Logwatch for h2361197.stratoserver.net (Linux)
by root@zapf.in
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Sat Sep 7 04:42:09 2019
Date Range Processed: yesterday
( 2019-Sep-06 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [476:481]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 4 sites probed the server
121.140.47.104
172.104.242.173
61.219.11.153
66.240.205.34
Requests with error response codes
400 Bad Request
../../mnt/custom/ProductDefinition: 15 Time(s)
null: 6 Time(s)
mstshash=Administr: 2 Time(s)
mstshash=Test: 2 Time(s)
/setup.cgi?next_file=netgear.cfg&todo=sysc ... ntsetting.htm=1: 1 Time(s)
404 Not Found
/robots.txt: 109 Time(s)
/berlin/apple-touch-icon.png: 6 Time(s)
/berichte/SoSe16/www.zapfev.de/reader/2016 ... nstanz_lang.pdf: 1 Time(s)
/berichte/SoSe16/www.zapfev.de/resolutione ... hraenkungen.pdf: 1 Time(s)
/berichte/WiSe16/www.zapfev.de/resolutione ... professuren.pdf: 1 Time(s)
/berlin/,: 1 Time(s)
/download/zapfev_satzung.pdf: 1 Time(s)
/protokolle/ergebnisprotokoll_mv_09.06.2017.pdf: 1 Time(s)
/reader/www.zapfev.de/zapf/resolutionen: 1 Time(s)
/resolutionen/sose18/Pruefungsanmeldung/reso_pruefungsanmel-: 1 Time(s)
/resolutionen/wise16/Zugangs-Zulassungsbeschraenkung/Reso: 1 Time(s)
/resolutionen/wise17/Zwangsexmatrikulation ... sexmatrikulati-: 1 Time(s)
/sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s)
/wp-login.php: 1 Time(s)
500 Internal Server Error
/: 45 Time(s)
/robots.txt: 7 Time(s)
/Lists/admin.php: 1 Time(s)
/admin.php: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
unknown (ns354139.ip-91-121-103.eu): 123 Time(s)
unknown (168.126.85.225): 116 Time(s)
unknown (103.28.57.86): 112 Time(s)
unknown (200.209.174.92): 107 Time(s)
unknown (36-232-17-190.fibertel.com.ar): 107 Time(s)
unknown (164.ip-144-217-84.net): 104 Time(s)
unknown (62.234.105.16): 104 Time(s)
unknown (ns388274.ip-176-31-253.eu): 101 Time(s)
unknown (124.156.202.243): 99 Time(s)
unknown (188.166.41.192): 95 Time(s)
unknown (user-83.96.infomir.com.ua): 95 Time(s)
unknown (138.36.96.46): 94 Time(s)
unknown (118.24.23.100): 92 Time(s)
unknown (178.128.125.60): 92 Time(s)
unknown (110.43.42.244): 88 Time(s)
unknown (154.ip-51-75-22.eu): 87 Time(s)
unknown (221.133.1.11): 82 Time(s)
unknown (43.231.61.147): 81 Time(s)
unknown (190.9.130.159): 77 Time(s)
unknown (ip17.ip-51-254-57.eu): 73 Time(s)
unknown (202.65.151.31): 68 Time(s)
unknown (124.74.248.218): 67 Time(s)
unknown (210.209.72.243): 67 Time(s)
unknown (189.7.17.61): 65 Time(s)
unknown (104.248.187.179): 61 Time(s)
unknown (50-250-231-41-static.hfc.comcastbusiness.net): 58 Time(s)
unknown (111.230.227.17): 51 Time(s)
unknown (as5300-s21-008.cnt.entelchile.net): 50 Time(s)
unknown (181.28.94.205): 41 Time(s)
unknown (116.196.109.197): 37 Time(s)
unknown (113.176.89.116): 36 Time(s)
unknown (104.248.148.34): 33 Time(s)
unknown (36.92.21.50): 32 Time(s)
unknown (113.ip-51-68-215.eu): 19 Time(s)
unknown (109.255.23.150): 17 Time(s)
