November 2021 - TOPF

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Wed Nov 3 04:42:04 2021 Date Range Processed: yesterday ( 2021-Nov-02 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 84:84 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 188.214.132.76 -> 84.152.86.242:4444: 1 Time(s) 91.239.130.31 -> cdn.jsdelivr.net:443: 3 Time(s) A total of 8 sites probed the server 103.74.220.25 159.203.0.168 165.22.100.187 198.98.56.220 209.141.51.171 34.96.130.12 5.188.210.227 89.248.165.120 Requests with error response codes 400 Bad Request null: 16 Time(s) /ab2g: 6 Time(s) /ab2h: 6 Time(s) cdn.jsdelivr.net:443: 3 Time(s) /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 2 Time(s) /: 1 Time(s) /config/getuser?index=0: 1 Time(s) /w00tw00t.at.ISC.SANS.DFind:): 1 Time(s) 84.152.86.242:4444: 1 Time(s) mstshash=Administr: 1 Time(s) zapf.in: 1 Time(s) 404 Not Found //2019/wp-includes/wlwmanifest.xml: 1 Time(s) //2020/wp-includes/wlwmanifest.xml: 1 Time(s) //blog/wp-includes/wlwmanifest.xml: 1 Time(s) //cms/wp-includes/wlwmanifest.xml: 1 Time(s) //news/wp-includes/wlwmanifest.xml: 1 Time(s) //shop/wp-includes/wlwmanifest.xml: 1 Time(s) //site/wp-includes/wlwmanifest.xml: 1 Time(s) //sito/wp-includes/wlwmanifest.xml: 1 Time(s) //test/wp-includes/wlwmanifest.xml: 1 Time(s) //web/wp-includes/wlwmanifest.xml: 1 Time(s) //website/wp-includes/wlwmanifest.xml: 1 Time(s) //wordpress/wp-includes/wlwmanifest.xml: 1 Time(s) //wp-includes/wlwmanifest.xml: 1 Time(s) //wp/wp-includes/wlwmanifest.xml: 1 Time(s) //wp1/wp-includes/wlwmanifest.xml: 1 Time(s) //wp2/wp-includes/wlwmanifest.xml: 1 Time(s) //xmlrpc.php?rsd: 1 Time(s) 500 Internal Server Error /: 37 Time(s) /.env: 6 Time(s) /ecp/Current/exporttool/microsoft.exchange ... ool.application: 2 Time(s) /robots.txt: 2 Time(s) /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /Autodiscover/Autodiscover.xml: 1 Time(s) /CommPilot/Login/: 1 Time(s) /HNAP1/: 1 Time(s) /Login/: 1 Time(s) /ReportServer: 1 Time(s) /_ignition/execute-solution: 1 Time(s) /actuator/health: 1 Time(s) /api/jsonws/invoke: 1 Time(s) /auth/login/: 1 Time(s) /console/: 1 Time(s) /favicon.ico: 1 Time(s) /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s) /mifs/.;/services/LogService: 1 Time(s) /owa/auth/logon.aspx: 1 Time(s) /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s) /owa/auth/x.js: 1 Time(s) /wp-content/plugins/wp-file-manager/readme.txt: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: unknown (119.28.90.20): 40 Time(s) root (103.146.30.114): 38 Time(s) root (128.199.222.43): 37 Time(s) root (101.78.9.237): 36 Time(s) root (host9.190-226-244.telecom.net.ar): 35 Time(s) root (121.5.18.138): 33 Time(s) root (14.23.161.109): 33 Time(s) root (159.148.84.159): 32 Time(s) root (220.178.61.216): 31 Time(s) root (118.25.182.61): 29 Time(s) root (210.211.116.200): 29 Time(s) root (c-68-38-202-145.hsd1.in.comcast.net): 26 Time(s) root (199.195.248.175): 24 Time(s) root (193.112.108.135): 23 Time(s) root (112.216.122.83): 22 Time(s) root (198.23.233.28): 22 Time(s) unknown (210.211.116.200): 21 Time(s) root (180.88.96.63): 20 Time(s) root (69.49.228.198): 20 Time(s) root (106.52.210.175): 19 Time(s) root (172.81.248.134): 18 Time(s) root (181.184.247.35.bc.googleusercontent.com): 18 Time(s) root (server.fri.mom.mybluehost.me): 18 Time(s) unknown (163.172.216.82): 18 Time(s) root (1.14.175.164): 17 Time(s) root (153.35.131.90): 17 Time(s) root (81.71.143.30): 17 Time(s) unknown (121.5.18.138): 17 Time(s) unknown (159.148.84.159): 17 Time(s) unknown (220.178.61.216): 17 Time(s) root (49.232.223.172): 16 Time(s) unknown (1.116.206.11): 16 Time(s) unknown (118.25.182.61): 16 Time(s) root (1.116.206.11): 15 Time(s) unknown (81.71.143.30): 15 Time(s) unknown (host9.190-226-244.telecom.net.ar): 15 Time(s) root (221.0.94.20): 14 Time(s) unknown (14.23.161.109): 14 Time(s) unknown (c-68-38-202-145.hsd1.in.comcast.net): 14 Time(s) unknown (128.199.222.43): 13 Time(s) root (181.143.81.52): 12 Time(s) root (206.189.206.212): 12 Time(s) root (209.141.60.103): 12 Time(s) unknown (101.78.9.237): 12 Time(s) unknown (106.52.210.175): 12 Time(s) unknown (206.189.206.212): 12 Time(s) unknown (server.fri.mom.mybluehost.me): 12 Time(s) unknown (1.14.175.164): 11 Time(s) unknown (103.146.30.114): 11 Time(s) unknown (141.98.10.63): 11 Time(s) unknown (172.81.248.134): 11 Time(s) unknown (193.112.108.135): 11 Time(s) unknown (49.232.223.172): 11 Time(s) unknown (69.49.228.198): 11 Time(s) root (119.28.90.20): 10 Time(s) unknown (221.0.94.20): 10 Time(s) root (111.175.186.150): 9 Time(s) unknown (141.98.10.60): 9 Time(s) root (163.172.216.82): 8 Time(s) unknown (111.175.186.150): 8 Time(s) unknown (141.98.10.109): 8 Time(s) root (106.52.187.68): 7 Time(s) root (112.93.116.123): 7 Time(s) unknown (106.52.187.68): 7 Time(s) unknown (181.143.81.52): 7 Time(s) unknown (181.184.247.35.bc.googleusercontent.com): 7 Time(s) unknown (180.88.96.63): 6 Time(s) unknown (209.141.33.121): 6 Time(s) root (106.54.164.19): 5 Time(s) root (218.104.225.140): 5 Time(s) root (grupotelecom.flashnetpe.com.br): 5 Time(s) unknown (112.216.122.83): 5 Time(s) unknown (209.141.60.103): 5 Time(s) unknown (218.104.225.140): 5 Time(s) root (047-024-076-147.res.spectrum.com): 4 Time(s) unknown (141.98.10.121): 4 Time(s) unknown (153.35.131.90): 4 Time(s) unknown (198.23.233.28): 4 Time(s) unknown (grupotelecom.flashnetpe.com.br): 4 Time(s) root (143.110.248.63): 3 Time(s) unknown (116.110.223.93): 3 Time(s) unknown (167.88.161.219): 3 Time(s) unknown (45.135.232.159): 3 Time(s) unknown (45.155.204.39): 3 Time(s) unknown (5.206.227.16): 3 Time(s) unknown (amazoncojpbation.ga): 3 Time(s) root (180.184.64.56): 2 Time(s) unknown (116.98.166.61): 2 Time(s) unknown (119.187.147.110): 2 Time(s) unknown (143.110.248.63): 2 Time(s) unknown (180.184.64.56): 2 Time(s) unknown (2.56.59.39): 2 Time(s) unknown (221.163.103.143): 2 Time(s) unknown (77.69.174.148): 2 Time(s) unknown (78.110.72.66): 2 Time(s) unknown (98.51.52.14): 2 Time(s) postgres (69.49.228.198): 1 Time(s) root (106.58.169.162): 1 Time(s) root (117.7.122.163): 1 Time(s) root (119.187.147.110): 1 Time(s) root (189.139.65.6): 1 Time(s) root (209.141.33.121): 1 Time(s) root (36.133.163.35): 1 Time(s) root (47.112.231.143): 1 Time(s) root (5.206.227.16): 1 Time(s) sys (103.146.30.114): 1 Time(s) unknown (047-024-076-147.res.spectrum.com): 1 Time(s) unknown (106.54.164.19): 1 Time(s) unknown (112.93.116.123): 1 Time(s) unknown (188.126.89.58): 1 Time(s) unknown (198.98.54.56): 1 Time(s) unknown (5.2.69.50): 1 Time(s) www-data (180.184.64.56): 1 Time(s) Invalid Users: Unknown Account: 499 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 1 Miscellaneous warnings 14.959K Bytes accepted 15,318 14.959K Bytes sent via SMTP 15,318 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 2 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 2 Total 4xx Rejects 100.00% ======== ================================================== 216 Connections 28 Connections lost (inbound) 216 Disconnections 1 Removed from queue 1 Sent via SMTP 3 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Failed logins from: 1.14.175.164: 17 times 1.116.206.11: 15 times 5.206.227.16 (blackslaves): 1 time 14.23.161.109: 33 times 35.247.184.181 (181.184.247.35.bc.googleusercontent.com): 18 times 36.133.163.35: 1 time 47.24.76.147 (047-024-076-147.res.spectrum.com): 4 times 47.112.231.143: 1 time 49.232.223.172: 16 times 68.38.202.145 (c-68-38-202-145.hsd1.in.comcast.net): 26 times 69.49.228.198 (69-49-228-198.unifiedlayer.com): 21 times 81.71.143.30: 17 times 101.78.9.237: 36 times 103.146.30.114: 39 times 106.52.187.68: 7 times 106.52.210.175: 19 times 106.54.164.19: 5 times 106.58.169.162: 1 time 111.175.186.150: 9 times 112.93.116.123: 7 times 112.216.122.83: 22 times 117.7.122.163 (localhost): 1 time 118.25.182.61: 29 times 119.28.90.20: 10 times 119.187.147.110: 1 time 121.5.18.138: 33 times 128.199.222.43: 37 times 143.110.248.63 (lpsonline.in): 3 times 153.35.131.90: 17 times 159.148.84.159: 32 times 162.241.94.40 (server.fri.mom.mybluehost.me): 18 times 163.172.216.82 (163-172-216-82.rev.poneytelecom.eu): 8 times 168.194.13.9 (grupotelecom.flashnetpe.com.br): 5 times 172.81.248.134: 18 times 180.88.96.63: 20 times 180.184.64.56: 3 times 181.143.81.52 (static-181-143-81-52.une.net.co): 12 times 189.139.65.6 (dsl-189-139-65-6-dyn.prod-infinitum.com.mx): 1 time 190.226.244.9 (host9.190-226-244.telecom.net.ar): 35 times 193.112.108.135: 23 times 198.23.233.28 (198-23-233-28-host.colocrossing.com): 22 times 199.195.248.175: 24 times 206.189.206.212: 12 times 209.141.33.121: 1 time 209.141.60.103: 12 times 210.211.116.200: 29 times 218.104.225.140: 5 times 220.178.61.216: 31 times 221.0.94.20: 14 times Illegal users from: 2001:470:1:332::4: 1 time undef: 330 times 1.14.175.164: 11 times 1.116.206.11: 16 times 2.56.59.39 (branewsinfos.ddns.net): 2 times 5.2.69.50: 1 time 5.206.227.16 (blackslaves): 3 times 14.23.161.109: 14 times 35.247.184.181 (181.184.247.35.bc.googleusercontent.com): 7 times 45.135.232.159: 3 times 45.155.204.39: 3 times 47.24.76.147 (047-024-076-147.res.spectrum.com): 1 time 49.232.223.172: 11 times 65.49.20.68 (scan-19.shadowserver.org): 1 time 68.38.202.145 (c-68-38-202-145.hsd1.in.comcast.net): 14 times 69.49.228.198 (69-49-228-198.unifiedlayer.com): 11 times 77.69.174.148 (dynamic.ip.77.69.174.148.batelco.com.bh): 2 times 78.110.72.66: 2 times 81.71.143.30: 15 times 98.51.52.14: 2 times 101.78.9.237: 12 times 103.146.30.114: 11 times 106.52.187.68: 7 times 106.52.210.175: 12 times 106.54.164.19: 1 time 111.175.186.150: 8 times 112.93.116.123: 1 time 112.216.122.83: 5 times 116.98.166.61 (dynamic-ip-adsl.viettel.vn): 2 times 116.110.223.93: 3 times 118.25.182.61: 16 times 119.28.90.20: 40 times 119.187.147.110: 2 times 121.5.18.138: 17 times 128.199.222.43: 13 times 141.98.10.60: 9 times 141.98.10.63: 11 times 141.98.10.109: 8 times 141.98.10.121: 4 times 143.110.248.63 (lpsonline.in): 2 times 153.35.131.90: 4 times 159.148.84.159: 17 times 162.241.94.40 (server.fri.mom.mybluehost.me): 12 times 163.172.216.82 (163-172-216-82.rev.poneytelecom.eu): 18 times 167.88.161.219 (smtp21.gftvrsr.xyz): 3 times 168.194.13.9 (grupotelecom.flashnetpe.com.br): 4 times 172.81.248.134: 11 times 180.88.96.63: 6 times 180.184.64.56: 2 times 181.143.81.52 (static-181-143-81-52.une.net.co): 7 times 188.126.89.58: 1 time 190.226.244.9 (host9.190-226-244.telecom.net.ar): 15 times 193.112.108.135: 11 times 198.23.233.28 (198-23-233-28-host.colocrossing.com): 4 times 198.98.54.56: 1 time 206.189.206.212: 12 times 209.141.33.121: 6 times 209.141.59.184 (amazoncojpbation.ga): 3 times 209.141.60.103: 5 times 210.211.116.200: 21 times 218.104.225.140: 5 times 220.178.61.216: 17 times 221.0.94.20: 10 times 221.163.103.143: 2 times **Unmatched Entries** fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop33257p1 394G 242G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

