04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Sun Jul 18 04:42:05 2021
Date Range Processed: yesterday
( 2021-Jul-17 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [163:163]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
Connection attempts using mod_proxy:
222.186.19.235 -> zapf.wiki:443: 2 Time(s)
A total of 9 sites probed the server
139.162.145.250
20.106.32.146
209.141.41.98
209.141.54.8
210.57.245.109
222.186.19.235
62.210.140.247
66.240.205.34
85.215.248.161
Requests with error response codes
400 Bad Request
null: 12 Time(s)
/: 8 Time(s)
/admin/config.php: 2 Time(s)
/socket.io/?noteId=features&EIO=3&transpor ... LVC4xYUAxAQAAHF: 2 Time(s)
/socket.io/?noteId=features&EIO=3&transpor ... qcHbjPXjNkAAAHH: 2 Time(s)
/socket.io/?noteId=iZB2f8wtRMeJ6owFwyWDlw& ... dKTzVwhGAJ0AAHJ: 2 Time(s)
/w00tw00t.at.ISC.SANS.DFind:): 2 Time(s)
http://fuwu.sogou.com/404/index.html: 2 Time(s)
zapf.wiki:443: 2 Time(s)
/bag2: 1 Time(s)
/config/getuser?index=0: 1 Time(s)
/socket.io/?noteId=iZB2f8wtRMeJ6owFwyWDlw& ... 8KwNSEYbb1dAAHK: 1 Time(s)
/socket.io/?noteId=iZB2f8wtRMeJ6owFwyWDlw& ... AyJ6oSxcDxHAAHC: 1 Time(s)
/socket.io/?noteId=iZB2f8wtRMeJ6owFwyWDlw& ... KT-c2bXN4ZkAAHE: 1 Time(s)
/socket.io/?noteId=iZB2f8wtRMeJ6owFwyWDlw& ... SYwBdP6f7jjAAHL: 1 Time(s)
/socket.io/?noteId=iZB2f8wtRMeJ6owFwyWDlw& ... nf1juXaLEXLAAHD: 1 Time(s)
F,b\xFF\xB9\xD2\xE9up;6\xF1\xEC\xCB\x17\xE ... x09\xC0\x14\xC0: 1 Time(s)
HTTP/1.0: 1 Time(s)
403 Forbidden
/temp: 1 Time(s)
404 Not Found
/robots.txt: 30 Time(s)
/wp-login.php: 18 Time(s)
/xmlrpc.php: 3 Time(s)
/sites/default/files/2009_WiSe_M%C3%BCnchen.pdf: 2 Time(s)
/%7C: 1 Time(s)
/.env: 1 Time(s)
/.git/config: 1 Time(s)
//2019/wp-includes/wlwmanifest.xml: 1 Time(s)
//2020/wp-includes/wlwmanifest.xml: 1 Time(s)
//blog/wp-includes/wlwmanifest.xml: 1 Time(s)
//cms/wp-includes/wlwmanifest.xml: 1 Time(s)
//news/wp-includes/wlwmanifest.xml: 1 Time(s)
//shop/wp-includes/wlwmanifest.xml: 1 Time(s)
//site/wp-includes/wlwmanifest.xml: 1 Time(s)
//sito/wp-includes/wlwmanifest.xml: 1 Time(s)
//test/wp-includes/wlwmanifest.xml: 1 Time(s)
//web/wp-includes/wlwmanifest.xml: 1 Time(s)
//website/wp-includes/wlwmanifest.xml: 1 Time(s)
//wordpress/wp-includes/wlwmanifest.xml: 1 Time(s)
//wp-includes/wlwmanifest.xml: 1 Time(s)
//wp/wp-includes/wlwmanifest.xml: 1 Time(s)
//wp1/wp-includes/wlwmanifest.xml: 1 Time(s)
//wp2/wp-includes/wlwmanifest.xml: 1 Time(s)
//xmlrpc.php?rsd: 1 Time(s)
/datenschutz: 1 Time(s)
/neuigkeiten/einladung-zapf-sose2011: 1 Time(s)
/sites/default/files/2009_SoSe_G%C3%B6ttingen.pdf: 1 Time(s)
/verein%7C: 1 Time(s)
/verein/satzung/%7CSatzung: 1 Time(s)
/verein/vorstand/%7C: 1 Time(s)
/wordpress/wp-admin/: 1 Time(s)
/wp-content/plugins/wp-file-manager/lib/files/: 1 Time(s)
/zapf/geschaeftsordnung: 1 Time(s)
499 (undefined)
