Juni 2023 - TOPF - ZaPF-Lists

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Mon Jun 12 04:42:03 2023 Date Range Processed: yesterday ( 2023-Jun-11 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [296:302] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 95.211.95.26 -> 104.244.42.198:443: 1 Time(s) 95.211.95.26 -> 142.250.102.100:443: 1 Time(s) 95.211.95.26 -> 208.82.237.130:443: 1 Time(s) 95.211.95.26 -> 52.222.136.54:443: 1 Time(s) A total of 9 sites probed the server 107.170.241.33 109.237.98.226 162.243.133.10 193.35.18.102 193.35.18.52 198.235.24.125 205.210.31.109 5.188.210.227 77.68.67.151 Requests with error response codes 400 Bad Request null: 12 Time(s) /: 7 Time(s) mstshash=Administr: 5 Time(s) /aaa9: 4 Time(s) /aab8: 4 Time(s) *: 2 Time(s) /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 2 Time(s) /private/api/v1/service/premaster: 1 Time(s) 104.244.42.198:443: 1 Time(s) 142.250.102.100:443: 1 Time(s) 208.82.237.130:443: 1 Time(s) 2\x00\x10\xAF=\x04\x00:N\xB5\xF6\xE7l\xD3\ ... D\xC0$\xC0(\xC0: 1 Time(s) 52.222.136.54:443: 1 Time(s) \xC0/\xC00\xC0+\xC0,\xCC\xA8\xCC\xA9\xC0\x ... x09\xC0\x14\xC0: 1 Time(s) http://5.188.210.227/echo.php: 1 Time(s) 500 Internal Server Error /: 16 Time(s) /favicon.ico: 4 Time(s) /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s) /.env: 1 Time(s) /.git/config: 1 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /Autodiscover/Autodiscover.xml: 1 Time(s) /_ignition/execute-solution: 1 Time(s) /_profiler/phpinfo: 1 Time(s) /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue.dll: 1 Time(s) /ab2g: 1 Time(s) /actuator/gateway/routes: 1 Time(s) /actuator/health: 1 Time(s) /cgi-bin/config.exp: 1 Time(s) /console/: 1 Time(s) /ecp/Current/exporttool/microsoft.exchange ... ool.application: 1 Time(s) /geoserver: 1 Time(s) /geoserver/web/: 1 Time(s) /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s) /mifs/.;/services/LogService: 1 Time(s) /owa/auth/logon.aspx: 1 Time(s) /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s) /owa/auth/x.js: 1 Time(s) /t4: 1 Time(s) /version: 1 Time(s) 502 Bad Gateway /8CkbtYP5S527TvsF_TuNKw/pdf: 1 Time(s) /EcC0jCZ4T1W8qjgbqrqHFQ/pdf: 1 Time(s) /UavHVD8RQBKspC6giVp5ow/pdf: 1 Time(s) /ZAMXk83bREapH1s41rckvg/pdf: 1 Time(s) /nlE7KKhISV-cnU34NYgilQ/pdf: 1 Time(s) /sq0-cswPQGi9pvVdOpDdOA/pdf: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (155.94.178.214): 50 Time(s) root (218.92.0.28): 48 Time(s) root (218.92.0.40): 47 Time(s) root (218.92.0.43): 42 Time(s) root (218.92.0.53): 42 Time(s) root (218.92.0.55): 42 Time(s) root (218.92.0.37): 36 Time(s) root (218.92.0.45): 36 Time(s) root (218.92.0.47): 36 Time(s) root (218.92.0.51): 36 Time(s) root (218.92.0.59): 36 Time(s) root (218.92.0.52): 30 Time(s) unknown (170.64.154.235): 30 Time(s) unknown (102.130.116.163): 27 Time(s) root (218.92.0.33): 24 Time(s) root (218.92.0.21): 18 Time(s) root (218.92.0.26): 18 Time(s) unknown (141.98.11.110): 15 Time(s) unknown (155.94.178.214): 15 Time(s) root (102.130.116.163): 12 Time(s) unknown (176.113.115.210): 11 Time(s) unknown (174.138.54.13): 10 Time(s) unknown (176.113.115.211): 10 Time(s) root (112.216.108.62): 9 Time(s) root (143.110.254.19): 9 Time(s) root (176.113.115.211): 9 Time(s) root (185.224.128.141): 9 Time(s) root (37.32.7.109): 9 Time(s) unknown (103.235.199.37): 9 Time(s) unknown (103.84.236.222): 9 Time(s) unknown (129.205.208.20): 9 Time(s) unknown (183.82.96.133): 9 Time(s) unknown (197.5.145.8): 9 Time(s) unknown (45.189.220.0): 9 Time(s) unknown (61.111.131.76): 9 Time(s) root (157.230.17.29): 8 Time(s) root (43.156.109.253): 8 Time(s) unknown (104.236.118.222): 8 Time(s) unknown (195.239.91.210): 8 Time(s) unknown (43.156.79.154): 8 Time(s) unknown (43.156.90.187): 8 Time(s) unknown (45.83.123.30): 8 Time(s) unknown (46.101.168.243): 8 Time(s) unknown (47.180.114.229): 8 Time(s) unknown (81.29.214.123): 8 Time(s) unknown (83.97.73.83): 8 Time(s) unknown (ec2-54-226-224-219.compute-1.amazonaws.com): 8 Time(s) root (137.184.112.37): 7 Time(s) root (14.32.0.74): 7 Time(s) root (141.98.11.158): 7 Time(s) root (147.182.175.172): 7 Time(s) root (194.31.53.96): 7 Time(s) root (195.191.82.212): 7 Time(s) root (223.197.186.7): 7 Time(s) root (43.156.33.44): 7 Time(s) unknown (102.218.10.141): 7 Time(s) unknown (103.9.36.169): 7 Time(s) unknown (107.173.86.225): 7 Time(s) unknown (139.59.27.154): 7 Time(s) unknown (14.32.0.74): 7 Time(s) unknown (143.110.254.19): 7 Time(s) unknown (158.160.59.40): 7 Time(s) unknown (159.223.189.221): 7 Time(s) unknown (172.245.139.108): 7 Time(s) unknown (172.245.206.85): 7 Time(s) unknown (188.166.251.87): 7 Time(s) unknown (20.123.89.34.bc.googleusercontent.com): 7 Time(s) unknown (203.110.90.195): 7 Time(s) unknown (45.225.160.235): 7 Time(s) unknown (62.105.137.113): 7 Time(s) unknown (62.233.50.249): 7 Time(s) root (103.235.199.37): 6 Time(s) root (128.199.71.12): 6 Time(s) root (139.59.129.247): 6 Time(s) root (141.98.11.110): 6 Time(s) root (147.182.218.64): 6 Time(s) root (170.64.154.235): 6 Time(s) root (187.204.249.102): 6 Time(s) root (188.166.251.87): 6 Time(s) root (190.104.25.214): 6 Time(s) root (191.9.118.69): 6 Time(s) root (206.189.130.158): 6 Time(s) root (212.112.102.247): 6 Time(s) root (222.252.21.30): 6 Time(s) root (80-61-87-20.fixed.kpn.net): 6 Time(s) unknown (128.199.71.12): 6 Time(s) unknown (134.17.16.196): 6 Time(s) unknown (141.98.11.158): 6 Time(s) unknown (143.110.248.85): 6 Time(s) unknown (157.230.17.29): 6 Time(s) unknown (159.223.193.18): 6 Time(s) unknown (187.204.249.102): 6 Time(s) unknown (190.104.25.214): 6 Time(s) unknown (194.31.53.96): 6 Time(s) unknown (206.189.130.158): 6 Time(s) unknown (212.112.102.247): 6 Time(s) unknown (31.41.244.125): 6 Time(s) unknown (43.156.33.44): 6 Time(s) unknown (45.95.146.115): 6 Time(s) unknown (ip39.ip-54-36-237.eu): 6 Time(s) root (102.218.10.141): 5 Time(s) root (103.84.236.222): 5 Time(s) root (103.9.36.169): 5 Time(s) root (107.173.86.225): 5 Time(s) root (139.59.27.154): 5 Time(s) root (143.110.248.85): 5 Time(s) root (158.160.59.40): 5 Time(s) root (159.65.65.75): 5 Time(s) root (172.245.139.108): 5 Time(s) root (172.245.206.85): 5 Time(s) root (176.113.115.210): 5 Time(s) root (179.131.10.103): 5 Time(s) root (20.123.89.34.bc.googleusercontent.com): 5 Time(s) root (205.185.113.140): 5 Time(s) root (43.156.90.187): 5 Time(s) root (45.225.160.235): 5 Time(s) root (65.181.73.155): 5 Time(s) root (ip39.ip-54-36-237.eu): 5 Time(s) unknown (112.216.108.62): 5 Time(s) unknown (139.59.129.247): 5 Time(s) unknown (147.182.175.172): 5 Time(s) unknown (147.182.218.64): 5 Time(s) unknown (161.35.95.88): 5 Time(s) unknown (179.131.10.103): 5 Time(s) unknown (207.154.232.181): 5 Time(s) unknown (222.252.21.30): 5 Time(s) unknown (223.197.186.7): 5 Time(s) unknown (37.32.7.109): 5 Time(s) unknown (43.155.168.85): 5 Time(s) root (104.236.118.222): 4 Time(s) root (104.236.68.106): 4 Time(s) root (129.205.208.20): 4 Time(s) root (159.223.193.18): 4 Time(s) root (161.35.95.88): 4 Time(s) root (174.138.54.13): 4 Time(s) root (183.82.96.133): 4 Time(s) root (201.131.212.19): 4 Time(s) root (203.110.90.195): 4 Time(s) root (62.105.137.113): 4 Time(s) unknown (121.132.10.245): 4 Time(s) unknown (195.191.82.212): 4 Time(s) unknown (201.131.212.19): 4 Time(s) unknown (205.185.113.140): 4 Time(s) unknown (43.156.109.253): 4 Time(s) unknown (65.181.73.155): 4 Time(s) root (195.239.91.210): 3 Time(s) root (43.156.79.154): 3 Time(s) root (45.83.123.30): 3 Time(s) root (ec2-54-226-224-219.compute-1.amazonaws.com): 3 Time(s) unknown (112.175.138.82): 3 Time(s) unknown (137.184.112.37): 3 Time(s) unknown (159.65.65.75): 3 Time(s) unknown (176.111.173.193): 3 Time(s) unknown (185.224.128.141): 3 Time(s) unknown (191-45-69-202.user3p.vtal.net.br): 3 Time(s) unknown (191.9.118.69): 3 Time(s) unknown (89.190.156.135): 3 Time(s) postgres (102.130.116.163): 2 Time(s) postgres (ip39.ip-54-36-237.eu): 2 Time(s) root (121.183.37.173): 2 Time(s) root (191-45-69-202.user3p.vtal.net.br): 2 Time(s) root (207.154.232.181): 2 Time(s) root (43.155.168.85): 2 Time(s) root (45.189.220.0): 2 Time(s) root (46.101.168.243): 2 Time(s) root (47.180.114.229): 2 Time(s) root (8.222.203.60): 2 Time(s) root (81.29.214.123): 2 Time(s) unknown (118.34.117.189): 2 Time(s) unknown (188.193.69.11): 2 Time(s) unknown (41.208.155.66): 2 Time(s) unknown (8.219.105.103): 2 Time(s) unknown (8.222.203.60): 2 Time(s) backup (128.199.71.12): 1 Time(s) backup (143.110.248.85): 1 Time(s) backup (147.182.218.64): 1 Time(s) backup (179.131.10.103): 1 Time(s) backup (191.9.118.69): 1 Time(s) backup (212.112.102.247): 1 Time(s) backup (222.252.21.30): 1 Time(s) bin (155.94.178.214): 1 Time(s) bin (222.252.21.30): 1 Time(s) daemon (31.41.244.125): 1 Time(s) games (187.204.249.102): 1 Time(s) mysql (112.216.108.62): 1 Time(s) mysql (139.59.129.247): 1 Time(s) mysql (141.98.11.158): 1 Time(s) mysql (176.113.115.210): 1 Time(s) mysql (43.156.109.253): 1 Time(s) nobody (141.98.11.158): 1 Time(s) postgres (103.9.36.169): 1 Time(s) postgres (159.223.189.221): 1 Time(s) postgres (172.245.206.85): 1 Time(s) postgres (179.131.10.103): 1 Time(s) postgres (191.9.118.69): 1 Time(s) postgres (223.197.186.7): 1 Time(s) postgres (43.155.168.85): 1 Time(s) postgres (43.156.109.253): 1 Time(s) postgres (43.156.79.154): 1 Time(s) proxy (179.131.10.103): 1 Time(s) proxy (191.9.118.69): 1 Time(s) proxy (222.252.21.30): 1 Time(s) root (112.175.138.82): 1 Time(s) root (134.17.16.196): 1 Time(s) root (159.223.189.221): 1 Time(s) root (197.5.145.8): 1 Time(s) root (61.111.131.76): 1 Time(s) unknown (104.236.68.106): 1 Time(s) unknown (104.28.235.57): 1 Time(s) unknown (134.17.16.43): 1 Time(s) unknown (14.44.1.76): 1 Time(s) unknown (168.121.237.82): 1 Time(s) unknown (221.149.93.44): 1 Time(s) unknown (62.68.124.72): 1 Time(s) unknown (65.20.192.5): 1 Time(s) Invalid Users: Unknown Account: 631 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 29.028K Bytes accepted 29,725 29.028K Bytes sent via SMTP 29,725 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 6 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 6 Total 4xx Rejects 100.00% ======== ================================================== 42 Connections 11 Connections lost (inbound) 42 Disconnections 1 Removed from queue 1 Sent via SMTP 7 SMTP dialog errors 3 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 82 Time(s) Failed logins from: 8.222.203.60: 2 times 14.32.0.74: 7 times 31.41.244.125: 1 time 34.89.123.20 (20.123.89.34.bc.googleusercontent.com): 5 times 37.32.7.109 (empresa5.lozarnebrincos.com): 9 times 43.155.168.85: 3 times 43.156.33.44: 7 times 43.156.79.154: 4 times 43.156.90.187: 5 times 43.156.109.253: 10 times 45.83.123.30 (ashumakin.ptr1.ru): 3 times 45.189.220.0 (45-189-220-0.deltacorporate.com.br): 2 times 45.225.160.235: 5 times 46.101.168.243: 2 times 47.180.114.229: 2 times 54.36.237.39 (ip39.ip-54-36-237.eu): 7 times 54.226.224.219 (ec2-54-226-224-219.compute-1.amazonaws.com): 3 times 61.111.131.76: 1 time 62.105.137.113: 4 times 65.181.73.155 (65-181-73-155.static.imsbiz.com): 5 times 80.61.87.20 (80-61-87-20.fixed.kpn.net): 6 times 81.29.214.123: 2 times 102.130.116.163: 14 times 102.218.10.141: 5 times 103.9.36.169: 6 times 103.84.236.222: 5 times 103.235.199.37: 6 times 104.236.68.106: 4 times 104.236.118.222: 4 times 107.173.86.225 (107-173-86-225-host.colocrossing.com): 5 times 112.175.138.82: 1 time 112.216.108.62: 10 times 121.183.37.173: 2 times 128.199.71.12: 7 times 129.205.208.20: 4 times 134.17.16.196 (196-16-17-134-cloud.mts.by): 1 time 137.184.112.37: 7 times 139.59.27.154: 5 times 139.59.129.247: 7 times 141.98.11.110 (srv-141-98-11-110.serveroffer.net): 6 times 141.98.11.158: 9 times 143.110.248.85: 6 times 143.110.254.19: 9 times 147.182.175.172: 7 times 147.182.218.64: 7 times 155.94.178.214 (unassigned.quadranet.com): 51 times 157.230.17.29: 8 times 158.160.59.40: 5 times 159.65.65.75: 5 times 159.223.189.221: 2 times 159.223.193.18: 4 times 161.35.95.88: 4 times 170.64.154.235: 6 times 172.245.139.108 (172-245-139-108-host.colocrossing.com): 5 times 172.245.206.85 (172-245-206-85-host.colocrossing.com): 6 times 174.138.54.13: 4 times 176.113.115.210: 6 times 176.113.115.211: 9 times 179.131.10.103: 8 times 183.82.96.133 (183.82.96.133.actcorp.in): 4 times 185.224.128.141: 9 times 187.204.249.102 (dsl-187-204-249-102-dyn.prod-infinitum.com.mx): 7 times 188.166.251.87: 6 times 190.104.25.214 (LPZ-190-104-25-00214.tigo.bo): 6 times 191.9.118.69 (191-9-118-69.user.vivozap.com.br): 9 times 191.45.69.202 (191-45-69-202.user3p.vtal.net.br): 2 times 194.31.53.96: 7 times 195.191.82.212: 7 times 195.239.91.210: 3 times 197.5.145.8: 1 time 201.131.212.19: 4 times 203.110.90.195 (ptr-203-110-90-195.deldsl.net): 4 times 205.185.113.140: 5 times 206.189.130.158: 6 times 207.154.232.181: 2 times 212.112.102.247: 7 times 218.92.0.21: 18 times 218.92.0.26: 18 times 218.92.0.28: 48 times 218.92.0.33: 24 times 218.92.0.37: 36 times 218.92.0.40: 47 times 218.92.0.43: 42 times 218.92.0.45: 36 times 218.92.0.47: 36 times 218.92.0.51: 36 times 218.92.0.52: 30 times 218.92.0.53: 42 times 218.92.0.55: 42 times 218.92.0.59: 36 times 222.252.21.30 (static.vnpt-hanoi.com.vn): 9 times 223.197.186.7 (223-197-186-7.static.imsbiz.com): 8 times Illegal users from: 2001:470:1:c84::31: 1 time undef: 313 times 8.219.105.103: 2 times 8.222.203.60: 2 times 14.32.0.74: 7 times 14.44.1.76: 5 times 31.41.244.125: 6 times 34.89.123.20 (20.123.89.34.bc.googleusercontent.com): 7 times 37.32.7.109 (empresa5.lozarnebrincos.com): 5 times 41.208.155.66: 4 times 43.155.168.85: 5 times 43.156.33.44: 6 times 43.156.79.154: 8 times 43.156.90.187: 8 times 43.156.109.253: 4 times 45.83.123.30 (ashumakin.ptr1.ru): 8 times 45.95.146.115 (landingpageoffer.cc): 6 times 45.189.220.0 (45-189-220-0.deltacorporate.com.br): 9 times 45.225.160.235: 7 times 46.101.168.243: 8 times 47.180.114.229: 8 times 54.36.237.39 (ip39.ip-54-36-237.eu): 6 times 54.226.224.219 (ec2-54-226-224-219.compute-1.amazonaws.com): 8 times 61.111.131.76: 9 times 62.68.124.72: 1 time 62.105.137.113: 7 times 62.233.50.249: 7 times 64.62.197.203 (scan-50g.shadowserver.org): 1 time 65.20.192.5: 1 time 65.181.73.155 (65-181-73-155.static.imsbiz.com): 4 times 81.29.214.123: 8 times 83.97.73.83: 40 times 84.54.50.72: 1 time 89.190.156.135 (hosted-by.alsycon.net): 3 times 102.130.116.163: 27 times 102.218.10.141: 7 times 103.9.36.169: 7 times 103.84.236.222: 9 times 103.235.199.37: 9 times 104.28.235.57: 1 time 104.236.68.106: 1 time 104.236.118.222: 8 times 107.173.86.225 (107-173-86-225-host.colocrossing.com): 7 times 112.175.138.82: 3 times 112.216.108.62: 5 times 117.147.109.2: 2 times 118.34.117.189: 2 times 121.132.10.245: 5 times 128.199.71.12: 6 times 129.205.208.20: 9 times 134.17.16.43 (43-16-17-134-cloud.mts.by): 1 time 134.17.16.196 (196-16-17-134-cloud.mts.by): 6 times 137.184.112.37: 3 times 139.59.27.154: 7 times 139.59.129.247: 5 times 141.98.11.110 (srv-141-98-11-110.serveroffer.net): 15 times 141.98.11.158: 8 times 143.110.248.85: 6 times 143.110.254.19: 8 times 147.182.175.172: 5 times 147.182.218.64: 5 times 155.94.178.214 (unassigned.quadranet.com): 15 times 157.230.17.29: 6 times 158.160.59.40: 7 times 159.65.65.75: 3 times 159.223.189.221: 7 times 159.223.193.18: 6 times 161.35.95.88: 5 times 168.121.237.82: 1 time 170.64.154.235: 30 times 172.245.139.108 (172-245-139-108-host.colocrossing.com): 7 times 172.245.206.85 (172-245-206-85-host.colocrossing.com): 7 times 174.138.54.13: 10 times 176.111.173.193: 15 times 176.113.115.210: 11 times 176.113.115.211: 10 times 179.131.10.103: 5 times 183.82.96.133 (183.82.96.133.actcorp.in): 9 times 185.224.128.141: 3 times 187.204.249.102 (dsl-187-204-249-102-dyn.prod-infinitum.com.mx): 6 times 188.166.251.87: 7 times 188.193.69.11: 2 times 190.104.25.214 (LPZ-190-104-25-00214.tigo.bo): 6 times 191.9.118.69 (191-9-118-69.user.vivozap.com.br): 3 times 191.45.69.202 (191-45-69-202.user3p.vtal.net.br): 3 times 194.31.53.96: 6 times 195.191.82.212: 4 times 195.239.91.210: 8 times 197.5.145.8: 9 times 201.131.212.19: 4 times 203.110.90.195 (ptr-203-110-90-195.deldsl.net): 7 times 205.185.113.140: 4 times 206.189.130.158: 6 times 207.154.232.181: 5 times 212.112.102.247: 6 times 221.149.93.44: 1 time 222.252.21.30 (static.vnpt-hanoi.com.vn): 5 times 223.197.186.7 (223-197-186-7.static.imsbiz.com): 5 times **Unmatched Entries** Bad packet length 2206530601. [preauth] : 1 time(s) Disconnecting: Packet corrupt [preauth] : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop13985p1 394G 243G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

