[TOPF] Logwatch for h2361197.stratoserver.net (Linux)

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Thu Feb 7 04:42:04 2019 Date Range Processed: yesterday ( 2019-Feb-06 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 6:6 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 60.191.52.254 -> zapf.wiki:443: 1 Time(s) A total of 1 sites probed the server 46.17.47.173 Requests with error response codes 400 Bad Request null: 3 Time(s) /recordings/: 2 Time(s) /w00tw00t.at.ISC.SANS.DFind:): 2 Time(s) //a2billing/customer/templates/default/footer.tpl: 1 Time(s) //vtigercrm/vtigerservice.php: 1 Time(s) /a2billing/admin/Public/PP_error.php?c=accessdenied: 1 Time(s) /a2billing/customer/templates/default/footer.tpl: 1 Time(s) /vtigercrm/vtigerservice.php: 1 Time(s) \xB6\xDF\xFA\x9CC\xE3\x00\x00\x8C\xC00\xC0 ... C0$\xC0\x14\xC0: 1 Time(s) mstshash=Administr: 1 Time(s) zapf.wiki:443: 1 Time(s) 404 Not Found /robots.txt: 40 Time(s) /berlin/apple-touch-icon.png: 8 Time(s) /wp-login.php: 4 Time(s) /favicon.ico: 3 Time(s) /.well-known/security.txt: 1 Time(s) /hernya: 1 Time(s) /home/zapf: 1 Time(s) /verein/satzung/%7CSatzung: 1 Time(s) /zapf/berichte/zapf-wise-2010: 1 Time(s) 500 Internal Server Error /: 7 Time(s) /recordings/: 2 Time(s) //a2billing/customer/templates/default/footer.tpl: 1 Time(s) //vtigercrm/vtigerservice.php: 1 Time(s) /a2billing/admin/Public/PP_error.php?c=accessdenied: 1 Time(s) /a2billing/customer/templates/default/footer.tpl: 1 Time(s) /vtigercrm/vtigerservice.php: 1 Time(s) 502 Bad Gateway /: 24 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (153.124.170.76): 6 Time(s) root (222.104.20.218): 6 Time(s) root (27.115.71.66): 6 Time(s) root (p1923015-ipngn16601marunouchi.tokyo.ocn.ne.jp): 6 Time(s) unknown (1.177.191.161): 6 Time(s) unknown (72-36-25-150.actaccess.net): 6 Time(s) unknown (165084191236.ctinets.com): 2 Time(s) unknown (76-242-160-219.lightspeed.dybhfl.sbcglobal.net): 2 Time(s) root (104.248.194.119): 1 Time(s) root (106.12.28.252): 1 Time(s) root (118.116.95.57): 1 Time(s) root (118.172.219.75): 1 Time(s) root (190.220.31.11): 1 Time(s) root (190.85.63.50): 1 Time(s) root (202.184.129.173): 1 Time(s) root (server-6o-r30.ipv4.syd02.ds.network): 1 Time(s) unknown (1.202.165.40): 1 Time(s) unknown (1.202.91.252): 1 Time(s) unknown (111.14.221.200): 1 Time(s) unknown (113.106.94.157): 1 Time(s) unknown (114-34-53-178.hinet-ip.hinet.net): 1 Time(s) unknown (116.236.211.238): 1 Time(s) unknown (117.34.70.83): 1 Time(s) unknown (121.78.112.29): 1 Time(s) unknown (122.224.98.154): 1 Time(s) unknown (123.142.5.138): 1 Time(s) unknown (123.20.37.255): 1 Time(s) unknown (136.26.50.52): 1 Time(s) unknown (138.197.107.255): 1 Time(s) unknown (138.97.64.22): 1 Time(s) unknown (139.59.78.70): 1 Time(s) unknown (14.29.250.24): 1 Time(s) unknown (140.206.118.210): 1 Time(s) unknown (159.192.221.254): 1 Time(s) unknown (165.227.25.195): 1 Time(s) unknown (183.6.176.182): 1 Time(s) unknown (184.22.160.31): 1 Time(s) unknown (188.92.77.235): 1 Time(s) unknown (193.179.134.5): 1 Time(s) unknown (201.131.241.83): 1 Time(s) unknown (209.198.49.100): 1 Time(s) unknown (210.183.236.30): 1 Time(s) unknown (221.13.133.185): 1 Time(s) unknown (221.221.138.218): 1 Time(s) unknown (221.225.81.58): 1 Time(s) unknown (222.190.254.165): 1 Time(s) unknown (36.70.21.20): 1 