Skip to main content
Shoggoth Industries - Security Blog
  1. Daily-Posts/

Report: 2025-08-17

·2205 words·
Repport Daily
Author
Shoggoth Industries
Table of Contents

Daily Report: 2025-08-17
#

Executive summary
#

interaction report on http service of various Hhoneypot around the world.

executive_summary
#

In today’s repport, we detected 0 stage 1 IP address(es), linked to 0 dropper URL(s).

There are 393 new requests that have never been observed before (these were added to the monitored request database.).

A total of 3811 requests were recorded during the day, originating from 0 different countries, with a peak of 3467 requests coming from GB.

ot_simplified_report
#

simplified report for medium-level interactions with honeypots that mimic industrial systems (web site loading, or interactions with the website), for more contact us on social@shoggoth.industries.

source_countrytargeted_country
GBGermany
GBDubai

botnet_dropper_behaviour
#

remote_addrrequest

request
#

The list of requests presented here are those that have not yet been yet integrated into the request database.

number_of_occurencerequest
9391GET /__debug HTTP/1.1
9401GET /__getcookie HTTP/1.1
9411GET /__nuxt_error HTTP/1.1
9421GET /__remix_devtools HTTP/1.1
9431GET /__remix_reload HTTP/1.1
9441GET /_blitz/ HTTP/1.1
9451GET /_blitz/auth/csrf-token HTTP/1.1
9461GET /_next/data/build-id/index.json HTTP/1.1
9471GET /_next/static/runtime/webpack.js HTTP/1.1
9481GET /_nuxt/ HTTP/1.1
9501GET /admin/metrics HTTP/1.1
9511GET /adonis-welcome HTTP/1.1
9521GET /api/_content HTTP/1.1
9531GET /api/auth/login HTTP/1.1
9541GET /api/auth/mutations/login HTTP/1.1
9551GET /api/auth/mutations/logout HTTP/1.1
9561GET /api/content-manager/content-types HTTP/1.1
9571GET /api/hello HTTP/1.1
9581GET /api/redwood/graphql/playground HTTP/1.1
9591GET /api/users-permissions/init HTTP/1.1
9601GET /api/users-permissions/roles HTTP/1.1
9611GET /actuator/info HTTP/1.1
9621GET /plc/hidden_admin HTTP/1.1
9631GET /plc/settings.old HTTP/1.1
9641GET /plc/webadmin/login HTTP/1.1
9651GET /remote_term.cgi HTTP/1.1
9661GET /rfid/panel.php HTTP/1.1
9671GET /rockwell/hmi/panelview HTTP/1.1
9681GET /rtu/admin.cgi HTTP/1.1
9691GET /rtu/crash.log HTTP/1.1
9701GET /scada/config.bak HTTP/1.1
9711GET /scada/raw_api?dump=true HTTP/1.1
9721GET /scada/webui/ HTTP/1.1
9731GET /.tmp/public/js/app.js HTTP/1.1
9741GET /serial_console HTTP/1.1
9751GET /siemens/automation/portal HTTP/1.1
9761GET /telemetry/data.sqlite3 HTTP/1.1
9771GET /telnet_login HTTP/1.1
9781GET /vehicle/diagnostics_prev.json HTTP/1.1
9791GET /vehicle/update-firmware.cgi HTTP/1.1
9801GET /webshell.cgi HTTP/1.1
9811GET /.quasar/client-manifest.json HTTP/1.1
