[TOPF] Logwatch for h2361197.stratoserver.net (Linux)

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Sun Dec 12 04:42:04 2021 Date Range Processed: yesterday ( 2021-Dec-11 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 33:33 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 1 sites probed the server 23.250.19.242 Requests with error response codes 400 Bad Request null: 7 Time(s) mstshash=Administr: 5 Time(s) /: 4 Time(s) mstshash=Domain: 4 Time(s) //cgi-bin/login.cgi: 1 Time(s) //doc/page/login.asp: 1 Time(s) //favicon.ico: 1 Time(s) /cgi-bin/.%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/bin/bash: 1 Time(s) /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 1 Time(s) 7: 1 Time(s) 499 (undefined) /apple-touch-icon.png: 4 Time(s) /build/cover-styles-pack.fef3ca2736298be630a4.css: 3 Time(s) /build/constant.js: 2 Time(s) /js/mathjax-config-extra.js: 2 Time(s) /build/MathJax/MathJax.js: 1 Time(s) /build/emojify.js/dist/css/basic/emojify.min.css: 1 Time(s) /build/font-pack.fef3ca2736298be630a4.css: 1 Time(s) /build/index-styles.fef3ca2736298be630a4.css: 1 Time(s) /favicon.ico: 1 Time(s) /fonts/SourceSansPro-Regular.woff: 1 Time(s) /fonts/SourceSansPro-Semibold.woff: 1 Time(s) 500 Internal Server Error /: 25 Time(s) /.env: 8 Time(s) /robots.txt: 4 Time(s) /ecp/Current/exporttool/microsoft.exchange ... ool.application: 2 Time(s) /$%7Bjndi:ldap://http443path.kryptoslogic- ... /http443path%7D: 1 Time(s) /.well-known/security.txt: 1 Time(s) /_ignition/execute-solution: 1 Time(s) /actuator/health: 1 Time(s) /api/blog/5e09fe7d-84f5-4630-90c6-c0a838627227: 1 Time(s) /config.json: 1 Time(s) /debug/default/view?panel=config: 1 Time(s) /favicon.ico: 1 Time(s) /info.php: 1 Time(s) /owa/auth.owa: 1 Time(s) /owa/auth/logon.aspx: 1 Time(s) /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s) /owa/auth/x.js: 1 Time(s) /sitemap.xml: 1 Time(s) 502 Bad Gateway /1M3B801aTLa4jlAz2WbSrw/pdf: 1 Time(s) /D1lk7Eb3Squ7uGiIXiErNg/pdf: 1 Time(s) /siegen17/pdf: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfA_vU: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfA_zn: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfB097: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfB0DQ: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfB0QO: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfB0T2: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfB0hQ: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfB0ih: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfB0xD: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfB0yJ: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfB1Bx: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfB1CC: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfB1RZ: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfB1TB: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfB1hB: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfB1iv: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfB1wq: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfU4fq: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfU4nl: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfU4ou: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfU4sZ: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfU56O: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=NsfU5D4: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=Nsg1sq4: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=Nsg1t3i: 1 Time(s) /socket.io/?noteId=4AG--CNeRGKHHcKGVNMHvw& ... lling&t=Nsg1tJK: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB0-K: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB02j: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB04p: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB07s: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB0DP: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB0KY: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB0NI: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB0Sz: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB0U0: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB0ZU: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB0aK: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB0ct: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB0ih: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB0k7: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB0pZ: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB0q8: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB0sT: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB0z5: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB1-s: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB14E: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB159: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB167: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB1DN: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB1ES: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB1KI: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB1Lo: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB1MC: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB1UY: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB1Ua: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB1_n: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB1aO: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB1bP: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB1bu: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB1ke: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB1lO: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB1q-: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB1rD: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB1rm: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB24k: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfB2GI: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfU4tj: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=NsfU4zr: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=Nsg1s-X: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=Nsg1s_j: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=Nsg1szA: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=Nsg1tEB: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=Nsg1tFr: 1 Time(s) /socket.io/?noteId=FrcS3CFURGOhH8IZnOVeEw& ... lling&t=Nsg1tUM: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (124.152.57.24): 34 Time(s) root (41.208.150.118): 33 Time(s) root (180.33.245.35.bc.googleusercontent.com): 31 Time(s) root (1.215.195.10): 30 Time(s) root (122.187.114.134): 24 Time(s) root (117.131.215.49): 21 Time(s) unknown (203.129.197.98): 21 Time(s) unknown (180.33.245.35.bc.googleusercontent.com): 19 Time(s) root (leased-line-93-191-100-124.telecom.by): 18 Time(s) root (120.220.236.56): 17 Time(s) unknown (1.215.195.10): 17 Time(s) unknown (124.152.57.24): 16 Time(s) root (203.129.197.98): 15 Time(s) root (120.195.23.26): 13 Time(s) unknown (120.220.236.56): 12 Time(s) root (178.128.28.51): 11 Time(s) root (static-47-181-159-172.lsan.ca.frontiernet.net): 10 Time(s) unknown (41.208.150.118): 10 Time(s) root (175.209.89.234): 9 Time(s) root (203.128.242.166): 9 Time(s) unknown (117.131.215.49): 9 Time(s) unknown (122.187.114.134): 8 Time(s) unknown (120.195.23.26): 7 Time(s) unknown (leased-line-93-191-100-124.telecom.by): 6 Time(s) unknown (175.209.89.234): 5 Time(s) unknown (178.128.28.51): 5 Time(s) unknown (203.128.242.166): 5 Time(s) unknown (static-47-181-159-172.lsan.ca.frontiernet.net): 4 Time(s) root (154.114.57.143): 3 Time(s) root (123.156.225.58): 2 Time(s) root (181.13.51.177): 2 Time(s) root (static.222.52.itcsa.net): 2 Time(s) unknown (123.156.225.58): 2 Time(s) unknown (181.13.51.177): 2 Time(s) unknown (h-155-4-0-67.a147.priv.bahnhof.se): 2 Time(s) unknown (lfbn-nan-1-1064-9.w90-12.abo.wanadoo.fr): 2 Time(s) unknown (s0106206a940dde53.cg.shawcable.net): 2 Time(s) root (164.90.203.55): 1 Time(s) root (219.145.61.20): 1 Time(s) unknown (141.98.10.63): 1 Time(s) unknown (146.185.79.101): 1 Time(s) unknown (154.8.226.52): 1 Time(s) unknown (46.161.27.162): 1 Time(s) Invalid Users: Unknown Account: 158 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 2 Miscellaneous warnings 10.139K Bytes accepted 10,382 10.139K Bytes sent via SMTP 10,382 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 2 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 2 Total 4xx Rejects 100.00% ======== ================================================== 28 Connections 12 Connections lost (inbound) 28 Disconnections 1 Removed from queue 1 Sent via SMTP 1 Illegal address syntax in SMTP command 4 SMTP dialog errors 1 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Failed logins from: 1.215.195.10: 30 times 35.245.33.180 (180.33.245.35.bc.googleusercontent.com): 31 times 41.208.150.118: 33 times 47.181.159.172 (static-47-181-159-172.lsan.ca.frontiernet.net): 10 times 93.191.100.124 (leased-line-93-191-100-124.telecom.by): 18 times 117.131.215.49: 21 times 120.195.23.26: 13 times 120.220.236.56: 17 times 122.187.114.134 (nsg-corporate-134.114.187.122.airtel.in): 24 times 123.156.225.58: 2 times 124.152.57.24: 34 times 154.114.57.143: 3 times 164.90.203.55: 1 time 175.209.89.234: 9 times 178.128.28.51: 11 times 181.13.51.177 (host-181-13-51-177.mendoza.gov.ar): 2 times 190.15.222.52 (static.222.52.itcsa.net): 2 times 203.128.242.166: 9 times 203.129.197.98: 15 times 219.145.61.20: 1 time Illegal users from: 2001:470:1:332::5: 1 time undef: 122 times 1.215.195.10: 17 times 35.245.33.180 (180.33.245.35.bc.googleusercontent.com): 19 times 41.208.150.118: 10 times 46.161.27.162: 1 time 47.181.159.172 (static-47-181-159-172.lsan.ca.frontiernet.net): 4 times 65.49.20.69 (scan-20.shadowserver.org): 1 time 68.147.15.24 (S0106206a940dde53.cg.shawcable.net): 2 times 90.12.249.9 (lfbn-nan-1-1064-9.w90-12.abo.wanadoo.fr): 2 times 93.191.100.124 (leased-line-93-191-100-124.telecom.by): 6 times 94.113.123.15 (ip-94-113-123-15.net.upcbroadband.cz): 2 times 117.131.215.49: 9 times 120.195.23.26: 7 times 120.220.236.56: 12 times 122.187.114.134 (nsg-corporate-134.114.187.122.airtel.in): 8 times 123.156.225.58: 2 times 124.152.57.24: 16 times 141.98.10.63: 1 time 146.185.79.101: 1 time 154.8.226.52: 1 time 155.4.0.67 (h-155-4-0-67.A147.priv.bahnhof.se): 2 times 175.209.89.234: 5 times 178.128.28.51: 5 times 181.13.51.177 (host-181-13-51-177.mendoza.gov.ar): 2 times 203.128.242.166: 5 times 203.129.197.98: 21 times ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop33257p1 394G 242G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################