Web logs 404 analysis - all time
Oct 7, 2025
Automatically updated daily

Checking for 404 errors in your logs can reveal more than just broken links, it can also expose files and URLs that attackers are actively scanning for. To track this behavior, we set up hundreds of honeypots and analyzed live web traffic data, giving us insight into which files and URLs are being targeted across the internet.


The table bellow list the top URLs being scanned all time and is updated daily. Most of the data contain WordPress specific URLs, certain plugins and config files that attackers can use.


Rank Scanned URL Counter
#1 /wp-login.php396,160
#2 /autodiscover/autodiscover.xml150,727
#3 /xmlrpc.php107,567
#4 /index.php74,353
#5 /.env67,801
#6 /sitemap.xml67,334
#7 /201257,487
#8 /40435,067
#9 /wp-json/oembed/1.0/embed33,086
#10 /.well-known/traffic-advice31,265
#11 /.git/config28,616
#12 /module/ngmercadolivre/notificacao28,364
#13 /info.php24,574
#14 /file.php22,039
#15 /admin.php20,508
#16 /en/AutoDiscover/autodiscover.xml20,035
#17 /wp-content/plugins/hellopress/wp_filemanager.php18,917
#18 /api/catalog_system/pub/products/search18,890
#19 /about.php18,055
#20 /chosen.php18,023
#21 /login17,108
#22 /.well-known/nodeinfo17,076
#23 /wordpress16,842
#24 /wp-cron.php16,297
#25 /wp-admin15,527
#26 /backup15,399
#27 /wp15,180
#28 /_profiler/phpinfo14,797
#29 /bk14,462
#30 /bc14,399
#31 /wp-content/plugins/fix/up.php13,745
#32 /alfa.php13,123
#33 /404testpage4525d2fdc12,910
#34 /old12,823
#35 /autoload_classmap.php12,709
#36 /.well-known/acme-challenge/about.php12,425
#37 /wp.php12,408
#38 /main11,970
#39 /admin11,726
#40 /atomlib.php11,704
#41 /lock360.php11,655
#42 /file2.php11,647
#43 /phpinfo11,641
#44 /en/autodiscover/autodiscover.xml11,566
#45 /simple.php11,544
#46 /new11,379
#47 /wp-includes/wlwmanifest.xml11,300
#48 /1.php11,214
#49 /goods.php10,904
#50 /rest/V1/store/storeViews10,865
#51 /classwithtostring.php10,823
#52 /-/-/-/-/-/-/-/-/-/-10,697
#53 /acessorios-cameras10,649
#54 /aa.php10,509
#55 /flower.php10,446
#56 /makeasmtp.php10,246
#57 /api/v2/categories/6510,027
#58 /ioxi-o.php9,789
#59 /test.php9,727
#60 /debug/default/view9,700
#61 /edit.php9,514
#62 /web/wp-includes/wlwmanifest.xml9,364
#63 /wordpress/wp-includes/wlwmanifest.xml9,283
#64 /v2/_catalog9,196
#65 /server-status9,194
#66 /wp/wp-includes/wlwmanifest.xml9,143
#67 /.well-known/apple-app-site-association8,850
#68 /blog/wp-includes/wlwmanifest.xml8,832
#69 /2019/wp-includes/wlwmanifest.xml8,693
#70 /cong.php8,691
#71 /shop/wp-includes/wlwmanifest.xml8,629
#72 /w.php8,522
#73 /as.php8,519
#74 /telescope/requests8,475
#75 /api/v2/categories/648,446
#76 /akc.php8,434
#77 /website/wp-includes/wlwmanifest.xml8,413
#78 /inputs.php8,407
#79 /news/wp-includes/wlwmanifest.xml8,280
#80 /asasx.php8,272
#81 /goat.php8,232
#82 /cgi-bin/luci/;stok=/locale8,077
#83 /css.php7,950
#84 /radio.php7,949
#85 /wp-content/plugins/woocommerce/includes/gateways/locks.php7,910
#86 /pagamento/mercadopago/ipn.php7,876
