Web logs 404 analysis - past 72 hours
Oct 28, 2025
Automatically updated daily

Checking for 404 errors in your logs can reveal more than just broken links, it can also expose files and URLs that attackers are actively scanning for. To track this behavior, we set up hundreds of honeypots and analyzed live web traffic data, giving us insight into which files and URLs are being targeted across the internet.


This table bellow list the top URLs being scanned in the past 72 hours. Some of them may show what attacker are actively looking for and new vulnerabilities in the wild.


Rank Scanned URL Counter
#1 /wp-login.php46,875
#2 /autodiscover/autodiscover.xml24,882
#3 /manager/html14,797
#4 /app12,136
#5 /.well-known/traffic-advice9,438
#6 /login8,185
#7 /xmlrpc.php5,028
#8 /index.php3,072
#9 /.env2,950
#10 /module/ngmercadolivre/notificacao2,581
#11 /cdn-cgi/rum2,573
#12 /web_api/auth2,042
#13 /api/v2/marketplace/sellers/376/products/status-batch1,797
#14 /api/v2/marketplace/sellers/376/products/stock-batch1,796
#15 /api/v2/marketplace/sellers/376/products/price-batch1,795
#16 /casa.html1,671
#17 /AutoDiscover/autodiscover.xml1,661
#18 /admin/config.php1,514
#19 /CDGServer3/SystemConfig1,401
#20 /sitemap.xml1,331
#21 /jmx-console1,229
#22 /.git/config1,220
#23 /wp-json/oembed/1.0/embed1,130
#24 /info.php1,098
#25 /rest/V1/store/storeViews1,089
#26 /chosen.php1,073
#27 /cabelo/marcas-de-salao/wella-professionals/wella-professionals-invigo-color-brilliance-2-produtos1,073
#28 /wp-cron.php1,069
#29 /wordpress1,059
#30 /wp-content/plugins/WordPressCore/include.php1,040
#31 /api/auth/login961
#32 /backup937
#33 /wp925
#34 /realms/master/protocol/openid-connect/auth900
#35 /bk896
#36 /file.php892
#37 /bc887
#38 /about.php866
#39 /1.php857
#40 /web_api/products850
#41 /wp-includes/wlwmanifest.xml818
#42 /api/sessions815
#43 /.env.example802
#44 /api/.env788
#45 /web/wp-includes/wlwmanifest.xml785
#46 /admin.php782
#47 /wordpress/wp-includes/wlwmanifest.xml777
#48 /web/rest/v1/login/sessions773
#49 /wp/wp-includes/wlwmanifest.xml769
#50 /tytyd.php749
#51 /blog/wp-includes/wlwmanifest.xml743
#52 /2019/wp-includes/wlwmanifest.xml736
#53 /shop/wp-includes/wlwmanifest.xml731
#54 /api/v2/categories/65730
#55 /.well-known/passkey-endpoints725
#56 /contrato/wap/crons/enviar-email.php721
#57 /backend/.env718
#58 /abcd.php695
#59 /404693
#60 /old689
#61 /api/v2/customers/login671
#62 /admin/.env671
#63 /api662
#64 /api/authentication/login661
#65 /en/autodiscover/autodiscover.xml658
#66 /graphql656
#67 /test.php656
#68 /test656
#69 /kids.html654
#70 /app_dev.php/_profiler/phpinfo650
#71 /website/wp-includes/wlwmanifest.xml647
#72 /news/wp-includes/wlwmanifest.xml646
#73 /main638
#74 /.well-known/acme-challenge/about.php633
#75 /new593
#76 /default/en_US/status.html583
#77 /shop578
#78 /feed576
#79 /simular572
#80 /alfa.php568
#81 /akcc.php560
#82 /api/graphql558
#83 /flower.php524
#84 /install.php510
#85 /atomlib.php509
#86 /api/gql508
#87 /bless.php508
#88 /.well-known/acme-challenge/mariju.php506
#89 /_session505
#90 /Users/authenticatebyname505
#91 /wp-admin502