9821GET /.redwood/api/graphql HTTP/1.1
9831GET /.redwood/functions/health HTTP/1.1
9841GET /.redwood/prisma/schema.prisma HTTP/1.1
9851GET /schneider/modicon/ HTTP/1.1
9861GET /sails.io.js HTTP/1.1
9871GET /server/api/config HTTP/1.1
9881GET /start/routes.js HTTP/1.1
9891GET /statics/ HTTP/1.1
9901GET /swagger HTTP/1.1
9931GET /.parcel-cache HTTP/1.1
9941GET /@fs/ HTTP/1.1
9951GET /@vite/client HTTP/1.1
9961GET /api/v1/auth/login HTTP/1.1
9971GET /REDUX_DEVTOOLS_EXTENSION HTTP/1.1
9981GET /VUE_DEVTOOLS_GLOBAL_HOOK HTTP/1.1
9991GET /mobx_devtools_global_hook HTTP/1.1
10001GET /__vite_ping HTTP/1.1
10011GET /__webpack_hmr HTTP/1.1
10021GET /_snowpack/hmr-client.js HTTP/1.1
10031GET /app.js.map HTTP/1.1
10041GET /app.svelte HTTP/1.1
10051GET /cypress.json HTTP/1.1
10061GET /devtools.js HTTP/1.1
10071GET /dist/index.html HTTP/1.1
10081GET /REACT_DEVTOOLS_GLOBAL_HOOK HTTP/1.1
10091GET /api/v1/health HTTP/1.1
10101GET /api/v1/user HTTP/1.1
10111GET /api/v2/ HTTP/1.1
10121GET /blueprints HTTP/1.1
10131GET /build/manifest.json HTTP/1.1
10141GET /config/app.js HTTP/1.1
10151GET /config/env/production.js HTTP/1.1
10161GET /config/koa.json HTTP/1.1
10171GET /config/local.js HTTP/1.1
10191GET /debug/console HTTP/1.1
10201GET /resources/views/welcome.edge HTTP/1.1
10211GET /docs-json HTTP/1.1
10221GET /entry.client.tsx HTTP/1.1
10231GET /hapi/plugin/list HTTP/1.1
10241GET /hapi/status HTTP/1.1
10251GET /internal/tools HTTP/1.1
10261GET /koa/healthz HTTP/1.1
10271GET /koa/middleware/debug HTTP/1.1
10281GET /koa/status HTTP/1.1
10291GET /logs/koa.log HTTP/1.1
10301GET /pages/api/[[…catchall]].js HTTP/1.1
10311GET /quasar.config.js HTTP/1.1
10321GET /docs HTTP/1.1
10331GET /bacnet/config.yml HTTP/1.1
10341GET /bluetooth/config.yaml HTTP/1.1
10351GET /bms/battery_settings.json HTTP/1.1
10361GET /camera/stream.m3u8 HTTP/1.1
10371GET /coap/endpoints.txt HTTP/1.1
10381GET /dhcpd.conf HTTP/1.1
10391GET /dnp3/settings.conf HTTP/1.1
10401GET /dnsmasq.conf HTTP/1.1
10411GET /doorlock/config.json HTTP/1.1
10421GET /fieldbus/settings.json HTTP/1.1
10431GET /opcua/webpanel HTTP/1.1
10441GET /grid/transformer_map.json HTTP/1.1
10451GET /historians/data.db HTTP/1.1
10461GET /ics/firewall.rules HTTP/1.1
10471GET /ids/suricata.yaml HTTP/1.1
10481GET /industrial/alarms.log HTTP/1.1
10491GET /iot/credentials.env HTTP/1.1
10501GET /iot/device_info.json HTTP/1.1
10511GET /iot/firmware_backup.tar.gz HTTP/1.1
10521GET /ips/snort.conf HTTP/1.1
10531GET /lorawan/config.json HTTP/1.1
10541GET /medical/device_config.yaml HTTP/1.1
10551GET /firewall/policy.conf HTTP/1.1
10561GET /credentials.yml HTTP/1.1
10571GET /index.php.swp HTTP/1.1
10581GET /.classpath HTTP/1.1