3 Jahre, 11 Monate

1
0
0 / 0

test_neu@zapf.in post from robotob@web.de requires approval

by test_neu-owner＠zapf.in

As list administrator, your authorization is requested for the following mailing list posting: List: test_neu(a)zapf.in From: robotob(a)web.de Subject: mal von web.de The message is being held because: The message is not from a list member At your convenience, visit your dashboard to approve or deny the request.

3 Jahre, 11 Monate

1
0
0 / 0

Undelivered Mail Returned to Sender

by MAILER-DAEMON＠zapf.in

This is the mail system at host mail.zapf.in. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system <daba0005.db(a)gmail.com>: host gmail-smtp-in.l.google.com[74.125.140.27] said: 550-5.1.1 The email account that you tried to reach does not exist. Please try 550-5.1.1 double-checking the recipient's email address for typos or 550-5.1.1 unnecessary spaces. Learn more at 550 5.1.1 https://support.google.com/mail/?p=NoSuchUser 89si4977212wrk.410 - gsmtp (in reply to RCPT TO command)

3 Jahre, 11 Monate

1
0
0 / 0

Verlorene Einladungsmail

by Daniela Kern-Michler

Hallo liebe Orga, könnt ihr Kai (in Cc) bitte nochmal die Einladung für den Standort Göttingen schicken? Hier gab es ein Problem mit der Mailadresse. Das ist aber jetzt behoben. Für alle zukünftigen Mails steht er mit der aktuellen Adresse auf dem Teilnehmika und dem Teilnehmika-Goe Verteiler. Liebe Grüße, Daniela -------- Forwarded Message -------- Subject: Re: ZaPF Teilnemika Maillisten Date: Tue, 2 Nov 2021 14:01:56 +0100 From: Kai Wedekind <kai.wedekind(a)physik.uni-giessen.de> To: Daniela Kern-Michler <kern-michler(a)posteo.de> Hallo Daniela, ich war tatsächlich gerade schon dabei eine Mail an die Orga zu schreiben, huch. Ich habe leider erst heute darüber nachgedacht, dass ich in meinem ZaPF Account wohl auch noch meine alte E-Mail Adresse hinterlegt sein wird und ich diese wohl zu einer ändern sollte, auf die ich tatsächlich Zugriff habe. Entsprechend habe ich auch die Bestätigungsmails vorhin gar nicht bekommen, bzw. diese gingen an ein inaktives Konto auf das ich keinen Zugriff mehr habe, könntet ihr mir das noch einmal so schicken? Also dass ich diesen Bereich überhaupt sehen konnte heißt dann, dass ich einen Platz für Göttingen in Präsenz bekommen habe nehme ich an? Die Marburger Adresse ist jedenfalls nicht mehr aktuell bzw. ich habe noch nicht einmal mehr Zugriff auf diese und kann überall durch diese hier ersetzt werden, im ZaPF Account selbst ist das jetzt schon geschehen, vielen Dank für die Hilfe! Liebe Grüße Kai Am 02.11.2021 um 13:56 schrieb Daniela Kern-Michler: > Hallo Kai, > > ich habe Deine Subscription für die Göttinger Teilnehmerliste > bekommen. Da stehst Du bisher mit einer Adresse aus Marburg drauf. > Soll die ausgetauscht werden? Oder sollen beide darauf bleiben? > > Ich würde das in der allgemeinen Teilnehmikaliste auch entsprechend > ändern, ok? > > Viele Grüße, > > Daniela (vom TOPF) >

3 Jahre, 11 Monate

1
0
0 / 0

ZaPF Teilnemika Maillisten

by Daniela Kern-Michler

Hallo Kai, ich habe Deine Subscription für die Göttinger Teilnehmerliste bekommen. Da stehst Du bisher mit einer Adresse aus Marburg drauf. Soll die ausgetauscht werden? Oder sollen beide darauf bleiben? Ich würde das in der allgemeinen Teilnehmikaliste auch entsprechend ändern, ok? Viele Grüße, Daniela (vom TOPF)

3 Jahre, 11 Monate

1
0
0 / 0

New subscription request to Winter21-teilnehmika-goe from kai.wedekind@physik.uni-giessen.de

by winter21-teilnehmika-goe-owner＠zapf.in

Your authorization is required for a mailing list subscription request approval: For: kai.wedekind(a)physik.uni-giessen.de List: winter21-teilnehmika-goe(a)zapf.in