2 Jahre, 4 Monate

1
0
0 / 0

Don't miss your unsettled payment. Complete your debt payment now.

by topf＠zapf.in

Hi there! I regret to inform you about some sad news for you. Approximately a month or two ago I have succeeded to gain a total access to all your devices utilized for browsing internet. Moving forward, I have started observing your internet activities on continuous basis. Go ahead and take a look at the sequence of events provided below for your reference: Initially I bought an exclusive access from hackers to a long list of email accounts (in today's world, that is really a common thing, which can arranged via internet). Evidently, it wasn't hard for me to proceed with logging in your email account (topf(a)zapf.in). Within the same week, I moved on with installing a Trojan virus in Operating Systems for all devices that you use to login to email. Frankly speaking, it wasn't a challenging task for me at all (since you were kind enough to click some of the links in your inbox emails before). Yeah, geniuses are among us. Because of this Trojan I am able to gain access to entire set of controllers in devices (e.g., your video camera, keyboard, microphone and others). As result, I effortlessly downloaded all data, as well as photos, web browsing history and other types of data to my servers. Moreover, I have access to all social networks accounts that you regularly use, including emails, including chat history, messengers, contacts list etc. My unique virus is incessantly refreshing its signatures (due to control by a driver), and hence remains undetected by any type of antiviruses. Hence, I guess by now you can already see the reason why I always remained undetected until this very letter... During the process of compilation of all the materials associated with you, I also noticed that you are a huge supporter and regular user of websites hosting nasty adult content. Turns out to be, you really love visiting porn websites, as well as watching exciting videos and enduring unforgettable pleasures. As a matter of fact, I was not able to withstand the temptation, but to record certain nasty solo action with you in main role, and later produced a few videos exposing your masturbation and cumming scenes. If until now you don't believe me, all I need is one-two mouse clicks to make all those videos with everyone you know, including your friends, colleagues, relatives and others. Moreover, I am able to upload all that video content online for everyone to see. I sincerely think, you certainly would not wish such incidents to take place, in view of the lustful things demonstrated in your commonly watched videos, (you absolutely know what I mean by that) it will cause a huge adversity for you. There is still a solution to this matter, and here is what you need to do: You make a transaction of $1490 USD to my account (an equivalent in bitcoins, which recorded depending on the exchange rate at the date of funds transfer), hence upon receiving the transfer, I will immediately get rid of all those lustful videos without delay. After that we can make it look like there was nothing happening beforehand. Additionally, I can confirm that all the Trojan software is going to be disabled and erased from all devices that you use. You have nothing to worry about, because I keep my word at all times. That is indeed a beneficial bargain that comes with a relatively reduced price, taking into consideration that your profile and traffic were under close monitoring during a long time frame. If you are still unclear regarding how to buy and perform transactions with bitcoins - everything is available online. Below is my bitcoin wallet for your further reference: 1GS1SRz3QBC1NUeuhu8EWkx37qQXanUxGG All you have is 48 hours and the countdown begins once this email is opened (in other words 2 days). The following list includes things you should remember and avoid doing: > There's no point to try replying my email (since this email and return address were created inside your inbox). > There's no point in calling police or any other types of security services either. Furthermore, don't you dare sharing this info with any of your friends. If I discover that (taking into consideration my skills, it will be really simple, because I control all your systems and continuously monitor them) - your nasty clip will be shared with public straight away. > There's no point in looking for me too - it won't result in any success. Transactions with cryptocurrency are completely anonymous and untraceable. > There's no point in reinstalling your OS on devices or trying to throw them away. That won't solve the issue, since all clips with you as main character are already uploaded on remote servers. Things that may be concerning you: > That funds transfer won't be delivered to me. Breathe out, I can track down everything right away, so once funds transfer is finished, I will know for sure, since I interminably track down all activities done by you (my Trojan virus controls all processes remotely, just as TeamViewer). > That your videos will be distributed, even though you have completed money transfer to my wallet. Trust me, it is worthless for me to still bother you after money transfer is successful. Moreover, if that was ever part of my plan, I would do make it happen way earlier! We are going to approach and deal with it in a clear manner! In conclusion, I'd like to recommend one more thing... after this you need to make certain you don't get involved in similar kind of unpleasant events anymore! My recommendation - ensure all your passwords are replaced with new ones on a regular basis.

2 Jahre, 4 Monate

1
0
0 / 0

zapfkiel2024@zapf.in post from amelie.mink@stu.uni-kiel.de requires approval

by zapfkiel2024-owner＠zapf.in

As list administrator, your authorization is requested for the following mailing list posting: List: zapfkiel2024(a)zapf.in From: amelie.mink(a)stu.uni-kiel.de Subject: Fwd: Ihre Anfrage hinsichtlich der Nutzung der sanit?ren Anlagen The message is being held because: The message is larger than the 40 KB maximum size At your convenience, visit your dashboard to approve or deny the request.