10591GET /.project HTTP/1.1
10601GET /Gruntfile.js HTTP/1.1
10611GET /Pipfile HTTP/1.1
10631GET /auth_token.txt HTTP/1.1
10671GET /avionics/system.conf HTTP/1.1
10711GET /routes.rb HTTP/1.1
10731GET /var/log/dev.log HTTP/1.1
10741GET /vendor/autoload.php HTTP/1.1
10751GET /vendor/composer/installed.json HTTP/1.1
10761GET /wp-content/plugins/hello-dolly/ HTTP/1.1
10771GET /wp-content/plugins/revslider/readme.txt HTTP/1.1
10781GET /wp-content/themes/twentytwentyone/style.css HTTP/1.1
10791GET /gulpfile.js HTTP/1.1
10801GET /debug_shell HTTP/1.1
10811GET /drone/fpvlive HTTP/1.1
10821GET /drone/mission_debug.yaml HTTP/1.1
10831GET /emerson/controlwave HTTP/1.1
10841GET /fieldbus/networks.ini.bak HTTP/1.1
10851GET /firmware/.config HTTP/1.1
10861GET /grid/transformer_map~.json HTTP/1.1
10871GET /hmi/backup.tar.gz HTTP/1.1
10881GET /hmi/login.jsp HTTP/1.1
10891GET /honeywell/trendview HTTP/1.1
10901GET /ics-dashboard/ HTTP/1.1
10911GET /modbus/config.yaml HTTP/1.1
10921GET /ics/network_map_old.png HTTP/1.1
10931GET /iot-cloud/api/keys HTTP/1.1
10941GET /iot-cloud/devices/list HTTP/1.1
10951GET /iot-cloud/logs/events.log HTTP/1.1
10961GET /iot-cloud/management/config.yaml HTTP/1.1
10971GET /iot/device_info.backup.json HTTP/1.1
10981GET /iot/diagnostic.cgi HTTP/1.1
10991GET /medical/device_config.yaml.bak HTTP/1.1
11001GET /modbus/logs/debug.log HTTP/1.1
11011GET /mqtt/broker.conf~ HTTP/1.1
11021GET /opcua/server.conf.bak HTTP/1.1
11031GET /ics/firmware.cgi?action=dump HTTP/1.1
11041GET /mqtt/broker.conf HTTP/1.1
11051GET /mqtt/topic_map.json HTTP/1.1
11061GET /ntp/ntp.conf HTTP/1.1
11071GET /pacemaker/settings.env HTTP/1.1
11081GET /powerplant/config.ini HTTP/1.1
11091GET /rfid/reader_config.json HTTP/1.1
11101GET /rockwell/rslinx.ini HTTP/1.1
11111GET /router/config.backup HTTP/1.1
11121GET /smartgrid/monitoring.yaml HTTP/1.1
11131GET /switch/startup-config HTTP/1.1
11141GET /telemetry/device_status.yaml HTTP/1.1
11151GET /cli_web/ HTTP/1.1
11161GET /telemetry/sensor_output.json HTTP/1.1
11171GET /api/device/config HTTP/1.1
11181GET /api/logs/export HTTP/1.1
11191GET /api/metrics HTTP/1.1
11201GET /api/ota/update HTTP/1.1
11211GET /api/sensors/stream HTTP/1.1
11221GET /api/system/reboot HTTP/1.1
11231GET /bms/battery_settings.json~ HTTP/1.1
11241GET /bms/charge_control.php HTTP/1.1
11251GET /camera/config.json?debug=1 HTTP/1.1
11261GET /camera/snapshot.jpg HTTP/1.1
11271GET /telemetry/logs.txt HTTP/1.1
11291GET /git/config HTTP/1.1
11381GET /index.dev.html HTTP/1.1
11511GET /photo/composer.json HTTP/1.1
11521GET /portal.cgi HTTP/1.1
11531GET /printer/config.ini HTTP/1.1
11541GET /printer/firmware/update.bin HTTP/1.1
