################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Mon Jan 10 04:42:04 2022 Date Range Processed: yesterday ( 2022-Jan-09 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 20:20 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 103.145.13.223 -> zapf.wiki:443: 2 Time(s) 143.198.136.88 -> leakix.net:443: 1 Time(s) 45.88.109.151 -> 179.61.251.239:4444: 1 Time(s) A total of 3 sites probed the server 178.128.209.5 2.56.59.242 209.141.54.110 Requests with error response codes 400 Bad Request null: 6 Time(s) /phpmyadmin/scripts/setup.php: 4 Time(s) mstshash=Domain: 4 Time(s) /: 2 Time(s) /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 2 Time(s) mstshash=Administr: 2 Time(s) zapf.wiki:443: 2 Time(s) /.env: 1 Time(s) /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/ ... 2e%2e/etc/hosts: 1 Time(s) /evox/about: 1 Time(s) /manager/text/list: 1 Time(s) /nmaplowercheck1641753154: 1 Time(s) /sdk: 1 Time(s) 179.61.251.239:4444: 1 Time(s) leakix.net:443: 1 Time(s) |\x85\xBB\x09\xA41S\x87\xB6\x22y\xB6P\xDA* ... x09\xC0\x14\xC0: 1 Time(s) 403 Forbidden /FrcS3CFURGOhH8IZnOVeEw?edit: 1 Time(s) /FrcS3CFURGOhH8IZnOVeEw?view: 1 Time(s) 404 Not Found /: 1 Time(s) 500 Internal Server Error /: 20 Time(s) /.env: 6 Time(s) /robots.txt: 5 Time(s) /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /Autodiscover/Autodiscover.xml: 1 Time(s) /HNAP1: 1 Time(s) /_ignition/execute-solution: 1 Time(s) /actuator/health: 1 Time(s) /ecp/Current/exporttool/microsoft.exchange ... ool.application: 1 Time(s) /favicon.ico: 1 Time(s) /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s) /mifs/.;/services/LogService: 1 Time(s) /mobile/: 1 Time(s) /owa/auth/logon.aspx: 1 Time(s) /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (198.55.123.204): 37 Time(s) root (180.76.148.1): 34 Time(s) root (106.12.194.13): 29 Time(s) root (121.5.126.182): 28 Time(s) root (87.122.200.231): 28 Time(s) root (78.196.113.72): 20 Time(s) root (128.199.123.0): 18 Time(s) unknown (121.5.126.182): 17 Time(s) root (81.70.205.210): 13 Time(s) unknown (198.55.123.204): 13 Time(s) unknown (106.12.194.13): 11 Time(s) root (83.135.97.210): 10 Time(s) unknown (180.76.148.1): 10 Time(s) unknown (78.196.113.72): 8 Time(s) unknown (81.70.205.210): 7 Time(s) unknown (87.122.200.231): 7 Time(s) root (185.38.175.131): 6 Time(s) root (195.9.221.218): 6 Time(s) root (45.61.185.114): 6 Time(s) root (90.189.182.30): 6 Time(s) root (exitrelay17.medvideos-tor.org): 6 Time(s) root (this-is-a-tor-exit-node-hviv114.hviv.nl): 6 Time(s) unknown (128.199.123.0): 6 Time(s) unknown (195.9.221.218): 6 Time(s) root (182.46.201.161): 4 Time(s) root (103.102.153.143): 2 Time(s) root (115.236.52.122): 2 Time(s) root (8.225.226.100): 2 Time(s) unknown (141.98.10.202): 2 Time(s) unknown (62.233.50.133): 2 Time(s) unknown (83.135.97.210): 2 Time(s) unknown (90.189.182.30): 2 Time(s) root (154.8.226.52): 1 Time(s) root (oc-144-22-108-33.compute.oraclecloud.com): 1 Time(s) root (oc-144-22-98-225.compute.oraclecloud.com): 1 Time(s) unknown (103.76.175.130): 1 Time(s) unknown (112.216.48.236): 1 Time(s) unknown (122.160.51.88): 1 Time(s) unknown (124.42.68.14): 1 Time(s) unknown (125.77.23.30): 1 Time(s) unknown (177.53.68.241): 1 Time(s) unknown (182.46.201.161): 1 Time(s) unknown (182.74.25.246): 1 Time(s) unknown (185.90.136.69): 1 Time(s) unknown (190.107.169.35-static.host.certinho.com.br): 1 Time(s) unknown (222.90.31.106): 1 Time(s) unknown (46.98.247.18): 1 Time(s) unknown (58.233.74.7): 1 Time(s) unknown (91.132.63.85): 1 Time(s) Invalid Users: Unknown Account: 107 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 3 Miscellaneous warnings 8.992K Bytes accepted 9,208 8.992K Bytes sent via SMTP 9,208 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 3 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 3 Total 4xx Rejects 100.00% ======== ================================================== 139 Connections 10 Connections lost (inbound) 139 Disconnections 1 Removed from queue 1 Sent via SMTP ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 4 Time(s) Failed logins from: 8.225.226.100: 2 times 45.61.185.114 (MiamiTor3.us): 6 times 78.196.113.72 (1dh67-1_migr-78-196-113-72.fbx.proxad.net): 20 times 81.70.205.210: 13 times 83.135.97.210: 10 times 87.122.200.231: 28 times 90.189.182.30 (b-internet.90.189.182.30.snt.ru): 6 times 103.102.153.143 (goldenfast.net): 2 times 104.244.72.136 (exitrelay17.medvideos-tor.org): 6 times 106.12.194.13: 29 times 115.236.52.122: 2 times 121.5.126.182: 28 times 128.199.123.0: 18 times 144.22.98.225 (oc-144-22-98-225.compute.oraclecloud.com): 1 time 144.22.108.33 (oc-144-22-108-33.compute.oraclecloud.com): 1 time 154.8.226.52: 1 time 180.76.148.1: 34 times 182.46.201.161: 4 times 185.38.175.131: 6 times 192.42.116.14 (this-is-a-tor-exit-node-hviv114.hviv.nl): 6 times 195.9.221.218: 6 times 198.55.123.204 (198.55.123.204.static.quadranet.com): 37 times Illegal users from: 2001:470:1:332::9: 1 time undef: 84 times 46.98.247.18 (18.247.PPPoE.fregat.ua): 1 time 58.233.74.7: 1 time 62.233.50.133: 2 times 64.62.197.182: 1 time 78.196.113.72 (1dh67-1_migr-78-196-113-72.fbx.proxad.net): 8 times 81.70.205.210: 7 times 83.135.97.210: 2 times 87.122.200.231: 7 times 90.189.182.30 (b-internet.90.189.182.30.snt.ru): 2 times 91.132.63.85: 1 time 103.76.175.130 (130.175.76.103.iconpln.net.id): 1 time 106.12.194.13: 11 times 112.216.48.236: 1 time 121.5.126.182: 17 times 122.160.51.88 (abts-north-static-088.51.160.122.airtelbroadband.in): 1 time 124.42.68.14: 1 time 125.77.23.30: 1 time 128.199.123.0: 6 times 141.98.10.202: 2 times 177.53.68.241: 1 time 180.76.148.1: 10 times 182.46.201.161: 1 time 182.74.25.246: 1 time 185.90.136.69 (ksort-fi41-sort.betmam.com): 1 time 190.107.169.35 (190.107.169.35-static.host.certinho.com.br): 1 time 195.9.221.218: 6 times 198.55.123.204 (198.55.123.204.static.quadranet.com): 13 times 222.90.31.106: 1 time ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop33257p1 394G 242G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################