3 Jahre, 11 Monate

1
0
0 / 0

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Tue Nov 2 04:42:05 2021 Date Range Processed: yesterday ( 2021-Nov-01 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 48:49 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 185.53.90.24 -> zapf.wiki:443: 2 Time(s) 45.93.250.47 -> 45.93.250.59:4444: 9 Time(s) A total of 13 sites probed the server 165.22.100.187 165.22.96.141 167.172.28.181 198.98.56.220 205.185.113.41 209.141.51.171 222.186.19.235 37.75.131.172 45.61.184.37 5.188.210.227 64.227.97.195 64.227.99.233 77.83.36.12 Requests with error response codes 400 Bad Request null: 22 Time(s) 45.93.250.59:4444: 9 Time(s) /ab2g: 6 Time(s) /ab2h: 6 Time(s) /: 2 Time(s) /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 2 Time(s) /config/getuser?index=0: 2 Time(s) /socket.io/?noteId=LXfQG2qcTpSj_0d9YLsf0g& ... vJiDMD_g3oXAACq: 2 Time(s) http://fuwu.sogou.com/404/index.html: 2 Time(s) zapf.wiki:443: 2 Time(s) /.well-known/security.txt: 1 Time(s) /favicon.ico/: 1 Time(s) /manager/html: 1 Time(s) /robots.txt/: 1 Time(s) /socket.io/?noteId=LXfQG2qcTpSj_0d9YLsf0g& ... X5goELxEvjDAACo: 1 Time(s) /socket.io/?noteId=LXfQG2qcTpSj_0d9YLsf0g& ... r3RXWonAFJ7AACp: 1 Time(s) /socket.io/?noteId=QINDkUdoTUiAjNuMAyw5OA& ... RrsD-tNkH86AACx: 1 Time(s) /socket.io/?noteId=QINDkUdoTUiAjNuMAyw5OA& ... oIZvhuDNuqoAACw: 1 Time(s) /socket.io/?noteId=QINDkUdoTUiAjNuMAyw5OA& ... tf_MGCZt_FuAACv: 1 Time(s) /sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/: 1 Time(s) /w00tw00t.at.ISC.SANS.DFind:): 1 Time(s) \x00\x00\x00\x00: 1 Time(s) \xB9\xDB\x0CEN#5h[\xE4\xC5\x16\xF7wBr=\xB1: 1 Time(s) 499 (undefined) /socket.io/?noteId=LXfQG2qcTpSj_0d9YLsf0g& ... HYXU9GFbyhzAACr: 1 Time(s) /socket.io/?noteId=LXfQG2qcTpSj_0d9YLsf0g& ... X5goELxEvjDAACo: 1 Time(s) /socket.io/?noteId=LXfQG2qcTpSj_0d9YLsf0g& ... r3RXWonAFJ7AACp: 1 Time(s) /socket.io/?noteId=LXfQG2qcTpSj_0d9YLsf0g& ... vJiDMD_g3oXAACq: 1 Time(s) /socket.io/?noteId=QINDkUdoTUiAjNuMAyw5OA& ... oIZvhuDNuqoAACw: 1 Time(s) /socket.io/?noteId=QINDkUdoTUiAjNuMAyw5OA& ... tf_MGCZt_FuAACv: 1 Time(s) 500 Internal Server Error /: 28 Time(s) /.env: 3 Time(s) /ecp/Current/exporttool/microsoft.exchange ... ool.application: 2 Time(s) /owa/auth/logon.aspx: 2 Time(s) /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s) ///libs/js/iframe.js: 1 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /Autodiscover/Autodiscover.xml: 1 Time(s) /CommPilot/Login/: 1 Time(s) /GponForm/diag_Form?style/: 1 Time(s) /Login/: 1 Time(s) /_ignition/execute-solution: 1 Time(s) /actuator/health: 1 Time(s) /api/jsonws/invoke: 1 Time(s) /auth/login/: 1 Time(s) /console/: 1 Time(s) /epa/scripts/win/nsepa_setup.exe: 1 Time(s) /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s) /mifs/.;/services/LogService: 1 Time(s) /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s) /owa/auth/x.js: 1 Time(s) /remote/fgt_lang?lang=/../../../..//////// ... lvpn_websession: 1 Time(s) /wp-content/plugins/wp-file-manager/readme.txt: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: unknown (81.70.32.82): 48 Time(s) root (147.139.133.135): 40 Time(s) root (82-65-158-207.subs.proxad.net): 38 Time(s) root (213.6.130.133): 37 Time(s) root (36.133.131.161): 36 Time(s) root (128.199.103.239): 35 Time(s) root (161.35.23.213): 35 Time(s) root (46.101.138.138): 33 Time(s) root (106.53.81.17): 31 Time(s) root (45.55.36.216): 31 Time(s) root (111.229.213.64): 30 Time(s) root (110.188.68.110): 27 Time(s) root (180.184.64.255): 27 Time(s) root (183.134.78.94): 27 Time(s) root (60.30.98.194): 26 Time(s) root (203.113.167.3): 25 Time(s) root (81.70.197.95): 25 Time(s) unknown (81.70.197.95): 24 Time(s) root (1.15.175.127): 22 Time(s) root (111.175.186.150): 22 Time(s) root (bl23-7-213.dsl.telepac.pt): 21 Time(s) unknown (111.229.213.64): 20 Time(s) unknown (106.53.81.17): 19 Time(s) unknown (45.55.36.216): 19 Time(s) root (115.236.52.122): 18 Time(s) root (171.39.0.3): 18 Time(s) unknown (60.30.98.194): 18 Time(s) root (124.160.83.138): 17 Time(s) root (1.116.206.11): 16 Time(s) unknown (141.98.10.60): 15 Time(s) unknown (161.35.23.213): 15 Time(s) root (81.71.143.30): 14 Time(s) unknown (128.199.103.239): 14 Time(s) unknown (36.133.131.161): 14 Time(s) unknown (46.101.138.138): 14 Time(s) unknown (110.188.68.110): 13 Time(s) unknown (183.134.78.94): 13 Time(s) unknown (213.6.130.133): 13 Time(s) root (112.216.122.83): 12 Time(s) root (199.195.248.175): 12 Time(s) root (61.33.108.252): 12 Time(s) unknown (82-65-158-207.subs.proxad.net): 12 Time(s) unknown (124.160.83.138): 10 Time(s) root (103.133.94.18): 9 Time(s) root (111-243-21-29.dynamic-ip.hinet.net): 9 Time(s) root (193.112.108.135): 9 Time(s) root (82.156.105.147): 9 Time(s) unknown (1.15.175.127): 9 Time(s) unknown (112.216.122.83): 9 Time(s) unknown (147.139.133.135): 9 Time(s) unknown (bl23-7-213.dsl.telepac.pt): 9 Time(s) root (106.53.156.113): 8 Time(s) unknown (111.175.186.150): 8 Time(s) unknown (115.236.52.122): 8 Time(s) unknown (141.98.10.109): 7 Time(s) unknown (180.184.64.255): 7 Time(s) root (119.147.184.22): 6 Time(s) root (198.98.54.17): 6 Time(s) unknown (103.133.94.18): 6 Time(s) unknown (171.39.0.3): 6 Time(s) root (106.54.164.19): 5 Time(s) root (121.4.241.12): 5 Time(s) unknown (111-243-21-29.dynamic-ip.hinet.net): 5 Time(s) unknown (119.147.184.22): 5 Time(s) unknown (193.112.108.135): 5 Time(s) unknown (198.98.54.17): 5 Time(s) unknown (82.156.105.147): 