04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Mon Nov 8 04:42:04 2021
Date Range Processed: yesterday
( 2021-Nov-07 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [ 72:71 ]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 5 sites probed the server
161.35.238.241
167.71.102.95
172.105.77.209
212.192.241.51
68.183.35.135
Requests with error response codes
400 Bad Request
null: 9 Time(s)
/: 4 Time(s)
/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 3 Time(s)
/socket.io/?noteId=vtiGK5IARbm3GZ2zBzrhRg& ... 4ekcoPs_Pv2AAFr: 3 Time(s)
/ab2g: 2 Time(s)
/ab2h: 2 Time(s)
!\xF7:\xBD\x93\xA6f\xDC\xE8\xEC\xC2\x18\xB ... (\xC0#\xC0'\xC0: 1 Time(s)
/favicon.ico: 1 Time(s)
/index.php?s=/index/\x09hink\x07pp/invokef ... exec&vars[1][]=: 1 Time(s)
/manager/text/list: 1 Time(s)
/recordings: 1 Time(s)
/socket.io/?noteId=9Y_7R8SqQoatEKlnbsw7Kw& ... UKkQlzr9OMwAAFc: 1 Time(s)
/socket.io/?noteId=9Y_7R8SqQoatEKlnbsw7Kw& ... XpwWX7MXZNQAAFb: 1 Time(s)
/socket.io/?noteId=9Y_7R8SqQoatEKlnbsw7Kw& ... wSkK4vaP9OmAAFa: 1 Time(s)
/socket.io/?noteId=w1op49QpSGyk43xo0up_Aw& ... 4vuAxk2iQrIAAFW: 1 Time(s)
/socket.io/?noteId=w1op49QpSGyk43xo0up_Aw& ... L9bA8Z_Ab6PAAFX: 1 Time(s)
/socket.io/?noteId=w1op49QpSGyk43xo0up_Aw& ... VJDprX6b5-AAAFV: 1 Time(s)
/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/: 1 Time(s)
404 Not Found
//2018/wp-includes/wlwmanifest.xml: 1 Time(s)
//2019/wp-includes/wlwmanifest.xml: 1 Time(s)
//blog/wp-includes/wlwmanifest.xml: 1 Time(s)
//cms/wp-includes/wlwmanifest.xml: 1 Time(s)
//media/wp-includes/wlwmanifest.xml: 1 Time(s)
//news/wp-includes/wlwmanifest.xml: 1 Time(s)
//shop/wp-includes/wlwmanifest.xml: 1 Time(s)
//site/wp-includes/wlwmanifest.xml: 1 Time(s)
//sito/wp-includes/wlwmanifest.xml: 1 Time(s)
//test/wp-includes/wlwmanifest.xml: 1 Time(s)
//web/wp-includes/wlwmanifest.xml: 1 Time(s)
//website/wp-includes/wlwmanifest.xml: 1 Time(s)
//wordpress/wp-includes/wlwmanifest.xml: 1 Time(s)
//wp-includes/wlwmanifest.xml: 1 Time(s)
//wp/wp-includes/wlwmanifest.xml: 1 Time(s)
//wp1/wp-includes/wlwmanifest.xml: 1 Time(s)
//wp2/wp-includes/wlwmanifest.xml: 1 Time(s)
//xmlrpc.php?rsd: 1 Time(s)
/berlin/unterstuetzer/apple-touch-icon.png: 1 Time(s)
499 (undefined)
/socket.io/?noteId=9Y_7R8SqQoatEKlnbsw7Kw& ... Skl5pSdw46RAAFd: 1 Time(s)
/socket.io/?noteId=9Y_7R8SqQoatEKlnbsw7Kw& ... UKkQlzr9OMwAAFc: 1 Time(s)
/socket.io/?noteId=9Y_7R8SqQoatEKlnbsw7Kw& ... XpwWX7MXZNQAAFb: 1 Time(s)
/socket.io/?noteId=9Y_7R8SqQoatEKlnbsw7Kw& ... wSkK4vaP9OmAAFa: 1 Time(s)
/socket.io/?noteId=w1op49QpSGyk43xo0up_Aw& ... 4vuAxk2iQrIAAFW: 1 Time(s)
/socket.io/?noteId=w1op49QpSGyk43xo0up_Aw& ... KnMlUxzR_MdAAFY: 1 Time(s)
/socket.io/?noteId=w1op49QpSGyk43xo0up_Aw& ... L9bA8Z_Ab6PAAFX: 1 Time(s)
/socket.io/?noteId=w1op49QpSGyk43xo0up_Aw& ... VJDprX6b5-AAAFV: 1 Time(s)
