[TOPF] Logwatch for h2361197.stratoserver.net (Linux)

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Mon Jan 28 04:42:04 2019 Date Range Processed: yesterday ( 2019-Jan-27 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 10:10 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 59.36.132.222 -> www.baidu.com:443: 1 Time(s) A total of 3 sites probed the server 192.111.142.234 194.113.106.126 5.188.210.12 Requests with error response codes 400 Bad Request null: 7 Time(s) mstshash=Administr: 2 Time(s) mstshash=Test: 2 Time(s) /: 1 Time(s) /robots.txt: 1 Time(s) /w00tw00t.at.ISC.SANS.DFind:): 1 Time(s) http://5.188.210.12/echo.php: 1 Time(s) http://api.ipify.org/: 1 Time(s) http://www.123cha.com: 1 Time(s) http://www.baidu.com/: 1 Time(s) www.baidu.com: 1 Time(s) www.baidu.com:443: 1 Time(s) 404 Not Found /robots.txt: 60 Time(s) /berlin/apple-touch-icon.png: 5 Time(s) /wp-login.php: 3 Time(s) /reader/1993-wi-reader_st93.pdf: 2 Time(s) /.well-known/apple-app-site-association: 1 Time(s) //blog/wp-includes/wlwmanifest.xml: 1 Time(s) //cms/wp-includes/wlwmanifest.xml: 1 Time(s) //site/wp-includes/wlwmanifest.xml: 1 Time(s) //wordpress/wp-includes/wlwmanifest.xml: 1 Time(s) //wp-includes/wlwmanifest.xml: 1 Time(s) //wp/wp-includes/wlwmanifest.xml: 1 Time(s) //xmlrpc.php?rsd: 1 Time(s) /apple-app-site-association: 1 Time(s) /blog/wp-login.php: 1 Time(s) /neuigkeiten/einladung-zapf-wise2011: 1 Time(s) /neuigkeiten/mitgliederversammlung-2010-05-15: 1 Time(s) /node?page=1: 1 Time(s) /oauth/errors?error=invalid_request&error_ ... arameter+value.: 1 Time(s) /reader/1989-wi-berlin.pdf: 1 Time(s) /reader/1994-wi-reader_hb94.pdf: 1 Time(s) /reader/1995-so-reader_ha95.pdf: 1 Time(s) /reader/1995-wi-reader_bn95.pdf: 1 Time(s) /reader/1998-so-reader_ro98.pdf: 1 Time(s) /reader/2017_SoSe_Berlin_vorlaeufig.pdf: 1 Time(s) /resolutionen/sose17/gesellschaftlich_vera ... wantwortung.pdf: 1 Time(s) /sites/default/files/1979_WiSe_Karlsruhe.pdf: 1 Time(s) /sites/default/files/1981_WiSe_K%C3%B6ln.pdf: 1 Time(s) /sites/default/files/1984_WiSe_Bonn.pdf: 1 Time(s) /sites/default/files/2004_WiSe_Hamburg.pdf: 1 Time(s) /sites/default/files/2007_SoSe_Berlin.pdf: 1 Time(s) /sites/default/files/2011_05_Stellungnahme_EQR-DQR_0.pdf: 1 Time(s) /sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s) /user: 1 Time(s) 500 Internal Server Error /: 4 Time(s) //libs/js/iframe.js: 3 Time(s) 502 Bad Gateway /: 25 Time(s) /robots.txt: 2 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (112.231.244.162): 6 Time(s) root (125.71.133.254): 6 Time(s) root (151.21.80.201): 6 Time(s) root (176.25.10.236): 6 Time(s) root (180.111.205.112): 6 Time(s) root (74.196.168.224): 6 Time(s) root (94.41.0.140.static.ufanet.ru): 6 Time(s) unknown (85.97.131.99): 6 Time(s) unknown (host-189-206-77.junet.se): 6 Time(s) unknown (180.188.196.143): 3 Time(s) root (149.28.165.253): 2 Time(s) root (154.115.216.3): 2 Time(s) root (lfbn-1-12666-251.w90-90.abo.wanadoo.fr): 2 Time(s) unknown (41.207.51.96): 2 Time(s) backup (203.190.128.146): 1 Time(s) postgres (183.234.214.11): 1 Time(s) root (125.124.30.186): 1 Time(s) root (2.122.199.165): 1 Time(s) root (41.207.51.96): 1 Time(s) root (ip-50-63-165-214.ip.secureserver.net): 1 Time(s) root (ipa120.0.tellas.gr): 1 Time(s) unknown (149.28.165.253): 1 Time(s) unknown (152.242.88.180): 1 Time(s) unknown (154.115.216.3): 1 Time(s) unknown (16.ip-51-254-208.eu): 1 Time(s) unknown (182.243.71.207): 1 Time(s) unknown (185.10.215.227): 1 Time(s) unknown (185.246.128.25): 1 Time(s) unknown (188.92.75.248): 1 Time(s) unknown (202.69.73.114): 1 Time(s) unknown (203.76.214.191): 1 Time(s) unknown (218.89.241.68): 1 Time(s) unknown (ip64.ip-54-36-151.eu): 1 Time(s) unknown (ipa120.0.tellas.gr): 1 Time(s) unknown (lfbn-1-12666-251.w90-90.abo.wanadoo.fr): 1 Time(s) unknown (ns3016508.ip-51-254-47.eu): 1 Time(s) unknown (p4fefc757.dip0.t-ipconnect.de): 1 Time(s) Invalid Users: Unknown Account: 37 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 21.230K Bytes accepted 21,740 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 1 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 1 Total 4xx Rejects 100.00% ======== ================================================== 15 Connections 14 Connections lost (inbound) 15 Disconnections 4 Deferred 82 Deferrals 82 Connection failures (outbound) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: invalid : 2 Time(s) root : 7 Time(s) Failed logins from: 2.122.199.165 (027ac7a5.bb.sky.com): 1 time 41.207.51.96: 1 time 50.63.165.214 (ip-50-63-165-214.ip.secureserver.net): 1 time 74.196.168.224 (74-196-168-224.plptcmtk03.com.dyn.suddenlink.net): 6 times 84.254.0.120 (ipa120.0.tellas.gr): 1 time 90.90.207.251 (lfbn-1-12666-251.w90-90.abo.wanadoo.fr): 2 times 94.41.0.140 (94.41.0.140.static.ufanet.ru): 6 times 112.231.244.162: 6 times 125.71.133.254: 6 times 125.124.30.186: 1 time 149.28.165.253 (149.28.165.253.vultr.com): 2 times 151.21.80.201 (ppp-201-80.21-151.wind.it): 6 times 154.115.216.3: 2 times 176.25.10.236 (b0190aec.bb.sky.com): 6 times 180.111.205.112: 6 times 183.234.214.11: 1 time 203.190.128.146: 1 time Illegal users from: undef: 17 times 41.207.51.96: 2 times 51.254.47.198 (ns3016508.ip-51-254-47.eu): 1 time 51.254.208.16 (16.ip-51-254-208.eu): 1 time 54.36.151.64 (ip64.ip-54-36-151.eu): 1 time 79.239.199.87 (p4FEFC757.dip0.t-ipconnect.de): 1 time 84.254.0.120 (ipa120.0.tellas.gr): 1 time 85.97.131.99 (85.97.131.99.dynamic.ttnet.com.tr): 6 times 90.90.207.251 (lfbn-1-12666-251.w90-90.abo.wanadoo.fr): 1 time 149.28.165.253 (149.28.165.253.vultr.com): 1 time 152.242.88.180 (152-242-88-180.user.vivozap.com.br): 1 time 154.115.216.3: 1 time 180.188.196.143: 3 times 182.243.71.207: 5 times 185.10.215.227: 1 time 185.246.128.25: 1 time 188.92.75.248: 1 time 202.69.73.114: 1 time 203.76.214.191: 1 time 207.189.206.77 (host-189-206-77.junet.se): 6 times 218.89.241.68: 1 time ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################