unknown (45.80.64.246): 15 Time(s)
unknown (52.169.136.28): 15 Time(s)
unknown (157.230.18.195): 10 Time(s)
root (112.85.42.178): 6 Time(s)
root (119.183.48.113): 6 Time(s)
root (123.15.12.3): 6 Time(s)
root (180.126.50.50): 6 Time(s)
root (bzq-79-176-29-242.red.bezeqint.net): 6 Time(s)
unknown (175.ip-51-75-19.eu): 6 Time(s)
unknown (cpc109369-brom11-2-0-cust71.16-1.cable.virginm.net): 6 Time(s)
root (104.248.187.179): 5 Time(s)
root (164.ip-144-217-84.net): 5 Time(s)
postgres (178.128.125.60): 4 Time(s)
root (116.196.109.197): 4 Time(s)
root (210.209.72.243): 4 Time(s)
unknown (59.54.154.118): 4 Time(s)
mysql (168.126.85.225): 3 Time(s)
mysql (ns354139.ip-91-121-103.eu): 3 Time(s)
postgres (168.126.85.225): 3 Time(s)
postgres (36-232-17-190.fibertel.com.ar): 3 Time(s)
postgres (ns354139.ip-91-121-103.eu): 3 Time(s)
postgres (user-83.96.infomir.com.ua): 3 Time(s)
root (124.156.202.243): 3 Time(s)
root (138.36.96.46): 3 Time(s)
root (168.126.85.225): 3 Time(s)
root (200.209.174.92): 3 Time(s)
root (43.231.61.147): 3 Time(s)
root (as5300-s21-008.cnt.entelchile.net): 3 Time(s)
unknown (193.32.163.182): 3 Time(s)
unknown (218.153.159.206): 3 Time(s)
unknown (92.63.194.26): 3 Time(s)
mysql (111.230.227.17): 2 Time(s)
mysql (124.156.202.243): 2 Time(s)
mysql (138.36.96.46): 2 Time(s)
mysql (43.231.61.147): 2 Time(s)
postgres (103.28.57.86): 2 Time(s)
postgres (110.43.42.244): 2 Time(s)
postgres (111.230.227.17): 2 Time(s)
postgres (164.ip-144-217-84.net): 2 Time(s)
postgres (189.7.17.61): 2 Time(s)
postgres (190.9.130.159): 2 Time(s)
postgres (200.209.174.92): 2 Time(s)
postgres (210.209.72.243): 2 Time(s)
postgres (ip17.ip-51-254-57.eu): 2 Time(s)
root (178.128.125.60): 2 Time(s)
root (36-232-17-190.fibertel.com.ar): 2 Time(s)
root (45.80.64.246): 2 Time(s)
root (user-83.96.infomir.com.ua): 2 Time(s)
www-data (ns354139.ip-91-121-103.eu): 2 Time(s)
games (116.196.109.197): 1 Time(s)
mail (104.248.187.179): 1 Time(s)
mysql (188.166.41.192): 1 Time(s)
mysql (189.7.17.61): 1 Time(s)
mysql (190.9.130.159): 1 Time(s)
mysql (202.65.151.31): 1 Time(s)
mysql (210.209.72.243): 1 Time(s)
mysql (36-232-17-190.fibertel.com.ar): 1 Time(s)
mysql (52.169.136.28): 1 Time(s)
mysql (ip17.ip-51-254-57.eu): 1 Time(s)
postgres (104.248.148.34): 1 Time(s)
postgres (104.248.187.179): 1 Time(s)
postgres (109.255.23.150): 1 Time(s)
postgres (113.ip-51-68-215.eu): 1 Time(s)
postgres (124.74.248.218): 1 Time(s)
postgres (188.166.41.192): 1 Time(s)
postgres (45.80.64.246): 1 Time(s)
postgres (ns388274.ip-176-31-253.eu): 1 Time(s)
root (103.28.57.86): 1 Time(s)
root (109.255.23.150): 1 Time(s)
root (110.43.42.244): 1 Time(s)
root (111.230.227.17): 1 Time(s)
root (118.121.201.83): 1 Time(s)
root (124.74.248.218): 1 Time(s)
root (154.ip-51-75-22.eu): 1 Time(s)
root (180.66.34.140): 1 Time(s)
root (202.65.151.31): 1 Time(s)
root (221.133.1.11): 1 Time(s)
root (36.92.21.50): 1 Time(s)
root (5.196.252.8.infinity-hosting.com): 1 Time(s)