500 Internal Server Error
/: 45 Time(s)
/.env: 4 Time(s)
/robots.txt: 4 Time(s)
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 4 Time(s)
/?XDEBUG_SESSION_START=phpstorm: 2 Time(s)
/Autodiscover/Autodiscover.xml: 2 Time(s)
/_ignition/execute-solution: 2 Time(s)
/api/jsonws/invoke: 2 Time(s)
/autodiscover/autodiscover.json?(a)evil.corp ... on%3F(a)evil.corp: 2 Time(s)
/console/: 2 Time(s)
/ecp/Current/exporttool/microsoft.exchange ... ool.application: 2 Time(s)
/index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 2 Time(s)
/mifs/.;/services/LogService: 2 Time(s)
/wp-content/plugins/wp-file-manager/readme.txt: 2 Time(s)
///libs/js/iframe.js: 1 Time(s)
//a2billing/customer/templates/default/footer.tpl: 1 Time(s)
/actuator/health: 1 Time(s)
/bag2: 1 Time(s)
/owa/: 1 Time(s)
/owa/auth/logon.aspx: 1 Time(s)
/owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s)
/owa/auth/x.js: 1 Time(s)
/recordings: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (152.136.198.176): 38 Time(s)
root (106.55.146.67): 37 Time(s)
root (42.193.19.16): 36 Time(s)
root (218.69.91.226): 35 Time(s)
root (123.207.167.21): 34 Time(s)
root (159.89.152.89): 34 Time(s)
root (178.62.123.167): 33 Time(s)
root (81.30.176.30): 32 Time(s)
root (188.131.146.4): 31 Time(s)
root (172-220-118-030.res.spectrum.com): 29 Time(s)
root (119.45.41.248): 27 Time(s)
root (139.186.200.77): 26 Time(s)
root (210.101.91.154): 25 Time(s)
root (5.141.85.82): 25 Time(s)
root (49.234.105.203): 24 Time(s)
root (42.194.164.108): 23 Time(s)
root (106.13.140.138): 22 Time(s)
unknown (5.141.85.82): 22 Time(s)
unknown (172-220-118-030.res.spectrum.com): 21 Time(s)
unknown (188.131.146.4): 19 Time(s)
root (139.198.123.106): 18 Time(s)
root (202.153.134.34.bc.googleusercontent.com): 18 Time(s)
root (167.172.230.14): 17 Time(s)
root (89-97-218-142.ip19.fastwebnet.it): 17 Time(s)
unknown (178.62.123.167): 17 Time(s)
root (1.202.77.126): 16 Time(s)
unknown (159.89.152.89): 16 Time(s)
root (188.166.240.30): 15 Time(s)
unknown (123.207.167.21): 15 Time(s)
unknown (218.69.91.226): 15 Time(s)
root (148.251.157.30): 14 Time(s)
root (167.71.210.244): 14 Time(s)
unknown (111.198.33.54): 13 Time(s)
unknown (42.193.19.16): 13 Time(s)
unknown (106.13.140.138): 11 Time(s)
unknown (106.55.146.67): 11 Time(s)
unknown (167.71.210.244): 11 Time(s)
unknown (81.30.176.30): 11 Time(s)
unknown (152.136.198.176): 10 Time(s)
unknown (188.166.240.30): 10 Time(s)
root (180.250.115.121): 9 Time(s)
unknown (119.45.41.248): 8 Time(s)
unknown (139.186.200.77): 8 Time(s)
unknown (210.101.91.154): 8 Time(s)
unknown (42.194.164.108): 8 Time(s)
unknown (89-97-218-142.ip19.fastwebnet.it): 8 Time(s)
root (h83-174-237-211.static.bashtel.ru): 7 Time(s)
root (smtp4.achtungumbedingt.de): 7 Time(s)
unknown (202.153.134.34.bc.googleusercontent.com): 7 Time(s)