2 Jahre, 4 Monate

1
0
0 / 0

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Sun Jun 11 04:42:03 2023 Date Range Processed: yesterday ( 2023-Jun-10 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [369:363] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 9 sites probed the server 103.116.53.117 103.118.30.122 170.64.189.190 193.35.18.66 205.210.31.168 45.128.232.91 82.165.237.160 85.239.230.230 94.45.237.73 Requests with error response codes 400 Bad Request null: 10 Time(s) mstshash=Administr: 6 Time(s) *: 4 Time(s) mstshash=Domain: 3 Time(s) /: 2 Time(s) /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 2 Time(s) /.env: 1 Time(s) /0bef: 1 Time(s) /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/ ... e/%2e%2e/bin/sh: 1 Time(s) /private/api/v1/service/premaster: 1 Time(s) \x8C\x19\xD7\x9D\xB5\x02\x11An\x00\x00\x1A ... x09\xC0\x14\xC0: 1 Time(s) \xC0/\xC00\xC0+\xC0,\xCC\xA8\xCC\xA9\xC0\x ... x09\xC0\x14\xC0: 1 Time(s) \xFC\x02\x12+\xCFO8=\xC4\xD0\x05\x0E\xFC[\ ... x09\xC0\x13\xC0: 1 Time(s) 500 Internal Server Error /: 32 Time(s) /.env: 10 Time(s) /favicon.ico: 3 Time(s) /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s) /.git/config: 1 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /Autodiscover/Autodiscover.xml: 1 Time(s) /Temporary_Listen_Addresses: 1 Time(s) /_ignition/execute-solution: 1 Time(s) /ab2g: 1 Time(s) /actuator/gateway/routes: 1 Time(s) /autodiscover/autodiscover.json?@zdi/Powershell: 1 Time(s) /console/: 1 Time(s) /geoserver: 1 Time(s) /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s) /mifs/.;/services/LogService: 1 Time(s) /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s) /t4: 1 Time(s) /webclient/: 1 Time(s) 502 Bad Gateway /N0J5lsJlTxmRAXVI1Mlgpw/pdf: 1 Time(s) /cNLvvGbtQGm2tQV4potgIQ/pdf: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: unknown (45.122.220.190): 66 Time(s) root (31.145.142.206): 61 Time(s) root (8.218.88.4): 47 Time(s) root (185.224.128.141): 31 Time(s) unknown (31.145.142.206): 19 Time(s) unknown (static-84-242-124-74.bb.vodafone.cz): 19 Time(s) root (218.92.0.43): 18 Time(s) root (218.92.0.53): 18 Time(s) unknown (186.233.210.86): 17 Time(s) unknown (8.218.88.4): 16 Time(s) unknown (141.98.11.110): 15 Time(s) unknown (176.113.115.211): 13 Time(s) root (103.123.63.116): 12 Time(s) root (218.92.0.33): 12 Time(s) root (218.92.0.47): 12 Time(s) root (218.92.0.59): 12 Time(s) unknown (103.186.99.250): 12 Time(s) unknown (176.113.115.210): 12 Time(s) root (218.92.0.51): 11 Time(s) unknown (141.98.11.158): 11 Time(s) unknown (170.64.154.235): 11 Time(s) unknown (45.183.224.74): 11 Time(s) unknown (83.97.73.83): 11 Time(s) root (110.45.145.194): 10 Time(s) root (181.79.9.65): 10 Time(s) root (static-84-242-124-74.bb.vodafone.cz): 10 Time(s) unknown (103.187.147.214): 10 Time(s) unknown (210.14.6.60): 10 Time(s) unknown (45.171.144.39): 10 Time(s) root (202.4.42.154): 9 Time(s) root (23.224.232.54): 9 Time(s) root (43.153.229.30): 9 Time(s) root (68.183.24.108): 9 Time(s) unknown (128.199.177.90): 9 Time(s) unknown (138.197.176.228): 9 Time(s) unknown (152.32.148.123): 9 Time(s) unknown (156.67.221.169): 9 Time(s) unknown (191-45-69-202.user3p.vtal.net.br): 9 Time(s) unknown (220.126.8.143): 9 Time(s) unknown (ip217.160.117.44.pbiaas.com): 9 Time(s) root (103.153.141.55): 8 Time(s) root (107.174.69.127): 8 Time(s) root (141.98.11.158): 8 Time(s) root (157.230.241.39): 8 Time(s) root (186.84.174.241): 8 Time(s) root (212-170-240-195.rad.tsai.es): 8 Time(s) root (24.199.85.124): 8 Time(s) root (43.131.35.111): 8 Time(s) unknown (103.153.141.55): 8 Time(s) unknown (104.248.146.84): 8 Time(s) unknown (109.195.242.57): 8 Time(s) unknown (114.207.113.200): 8 Time(s) unknown (146.59.250.225): 8 Time(s) unknown (164.88.198.91): 8 Time(s) unknown (183.132.0.85.dynamic.wline.res.cust.swisscom.ch): 8 Time(s) unknown (188.126.83.80): 8 Time(s) unknown (190.12.84.13): 8 Time(s) unknown (190.181.15.3): 8 Time(s) unknown (190.237.93.90): 8 Time(s) unknown (202.4.42.154): 8 Time(s) unknown (43.153.208.96): 8 Time(s) unknown (43.156.231.205): 8 Time(s) unknown (43.159.49.49): 8 Time(s) unknown (51.250.73.235): 8 Time(s) unknown (64.226.124.18): 8 Time(s) unknown (93.188.164.15): 8 Time(s) root (103.106.104.19): 7 Time(s) root (154.222.229.86): 7 Time(s) root (156.67.221.169): 7 Time(s) root (157.230.1.224): 7 Time(s) root (164.88.198.91): 7 Time(s) root (171.34.70.28): 7 Time(s) root (176.113.115.211): 7 Time(s) root (190.166.124.70): 7 Time(s) root (210.245.111.33): 7 Time(s) root (251.197.142.34.bc.googleusercontent.com): 7 Time(s) root (43.156.28.79): 7 Time(s) root (43.156.29.177): 7 Time(s) root (43.156.70.63): 7 Time(s) root (93-43-231-181.ip94.fastwebnet.it): 7 Time(s) root (vps-b92ca0f6.vps.ovh.net): 7 Time(s) unknown (103.103.30.125): 7 Time(s) unknown (110.45.145.194): 7 Time(s) unknown (129.205.208.20): 7 Time(s) unknown (142.93.187.197): 7 Time(s) unknown (150.107.194.234): 7 Time(s) unknown (157.245.40.222): 7 Time(s) unknown (159.223.107.230): 7 Time(s) unknown (159.65.124.66): 7 Time(s) unknown (165.22.16.134): 7 Time(s) unknown (182.75.216.74): 7 Time(s) unknown (185.165.30.166): 7 Time(s) unknown (190.52.39.248): 7 Time(s) unknown (193.233.232.21): 7 Time(s) unknown (196.6.103.2): 7 Time(s) unknown (20.25.38.254): 7 Time(s) unknown (203.192.211.240): 7 Time(s) unknown (211.194.83.173): 7 Time(s) unknown (23.224.143.25): 7 Time(s) unknown (24.199.116.85): 7 Time(s) unknown (43.131.59.246): 7 Time(s) unknown (43.153.72.103): 7 Time(s) unknown (43.154.66.147): 7 Time(s) unknown (43.163.224.133): 7 Time(s) root (114.ip-51-68-224.eu): 6 Time(s) root (128.199.177.90): 6 Time(s) root (137.184.112.37): 6 Time(s) root (152.32.148.123): 6 Time(s) root (165.232.78.65): 6 Time(s) root (182.75.216.74): 6 Time(s) root (183.106.205.242): 6 Time(s) root (183.26.169.219): 6 Time(s) root (185.74.5.186): 6 Time(s) root (192.3.116.181): 6 Time(s) root (196.6.103.2): 6 Time(s) root (20.25.38.254): 6 Time(s) root (211.194.83.173): 6 Time(s) root (218.92.0.21): 6 Time(s) root (218.92.0.28): 6 Time(s) root (218.92.0.45): 6 Time(s) root (218.92.0.52): 6 Time(s) root (43.135.145.254): 6 Time(s) root (43.154.66.147): 6 Time(s) root (43.155.162.157): 6 Time(s) root (43.156.240.186): 6 Time(s) root (43.156.33.183): 6 Time(s) root (68.183.132.72): 6 Time(s) root (vps-908f6e5f.vps.ovh.net): 6 Time(s) unknown (103.106.104.19): 6 Time(s) unknown (107.174.69.127): 6 Time(s) unknown (112.161.188.18): 6 Time(s) unknown (114.ip-51-68-224.eu): 6 Time(s) unknown (117.161.75.116): 6 Time(s) unknown (137.184.112.37): 6 Time(s) unknown (137.184.54.207): 6 Time(s) unknown (142.93.64.69): 6 Time(s) unknown (154.222.229.86): 6 Time(s) unknown (165.232.78.65): 6 Time(s) unknown (185.74.5.186): 6 Time(s) unknown (190.166.124.70): 6 Time(s) unknown (192.3.116.181): 6 Time(s) unknown (210.245.111.33): 6 Time(s) unknown (211.250.230.188): 6 Time(s) unknown (251.197.142.34.bc.googleusercontent.com): 6 Time(s) unknown (43.131.35.111): 6 Time(s) unknown (43.135.145.254): 6 Time(s) unknown (43.155.162.157): 6 Time(s) unknown (43.156.240.186): 6 Time(s) unknown (43.156.29.177): 6 Time(s) unknown (43.156.33.183): 6 Time(s) unknown (43.156.70.63): 6 Time(s) unknown (46.101.132.159): 6 Time(s) unknown (68.183.132.72): 6 Time(s) unknown (93-43-231-181.ip94.fastwebnet.it): 6 Time(s) unknown (glos1.211.ru): 6 Time(s) unknown (vps-b92ca0f6.vps.ovh.net): 6 Time(s) root (103.103.30.125): 5 Time(s) root (129.205.208.20): 5 Time(s) root (137.184.54.207): 5 Time(s) root (142.93.187.197): 5 Time(s) root (150.107.194.234): 5 Time(s) root (186.233.210.86): 5 Time(s) root (190.181.15.3): 5 Time(s) root (190.52.39.248): 5 Time(s) root (193.233.232.21): 5 Time(s) root (203.192.211.240): 5 Time(s) root (220.95.2.227): 5 Time(s) root (24.199.116.85): 5 Time(s) root (43.153.72.103): 5 Time(s) root (43.163.224.133): 5 Time(s) root (46.101.132.159): 5 Time(s) root (59.21.219.162): 5 Time(s) unknown (157.230.241.39): 5 Time(s) unknown (171.34.70.28): 5 Time(s) unknown (185.224.128.141): 5 Time(s) unknown (186.84.174.241): 5 Time(s) unknown (23.224.232.54): 5 Time(s) unknown (24.199.85.124): 5 Time(s) unknown (43.153.229.30): 5 Time(s) unknown (43.156.28.79): 5 Time(s) unknown (68.183.24.108): 5 Time(s) unknown (vps-908f6e5f.vps.ovh.net): 5 Time(s) root (103.186.99.250): 4 Time(s) root (104.248.146.84): 4 Time(s) root (109.195.242.57): 4 Time(s) root (141.98.11.110): 4 Time(s) root (146.59.250.225): 4 Time(s) root (157.245.40.222): 4 Time(s) root (159.223.107.230): 4 Time(s) root (159.65.124.66): 4 Time(s) root (165.22.16.134): 4 Time(s) root (176.113.115.210): 4 Time(s) root (185.165.30.166): 4 Time(s) root (188.126.83.80): 4 Time(s) root (190.12.84.13): 4 Time(s) root (190.237.93.90): 4 Time(s) root (191-45-69-202.user3p.vtal.net.br): 4 Time(s) root (201.131.212.19): 4 Time(s) root (207.154.232.181): 4 Time(s) root (210.14.6.60): 4 Time(s) root (23.224.143.25): 4 Time(s) root (43.153.208.96): 4 Time(s) root (43.156.231.205): 4 Time(s) root (65.181.73.155): 4 Time(s) root (glos1.211.ru): 4 Time(s) unknown (108-227-33-81.lightspeed.bcvloh.sbcglobal.net): 4 Time(s) unknown (157.230.1.224): 4 Time(s) unknown (181.79.9.65): 4 Time(s) unknown (212-170-240-195.rad.tsai.es): 4 Time(s) root (103.187.147.214): 3 Time(s) root (114.207.113.200): 3 Time(s) root (183.132.0.85.dynamic.wline.res.cust.swisscom.ch): 3 Time(s) root (43.131.59.246): 3 Time(s) root (43.159.49.49): 3 Time(s) root (51.250.73.235): 3 Time(s) root (64.226.124.18): 3 Time(s) root (93.188.164.15): 3 Time(s) unknown (159.65.65.75): 3 Time(s) unknown (45.95.146.115): 3 Time(s) root (104.236.68.106): 2 Time(s) root (117.161.75.116): 2 Time(s) root (138.197.176.228): 2 Time(s) root (220.126.8.143): 2 Time(s) root (45.171.144.39): 2 Time(s) root (45.183.224.74): 2 Time(s) root (kd111238174006.ppp-bb.dion.ne.jp): 2 Time(s) unknown (104.236.68.106): 2 Time(s) unknown (161.35.95.88): 2 Time(s) unknown (176.111.173.193): 2 Time(s) unknown (31.184.198.71): 2 Time(s) unknown (31.41.244.125): 2 Time(s) unknown (62.233.50.249): 2 Time(s) unknown (8.222.196.52): 2 Time(s) bin (8.218.88.4): 1 Time(s) daemon (190.181.15.3): 1 Time(s) games (165.232.78.65): 1 Time(s) mysql (142.93.64.69): 1 Time(s) mysql (157.245.40.222): 1 Time(s) mysql (159.223.107.230): 1 Time(s) mysql (186.233.210.86): 1 Time(s) mysql (43.156.28.79): 1 Time(s) mysql (vps-908f6e5f.vps.ovh.net): 1 Time(s) postgres (137.184.54.207): 1 Time(s) postgres (157.230.1.224): 1 Time(s) postgres (176.113.115.210): 1 Time(s) postgres (190.237.93.90): 1 Time(s) postgres (31.145.142.206): 1 Time(s) root (131.239.38.38): 1 Time(s) root (161.35.95.88): 1 Time(s) root (170.64.154.235): 1 Time(s) root (190.149.217.149): 1 Time(s) root (202.29.13.52): 1 Time(s) root (31.184.198.71): 1 Time(s) root (d-23-244-129-25.nh.cpe.atlanticbb.net): 1 Time(s) root (ec2-52-196-177-204.ap-northeast-1.compute.amazonaws.com): 1 Time(s) root (ip217.160.117.44.pbiaas.com): 1 Time(s) root (n1164855092.netvigator.com): 1 Time(s) root (wsip-72-214-63-36.sd.sd.cox.net): 1 Time(s) unknown (103.86.55.155): 1 Time(s) unknown (110.34.5.138): 1 Time(s) unknown (113.22.61.176): 1 Time(s) unknown (114.88.176.141): 1 Time(s) unknown (119.203.230.19): 1 Time(s) unknown (121.202.204.20): 1 Time(s) unknown (149.78.185.243): 1 Time(s) unknown (165.90.126.99): 1 Time(s) unknown (175.156.155.242): 1 Time(s) unknown (175.156.203.160): 1 Time(s) unknown (178.219.116.20): 1 Time(s) unknown (187-84-58-133.bommtempo.inf.br): 1 Time(s) unknown (190-205-250-24.dyn.dsl.cantv.net): 1 Time(s) unknown (201.131.212.19): 1 Time(s) unknown (207.154.232.181): 1 Time(s) unknown (220.78.79.212): 1 Time(s) unknown (221.223.90.213): 1 Time(s) unknown (27.213.243.49.ap.yournet.ne.jp): 1 Time(s) unknown (32.1.193.35.bc.googleusercontent.com): 1 Time(s) unknown (36.67.119.35): 1 Time(s) unknown (41.175.71.31): 1 Time(s) unknown (46.147.101.163): 1 Time(s) unknown (49.235.123.8): 1 Time(s) unknown (50.116.79.220): 1 Time(s) unknown (59-127-24-124.hinet-ip.hinet.net): 1 Time(s) unknown (65.181.73.155): 1 Time(s) unknown (88.82.212.3): 1 Time(s) unknown (89.190.156.135): 1 Time(s) unknown (95.52.203.204): 1 Time(s) unknown (c-67-164-238-68.hsd1.il.comcast.net): 1 Time(s) unknown (cpe-174-96-50-187.neo.res.rr.com): 1 Time(s) unknown (ppp78-37-223-75.pppoe.avangarddsl.ru): 1 Time(s) uucp (195.242.234.192): 1 Time(s) Invalid Users: Unknown Account: 976 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 22.166K Bytes accepted 22,698 22.166K Bytes sent via SMTP 22,698 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 2 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 2 Total 4xx Rejects 100.00% ======== ================================================== 54 Connections 11 Connections lost (inbound) 54 Disconnections 1 Removed from queue 1 Sent via SMTP 1 Illegal address syntax in SMTP command 1 SMTP dialog errors 2 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Network Read Write Errors: 12 Disconnecting after too many authentication failures for user: invalid : 2 Time(s) root : 21 Time(s) Failed logins from: 8.218.88.4: 48 times 20.25.38.254: 6 times 23.224.143.25: 4 times 23.224.232.54: 9 times 23.244.129.25 (d-23-244-129-25.nh.cpe.atlanticbb.net): 1 time 24.199.85.124: 8 times 24.199.116.85: 5 times 31.145.142.206: 62 times 31.184.198.71: 1 time 34.142.197.251 (251.197.142.34.bc.googleusercontent.com): 7 times 43.131.35.111: 8 times 43.131.59.246: 3 times 43.135.145.254: 6 times 43.153.72.103: 5 times 43.153.208.96: 4 times 43.153.229.30: 9 times 43.154.66.147: 6 times 43.155.162.157: 6 times 43.156.28.79: 8 times 43.156.29.177: 7 times 43.156.33.183: 6 times 43.156.70.63: 7 times 43.156.231.205: 4 times 43.156.240.186: 6 times 43.159.49.49: 3 times 43.163.224.133: 5 times 45.171.144.39 (n3Solucoes-ipv4-as268715-39-144-171-45.n3Solucoes.com.br): 2 times 45.183.224.74: 2 times 46.101.132.159: 5 times 51.68.224.114 (114.ip-51-68-224.eu): 6 times 51.77.230.240 (vps-908f6e5f.vps.ovh.net): 7 times 51.250.73.235: 3 times 52.196.177.204 (ec2-52-196-177-204.ap-northeast-1.compute.amazonaws.com): 1 time 59.21.219.162: 6 times 64.226.124.18: 3 times 65.181.73.155 (65-181-73-155.static.imsbiz.com): 4 times 68.183.24.108: 9 times 68.183.132.72: 6 times 72.214.63.36 (wsip-72-214-63-36.sd.sd.cox.net): 1 time 84.242.124.74 (static-84-242-124-74.bb.vodafone.cz): 10 times 85.0.132.183 (183.132.0.85.dynamic.wline.res.cust.swisscom.ch): 3 times 89.189.188.33 (glos1.211.ru): 4 times 93.43.231.181 (93-43-231-181.ip94.fastwebnet.it): 7 times 93.188.164.15: 3 times 103.103.30.125: 5 times 103.106.104.19: 7 times 103.123.63.116 (ip116.63.123.103.in-addr.arpa.unknwn.cloudhost.asia): 12 times 103.153.141.55: 8 times 103.186.99.250: 4 times 103.187.147.214: 3 times 104.236.68.106: 2 times 104.248.146.84: 4 times 107.174.69.127 (107-174-69-127-host.colocrossing.com): 8 times 109.195.242.57 (109x195x242x57.static-business.cheb.ertelecom.ru): 4 times 110.45.145.194: 10 times 111.238.174.6 (KD111238174006.ppp-bb.dion.ne.jp): 2 times 114.207.113.200 (114-207-113-200.tongkni.co.kr): 3 times 116.48.55.92 (n1164855092.netvigator.com): 1 time 117.161.75.116: 2 times 128.199.177.90: 6 times 129.205.208.20: 5 times 131.239.38.38: 1 time 137.184.54.207: 6 times 137.184.112.37: 6 times 138.197.176.228: 2 times 141.98.11.110 (srv-141-98-11-110.serveroffer.net): 4 times 141.98.11.158: 8 times 142.93.64.69: 1 time 142.93.187.197: 5 times 146.59.250.225: 4 times 150.107.194.234: 5 times 152.32.148.123: 6 times 154.222.229.86: 7 times 156.67.221.169: 7 times 157.230.1.224: 8 times 157.230.241.39: 8 times 157.245.40.222: 5 times 159.65.124.66: 4 times 159.223.107.230: 5 times 161.35.95.88: 1 time 162.19.75.65 (vps-b92ca0f6.vps.ovh.net): 7 times 164.88.198.91: 7 times 165.22.16.134: 4 times 165.232.78.65: 7 times 170.64.154.235: 1 time 171.34.70.28 (28.70.34.171.adsl-pool.jx.chinaunicom.com): 7 times 176.113.115.210: 5 times 176.113.115.211: 7 times 181.79.9.65: 10 times 182.75.216.74 (nsg-static-74.216.75.182-airtel.com): 6 times 183.26.169.219: 6 times 183.106.205.242: 6 times 185.74.5.186: 6 times 185.165.30.166: 4 times 185.224.128.141: 31 times 186.84.174.241 (dynamic-ip-18684174241.cable.net.co): 8 times 186.233.210.86: 6 times 188.126.83.80 (188-126-83-80-static.glesys.net): 4 times 190.12.84.13: 4 times 190.52.39.248: 5 times 190.149.217.149: 1 time 190.166.124.70 (70.124.166.190.f.sta.codetel.net.do): 7 times 190.181.15.3 (static-190-181-15-3.acelerate.net): 6 times 190.237.93.90: 5 times 191.45.69.202 (191-45-69-202.user3p.vtal.net.br): 4 times 192.3.116.181 (192-3-116-181-host.colocrossing.com): 6 times 193.233.232.21 (joyful-wish.aeza.network): 5 times 195.242.234.192 (host-195.242.234.192.c3.net.pl): 1 time 196.6.103.2: 6 times 201.131.212.19: 4 times 202.4.42.154: 9 times 202.29.13.52: 1 time 203.192.211.240 (dhcp-192-211-240.in2cable.com): 5 times 207.154.232.181: 4 times 210.14.6.60: 4 times 210.245.111.33: 7 times 211.194.83.173: 6 times 212.170.240.195 (212-170-240-195.rad.tsai.es): 8 times 217.160.117.44 (ip217.160.117.44.pbiaas.com): 1 time 218.92.0.21: 6 times 218.92.0.28: 6 times 218.92.0.33: 12 times 218.92.0.43: 18 times 218.92.0.45: 6 times 218.92.0.47: 12 times 218.92.0.51: 11 times 218.92.0.52: 6 times 218.92.0.53: 18 times 218.92.0.59: 12 times 220.95.2.227: 6 times 220.126.8.143: 2 times Illegal users from: 2001:470:1:c84::16: 1 time undef: 513 times 8.218.88.4: 16 times 8.222.196.52: 2 times 20.25.38.254: 7 times 23.224.143.25: 7 times 23.224.232.54: 5 times 24.199.85.124: 5 times 24.199.116.85: 7 times 31.41.244.125: 2 times 31.145.142.206: 19 times 31.184.198.71: 3 times 34.142.197.251 (251.197.142.34.bc.googleusercontent.com): 6 times 35.193.1.32 (32.1.193.35.bc.googleusercontent.com): 1 time 36.67.119.35: 1 time 41.175.71.31: 1 time 43.131.35.111: 6 times 43.131.59.246: 7 times 43.135.145.254: 6 times 43.153.72.103: 7 times 43.153.208.96: 8 times 43.153.229.30: 5 times 43.154.66.147: 7 times 43.155.162.157: 6 times 43.156.28.79: 5 times 43.156.29.177: 6 times 43.156.33.183: 6 times 43.156.70.63: 6 times 43.156.231.205: 8 times 43.156.240.186: 6 times 43.159.49.49: 8 times 43.163.224.133: 7 times 45.95.146.115 (landingpageoffer.cc): 3 times 45.122.220.190 (mx220190.vhost.vn): 66 times 45.171.144.39 (n3Solucoes-ipv4-as268715-39-144-171-45.n3Solucoes.com.br): 10 times 45.183.224.74: 11 times 46.101.132.159: 6 times 46.147.101.163 (46x147x101x163.dynamic.rostov.ertelecom.ru): 1 time 49.235.123.8: 1 time 49.243.213.27 (27.213.243.49.ap.yournet.ne.jp): 1 time 50.116.79.220 (aprenderenred.com.ar): 1 time 51.68.224.114 (114.ip-51-68-224.eu): 6 times 51.77.230.240 (vps-908f6e5f.vps.ovh.net): 5 times 51.250.73.235: 8 times 59.127.24.124 (59-127-24-124.hinet-ip.hinet.net): 1 time 62.233.50.249: 2 times 64.62.197.212 (scan-43a.shadowserver.org): 1 time 64.226.124.18: 8 times 65.181.73.155 (65-181-73-155.static.imsbiz.com): 1 time 67.164.238.68 (c-67-164-238-68.hsd1.il.comcast.net): 1 time 68.183.24.108: 5 times 68.183.132.72: 6 times 78.37.223.75 (ppp78-37-223-75.pppoe.avangarddsl.ru): 1 time 83.97.73.83: 55 times 84.242.124.74 (static-84-242-124-74.bb.vodafone.cz): 19 times 85.0.132.183 (183.132.0.85.dynamic.wline.res.cust.swisscom.ch): 8 times 88.82.212.3: 1 time 89.189.188.33 (glos1.211.ru): 6 times 89.190.156.135 (hosted-by.alsycon.net): 1 time 93.43.231.181 (93-43-231-181.ip94.fastwebnet.it): 6 times 93.188.164.15: 8 times 95.52.203.204: 1 time 103.86.55.155 (103-86-55-155.optix.pk): 1 time 103.103.30.125: 7 times 103.106.104.19: 6 times 103.153.141.55: 8 times 103.186.99.250: 12 times 103.187.147.214: 10 times 104.236.68.106: 2 times 104.248.146.84: 8 times 107.174.69.127 (107-174-69-127-host.colocrossing.com): 6 times 108.227.33.81 (108-227-33-81.lightspeed.bcvloh.sbcglobal.net): 5 times 109.195.242.57 (109x195x242x57.static-business.cheb.ertelecom.ru): 8 times 110.34.5.138: 1 time 110.45.145.194: 7 times 112.161.188.18: 6 times 113.22.61.176: 1 time 114.88.176.141: 1 time 114.207.113.200 (114-207-113-200.tongkni.co.kr): 8 times 117.161.75.116: 6 times 119.203.230.19: 1 time 121.202.204.20 (m121-202-204-20.smartone.com): 1 time 124.78.200.38 (38.200.78.124.broad.xw.sh.dynamic.163data.com.cn): 1 time 128.199.177.90: 9 times 129.205.208.20: 7 times 137.184.54.207: 6 times 137.184.112.37: 6 times 138.197.176.228: 9 times 141.98.11.110 (srv-141-98-11-110.serveroffer.net): 15 times 141.98.11.158: 11 times 142.93.64.69: 6 times 142.93.187.197: 7 times 146.59.250.225: 8 times 149.78.185.243: 1 time 150.107.194.234: 7 times 152.32.148.123: 9 times 154.222.229.86: 6 times 156.67.221.169: 9 times 157.230.1.224: 4 times 157.230.241.39: 5 times 157.245.40.222: 7 times 159.65.65.75: 3 times 159.65.124.66: 7 times 159.223.107.230: 7 times 161.35.95.88: 2 times 162.19.75.65 (vps-b92ca0f6.vps.ovh.net): 6 times 164.88.198.91: 8 times 165.22.16.134: 7 times 165.90.126.99: 1 time 165.232.78.65: 6 times 170.64.154.235: 11 times 171.34.70.28 (28.70.34.171.adsl-pool.jx.chinaunicom.com): 5 times 174.96.50.187 (cpe-174-96-50-187.neo.res.rr.com): 5 times 175.156.155.242: 1 time 175.156.203.160: 1 time 176.111.173.193: 10 times 176.113.115.210: 12 times 176.113.115.211: 13 times 178.219.116.20 (host-178.219.116.20-c3.net.pl): 1 time 181.79.9.65: 4 times 182.75.216.74 (nsg-static-74.216.75.182-airtel.com): 7 times 185.74.5.186: 6 times 185.165.30.166: 7 times 185.224.128.141: 5 times 186.84.174.241 (dynamic-ip-18684174241.cable.net.co): 5 times 186.233.210.86: 17 times 187.84.58.133 (187-84-58-133.bommtempo.inf.br): 1 time 188.126.83.80 (188-126-83-80-static.glesys.net): 8 times 190.12.84.13: 8 times 190.52.39.248: 7 times 190.166.124.70 (70.124.166.190.f.sta.codetel.net.do): 6 times 190.181.15.3 (static-190-181-15-3.acelerate.net): 8 times 190.205.250.24 (190-205-250-24.dyn.dsl.cantv.net): 1 time 190.237.93.90: 8 times 191.45.69.202 (191-45-69-202.user3p.vtal.net.br): 9 times 192.3.116.181 (192-3-116-181-host.colocrossing.com): 6 times 193.233.232.21 (joyful-wish.aeza.network): 7 times 196.6.103.2: 7 times 201.131.212.19: 1 time 202.4.42.154: 8 times 203.192.211.240 (dhcp-192-211-240.in2cable.com): 7 times 207.154.232.181: 1 time 210.14.6.60: 10 times 210.245.111.33: 6 times 211.194.83.173: 7 times 211.250.230.188: 6 times 212.170.240.195 (212-170-240-195.rad.tsai.es): 4 times 217.160.117.44 (ip217.160.117.44.pbiaas.com): 9 times 220.78.79.212: 5 times 220.126.8.143: 9 times 221.223.90.213: 1 time **Unmatched Entries** Disconnecting: Change of username or service not allowed: (root,ssh-connection) -> (admin,ssh-connection) [preauth] : 1 time(s) Disconnecting: Change of username or service not allowed: (0,ssh-connection) -> (root,ssh-connection) [preauth] : 1 time(s) Disconnecting: Change of username or service not allowed: (admin,ssh-connection) -> (ubnt,ssh-connection) [preauth] : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop13985p1 394G 243G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

