wp-json/wp	3,378
#406	/wp-json/sfwd-courses/1	3,363
#407	/y.php	3,363
#408	/.aws/config	3,363
#409	/a2.php	3,361
#410	/gelay.php	3,360
#411	/.well-known/classwithtostring.php	3,359
#412	/upload/banner	3,359
#413	/wp-admin/css/colors/blue/about.php	3,351
#414	/v.php	3,351
#415	/inc.php	3,346
#416	/.well-known	3,346
#417	/wp-admin/mah.php	3,345
#418	/wp-admin/js/wp-conflg.php	3,340
#419	/wp-aa.php	3,338
#420	/wp-content/plugins/pwnd/pwnd.php	3,333
#421	/fm.php	3,313
#422	/not_found	3,304
#423	/site/.env	3,294
#424	/b.php	3,290
#425	/api/config/config.yml	3,287
#426	/simular	3,287
#427	/alfanew.php	3,272
#428	/ahax.php	3,264
#429	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	3,255
#430	/wp-json/sfwd-topic	3,254
#431	/wp-admin/chosen.php	3,252
#432	/api/v2/batch/1110	3,248
#433	/.vscode/.env	3,243
#434	/.AWS_/credentials	3,230
#435	/prod/.env	3,228
#436	/pages.php	3,215
#437	/settings.py	3,214
#438	/.env.old	3,210
#439	/wp-includes/about.php	3,197
#440	/cgi-bin	3,191
#441	/tool/view/phpinfo.view.php	3,189
#442	/api/v2/marketplace/sellers/376/products/batch	3,175
#443	/.env.production.local	3,160
#444	/log.php	3,159
#445	/setup.php	3,147
#446	/test/wp-includes/wlwmanifest.xml	3,147
#447	/dashboard/phpinfo.php	3,143
#448	/awstats/.env	3,140
#449	/.env.stage	3,135
#450	/post.php	3,130
#451	/.well-known/acme-challenge/doc.php	3,123
#452	/busca	3,123
#453	/mail.php	3,122
#454	/CDGServer3/SystemConfig	3,121
#455	/wp-signin.php	3,106
#456	/cabelos/creme-tratamento-silicon-mix	3,104
#457	/api/objects/codes.php.save	3,102
#458	/geju.php	3,100
#459	/api/v2/batch/1111	3,097
#460	/wp-content/plugins/about.php	3,096
#461	/build.php	3,086
#462	/ss.php	3,082
#463	/ms-edit.php	3,077
#464	/conf/.env	3,076
#465	/wp-content/uploads/de_fb_uploads/b.php	3,072
#466	/loja/arquivos/1049375/sitemaps/sitemap_1.xml	3,044
#467	/wp-config.php.bak	3,042
#468	/categoria-produto/aneis/feminino	3,041
#469	/search	3,041
#470	/wp-admin/admin.php	3,020
#471	/file6.php	3,013
#472	/wp-admin/wp-admins.php	3,009
#473	/main/.env	3,007
#474	/ova.php	3,004
#475	/bak.php	3,004
#476	/jmx-console	3,002
#477	/wp-admin/css/colors/blue/atomlib.php	2,994
#478	/server-info.php	2,984
#479	/plugins.php	2,982
#480	/bugz.php	2,979
#481	/assets/images/doc.php	2,978
#482	/wp-includes/ID3/index.php	2,973
#483	/new/.env.staging	2,968
#484	/wp-admin/wp.php	2,967
#485	/robots.php	2,965
#486	/noc-cdn	2,965
#487	/development/.env	2,962
#488	/mail/.env	2,961
#489	/.env.production	2,956
#490	/wp-content/plugins/pwnd/as.php	2,954
#491	/aws-secret.yaml	2,952
#492	/h.php	2,947
#493	/wp-content/classwithtostring.php	2,936
#494	/.well-known/acme-challenge/index.php	2,930
#495	/mailer/.env	2,927
#496	/site/wp-includes/wlwmanifest.xml	2,914
#497	/wp-content/plugins/autoload_classmap.php	2,909
#498	/ALFA_DATA/alfacgiapi/perl.alfa	2,909
#499	/wp-json/sfwd-assignment	2,899
#500	/lowpr.php	2,898

Data was last updated on: Dec 5, 2025

Logging Research

We love logs. In this section we will share some of the data we are parsing from our logs and honeypots we have live.

Trunc Logging

Logging for fun and a good night of sleep.

Real time search
Google simple
Cheap
Just works
PCI compliance

Trunc Research

Latest log-based threat analysis added.

2025-09-03WordPress - Last scanned URLs
2025-08-22Web logs 404 analysis - past 72 hours
2025-08-21WordPress most scanned URLs - all time
2025-08-21Web logs 404 analysis - all time

Contact us!

Do you have an idea for a research that is not here? See something wrong? Contact us at support@noc.org

Tired of price gouging

Clear pricing
No need to guess
Real people
Real logging

Web logs 404 analysis - all time

Logging Research

Trunc Logging

Trunc Research

Contact us!

Tired of price gouging

Simple, Affordable, Log Management and Analysis.

PRODUCTS

USEFUL LINKS

CONTACT US