5 Time(s) unknown (121.4.241.12): 4 Time(s) unknown (141.98.10.63): 4 Time(s) unknown (203.113.167.3): 4 Time(s) unknown (61.33.108.252): 4 Time(s) unknown (81.68.135.238): 4 Time(s) unknown (81.71.143.30): 4 Time(s) root (168.187.100.61): 3 Time(s) root (176.111.173.218): 3 Time(s) root (81.68.135.238): 3 Time(s) unknown (1.116.206.11): 3 Time(s) unknown (209.141.55.232): 3 Time(s) unknown (36-227-141-15.dynamic-ip.hinet.net): 3 Time(s) root (81.70.32.82): 2 Time(s) unknown (106.53.156.113): 2 Time(s) unknown (106.54.164.19): 2 Time(s) unknown (116.98.169.61): 2 Time(s) unknown (117.7.122.163): 2 Time(s) unknown (188.126.222.53): 2 Time(s) unknown (193.169.254.138): 2 Time(s) unknown (2-238-147-10.ip244.fastwebnet.it): 2 Time(s) unknown (2.56.59.39): 2 Time(s) unknown (27.64.16.141): 2 Time(s) unknown (92.255.195.14): 2 Time(s) mailman (128.199.103.239): 1 Time(s) mysql (111.175.186.150): 1 Time(s) news (147.139.133.135): 1 Time(s) root (193.169.254.138): 1 Time(s) root (27.64.16.141): 1 Time(s) root (36.133.216.195): 1 Time(s) root (39.188.129.206): 1 Time(s) root (81.68.212.201): 1 Time(s) unknown (1.83.125.41): 1 Time(s) unknown (103.133.57.250): 1 Time(s) unknown (106.13.18.86): 1 Time(s) unknown (107.189.14.182): 1 Time(s) unknown (112.31.56.247): 1 Time(s) unknown (116.105.161.242): 1 Time(s) unknown (180.250.58.235): 1 Time(s) unknown (188.126.89.59): 1 Time(s) unknown (188.126.89.88): 1 Time(s) unknown (200.73.130.213): 1 Time(s) unknown (36.89.68.35): 1 Time(s) Invalid Users: Unknown Account: 448 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 1579 Miscellaneous warnings 19.025K Bytes accepted 19,482 19.025K Bytes sent via SMTP 19,482 ======== ================================================== 2 Accepted 100.00% -------- -------------------------------------------------- 2 Total 100.00% ======== ================================================== 3 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 3 Total 4xx Rejects 100.00% ======== ================================================== 1783 Connections 1651 Connections lost (inbound) 1783 Disconnections 2 Removed from queue 2 Sent via SMTP 1 SMTP dialog errors 1 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Failed logins from: 1.15.175.127: 22 times 1.116.206.11: 16 times 27.64.16.141 (localhost): 1 time 36.133.131.161: 36 times 36.133.216.195: 1 time 39.188.129.206: 1 time 45.55.36.216: 31 times 46.101.138.138: 33 times 60.30.98.194 (no-data): 26 times 61.33.108.252: 12 times 81.68.135.238: 3 times 81.68.212.201: 1 time 81.70.32.82: 2 times 81.70.197.95: 25 times 81.71.143.30: 14 times 82.65.158.207 (82-65-158-207.subs.proxad.net): 38 times 82.156.105.147: 9 times 103.133.94.18: 9 times 106.53.81.17: 31 times 106.53.156.113: 8 times 106.54.164.19: 5 times 110.188.68.110: 27 times 111.175.186.150: 23 times 111.229.213.64: 30 times 111.243.21.29 (111-243-21-29.dynamic-ip.hinet.net): 9 times 112.216.122.83: 12 times 115.236.52.122: 18 times 119.147.184.22: 6 times 121.4.241.12: 5 times 124.160.83.138: 17 times 128.199.103.239: 36 times 144.64.7.213 (bl23-7-213.dsl.telepac.pt): 21 times 147.139.133.135: 41 times 161.35.23.213: 35 times 168.187.100.61: 3 times 171.39.0.3: 18 times 176.111.173.218: 3 times 180.184.64.255: 27 times 183.134.78.94: 27 times 193.112.108.135: 9 times 193.169.254.138: 1 time 198.98.54.17: 6 times 199.195.248.175: 12 times 203.113.167.3: 25 times 213.6.130.133: 37 times Illegal users from: undef: 308 times 1.15.175.127: 9 times 1.83.125.41: 1 time 1.116.206.11: 3 times 2.56.59.39 (branewsinfos.ddns.net): 2 times 2.238.147.10 (2-238-147-10.ip244.fastwebnet.it): 2 times 27.64.16.141 (localhost): 2 times 36.89.68.35: 1 time 36.133.131.161: 14 times 36.227.141.15 (36-227-141-15.dynamic-ip.hinet.net): 3 times 45.55.36.216: 19 times 46.101.138.138: 14 times 60.30.98.194 (no-data): 18 times 61.33.108.252: 4 times 65.49.20.66 (scan-17.shadowserver.org): 1 time 81.68.135.238: 4 times 81.70.32.82: 48 times 81.70.197.95: 24 times 81.71.143.30: 4 times 82.65.158.207 (82-65-158-207.subs.proxad.net): 12 times 82.156.105.147: 5 times 92.255.195.14 (92x255x195x14.static-customer.kzn.ertelecom.ru): 2 times 103.133.57.250: 1 time 103.133.94.18: 6 times 106.13.18.86: 1 time 106.53.81.17: 19 times 106.53.156.113: 2 times 106.54.164.19: 2 times 107.189.14.182 (LuxembourgTor43.lu): 1 time 110.188.68.110: 13 times 111.175.186.150: 8 times 111.229.213.64: 20 times 111.243.21.29 (111-243-21-29.dynamic-ip.hinet.net): 5 times 112.31.56.247: 1 time 112.216.122.83: 9 times 115.236.52.122: 8 times 116.98.169.61 (dynamic-ip-adsl.viettel.vn): 2 times 116.105.161.242: 1 time 117.7.122.163 (localhost): 2 times 119.147.184.22: 5 times 121.4.241.12: 4 times 124.160.83.138: 10 times 128.199.103.239: 14 times 141.98.10.60: 15 times 141.98.10.63: 4 times 141.98.10.109: 7 times 144.64.7.213 (bl23-7-213.dsl.telepac.pt): 9 times 147.139.133.135: 9 times 161.35.23.213: 15 times 171.39.0.3: 6 times 180.184.64.255: 7 times 180.250.58.235: 1 time 183.134.78.94: 13 times 188.126.89.59: 1 time 188.126.89.88: 1 time 188.126.222.53 (cm-188.126.222.53.get.no): 2 times 193.112.108.135: 5 times 193.169.254.138: 2 times 198.98.54.17: 5 times 200.73.130.213 (213.130.73.200.cab.prima.net.ar): 1 time 203.113.167.3: 4 times 209.141.55.232: 3 times 213.6.130.133: 13 times ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop33257p1 394G 242G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

