04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Tue Nov 2 04:42:05 2021
Date Range Processed: yesterday
( 2021-Nov-01 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [ 48:49 ]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
Connection attempts using mod_proxy:
185.53.90.24 -> zapf.wiki:443: 2 Time(s)
45.93.250.47 -> 45.93.250.59:4444: 9 Time(s)
A total of 13 sites probed the server
165.22.100.187
165.22.96.141
167.172.28.181
198.98.56.220
205.185.113.41
209.141.51.171
222.186.19.235
37.75.131.172
45.61.184.37
5.188.210.227
64.227.97.195
64.227.99.233
77.83.36.12
Requests with error response codes
400 Bad Request
null: 22 Time(s)
45.93.250.59:4444: 9 Time(s)
/ab2g: 6 Time(s)
/ab2h: 6 Time(s)
/: 2 Time(s)
/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 2 Time(s)
/config/getuser?index=0: 2 Time(s)
/socket.io/?noteId=LXfQG2qcTpSj_0d9YLsf0g& ... vJiDMD_g3oXAACq: 2 Time(s)
http://fuwu.sogou.com/404/index.html: 2 Time(s)
zapf.wiki:443: 2 Time(s)
/.well-known/security.txt: 1 Time(s)
/favicon.ico/: 1 Time(s)
/manager/html: 1 Time(s)
/robots.txt/: 1 Time(s)
/socket.io/?noteId=LXfQG2qcTpSj_0d9YLsf0g& ... X5goELxEvjDAACo: 1 Time(s)
/socket.io/?noteId=LXfQG2qcTpSj_0d9YLsf0g& ... r3RXWonAFJ7AACp: 1 Time(s)
/socket.io/?noteId=QINDkUdoTUiAjNuMAyw5OA& ... RrsD-tNkH86AACx: 1 Time(s)
/socket.io/?noteId=QINDkUdoTUiAjNuMAyw5OA& ... oIZvhuDNuqoAACw: 1 Time(s)
/socket.io/?noteId=QINDkUdoTUiAjNuMAyw5OA& ... tf_MGCZt_FuAACv: 1 Time(s)
/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/: 1 Time(s)
/w00tw00t.at.ISC.SANS.DFind:): 1 Time(s)
\x00\x00\x00\x00: 1 Time(s)
\xB9\xDB\x0CEN#5h[\xE4\xC5\x16\xF7wBr=\xB1: 1 Time(s)
499 (undefined)
/socket.io/?noteId=LXfQG2qcTpSj_0d9YLsf0g& ... HYXU9GFbyhzAACr: 1 Time(s)
/socket.io/?noteId=LXfQG2qcTpSj_0d9YLsf0g& ... X5goELxEvjDAACo: 1 Time(s)
/socket.io/?noteId=LXfQG2qcTpSj_0d9YLsf0g& ... r3RXWonAFJ7AACp: 1 Time(s)
/socket.io/?noteId=LXfQG2qcTpSj_0d9YLsf0g& ... vJiDMD_g3oXAACq: 1 Time(s)
/socket.io/?noteId=QINDkUdoTUiAjNuMAyw5OA& ... oIZvhuDNuqoAACw: 1 Time(s)
/socket.io/?noteId=QINDkUdoTUiAjNuMAyw5OA& ... tf_MGCZt_FuAACv: 1 Time(s)
500 Internal Server Error
/: 28 Time(s)
/.env: 3 Time(s)
/ecp/Current/exporttool/microsoft.exchange ... ool.application: 2 Time(s)
/owa/auth/logon.aspx: 2 Time(s)
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s)
///libs/js/iframe.js: 1 Time(s)
/?XDEBUG_SESSION_START=phpstorm: 1 Time(s)
/Autodiscover/Autodiscover.xml: 1 Time(s)
/CommPilot/Login/: 1 Time(s)
/GponForm/diag_Form?style/: 1 Time(s)
/Login/: 1 Time(s)
/_ignition/execute-solution: 1 Time(s)
/actuator/health: 1 Time(s)
/api/jsonws/invoke: 1 Time(s)
/auth/login/: 1 Time(s)
/console/: 1 Time(s)
/epa/scripts/win/nsepa_setup.exe: 1 Time(s)
/index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s)
/mifs/.;/services/LogService: 1 Time(s)
/owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s)
/owa/auth/x.js: 1 Time(s)
/remote/fgt_lang?lang=/../../../..//////// ... lvpn_websession: 1 Time(s)
/wp-content/plugins/wp-file-manager/readme.txt: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
unknown (81.70.32.82): 48 Time(s)
root (147.139.133.135): 40 Time(s)
root (82-65-158-207.subs.proxad.net): 38 Time(s)
root (213.6.130.133): 37 Time(s)
root (36.133.131.161): 36 Time(s)
root (128.199.103.239): 35 Time(s)
root (161.35.23.213): 35 Time(s)
root (46.101.138.138): 33 Time(s)
root (106.53.81.17): 31 Time(s)
root (45.55.36.216): 31 Time(s)
root (111.229.213.64): 30 Time(s)
root (110.188.68.110): 27 Time(s)
root (180.184.64.255): 27 Time(s)
root (183.134.78.94): 27 Time(s)
root (60.30.98.194): 26 Time(s)
root (203.113.167.3): 25 Time(s)
root (81.70.197.95): 25 Time(s)