root (50-250-231-41-static.hfc.comcastbusiness.net): 1 Time(s)
root (52.169.136.28): 1 Time(s)
root (62.234.105.16): 1 Time(s)
root (ip17.ip-51-254-57.eu): 1 Time(s)
root (ns388274.ip-176-31-253.eu): 1 Time(s)
temp (109.255.23.150): 1 Time(s)
temp (138.36.96.46): 1 Time(s)
temp (164.ip-144-217-84.net): 1 Time(s)
temp (168.126.85.225): 1 Time(s)
temp (210.209.72.243): 1 Time(s)
temp (221.133.1.11): 1 Time(s)
unknown (112.186.77.86): 1 Time(s)
unknown (121.142.111.86): 1 Time(s)
unknown (121.67.246.132): 1 Time(s)
unknown (129.204.176.234): 1 Time(s)
unknown (14.186.41.222): 1 Time(s)
unknown (152.169.204.74): 1 Time(s)
unknown (175.211.116.234): 1 Time(s)
unknown (202.137.141.91): 1 Time(s)
unknown (218.148.239.169): 1 Time(s)
unknown (223.245.31.65): 1 Time(s)
unknown (49.235.8.107): 1 Time(s)
unknown (blog.jungleland.co.id): 1 Time(s)
unknown (data-131-6.cgates.lt): 1 Time(s)
unknown (ip5b432bb6.dynamic.kabel-deutschland.de): 1 Time(s)
unknown (mail.resistance.cf): 1 Time(s)
unknown (ns2.cablebox.co): 1 Time(s)
www-data (104.248.148.34): 1 Time(s)
www-data (116.196.109.197): 1 Time(s)
www-data (124.156.202.243): 1 Time(s)
www-data (188.166.41.192): 1 Time(s)
www-data (36.92.21.50): 1 Time(s)
www-data (50-250-231-41-static.hfc.comcastbusiness.net): 1 Time(s)
www-data (ns388274.ip-176-31-253.eu): 1 Time(s)
Invalid Users:
Unknown Account: 2716 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
5 Miscellaneous warnings
17.950K Bytes accepted 18,381
17.950K Bytes sent via SMTP 18,381
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
2 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
2 Total 4xx Rejects 100.00%
======== ==================================================
660 Connections
3 Connections lost (inbound)
660 Disconnections
1 Removed from queue
1 Sent via SMTP
1 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End -------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
invalid : 1 Time(s)
root : 5 Time(s)
Failed logins from:
5.196.252.8 (5.196.252.8.infinity-hosting.com): 1 time
36.92.21.50: 2 times
43.231.61.147 (static-147-61-231-43.ebonenet.com): 5 times
45.80.64.246: 3 times
50.250.231.41 (50-250-231-41-static.hfc.comcastbusiness.net): 2 times
51.68.215.113 (113.ip-51-68-215.eu): 1 time
51.75.22.154 (154.ip-51-75-22.eu): 1 time
51.254.57.17 (ip17.ip-51-254-57.eu): 4 times
52.169.136.28: 2 times
62.234.105.16: 1 time
79.176.29.242 (bzq-79-176-29-242.red.bezeqint.net): 6 times
91.121.103.175 (ns354139.ip-91-121-103.eu): 8 times
103.28.57.86: 3 times
104.248.148.34: 2 times
104.248.187.179: 7 times
109.255.23.150: 3 times
110.43.42.244: 3 times
111.230.227.17: 5 times
112.85.42.178: 6 times
116.196.109.197: 6 times
118.121.201.83: 1 time
119.183.48.113: 6 times
123.15.12.3 (hn.kd.ny.adsl): 6 times
124.74.248.218: 2 times
124.156.202.243: 6 times
138.36.96.46 (138-36-96-46.reduno.com.ar): 6 times
144.217.84.164 (164.ip-144-217-84.net): 8 times
164.77.119.18 (as5300-s21-008.cnt.entelchile.net): 3 times
