04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Sun Nov 21 04:42:04 2021
Date Range Processed: yesterday
( 2021-Nov-20 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [ 59:60 ]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 7 sites probed the server
121.61.108.4
172.104.131.24
195.133.18.100
209.141.53.177
3.9.135.6
43.132.102.2
66.240.205.34
Requests with error response codes
400 Bad Request
mstshash=Administr: 8 Time(s)
null: 7 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... ETkR-LvIUj5AAAW: 4 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... cgrcCTR7-e7AAAY: 4 Time(s)
/: 2 Time(s)
/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 2 Time(s)
/config/getuser?index=0: 2 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... HxnxsmVCbJXAAAg: 2 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... nT5hinX-Kq6AAAZ: 2 Time(s)
mstshash=Domain: 2 Time(s)
/.env: 1 Time(s)
/ab2g: 1 Time(s)
/ab2h: 1 Time(s)
/bag2: 1 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... 9UvTLdClhnqAAAf: 1 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... Cv5cUWpBTqwAAAj: 1 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... Gobeoh_5YZVAAAh: 1 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... QJiz3jsXoHiAAAi: 1 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... S2wIouMeoUOAAAe: 1 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... UtL1d6NOq43AAAa: 1 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... _G7qMPT5UDFAAAb: 1 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... mSKALBgU_ViAAAX: 1 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... swHHD690PIeAAAc: 1 Time(s)
\x9B\x95\xF7}\x1E\xBD\xBE\xBA\x8D-\xDA!H\x05n: 1 Time(s)
\xBF\x02\x00\x88\x13\x00\x00\x87\x00\x00\x ... 0\x00/\x9E\x16E: 1 Time(s)
499 (undefined)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... 9UvTLdClhnqAAAf: 1 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... Cv5cUWpBTqwAAAj: 1 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... ETkR-LvIUj5AAAW: 1 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... GiGjatCZbPCAAAd: 1 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... Gobeoh_5YZVAAAh: 1 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... HxnxsmVCbJXAAAg: 1 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... QJiz3jsXoHiAAAi: 1 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... S2wIouMeoUOAAAe: 1 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... UtL1d6NOq43AAAa: 1 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... _G7qMPT5UDFAAAb: 1 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... cgrcCTR7-e7AAAY: 1 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... mSKALBgU_ViAAAX: 1 Time(s)
/socket.io/?noteId=Z7JgFtprRTu4mj0ux-SJ3w& ... swHHD690PIeAAAc: 1 Time(s)
500 Internal Server Error
/: 27 Time(s)
/.env: 4 Time(s)
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 3 Time(s)
/console/: 2 Time(s)
/ecp/Current/exporttool/microsoft.exchange ... ool.application: 2 Time(s)
/mifs/.;/services/LogService: 2 Time(s)
/?XDEBUG_SESSION_START=phpstorm: 1 Time(s)
/Autodiscover/Autodiscover.xml: 1 Time(s)
/Telerik.Web.UI.WebResource.axd?type=rau: 1 Time(s)
/actuator/health: 1 Time(s)
/cgi-bin/config.exp: 1 Time(s)
/cluster/cluster: 1 Time(s)
/favicon.ico: 1 Time(s)
/index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s)
/nice%20ports%2C/Tri%6Eity.txt%2ebak: 1 Time(s)
/owa/auth/logon.aspx: 1 Time(s)
/owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s)
/owa/auth/x.js: 1 Time(s)
/remote/login: 1 Time(s)
/resolve?name=dnsscan.shadowserver.org&type=A: 1 Time(s)
/static/hadoop-st.png: 1 Time(s)
/users/sign_in: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (rustiq.eu): 98 Time(s)
root (159.65.140.76): 92 Time(s)
root (113.56.35.250): 40 Time(s)
root (134.73.184.37): 36 Time(s)
root (38.91.102.36): 36 Time(s)
root (49.235.78.105): 34 Time(s)
root (202.83.16.8): 20 Time(s)
root (116.247.81.99): 19 Time(s)
root (167.172.145.53): 17 Time(s)
root (206.189.206.212): 16 Time(s)
unknown (113.56.35.250): 16 Time(s)
root (81.70.142.15): 15 Time(s)
root (106.54.112.173): 14 Time(s)
unknown (134.73.184.37): 14 Time(s)
unknown (49.235.78.105): 14 Time(s)
unknown (38.91.102.36): 12 Time(s)
root (195.29.102.21): 11 Time(s)
unknown (202.83.16.8): 11 Time(s)
unknown (81.70.142.15): 11 Time(s)
root (121.4.95.102): 10 Time(s)
unknown (121.4.95.102): 10 Time(s)
unknown (195.29.102.21): 10 Time(s)