2 Jahre, 4 Monate

1
0
0 / 0

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Sat Jun 10 04:42:03 2023 Date Range Processed: yesterday ( 2023-Jun-09 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [271:272] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 20 sites probed the server 103.171.0.205 103.56.61.132 109.237.98.226 170.64.176.11 176.117.195.64 178.79.139.171 179.43.177.244 185.100.87.136 192.241.216.13 194.180.48.85 198.199.96.65 198.235.24.252 35.203.211.160 36.225.131.1 45.128.232.91 45.95.169.184 60.217.75.70 66.240.205.34 68.183.44.191 79.110.49.5 Requests with error response codes 400 Bad Request null: 26 Time(s) mstshash=Administr: 8 Time(s) /: 7 Time(s) *: 5 Time(s) /aaa9: 3 Time(s) /aab8: 3 Time(s) mstshash=Domain: 3 Time(s) 7: 1 Time(s) :\xD7\xFAfF\xCD\xADn\xFD<+\x8AP\x13\x92;\x ... #\xC0(\xC0'\xC0: 1 Time(s) ;\x8D\xA3\xE5\xCB\xC3^S\xC1j^Lq\x17\xB6\xD ... x00\x01\x02\x00: 1 Time(s) H\x0F\x9C*\xA0^\xA3\xA1\x95T\xF9\xE1\x11\xEE\xF01: 1 Time(s) LM: 1 Time(s) V\x15BG\xFCG=C\xA2\x8D1\xA2\x8At\x81\x9Cr= ... x09\xC0\x13\xC0: 1 Time(s) \x00\x00BBBB\xBA\x8C\xC1\xABDAAA: 1 Time(s) \x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0 ... x09\xC0\x14\xC0: 1 Time(s) \x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x ... x00\x00\x00\x00: 1 Time(s) \x03\x22\x91\x82y<bEY\xC2:Sv\xE8bQ\x9B\xFD ... D\xC0$\xC0(\xC0: 1 Time(s) \x10o\x82\xDA+*\xF5\xB0\x18\x93p}u\xF4\xA1 ... #\xC0'\x00g\xC0: 1 Time(s) \x18+: 1 Time(s) \x1F^\x92\xD8]\xA4\xD5n\xEB\x7F(\x96\xA3\x ... x00\x01\x02\x00: 1 Time(s) \x9F!\xCD[X\xAB\x8D\x14: 1 Time(s) \xC0/\xC00\xC0+\xC0,\xCC\xA8\xCC\xA9\xC0\x ... x09\xC0\x14\xC0: 1 Time(s) \xC2b\xFE\xCE\xA5zk\xD0!\xC0\xB5: 1 Time(s) \xDC\xF6\x1Cc: 1 Time(s) \xEC\xFA\x81Tr~H\xE0\xFAN\xF6\xDC'C\x5C\xE ... xD3\xF8\x0C\x0E: 1 Time(s) c\xB6x\xB1\xCC}\xA7z\xFD#\xCBCz\x03B\x05\x ... x09\xC0\x13\xC0: 1 Time(s) default.asp: 1 Time(s) e\xB0\x19\xF20\xDD\xBB\x9B\xD5\xD5\xCEl\xD ... x09\xC0\x13\xC0: 1 Time(s) i0G\xF7L\xA8\xDEm[\x90{\xB1\xD4\x87\x8F\x0 ... x00\x01\x02\x00: 1 Time(s) i\xB9Mm\xB5ta\xC8\x09\x11bA\xDD\x12\xE3\x0 ... xBE\x00\xBD\xC0: 1 Time(s) 403 Forbidden /FrcS3CFURGOhH8IZnOVeEw: 1 Time(s) /FrcS3CFURGOhH8IZnOVeEw?both=: 1 Time(s) 500 Internal Server Error /: 40 Time(s) /.env: 5 Time(s) /favicon.ico: 4 Time(s) /ecp/Current/exporttool/microsoft.exchange ... ool.application: 3 Time(s) /.git/config: 2 Time(s) /owa/auth/logon.aspx: 2 Time(s) /.DS_Store: 1 Time(s) /.vscode/sftp.json: 1 Time(s) /.well-known/security.txt: 1 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /?rest_route=/wp/v2/users/: 1 Time(s) /_all_dbs: 1 Time(s) /_ignition/execute-solution: 1 Time(s) /about: 1 Time(s) /actuator/gateway/routes: 1 Time(s) /autodiscover/autodiscover.json?@zdi/Powershell: 1 Time(s) /config.json: 1 Time(s) /console/: 1 Time(s) /debug/default/view?panel=config: 1 Time(s) /geoserver: 1 Time(s) /geoserver/web/: 1 Time(s) /login.action: 1 Time(s) /mifs/.;/services/LogService: 1 Time(s) /owa/auth.owa: 1 Time(s) /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s) /owa/auth/x.js: 1 Time(s) /restore.php: 1 Time(s) /s/235323e2035313e2936313e21383/_/;/META-I ... /pom.properties: 1 Time(s) /security.txt: 1 Time(s) /server-status: 1 Time(s) /telescope/requests: 1 Time(s) /v2/_catalog: 1 Time(s) 502 Bad Gateway /O2CAPBprSRO1hR9J52_r_w/pdf: 1 Time(s) /ra096r0rTouv8Ic0qv7NOw/pdf: 1 Time(s) /v7DnD4hVQTudc73ZRJpAVA/pdf: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (218.92.0.51): 71 Time(s) root (218.92.0.52): 66 Time(s) root (218.92.0.55): 48 Time(s) root (218.92.0.21): 42 Time(s) root (218.92.0.37): 42 Time(s) root (185.224.128.141): 38 Time(s) root (218.92.0.40): 36 Time(s) root (218.92.0.33): 24 Time(s) root (218.92.0.43): 24 Time(s) root (218.92.0.45): 24 Time(s) root (218.92.0.47): 24 Time(s) root (218.92.0.28): 18 Time(s) root (218.92.0.53): 18 Time(s) unknown (170.64.154.235): 15 Time(s) root (218.92.0.59): 14 Time(s) root (152.200.181.42): 13 Time(s) unknown (141.98.11.110): 13 Time(s) root (20.228.150.123): 12 Time(s) unknown (43.155.95.31): 11 Time(s) root (167.172.142.20): 10 Time(s) root (175.203.61.33): 10 Time(s) unknown (43.134.172.119): 10 Time(s) root (112.213.120.23): 9 Time(s) root (146.190.25.194): 9 Time(s) root (64.226.124.18): 9 Time(s) unknown (152.200.181.42): 9 Time(s) unknown (182.16.179.214): 9 Time(s) unknown (207.154.251.172): 9 Time(s) unknown (43.134.178.72): 9 Time(s) unknown (43.134.227.87): 9 Time(s) unknown (43.159.33.188): 9 Time(s) unknown (83.97.73.83): 9 Time(s) root (141.98.11.110): 8 Time(s) root (157.230.185.9): 8 Time(s) root (190.202.95.114): 8 Time(s) root (206.189.90.250): 8 Time(s) root (77.92.151.231): 8 Time(s) unknown (103.35.72.217): 8 Time(s) unknown (112.133.221.5): 8 Time(s) unknown (123.22.212.243): 8 Time(s) unknown (165.232.158.187): 8 Time(s) unknown (176.113.115.211): 8 Time(s) unknown (193.233.21.79): 8 Time(s) unknown (210.245.111.33): 8 Time(s) unknown (211.25.119.142): 8 Time(s) unknown (49.247.43.169): 8 Time(s) unknown (89.236.239.25.static.ip.tps.uz): 8 Time(s) unknown (94-229-79-26.as42831.net): 8 Time(s) root (128.199.19.74): 7 Time(s) root (141.98.11.158): 7 Time(s) root (143.198.208.90): 7 Time(s) root (167.71.136.141): 7 Time(s) root (43.156.237.143): 7 Time(s) unknown (1.245.61.144): 7 Time(s) unknown (103.187.146.200): 7 Time(s) unknown (104.186.204.146): 7 Time(s) unknown (114-36-251-51.dynamic-ip.hinet.net): 7 Time(s) unknown (128.199.68.220): 7 Time(s) unknown (139.59.231.14): 7 Time(s) unknown (141.98.11.158): 7 Time(s) unknown (146.190.82.60): 7 Time(s) unknown (159.223.80.39): 7 Time(s) unknown (167.99.123.23): 7 Time(s) unknown (170.106.196.12): 7 Time(s) unknown (172.245.139.108): 7 Time(s) unknown (175.203.61.33): 7 Time(s) unknown (178.128.161.69): 7 Time(s) unknown (192.210.226.176): 7 Time(s) unknown (207.154.208.68): 7 Time(s) unknown (23.147.229.189): 7 Time(s) unknown (23.95.90.184): 7 Time(s) unknown (61.2.243.254): 7 Time(s) unknown (fixed-187-190-217-15.totalplay.net): 7 Time(s) root (1.245.61.144): 6 Time(s) root (114-36-251-51.dynamic-ip.hinet.net): 6 Time(s) root (195.87.80.171): 6 Time(s) root (207.154.208.68): 6 Time(s) root (218.92.0.26): 6 Time(s) root (43.153.202.243): 6 Time(s) root (43.156.66.5): 6 Time(s) root (mail.worker-655.ovh): 6 Time(s) unknown (104.28.217.49): 6 Time(s) unknown (104.28.217.50): 6 Time(s) unknown (128.199.19.74): 6 Time(s) unknown (134.209.79.45): 6 Time(s) unknown (143.198.208.90): 6 Time(s) unknown (157.230.185.9): 6 Time(s) unknown (165.227.90.242): 6 Time(s) unknown (167.71.136.141): 6 Time(s) unknown (176.113.115.210): 6 Time(s) unknown (190.202.95.114): 6 Time(s) unknown (20.228.150.123): 6 Time(s) unknown (206.189.90.250): 6 Time(s) unknown (43.153.202.243): 6 Time(s) unknown (43.156.237.143): 6 Time(s) unknown (43.156.66.5): 6 Time(s) unknown (62.122.184.125): 6 Time(s) unknown (62.233.50.249): 6 Time(s) unknown (80.66.76.51): 6 Time(s) root (103.187.146.200): 5 Time(s) root (104.186.204.146): 5 Time(s) root (104.28.217.49): 5 Time(s) root (128.199.68.220): 5 Time(s) root (134.209.79.45): 5 Time(s) root (161.35.55.73): 5 Time(s) root (167.99.123.23): 5 Time(s) root (176.113.115.211): 5 Time(s) root (178.128.161.69): 5 Time(s) root (192.210.226.176): 5 Time(s) root (201.137.21.45): 5 Time(s) root (23.147.229.189): 5 Time(s) root (23.95.90.184): 5 Time(s) root (49.247.43.169): 5 Time(s) root (61.2.243.254): 5 Time(s) root (fixed-187-190-217-15.totalplay.net): 5 Time(s) unknown (104.28.153.87): 5 Time(s) unknown (112.213.120.23): 5 Time(s) unknown (146.190.25.194): 5 Time(s) unknown (195.87.80.171): 5 Time(s) unknown (211.194.83.173): 5 Time(s) unknown (31.41.244.125): 5 Time(s) unknown (64.226.124.18): 5 Time(s) unknown (77.92.151.231): 5 Time(s) unknown (96.78.175.42): 5 Time(s) unknown (mail.worker-655.ovh): 5 Time(s) root (103.35.72.217): 4 Time(s) root (104.28.217.50): 4 Time(s) root (112.133.221.5): 4 Time(s) root (123.22.212.243): 4 Time(s) root (146.190.82.60): 4 Time(s) root (159.223.80.39): 4 Time(s) root (165.227.90.242): 4 Time(s) root (170.106.196.12): 4 Time(s) root (182.16.179.214): 4 Time(s) root (89.236.239.25.static.ip.tps.uz): 4 Time(s) root (94-229-79-26.as42831.net): 4 Time(s) root (96.78.175.42): 4 Time(s) unknown (161.35.55.73): 4 Time(s) unknown (167.172.142.20): 4 Time(s) unknown (62.122.184.124): 4 Time(s) root (104.28.153.87): 3 Time(s) root (139.59.231.14): 3 Time(s) root (165.232.158.187): 3 Time(s) root (170.64.154.235): 3 Time(s) root (172.245.139.108): 3 Time(s) root (210.245.111.33): 3 Time(s) root (211.194.83.173): 3 Time(s) root (211.25.119.142): 3 Time(s) unknown (185.224.128.141): 3 Time(s) unknown (221.159.150.85): 3 Time(s) mysql (139.59.231.14): 2 Time(s) mysql (182.16.179.214): 2 Time(s) postgres (146.190.82.60): 2 Time(s) postgres (165.227.90.242): 2 Time(s) root (176.113.115.210): 2 Time(s) root (185.224.128.128): 2 Time(s) root (193.233.21.79): 2 Time(s) root (207.154.251.172): 2 Time(s) root (43.134.172.119): 2 Time(s) root (43.134.178.72): 2 Time(s) root (43.134.227.87): 2 Time(s) root (43.155.95.31): 2 Time(s) root (43.159.33.188): 2 Time(s) root (62.122.184.125): 2 Time(s) unknown (176.111.173.193): 2 Time(s) unknown (45.95.146.115): 2 Time(s) unknown (89.190.156.135): 2 Time(s) unknown (c193-183-242-97.customer.sandnet.se): 2 Time(s) mysql (195.87.80.171): 1 Time(s) mysql (211.194.83.173): 1 Time(s) postgres (161.35.55.73): 1 Time(s) root (122-151-202-217.sta.wbroadband.net.au): 1 Time(s) root (180.164.107.73): 1 Time(s) root (200.175.56.249): 1 Time(s) root (36.110.228.254): 1 Time(s) sshd (141.98.11.110): 1 Time(s) sshd (141.98.11.158): 1 Time(s) unknown (107-204-192-210.lightspeed.bcvloh.sbcglobal.net): 1 Time(s) unknown (115.114.40.105): 1 Time(s) unknown (117.81.213.102): 1 Time(s) unknown (121.191.9.204): 1 Time(s) unknown (159.20.120.13): 1 Time(s) unknown (212.50.51.137): 1 Time(s) unknown (24.31.19.16): 1 Time(s) unknown (243.112.235.77.dyn.idknet.com): 1 Time(s) unknown (5.165.211.34): 1 Time(s) unknown (59.14.41.42): 1 Time(s) unknown (65.20.164.178): 1 Time(s) unknown (lfbn-idf1-1-1291-24.w90-79.abo.wanadoo.fr): 1 Time(s) uucp (141.98.11.158): 1 Time(s) Invalid Users: Unknown Account: 586 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 27.403K Bytes accepted 28,061 27.403K Bytes sent via SMTP 28,061 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 55 Connections 20 Connections lost (inbound) 55 Disconnections 1 Removed from queue 1 Sent via SMTP 1 SMTP dialog errors 1 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: invalid : 1 Time(s) root : 77 Time(s) Failed logins from: 1.245.61.144: 6 times 20.228.150.123: 12 times 23.95.90.184 (23-95-90-184-host.colocrossing.com): 5 times 23.147.229.189: 5 times 36.110.228.254: 1 time 43.134.172.119: 2 times 43.134.178.72: 2 times 43.134.227.87: 2 times 43.153.202.243: 6 times 43.155.95.31: 2 times 43.156.66.5: 6 times 43.156.237.143: 7 times 43.159.33.188: 2 times 49.247.43.169: 5 times 51.38.187.93 (mail.worker-655.ovh): 6 times 61.2.243.254 (static.ftth.kta.61.2.243.254.bsnl.in): 5 times 62.122.184.125: 2 times 64.226.124.18: 9 times 77.92.151.231 (static-77-92-151-231.tres.net.tr): 8 times 89.236.239.25 (89.236.239.25.static.ip.tps.uz): 4 times 94.229.79.26 (94-229-79-26.as42831.net): 4 times 96.78.175.42 (96-78-175-42-static.hfc.comcastbusiness.net): 4 times 103.35.72.217: 4 times 103.187.146.200 (ip200.146.187.103.in-addr.arpa.unknwn.cloudhost.asia): 5 times 104.28.153.87: 3 times 104.28.217.49: 5 times 104.28.217.50: 4 times 104.186.204.146: 5 times 112.133.221.5: 4 times 112.213.120.23: 9 times 114.36.251.51 (114-36-251-51.dynamic-ip.hinet.net): 6 times 122.151.202.217 (122-151-202-217.sta.wbroadband.net.au): 1 time 123.22.212.243: 4 times 128.199.19.74: 7 times 128.199.68.220: 5 times 134.209.79.45: 5 times 139.59.231.14: 5 times 141.98.11.110 (srv-141-98-11-110.serveroffer.net): 9 times 141.98.11.158: 9 times 143.198.208.90: 7 times 146.190.25.194: 9 times 146.190.82.60: 6 times 152.200.181.42: 13 times 157.230.185.9: 8 times 159.223.80.39: 4 times 161.35.55.73: 6 times 165.227.90.242: 6 times 165.232.158.187: 3 times 167.71.136.141: 7 times 167.99.123.23: 5 times 167.172.142.20: 10 times 170.64.154.235: 3 times 170.106.196.12: 4 times 172.245.139.108 (172-245-139-108-host.colocrossing.com): 3 times 175.203.61.33: 10 times 176.113.115.210: 2 times 176.113.115.211: 5 times 178.128.161.69 (adi.net): 5 times 180.164.107.73: 1 time 182.16.179.214: 6 times 185.224.128.128: 2 times 185.224.128.141: 38 times 187.190.217.15 (fixed-187-190-217-15.totalplay.net): 5 times 190.202.95.114: 8 times 192.210.226.176 (192-210-226-176-host.colocrossing.com): 5 times 193.233.21.79: 2 times 195.87.80.171: 7 times 200.175.56.249 (skyplus.static.gvt.net.br): 1 time 201.137.21.45 (dsl-201-137-21-45-dyn.prod-infinitum.com.mx): 6 times 206.189.90.250: 8 times 207.154.208.68: 6 times 207.154.251.172: 2 times 210.245.111.33: 3 times 211.25.119.142: 3 times 211.194.83.173: 4 times 218.92.0.21: 42 times 218.92.0.26: 6 times 218.92.0.28: 18 times 218.92.0.33: 24 times 218.92.0.37: 42 times 218.92.0.40: 36 times 218.92.0.43: 24 times 218.92.0.45: 24 times 218.92.0.47: 24 times 218.92.0.51: 71 times 218.92.0.52: 66 times 218.92.0.53: 18 times 218.92.0.55: 48 times 218.92.0.59: 18 times Illegal users from: 2001:470:1:332::37: 1 time undef: 292 times 1.245.61.144: 7 times 5.165.211.34 (5x165x211x34.dynamic.tomsk.ertelecom.ru): 1 time 20.228.150.123: 6 times 23.95.90.184 (23-95-90-184-host.colocrossing.com): 7 times 23.147.229.189: 7 times 24.31.19.16 (host-24-31-19-16.vyvebroadband.net): 5 times 31.41.244.125: 5 times 43.134.172.119: 10 times 43.134.178.72: 9 times 43.134.227.87: 9 times 43.153.202.243: 6 times 43.155.95.31: 11 times 43.156.66.5: 6 times 43.156.237.143: 6 times 43.159.33.188: 9 times 45.95.146.115 (landingpageoffer.cc): 2 times 49.247.43.169: 8 times 51.38.187.93 (mail.worker-655.ovh): 5 times 59.14.41.42: 1 time 61.2.243.254 (static.ftth.kta.61.2.243.254.bsnl.in): 7 times 62.122.184.124: 4 times 62.122.184.125: 7 times 62.233.50.249: 6 times 64.62.197.127 (scan-40f.shadowserver.org): 1 time 64.226.124.18: 5 times 65.20.164.178: 1 time 77.92.151.231 (static-77-92-151-231.tres.net.tr): 5 times 77.235.112.243 (243.112.235.77.dyn.idknet.com): 1 time 80.66.76.51: 6 times 83.97.73.83: 45 times 84.54.50.72: 2 times 89.190.156.135 (hosted-by.alsycon.net): 2 times 89.236.239.25 (89.236.239.25.static.ip.tps.uz): 8 times 90.79.222.24 (lfbn-idf1-1-1291-24.w90-79.abo.wanadoo.fr): 1 time 94.229.79.26 (94-229-79-26.as42831.net): 8 times 96.78.175.42 (96-78-175-42-static.hfc.comcastbusiness.net): 5 times 103.35.72.217: 8 times 103.187.146.200 (ip200.146.187.103.in-addr.arpa.unknwn.cloudhost.asia): 7 times 104.28.153.87: 5 times 104.28.217.49: 6 times 104.28.217.50: 6 times 104.186.204.146: 7 times 107.204.192.210 (107-204-192-210.lightspeed.bcvloh.sbcglobal.net): 1 time 112.133.221.5: 8 times 112.213.120.23: 5 times 114.36.251.51 (114-36-251-51.dynamic-ip.hinet.net): 7 times 115.114.40.105 (115.114.40.105.static-chennai.vsnl.net.in): 1 time 117.81.213.102: 1 time 121.191.9.204: 5 times 123.22.212.243: 8 times 128.199.19.74: 6 times 128.199.68.220: 7 times 134.209.79.45: 6 times 139.59.231.14: 7 times 141.98.11.110 (srv-141-98-11-110.serveroffer.net): 13 times 141.98.11.158: 7 times 143.198.208.90: 6 times 146.190.25.194: 5 times 146.190.82.60: 7 times 152.200.181.42: 9 times 157.230.185.9: 6 times 159.20.120.13: 1 time 159.223.80.39: 7 times 161.35.55.73: 4 times 165.227.90.242: 6 times 165.232.158.187: 8 times 167.71.136.141: 6 times 167.99.123.23: 7 times 167.172.142.20: 4 times 170.64.154.235: 15 times 170.106.196.12: 7 times 172.245.139.108 (172-245-139-108-host.colocrossing.com): 7 times 175.203.61.33: 7 times 176.111.173.193: 10 times 176.113.115.210: 7 times 176.113.115.211: 9 times 178.79.139.171 (178-79-139-171.ip.linodeusercontent.com): 1 time 178.128.161.69 (adi.net): 7 times 182.16.179.214: 9 times 185.224.128.141: 3 times 187.190.217.15 (fixed-187-190-217-15.totalplay.net): 7 times 190.202.95.114: 6 times 192.210.226.176 (192-210-226-176-host.colocrossing.com): 7 times 193.183.242.97 (c193-183-242-97.customer.sandnet.se): 2 times 193.233.21.79: 8 times 194.55.224.58: 1 time 195.87.80.171: 5 times 206.189.90.250: 6 times 207.154.208.68: 7 times 207.154.251.172: 9 times 210.245.111.33: 8 times 211.25.119.142: 8 times 211.194.83.173: 5 times 212.50.51.137: 1 time 221.159.150.85: 3 times **Unmatched Entries** Protocol major versions differ for 178.79.139.171: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 vs. SSH-1.5-NmapNSE_1.0 : 1 time(s) fatal: Unable to negotiate a key exchange method [preauth] : 1 time(s) Disconnecting: Corrupted padlen 0 on input. [preauth] : 1 time(s) Protocol major versions differ for 178.79.139.171: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 vs. SSH-1.5-Nmap-SSH1-Hostkey : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop13985p1 394G 243G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

