################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Sat Sep 2 04:42:03 2023 Date Range Processed: yesterday ( 2023-Sep-01 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 35:34 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 193.35.18.27 -> mythicalstress.xyz:443: 2 Time(s) A total of 7 sites probed the server 1.164.164.68 101.36.106.208 107.170.241.19 109.205.213.114 179.43.191.194 18.134.248.132 205.210.31.137 Requests with error response codes 400 Bad Request null: 18 Time(s) mstshash=Administr: 12 Time(s) /: 7 Time(s) *: 3 Time(s) mythicalstress.xyz:443: 2 Time(s) /.env: 1 Time(s) /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%3 ... 5%%32%65/bin/sh: 1 Time(s) /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2 ... %2e/.%2e/bin/sh: 1 Time(s) \xB3v\x7F\xB6NT#\xD2~\x05\x5Cp\xB2\xF3\xB4 ... x00\x01\x02\x00: 1 Time(s) \xB9\xDB\x0CEN#5h[\xE4\xC5\x16\xF7wBr=\xB1: 1 Time(s) \xC0/\xC00\xC0+\xC0,\xCC\xA8\xCC\xA9\xC0\x ... x09\xC0\x14\xC0: 1 Time(s) \xDC\x9E\xE55\xC9}\xDA\xE8\xE5\xED\x024\xA ... x00\x01\x02\x00: 1 Time(s) ]\xA0\xC2\xFD\x9C\xAD\xB2\xB5a\x09b\xBD}\x ... x00\x01\x02\x00: 1 Time(s) ~\xBE\xD2\xDD\x1E\xF9f]\x18\xD2\xAB\x03\xB ... x09\xC0\x14\xC0: 1 Time(s) 500 Internal Server Error /: 28 Time(s) /.env: 5 Time(s) /.git/config: 4 Time(s) /favicon.ico: 3 Time(s) /+CSCOE+/logon.html: 2 Time(s) /admin/index.html: 2 Time(s) /cgi-bin/login.cgi: 2 Time(s) /index.html: 2 Time(s) /manage/account/login: 2 Time(s) /Public/home/js/check.js: 1 Time(s) /autodiscover/autodiscover.json?@zdi/Powershell: 1 Time(s) /cgi-bin/luci: 1 Time(s) /ecp/Current/exporttool/microsoft.exchange ... ool.application: 1 Time(s) /geoserver/web/: 1 Time(s) /login: 1 Time(s) /owa/auth/x.js: 1 Time(s) /version: 1 Time(s) /wp-config.php: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (198.211.100.121): 151 Time(s) unknown (159.223.203.211): 131 Time(s) unknown (159.223.195.135): 130 Time(s) root (84-255-204-251.static.t-2.net): 108 Time(s) root (67.207.81.228): 66 Time(s) root (zaor.de): 63 Time(s) root (41.77.84.69): 57 Time(s) root (42.96.44.200): 49 Time(s) unknown (68.183.84.209): 37 Time(s) unknown (185.161.248.200): 34 Time(s) unknown (2.59.254.244): 30 Time(s) unknown (193.201.9.109): 22 Time(s) root (2.59.254.244): 15 Time(s) root (68.183.84.209): 15 Time(s) root (193.187.175.239): 13 Time(s) root (185.161.248.200): 12 Time(s) root (95.179.252.232): 12 Time(s) unknown (141.98.11.11): 12 Time(s) unknown (141.98.11.90): 11 Time(s) root (31.41.244.61): 10 Time(s) root (141.98.11.11): 8 Time(s) root (141.98.11.90): 7 Time(s) root (193.201.9.109): 7 Time(s) root (118.220.252.143): 6 Time(s) root (182.105.160.206): 6 Time(s) root (185.224.128.142): 6 Time(s) root (190.97.232.101): 6 Time(s) unknown (185.224.128.187): 6 Time(s) unknown (vmi540422.contaboserver.net): 6 Time(s) unknown (31.41.244.61): 5 Time(s) unknown (31.41.244.62): 5 Time(s) root (31.41.244.62): 4 Time(s) unknown (81.17.22.115): 4 Time(s) root (157.230.49.63): 3 Time(s) root (61.100.180.44): 3 Time(s) root (159.223.195.135): 2 Time(s) root (159.223.203.211): 2 Time(s) root (185.224.128.187): 2 Time(s) unknown (103.66.82.14): 2 Time(s) unknown (112.173.174.97): 2 Time(s) unknown (xdsl-89-0-169-34.nc.de): 2 Time(s) uucp (193.201.9.109): 2 Time(s) backup (159.223.195.135): 1 Time(s) backup (159.223.203.211): 1 Time(s) bin (159.223.195.135): 1 Time(s) bin (159.223.203.211): 1 Time(s) mysql (141.98.11.11): 1 Time(s) nobody (141.98.11.11): 1 Time(s) postgres (2.59.254.244): 1 Time(s) postgres (68.183.84.209): 1 Time(s) root (190.97.232.102): 1 Time(s) root (190.97.232.103): 1 Time(s) root (212.70.149.2): 1 Time(s) unknown (121.146.113.247): 1 Time(s) unknown (212.70.149.2): 1 Time(s) Invalid Users: Unknown Account: 450 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 3 Miscellaneous warnings 10.869K Bytes accepted 11,130 10.869K Bytes sent via SMTP 11,130 ======== ================================================== 2 Accepted 100.00% -------- -------------------------------------------------- 2 Total 100.00% ======== ================================================== 52 Connections 15 Connections lost (inbound) 52 Disconnections 2 Removed from queue 2 Sent via SMTP 3 SMTP dialog errors 3 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 2 Time(s) Failed logins from: 2.59.254.244: 16 times 31.41.244.61: 10 times 31.41.244.62: 4 times 41.77.84.69: 57 times 42.96.44.200: 49 times 61.100.180.44: 3 times 67.207.81.228: 66 times 68.183.84.209: 16 times 84.255.204.251 (84-255-204-251.static.t-2.net): 108 times 95.179.252.232 (95.179.252.232.vultrusercontent.com): 12 times 118.220.252.143: 6 times 138.68.74.198 (zaor.de): 63 times 141.98.11.11 (axon-stall.riddlecamera.net): 10 times 141.98.11.90 (lighten.medyamol.com): 7 times 157.230.49.63: 3 times 159.223.195.135: 4 times 159.223.203.211: 4 times 182.105.160.206: 6 times 185.161.248.200: 12 times 185.224.128.142 (ihate.feds.kys): 6 times 185.224.128.187: 2 times 190.97.232.101: 6 times 190.97.232.102: 1 time 190.97.232.103: 1 time 193.187.175.239: 13 times 193.201.9.109: 9 times 198.211.100.121: 151 times 212.70.149.2: 1 time Illegal users from: 2001:470:1:fb5:dbb:8828:9fb2:46c2: 1 time undef: 178 times 2.59.254.244: 30 times 31.41.244.61: 5 times 31.41.244.62: 5 times 54.89.114.64 (ec2-54-89-114-64.compute-1.amazonaws.com): 1 time 64.62.197.164 (scan-41m.shadowserver.org): 1 time 68.183.84.209: 37 times 81.17.22.115 (hostedby.privatealps.net): 13 times 89.0.169.34 (xdsl-89-0-169-34.nc.de): 2 times 103.66.82.14: 2 times 112.173.174.97: 3 times 121.146.113.247: 3 times 141.98.11.11 (axon-stall.riddlecamera.net): 12 times 141.98.11.90 (lighten.medyamol.com): 11 times 144.91.80.18 (vmi540422.contaboserver.net): 6 times 159.223.195.135: 130 times 159.223.203.211: 131 times 185.161.248.200: 34 times 185.224.128.187: 6 times 193.201.9.109: 23 times 212.70.149.2: 1 time **Unmatched Entries** userauth_pubkey: unsupported public key algorithm: rsa-sha2-512 [preauth] : 66 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop47383p1 394G 243G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################