/socket.io/?noteId=features&EIO=3&transpor ... 6hMHa6pHcqoAAHI: 1 Time(s)
/socket.io/?noteId=features&EIO=3&transpor ... LVC4xYUAxAQAAHF: 1 Time(s)
/socket.io/?noteId=features&EIO=3&transpor ... qcHbjPXjNkAAAHH: 1 Time(s)
/socket.io/?noteId=iZB2f8wtRMeJ6owFwyWDlw& ... 8KwNSEYbb1dAAHK: 1 Time(s)
/socket.io/?noteId=iZB2f8wtRMeJ6owFwyWDlw& ... AyJ6oSxcDxHAAHC: 1 Time(s)
/socket.io/?noteId=iZB2f8wtRMeJ6owFwyWDlw& ... KT-c2bXN4ZkAAHE: 1 Time(s)
/socket.io/?noteId=iZB2f8wtRMeJ6owFwyWDlw& ... SYwBdP6f7jjAAHL: 1 Time(s)
/socket.io/?noteId=iZB2f8wtRMeJ6owFwyWDlw& ... dKTzVwhGAJ0AAHJ: 1 Time(s)
/socket.io/?noteId=iZB2f8wtRMeJ6owFwyWDlw& ... inzlXpfdirJAAHM: 1 Time(s)
/socket.io/?noteId=iZB2f8wtRMeJ6owFwyWDlw& ... nf1juXaLEXLAAHD: 1 Time(s)
500 Internal Server Error
/: 19 Time(s)
/.env: 3 Time(s)
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s)
/?XDEBUG_SESSION_START=phpstorm: 1 Time(s)
/Autodiscover/Autodiscover.xml: 1 Time(s)
/_ignition/execute-solution: 1 Time(s)
/actuator/health: 1 Time(s)
/api/jsonws/invoke: 1 Time(s)
/console/: 1 Time(s)
/ecp/Current/exporttool/microsoft.exchange ... ool.application: 1 Time(s)
/favicon.ico: 1 Time(s)
/index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s)
/mifs/.;/services/LogService: 1 Time(s)
/owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s)
/robots.txt: 1 Time(s)
/solr/: 1 Time(s)
/wp-content/plugins/wp-file-manager/readme.txt: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (137.116.224.184): 70 Time(s)
root (163.172.36.126): 70 Time(s)
root (191.98.186.218): 70 Time(s)
root (20.37.249.62): 70 Time(s)
root (206.189.151.151): 70 Time(s)
root (213.6.203.226): 70 Time(s)
root (62.234.157.228): 70 Time(s)
root (81.68.210.212): 70 Time(s)
root (dsl51b6fe7c.fixip.t-online.hu): 70 Time(s)
root (185.77.149.213): 69 Time(s)
root (182.61.17.16): 63 Time(s)
root (106.52.51.246): 62 Time(s)
root (213.174.106.178): 62 Time(s)
root (218.18.161.186): 62 Time(s)
root (154.74.130.69): 61 Time(s)
root (139.199.9.173): 57 Time(s)
root (134.209.122.111): 56 Time(s)
root (81.70.168.104): 52 Time(s)
root (89.128.127.18): 51 Time(s)
root (115.85.53.91): 50 Time(s)
root (123.207.23.50): 50 Time(s)
root (14.161.28.224): 50 Time(s)
root (167.99.44.117): 50 Time(s)
root (186.122.148.216): 50 Time(s)
root (202.77.105.98): 50 Time(s)
root (213.27.189.252): 50 Time(s)
root (37.18.101.246): 50 Time(s)
root (45.15.10.168): 50 Time(s)
root (a89-155-39-33.cpe.netcabo.pt): 50 Time(s)
root (111.229.209.34): 49 Time(s)
root (118.145.8.50): 49 Time(s)
root (201.238.215.131): 49 Time(s)
root (122.51.147.169): 48 Time(s)
root (106.13.87.145): 47 Time(s)
root (157.122.149.18): 47 Time(s)
root (106.12.204.202): 46 Time(s)
root (42.194.173.211): 46 Time(s)
root (128.199.193.246): 45 Time(s)
root (115.182.105.68): 41 Time(s)
