################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Mon Feb 11 04:42:03 2019 Date Range Processed: yesterday ( 2019-Feb-10 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 10:10 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 182.200.6.54 -> www.voanews.com:443: 1 Time(s) 59.36.132.222 -> www.baidu.com:443: 1 Time(s) 60.191.52.254 -> zapf.wiki:443: 1 Time(s) A total of 2 sites probed the server 176.8.89.33 66.240.205.34 Requests with error response codes 400 Bad Request mstshash=Administr: 3 Time(s) null: 3 Time(s) /robots.txt: 1 Time(s) http://api.ipify.org/: 1 Time(s) http://www.baidu.com/: 1 Time(s) www.baidu.com:443: 1 Time(s) www.voanews.com:443: 1 Time(s) zapf.wiki:443: 1 Time(s) 404 Not Found /robots.txt: 30 Time(s) /berlin/apple-touch-icon.png: 10 Time(s) /wp-login.php: 3 Time(s) /oauth/errors?error=invalid_request&error_ ... t_id+parameter.: 2 Time(s) /.well-known/apple-app-site-association: 1 Time(s) //blog/wp-includes/wlwmanifest.xml: 1 Time(s) //cms/wp-includes/wlwmanifest.xml: 1 Time(s) //site/wp-includes/wlwmanifest.xml: 1 Time(s) //wordpress/wp-includes/wlwmanifest.xml: 1 Time(s) //wp-includes/wlwmanifest.xml: 1 Time(s) //wp/wp-includes/wlwmanifest.xml: 1 Time(s) //xmlrpc.php?rsd: 1 Time(s) /apple-app-site-association: 1 Time(s) /berlin/helfika/apple-touch-icon.png: 1 Time(s) /index.php?option=com_user&task=register: 1 Time(s) /sites/default/files/2011_: 1 Time(s) /user/register: 1 Time(s) /wp-login.php?action=register: 1 Time(s) 408 Request Timeout /reader/2004-wi-reader_hh04.pdf: 1 Time(s) 500 Internal Server Error /robots.txt: 6 Time(s) /: 3 Time(s) 502 Bad Gateway /: 25 Time(s) //wp-login.php: 1 Time(s) //xmlrpc.php: 1 Time(s) /robots.txt: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (112.156.165.19): 6 Time(s) root (175.6.98.2): 6 Time(s) root (177.66.224.55): 6 Time(s) root (31.23.222.216): 6 Time(s) root (45.222.96.6): 6 Time(s) unknown (84.23.42.189): 6 Time(s) unknown (pns27-1-78-222-68-65.fbx.proxad.net): 6 Time(s) unknown (107-143-150-124.lightspeed.irvnca.sbcglobal.net): 2 Time(s) unknown (31.47.4.5): 2 Time(s) bin (95.80.107.42): 1 Time(s) postgres (41.ip-51-254-205.eu): 1 Time(s) root (149.203.198.35.bc.googleusercontent.com): 1 Time(s) root (31.47.4.5): 1 Time(s) root (80.92.113.217): 1 Time(s) root (ckvlon1749w-lp140-01-70-30-112-78.dsl.bell.ca): 1 Time(s) unknown (104.244.77.155): 1 Time(s) unknown (110.10.129.226): 1 Time(s) unknown (113.190.242.120): 1 Time(s) unknown (113.21.228.18): 1 Time(s) unknown (114-34-53-178.hinet-ip.hinet.net): 1 Time(s) unknown (116.255.75.249): 1 Time(s) unknown (123.21.14.72): 1 Time(s) unknown (138.68.106.62): 1 Time(s) unknown (140.143.183.71): 1 Time(s) unknown (185.53.169.49): 1 Time(s) unknown (187.44.114.118): 1 Time(s) unknown (188.166.237.191): 1 Time(s) unknown (200.69.250.253): 1 Time(s) unknown (201-68-243-63.dsl.telesp.net.br): 1 Time(s) unknown (219.147.168.103): 1 Time(s) unknown (ns3016508.ip-51-254-47.eu): 1 Time(s) unknown (server.bitacoradr.com): 1 Time(s) Invalid Users: Unknown Account: 37 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 105 Miscellaneous warnings 8.966K Bytes accepted 9,181 8.966K Bytes sent via SMTP 9,181 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 4 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 4 Total 4xx Rejects 100.00% ======== ================================================== 361 Connections 210 Connections lost (inbound) 361 Disconnections 1 Removed from queue 1 Sent via SMTP 1 SMTP dialog errors ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: invalid : 1 Time(s) root : 2 Time(s) Failed logins from: 31.23.222.216 (216.222.23.31.donpac.ru): 6 times 31.47.4.5: 1 time 35.198.203.149 (149.203.198.35.bc.googleusercontent.com): 1 time 45.222.96.6 (45-222-96-12.zeta-web.net): 6 times 51.254.205.41 (41.ip-51-254-205.eu): 1 time 70.30.112.78 (ckvlon1749w-lp140-01-70-30-112-78.dsl.bell.ca): 1 time 80.92.113.217: 1 time 95.80.107.42 (42.107.80.95.arhangelsk.ptl.ru): 1 time 112.156.165.19: 6 times 175.6.98.2: 6 times 177.66.224.55 (177.66.224.55.n4telecom.com.br): 6 times Illegal users from: undef: 20 times 31.47.4.5: 3 times 51.254.47.198 (ns3016508.ip-51-254-47.eu): 1 time 78.222.68.65 (pns27-1-78-222-68-65.fbx.proxad.net): 6 times 84.23.42.189: 6 times 104.244.77.155 (.): 1 time 107.143.150.124 (107-143-150-124.lightspeed.irvnca.sbcglobal.net): 2 times 110.10.129.226: 1 time 113.21.228.18: 1 time 113.190.242.120 (static.vnpt.vn): 1 time 114.34.53.178 (114-34-53-178.HINET-IP.hinet.net): 1 time 116.255.75.249: 1 time 123.21.14.72: 1 time 138.68.106.62: 1 time 139.162.122.110 (scan-8.security.ipip.net): 1 time 140.143.183.71: 1 time 162.241.179.55 (server.bitacoradr.com): 1 time 185.53.169.49: 1 time 187.44.114.118 (static-187-44-114-118.optitel.net.br): 1 time 188.166.237.191: 1 time 200.69.250.253 (customer-static-250-253.iplannetworks.net): 1 time 201.68.243.63 (201-68-243-63.dsl.telesp.net.br): 5 times 219.147.168.103: 1 time ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################