#92 /api/v1/677e09724f0e2df9b6c000b75b5da10d/conectala/freight498
#93 /wp-cli.php498
#94 /css.php495
#95 /phpinfo490
#96 /graphql/api489
#97 /wp-content/plugins/hellopress/wp_filemanager.php481
#98 /api/v2/brands/4718480
#99 /v2/_catalog477
#100 /home476
#101 /goods.php475
#102 /wp-plain.php462
#103 /wp-cli.phar457
#104 /classwithtostring.php450
#105 /debug/default/view449
#106 /wp.php449
#107 /gifclass.php447
#108 /2018/wp-includes/wlwmanifest.xml446
#109 /cong.php445
#110 /filter441
#111 /api/v2/products/386433
#112 /bolt.php419
#113 /moon.php417
#114 /phpinfo.php414
#115 /saude-ocupacional/doencas-que-dao-atestado-de-7-dias409
#116 http:/aws.oast.online/latest/meta-data408
#117 http:/alibaba.oast.pro/2016-01-01/dynamic/instance-identity/document408
#118 http:/100.100.100.200/2016-01-01/dynamic/instance-identity/document404
#119 http:/100.100.100.200/latest/dynamic/instance-identity/document404
#120 http:/alibaba.oast.pro/latest/dynamic/instance-identity/document404
#121 http:/169.254.169.254/latest/meta-data403
#122 http:/169.254.169.254/metadata/v1.json403
#123 http:/2852039166/latest/meta-data402
#124 /wp-content/plugins/fix/up.php401
#125 http:/169.254.169.254.nip.io/latest/meta-data401
#126 /api/v2/freights/316399
#127 http:/169.254.169.254/computeMetadata/v1/project399
#128 /telescope/requests393
#129 /aa.php393
#130 /autoload_classmap.php392
#131 http:/169.254.169.254/metadata/instance391
#132 http:/aws.oast.online/computeMetadata/v1/project390
#133 http:/aws.oast.online/metadata/v1.json389
#134 /admin388
#135 http:/169.254.169.254/openstack/latest388
#136 http:/aws.oast.online/metadata/instance387
#137 http:/aws.oast.online/opc/v1/instance386
#138 http:/169.254.169.254/v1/metadata/private-networks386
#139 /i.php385
#140 http:/aws.oast.online/v1/metadata/private-networks384
#141 http:/aws.oast.online/openstack/latest383
#142 /server-status381
#143 /lock360.php381
#144 http:/169.254.169.254/opc/v1/instance381
#145 /buy.php378
#146 /zwso.php377
#147 /api/v2/products/531375
#148 /login.php375
#149 /style.php373
#150 /makeasmtp.php368
#151 /lv.php365
#152 /api/v2/marketplace/sellers/566/products/queue362
#153 /gmo.php362
#154 /api/v2/marketplace/sellers/425/products/queue361
#155 /api/v2/marketplace/sellers/537/products/queue361
#156 /api/v2/marketplace/sellers/376/products/batch361
#157 /null360
#158 /api/v2/marketplace/sellers/615/products/queue360
#159 /api/v2/marketplace/sellers/655/products/queue360
#160 /api/v2/marketplace/sellers/376/products/queue360
#161 /api/v2/marketplace/sellers/534/products/queue359
#162 /server358
#163 /_profiler/phpinfo358
#164 /console355
#165 /wp-json/intercom/v1/webhook354
#166 /akc.php354
#167 /actuator/env353
#168 /api/v2/batch/1111352
#169 /api/v2/batch/1110351
#170 /administrator349
#171 /inputs.php346
#172 /wp-admin/css345
#173 /.well-known/acme-challenge/index.php345
#174 /api/v2/products/248345
#175 /console/j_security_check345
#176 /simular-credito-trabalhador343
#177 /webjars/swagger-ui/index.html334
#178 /swagger/index.html334
#179 /swagger-ui.html334
#180 /miscadmin330
#181 /busca329
#182 /file2.php329
#183 /swagger/swagger-ui.html324
