################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Thu Jan 13 04:42:04 2022
Date Range Processed: yesterday
( 2022-Jan-12 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host:
h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [ 11:11 ]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
Connection attempts using mod_proxy:
3.145.135.127 -> icanhazip.com:443: 1 Time(s)
A total of 9 sites probed the server
104.238.170.181
159.223.87.166
178.128.92.53
193.37.255.114
222.186.19.235
46.101.97.101
5.188.210.227
66.240.205.34
89.248.165.120
Requests with error response codes
400 Bad Request
null: 20 Time(s)
/: 3 Time(s)
/aaa9: 2 Time(s)
/aab9: 2 Time(s)
/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 2 Time(s)
mstshash=Domain: 2 Time(s)
/.env: 1 Time(s)
/ab2g: 1 Time(s)
/ab2h: 1 Time(s)
/w00tw00t.at.ISC.SANS.DFind:): 1 Time(s)
\xCA\x84\xDD\x9E\xAC\x17PG\xF4\x92\x95\xCF ... 5\x1Dk\xF7+\xB3: 1 Time(s)
http://fuwu.sogou.com/404/index.html: 1 Time(s)
icanhazip.com:443: 1 Time(s)
q\xE7Z\x0EV\xA9\x9CE\xBFZ?\x87\xA8<\x82&\x ... C0$\xC0\x14\xC0: 1 Time(s)
404 Not Found
//2018/wp-includes/wlwmanifest.xml: 1 Time(s)
//2019/wp-includes/wlwmanifest.xml: 1 Time(s)
//blog/wp-includes/wlwmanifest.xml: 1 Time(s)
//cms/wp-includes/wlwmanifest.xml: 1 Time(s)
//media/wp-includes/wlwmanifest.xml: 1 Time(s)
//news/wp-includes/wlwmanifest.xml: 1 Time(s)
//shop/wp-includes/wlwmanifest.xml: 1 Time(s)
//site/wp-includes/wlwmanifest.xml: 1 Time(s)
//sito/wp-includes/wlwmanifest.xml: 1 Time(s)
//test/wp-includes/wlwmanifest.xml: 1 Time(s)
//web/wp-includes/wlwmanifest.xml: 1 Time(s)
//website/wp-includes/wlwmanifest.xml: 1 Time(s)
//wordpress/wp-includes/wlwmanifest.xml: 1 Time(s)
//wp-includes/wlwmanifest.xml: 1 Time(s)
//wp/wp-includes/wlwmanifest.xml: 1 Time(s)
//wp1/wp-includes/wlwmanifest.xml: 1 Time(s)
//wp2/wp-includes/wlwmanifest.xml: 1 Time(s)
//xmlrpc.php?rsd: 1 Time(s)
500 Internal Server Error
/: 27 Time(s)
/.env: 3 Time(s)
/robots.txt: 3 Time(s)
/.well-known/security.txt: 2 Time(s)
/_ignition/execute-solution: 2 Time(s)
/aaa9: 2 Time(s)
/aab9: 2 Time(s)
/favicon.ico: 2 Time(s)
/?XDEBUG_SESSION_START=phpstorm: 1 Time(s)
/Autodiscover/Autodiscover.xml: 1 Time(s)
/ReportServer: 1 Time(s)
/actuator/health: 1 Time(s)
/admin: 1 Time(s)
/ecp/Current/exporttool/microsoft.exchange ... ool.application: 1 Time(s)
/login: 1 Time(s)
/mifs/.;/services/LogService: 1 Time(s)
/owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s)
/sitemap.xml: 1 Time(s)
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (106.51.78.18): 30 Time(s)
root (186.67.248.5): 30 Time(s)
root (81.70.19.182): 30 Time(s)
root (tabariainternetsolution.site): 30 Time(s)
root (120.53.245.68): 29 Time(s)
root (66.29.133.105): 27 Time(s)
root (42.248.78.142): 20 Time(s)
root (117.131.215.49): 18 Time(s)
root (202.112.61.110): 18 Time(s)
root (106.13.27.134): 16 Time(s)
root (186.67.248.6): 10 Time(s)
root (
318516835.box.freepro.com): 7 Time(s)
root (
82-65-173-65.subs.proxad.net): 5 Time(s)
root (112.60.40.93): 1 Time(s)
root (164.52.117.194): 1 Time(s)
root (167.172.207.139): 1 Time(s)
root (206.223.33.121): 1 Time(s)
root (210.74.11.97): 1 Time(s)
root (45.80.64.246): 1 Time(s)
root (61.177.172.91): 1 Time(s)
root (62.233.50.133): 1 Time(s)
root (92.255.85.237): 1 Time(s)
unknown (206.189.90.247): 1 Time(s)
unknown (45.148.10.163): 1 Time(s)
Invalid Users:
Unknown Account: 2 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
197 Miscellaneous warnings
8.680K Bytes accepted 8,888
8.680K Bytes sent via SMTP 8,888
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
5 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
5 Total 4xx Rejects 100.00%
======== ==================================================
264 Connections
29 Connections lost (inbound)
264 Disconnections
1 Removed from queue
1 Sent via SMTP
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Failed logins from:
42.248.78.142: 20 times
45.80.64.246: 1 time
61.177.172.91: 1 time
62.233.50.133: 1 time
66.29.133.105 (
server1.myvarich.com): 27 times
81.70.19.182: 30 times
82.65.173.65 (
82-65-173-65.subs.proxad.net): 5 times
92.255.85.237: 1 time
103.160.62.190 (tabariainternetsolution.site): 30 times
106.13.27.134: 16 times
106.51.78.18 (106.51.78.18.actcorp.in): 30 times
112.60.40.93: 1 time
117.131.215.49: 18 times
120.53.245.68: 29 times
164.52.117.194: 1 time
167.172.207.139: 1 time
186.67.248.5: 30 times
186.67.248.6: 10 times
202.112.61.110: 18 times
206.223.33.121: 1 time
210.74.11.97: 1 time
212.114.21.137 (
318516835.box.freepro.com): 7 times
Illegal users from:
2001:470:1:332::2 (
the-shadow-server-foundation.e0-1.core1.sfo2.he.net): 1 time
undef: 2 times
45.148.10.163 (starmessage.de): 1 time
64.62.197.92: 1 time
206.189.90.247: 1 time
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/ploop33257p1 394G 242G 132G 65% /
none 4.0G 0 4.0G 0% /dev
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################