#87 /style.php7,743
#88 /login.action7,670
#89 /gecko.php7,557
#90 /wordpress/wp-admin/setup-config.php7,545
#91 /wp-admin/images/moon.php7,527
#92 /test7,365
#93 /user/login7,323
#94 /about7,228
#95 /feed7,140
#96 /api7,126
#97 /home7,112
#98 /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application7,110
#99 /config.php7,109
#100 /api/v3/community7,103
#101 /loja/login_layout.php7,100
#102 /wp-admin/css7,085
#103 /autoload_classmap/function.php7,079
#104 /dropdown.php7,024
#105 /buy.php6,941
#106 /@vite/env6,941
#107 /07550e186,918
#108 /wp-json/sfwd-assignment/16,906
#109 /_all_dbs6,902
#110 /server6,895
#111 /AutoDiscover/autodiscover.xml6,869
#112 /wp-admin/setup-config.php6,861
#113 /k.php6,861
#114 /actuator/env6,851
#115 /wp-plain.php6,844
#116 /wsa.php6,814
#117 /lv.php6,811
#118 /HNAP16,764
#119 /users.php6,754
#120 /mm.php6,723
#121 /f35.php6,614
#122 /api/graphql6,533
#123 /wp-content/wp-conflg.php6,453
#124 /wp-sitemap.xml6,448
#125 /wiki6,379
#126 /web_api/auth6,355
#127 /tinyfilemanager.php6,325
#128 /.well-known/acme-challenge/cloud.php6,318
#129 /contato6,284
#130 /mar.php6,238
#131 /phpinfo.php6,232
#132 /wp-api.php6,205
#133 /403.php6,190
#134 /admin/index.php6,097
#135 /wp-admin/classwithtostring.php6,096
#136 /php.php6,051
#137 /wp-setup.php6,003
#138 /wp-includes/fonts/admin.php5,957
#139 /api/.env5,940
#140 /wp-content/index.php5,925
#141 /wp-admin/css/colors/blue/index.php5,805
#142 /.well-known/passkey-endpoints5,797
#143 /404.php5,794
#144 /index/function.php5,785
#145 /images/images/cache.php5,740
#146 /class.php5,697
#147 /wp-admin/wp-conflg.php5,661
#148 /system_log.php5,644
#149 /api/shared/config/config.env5,632
#150 /filemanager.php5,616
#151 /file17.php5,609
#152 /gmo.php5,609
#153 /cc.php5,533
#154 /wp-admin/js/index.php5,506
#155 /loja/catalogo.php5,450
#156 /g.php5,449
#157 /nc4.php5,443
#158 /php_info.php5,437
#159 /gg.php5,416
#160 /appWP/lab/wp-admin/css/colors/blue/blue.php5,371
#161 /wp-includes/IXR/autoload_classmap.php5,364
#162 /doc.php5,327
#163 /wp-content/themes/seotheme/db.php5,301
#164 /api/v2/freights/3165,284
#165 /wp-admin/maint/about.php5,271
#166 /s/1313e2236313e20373e2538313/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties5,263
#167 /feed/mnpodcast5,237
#168 /sk_es/vozik5,216
#169 /.well-known/acme-challenge/xmrlpc.php5,206
#170 /wp-content/plugins/wpterm.php5,198
#171 /admin/function.php5,192
#172 /app_dev.php/_profiler/phpinfo5,169
#173 /contrato/wap/crons/enviar-email.php5,121
#174 /contact5,114
#175 /mini.php5,090
#176 /file5.php5,075
#177 /wp-includes/fonts/index.php5,061
#178 /wso.php5,033
#179 /manager.php4,983
#180 /zwso.php4,962
#181 /wp-content/about.php4,945
#182 /wp-json/custom/v14,922
#183 /wp-json/sfwd-lessons/14,884
#184 /boaform/admin/formLogin4,850
#185 /administrator4,841
#186 /pb4,812
#187 /wp-json/sfwd-topic/14,800
#188 /files4,772
#189 /wp-content/autoload_classmap.php4,751
#190 /.git/HEAD4,699
#191 /api/v2/customers/login4,686
#192 /2020/wp-includes/wlwmanifest.xml4,669
#193 /Form4,632