root (180.167.0.102): 40 Time(s)
root (185.235.40.249): 40 Time(s)
root (210-71-232-236.hinet-ip.hinet.net): 38 Time(s)
root (154.92.19.12): 37 Time(s)
root (212.33.250.241): 36 Time(s)
root (157.245.189.95): 35 Time(s)
root (222.84.117.30): 35 Time(s)
root (92.188.123.185): 34 Time(s)
root (106.53.235.41): 33 Time(s)
root (49.247.208.128): 33 Time(s)
root (142.93.42.206): 30 Time(s)
root (200.123.180.49): 30 Time(s)
root (51.158.190.194): 30 Time(s)
root (82-64-117-122.subs.proxad.net): 30 Time(s)
root (221.226.39.202): 29 Time(s)
root (36.24.242.105): 28 Time(s)
root (121.227.16.206): 26 Time(s)
root (221.226.48.102): 26 Time(s)
root (123.58.5.243): 25 Time(s)
root (218.29.83.34): 25 Time(s)
root (103.152.79.161): 24 Time(s)
root (200.60.92.170): 24 Time(s)
root (211.144.221.226): 24 Time(s)
root (81.69.240.188): 24 Time(s)
root (119.45.60.204): 22 Time(s)
unknown (81.68.243.13): 20 Time(s)
root (112.78.188.194): 19 Time(s)
root (58.32.11.150): 19 Time(s)
unknown (141.98.10.29): 18 Time(s)
unknown (222.255.115.237): 16 Time(s)
root (138.197.197.147): 14 Time(s)
root (138.36.1.254): 14 Time(s)
root (41.215.138.42): 13 Time(s)
unknown (58.69.120.253): 12 Time(s)
root (222.255.115.237): 9 Time(s)
root (81.68.243.13): 9 Time(s)
unknown (106.53.235.41): 9 Time(s)
unknown (141.98.10.203): 9 Time(s)
unknown (205.185.125.109): 9 Time(s)
root (159.65.11.115): 8 Time(s)
root (37-128-119-195.static.ip.netia.com.pl): 8 Time(s)
root (141.98.10.56): 6 Time(s)
root (189.113.131.44): 6 Time(s)
unknown (141.98.10.56): 6 Time(s)
unknown (203.159.80.131): 6 Time(s)
unknown (45.146.165.72): 6 Time(s)
unknown (112.78.188.194): 5 Time(s)
root (183.15.204.222): 4 Time(s)
unknown (141.98.10.27): 4 Time(s)
unknown (176.111.173.156): 4 Time(s)
unknown (107.189.1.174): 3 Time(s)
unknown (107.189.1.181): 3 Time(s)
unknown (116.98.169.131): 3 Time(s)
unknown (138.197.1.180): 3 Time(s)
unknown (141.98.10.179): 3 Time(s)
unknown (143.244.169.230): 3 Time(s)
unknown (193.169.254.113): 3 Time(s)
unknown (205.185.125.24): 3 Time(s)
unknown (205.185.127.25): 3 Time(s)
root (141.98.10.27): 2 Time(s)
root (58.69.120.253): 2 Time(s)
unknown (171.235.84.13): 2 Time(s)
unknown (199.195.248.154): 2 Time(s)
unknown (45.135.232.165): 2 Time(s)
unknown (77.39.8.64): 2 Time(s)
unknown (n106-71-41-176.rdl2.qld.optusnet.com.au): 2 Time(s)
mysql (81.68.243.13): 1 Time(s)
nobody (45.135.232.165): 1 Time(s)
postgres (193.169.254.113): 1 Time(s)
postgres (222.255.115.237): 1 Time(s)
root (1.15.177.201): 1 Time(s)
root (104.244.78.233): 1 Time(s)
root (106.55.14.108): 1 Time(s)
root (111.21.99.227): 1 Time(s)
root (120.48.14.194): 1 Time(s)
root (157.245.53.23): 1 Time(s)
root (171.251.26.14): 1 Time(s)
root (176.111.173.156): 1 Time(s)
root (183.240.157.2): 1 Time(s)
root (185.190.181.3): 1 Time(s)