unknown (212.192.241.37): 10 Time(s)
unknown (106.54.112.173): 9 Time(s)
unknown (206.189.206.212): 8 Time(s)
unknown (116.247.81.99): 7 Time(s)
unknown (141.98.10.246): 7 Time(s)
unknown (141.98.10.63): 7 Time(s)
unknown (167.172.145.53): 7 Time(s)
unknown (176.111.173.238): 7 Time(s)
unknown (205.185.114.246): 6 Time(s)
root (94.232.46.202): 5 Time(s)
root (ip-88-152-124-243.hsi03.unitymediagroup.de): 5 Time(s)
unknown (176.111.173.237): 5 Time(s)
unknown (205.185.113.226): 5 Time(s)
unknown (209.141.33.121): 5 Time(s)
root (88.214.189.128): 4 Time(s)
unknown (141.98.10.60): 4 Time(s)
unknown (205.185.120.71): 3 Time(s)
unknown (205.185.123.252): 3 Time(s)
unknown (209.141.32.141): 3 Time(s)
unknown (209.141.44.165): 3 Time(s)
unknown (211-22-65-18.hinet-ip.hinet.net): 3 Time(s)
unknown (45.155.204.39): 3 Time(s)
unknown (smtp4.achtungumbedingt.de): 3 Time(s)
postgres (146.185.79.101): 2 Time(s)
root (112.33.16.34): 2 Time(s)
unknown (146.185.79.101): 2 Time(s)
unknown (179.43.187.36): 2 Time(s)
unknown (195.133.18.210): 2 Time(s)
unknown (199.76.38.123): 2 Time(s)
unknown (24-220-156-37-dynamic.midco.net): 2 Time(s)
mailman (49.235.78.105): 1 Time(s)
postgres (176.111.173.238): 1 Time(s)
root (103.219.204.75): 1 Time(s)
root (107.189.3.60): 1 Time(s)
root (128.199.27.179): 1 Time(s)
root (176.111.173.237): 1 Time(s)
root (176.111.173.238): 1 Time(s)
unknown (112.33.16.34): 1 Time(s)
unknown (128.199.27.179): 1 Time(s)
unknown (88.214.189.128): 1 Time(s)
unknown (ip-88-152-124-243.hsi03.unitymediagroup.de): 1 Time(s)
unknown (smtp17.mib360realestate.com): 1 Time(s)
Invalid Users:
Unknown Account: 221 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
1 Miscellaneous warnings
10.944K Bytes accepted 11,207
10.944K Bytes sent via SMTP 11,207
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
1 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
1 Total 4xx Rejects 100.00%
======== ==================================================
631 Connections
106 Connections lost (inbound)
631 Disconnections
1 Removed from queue
1 Sent via SMTP
2 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Failed logins from:
38.91.102.36: 36 times
46.101.129.22 (rustiq.eu): 98 times
49.235.78.105: 35 times
81.70.142.15: 15 times
88.152.124.243 (ip-88-152-124-243.hsi03.unitymediagroup.de): 5 times
88.214.189.128: 4 times
94.232.46.202: 5 times
103.219.204.75: 1 time
106.54.112.173: 14 times
107.189.3.60 (Tor-Exit-Node.233kun.cyou): 1 time
112.33.16.34: 2 times
113.56.35.250: 40 times
116.247.81.99: 19 times
121.4.95.102: 10 times
128.199.27.179: 1 time
134.73.184.37 (yours.ovatom.com): 36 times
146.185.79.101: 2 times
159.65.140.76: 92 times
167.172.145.53: 17 times
176.111.173.237: 1 time
176.111.173.238: 2 times
195.29.102.21: 11 times
202.83.16.8 (act20283168.broadband.actcorp.in): 20 times
206.189.206.212: 16 times
Illegal users from:
2001:470:1:c84::20: 1 time
undef: 113 times
24.220.156.37 (24-220-156-37-dynamic.midco.net): 2 times
38.91.102.36: 12 times
45.155.204.39: 3 times
49.235.78.105: 14 times
65.49.20.68 (scan-19.shadowserver.org): 1 time
81.70.142.15: 11 times
88.152.124.243 (ip-88-152-124-243.hsi03.unitymediagroup.de): 1 time
88.214.189.128: 1 time
106.54.112.173: 9 times
106.75.223.50: 1 time
107.189.30.134 (smtp4.achtungumbedingt.de): 3 times
112.33.16.34: 1 time
113.56.35.250: 16 times
116.247.81.99: 7 times
121.4.95.102: 10 times
128.199.27.179: 1 time
134.73.184.37 (yours.ovatom.com): 14 times
141.98.10.60: 4 times
141.98.10.63: 7 times
141.98.10.246 (while-alerte.flightcrown.com): 7 times
146.185.79.101: 2 times
167.172.145.53: 7 times
176.111.173.237: 5 times
176.111.173.238: 7 times
179.43.187.36: 2 times
195.29.102.21: 10 times
195.133.18.210: 2 times
199.76.38.123: 2 times
202.83.16.8 (act20283168.broadband.actcorp.in): 11 times
205.185.113.226 (admin.applr.top): 5 times
205.185.114.246: 6 times
205.185.119.40 (smtp17.mib360realestate.com): 1 time
205.185.120.71: 3 times
205.185.123.252: 3 times
206.189.206.212: 8 times
209.141.32.141 (smtp9.dfsfasfasf.xyz): 3 times
209.141.33.121: 5 times
209.141.44.165: 3 times
211.22.65.18 (211-22-65-18.hinet-ip.hinet.net): 3 times
212.192.241.37: 10 times
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/ploop33257p1 394G 242G 132G 65% /
none 4.0G 0 4.0G 0% /dev
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
1430
days inactive
1430
days old
0 comments
1 participants
participants (1)
-
root@zapf.in