unknown (81.70.197.95): 24 Time(s)
root (1.15.175.127): 22 Time(s)
root (111.175.186.150): 22 Time(s)
root (bl23-7-213.dsl.telepac.pt): 21 Time(s)
unknown (111.229.213.64): 20 Time(s)
unknown (106.53.81.17): 19 Time(s)
unknown (45.55.36.216): 19 Time(s)
root (115.236.52.122): 18 Time(s)
root (171.39.0.3): 18 Time(s)
unknown (60.30.98.194): 18 Time(s)
root (124.160.83.138): 17 Time(s)
root (1.116.206.11): 16 Time(s)
unknown (141.98.10.60): 15 Time(s)
unknown (161.35.23.213): 15 Time(s)
root (81.71.143.30): 14 Time(s)
unknown (128.199.103.239): 14 Time(s)
unknown (36.133.131.161): 14 Time(s)
unknown (46.101.138.138): 14 Time(s)
unknown (110.188.68.110): 13 Time(s)
unknown (183.134.78.94): 13 Time(s)
unknown (213.6.130.133): 13 Time(s)
root (112.216.122.83): 12 Time(s)
root (199.195.248.175): 12 Time(s)
root (61.33.108.252): 12 Time(s)
unknown (82-65-158-207.subs.proxad.net): 12 Time(s)
unknown (124.160.83.138): 10 Time(s)
root (103.133.94.18): 9 Time(s)
root (111-243-21-29.dynamic-ip.hinet.net): 9 Time(s)
root (193.112.108.135): 9 Time(s)
root (82.156.105.147): 9 Time(s)
unknown (1.15.175.127): 9 Time(s)
unknown (112.216.122.83): 9 Time(s)
unknown (147.139.133.135): 9 Time(s)
unknown (bl23-7-213.dsl.telepac.pt): 9 Time(s)
root (106.53.156.113): 8 Time(s)
unknown (111.175.186.150): 8 Time(s)
unknown (115.236.52.122): 8 Time(s)
unknown (141.98.10.109): 7 Time(s)
unknown (180.184.64.255): 7 Time(s)
root (119.147.184.22): 6 Time(s)
root (198.98.54.17): 6 Time(s)
unknown (103.133.94.18): 6 Time(s)
unknown (171.39.0.3): 6 Time(s)
root (106.54.164.19): 5 Time(s)
root (121.4.241.12): 5 Time(s)
unknown (111-243-21-29.dynamic-ip.hinet.net): 5 Time(s)
unknown (119.147.184.22): 5 Time(s)
unknown (193.112.108.135): 5 Time(s)
unknown (198.98.54.17): 5 Time(s)
unknown (82.156.105.147): 5 Time(s)
unknown (121.4.241.12): 4 Time(s)
unknown (141.98.10.63): 4 Time(s)
unknown (203.113.167.3): 4 Time(s)
unknown (61.33.108.252): 4 Time(s)
unknown (81.68.135.238): 4 Time(s)
unknown (81.71.143.30): 4 Time(s)
root (168.187.100.61): 3 Time(s)
root (176.111.173.218): 3 Time(s)
root (81.68.135.238): 3 Time(s)
unknown (1.116.206.11): 3 Time(s)
unknown (209.141.55.232): 3 Time(s)
unknown (36-227-141-15.dynamic-ip.hinet.net): 3 Time(s)
root (81.70.32.82): 2 Time(s)
unknown (106.53.156.113): 2 Time(s)
unknown (106.54.164.19): 2 Time(s)
unknown (116.98.169.61): 2 Time(s)
unknown (117.7.122.163): 2 Time(s)
unknown (188.126.222.53): 2 Time(s)
unknown (193.169.254.138): 2 Time(s)
unknown (2-238-147-10.ip244.fastwebnet.it): 2 Time(s)
unknown (2.56.59.39): 2 Time(s)
unknown (27.64.16.141): 2 Time(s)
unknown (92.255.195.14): 2 Time(s)
mailman (128.199.103.239): 1 Time(s)
mysql (111.175.186.150): 1 Time(s)
news (147.139.133.135): 1 Time(s)
root (193.169.254.138): 1 Time(s)
root (27.64.16.141): 1 Time(s)
root (36.133.216.195): 1 Time(s)
root (39.188.129.206): 1 Time(s)
root (81.68.212.201): 1 Time(s)
unknown (1.83.125.41): 1 Time(s)
unknown (103.133.57.250): 1 Time(s)
unknown (106.13.18.86): 1 Time(s)
unknown (107.189.14.182): 1 Time(s)
unknown (112.31.56.247): 1 Time(s)
unknown (116.105.161.242): 1 Time(s)
unknown (180.250.58.235): 1 Time(s)
unknown (188.126.89.59): 1 Time(s)
unknown (188.126.89.88): 1 Time(s)
unknown (200.73.130.213): 1 Time(s)
unknown (36.89.68.35): 1 Time(s)
Invalid Users:
Unknown Account: 448 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
1579 Miscellaneous warnings
19.025K Bytes accepted 19,482
19.025K Bytes sent via SMTP 19,482
======== ==================================================
2 Accepted 100.00%
-------- --------------------------------------------------
2 Total 100.00%
======== ==================================================