#184 /pagamento/mercadopago/ipn.php321
#185 /login.action321
#186 /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application319
#187 /appWP/lab/wp-admin/css/colors/blue/blue.php318
#188 /a.php318
#189 /wp-content/style.php317
#190 /_all_dbs317
#191 /2020/wp-includes/wlwmanifest.xml317
#192 /wp-content/themes/style.php316
#193 /@vite/env315
#194 /manager.php309
#195 /mah.php307
#196 /fm.php306
#197 /php.php305
#198 /about304
#199 /wp-admin/style.php301
#200 /class-t.api.php299
#201 /wpc.php298
#202 /inter/ajax.php295
#203 /wp-content/themes/seotheme/db.php294
#204 /404testpage4525d2fdc291
#205 /api/v2/categories/64291
#206 /api/tokens291
#207 /wp-editor.php290
#208 /author-sitemap.xml289
#209 /blurbs.php286
#210 /files.php285
#211 /ioxi-o.php284
#212 /shop-2/page/15284
#213 /mail.php279
#214 /wp1/wp-includes/wlwmanifest.xml279
#215 /wp-content/plugins/hellopress/wp_mna.php278
#216 /zoo.php275
#217 /install273
#218 /shlo.php272
#219 /simple.php272
#220 /v2/api-docs270
#221 /default.php269
#222 /loja/login_layout.php268
#223 /loja/busca.php268
#224 /login/index.php264
#225 /wp-json/bbp-api/v1/users263
#226 /vu.php263
#227 /dropdown.php260
#228 /HNAP1260
#229 /en/AutoDiscover/autodiscover.xml260
#230 /uploads257
#231 /403.php256
#232 /w.php256
#233 /FPURL.xml256
#234 /v3/api-docs255
#235 /s/1313e2236313e20373e2538313/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties255
#236 /portal/.env254
#237 /themes.php249
#238 /wp-json/buddypress/v1/members249
#239 /404.php248
#240 /system_log.php248
#241 /ahax.php246
#242 /we.php246
#243 /admin/index.php243
#244 /.env.local243
#245 /4ec82611241
#246 /0x.php240
#247 /asasx.php240
#248 /config/aws.yml239
#249 /as.php238
#250 /wp-admin/index.php237
#251 /SistemaEAD_CPREM/login/index.php236
#252 /login.cgi229
#253 /pesca/login/index.php225
#254 /aab8224
#255 /wp-json/ldlms/v2/users224
#256 /lowpr.php222
#257 /aaa9222
#258 /edit.php221
#259 /build.php219
#260 /NewFile.php218
#261 /api/v2/customers/null218
#262 /ee.php218
#263 /api/v2/batch/1145217
#264 /api/v2/batch/1146217
#265 /radio.php217
#266 /kylin/api/user/authentication217
#267 /info213
#268 /file4.php212
#269 /my-account211
#270 /public/.env211
#271 /tinyfilemanager.php211
#272 /222.php210
#273 /0.php210
#274 /tplus/ajaxpro/RecoverPassword,App_Web_recoverpassword.aspx.cdcab7d2.ashx210
#275 /test/wp-includes/wlwmanifest.xml209
#276 /phpversion.php209
#277 /libs/granite/core/content/login.html/j_security_check208
#278 /wp-content/plugins/one_images_user/one_images_user.php207
#279 /sites/web_vhost_domain_list.php205
#280 /wp-content/plugins/one_images_usder/oned_images_user.php204
#281 /dex.php203
#282 /evox/about201
#283 /doc.php200
#284 /a2.php200
#285 /oauth/token200
#286 /sdk199
#287 /.git/credentials199
#288 /api/v1/ranking198
#289 /post.php198
#290 /site/wp-includes/wlwmanifest.xml198
#291 /cms/wp-includes/wlwmanifest.xml197
#292 /undefined196
#293 /123.php196
#294 /central-de-atendimento/trocadevolucao196
#295 /getcfg.php193
#296 /.aws/credentials192
#297 /nc4.php192
#298 /user/login191
#299 /Form191
#300 /cp/.env191
#301 /ads/.env189
#302 /staticfiles/.env188
