################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Sun Aug 16 04:42:08 2020 Date Range Processed: yesterday ( 2020-Aug-15 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 23:23 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 4 sites probed the server 164.90.208.214 185.39.11.105 40.69.155.91 66.240.205.34 Requests with error response codes 400 Bad Request null: 6 Time(s) mstshash=Administr: 2 Time(s) 403 Forbidden /resolutionen/wise17/Zwangsexmatrikulation/: 1 Time(s) 404 Not Found /robots.txt: 33 Time(s) /wp-login.php: 23 Time(s) /.env: 2 Time(s) /berlin/apple-touch-icon.png: 2 Time(s) /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s) /wp-admin/admin-ajax.php: 2 Time(s) /.well-known/assetlinks.json: 1 Time(s) //2018/wp-includes/wlwmanifest.xml: 1 Time(s) //2019/wp-includes/wlwmanifest.xml: 1 Time(s) //blog/wp-includes/wlwmanifest.xml: 1 Time(s) //cms/wp-includes/wlwmanifest.xml: 1 Time(s) //media/wp-includes/wlwmanifest.xml: 1 Time(s) //news/wp-includes/wlwmanifest.xml: 1 Time(s) //shop/wp-includes/wlwmanifest.xml: 1 Time(s) //site/wp-includes/wlwmanifest.xml: 1 Time(s) //sito/wp-includes/wlwmanifest.xml: 1 Time(s) //test/wp-includes/wlwmanifest.xml: 1 Time(s) //web/wp-includes/wlwmanifest.xml: 1 Time(s) //website/wp-includes/wlwmanifest.xml: 1 Time(s) //wordpress/wp-includes/wlwmanifest.xml: 1 Time(s) //wp-includes/wlwmanifest.xml: 1 Time(s) //wp/wp-includes/wlwmanifest.xml: 1 Time(s) //wp1/wp-includes/wlwmanifest.xml: 1 Time(s) //wp2/wp-includes/wlwmanifest.xml: 1 Time(s) //xmlrpc.php?rsd: 1 Time(s) /home/verein: 1 Time(s) /home/zapf: 1 Time(s) /neuigkeiten/einladung-mgv-ss2011: 1 Time(s) /reader/1993-wi-reader_st93.pdf: 1 Time(s) /reader/1995-wi-reader_bn95.pdf: 1 Time(s) /reader/2017_SoSe_Berlin_vorlaeufig.pdf%7C: 1 Time(s) /resolutionen/wise15/Transparenz_in_der_Dr ... sparenz_in_der_: 1 Time(s) /sites/default/files/1979_WiSe_Karlsruhe.pdf: 1 Time(s) /sites/default/files/Bericht_SommerZaPF13_Jena.pdf: 1 Time(s) /verein/satzung/%7CSatzung: 1 Time(s) /wp-admin/admin-ajax.php?action=duplicator ... 2Fwp-config.php: 1 Time(s) /wp-admin/admin-ajax.php?action=revslider_ ... 2Fwp-config.php: 1 Time(s) /xmlrpc.php: 1 Time(s) /zapf/reader/%7CTagungsreader: 1 Time(s) 500 Internal Server Error /: 85 Time(s) /HNAP1: 1 Time(s) /evox/about: 1 Time(s) /nmaplowercheck1597528102: 1 Time(s) /robots.txt: 1 Time(s) /sdk: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (207.154.229.50): 66 Time(s) root (ns3303787.ovh.net): 62 Time(s) root (241.ip-54-37-205.eu): 61 Time(s) root (116.235.131.148): 52 Time(s) root (142.93.251.1): 51 Time(s) root (ip246.ip-91-134-157.eu): 46 Time(s) root (150.136.220.58): 45 Time(s) root (221.ip-51-38-236.eu): 43 Time(s) root (180.ip-51-38-186.eu): 42 Time(s) root (218.98.195.35.bc.googleusercontent.com): 42 Time(s) root (184.71.76.230): 41 Time(s) root (220.247.217.133): 41 Time(s) root (139.170.118.203): 40 Time(s) root (188.166.211.7): 40 Time(s) root (103.129.223.101): 39 Time(s) root (106.13.228.21): 39 Time(s) root (188.166.144.207): 39 Time(s) root (61.76.169.138): 37 Time(s) root (132.232.108.149): 36 Time(s) root (223.220.251.232): 35 Time(s) root (85.234.117.151): 35 Time(s) root (111.161.74.100): 33 Time(s) root (113.107.4.198): 33 Time(s) root (179.216.176.168): 33 Time(s) root (119.235.19.66): 32 Time(s) root (218.255.86.106): 32 Time(s) root (46.101.212.57): 31 Time(s) root (ool-4570383f.dyn.optonline.net): 30 Time(s) root (134.175.132.12): 29 Time(s) root (49.235.76.84): 29 Time(s) root (kamaishisports.com): 27 Time(s) root (rrcs-147-0-22-179.central.biz.rr.com): 27 Time(s) root (106.75.35.150): 26 Time(s) root (61.175.121.76): 26 Time(s) root (152.32.166.14): 25 Time(s) root (84.241.7.77): 25 Time(s) root (132.232.26.124): 24 Time(s) root (ns3099822.ip-37-59-61.eu): 24 Time(s) root (46.101.43.224): 22 Time(s) root (103.139.219.20): 18 Time(s) root (165.22.54.171): 17 Time(s) root (148-240-70-42.reservada.static.axtel.net): 16 Time(s) root (106.13.226.112): 15 Time(s) root (n058153174086.netvigator.com): 14 Time(s) root (50.ip-137-74-119.eu): 12 Time(s) root (67.ip-37-187-54.eu): 12 Time(s) root (222.87.224.25): 9 Time(s) root (45.43.36.219): 9 Time(s) root (ppp108-160.static.internode.on.net): 9 Time(s) unknown (121.171.166.170): 9 Time(s) root (52.231.54.27): 8 Time(s) root (165.227.62.103): 7 Time(s) root (174.ip-5-196-225.eu): 7 Time(s) root (121.171.166.170): 6 Time(s) root (142.4.205.238): 6 Time(s) root (180.76.158.224): 6 Time(s) root (185.38.175.72): 6 Time(s) unknown (152.32.166.14): 6 Time(s) root (118.101.192.62): 5 Time(s) root (47.52.39.76): 5 Time(s) root (47.57.6.243): 5 Time(s) root (49.235.124.125): 5 Time(s) root (157.230.251.115): 4 Time(s) root (190-21-36-225.baf.movistar.cl): 4 Time(s) root (45.14.150.86): 4 Time(s) root (rtmp.witel.it): 4 Time(s) root (106.51.50.2): 3 Time(s) root (118.89.140.16): 3 Time(s) root (182.61.43.202): 3 Time(s) root (185.15.145.79): 3 Time(s) root (106.75.67.48): 2 Time(s) root (138.197.213.233): 2 Time(s) root (51.ip-51-91-110.eu): 2 Time(s) unknown (111.14.221.8): 2 Time(s) unknown (78-31-228-185.ip.airnet.lt): 2 Time(s) unknown (94.58.169.214): 2 Time(s) postgres (149.202.13.50): 1 Time(s) root (103.252.196.150): 1 Time(s) root (103.90.190.54): 1 Time(s) root (106.54.194.35): 1 Time(s) root (111.161.74.117): 1 Time(s) root (112.16.211.200): 1 Time(s) root (114.67.203.36): 1 Time(s) root (115.238.62.154): 1 Time(s) root (119.226.11.100): 1 Time(s) root (120-88-46-226.snat21.hns.net.in): 1 Time(s) root (147.50.135.171): 1 Time(s) root (160.124.50.93): 1 Time(s) root (171.244.139.236): 1 Time(s) root (178.128.59.146): 1 Time(s) root (182.75.115.59): 1 Time(s) root (185.147.163.24): 1 Time(s) root (200.150.77.93): 1 Time(s) root (213.32.31.108): 1 Time(s) root (220.177.92.227): 1 Time(s) root (221.122.73.130): 1 Time(s) root (27.254.206.238): 1 Time(s) root (36.67.197.52): 1 Time(s) root (39.106.9.129): 1 Time(s) root (41.225.16.156): 1 Time(s) root (43.225.151.253): 1 Time(s) root (65.49.194.40.16clouds.com): 1 Time(s) root (68.183.193.148): 1 Time(s) root (ip-142-90-1-45.user.start.ca): 1 Time(s) unknown (106.75.35.150): 1 Time(s) unknown (201.170.152.66.dsl.dyn.telnor.net): 1 Time(s) unknown (85.209.0.101): 1 Time(s) Invalid Users: Unknown Account: 24 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 23.462K Bytes accepted 24,025 23.462K Bytes sent via SMTP 24,025 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 51 Connections 27 Connections lost (inbound) 51 Disconnections 1 Removed from queue 1 Sent via SMTP ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 2 Time(s) Failed logins from: 5.196.225.174 (174.ip-5-196-225.eu): 7 times 27.254.206.238 (238.206.254.27.static-ip.csloxinfo.net): 1 time 35.195.98.218 (218.98.195.35.bc.googleusercontent.com): 42 times 36.67.197.52: 1 time 37.59.61.13 (ns3099822.ip-37-59-61.eu): 24 times 37.187.54.67 (67.ip-37-187-54.eu): 12 times 39.106.9.129: 1 time 41.225.16.156: 1 time 