################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Wed Dec 1 04:42:04 2021 Date Range Processed: yesterday ( 2021-Nov-30 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 75:76 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 5 sites probed the server 128.199.197.176 165.227.214.141 171.25.193.20 222.186.19.235 23.102.38.254 Requests with error response codes 400 Bad Request null: 10 Time(s) mstshash=Domain: 4 Time(s) http://fuwu.sogou.com/404/index.html: 2 Time(s) /: 1 Time(s) /.env: 1 Time(s) /ab2g: 1 Time(s) /ab2h: 1 Time(s) /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 1 Time(s) a: 1 Time(s) 404 Not Found //2018/wp-includes/wlwmanifest.xml: 1 Time(s) //2019/wp-includes/wlwmanifest.xml: 1 Time(s) //blog/wp-includes/wlwmanifest.xml: 1 Time(s) //cms/wp-includes/wlwmanifest.xml: 1 Time(s) //media/wp-includes/wlwmanifest.xml: 1 Time(s) //news/wp-includes/wlwmanifest.xml: 1 Time(s) //shop/wp-includes/wlwmanifest.xml: 1 Time(s) //site/wp-includes/wlwmanifest.xml: 1 Time(s) //sito/wp-includes/wlwmanifest.xml: 1 Time(s) //test/wp-includes/wlwmanifest.xml: 1 Time(s) //web/wp-includes/wlwmanifest.xml: 1 Time(s) //website/wp-includes/wlwmanifest.xml: 1 Time(s) //wordpress/wp-includes/wlwmanifest.xml: 1 Time(s) //wp-includes/wlwmanifest.xml: 1 Time(s) //wp/wp-includes/wlwmanifest.xml: 1 Time(s) //wp1/wp-includes/wlwmanifest.xml: 1 Time(s) //wp2/wp-includes/wlwmanifest.xml: 1 Time(s) //xmlrpc.php?rsd: 1 Time(s) 499 (undefined) /apple-touch-icon.png: 3 Time(s) 500 Internal Server Error /: 21 Time(s) /.env: 5 Time(s) /robots.txt: 3 Time(s) /ecp/Current/exporttool/microsoft.exchange ... ool.application: 2 Time(s) /.well-known/security.txt: 1 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /Autodiscover/Autodiscover.xml: 1 Time(s) /_ignition/execute-solution: 1 Time(s) /_profiler/phpinfo: 1 Time(s) /actuator/health: 1 Time(s) /console/: 1 Time(s) /debug/default/view?panel=config: 1 Time(s) /mifs/.;/services/LogService: 1 Time(s) /owa/: 1 Time(s) /owa/auth/logon.aspx: 1 Time(s) /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s) /owa/auth/x.js: 1 Time(s) /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (vmi690594.contaboserver.net): 115 Time(s) root (korra.angulare.app): 70 Time(s) root (128.199.173.208): 29 Time(s) root (119.96.158.87): 26 Time(s) root (114.113.225.111): 24 Time(s) root (182.50.65.146): 24 Time(s) root (116.196.122.196): 23 Time(s) unknown (128.199.173.208): 21 Time(s) root (49.233.23.193): 20 Time(s) root (61.133.122.19): 18 Time(s) root (142.93.179.2): 15 Time(s) root (138.197.149.97): 14 Time(s) root (178.154.204.1): 14 Time(s) root (49.232.206.20): 14 Time(s) root (165.227.196.43): 13 Time(s) unknown (141.98.10.60): 12 Time(s) unknown (141.98.10.82): 12 Time(s) unknown (114.113.225.111): 10 Time(s) unknown (119.96.158.87): 10 Time(s) unknown (165.227.196.43): 10 Time(s) unknown (49.233.23.193): 10 Time(s) unknown (61.133.122.19): 10 Time(s) root (120.237.118.139): 9 Time(s) unknown (49.232.206.20): 9 Time(s) unknown (142.93.179.2): 8 Time(s) unknown (138.197.149.97): 7 Time(s) unknown (fixed-187-190-24-199.totalplay.net): 7 Time(s) root (119.96.172.95): 6 Time(s) root (13.76.254.161): 6 Time(s) root (202.139.198.181): 6 Time(s) root (205.185.114.149): 6 Time(s) root (43.255.116.56): 6 Time(s) root (49.232.219.42): 6 Time(s) root (vps2.d3soft.ma): 6 Time(s) unknown (159.65.228.224): 6 Time(s) unknown (178.154.204.1): 6 Time(s) unknown (182.50.65.146): 6 Time(s) root (fixed-187-190-24-199.totalplay.net): 5 Time(s) unknown (116.196.122.196): 5 Time(s) root (2.56.59.114): 4 Time(s) root (42.192.125.230): 3 Time(s) unknown (119.96.172.95): 3 Time(s) unknown (120.237.118.139): 3 Time(s) unknown (205.185.114.149): 3 Time(s) unknown (205.185.115.39): 3 Time(s) unknown (209.141.52.25): 3 Time(s) unknown (23.183.81.227): 3 Time(s) unknown (23.183.81.249): 3 Time(s) unknown (23.183.81.54): 3 Time(s) unknown (23.183.82.135): 3 Time(s) unknown (45.155.204.39): 3 Time(s) unknown (49.232.219.42): 3 Time(s) unknown (91.223.67.146): 3 Time(s) unknown (vps2.d3soft.ma): 3 Time(s) unknown (116.110.252.176): 2 Time(s) unknown (121.166.68.59): 2 Time(s) unknown (136.185.3.238): 2 Time(s) unknown (141.98.10.202): 2 Time(s) unknown (162.173-247-81.adsl-dyn.isp.belgacom.be): 2 Time(s) unknown (179.43.187.37): 2 Time(s) unknown (209.141.32.141): 2 Time(s) unknown (209.141.47.245): 2 Time(s) unknown (209.141.53.74): 2 Time(s) unknown (212.192.241.37): 2 Time(s) unknown (23.183.82.180): 2 Time(s) unknown (62.175.19.95.dynamic.jazztel.es): 2 Time(s) unknown (82.66.59.170): 2 Time(s) unknown (pool-173-76-16-169.bstnma.fios.verizon.net): 2 Time(s) root (129.146.188.246): 1 Time(s) unknown (116.103.20.151): 1 Time(s) unknown (136.144.41.3): 1 Time(s) unknown (209.141.33.193): 1 Time(s) unknown (45.144.225.69): 1 Time(s) unknown (49.235.167.59): 1 Time(s) Invalid Users: Unknown Account: 221 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 3 Miscellaneous warnings 13.066K Bytes accepted 13,380 13.066K Bytes sent via SMTP 13,380 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 4 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 4 Total 4xx Rejects 100.00% ======== ================================================== 185 Connections 11 Connections lost (inbound) 185 Disconnections 1 Removed from queue 1 Sent via SMTP 3 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 1 Time(s) Failed logins from: 2.56.59.114: 4 times 13.76.254.161: 6 times 42.192.125.230: 3 times 43.255.116.56: 6 times 49.232.206.20: 14 times 49.232.219.42: 6 times 49.233.23.193: 20 times 61.133.122.19: 18 times 66.45.234.187 (korra.angulare.app): 70 times 114.113.225.111: 24 times 116.196.122.196: 23 times 119.96.158.87: 26 times 119.96.172.95: 6 times 120.237.118.139: 9 times 128.199.173.208: 29 times 129.146.188.246: 1 time 138.197.149.97: 14 times 142.93.179.2 (temperiesdev.qa.beneficios): 15 times 161.97.187.24 (vmi690594.contaboserver.net): 115 times 165.227.196.43: 13 times 178.33.67.12 (vps2.d3soft.ma): 6 times 178.154.204.1: 14 times 182.50.65.146: 24 times 187.190.24.199 (fixed-187-190-24-199.totalplay.net): 5 times 202.139.198.181: 6 times 205.185.114.149: 6 times Illegal users from: undef: 111 times 23.183.81.54: 3 times 23.183.81.227: 3 times 23.183.81.249: 3 times 23.183.82.135: 3 times 23.183.82.180: 2 times 45.144.225.69: 1 time 45.155.204.39: 3 times 49.232.206.20: 9 times 49.232.219.42: 3 times 49.233.23.193: 10 times 49.235.167.59: 1 time 61.133.122.19: 10 times 65.49.20.69 (scan-20.shadowserver.org): 1 time 81.247.173.162 (162.173-247-81.adsl-dyn.isp.belgacom.be): 2 times 82.66.59.170 (mar92-2_migr-82-66-59-170.fbx.proxad.net): 2 times 91.223.67.146: 3 times 95.19.175.62 (62.175.19.95.dynamic.jazztel.es): 2 times 114.113.225.111: 10 times 116.103.20.151: 1 time 116.110.252.176: 2 times 116.196.122.196: 5 times 119.96.158.87: 10 times 119.96.172.95: 3 times 120.237.118.139: 3 times 121.166.68.59: 2 times 128.199.173.208: 21 times 136.144.41.3: 1 time 136.185.3.238 (abts-tn-static-238.3.185.136.airtelbroadband.in): 2 times 138.197.149.97: 7 times 141.98.10.60: 12 times 141.98.10.82: 12 times 141.98.10.202: 2 times 142.93.179.2 (temperiesdev.qa.beneficios): 8 times 159.65.228.224: 6 times 165.227.196.43: 10 times 173.76.16.169 (pool-173-76-16-169.bstnma.fios.verizon.net): 2 times 178.33.67.12 (vps2.d3soft.ma): 3 times 178.154.204.1: 6 times 179.43.187.37: 2 times 182.50.65.146: 6 times 187.190.24.199 (fixed-187-190-24-199.totalplay.net): 7 times 205.185.114.149: 3 times 205.185.115.39 (mx.learnmorefun.org): 3 times 209.141.32.141 (smtp9.dfsfasfasf.xyz): 2 times 209.141.33.193 (mx.chinadomainregistry.org): 1 time 209.141.47.245: 2 times 209.141.52.25 (jsebean.com): 3 times 209.141.53.74: 2 times 212.192.241.37: 2 times ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop33257p1 394G 242G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################