#194 /wp-content4,623
#195 /shell.php4,585
#196 /byp.php4,574
#197 /about/function.php4,574
#198 /themes.php4,568
#199 /ty.php4,550
#200 /sdk4,545
#201 /assets/images/accesson.php4,529
#202 /wp-admin/js/autoload_classmap.php4,498
#203 /evox/about4,484
#204 /undefined4,447
#205 /.env.bak4,441
#206 /wp-admin/index.php4,427
#207 /admin/config.php4,356
#208 /blog4,354
#209 /wp-admin/js/widgets/cloud.php4,335
#210 /adminfuns.php4,304
#211 /wp-admin/file.php4,257
#212 /admin/.env4,251
#213 /wp-admin/edit-tags.php4,184
#214 /2018/wp-includes/wlwmanifest.xml4,171
#215 /foq.php4,143
#216 /.aws/credentials4,137
#217 /backend/.env4,115
#218 /.git/index4,081
#219 /m.php4,045
#220 /wp-content/themes/about.php4,039
#221 /cms4,013
#222 /wordpress/wp-login.php4,010
#223 /pinfo.php4,001
#224 /.env.example3,973
#225 /install.php3,970
#226 /app/.env3,966
#227 /laravel/.env3,960
#228 /.well-known/change-password3,955
#229 /13.php3,949
#230 /.well-known/web-identity3,947
#231 /fox.php3,942
#232 /akcc.php3,927
#233 /.well-known/webauthn3,910
#234 /al.php3,903
#235 /wp-content/themes/admin.php3,875
#236 /content.php3,872
#237 /themes/zMousse/otuz1.php3,862
#238 /.well-known/resource-that-should-not-exist-whose-status-code-should-not-be-2003,861
#239 /wp-admin/includes/index.php3,854
#240 /.env.local3,832
#241 /admin/controller/extension/extension3,828
#242 /wp-content/admin.php3,805
#243 /function/function.php3,805
#244 /version3,775
#245 /s.php3,766
#246 /core/.env3,744
#247 /a.php3,739
#248 /mah.php3,738
#249 /wp-admin/admin-ajax.php3,737
#250 /wp-admin/network/network.php3,728
#251 /error.php3,727
#252 /default.php3,715
#253 /wp-includes/blocks/about.php3,713
#254 /ar.php3,712
#255 /admin/admin.php3,704
#256 /new.php3,702
#257 /moon.php3,698
#258 /images3,691
#259 /x.php3,678
#260 /.well-known/acme-challenge/mariju.php3,665
#261 /file15.php3,654
#262 /php8.php3,651
#263 /moddofuns.php3,649
#264 /10.php3,638
#265 /form.html3,629
#266 /wp-admin/install.php3,629
#267 /infos.php3,627
#268 /wp-admin/wp-login.php3,611
#269 /acessorios-cameras/capa-de-silicone3,590
#270 /wp-admin/js/about.php3,583
#271 /.env.prod3,581
#272 /NewFile.php3,577
#273 /wp-trackback.php3,575
#274 /function.php3,567
#275 /sts.php3,561
#276 /public/.env3,551
#277 /upl.php3,544
#278 /doiconvs.php3,536
#279 /uploads3,536
#280 /systembc/password.php3,521
#281 /wp-admin/js3,518
#282 /images/class-config.php3,515
#283 /t43,512
#284 /geoip3,511
#285 /password.php3,508
#286 /fix.php3,499
#287 /wp-l0gin.php3,493
#288 /.well-known/acme-challenge/makeasmtp.php3,483
#289 /item.php3,481
#290 /wp-admin.php3,469
#291 /file3.php3,468
#292 /dev/.env3,462
#293 /wp-admin/css/colors/ectoplasm/about.php3,457
#294 /api/sessions3,449
#295 /wp-includes/wp-class.php3,445
#296 /we.php3,436
#297 /c/linha-glass/robo-aspirador3,421
#298 /index.html3,414
#299 /file9.php3,413
#300 /wp-admin/css/qPyYcxpHKCu.php3,410
#301 /wp-json/sfwd-courses/13,363
#302 /contact-us3,361
#303 /wp-admin/profile.php3,360
#304 /.well-known/classwithtostring.php3,356