Time(s) unknown (36.89.114.66): 1 Time(s) unknown (58.42.237.24): 1 Time(s) unknown (59.46.36.114): 1 Time(s) unknown (61.191.235.163): 1 Time(s) unknown (61.191.55.20): 1 Time(s) unknown (74-95-83-153-washingtondc.hfc.comcastbusiness.net): 1 Time(s) unknown (91.73.131.200): 1 Time(s) unknown (h91-233-9.cornut.fr): 1 Time(s) unknown (iso.thetank.host): 1 Time(s) unknown (oc-129-144-186-120.compute.oraclecloud.com): 1 Time(s) unknown (oc-141-145-121-191.compute.oraclecloud.com): 1 Time(s) unknown (wsip-184-186-201-140.ph.ph.cox.net): 1 Time(s) Invalid Users: Unknown Account: 59 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 394 Miscellaneous warnings 11.333K Bytes accepted 11,605 11.333K Bytes sent via SMTP 11,605 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 3 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 3 Total 4xx Rejects 100.00% ======== ================================================== 431 Connections 394 Connections lost (inbound) 431 Disconnections 1 Removed from queue 1 Sent via SMTP ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: invalid : 2 Time(s) root : 4 Time(s) Failed logins from: 27.115.71.66: 6 times 104.248.194.119: 1 time 106.12.28.252: 1 time 118.116.95.57: 1 time 118.172.219.75 (node-17bf.pool-118-172.dynamic.totbroadband.com): 1 time 122.201.93.240 (server-6o-r30.ipv4.syd02.ds.network): 1 time 153.124.170.76: 6 times 153.207.0.15 (p1923015-ipngn16601marunouchi.tokyo.ocn.ne.jp): 6 times 190.85.63.50: 1 time 190.220.31.11 (host11.190-220-31.telmex.net.ar): 1 time 202.184.129.173: 1 time 222.104.20.218: 6 times Illegal users from: undef: 35 times 1.177.191.161: 6 times 1.202.91.252: 1 time 1.202.165.40 (40.165.202.1.static.bjtelecom.net): 1 time 14.29.250.24: 1 time 36.70.21.20: 1 time 36.89.114.66: 1 time 58.42.237.24: 1 time 59.46.36.114: 1 time 61.191.55.20: 1 time 61.191.235.163: 1 time 72.36.25.150 (72-36-25-150.dsl.dyn.actaccess.net): 6 times 74.95.83.153 (74-95-83-153-WashingtonDC.hfc.comcastbusiness.net): 1 time 76.242.160.219 (76-242-160-219.lightspeed.dybhfl.sbcglobal.net): 2 times 91.73.131.200: 1 time 91.103.233.9 (h91-233-9.cornut.fr): 1 time 95.0.146.105 (95.0.146.105.static.ttnet.com.tr): 1 time 111.14.221.200: 1 time 113.106.94.157: 1 time 114.34.53.178 (114-34-53-178.HINET-IP.hinet.net): 1 time 114.108.177.165: 1 time 116.236.211.238: 1 time 117.34.70.83: 1 time 121.78.112.29: 1 time 122.224.98.154: 1 time 123.20.37.255: 1 time 123.142.5.138: 1 time 129.144.186.120 (oc-129-144-186-120.compute.oraclecloud.com): 1 time 136.26.50.52: 1 time 138.97.64.22: 1 time 138.197.107.255: 1 time 139.59.78.70: 1 time 140.206.118.210: 1 time 141.145.121.191 (oc-141-145-121-191.compute.oraclecloud.com): 1 time 142.93.240.79 (iso.thetank.host): 1 time 159.192.221.254: 1 time 165.84.191.236 (165084191236.ctinets.com): 2 times 165.227.25.195: 1 time 183.6.176.182: 1 time 184.22.160.31 (184-22-160-0.24.nat.tls1a-cgn02.myaisfibre.com): 1 time 184.186.201.140 (wsip-184-186-201-140.ph.ph.cox.net): 1 time 188.92.77.235: 1 time 193.179.134.5: 1 time 201.131.241.83: 1 time 209.198.49.100 (zip.qaoptimizer.com): 1 time 210.183.236.30: 1 time 221.13.133.185 (hn.kd.smx.adsl): 1 time 221.221.138.218: 1 time 221.225.81.58: 1 time 222.85.133.206: 1 time 222.190.254.165: 1 time ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################