3 Jahre, 11 Monate

1
0
0 / 0

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Mon Nov 1 04:42:04 2021 Date Range Processed: yesterday ( 2021-Oct-31 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 75:73 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 10 sites probed the server 103.74.220.25 121.46.25.189 13.78.214.82 162.62.178.119 178.239.21.101 20.113.34.214 209.141.51.171 209.141.54.186 45.61.184.37 66.240.205.34 Requests with error response codes 400 Bad Request null: 12 Time(s) /ab2g: 6 Time(s) /ab2h: 6 Time(s) /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 3 Time(s) /config/getuser?index=0: 2 Time(s) /manager/text/list: 1 Time(s) /socket.io/?noteId=MApt-oVrSQm6vCe9f-WUsQ& ... QZGNILZ34AHAACn: 1 Time(s) /socket.io/?noteId=MApt-oVrSQm6vCe9f-WUsQ& ... W1NaLMiweM0AACm: 1 Time(s) /socket.io/?noteId=hP5Pw0I3R765ZaDNXBPs8w& ... YDEViqVLDqlAACh: 1 Time(s) /socket.io/?noteId=hP5Pw0I3R765ZaDNXBPs8w& ... fmX3zjbYJkVAACi: 1 Time(s) /socket.io/?noteId=hP5Pw0I3R765ZaDNXBPs8w& ... udS4tyeKfDhAACj: 1 Time(s) \x09\xE9\x1B\x91\xF9\xE6\x22\xE6\x98\x87\x ... x09\xC0\x13\xC0: 1 Time(s) \x8A\xCD\xA1\xCF{\xDE\x0B\xC2T\xE7\x8A\x99 ... x09\xC0\x13\xC0: 1 Time(s) \x9A\xDD\xC4\xAF\xA9\xC8ne]\x0E/}V\xA9[n: 1 Time(s) \xBF\x02\x00\x88\x13\x00\x00\x87\x00\x00\x ... 0\x00/\x9E\x16E: 1 Time(s) 404 Not Found /konstanz/2016/tagung/app/maps/uni.png: 1 Time(s) /konstanz/2016/tagung/impressum.html: 1 Time(s) /konstanz/2016/tagung/index.html: 1 Time(s) /konstanz/2016/tagung/unterstuetzer/Sponsoren.html: 1 Time(s) /konstanz/2016/unterstuetzer/impressum.html: 1 Time(s) /konstanz/2016/unterstuetzer/index.html: 1 Time(s) /konstanz/2016/unterstuetzer/tagung/programm.html: 1 Time(s) /konstanz/2016/unterstuetzer/willkommen/wasistdiezapf.html: 1 Time(s) /konstanz/2016/unterstuetzer/willkommen/wersindwir.html: 1 Time(s) /konstanz/2016/unterstuetzer/willkommen/willkommen.html: 1 Time(s) /konstanz/2016/willkommen/impressum.html: 1 Time(s) /konstanz/2016/willkommen/index.html: 1 Time(s) /konstanz/2016/willkommen/tagung/programm.html: 1 Time(s) /konstanz/2016/willkommen/unterstuetzer/Sponsoren.html: 1 Time(s) 499 (undefined) /socket.io/?noteId=MApt-oVrSQm6vCe9f-WUsQ& ... QZGNILZ34AHAACn: 1 Time(s) /socket.io/?noteId=MApt-oVrSQm6vCe9f-WUsQ& ... W1NaLMiweM0AACm: 1 Time(s) /socket.io/?noteId=hP5Pw0I3R765ZaDNXBPs8w& ... TB6Rw3KkDi1AACk: 1 Time(s) /socket.io/?noteId=hP5Pw0I3R765ZaDNXBPs8w& ... YDEViqVLDqlAACh: 1 Time(s) /socket.io/?noteId=hP5Pw0I3R765ZaDNXBPs8w& ... fmX3zjbYJkVAACi: 1 Time(s) /socket.io/?noteId=hP5Pw0I3R765ZaDNXBPs8w& ... udS4tyeKfDhAACj: 1 Time(s) 500 Internal Server Error /: 24 Time(s) /.env: 4 Time(s) /ecp/Current/exporttool/microsoft.exchange ... ool.application: 2 Time(s) /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s) ///remote/fgt_lang?lang=/../../../..//////////dev/: 1 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /Autodiscover/Autodiscover.xml: 1 Time(s) /_ignition/execute-solution: 1 Time(s) /actuator/health: 1 Time(s) /api/jsonws/invoke: 1 Time(s) /console/: 1 Time(s) /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s) /mifs/.;/services/LogService: 1 Time(s) /owa/auth/logon.aspx: 1 Time(s) /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s) /owa/auth/x.js: 1 Time(s) /static/js/index.cc66e94a.js: 1 Time(s) /wp-content/plugins/wp-file-manager/readme.txt: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (170.106.115.41): 129 Time(s) root (125.88.253.37): 40 Time(s) root (124.205.232.162): 39 Time(s) root (61.160.251.98): 39 Time(s) root (49.235.93.192): 38 Time(s) root (180.76.53.208): 36 Time(s) root (183.214.193.196): 36 Time(s) root (42.192.41.216): 36 Time(s) root (91.150.172.162): 36 Time(s) root (ip4d1492d4.dynamic.kabel-deutschland.de): 35 Time(s) root (106.55.168.128): 34 Time(s) root (115.159.144.229): 34 Time(s) root (139.59.85.250): 34 Time(s) root (49.233.23.193): 34 Time(s) root (117.247.176.211): 33 Time(s) root (129.204.249.36): 33 Time(s) root (81.68.135.238): 33 Time(s) root (1.117.184.86): 32 Time(s) root (203.199.243.12): 31 Time(s) root (112.122.54.162): 30 Time(s) root (157.245.124.160): 30 Time(s) root (121.4.241.12): 29 Time(s) root (210.101.91.155): 29 Time(s) root (42.193.183.39): 29 Time(s) root (121.4.121.147): 27 Time(s) root (81.70.163.76): 27 Time(s) root (82.156.105.147): 26 Time(s) root (119.45.104.122): 25 Time(s) root (206.81.12.173): 24 Time(s) root (219.232.48.190): 24 Time(s) root (122.155.0.205): 22 Time(s) root (60.255.230.126): 21 Time(s) unknown (106.55.168.128): 20 Time(s) unknown (210.101.91.155): 20 Time(s) root (110.80.17.26): 19 Time(s) root (64.225.55.64): 19 