################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Sun Feb 10 04:42:04 2019 Date Range Processed: yesterday ( 2019-Feb-09 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 8:8 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 123.160.172.191 -> zapf.wiki:443: 1 Time(s) 59.36.132.222 -> www.baidu.com:443: 1 Time(s) A total of 1 sites probed the server 194.147.32.109 Requests with error response codes 400 Bad Request mstshash=Administr: 3 Time(s) null: 3 Time(s) /a2billing/customer/templates/default/footer.tpl: 1 Time(s) /about.php: 1 Time(s) /api/v1: 1 Time(s) /recordings/: 1 Time(s) /vtigercrm/vtigerservice.php: 1 Time(s) \xE4]\x9AP\xBD|\x00Z\xF20\xE7\xC07G\x04\xA ... C0$\xC0\x14\xC0: 1 Time(s) www.baidu.com:443: 1 Time(s) zapf.wiki:443: 1 Time(s) 403 Forbidden /.git/HEAD: 1 Time(s) 404 Not Found /robots.txt: 35 Time(s) /wp-login.php: 8 Time(s) /berlin/apple-touch-icon.png: 7 Time(s) /.git/HEAD: 4 Time(s) /favicon.ico: 3 Time(s) /.well-known/apple-app-site-association: 1 Time(s) /administrator/index.php: 1 Time(s) /apple-app-site-association: 1 Time(s) /jfpsrglewcpd.html: 1 Time(s) /sites/default/files/1987_SoSe_Aachen.pdf: 1 Time(s) 500 Internal Server Error /: 2 Time(s) /user/edit: 2 Time(s) /a2billing/customer/templates/default/footer.tpl: 1 Time(s) /about.php: 1 Time(s) /api/v1: 1 Time(s) /recordings/: 1 Time(s) /vtigercrm/vtigerservice.php: 1 Time(s) 502 Bad Gateway /: 24 Time(s) /.git/HEAD: 2 Time(s) //wp-login.php: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (104.167.130.11): 6 Time(s) root (223.16.36.211): 6 Time(s) root (78.189.47.125): 6 Time(s) root (79.164.17.128): 6 Time(s) unknown (116.3.108.14): 6 Time(s) unknown (122.230.227.211): 6 Time(s) unknown (222.116.192.2): 6 Time(s) unknown (213.red-80-26-213.dynamicip.rima-tde.net): 2 Time(s) unknown (27.34.245.26): 2 Time(s) unknown (80.181.185.230): 2 Time(s) unknown (aup83-1-78-195-178-119.fbx.proxad.net): 2 Time(s) unknown (d1.ajeel.be): 2 Time(s) unknown (ns3367692.ip-37-187-79.eu): 2 Time(s) postgres (105.22.42.250): 1 Time(s) root (122.154.134.38): 1 Time(s) root (128.199.221.163): 1 Time(s) root (138.197.158.109): 1 Time(s) sshd (n251h173.sprintdatacenter.net): 1 Time(s) temp (181.165.255.200): 1 Time(s) unknown (106.13.15.200): 1 Time(s) unknown (110.10.129.226): 1 Time(s) unknown (110.79.18.2): 1 Time(s) unknown (115.94.103.170): 1 Time(s) unknown (122.195.145.242): 1 Time(s) unknown (139.199.207.240): 1 Time(s) unknown (14.231.175.230): 1 Time(s) unknown (159.89.169.109): 1 Time(s) unknown (167.99.43.65): 1 Time(s) unknown (185.51.213.180): 1 Time(s) unknown (188.16.11.50): 1 Time(s) unknown (188.166.216.84): 1 Time(s) unknown (189.254.33.157): 1 Time(s) unknown (200.10.100.211): 1 Time(s) unknown (219.147.168.103): 1 Time(s) unknown (222.170.61.138): 1 Time(s) unknown (28.sub-166-150-46.myvzw.com): 1 Time(s) unknown (41.ip-51-254-205.eu): 1 Time(s) unknown (88.214.26.49): 1 Time(s) unknown (93-62-182-102.ip23.fastwebnet.it): 1 Time(s) unknown (ec2-34-220-107-75.us-west-2.compute.amazonaws.com): 1 Time(s) unknown (ec2-35-157-209-53.eu-central-1.compute.amazonaws.com): 1 Time(s) unknown (mxspmgw.wg3cf3ct.work): 1 Time(s) Invalid Users: Unknown Account: 57 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 121 Miscellaneous warnings 8.006K Bytes accepted 8,198 8.006K Bytes sent via SMTP 8,198 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 6 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 6 Total 4xx Rejects 100.00% ======== ================================================== 710 Connections 227 Connections lost (inbound) 710 Disconnections 1 Removed from queue 1 Sent via SMTP 1 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: invalid : 3 Time(s) root : 4 Time(s) Failed logins from: 78.189.47.125 (78.189.47.125.static.ttnet.com.tr): 6 times 79.164.17.128 (host-79-164-17-128.qwerty.ru): 6 times 104.167.130.11: 6 times 105.22.42.250: 1 time 122.154.134.38: 1 time 128.199.221.163: 1 time 138.197.158.109 (89572.cloudwaysapps.com): 1 time 181.165.255.200 (200-255-165-181.fibertel.com.ar): 1 time 185.38.251.173 (n251h173.sprintdatacenter.net): 1 time 223.16.36.211 (211-36-16-223-on-nets.com): 6 times Illegal users from: undef: 24 times 14.231.175.230 (static.vnpt.vn): 1 time 27.34.245.26 (27.34.245.26.static.belltele.in): 2 times 34.220.107.75 (ec2-34-220-107-75.us-west-2.compute.amazonaws.com): 1 time 35.157.209.53 (ec2-35-157-209-53.eu-central-1.compute.amazonaws.com): 1 time 37.187.79.106 (ns3367692.ip-37-187-79.eu): 2 times 51.254.205.41 (41.ip-51-254-205.eu): 1 time 78.195.178.119 (aup83-1-78-195-178-119.fbx.proxad.net): 2 times 80.26.213.213 (213.red-80-26-213.dynamicip.rima-tde.net): 2 times 80.181.185.230: 2 times 88.214.26.49 (hostby.fcloud.biz): 1 time 93.62.182.102 (93-62-182-102.ip23.fastwebnet.it): 1 time 94.23.212.137 (d1.ajeel.be): 2 times 106.13.15.200: 1 time 110.10.129.226: 1 time 110.79.18.2: 1 time 115.94.103.170: 1 time 116.3.108.14: 6 times 122.195.145.242: 5 times 122.230.227.211: 6 times 139.199.207.240: 1 time 159.89.169.109: 1 time 166.150.46.28 (28.sub-166-150-46.myvzw.com): 1 time 167.99.43.65: 1 time 180.151.48.148 (mxspmgw.wg3cf3ct.work): 1 time 185.51.213.180: 1 time 188.16.11.50: 1 time 188.166.216.84: 1 time 189.254.33.157 (customer-189-254-33-157-sta.uninet-ide.com.mx): 1 time 200.10.100.211 (211.host.advance.com.ar): 1 time 219.147.168.103: 1 time 222.116.192.2: 6 times 222.170.61.138 (138.61.170.222.broad.md.hl.dynamic.163data.com.cn): 1 time ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################