root (190.56.224.166): 1 Time(s)
root (203.159.80.131): 1 Time(s)
root (205.185.125.24): 1 Time(s)
root (27.115.50.114): 1 Time(s)
root (45.153.160.132): 1 Time(s)
root (52.237.83.226): 1 Time(s)
root (64.227.21.69): 1 Time(s)
root (mail.cdrossi.com): 1 Time(s)
root (tor-exit4-readme.dfri.se): 1 Time(s)
unknown (1.117.34.215): 1 Time(s)
unknown (171.251.26.14): 1 Time(s)
unknown (183.15.204.222): 1 Time(s)
Invalid Users:
Unknown Account: 164 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
6 Miscellaneous warnings
13.624K Bytes accepted 13,951
13.624K Bytes sent via SMTP 13,951
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
4 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
4 Total 4xx Rejects 100.00%
======== ==================================================
523 Connections
408 Connections lost (inbound)
523 Disconnections
1 Removed from queue
1 Sent via SMTP
45 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Network Read Write Errors: 1
Disconnecting after too many authentication failures for user:
root : 1 Time(s)
Failed logins from:
1.15.177.201: 1 time
14.161.28.224 (static.vnpt.vn): 50 times
20.37.249.62: 70 times
27.115.50.114: 1 time
36.24.242.105: 28 times
37.18.101.246: 50 times
37.128.119.195 (37-128-119-195.static.ip.netia.com.pl): 8 times
41.215.138.42: 13 times
42.194.173.211: 46 times
45.15.10.168: 50 times
45.135.232.165: 1 time
45.153.160.132: 1 time
49.247.208.128: 33 times
51.158.190.194 (194-190-158-51.instances.scw.cloud): 30 times
52.237.83.226: 1 time
58.32.11.150: 19 times
58.69.120.253 (58.69.120.253.pldt.net): 2 times
62.234.157.228: 70 times
64.227.21.69: 1 time
81.68.210.212: 70 times
81.68.243.13: 10 times
81.69.240.188: 24 times
81.70.168.104: 52 times
81.182.254.124 (dsl51B6FE7C.fixip.t-online.hu): 70 times
82.64.117.122 (82-64-117-122.subs.proxad.net): 30 times
89.128.127.18: 51 times
89.155.39.33 (a89-155-39-33.cpe.netcabo.pt): 50 times
92.188.123.185 (185.123.188.92.dynamic.ftth.abo.nordnet.fr): 34 times
103.152.79.161 (vps.braininfinity.in): 24 times
104.244.78.233 (This-is-a-tor-exit.ignorelist.com): 1 time
106.12.204.202: 46 times
106.13.87.145: 47 times
106.52.51.246: 62 times
106.53.235.41: 33 times
106.55.14.108: 1 time
111.21.99.227: 1 time
111.229.209.34: 49 times
112.78.188.194: 19 times
115.85.53.91 (91.53.85.115.dsl.service.static.eastern-tele.com): 50 times
115.182.105.68: 41 times
118.145.8.50: 49 times
119.45.60.204: 22 times
120.48.14.194: 1 time
121.227.16.206: 26 times
122.51.147.169: 48 times
123.58.5.243: 25 times
123.207.23.50: 50 times
128.199.193.246: 45 times
134.209.122.111: 56 times
137.116.224.184: 70 times
138.36.1.254 (138-36-1-254.texnet.net.br): 14 times
138.197.197.147: 14 times
139.199.9.173: 57 times
141.98.10.27: 2 times
141.98.10.56: 6 times
142.93.42.206: 30 times
154.74.130.69: 61 times