Time(s) unknown (203.199.243.12): 19 Time(s) root (198.23.153.142): 18 Time(s) root (210.92.1.109.rev.sfr.net): 18 Time(s) root (www.animatic.com): 18 Time(s) unknown (1.117.184.86): 18 Time(s) unknown (112.122.54.162): 18 Time(s) root (106.53.156.113): 17 Time(s) root (41.76.175.185): 17 Time(s) unknown (129.204.249.36): 17 Time(s) unknown (42.193.183.39): 17 Time(s) unknown (115.159.144.229): 16 Time(s) unknown (139.59.85.250): 16 Time(s) unknown (49.233.23.193): 16 Time(s) root (203.113.167.3): 15 Time(s) unknown (206.81.12.173): 15 Time(s) unknown (ip4d1492d4.dynamic.kabel-deutschland.de): 15 Time(s) unknown (128.199.120.28): 14 Time(s) unknown (42.192.41.216): 14 Time(s) unknown (91.150.172.162): 14 Time(s) root (81.69.160.121): 13 Time(s) unknown (121.4.35.38): 13 Time(s) unknown (180.76.53.208): 13 Time(s) root (128.199.90.55): 12 Time(s) root (180.184.64.255): 12 Time(s) root (58.57.15.29): 12 Time(s) unknown (81.70.163.76): 12 Time(s) unknown (121.4.121.147): 11 Time(s) unknown (121.4.241.12): 11 Time(s) unknown (124.205.232.162): 11 Time(s) unknown (183.214.193.196): 11 Time(s) unknown (41.76.175.185): 11 Time(s) unknown (49.235.93.192): 11 Time(s) unknown (60.255.230.126): 11 Time(s) root (110.188.68.110): 10 Time(s) unknown (117.247.176.211): 10 Time(s) unknown (122.155.0.205): 10 Time(s) unknown (141.98.10.63): 10 Time(s) unknown (210.92.1.109.rev.sfr.net): 10 Time(s) unknown (61.160.251.98): 10 Time(s) unknown (81.68.135.238): 10 Time(s) unknown (82.156.105.147): 10 Time(s) unknown (219.232.48.190): 9 Time(s) unknown (81.69.160.121): 9 Time(s) root (103.133.94.18): 8 Time(s) unknown (125.88.253.37): 8 Time(s) unknown (141.98.10.109): 8 Time(s) unknown (157.245.124.160): 8 Time(s) unknown (58.57.15.29): 7 Time(s) root (106.75.84.96): 6 Time(s) root (121.4.35.38): 6 Time(s) root (205.185.126.71): 6 Time(s) unknown (119.45.104.122): 6 Time(s) unknown (203.113.167.3): 6 Time(s) unknown (205.185.126.71): 6 Time(s) unknown (www.animatic.com): 6 Time(s) root (139.59.144.149): 5 Time(s) root (45.61.185.168): 5 Time(s) unknown (110.188.68.110): 5 Time(s) unknown (110.80.17.26): 5 Time(s) unknown (128.199.90.55): 5 Time(s) unknown (45.61.185.168): 5 Time(s) unknown (64.225.55.64): 5 Time(s) root (128.199.120.28): 4 Time(s) root (199.195.254.63): 4 Time(s) unknown (180.184.64.255): 4 Time(s) unknown (198.23.153.142): 4 Time(s) unknown (45.80.184.107): 4 Time(s) postgres (128.199.120.28): 3 Time(s) root (221.0.94.20): 3 Time(s) unknown (106.53.156.113): 3 Time(s) unknown (116.105.196.104): 3 Time(s) unknown (141.98.10.60): 3 Time(s) unknown (209.141.55.232): 3 Time(s) unknown (45.135.232.159): 3 Time(s) unknown (45.155.204.39): 3 Time(s) root (40.68.120.102): 2 Time(s) root (45.80.184.107): 2 Time(s) unknown (103.133.94.18): 2 Time(s) unknown (141.98.10.121): 2 Time(s) unknown (167.88.161.219): 2 Time(s) unknown (171.238.155.87): 2 Time(s) unknown (188.126.222.53): 2 Time(s) unknown (197.230.181.188): 2 Time(s) unknown (199.195.254.63): 2 Time(s) unknown (221.0.94.20): 2 Time(s) unknown (40.68.120.102): 2 Time(s) unknown (70.44.38.158.res-cmts.bus.ptd.net): 2 Time(s) unknown (cpef0f2496bd8c3-cmf0f2496bd8c0.cpe.net.cable.rogers.com): 2 Time(s) mysql (183.214.193.196): 1 Time(s) mysql (210.101.91.155): 1 Time(s) mysql (42.193.183.39): 1 Time(s) news (121.4.35.38): 1 Time(s) root (171.238.155.87): 1 Time(s) root (36.133.163.35): 1 Time(s) root (oc-129-150-111-238.compute.oraclecloud.com): 1 Time(s) unknown (102.165.46.21): 1 Time(s) unknown (106.75.84.96): 1 Time(s) unknown (107.189.13.254): 1 Time(s) unknown (139.59.144.149): 1 Time(s) unknown (185.247.225.79): 1 Time(s) unknown (186.179.100.115): 1 Time(s) unknown (188.126.89.157): 1 Time(s) unknown (206.189.144.184): 1 Time(s) unknown (5.183.209.217): 1 Time(s) unknown (tor-exit-relay-7.anonymizing-proxy.digitalcourage.de): 1 Time(s) uucp (183.214.193.196): 1 Time(s) Invalid Users: Unknown Account: 594 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 3 Miscellaneous warnings 13.290K Bytes accepted 13,609 13.290K Bytes sent via SMTP 13,609 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 5 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 5 Total 4xx Rejects 100.00% ======== ================================================== 481 Connections 76 Connections lost (inbound) 481 Disconnections 1 Removed from queue 1 Sent via SMTP 1 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Failed logins from: 1.117.184.86: 32 times 36.133.163.35: 1 time 40.68.120.102: 2 times 41.76.175.185: 17 times 42.192.41.216: 36 times 42.193.183.39: 30 times 45.61.185.168: 5 times 45.80.184.107: 2 