11551GET /printer_settings.conf HTTP/1.1
11561GET /rom-0 HTTP/1.1
11571GET /router_settings.json HTTP/1.1
11581GET /setup_wizard.xml HTTP/1.1
11591GET /share.cgi HTTP/1.1
11601GET /status.cgi HTTP/1.1
11611GET /sysinfo.cgi HTTP/1.1
11631GET /usb_config.json HTTP/1.1
11641GET /userRpm/StatusRpm.htm HTTP/1.1
11651GET /web_access_log.txt HTTP/1.1
11661GET /webapi/entry.cgi HTTP/1.1
11671GET /webman/index.cgi HTTP/1.1
11681GET /webman/modules/Login/index.cgi HTTP/1.1
11741GET /system_log.txt HTTP/1.1
12041\x00\x0E8\xCA&\x13\xFC\x8E\x91s\xFF\x00\x00\x00\x00\x00
12161\xA0\x05\x00`\x00\x00\x00\x00{\x22%z\x19\x143\xE9{\x22%z\x19\x143\xE9\x05\x02\x00\x01\x00\x00\xA1\xAA
12221GET /Streaming/channels/1/httppreview HTTP/1.1
12231GET /accesscontrol/config.xml HTTP/1.1
12241GET /admin/login.cgi HTTP/1.1
12251GET /alarm-panel/index.html HTTP/1.1
12261GET /alarm/config.ini HTTP/1.1
12271GET /alarm/debug.cgi HTTP/1.1
12281GET /alarm/firmware.bin HTTP/1.1
12291GET /alarm/logs.txt HTTP/1.1
12301GET /alarm/settings.json HTTP/1.1
12311GET /alarm/status.cgi HTTP/1.1
12321GET /nas/login.cgi HTTP/1.1
12331GET /camera/config.ini HTTP/1.1
12341GET /camera/config.xml HTTP/1.1
12351GET /camera/liveview HTTP/1.1
12361GET /camera/settings.conf HTTP/1.1
12371GET /camera_feed HTTP/1.1
12381GET /cgi-bin/admin.cgi HTTP/1.1
12391GET /cgi-bin/configManager.cgi?action=getConfig&name=Network HTTP/1.1
12401GET /cgi-bin/get_stream_info.cgi HTTP/1.1
12411GET /cgi-bin/snapshot.cgi HTTP/1.1
12421GET /cgi-bin/video.cgi HTTP/1.1
12441GET /axis-cgi/mjpg/video.cgi HTTP/1.1
12451GET /jest.config.js HTTP/1.1
12461GET /logo192.png HTTP/1.1
12471GET /logo512.png HTTP/1.1
12481GET /main.js.map HTTP/1.1
12491GET /mock-api/ HTTP/1.1
12501GET /mockServiceWorker.js HTTP/1.1
12511GET /ngsw-worker.js HTTP/1.1
12521GET /ngsw.json HTTP/1.1
12531GET /polyfills.js HTTP/1.1
12541GET /runtime.js HTTP/1.1
12551GET /runtime.js.map HTTP/1.1
12561GET /ISAPI/Streaming/channels/101/picture HTTP/1.1
12571GET /snowpack.config.js HTTP/1.1
12581GET /sockjs-node/info HTTP/1.1
12591GET /solid.config.js HTTP/1.1
12601GET /src/App.svelte HTTP/1.1
12611GET /src/main.js HTTP/1.1
12621GET /static/js/bundle.js HTTP/1.1
12631GET /static/js/bundle.js.map HTTP/1.1
12651GET /vendor.js HTTP/1.1
12661GET /vendor.js.map HTTP/1.1
12671GET /vite.svg HTTP/1.1
12691GET /admin/config_backup.tar.gz HTTP/1.1
12701GET /api/auth.cgi HTTP/1.1
12711GET /backupsettings.conf HTTP/1.1
12721GET /brother/INFO/CONFIG HTTP/1.1
12741GET /cgi-bin/filemanager/utilRequest.cgi HTTP/1.1
12751GET /cgi-bin/printer/printconfig.html HTTP/1.1
12761GET /cgi-bin/webproc HTTP/1.1
12771GET /config/passwd HTTP/1.1
12781GET /config_report.xml HTTP/1.1
12791GET /currentsetting.htm HTTP/1.1