2 Jahre, 4 Monate

1
0
0 / 0

[MediaWiki-announce] MediaWiki 1.40.0-rc.0 is ready for testing

by Sam Reed

Apologies for the typo in the subject of the previous email. I'm pleased to announce the immediate availability of MediaWiki 1.40.0-rc.0, the first release candidate for 1.40.0. Download links are at the end of the e-mail. The tag has been signed and pushed to Git. This is not a final release, and should not be used for production websites. Known issues are tracked in Phabricator on the release workboard [1]. As with every release of MediaWiki, a large number of changes have landed in the last six months (over 1850 commits since 1.39.0 was cut), and you should read over the preliminary release notes as part of assuring yourself of areas that may have issues with your configuration, your skins, and/or your extensions. As always, please try out the release candidate in a test environment and do report any issues that you discover. Please use the #MW-1.40-Release [2] tag in Phabricator when reporting issues specific to this release, to make sure that we find them as quickly as possible. It is expected that MediaWiki 1.40 will become final in late June 2023, along with the end-of-life of 1.38. This date may slip if blockers are identified. Preliminary release notes: https://gerrit.wikimedia.org/g/mediawiki/core/+/REL1_40/RELEASE-NOTES-1.40 Open Bugs: [1] https://phabricator.wikimedia.org/tag/mw-1.40-release/ Bug report form: [2] https://phabricator.wikimedia.org/maniphest/task/edit/form/1/?tags=MW-1.4... ********************************************************************** Download: https://releases.wikimedia.org/mediawiki/1.40/mediawiki-1.40.0-rc.0.tar.gz https://releases.wikimedia.org/mediawiki/1.40/mediawiki-1.40.0-rc.0.zip Download without bundled extensions: https://releases.wikimedia.org/mediawiki/1.40/mediawiki-core-1.40.0-rc.0.... https://releases.wikimedia.org/mediawiki/1.40/mediawiki-core-1.40.0-rc.0.zip GPG signatures: https://releases.wikimedia.org/mediawiki/1.40/mediawiki-core-1.40.0-rc.0.... https://releases.wikimedia.org/mediawiki/1.40/mediawiki-core-1.40.0-rc.0.... https://releases.wikimedia.org/mediawiki/1.40/mediawiki-1.40.0-rc.0.tar.g... https://releases.wikimedia.org/mediawiki/1.40/mediawiki-1.40.0-rc.0.zip.sig Public keys: https://www.mediawiki.org/keys/keys.html _______________________________________________ MediaWiki-announce mailing list -- mediawiki-announce(a)lists.wikimedia.org To unsubscribe send an email to mediawiki-announce-leave(a)lists.wikimedia.org

2 Jahre, 4 Monate

1
0
0 / 0

Wartungsarbeiten am 14. Juni 2023

by Leonie Hannig

Sehr geehrte Nutzerinnen und Nutzer der infra.run-Services, wir werden kommenden Mittwoch, den 14.06.2023, ab 22 Uhr geplante Wartungsarbeiten an unserer Infrastruktur vornehmen. Die Arbeiten werden voraussichtlich 5 Stunden (bis 03:00 Uhr) dauern. In dieser Zeit sind kurze Ausfälle zu erwarten. Wir bitten etwaige Unannehmlichkeiten zu entschuldigen und stehen für Fragen gerne zur Verfügung. Mit freundlichen Grüßen, Leonie Hannig infra.run Service GmbH - Wilhelmine-Gemberg-Weg 14 10179 Berlin Handelsregister: Amtsgericht Charlottenburg HRB 225307 B Steuernummer: 30/358/51857 Ust-IdNr: DE340100821 Geschäftsführer*innen: Leonie Hannig, Sebastian Breuer, Andreas Steinhauser Unsubscribe [1] [1] https://erp.infra.run/unsubscribe_from_list