#303 /psnlink/.env187
#304 /App/.env187
#305 /Api/.env187
#306 /opt/.env187
#307 /images186
#308 /stag/.env186
#309 /theme/.env186
#310 /div/.env186
#311 /error/.env186
#312 /ftpmaster/.env186
#313 /public_html/.env185
#314 /old.env185
#315 /well-known/.env185
#316 /environments/local/.env184
#317 /gfile.php183
#318 /sitemap_index.xml183
#319 /.env.production183
#320 /wp-2019.php183
#321 /.env.bak183
#322 /.env-sample183
#323 /.env_bak183
#324 /inc/.env183
#325 /styles/.env183
#326 /scripts/.env183
#327 /environments/production/.env183
#328 /133.php182
#329 /fastlane/.env182
#330 /2.php181
#331 /api/v2/batch/162620181
#332 /api/v2/batch/162569181
#333 /api/v2/batch/162561181
#334 /api/v2/batch/162547181
#335 /api/v2/batch/162546181
#336 /api/v2/marketplace/sellers/566/orders/queue181
#337 /api/v2/batch/162545181
#338 /api/v2/batch/162531181
#339 /api/v2/batch/162529181
#340 /api/v2/batch/162525181
#341 /api/v2/batch/162453181
#342 /api/v2/marketplace/sellers/537/orders/queue181
#343 /api/v2/marketplace/sellers/615/orders/queue181
#344 /api/v2/batch/162432181
#345 /api/v2/batch/162431181
#346 /api/v2/batch/162208181
#347 /api/v2/batch/162131181
#348 /api/v2/batch/162130181
#349 /api/v2/batch/162115181
#350 /api/v2/batch/162113181
#351 /api/v2/batch/162009181
#352 /api/v2/batch/162008181
#353 /api/v2/batch/162007181
#354 /api/v2/batch/162003181
#355 /api/v2/batch/162001181
#356 /api/v2/batch/162000181
#357 /api/v2/batch/161997181
#358 /api/v2/batch/161990181
#359 /api/v2/batch/161989181
#360 /api/v2/batch/161988181
#361 /api/v2/batch/161981181
#362 /api/v2/batch/158339181
#363 /api/v2/batch/158226181
#364 /api/v2/batch/468701181
#365 /api/v2/batch/157927181
#366 /wp-cron181
#367 /api/v2/batch/461108181
#368 /api/v2/batch/3315181
#369 /api/v2/batch/461107181
#370 /api/v2/batch/467781181
#371 /api/v2/batch/310229181
#372 /api/v2/batch/461100181
#373 /api/v2/batch/467777181
#374 /api/v2/batch/464781181
#375 /api/v2/batch/461096181
#376 /api/v2/marketplace/sellers/534/orders/queue181
#377 /api/v2/products/1659370997181
#378 /index.html181
#379 /aku.php180
#380 /index/function.php180
#381 /api/v2/batch/162570180
#382 /api/v2/batch/162560180
#383 /api/v2/batch/162530180
#384 /api/v2/batch/162524180
#385 /api/v2/batch/162452180
#386 /api/v2/batch/162451180
#387 /api/v2/batch/162129180
#388 /api/v2/batch/161999180
#389 /api/v2/batch/161998180
#390 /api/v2/batch/161980180
#391 /api/v2/batch/161979180
#392 /api/v2/batch/161971180
#393 /api/v2/batch/161969180
#394 /api/v2/batch/161877180
#395 /api/v2/batch/161876180
#396 /api/v2/batch/161865180
#397 /api/v2/batch/161864180
#398 /api/v2/batch/161863180
#399 /api/v2/batch/161859180
#400 /api/v2/batch/161857180
#401 /api/v2/batch/161762180
#402 /api/v2/batch/161761180
#403 /api/v2/batch/161760180
#404 /api/v2/batch/161563180
#405 /api/v2/batch/161562180
#406 /api/v2/batch/161551180
#407 /api/v2/batch/161396180
#408 /api/v2/batch/160897180
#409 /api/v2/batch/160672180
#410 /api/v2/batch/160670180
#411 /api/v2/batch/160590180
#412 /api/v2/batch/160589180
#413 /api/v2/batch/160367180
#414 /api/v2/batch/160365180
#415 /api/v2/batch/160247180