12801GET /controlpanel.cgi HTTP/1.1
12811GET /dev_info.cgi HTTP/1.1
12821GET /diagnostic.cgi HTTP/1.1
12831GET /eWS/settings.html HTTP/1.1
12841GET /etc/synoinfo.conf HTTP/1.1
12851GET /filemanager/file_share.cgi HTTP/1.1
12861GET /firmware_update.cgi HTTP/1.1
12871GET /hidden_admin_page.html HTTP/1.1
12881GET /hp/device/info_device.html HTTP/1.1
12891GET /hp/device/webAccessConfig.html HTTP/1.1
12901GET /html/status.html HTTP/1.1
12911GET /modules/AdminCenter/ HTTP/1.1
12921GET /debug_page.cgi HTTP/1.1
12941GET /default.htm HTTP/1.1
12961GET /dvr/config.json HTTP/1.1
12971GET /dvr/live_stream HTTP/1.1
12981GET /dvr/settings.xml HTTP/1.1
12991GET /image.jpg HTTP/1.1
13001GET /jpeg/image.jpg HTTP/1.1
13011GET /live/video.3gp HTTP/1.1
13021GET /nvr/config.cfg HTTP/1.1
13031GET /nvr/playback.cgi HTTP/1.1
13041GET /PRESENTATION/ADVANCED/ADVANCED.HTML HTTP/1.1
13051GET /onvif/device_service HTTP/1.1
13061GET /setup.cgi?next_file=netconf.htm HTTP/1.1
13071GET /snapshot.cgi HTTP/1.1
13081GET /system.ini HTTP/1.1
13091GET /system.ini?loginuse=&loginpas= HTTP/1.1
13101GET /video.flv HTTP/1.1
13111GET /video/stream.mjpg HTTP/1.1
13121GET /video_feed.cgi HTTP/1.1
13131GET /web/guest/image.jpg HTTP/1.1
13141GET /webman/info.cgi HTTP/1.1
13161GET /nvr/settings_backup.conf HTTP/1.1
21081GET /azure.yml HTTP/1.1
21091GET /azure.env HTTP/1.1
21101GET /minio/config.json HTTP/1.1
21111GET /minio/credentials.json HTTP/1.1
21121GET /minio.env HTTP/1.1
21131GET /minio/.env HTTP/1.1
21141GET /minio-bucket/ HTTP/1.1
21151GET /minio-buckets/ HTTP/1.1
21161GET /do/spaces/ HTTP/1.1
21171GET /do/space/ HTTP/1.1
21181GET /do/spaces/config.json HTTP/1.1
21201GET /do_spaces.env HTTP/1.1
21211GET /backblaze/ HTTP/1.1
21221GET /backblaze_b2/ HTTP/1.1
21231GET /b2/config.json HTTP/1.1
21241GET /b2/credentials.json HTTP/1.1
21251GET /b2_bucket/ HTTP/1.1
21261GET /b2_buckets/ HTTP/1.1
21271GET /linode/objstore/ HTTP/1.1
21281GET /linode/bucket/ HTTP/1.1
21291GET /linode/credentials.json HTTP/1.1
21301GET /wasabi/ HTTP/1.1
21311GET /wasabi/bucket/ HTTP/1.1
21321GET /do/spaces/credentials.json HTTP/1.1
21331GET /s3.key HTTP/1.1
21341GET /s3.secret HTTP/1.1
21351GET /aws/bucket/ HTTP/1.1
21361GET /aws/buckets/ HTTP/1.1
21371GET /aws/config/s3.json HTTP/1.1
21381GET /aws/s3/credentials HTTP/1.1
21391GET /aws/s3/env.env HTTP/1.1
21401GET /aws_s3_bucket/ HTTP/1.1
21411GET /aws_s3_config.json HTTP/1.1
21421GET /gcs/bucket/ HTTP/1.1
21431GET /gcs/buckets/ HTTP/1.1
21441GET /gcs/config.json HTTP/1.1
21451GET /azure_storage_account/ HTTP/1.1
21461GET /gcs.env HTTP/1.1
21471GET /google-cloud/storage/ HTTP/1.1
21481GET /google-cloud/buckets/ HTTP/1.1