168.126.85.225: 10 times
176.31.253.55 (ns388274.ip-176-31-253.eu): 3 times
178.128.125.60: 6 times
180.66.34.140: 1 time
180.126.50.50: 6 times
188.166.41.192: 3 times
189.7.17.61 (bd07113d.virtua.com.br): 3 times
190.9.130.159: 3 times
190.17.232.36 (36-232-17-190.fibertel.com.ar): 6 times
200.209.174.92: 5 times
202.65.151.31 (static-202-65-151-31.ctrls.in): 2 times
210.209.72.243: 8 times
217.73.83.96 (user-83.96.infomir.com.ua): 5 times
221.133.1.11: 2 times
Illegal users from:
undef: 648 times
5.20.131.6 (data-131-6.cgates.lt): 1 time
14.186.41.222 (static.vnpt.vn): 1 time
36.92.21.50: 32 times
43.231.61.147 (static-147-61-231-43.ebonenet.com): 81 times
45.80.64.246: 15 times
49.235.8.107: 1 time
50.250.231.41 (50-250-231-41-static.hfc.comcastbusiness.net): 58 times
51.15.167.124 (mail.resistance.cf): 1 time
51.68.215.113 (113.ip-51-68-215.eu): 19 times
51.75.19.175 (175.ip-51-75-19.eu): 6 times
51.75.22.154 (154.ip-51-75-22.eu): 87 times
51.254.57.17 (ip17.ip-51-254-57.eu): 73 times
52.169.136.28: 15 times
59.54.154.118 (118.154.54.59.broad.sr.jx.dynamic.163data.com.cn): 4 times
62.234.105.16: 104 times
82.41.141.72 (cpc109369-brom11-2-0-cust71.16-1.cable.virginm.net): 6 times
91.67.43.182 (ip5b432bb6.dynamic.kabel-deutschland.de): 1 time
91.121.103.175 (ns354139.ip-91-121-103.eu): 123 times
92.63.194.26: 3 times
103.28.57.86: 112 times
104.248.148.34: 33 times
104.248.187.179: 61 times
109.255.23.150: 17 times
110.43.42.244: 88 times
111.230.227.17: 51 times
112.186.77.86: 1 time
113.176.89.116 (static.vnpt.vn): 36 times
116.196.109.197: 37 times
118.24.23.100: 92 times
121.67.246.132: 1 time
121.142.111.86: 1 time
124.74.248.218: 67 times
124.156.202.243: 99 times
129.204.176.234: 1 time
138.36.96.46 (138-36-96-46.reduno.com.ar): 94 times
139.59.249.255 (blog.jungleland.co.id): 1 time
139.162.122.110 (scan-8.security.ipip.net): 1 time
144.217.79.233 (ns2.cablebox.co): 1 time
144.217.84.164 (164.ip-144-217-84.net): 104 times
152.169.204.74 (74-204-169-152.fibertel.com.ar): 1 time
157.230.18.195: 10 times
164.77.119.18 (as5300-s21-008.cnt.entelchile.net): 50 times
168.126.85.225: 116 times
175.211.116.234: 1 time
176.31.253.55 (ns388274.ip-176-31-253.eu): 101 times
178.128.125.60: 92 times
181.28.94.205 (205-94-28-181.fibertel.com.ar): 41 times
188.166.41.192: 95 times
189.7.17.61 (bd07113d.virtua.com.br): 65 times
190.9.130.159: 77 times
190.17.232.36 (36-232-17-190.fibertel.com.ar): 107 times
193.32.163.182 (hosting-by.cloud-home.me): 3 times
200.209.174.92: 107 times
202.65.151.31 (static-202-65-151-31.ctrls.in): 68 times
202.137.141.91: 1 time
210.209.72.243: 67 times
217.73.83.96 (user-83.96.infomir.com.ua): 95 times
218.148.239.169: 1 time
218.153.159.206: 3 times
221.133.1.11: 82 times
223.245.31.65: 5 times
**Unmatched Entries**
fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 1 time(s)