#416 /api/v2/batch/160246180
#417 /api/v2/batch/160232180
#418 /api/v2/batch/160231180
#419 /api/v2/batch/160225180
#420 /api/v2/batch/160224180
#421 /api/v2/batch/159980180
#422 /api/v2/batch/159979180
#423 /api/v2/batch/159899180
#424 /api/v2/batch/159853180
#425 /api/v2/batch/159851180
#426 /api/v2/batch/159833180
#427 /api/v2/batch/159624180
#428 /api/v2/batch/159488180
#429 /api/v2/batch/159479180
#430 /api/v2/batch/159472180
#431 /api/v2/batch/159471180
#432 /api/v2/batch/159463180
#433 /api/v2/batch/159453180
#434 /api/v2/batch/159452180
#435 /api/v2/batch/159445180
#436 /api/v2/batch/159434180
#437 /api/v2/batch/159424180
#438 /api/v2/batch/159250180
#439 /api/v2/batch/159248180
#440 /api/v2/batch/159142180
#441 /api/v2/batch/159141180
#442 /api/v2/batch/159137180
#443 /api/v2/batch/159135180
#444 /api/v2/batch/159124180
#445 /api/v2/batch/159123180
#446 /api/v2/batch/159118180
#447 /api/v2/batch/430891180
#448 /api/v2/batch/158823180
#449 /api/v2/batch/158821180
#450 /api/v2/batch/158816180
#451 /api/v2/batch/470200180
#452 /api/v2/batch/158815180
#453 /api/v2/batch/158678180
#454 /api/v2/batch/430880180
#455 /api/v2/batch/470014180
#456 /api/v2/batch/470003180
#457 /api/v2/batch/468848180
#458 /api/v2/batch/430878180
#459 /api/v2/batch/430877180
#460 /api/v2/batch/430876180
#461 /api/v2/batch/158591180
#462 /api/v2/batch/430875180
#463 /api/v2/batch/158354180
#464 /api/v2/batch/158353180
#465 /api/v2/batch/158352180
#466 /api/v2/batch/158341180
#467 /api/v2/batch/468806180
#468 /api/v2/batch/468784180
#469 /api/v2/batch/430868180
#470 /api/v2/batch/468709180
#471 /api/v2/batch/468705180
#472 /api/v2/batch/157937180
#473 /api/v2/batch/468692180
#474 /api/v2/batch/157910180
#475 /api/v2/batch/468687180
#476 /api/v2/batch/468677180
#477 /api/v2/batch/468474180
#478 /api/v2/batch/157894180
#479 /api/v2/batch/468361180
#480 /api/v2/batch/468357180
#481 /api/v2/batch/1398180
#482 /api/v2/batch/1149180
#483 /api/v2/batch/1148180
#484 /api/v2/batch/1119180
#485 /api/v2/batch/1114180
#486 /api/v2/batch/1113180
#487 /api/v2/batch/1109180
#488 /api/v2/batch/1112180
#489 /api/v2/batch/461112180
#490 /api/v2/batch/467782180
#491 /api/v2/batch/310233180
#492 /api/v2/batch/162523180
#493 /api/v2/batch/162002180
#494 /register180
#495 /bak.php179
#496 /api/v2/batch/162619179
#497 /api/v2/batch/162571179
#498 /api/v2/batch/162562179
#499 /api/v2/batch/161970179
#500 /api/v2/batch/161875179


Data was last updated on: Oct 28, 2025



Logging Research

We love logs. In this section we will share some of the data we are parsing from our logs and honeypots we have live.

Trunc Logging

Logging for fun and a good night of sleep.

  • Real time search
  • Google simple
  • Cheap
  • Just works
  • PCI compliance
Trunc Research

Latest log-based threat analysis added.

Contact us!

Do you have an idea for a research that is not here? See something wrong? Contact us at support@noc.org

Tired of price gouging
  • Clear pricing
  • No need to guess
  • Real people
  • Real logging

Simple, Affordable, Log Management and Analysis.

14 days free trial. No credit card required.