3 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
3 Total 4xx Rejects 100.00%
======== ==================================================
1783 Connections
1651 Connections lost (inbound)
1783 Disconnections
2 Removed from queue
2 Sent via SMTP
1 SMTP dialog errors
1 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Failed logins from:
1.15.175.127: 22 times
1.116.206.11: 16 times
27.64.16.141 (localhost): 1 time
36.133.131.161: 36 times
36.133.216.195: 1 time
39.188.129.206: 1 time
45.55.36.216: 31 times
46.101.138.138: 33 times
60.30.98.194 (no-data): 26 times
61.33.108.252: 12 times
81.68.135.238: 3 times
81.68.212.201: 1 time
81.70.32.82: 2 times
81.70.197.95: 25 times
81.71.143.30: 14 times
82.65.158.207 (82-65-158-207.subs.proxad.net): 38 times
82.156.105.147: 9 times
103.133.94.18: 9 times
106.53.81.17: 31 times
106.53.156.113: 8 times
106.54.164.19: 5 times
110.188.68.110: 27 times
111.175.186.150: 23 times
111.229.213.64: 30 times
111.243.21.29 (111-243-21-29.dynamic-ip.hinet.net): 9 times
112.216.122.83: 12 times
115.236.52.122: 18 times
119.147.184.22: 6 times
121.4.241.12: 5 times
124.160.83.138: 17 times
128.199.103.239: 36 times
144.64.7.213 (bl23-7-213.dsl.telepac.pt): 21 times
147.139.133.135: 41 times
161.35.23.213: 35 times
168.187.100.61: 3 times
171.39.0.3: 18 times
176.111.173.218: 3 times
180.184.64.255: 27 times
183.134.78.94: 27 times
193.112.108.135: 9 times
193.169.254.138: 1 time
198.98.54.17: 6 times
199.195.248.175: 12 times
203.113.167.3: 25 times
213.6.130.133: 37 times
Illegal users from:
undef: 308 times
1.15.175.127: 9 times
1.83.125.41: 1 time
1.116.206.11: 3 times
2.56.59.39 (branewsinfos.ddns.net): 2 times
2.238.147.10 (2-238-147-10.ip244.fastwebnet.it): 2 times
27.64.16.141 (localhost): 2 times
36.89.68.35: 1 time
36.133.131.161: 14 times
36.227.141.15 (36-227-141-15.dynamic-ip.hinet.net): 3 times
45.55.36.216: 19 times
46.101.138.138: 14 times
60.30.98.194 (no-data): 18 times
61.33.108.252: 4 times
65.49.20.66 (scan-17.shadowserver.org): 1 time
81.68.135.238: 4 times
81.70.32.82: 48 times
81.70.197.95: 24 times
81.71.143.30: 4 times
82.65.158.207 (82-65-158-207.subs.proxad.net): 12 times
82.156.105.147: 5 times
92.255.195.14 (92x255x195x14.static-customer.kzn.ertelecom.ru): 2 times
103.133.57.250: 1 time
103.133.94.18: 6 times
106.13.18.86: 1 time
106.53.81.17: 19 times
106.53.156.113: 2 times
106.54.164.19: 2 times
107.189.14.182 (LuxembourgTor43.lu): 1 time
110.188.68.110: 13 times
111.175.186.150: 8 times
111.229.213.64: 20 times
111.243.21.29 (111-243-21-29.dynamic-ip.hinet.net): 5 times
112.31.56.247: 1 time
112.216.122.83: 9 times
115.236.52.122: 8 times
116.98.169.61 (dynamic-ip-adsl.viettel.vn): 2 times
116.105.161.242: 1 time
117.7.122.163 (localhost): 2 times
119.147.184.22: 5 times
121.4.241.12: 4 times
124.160.83.138: 10 times
128.199.103.239: 14 times
141.98.10.60: 15 times
141.98.10.63: 4 times
141.98.10.109: 7 times
144.64.7.213 (bl23-7-213.dsl.telepac.pt): 9 times
147.139.133.135: 9 times
161.35.23.213: 15 times
171.39.0.3: 6 times
180.184.64.255: 7 times
180.250.58.235: 1 time
183.134.78.94: 13 times
188.126.89.59: 1 time
188.126.89.88: 1 time
188.126.222.53 (cm-188.126.222.53.get.no): 2 times
193.112.108.135: 5 times
193.169.254.138: 2 times
198.98.54.17: 5 times
200.73.130.213 (213.130.73.200.cab.prima.net.ar): 1 time
203.113.167.3: 4 times
209.141.55.232: 3 times
213.6.130.133: 13 times
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/ploop33257p1 394G 242G 132G 65% /
none 4.0G 0 4.0G 0% /dev
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
1447
days inactive
1447
days old
0 comments
1 participants
participants (1)
-
root@zapf.in