################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Mon Jan 3 04:42:04 2022 Date Range Processed: yesterday ( 2022-Jan-02 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 19:18 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 34.86.55.141 -> 161.97.119.209:7144: 1 Time(s) 92.118.234.202 -> zapf.wiki:443: 5 Time(s) A total of 8 sites probed the server 145.239.154.82 145.239.154.84 159.223.66.215 165.22.239.78 172.104.140.107 185.44.81.176 193.37.255.114 46.101.229.75 Requests with error response codes 400 Bad Request null: 15 Time(s) zapf.wiki:443: 5 Time(s) /: 4 Time(s) mstshash=Domain: 4 Time(s) /phpmyadmin/scripts/setup.php: 3 Time(s) /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 2 Time(s) default.asp: 2 Time(s) /.env: 1 Time(s) /.git/config: 1 Time(s) /ab2g: 1 Time(s) /ab2h: 1 Time(s) /admin/config.php: 1 Time(s) /bag2: 1 Time(s) /favicon.ico: 1 Time(s) /manager/text/list: 1 Time(s) /sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/: 1 Time(s) 161.97.119.209:7144: 1 Time(s) 7: 1 Time(s) mstshash=Administr: 1 Time(s) 404 Not Found /: 1 Time(s) /berlin/bower_components/scrollmagic/scrol ... ollmagic.min.js: 1 Time(s) /konstanz/2016/tagung/impressum.html: 1 Time(s) /konstanz/2016/tagung/index.html: 1 Time(s) /konstanz/2016/tagung/unterstuetzer/Sponsoren.html: 1 Time(s) /konstanz/2016/unterstuetzer/impressum.html: 1 Time(s) /konstanz/2016/unterstuetzer/index.html: 1 Time(s) /konstanz/2016/unterstuetzer/tagung/programm.html: 1 Time(s) /konstanz/2016/unterstuetzer/willkommen/wasistdiezapf.html: 1 Time(s) /konstanz/2016/unterstuetzer/willkommen/wersindwir.html: 1 Time(s) /konstanz/2016/unterstuetzer/willkommen/willkommen.html: 1 Time(s) /konstanz/2016/willkommen/impressum.html: 1 Time(s) /konstanz/2016/willkommen/index.html: 1 Time(s) /konstanz/2016/willkommen/tagung/programm.html: 1 Time(s) /konstanz/2016/willkommen/unterstuetzer/Sponsoren.html: 1 Time(s) 500 Internal Server Error /: 25 Time(s) /.git/HEAD: 6 Time(s) /robots.txt: 6 Time(s) /.env: 5 Time(s) /.git/config: 2 Time(s) /?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB: 2 Time(s) /console/: 2 Time(s) /dns-query: 2 Time(s) /dns-query?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB: 2 Time(s) /ecp/Current/exporttool/microsoft.exchange ... ool.application: 2 Time(s) /query: 2 Time(s) /query?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB: 2 Time(s) /resolve: 2 Time(s) /resolve?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB: 2 Time(s) /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s) /./RestAPI/LogonCustomization: 1 Time(s) /.well-known/security.txt: 1 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /Autodiscover/Autodiscover.xml: 1 Time(s) /HNAP1/: 1 Time(s) /actuator/health: 1 Time(s) /admin/index.php?login: 1 Time(s) /favicon.ico: 1 Time(s) /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s) /mifs/.;/services/LogService: 1 Time(s) /owa/auth/logon.aspx: 1 Time(s) /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s) /owa/auth/x.js: 1 Time(s) /remote/login: 1 Time(s) /sitemap.xml: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (129.204.202.109): 36 Time(s) root (106.55.47.184): 35 Time(s) root (217.117.14.248): 31 Time(s) root (185.248.140.135): 28 Time(s) unknown (185.248.140.135): 21 Time(s) root (153.35.93.67): 18 Time(s) unknown (129.204.202.109): 14 Time(s) unknown (106.55.47.184): 13 Time(s) unknown (217.117.14.248): 13 Time(s) root (103.235.170.162): 12 Time(s) unknown (153.35.93.67): 12 Time(s) unknown (103.235.170.162): 11 Time(s) root (134.17.16.37): 9 Time(s) unknown (134.17.16.37): 9 Time(s) unknown (144.126.208.202): 6 Time(s) root (161.35.45.62): 4 Time(s) root (170.245.14.173): 4 Time(s) unknown (131.100.65.224): 2 Time(s) unknown (62.233.50.133): 2 Time(s) unknown (91.188.188.134): 2 Time(s) unknown (93-45-34-56.ip100.fastwebnet.it): 2 Time(s) unknown (dynamic-077-190-139-042.77.190.pool.telefonica.de): 2 Time(s) root (164.92.221.55): 1 Time(s) root (178.128.33.227): 1 Time(s) root (92.255.85.146): 1 Time(s) unknown (161.35.45.62): 1 Time(s) unknown (170.245.14.173): 1 Time(s) unknown (178.213.248.102): 1 Time(s) unknown (45.141.84.10): 1 Time(s) unknown (45.153.160.133): 1 Time(s) unknown (89.163.249.192): 1 Time(s) unknown (this-is-a-tor-node---10.artikel5ev.de): 1 Time(s) www-data (185.248.140.135): 1 Time(s) Invalid Users: Unknown Account: 116 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 6.601K Bytes accepted 6,759 6.601K Bytes sent via SMTP 6,759 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 1 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 1 Total 4xx Rejects 100.00% ======== ================================================== 96 Connections 2 Connections lost (inbound) 96 Disconnections 1 Removed from queue 1 Sent via SMTP ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Failed logins from: 92.255.85.146: 1 time 103.235.170.162: 12 times 106.55.47.184: 35 times 129.204.202.109: 36 times 134.17.16.37 (37-16-17-134-cloud.mts.by): 9 times 153.35.93.67: 18 times 161.35.45.62: 4 times 164.92.221.55: 1 time 170.245.14.173 (neorede.com.br): 4 times 178.128.33.227: 1 time 185.248.140.135 (shelp-app.de): 29 times 217.117.14.248: 31 times Illegal users from: 2001:470:1:c84::16: 1 time undef: 73 times 45.141.84.10: 1 time 45.153.160.133: 1 time 62.233.50.133: 2 times 64.62.197.152: 1 time 77.190.139.42 (dynamic-077-190-139-042.77.190.pool.telefonica.de): 2 times 89.163.249.192 (srv1116.dedicated.server-hosting.expert): 1 time 91.188.188.134 (ip-134.cifra1.ru): 2 times 93.45.34.56 (93-45-34-56.ip100.fastwebnet.it): 2 times 103.235.170.162: 11 times 106.55.47.184: 13 times 129.204.202.109: 14 times 131.100.65.224: 2 times 134.17.16.37 (37-16-17-134-cloud.mts.by): 9 times 144.126.208.202: 6 times 152.32.131.197: 1 time 153.35.93.67: 12 times 161.35.45.62: 1 time 170.245.14.173 (neorede.com.br): 1 time 172.104.140.107 (172-104-140-107.ip.linodeusercontent.com): 1 time 178.213.248.102: 1 time 185.170.114.25 (this-is-a-tor-node---10.artikel5ev.de): 1 time 185.248.140.135 (shelp-app.de): 21 times 217.117.14.248: 13 times **Unmatched Entries** fatal: Unable to negotiate a key exchange method [preauth] : 1 time(s) Protocol major versions differ for 172.104.140.107: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 vs. SSH-1.5-NmapNSE_1.0 : 1 time(s) Protocol major versions differ for 172.104.140.107: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 vs. SSH-1.5-Nmap-SSH1-Hostkey : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop33257p1 394G 242G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################