times 49.233.23.193: 34 times 49.235.93.192: 38 times 58.57.15.29: 12 times 60.255.230.126: 21 times 61.160.251.98: 39 times 64.225.55.64: 19 times 77.20.146.212 (ip4d1492d4.dynamic.kabel-deutschland.de): 35 times 81.68.135.238: 33 times 81.69.160.121: 13 times 81.70.163.76: 27 times 82.156.105.147: 26 times 91.150.172.162 (91.150.172.162.skyware.pl): 36 times 103.133.94.18: 8 times 106.53.156.113: 17 times 106.55.168.128: 34 times 106.75.84.96: 6 times 109.1.92.210 (210.92.1.109.rev.sfr.net): 18 times 110.80.17.26: 19 times 110.188.68.110: 10 times 112.122.54.162: 30 times 115.159.144.229: 34 times 117.247.176.211: 33 times 119.45.104.122: 25 times 121.4.35.38: 7 times 121.4.121.147: 27 times 121.4.241.12: 29 times 122.155.0.205 (www.phatan.go.th): 22 times 124.205.232.162: 39 times 125.88.253.37: 40 times 128.199.90.55: 12 times 128.199.120.28 (171909.cloudwaysapps.com): 7 times 129.150.111.238 (oc-129-150-111-238.compute.oraclecloud.com): 1 time 129.204.249.36: 33 times 139.59.85.250: 34 times 139.59.144.149: 5 times 157.245.124.160: 30 times 162.243.170.170 (www.animatic.com): 18 times 170.106.115.41: 129 times 171.238.155.87 (dynamic-ip-adsl.viettel.vn): 1 time 180.76.53.208: 36 times 180.184.64.255: 12 times 183.214.193.196: 38 times 198.23.153.142 (198-23-153-142-host.colocrossing.com): 18 times 199.195.254.63: 4 times 203.113.167.3: 15 times 203.199.243.12 (illchn-static-203.199.243.12.vsnl.net.in): 31 times 205.185.126.71 (beta.bigislandrp.org): 6 times 206.81.12.173: 24 times 210.101.91.155: 30 times 219.232.48.190: 24 times 221.0.94.20: 3 times Illegal users from: 2001:470:1:332::9: 1 time undef: 411 times 1.117.184.86: 18 times 5.183.209.217: 1 time 40.68.120.102: 2 times 41.76.175.185: 11 times 42.192.41.216: 14 times 42.193.183.39: 17 times 45.61.185.168: 5 times 45.80.184.107: 4 times 45.135.232.159: 3 times 45.155.204.39: 3 times 49.233.23.193: 16 times 49.235.93.192: 11 times 58.57.15.29: 7 times 60.255.230.126: 11 times 61.160.251.98: 10 times 64.225.55.64: 5 times 65.49.20.68 (scan-19.shadowserver.org): 1 time 70.44.38.158 (70.44.38.158.res-cmts.bus.ptd.net): 2 times 77.20.146.212 (ip4d1492d4.dynamic.kabel-deutschland.de): 15 times 81.68.135.238: 10 times 81.69.160.121: 9 times 81.70.163.76: 12 times 82.156.105.147: 10 times 91.150.172.162 (91.150.172.162.skyware.pl): 14 times 99.239.69.233 (cpef0f2496bd8c3-cmf0f2496bd8c0.cpe.net.cable.rogers.com): 2 times 102.165.46.21 (102-165-46-21.as270353.com.br): 1 time 103.133.94.18: 2 times 106.53.156.113: 3 times 106.55.168.128: 20 times 106.75.84.96: 1 time 106.75.173.75: 1 time 107.189.13.254 (LuxembourgTor31.lu): 1 time 109.1.92.210 (210.92.1.109.rev.sfr.net): 10 times 110.80.17.26: 5 times 110.188.68.110: 5 times 112.122.54.162: 18 times 115.159.144.229: 16 times 116.105.196.104: 3 times 117.247.176.211: 10 times 119.45.104.122: 6 times 121.4.35.38: 13 times 121.4.121.147: 11 times 121.4.241.12: 11 times 122.155.0.205 (www.phatan.go.th): 10 times 124.205.232.162: 11 times 125.88.253.37: 8 times 128.199.90.55: 5 times 128.199.120.28 (171909.cloudwaysapps.com): 14 times 129.204.249.36: 17 times 139.59.85.250: 16 times 139.59.144.149: 1 time 141.98.10.60: 3 times 141.98.10.63: 10 times 141.98.10.109: 8 times 141.98.10.121: 2 times 157.245.124.160: 8 times 162.243.170.170 (www.animatic.com): 6 times 167.88.161.219 (smtp21.gftvrsr.xyz): 2 times 171.238.155.87 (dynamic-ip-adsl.viettel.vn): 2 times 180.76.53.208: 13 times 180.184.64.255: 4 times 183.214.193.196: 11 times 185.220.102.253 (tor-exit-relay-7.anonymizing-proxy.digitalcourage.de): 1 time 185.247.225.79: 1 time 186.179.100.115 (azteca-comunicaciones.com): 1 time 188.126.89.157: 1 time 188.126.222.53 (cm-188.126.222.53.get.no): 2 times 197.230.181.188: 2 times 198.23.153.142 (198-23-153-142-host.colocrossing.com): 4 times 199.195.254.63: 2 times 203.113.167.3: 6 times 203.199.243.12 (illchn-static-203.199.243.12.vsnl.net.in): 19 times 205.185.126.71 (beta.bigislandrp.org): 6 times 206.81.12.173: 15 times 206.189.144.184: 1 time 209.141.55.232: 3 times 210.101.91.155: 20 times 219.232.48.190: 9 times 221.0.94.20: 2 times **Unmatched Entries** fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop33257p1 394G 242G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

3 Jahre, 11 Monate

1
0
0 / 0

Cron <root@h2361197> /usr/sbin/nginx -s reload

by root＠zapf.in

nginx: [warn] conflicting server name "xn--studienfhrer-physik-dbc.de" on 0.0.0.0:80, ignored nginx: [warn] conflicting server name "topf.zapf.in" on 0.0.0.0:80, ignored

3 Jahre, 11 Monate

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

TOPF November 2021