154.92.19.12: 37 times
157.122.149.18: 47 times
157.245.53.23: 1 time
157.245.189.95: 35 times
159.65.11.115: 8 times
163.172.36.126 (163-172-36-126.rev.poneytelecom.eu): 70 times
167.99.44.117: 50 times
171.25.193.78 (tor-exit4-readme.dfri.se): 1 time
171.251.26.14 (dynamic-ip-adsl.viettel.vn): 1 time
176.111.173.156: 1 time
180.167.0.102: 40 times
182.61.17.16: 63 times
183.15.204.222: 4 times
183.240.157.2: 1 time
185.77.149.213 (opticanext.ru): 69 times
185.190.181.3: 1 time
185.235.40.249: 40 times
186.122.148.216 (host216.186-122-148.telmex.net.ar): 50 times
189.113.131.44 (189-113-131-44.telecall.com.br): 6 times
190.56.224.166 (166.224.56.190.dynamic.intelnet.net.gt): 1 time
191.98.186.218 (mail.itsbullshirt.com): 70 times
193.169.254.113: 1 time
200.60.92.170: 24 times
200.69.141.210 (mail.cdrossi.com): 1 time
200.123.180.49 (relay.host4r.com.ar): 30 times
201.238.215.131 (static.201.238.215.131.gtdinternet.com): 49 times
202.77.105.98: 50 times
203.159.80.131: 1 time
205.185.125.24: 1 time
206.189.151.151: 70 times
210.71.232.236 (210-71-232-236.HINET-IP.hinet.net): 38 times
211.144.221.226 (221.226.dsnet): 24 times
212.33.250.241 (212x33x250x241.static-business.perm.ertelecom.ru): 36 times
213.6.203.226: 70 times
213.27.189.252: 50 times
213.174.106.178 (178-106-174-213.dsl.hubone.fr): 62 times
218.18.161.186: 62 times
218.29.83.34 (hn.kd.ny.adsl): 25 times
221.226.39.202: 29 times
221.226.48.102: 26 times
222.84.117.30: 35 times
222.255.115.237 (static.vnpt.vn): 10 times
Illegal users from:
undef: 78 times
1.117.34.215: 1 time
45.135.232.165: 2 times
45.146.165.72: 6 times
58.69.120.253 (58.69.120.253.pldt.net): 14 times
65.49.20.66 (scan-17.shadowserver.org): 1 time
77.39.8.64 (host-77-39-8-64.stavropol.ru): 2 times
81.68.243.13: 20 times
106.53.235.41: 9 times
106.71.41.176 (n106-71-41-176.rdl2.qld.optusnet.com.au): 2 times
107.189.1.174: 3 times
107.189.1.181: 3 times
112.78.188.194: 5 times
116.98.169.131 (dynamic-ip-adsl.viettel.vn): 3 times
138.197.1.180: 3 times
141.98.10.27: 4 times
141.98.10.29: 18 times
141.98.10.56: 6 times
141.98.10.179 (er.includeswitche.com): 3 times
141.98.10.203: 9 times
143.244.169.230: 3 times
171.235.84.13 (dynamic-adsl.viettel.vn): 2 times
171.251.26.14 (dynamic-ip-adsl.viettel.vn): 1 time
176.111.173.156: 4 times
183.15.204.222: 1 time
193.169.254.113: 3 times
199.195.248.154: 2 times
203.159.80.131: 6 times
205.185.125.24: 3 times
205.185.125.109: 9 times
205.185.127.25 (serveroperations.com): 3 times
222.255.115.237 (static.vnpt.vn): 16 times
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/ploop23974p1 394G 242G 132G 65% /
none 4.0G 0 4.0G 0% /dev
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
1556
days inactive
1556
days old
0 comments
1 participants
participants (1)
-
root@zapf.in