unknown (1.202.77.126): 6 Time(s)
unknown (139.198.123.106): 6 Time(s)
unknown (148.251.157.30): 6 Time(s)
unknown (167.172.230.14): 6 Time(s)
unknown (176.111.173.237): 6 Time(s)
unknown (195.133.18.210): 6 Time(s)
root (111.198.33.54): 5 Time(s)
unknown (180.250.115.121): 5 Time(s)
root (202.3.183.188): 4 Time(s)
unknown (116.110.64.186): 4 Time(s)
unknown (117.7.122.163): 4 Time(s)
unknown (136.144.41.253): 4 Time(s)
unknown (141.98.10.82): 4 Time(s)
unknown (171.252.208.77): 4 Time(s)
unknown (202.3.183.188): 4 Time(s)
unknown (116.105.77.250): 3 Time(s)
unknown (116.110.99.56): 3 Time(s)
unknown (167.172.145.53): 3 Time(s)
unknown (2.56.59.39): 3 Time(s)
unknown (49.234.105.203): 3 Time(s)
unknown (94.232.46.202): 3 Time(s)
unknown (smtp4.achtungumbedingt.de): 3 Time(s)
postgres (51.15.197.4): 2 Time(s)
root (176.111.173.237): 2 Time(s)
unknown (116.102.106.92.dynamic.wline.res.cust.swisscom.ch): 2 Time(s)
unknown (116.110.223.93): 2 Time(s)
unknown (141.98.10.121): 2 Time(s)
unknown (141.98.10.60): 2 Time(s)
unknown (175.43.133.56): 2 Time(s)
unknown (176.111.173.218): 2 Time(s)
unknown (176.111.173.226): 2 Time(s)
unknown (203.228.100.41): 2 Time(s)
unknown (45.153.160.138): 2 Time(s)
unknown (51.15.197.4): 2 Time(s)
mailman (116.110.223.93): 1 Time(s)
mailman (139.198.123.106): 1 Time(s)
postgres (176.111.173.226): 1 Time(s)
root (116.105.77.250): 1 Time(s)
root (116.110.223.93): 1 Time(s)
root (117.197.2.106): 1 Time(s)
root (117.245.71.244): 1 Time(s)
root (157.47.245.23): 1 Time(s)
root (182.151.214.104): 1 Time(s)
root (211.220.27.191): 1 Time(s)
unknown (141.98.10.109): 1 Time(s)
unknown (45.153.160.135): 1 Time(s)
unknown (tor38.quintex.com): 1 Time(s)
Invalid Users:
Unknown Account: 371 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
1 Miscellaneous warnings
12.288K Bytes accepted 12,583
12.288K Bytes sent via SMTP 12,583
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
2 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
2 Total 4xx Rejects 100.00%
======== ==================================================
53 Connections
41 Connections lost (inbound)
53 Disconnections
1 Removed from queue
1 Sent via SMTP
1 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Failed logins from:
1.202.77.126 (126.77.202.1.static.bjtelecom.net): 16 times
5.141.85.82: 25 times
34.134.153.202 (202.153.134.34.bc.googleusercontent.com): 18 times
42.193.19.16: 36 times
42.194.164.108: 23 times
49.234.105.203: 24 times
51.15.197.4 (4-197-15-51.instances.scw.cloud): 2 times
81.30.176.30 (mail.tubrb.ru): 32 times
83.174.237.211 (h83-174-237-211.static.bashtel.ru): 7 times
89.97.218.142 (89-97-218-142.ip19.fastwebnet.it): 17 times
106.13.140.138: 22 times
106.55.146.67: 37 times
107.189.30.134 (smtp4.achtungumbedingt.de): 7 times
111.198.33.54: 5 times
116.105.77.250: 1 time