43.225.151.253: 1 time 45.14.150.86: 4 times 45.43.36.219: 9 times 46.101.43.224: 22 times 46.101.212.57: 31 times 47.52.39.76: 5 times 47.57.6.243: 5 times 49.235.76.84: 29 times 49.235.124.125: 5 times 51.38.186.180 (180.ip-51-38-186.eu): 42 times 51.38.236.221 (221.ip-51-38-236.eu): 43 times 51.91.110.51 (51.ip-51-91-110.eu): 2 times 52.231.54.27: 8 times 54.37.205.241 (241.ip-54-37-205.eu): 61 times 58.153.174.86 (n058153174086.netvigator.com): 14 times 61.76.169.138: 37 times 61.175.121.76 (76.121.175.61.dial.hu.zj.dynamic.163data.com.cn): 26 times 65.49.194.40 (65.49.194.40.16clouds.com): 1 time 68.183.193.148 (247labs.com-march-2020): 1 time 69.112.56.63 (ool-4570383f.dyn.optonline.net): 30 times 84.241.7.77 (84-241-7-77.shatel.ir): 25 times 85.234.117.151: 35 times 91.134.157.246 (ip246.ip-91-134-157.eu): 46 times 91.204.248.42 (rtmp.witel.it): 4 times 103.90.190.54: 1 time 103.129.223.101: 39 times 103.139.219.20: 18 times 103.252.196.150: 1 time 106.13.226.112: 15 times 106.13.228.21: 39 times 106.51.50.2 (broadband.actcorp.in): 3 times 106.54.194.35: 1 time 106.75.35.150: 26 times 106.75.67.48: 2 times 111.161.74.100 (dns100.online.tj.cn): 33 times 111.161.74.117 (dns117.online.tj.cn): 1 time 112.16.211.200: 1 time 113.107.4.198: 33 times 114.67.203.36: 1 time 115.238.62.154: 1 time 116.235.131.148: 52 times 118.89.140.16: 3 times 118.101.192.62: 5 times 119.226.11.100 (firewall.adventz.com): 1 time 119.235.19.66: 32 times 120.88.46.226 (120-88-46-226.snat21.hns.net.in): 1 time 121.171.166.170: 6 times 132.232.26.124: 24 times 132.232.108.149: 36 times 133.242.53.108 (kamaishisports.com): 27 times 134.175.132.12: 29 times 137.74.119.50 (50.ip-137-74-119.eu): 12 times 138.197.213.233: 2 times 139.170.118.203: 40 times 142.4.205.238 (exit-ca.x86txt.com): 6 times 142.90.1.45 (ip-142-90-1-45.user.start.ca): 1 time 142.93.251.1: 51 times 147.0.22.179 (rrcs-147-0-22-179.central.biz.rr.com): 27 times 147.50.135.171: 1 time 148.240.70.42 (148-240-70-42.reservada.static.axtel.net): 16 times 149.202.13.50: 1 time 150.101.108.160 (ppp108-160.static.internode.on.net): 9 times 150.136.220.58: 45 times 152.32.166.14: 25 times 157.230.251.115: 4 times 160.124.50.93: 1 time 165.22.54.171: 17 times 165.227.62.103: 7 times 171.244.139.236: 1 time 178.32.218.192 (ns3303787.ovh.net): 62 times 178.128.59.146: 1 time 179.216.176.168 (b3d8b0a8.virtua.com.br): 33 times 180.76.158.224: 6 times 182.61.43.202: 3 times 182.75.115.59 (nsg-static-59.115.75.182-airtel.com): 1 time 184.71.76.230 (reweb2.rehosting.ca): 41 times 185.15.145.79 (79.145.15.185.nonstoponline.com): 3 times 185.38.175.72: 6 times 185.147.163.24: 1 time 188.166.144.207: 39 times 188.166.211.7: 40 times 190.21.36.225 (190-21-36-225.baf.movistar.cl): 4 times 200.150.77.93 (93.77.150.200.static.copel.net): 1 time 207.154.229.50: 66 times 213.32.31.108: 1 time 218.255.86.106 (static.reserve.wtt.net.hk): 32 times 220.177.92.227: 1 time 220.247.217.133: 41 times 221.122.73.130 (mx-lt49-130.meituan.com): 1 time 222.87.224.25: 9 times 223.220.251.232: 35 times Illegal users from: undef: 20 times 65.49.20.66: 1 time 78.31.228.185 (78-31-228-185.ip.airnet.lt): 2 times 85.209.0.101: 1 time 94.58.169.214: 2 times 106.75.35.150: 1 time 111.14.221.8: 2 times 121.171.166.170: 9 times 152.32.166.14: 6 times 201.170.152.66 (201.170.152.66.dsl.dyn.telnor.net): 1 time ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 242G 159G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################