2 Jahre, 4 Monate

1
0
0 / 0

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Fri Jun 9 04:42:03 2023 Date Range Processed: yesterday ( 2023-Jun-08 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [350:349] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 194.169.175.180 -> 194.169.175.200:8080: 1 Time(s) A total of 24 sites probed the server 109.207.200.42 124.156.223.178 138.197.24.249 138.68.153.47 138.68.165.236 143.244.130.144 157.245.69.67 162.243.141.18 165.232.153.88 176.117.195.64 179.43.177.244 185.17.0.39 192.241.236.31 193.35.18.66 194.169.217.160 194.180.48.85 198.199.102.221 205.210.31.226 206.189.196.2 209.97.141.4 45.155.204.17 45.83.123.30 64.227.136.214 66.240.205.34 Requests with error response codes 400 Bad Request null: 32 Time(s) /: 8 Time(s) *: 3 Time(s) mstshash=Administr: 2 Time(s) /.env: 1 Time(s) /WCVl: 1 Time(s) /api/v1: 1 Time(s) /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 1 Time(s) /download/po: 1 Time(s) /favicon.ico: 1 Time(s) /goform/set_LimitClient_cfg: 1 Time(s) /private/api/v1/service/premaster: 1 Time(s) /socket.io/?noteId=nnqU1B7kT5unHU_WZ2clsw& ... J3w6n4PGduQAAAC: 1 Time(s) /socket.io/?noteId=nnqU1B7kT5unHU_WZ2clsw& ... dXMJFqZAKwhAAAB: 1 Time(s) /socket.io/?noteId=nnqU1B7kT5unHU_WZ2clsw& ... lszPZj8nTQjAAAA: 1 Time(s) 194.169.175.200:8080: 1 Time(s) \x19^\xD3\xBB@\x0E\x18b\xC1*\xA1\xBE^\x17\ ... x09\xC0\x14\xC0: 1 Time(s) \x97\xFC\x7F\x00\x00\x1A\xC0/\xC0+\xC0\x11 ... x09\xC0\x14\xC0: 1 Time(s) \xC0/\xC00\xC0+\xC0,\xCC\xA8\xCC\xA9\xC0\x ... x09\xC0\x14\xC0: 1 Time(s) \xCA\xC1\x943\xEA\x1C\xF0\x04\xF1UMm&j.\xB ... x09\xC0\x14\xC0: 1 Time(s) \xD7\xCD%\xA6\x85\xEA<m\xBF\x0E\xC1'*\xAC\ ... x09\xC0\x13\xC0: 1 Time(s) \xE00\xCC\xBAU]<\x15\x14\xBA\xC7W7c\x02\x9 ... 9\x87KE\xE1\x86: 1 Time(s) 499 (undefined) /socket.io/?noteId=nnqU1B7kT5unHU_WZ2clsw& ... J3w6n4PGduQAAAC: 1 Time(s) /socket.io/?noteId=nnqU1B7kT5unHU_WZ2clsw& ... dXMJFqZAKwhAAAB: 1 Time(s) /socket.io/?noteId=nnqU1B7kT5unHU_WZ2clsw& ... lszPZj8nTQjAAAA: 1 Time(s) 500 Internal Server Error /: 39 Time(s) /.env: 7 Time(s) /favicon.ico: 6 Time(s) /.git/config: 4 Time(s) /docker/.env: 4 Time(s) /.env.development: 2 Time(s) /.env.dist: 2 Time(s) /.env.old: 2 Time(s) /.env.prod: 2 Time(s) /.env.production: 2 Time(s) /.env.project: 2 Time(s) /.env.save: 2 Time(s) /admin-app/.env: 2 Time(s) /api/.env: 2 Time(s) /app/.env: 2 Time(s) /application/.env: 2 Time(s) /apps/.env: 2 Time(s) /back/.env: 2 Time(s) /cms/.env: 2 Time(s) /core/.env: 2 Time(s) /cp/.env: 2 Time(s) /development/.env: 2 Time(s) /enviroments/.env: 2 Time(s) /enviroments/.env.production: 2 Time(s) /fedex/.env: 2 Time(s) /laravel/.env: 2 Time(s) /live_env: 2 Time(s) /local/.env: 2 Time(s) /private/.env: 2 Time(s) /script/.env: 2 Time(s) /shared/.env: 2 Time(s) /sources/.env: 2 Time(s) /system/.env: 2 Time(s) /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s) /%24%7B%28%23a%3D%40org.apache.commons.io. ... C%23a%29%29%7D/: 1 Time(s) /%24%7B%40java.lang.Runtime%40getRuntime%2 ... t.fun%22%29%7D/: 1 Time(s) /.DS_Store: 1 Time(s) /.__info.php: 1 Time(s) /.info.php: 1 Time(s) /.json: 1 Time(s) /.vscode/sftp.json: 1 Time(s) /.well-known/security.txt: 1 Time(s) /0.0_phpinfo.php: 1 Time(s) /00_server_info.php: 1 Time(s) /02-info.php: 1 Time(s) /1_1_PhpInfo.php: 1 Time(s) /5info.php: 1 Time(s) /?phpinfo=-1: 1 Time(s) /?phpinfo=1: 1 Time(s) /Autodiscover/Autodiscover.xml: 1 Time(s) /AwsConfig.json: 1 Time(s) /FD873AC4-CF86-4FED-84EC-4BD59C6F17A7: 1 Time(s) /IyPK: 1 Time(s) /ReportServer: 1 Time(s) /__info.php: 1 Time(s) /_info-backoffice.php: 1 Time(s) /_info.php: 1 Time(s) /_phpinf.php: 1 Time(s) /_phpinfo.php: 1 Time(s) /_poopinfo.php: 1 Time(s) /_profiler/phpinfo: 1 Time(s) /aab8: 1 Time(s) /aab9: 1 Time(s) /ab2g: 1 Time(s) /ab2h: 1 Time(s) /actuator/gateway/routes: 1 Time(s) /actuator/health: 1 Time(s) /admin/config.php/config: 1 Time(s) /ajax: 1 Time(s) /api/index.php/v1/config/application?public=true: 1 Time(s) /api/v1: 1 Time(s) /api/v2/cmdb/system/admin/admin: 1 Time(s) /aws.json: 1 Time(s) /awsconfig.json: 1 Time(s) /cgi-bin/luci: 1 Time(s) /conf.json: 1 Time(s) /config.json: 1 Time(s) /dIGh: 1 Time(s) /db.json: 1 Time(s) /debug/default/view: 1 Time(s) /debug/default/view.html: 1 Time(s) /debug/default/view?panel=config: 1 Time(s) /debug/default/view?panel=config/frontend_dev.php: 1 Time(s) /ecp/Current/exporttool/microsoft.exchange ... ool.application: 1 Time(s) /env.json: 1 Time(s) /frontend/web/debug/default/view: 1 Time(s) /frontend_dev.php/$: 1 Time(s) /geoserver: 1 Time(s) /geoserver/web/: 1 Time(s) /html/phpinfo.php: 1 Time(s) /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s) /info.php: 1 Time(s) /jquery-3.3.1.slim.min.js: 1 Time(s) /jquery-3.3.2.slim.min.js: 1 Time(s) /login: 1 Time(s) /owa/auth/x.js: 1 Time(s) /phpinfo: 1 Time(s) /phpinfo.php: 1 Time(s) /rest/.env: 1 Time(s) /restore.php: 1 Time(s) /robots.txt: 1 Time(s) /sapi/debug/default/view: 1 Time(s) /sendgrid.json: 1 Time(s) /sitemap.xml: 1 Time(s) /smtp.json: 1 Time(s) /symfony/public/_profiler/phpinfo: 1 Time(s) /t4: 1 Time(s) /tool/view/phpinfo.view.php: 1 Time(s) /version: 1 Time(s) /web/debug/default/view: 1 Time(s) 502 Bad Gateway /7mVft8aUS7CAYCnKfmwhIw/pdf: 1 Time(s) /D1lk7Eb3Squ7uGiIXiErNg/pdf: 1 Time(s) /sose20_protokoll_awareness_spiel/pdf: 1 Time(s) /vtiGK5IARbm3GZ2zBzrhRg/pdf: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: unknown (193.233.21.79): 89 Time(s) root (218.92.0.28): 60 Time(s) root (218.92.0.33): 60 Time(s) root (218.92.0.40): 54 Time(s) root (218.92.0.45): 48 Time(s) root (218.92.0.59): 48 Time(s) root (218.92.0.37): 42 Time(s) root (218.92.0.51): 42 Time(s) root (218.92.0.47): 41 Time(s) root (218.92.0.43): 36 Time(s) root (218.92.0.52): 36 Time(s) root (218.92.0.53): 36 Time(s) root (218.92.0.55): 36 Time(s) root (218.92.0.26): 30 Time(s) root (218.92.0.21): 24 Time(s) unknown (134.209.19.82): 24 Time(s) root (193.233.21.79): 18 Time(s) root (185.224.128.141): 17 Time(s) root (45.95.147.219): 17 Time(s) unknown (146.190.65.27): 14 Time(s) root (45.7.119.3): 13 Time(s) unknown (43.153.110.228): 13 Time(s) unknown (156.59.255.204): 12 Time(s) unknown (221.168.36.143): 12 Time(s) unknown (59.80.22.80): 11 Time(s) unknown (62.122.184.124): 11 Time(s) root (103.165.130.61): 10 Time(s) unknown (43.134.35.127): 10 Time(s) unknown (62.122.184.125): 10 Time(s) unknown (p549f7971.dip0.t-ipconnect.de): 10 Time(s) root (101.36.107.47): 9 Time(s) root (129.213.123.156): 9 Time(s) root (146.190.65.27): 9 Time(s) root (159.223.69.158): 9 Time(s) root (190.103.240.49): 9 Time(s) root (197.248.187.251): 9 Time(s) root (213.14.172.103): 9 Time(s) root (43.153.110.228): 9 Time(s) unknown (103.87.236.90): 9 Time(s) unknown (121.142.87.218): 9 Time(s) unknown (129.213.123.156): 9 Time(s) unknown (181.65.10.152): 9 Time(s) unknown (217.10.40.45): 9 Time(s) unknown (43.131.250.169): 9 Time(s) unknown (83.97.73.83): 9 Time(s) unknown (88.135.42.51): 9 Time(s) unknown (r179-27-60-34.static.adinet.com.uy): 9 Time(s) root (104.236.111.25): 8 Time(s) root (188.166.180.156): 8 Time(s) root (189.16.195.50): 8 Time(s) root (27.124.24.173): 8 Time(s) root (43.156.94.149): 8 Time(s) root (59.80.22.80): 8 Time(s) root (64.227.105.4): 8 Time(s) unknown (103.181.142.170): 8 Time(s) unknown (128.116.134.9): 8 Time(s) unknown (134.17.17.131): 8 Time(s) unknown (142.93.196.106): 8 Time(s) unknown (165.22.62.203): 8 Time(s) unknown (172.245.139.108): 8 Time(s) unknown (197.248.187.251): 8 Time(s) unknown (20.192.1.154): 8 Time(s) unknown (211.210.152.106): 8 Time(s) unknown (43.153.88.11): 8 Time(s) unknown (43.159.47.7): 8 Time(s) unknown (43.225.54.207): 8 Time(s) unknown (62.74.208.58): 8 Time(s) unknown (64.226.74.194): 8 Time(s) unknown (8.222.230.242): 8 Time(s) unknown (84.201.158.231): 8 Time(s) unknown (90.204.93.34.bc.googleusercontent.com): 8 Time(s) root (102.128.78.42): 7 Time(s) root (103.87.236.90): 7 Time(s) root (104.248.131.9): 7 Time(s) root (14.63.221.137): 7 Time(s) root (174.138.5.151): 7 Time(s) root (213-168-251-40.ip.linodeusercontent.com): 7 Time(s) root (3.245.101.34.bc.googleusercontent.com): 7 Time(s) root (36.110.228.254): 7 Time(s) root (94.101.181.97): 7 Time(s) root (mail.yegara.org): 7 Time(s) unknown (101.36.107.47): 7 Time(s) unknown (103.13.207.165): 7 Time(s) unknown (103.36.100.74): 7 Time(s) unknown (128.199.154.5): 7 Time(s) unknown (165.22.248.216): 7 Time(s) unknown (190.103.240.4): 7 Time(s) unknown (202.158.139.123): 7 Time(s) unknown (23.95.170.226): 7 Time(s) unknown (40.118.30.26): 7 Time(s) unknown (43.128.188.206): 7 Time(s) unknown (43.153.76.36): 7 Time(s) unknown (43.154.154.86): 7 Time(s) unknown (43.156.133.239): 7 Time(s) unknown (45.95.146.115): 7 Time(s) unknown (5.255.107.104): 7 Time(s) unknown (50.46.238.160): 7 Time(s) unknown (81-89-110-244.blue.kundencontroller.de): 7 Time(s) unknown (85.192.40.211): 7 Time(s) unknown (mx.ot.ur.ru): 7 Time(s) root (103.13.207.165): 6 Time(s) root (160.77.148.132.host.secureserver.net): 6 Time(s) root (165.22.248.216): 6 Time(s) root (181.65.10.152): 6 Time(s) root (36.66.188.183): 6 Time(s) root (43.131.250.169): 6 Time(s) root (43.131.39.140): 6 Time(s) root (43.135.163.185): 6 Time(s) root (46.101.2.4): 6 Time(s) root (81-89-110-244.blue.kundencontroller.de): 6 Time(s) root (88.135.42.51): 6 Time(s) root (mx.ot.ur.ru): 6 Time(s) unknown (102.128.78.42): 6 Time(s) unknown (104.248.131.9): 6 Time(s) unknown (14.63.221.137): 6 Time(s) unknown (160.77.148.132.host.secureserver.net): 6 Time(s) unknown (3.245.101.34.bc.googleusercontent.com): 6 Time(s) unknown (36.66.188.183): 6 Time(s) unknown (43.131.39.140): 6 Time(s) unknown (43.156.94.149): 6 Time(s) unknown (46.101.2.4): 6 Time(s) unknown (94.101.181.97): 6 Time(s) unknown (v157-7-213-253.qq8c.static.cnode.io): 6 Time(s) root (118.37.164.107): 5 Time(s) root (128.199.154.5): 5 Time(s) root (172.245.139.108): 5 Time(s) root (183.105.164.70): 5 Time(s) root (190.103.240.4): 5 Time(s) root (23.95.170.226): 5 Time(s) root (40.118.30.26): 5 Time(s) root (43.128.188.206): 5 Time(s) root (43.153.76.36): 5 Time(s) root (43.154.154.86): 5 Time(s) root (43.156.133.239): 5 Time(s) root (5.255.107.104): 5 Time(s) root (62.122.184.125): 5 Time(s) root (85.192.40.211): 5 Time(s) root (p549f7971.dip0.t-ipconnect.de): 5 Time(s) unknown (137.184.96.200): 5 Time(s) unknown (141.145.186.35.bc.googleusercontent.com): 5 Time(s) unknown (159.223.69.158): 5 Time(s) unknown (174.138.5.151): 5 Time(s) unknown (188.166.180.156): 5 Time(s) unknown (189.16.195.50): 5 Time(s) unknown (190.103.240.49): 5 Time(s) unknown (213.14.172.103): 5 Time(s) unknown (27.124.24.173): 5 Time(s) unknown (31.41.244.125): 5 Time(s) unknown (64.227.105.4): 5 Time(s) root (103.181.142.170): 4 Time(s) root (103.36.100.74): 4 Time(s) root (121.142.87.218): 4 Time(s) root (137.184.96.200): 4 Time(s) root (156.59.255.204): 4 Time(s) root (165.22.62.203): 4 Time(s) root (183.211.83.254): 4 Time(s) root (202.158.139.123): 4 Time(s) root (211.210.152.106): 4 Time(s) root (217.10.40.45): 4 Time(s) root (43.153.88.11): 4 Time(s) root (43.159.47.7): 4 Time(s) root (43.225.54.207): 4 Time(s) root (64.226.74.194): 4 Time(s) root (8.222.230.242): 4 Time(s) root (84.201.158.231): 4 Time(s) unknown (103.165.130.61): 4 Time(s) unknown (104.236.111.25): 4 Time(s) unknown (141.98.11.158): 4 Time(s) unknown (183.211.83.254): 4 Time(s) unknown (213-168-251-40.ip.linodeusercontent.com): 4 Time(s) unknown (43.135.163.185): 4 Time(s) unknown (89.190.156.135): 4 Time(s) unknown (mail.yegara.org): 4 Time(s) root (142.93.196.106): 3 Time(s) root (221.168.36.143): 3 Time(s) root (50.46.238.160): 3 Time(s) root (62.122.184.124): 3 Time(s) root (62.74.208.58): 3 Time(s) root (90.204.93.34.bc.googleusercontent.com): 3 Time(s) root (r179-27-60-34.static.adinet.com.uy): 3 Time(s) root (v157-7-213-253.qq8c.static.cnode.io): 3 Time(s) unknown (125.141.72.204): 3 Time(s) unknown (152.32.190.242): 3 Time(s) unknown (176.111.173.193): 3 Time(s) unknown (45.7.119.3): 3 Time(s) unknown (45.95.147.219): 3 Time(s) unknown (62.233.50.249): 3 Time(s) root (124.221.213.152): 2 Time(s) root (128.116.134.9): 2 Time(s) root (134.17.17.131): 2 Time(s) root (141.98.11.158): 2 Time(s) root (20.192.1.154): 2 Time(s) sshd (193.233.21.79): 2 Time(s) unknown (a109-49-130-32.cpe.netcabo.pt): 2 Time(s) backup (62.233.50.249): 1 Time(s) mysql (14.63.221.137): 1 Time(s) mysql (202.158.139.123): 1 Time(s) postgres (121.142.87.218): 1 Time(s) postgres (129.213.123.156): 1 Time(s) postgres (137.184.96.200): 1 Time(s) postgres (141.145.186.35.bc.googleusercontent.com): 1 Time(s) postgres (189.16.195.50): 1 Time(s) postgres (43.153.110.228): 1 Time(s) postgres (64.227.105.4): 1 Time(s) root (141.145.186.35.bc.googleusercontent.com): 1 Time(s) root (141.98.11.110): 1 Time(s) root (152.32.190.242): 1 Time(s) root (218.151.48.16): 1 Time(s) root (43.134.35.127): 1 Time(s) sshd (62.122.184.124): 1 Time(s) unknown (047-036-071-054.res.spectrum.com): 1 Time(s) unknown (118.45.117.215): 1 Time(s) unknown (141.98.11.110): 1 Time(s) unknown (176.111.173.47): 1 Time(s) unknown (179.60.244.9): 1 Time(s) unknown (193.35.18.231): 1 Time(s) unknown (211.106.218.57): 1 Time(s) unknown (220.71.79.7): 1 Time(s) unknown (46.148.40.170): 1 Time(s) unknown (82-65-140-218.subs.proxad.net): 1 Time(s) uucp (193.233.21.79): 1 Time(s) www-data (193.233.21.79): 1 Time(s) Invalid Users: Unknown Account: 807 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 24.396K Bytes accepted 24,982 24.396K Bytes sent via SMTP 24,982 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 2 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 2 Total 4xx Rejects 100.00% ======== ================================================== 60 Connections 12 Connections lost (inbound) 60 Disconnections 1 Removed from queue 1 Sent via SMTP 2 SMTP dialog errors 1 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 99 Time(s) Failed logins from: 5.255.107.104: 5 times 8.222.230.242: 4 times 14.63.221.137: 8 times 20.192.1.154: 2 times 23.95.170.226 (outlookrate.com): 5 times 27.124.24.173: 8 times 34.93.204.90 (90.204.93.34.bc.googleusercontent.com): 3 times 34.101.245.3 (3.245.101.34.bc.googleusercontent.com): 7 times 35.186.145.141 (141.145.186.35.bc.googleusercontent.com): 2 times 36.66.188.183: 6 times 36.110.228.254: 7 times 40.118.30.26: 5 times 43.128.188.206: 5 times 43.131.39.140: 6 times 43.131.250.169: 6 times 43.134.35.127: 1 time 43.135.163.185: 6 times 43.153.76.36: 5 times 43.153.88.11: 4 times 43.153.110.228: 10 times 43.154.154.86: 5 times 43.156.94.149: 8 times 43.156.133.239: 5 times 43.159.47.7: 4 times 43.225.54.207 (server.modernmart.in): 4 times 45.7.119.3: 13 times 45.95.147.219: 17 times 46.101.2.4: 6 times 50.46.238.160 (static-50-46-238-160.evrt.wa.ptr.ziplyfiber.com): 3 times 59.80.22.80: 8 times 62.74.208.58 (dumy58.panafonet.gr): 3 times 62.122.184.124: 4 times 62.122.184.125: 5 times 62.233.50.249: 1 time 64.226.74.194: 4 times 64.227.105.4: 9 times 81.89.110.244 (81-89-110-244.blue.kundencontroller.de): 6 times 84.159.121.113 (p549f7971.dip0.t-ipconnect.de): 5 times 84.201.158.231: 4 times 85.192.40.211 (holistic-history.aeza.network): 5 times 88.135.42.51 (80-135-42-51.laser.ir): 6 times 94.101.181.97: 7 times 101.36.107.47: 9 times 102.128.78.42: 7 times 103.13.207.165 (ip165.207.13.103.in-addr.arpa.unknwn.cloudhost.asia): 6 times 103.36.100.74 (ns1.thesteps.org): 4 times 103.87.236.90: 7 times 103.165.130.61 (61.130.165.103.net.iforte.net.id): 10 times 103.181.142.170 (ip170.142.181.103.in-addr.arpa.unknwn.cloudhost.asia): 4 times 104.236.111.25: 8 times 104.248.131.9: 7 times 118.37.164.107: 5 times 121.142.87.218: 5 times 124.221.213.152: 2 times 128.116.134.9: 2 times 128.199.154.5: 5 times 129.213.123.156: 10 times 132.148.77.160 (160.77.148.132.host.secureserver.net): 6 times 134.17.17.131 (131-17-17-134-cloud.mts.by): 2 times 137.184.96.200: 5 times 141.98.11.110 (srv-141-98-11-110.serveroffer.net): 1 time 141.98.11.158: 2 times 142.93.196.106: 3 times 146.190.65.27: 9 times 152.32.190.242: 1 time 156.59.255.204: 4 times 157.7.213.253 (v157-7-213-253.qq8c.static.cnode.io): 3 times 159.223.69.158: 9 times 165.22.62.203: 4 times 165.22.248.216: 6 times 165.227.228.212 (mail.yegara.org): 7 times 172.245.139.108 (172-245-139-108-host.colocrossing.com): 5 times 174.138.5.151: 7 times 179.27.60.34 (r179-27-60-34.static.adinet.com.uy): 3 times 181.65.10.152: 6 times 183.105.164.70: 5 times 183.211.83.254: 4 times 185.224.128.141: 17 times 188.166.180.156: 8 times 189.16.195.50: 9 times 190.103.240.4: 5 times 190.103.240.49: 9 times 193.233.21.79: 22 times 195.58.6.45 (mx.ot.ur.ru): 6 times 197.248.187.251 (197-248-187-251.safaricombusiness.co.ke): 9 times 202.158.139.123: 5 times 211.210.152.106: 4 times 213.14.172.103 (host-213-14-172-103.reverse.superonline.net): 9 times 213.168.251.40 (213-168-251-40.ip.linodeusercontent.com): 7 times 217.10.40.45 (av8337.comex.ru): 4 times 218.92.0.21: 24 times 218.92.0.26: 30 times 218.92.0.28: 60 times 218.92.0.33: 60 times 218.92.0.37: 42 times 218.92.0.40: 54 times 218.92.0.43: 36 times 218.92.0.45: 48 times 218.92.0.47: 41 times 218.92.0.51: 42 times 218.92.0.52: 36 times 218.92.0.53: 36 times 218.92.0.55: 36 times 218.92.0.59: 48 times 218.151.48.16: 1 time 221.168.36.143: 3 times Illegal users from: 2001:470:1:c84::28: 1 time undef: 406 times 5.255.107.104: 7 times 8.222.230.242: 8 times 14.63.221.137: 6 times 20.192.1.154: 8 times 23.95.170.226 (outlookrate.com): 7 times 27.124.24.173: 5 times 31.41.244.125: 5 times 34.93.204.90 (90.204.93.34.bc.googleusercontent.com): 8 times 34.101.245.3 (3.245.101.34.bc.googleusercontent.com): 6 times 35.186.145.141 (141.145.186.35.bc.googleusercontent.com): 5 times 36.66.188.183: 6 times 40.118.30.26: 7 times 43.128.188.206: 7 times 43.131.39.140: 6 times 43.131.250.169: 9 times 43.134.35.127: 10 times 43.135.163.185: 4 times 43.153.76.36: 7 times 43.153.88.11: 8 times 43.153.110.228: 13 times 43.154.154.86: 7 times 43.156.94.149: 6 times 43.156.133.239: 7 times 43.159.47.7: 8 times 43.225.54.207 (server.modernmart.in): 8 times 45.7.119.3: 3 times 45.95.146.115 (landingpageoffer.cc): 7 times 45.95.147.219: 3 times 46.101.2.4: 6 times 46.148.40.170: 1 time 47.36.71.54 (047-036-071-054.res.spectrum.com): 1 time 50.46.238.160 (static-50-46-238-160.evrt.wa.ptr.ziplyfiber.com): 7 times 59.80.22.80: 11 times 62.74.208.58 (dumy58.panafonet.gr): 8 times 62.122.184.124: 11 times 62.122.184.125: 10 times 62.233.50.249: 3 times 64.62.197.134 (scan-40m.shadowserver.org): 1 time 64.226.74.194: 8 times 64.227.105.4: 5 times 81.89.110.244 (81-89-110-244.blue.kundencontroller.de): 7 times 82.65.140.218 (82-65-140-218.subs.proxad.net): 1 time 83.97.73.83: 45 times 84.159.121.113 (p549f7971.dip0.t-ipconnect.de): 10 times 84.201.158.231: 8 times 85.192.40.211 (holistic-history.aeza.network): 7 times 88.135.42.51 (80-135-42-51.laser.ir): 9 times 89.190.156.135 (hosted-by.alsycon.net): 4 times 94.101.181.97: 6 times 101.36.107.47: 7 times 102.128.78.42: 6 times 103.13.207.165 (ip165.207.13.103.in-addr.arpa.unknwn.cloudhost.asia): 7 times 103.36.100.74 (ns1.thesteps.org): 7 times 103.87.236.90: 9 times 103.165.130.61 (61.130.165.103.net.iforte.net.id): 4 times 103.181.142.170 (ip170.142.181.103.in-addr.arpa.unknwn.cloudhost.asia): 8 times 104.236.111.25: 4 times 104.248.131.9: 6 times 109.49.130.32 (a109-49-130-32.cpe.netcabo.pt): 2 times 118.45.117.215: 5 times 121.142.87.218: 9 times 125.141.72.204: 3 times 128.116.134.9: 8 times 128.199.154.5: 7 times 129.213.123.156: 9 times 132.148.77.160 (160.77.148.132.host.secureserver.net): 6 times 134.17.17.131 (131-17-17-134-cloud.mts.by): 8 times 134.209.19.82: 24 times 137.184.96.200: 5 times 141.98.11.110 (srv-141-98-11-110.serveroffer.net): 1 time 141.98.11.158: 4 times 142.93.196.106: 8 times 146.190.65.27: 14 times 152.32.190.242: 3 times 156.59.255.204: 12 times 157.7.213.253 (v157-7-213-253.qq8c.static.cnode.io): 6 times 159.223.69.158: 5 times 165.22.62.203: 8 times 165.22.248.216: 7 times 165.227.228.212 (mail.yegara.org): 4 times 172.245.139.108 (172-245-139-108-host.colocrossing.com): 8 times 174.138.5.151: 5 times 176.111.173.47: 5 times 176.111.173.193: 15 times 179.27.60.34 (r179-27-60-34.static.adinet.com.uy): 9 times 179.60.244.9 (179-60-244-9.wisp.net.ec): 1 time 181.65.10.152: 9 times 183.211.83.254: 4 times 188.166.180.156: 5 times 189.16.195.50: 5 times 190.103.240.4: 7 times 190.103.240.49: 5 times 193.35.18.231: 1 time 193.233.21.79: 89 times 195.58.6.45 (mx.ot.ur.ru): 7 times 197.248.187.251 (197-248-187-251.safaricombusiness.co.ke): 8 times 202.158.139.123: 7 times 211.106.218.57: 1 time 211.210.152.106: 8 times 213.14.172.103 (host-213-14-172-103.reverse.superonline.net): 5 times 213.168.251.40 (213-168-251-40.ip.linodeusercontent.com): 4 times 217.10.40.45 (av8337.comex.ru): 9 times 220.71.79.7: 5 times 221.168.36.143: 12 times **Unmatched Entries** Protocol major versions differ for 169.197.113.239: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 vs. SSH-1.5-Server : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop13985p1 394G 243G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