116.110.223.93: 2 times
117.197.2.106: 1 time
117.245.71.244: 1 time
119.45.41.248: 27 times
123.207.167.21: 34 times
139.186.200.77: 26 times
139.198.123.106: 19 times
148.251.157.30 (schuller-productions.de): 14 times
152.136.198.176: 38 times
157.47.245.23: 1 time
159.89.152.89: 34 times
167.71.210.244: 14 times
167.172.230.14 (bizdebthelpers.netssl): 17 times
172.220.118.30 (172-220-118-030.res.spectrum.com): 29 times
176.111.173.226: 1 time
176.111.173.237: 2 times
178.62.123.167: 33 times
180.250.115.121: 9 times
182.151.214.104: 1 time
188.131.146.4: 31 times
188.166.240.30: 15 times
202.3.183.188 (188-183-3-202-static.chief.net.tw): 4 times
210.101.91.154: 25 times
211.220.27.191: 1 time
218.69.91.226: 35 times
Illegal users from:
2001:470:1:c84::15: 1 time
undef: 252 times
1.202.77.126 (126.77.202.1.static.bjtelecom.net): 6 times
2.56.59.39 (branewsinfos.ddns.net): 3 times
5.141.85.82: 22 times
34.134.153.202 (202.153.134.34.bc.googleusercontent.com): 7 times
42.193.19.16: 13 times
42.194.164.108: 8 times
45.153.160.135: 1 time
45.153.160.138: 2 times
49.234.105.203: 3 times
51.15.197.4 (4-197-15-51.instances.scw.cloud): 2 times
65.49.20.68 (scan-19.shadowserver.org): 1 time
81.30.176.30 (mail.tubrb.ru): 11 times
89.97.218.142 (89-97-218-142.ip19.fastwebnet.it): 8 times
92.106.102.116 (116.102.106.92.dynamic.wline.res.cust.swisscom.ch): 2 times
94.232.46.202: 3 times
106.13.140.138: 11 times
106.55.146.67: 11 times
107.189.30.134 (smtp4.achtungumbedingt.de): 3 times
111.198.33.54: 13 times
116.105.77.250: 3 times
116.110.64.186: 4 times
116.110.99.56: 4 times
116.110.223.93: 2 times
117.7.122.163 (localhost): 4 times
119.45.41.248: 8 times
123.207.167.21: 15 times
136.144.41.253: 4 times
139.186.200.77: 8 times
139.198.123.106: 6 times
141.98.10.60: 2 times
141.98.10.82: 4 times
141.98.10.109: 1 time
141.98.10.121: 2 times
148.251.157.30 (schuller-productions.de): 6 times
152.136.198.176: 10 times
159.89.152.89: 16 times
167.71.210.244: 11 times
167.172.145.53: 3 times
167.172.230.14 (bizdebthelpers.netssl): 6 times
171.252.208.77 (dynamic-ip-adsl.viettel.vn): 4 times
172.220.118.30 (172-220-118-030.res.spectrum.com): 21 times
175.43.133.56: 2 times
176.111.173.218: 2 times
176.111.173.226: 2 times
176.111.173.237: 6 times
178.62.123.167: 17 times
180.250.115.121: 5 times
188.131.146.4: 19 times
188.166.240.30: 10 times
195.133.18.210: 6 times
199.249.230.87 (tor38.quintex.com): 1 time
202.3.183.188 (188-183-3-202-static.chief.net.tw): 4 times
203.228.100.41: 2 times
210.101.91.154: 8 times
218.69.91.226: 15 times
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/ploop33257p1 394G 242G 132G 65% /
none 4.0G 0 4.0G 0% /dev
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
1443
days inactive
1443
days old
0 comments
1 participants
participants (1)
-
root@zapf.in