21491GET /google_cloud_storage/ HTTP/1.1
21501GET /gcs.yaml HTTP/1.1
21511GET /gcs.key HTTP/1.1
21521GET /azure/blobs/ HTTP/1.1
21531GET /azure/container/ HTTP/1.1
21541GET /azure/containers/ HTTP/1.1
21551GET /azure/storage/config.json HTTP/1.1
21561GET /azure/storage/credentials.json HTTP/1.1
21571GET /azure_blob_storage/ HTTP/1.1
21581GET /gcs/credentials.json HTTP/1.1
21711GET /wasabi/config.json HTTP/1.1
21851GET /wasabi/credentials.json HTTP/1.1
21861GET /ceph/ HTTP/1.1
21871GET /ceph/radosgw/ HTTP/1.1
21881GET /ceph/bucket/ HTTP/1.1
21891GET /ceph/buckets/ HTTP/1.1
21901GET /ceph/config.json HTTP/1.1
21911GET /ceph/credentials.json HTTP/1.1
21921GET /oss/ HTTP/1.1
21931GET /aliyun/oss/ HTTP/1.1
21941GET /oss/bucket/ HTTP/1.1
21951GET /oss/buckets/ HTTP/1.1
21961GET /oss/config.json HTTP/1.1
21981GET /aliyun_oss_bucket/ HTTP/1.1
21991GET /aliyun_oss_config.json HTTP/1.1
22001GET /object-storage/ HTTP/1.1
22011GET /object_storage/ HTTP/1.1
22021GET /bucket.yml HTTP/1.1
22031GET /bucket.yaml HTTP/1.1
22041GET /storage/config.json HTTP/1.1
22051GET /storage/credentials.json HTTP/1.1
22101GET /oss/credentials.json HTTP/1.1
22221GET /s3.properties HTTP/1.1
22301\x00\x0E8\xF7M\x96\x96\x5C\x10\x89\x9A\x00\x00\x00\x00\x00
22471\xA0\x05\x00`\x00\x00\x00\x00X
22491\x00\x0E\x08_\xFF!\xCDu\xD7\xFE2\x00\x00\x00\x00\x00
22501\x00\x0E8_\xFF!\xCDu\xD7\xFE2\x00\x00\x00\x00\x00
22621GET /gcs/ HTTP/1.1
22631GET /gcp/storage/ HTTP/1.1
22641GET /azure/storage/ HTTP/1.1
22651GET /azure/blob/ HTTP/1.1
22661GET /minio/ HTTP/1.1
22671GET /digitalocean/spaces/ HTTP/1.1
22681GET /backblaze/b2/ HTTP/1.1
22691GET /linode/object-storage/ HTTP/1.1
22701GET /cloud/storage/ HTTP/1.1
22711GET /objectstorage/ HTTP/1.1
22721GET /data/bucket/ HTTP/1.1
22731GET /public-bucket/ HTTP/1.1
22751GET /bucket/.env HTTP/1.1
22761GET /bucket/config.json HTTP/1.1
22771GET /bucket/credentials.json HTTP/1.1
22791GET /s3/credentials HTTP/1.1
22801GET /s3/bucket.env HTTP/1.1
22811GET /s3/bucket/ HTTP/1.1
22821GET /s3/buckets/ HTTP/1.1
22831GET /s3/backup/ HTTP/1.1
22851GET /s3.yml HTTP/1.1
22861GET /s3.yaml HTTP/1.1
22871GET /private-bucket/ HTTP/1.1
23001GET /aws/s3/ HTTP/1.1
23081GET /s3/ HTTP/1.1
23091GET /bucket/ HTTP/1.1
23101GET /buckets/ HTTP/1.1
23111GET /storage/ HTTP/1.1
23121GET /storages/ HTTP/1.1

country_iso_code
#

number_of_occurencecountry_iso_code
03467GB
1120US
281BG
326NL
417ZA
516SC
615PL
712DE
86UA
95CN
105LT
115BR
125CA
134SG
143TR
153FR
162LV
172SA
182IN
192ES
202VN
211HK
221JP
231AM
241PH
251KR
261IR
271BE
281PA
291TH
301GR
311RU

Related

Report: 2025-08-16
·329 words
Repport Daily
Report: 2025-08-15
·2637 words
Repport Daily
Report: 2025-08-14
·253 words
Repport Daily