#305 /wp-admin/plugins.php3,347
#306 /api/config.env3,347
#307 /wp-admin/mah.php3,330
#308 /y.php3,324
#309 /ws.php3,312
#310 /gel4y.php3,305
#311 /application/.env3,297
#312 /member-signup3,280
#313 /wp-admin/edit.php3,274
#314 /gelay.php3,271
#315 /api/shared/config.env3,253
#316 /sites/default/files3,251
#317 /wp-admin/css/colors/blue/about.php3,249
#318 /wp-admin/css/colors/blue3,228
#319 /cdn-cgi/rum3,222
#320 /wp-content/style.php3,221
#321 /ola-mundo3,220
#322 /_phpinfo.php3,211
#323 /backend3,207
#324 /epinyins.php3,203
#325 /loja/busca.php3,200
#326 /ab2h3,198
#327 /wp-aa.php3,195
#328 /ab2g3,195
#329 /pages.php3,193
#330 /ini.php3,178
#331 /inc.php3,175
#332 /alive.php3,172
#333 /loja/cartService.php3,172
#334 /teorema5053,166
#335 /sitemap.php3,145
#336 /wp-admin/chosen.php3,133
#337 /wp-conflg.php3,122
#338 /.well-known/acme-challenge/doc.php3,121
#339 /manager/html3,121
#340 /0x.php3,119
#341 /wp-includes/about.php3,111
#342 /pp.php3,110
#343 /cabelos/creme-tratamento-silicon-mix3,104
#344 /ms-edit.php3,077
#345 /wp-signin.php3,070
#346 /wp-content/uploads/de_fb_uploads/b.php3,069
#347 /222.php3,069
#348 /setup.php3,069
#349 /12.php3,066
#350 /dashboard3,043
#351 /categoria-produto/aneis/feminino3,041
#352 /web/.env3,038
#353 /b.php3,024
#354 /SistemaEAD_CPREM/login/index.php3,023
#355 /pesca/login/index.php3,012
#356 /config/aws.yml3,008
#357 /local/.env2,997
#358 /wp-content/plugins/WordPressCore/include.php2,995
#359 /api/config/config.yml2,989
#360 /bugz.php2,979
#361 /file6.php2,971
#362 /wp-admin/wp-admins.php2,968
#363 /assets/images/doc.php2,968
#364 /wp-includes/ID3/index.php2,962
#365 /robots.php2,955
#366 /file7.php2,952
#367 /sitemap_index.xml2,949
#368 /abcd.php2,945
#369 /not_found2,945
#370 /h.php2,936
#371 /wp-admin/wp.php2,929
#372 /wp-admin/admin.php2,922
#373 /tool/view/phpinfo.view.php2,913
#374 /groups%22%222,912
#375 /dynip/f282640c2,901
#376 /.AWS_/credentials2,899
#377 /panel2,896
#378 /test1.php2,895
#379 /wp-admin/post-new.php2,894
#380 /wp-admin/css/colors/light/wp-login.php2,885
#381 /apps/.env2,882
#382 /.aws/config2,878
#383 /xx.php2,877
#384 /wp-admin/js/wp-conflg.php2,874
#385 /geju.php2,870
#386 /CLA.php2,866
#387 /ee.php2,849
#388 /wp1/wp-includes/wlwmanifest.xml2,849
#389 /.well-known/acme-challenge/muse.php2,844
#390 /wp-admin/css/colors/blue/atomlib.php2,840
#391 /aws.yml2,832
#392 /wp-content/plugins/pwnd/as.php2,821
#393 /prod/.env2,820
#394 /site/.env2,816
#395 /new/.env2,811
#396 /ova.php2,809
#397 /en/assets/images/logos/HTB.JPG2,808
#398 /g/collect2,797
#399 /wp-content/plugins/autoload_classmap.php2,796
#400 /loja/carrinho.php2,788
#401 /api/objects/codes.php.save2,786
#402 /v.php2,777
#403 /wp-includes/html-api/about.php2,774
#404 /wp-content/plugins/about.php2,774
#405 /composer.php2,772
#406 /www/.env2,766
#407 /auth.php2,749
#408 /crm/.env2,737
#409 /blog/fw.php2,731
#410 /wp-admin/autoload_classmap.php2,728
#411 /wp-admin/includes/colour.php2,721
#412 /plugins.php2,716
#413 /api/v2/categories/862,715
