04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Mon Jan 17 04:42:04 2022
Date Range Processed: yesterday
( 2022-Jan-16 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [ 8:8 ]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
Connection attempts using mod_proxy:
45.132.125.251 -> 45.142.107.17:4444: 6 Time(s)
A total of 5 sites probed the server
178.128.92.53
185.196.220.54
193.3.19.72
209.141.54.110
222.186.59.201
Requests with error response codes
400 Bad Request
null: 7 Time(s)
45.142.107.17:4444: 6 Time(s)
mstshash=Domain: 4 Time(s)
/: 2 Time(s)
/.env: 2 Time(s)
/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 2 Time(s)
%q\xFD\x01~: 1 Time(s)
(-\x83\x7F\xCB\xFC8\x8E\x22\xFA\xCE\xF4\x8 ... C0$\xC0\x14\xC0: 1 Time(s)
/../.git/HEAD: 1 Time(s)
/evox/about: 1 Time(s)
/manager/text/list: 1 Time(s)
/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/: 1 Time(s)
\x06\xEA0\xDF;\xB0\xCC)\xAA\xE6y8\x02\xE7\ ... x09\xC0\x13\xC0: 1 Time(s)
\x5Cxbf\x5Cx02\x5Cx00\x5Cx88\x5Cx13\x5Cx00 ... \x5Cx9e\x5Cx16E: 1 Time(s)
mstshash=Administr: 1 Time(s)
zapf.in: 1 Time(s)
500 Internal Server Error
/: 25 Time(s)
/.env: 6 Time(s)
/index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 2 Time(s)
/mifs/.;/services/LogService: 2 Time(s)
/.git/HEAD: 1 Time(s)
/?XDEBUG_SESSION_START=phpstorm: 1 Time(s)
/Autodiscover/Autodiscover.xml: 1 Time(s)
/HNAP1: 1 Time(s)
/_ignition/execute-solution: 1 Time(s)
/actuator/health: 1 Time(s)
/cgi-bin/config.exp: 1 Time(s)
/ecp/Current/exporttool/microsoft.exchange ... ool.application: 1 Time(s)
/evox/about: 1 Time(s)
/favicon.ico: 1 Time(s)
/owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s)
/robots.txt: 1 Time(s)
/sdk: 1 Time(s)
/text4041642298221: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (134.17.17.32): 30 Time(s)
root (146.56.205.217): 30 Time(s)
root (43.134.224.49): 30 Time(s)
root (61.97.187.216): 30 Time(s)
root (80.240.36.145): 30 Time(s)
root (p54b2b620.dip0.t-ipconnect.de): 30 Time(s)
root (vmi764784.contaboserver.net): 30 Time(s)
root (111.47.118.217): 27 Time(s)
root (104.248.160.14): 23 Time(s)
root (182.61.52.57): 19 Time(s)
root (114.242.245.42): 18 Time(s)
root (221.122.73.130): 18 Time(s)
root (fixed-187-188-102-9.totalplay.net): 14 Time(s)
root (181.13.51.177): 12 Time(s)
root (200.66.77.178): 10 Time(s)
root (113.120.62.35): 8 Time(s)
root (113.128.36.144): 8 Time(s)
root (122.4.47.33): 8 Time(s)
root (36.110.114.42): 5 Time(s)
root (122.194.229.64): 2 Time(s)
root (61.177.172.175): 2 Time(s)
unknown (78-61-231-16.static.zebra.lt): 2 Time(s)
root (112.85.42.13): 1 Time(s)
root (113.128.33.63): 1 Time(s)
root (170.245.14.173): 1 Time(s)
root (180.250.115.121): 1 Time(s)
root (180.250.248.169): 1 Time(s)
root (181.23.75.28): 1 Time(s)
root (218.21.242.89): 1 Time(s)
root (221.195.1.201): 1 Time(s)
root (23.247.33.61): 1 Time(s)
root (27.254.46.67): 1 Time(s)
root (61.177.172.60): 1 Time(s)
root (62.233.50.133): 1 Time(s)
unknown (176.111.173.218): 1 Time(s)
unknown (185.209.0.21): 1 Time(s)
unknown (31.7.57.130): 1 Time(s)
unknown (62.233.50.133): 1 Time(s)
unknown (70.166.167.42): 1 Time(s)
Invalid Users:
Unknown Account: 7 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
9.827K Bytes accepted 10,063
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
7 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
7 Total 4xx Rejects 100.00%
======== ==================================================
89 Connections
20 Connections lost (inbound)
89 Disconnections
1 Removed from queue
1 Sent via SMTP
20 Timeouts (inbound)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Failed logins from:
23.247.33.61: 1 time
27.254.46.67: 1 time
36.110.114.42 (42.114.110.36.static.bjtelecom.net): 5 times
43.134.224.49: 30 times
61.97.187.216: 30 times
61.177.172.60: 1 time
61.177.172.175: 4 times
62.233.50.133: 1 time
80.240.36.145 (krsk-1-br001.ipoe.sibttk.net): 30 times
84.178.182.32 (p54b2b620.dip0.t-ipconnect.de): 30 times
104.248.160.14: 23 times
111.47.118.217: 27 times
112.85.42.13: 1 time
113.120.62.35: 8 times
113.128.33.63: 1 time
113.128.36.144: 8 times
114.242.245.42: 18 times
122.4.47.33 (33.47.4.122.broad.jn.sd.dynamic.163data.com.cn): 8 times
122.194.229.64: 6 times
134.17.17.32: 30 times
146.56.205.217: 30 times
161.97.169.203 (vmi764784.contaboserver.net): 30 times
170.245.14.173 (neorede.com.br): 1 time
180.250.115.121: 1 time
180.250.248.169: 1 time
181.13.51.177 (host-181-13-51-177.mendoza.gov.ar): 12 times
181.23.75.28 (181-23-75-28.speedy.com.ar): 1 time
182.61.52.57: 19 times
187.188.102.9 (fixed-187-188-102-9.totalplay.net): 14 times
200.66.77.178 (178.77.66.200.in-addr.arpa): 10 times
218.21.242.89: 1 time
221.122.73.130 (mx-lt49-130.meituan.com): 18 times
221.195.1.201: 1 time
Illegal users from:
2001:470:1:332::6: 1 time
undef: 7 times
31.7.57.130 (srv1.mailserver.to): 1 time
62.233.50.133: 1 time
65.49.20.69 (scan-20.shadowserver.org): 1 time
70.166.167.42: 1 time
78.61.231.16 (78-61-231-16.static.zebra.lt): 2 times
154.89.5.80: 1 time
176.111.173.218: 1 time
185.209.0.21: 1 time
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/ploop33257p1 394G 242G 132G 65% /
none 4.0G 0 4.0G 0% /dev
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################