Disconnecting: Change of username or service not allowed: (admin,ssh-connection) -> (user,ssh-connection) [preauth] : 3 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 400G 242G 159G 61% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
6 Jahre, 1 Monat
Undelivered Mail Returned to Sender
by MAILER-DAEMON@zapf.in
This is the mail system at host mail.zapf.in.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<michael.saur(a)uni.konstanz.de>: Host or domain name not found. Name service
error for name=uni.konstanz.de type=AAAA: Host not found
6 Jahre, 1 Monat
Undelivered Mail Returned to Sender
by MAILER-DAEMON@zapf.in
This is the mail system at host mail.zapf.in.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<michael.saur(a)uni.konstanz.de>: Host or domain name not found. Name service
error for name=uni.konstanz.de type=AAAA: Host not found
6 Jahre, 1 Monat
Undelivered Mail Returned to Sender
by MAILER-DAEMON@zapf.in
This is the mail system at host mail.zapf.in.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<michael.saur(a)uni.konstanz.de>: Host or domain name not found. Name service
error for name=uni.konstanz.de type=AAAA: Host not found
6 Jahre, 1 Monat
Undelivered Mail Returned to Sender
by MAILER-DAEMON@zapf.in
This is the mail system at host mail.zapf.in.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<michael.saur(a)uni.konstanz.de>: Host or domain name not found. Name service
error for name=uni.konstanz.de type=AAAA: Host not found
6 Jahre, 1 Monat
Undelivered Mail Returned to Sender
by MAILER-DAEMON@zapf.in
This is the mail system at host mail.zapf.in.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<michael.saur(a)uni.konstanz.de>: Host or domain name not found. Name service
error for name=uni.konstanz.de type=AAAA: Host not found
6 Jahre, 1 Monat
Undelivered Mail Returned to Sender
by MAILER-DAEMON@zapf.in
This is the mail system at host mail.zapf.in.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<michael.saur(a)uni.konstanz.de>: Host or domain name not found. Name service
error for name=uni.konstanz.de type=AAAA: Host not found
6 Jahre, 1 Monat
Undelivered Mail Returned to Sender
by MAILER-DAEMON@zapf.in
This is the mail system at host mail.zapf.in.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<michael.saur(a)uni.konstanz.de>: Host or domain name not found. Name service
error for name=uni.konstanz.de type=AAAA: Host not found
6 Jahre, 1 Monat
Undelivered Mail Returned to Sender
by MAILER-DAEMON@zapf.in
This is the mail system at host mail.zapf.in.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<michael.saur(a)uni.konstanz.de>: Host or domain name not found. Name service
error for name=uni.konstanz.de type=AAAA: Host not found
6 Jahre, 1 Monat
Undelivered Mail Returned to Sender
by MAILER-DAEMON@zapf.in
This is the mail system at host mail.zapf.in.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<jan.metsch(a)physik.uni-giessen.de>: host
mailgw31.hrz.uni-giessen.de[134.176.4.18] said: 550 Unknown recipient (in
reply to RCPT TO command)
6 Jahre, 1 Monat