#414 /wp-admin/includes/header.php2,712
#415 /images/admin.php2,706
#416 /settings.py2,701
#417 /docker/.env2,699
#418 /i.php2,692
#419 /contato.html2,691
#420 /log.php2,685
#421 /.bod/.ll/ss.php2,682
#422 /cron/.env2,676
#423 /conf/.env2,675
#424 /item/Caique-Brudden-Explorer-Fishing-Up-.html2,674
#425 /alfanew.php2,662
#426 /null2,658
#427 /login.php2,643
#428 /servicos2,640
#429 /.env.production.local2,628
#430 /rt.php2,626
#431 /dashboard/phpinfo.php2,622
#432 /.alf.php2,620
#433 /main/.env2,618
#434 /.env.stage2,617
#435 /search2,614
#436 /ms-themes.php2,611
#437 /.env.old2,609
#438 /wp-config.php.bak2,607
#439 /wp-admin/maint2,601
#440 /.well-known/radio.php2,600
#441 /wp-content/1.php2,599
#442 /env/.env2,597
#443 /wp-admin/style.php2,595
#444 /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php2,594
#445 /wp-includes/ALFA_DATA/alfacgiapi/perl.alfa2,589
#446 /api/v2/products/3862,586
#447 /mail/.env2,583
#448 /wp-editor.php2,583
#449 /es/wp-json/oembed/1.0/embed2,581
#450 /bless.php2,581
#451 /memberfuns.php2,574
#452 /development/.env2,571
#453 /.vscode/.env2,566
#454 /2.php2,566
#455 /contatos.html2,554
#456 /wp-admin/includes/wp-conflg.php2,553
#457 /privacidade2,549
#458 /wp-content/languages/autoload_classmap.php2,544
#459 /wp-content/classwithtostring.php2,542
#460 /js/.env2,537
#461 /aws-secret.yaml2,536
#462 /contatos2,533
#463 /awstats/.env2,533
#464 /mailer/.env2,532
#465 /faleconosco2,531
#466 /a2.php2,530
#467 /.well-known2,510
#468 /mini2,509
#469 /options-writing.php2,504
#470 /options-reading.php2,503
#471 /server-info.php2,495
#472 /fale-conosco2,491
#473 /_profiler/phpinfo/phpinfo.php2,487
#474 /lara/info.php2,487
#475 /site2,485
#476 /13k.php2,482
#477 /jp.php2,482
#478 /server-info2,481
#479 /post.php2,478
#480 /wp-content/plugins/ioxi/ioxi/dropdown.php2,476
#481 /xampp/phpinfo.php2,469
#482 /file8.php2,468
#483 /projetos2,466
#484 /wp-content/uploads/json.php2,465
#485 /lara/phpinfo.php2,464
#486 /laravel/core/.env2,462
#487 /index.bak.php2,450
#488 /_profiler/phpinfo/info.php2,448
#489 /projetos/italiaetal2,445
#490 /env.backup2,445
#491 /portal/.env2,443
#492 /bak.php2,441
#493 /wp-logs.php2,435
#494 /new/.env.local2,435
#495 /wp-wso.php2,434
#496 /87.php2,432
#497 /nginx/.env2,431
#498 /new/.env.staging2,425
#499 /sitemap_index_16.xml2,419
#500 /kyc/.env2,416


Data was last updated on: Oct 7, 2025



Logging Research

We love logs. In this section we will share some of the data we are parsing from our logs and honeypots we have live.

Trunc Logging

Logging for fun and a good night of sleep.

  • Real time search
  • Google simple
  • Cheap
  • Just works
  • PCI compliance
Trunc Research

Latest log-based threat analysis added.

Contact us!

Do you have an idea for a research that is not here? See something wrong? Contact us at support@noc.org

Tired of price gouging
  • Clear pricing
  • No need to guess
  • Real people
  • Real logging

Simple, Affordable, Log Management and Analysis.

14 days free trial. No credit card required.