2 Jahre, 4 Monate

1
0
0 / 0

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Thu Jun 8 04:42:03 2023 Date Range Processed: yesterday ( 2023-Jun-07 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [279:280] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 12 sites probed the server 107.170.238.24 143.244.147.206 147.182.156.55 172.104.242.173 172.105.89.161 179.43.177.244 188.166.87.67 192.241.200.31 194.87.151.102 198.235.24.58 2.57.122.83 43.153.4.198 Requests with error response codes 400 Bad Request null: 13 Time(s) /: 4 Time(s) /aaa9: 3 Time(s) /aab8: 3 Time(s) mstshash=Domain: 3 Time(s) /.env: 2 Time(s) /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 2 Time(s) mstshash=Administr: 2 Time(s) *: 1 Time(s) /manager/text/list: 1 Time(s) /w00tw00t.at.ISC.SANS.DFind:): 1 Time(s) HTTP/1.0: 1 Time(s) Ri\x85\xDB: 1 Time(s) X\xD4>\x12\x98\xC4<\xE0\x13\xCF\x00\xAC\xA ... 5Cs\x9C\xBD\xCB: 1 Time(s) \xC0/\xC00\xC0+\xC0,\xCC\xA8\xCC\xA9\xC0\x ... x09\xC0\x14\xC0: 1 Time(s) \xC1\xB4\x9D+\x83\x00\x00\x1A\xC0/\xC0+\xC ... x09\xC0\x14\xC0: 1 Time(s) http://httpbin.org/ip: 1 Time(s) 404 Not Found /wp-content/plugins/mstore-api/assets/js/mstore-inspireui.js: 1 Time(s) 500 Internal Server Error /: 29 Time(s) /.env: 5 Time(s) /favicon.ico: 5 Time(s) /docker/.env: 4 Time(s) /.env.development: 2 Time(s) /.env.dist: 2 Time(s) /.env.old: 2 Time(s) /.env.prod: 2 Time(s) /.env.production: 2 Time(s) /.env.project: 2 Time(s) /.env.save: 2 Time(s) /.git/config: 2 Time(s) /admin-app/.env: 2 Time(s) /api/.env: 2 Time(s) /app/.env: 2 Time(s) /application/.env: 2 Time(s) /apps/.env: 2 Time(s) /back/.env: 2 Time(s) /cms/.env: 2 Time(s) /core/.env: 2 Time(s) /cp/.env: 2 Time(s) /development/.env: 2 Time(s) /enviroments/.env: 2 Time(s) /enviroments/.env.production: 2 Time(s) /fedex/.env: 2 Time(s) /laravel/.env: 2 Time(s) /live_env: 2 Time(s) /local/.env: 2 Time(s) /private/.env: 2 Time(s) /rest/.env: 2 Time(s) /script/.env: 2 Time(s) /shared/.env: 2 Time(s) /sources/.env: 2 Time(s) /system/.env: 2 Time(s) /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s) /.DS_Store: 1 Time(s) /.__info.php: 1 Time(s) /.info.php: 1 Time(s) /.json: 1 Time(s) /.vscode/sftp.json: 1 Time(s) /0.0_phpinfo.php: 1 Time(s) /00_server_info.php: 1 Time(s) /02-info.php: 1 Time(s) /1_1_PhpInfo.php: 1 Time(s) /5info.php: 1 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /?phpinfo=-1: 1 Time(s) /?phpinfo=1: 1 Time(s) /Autodiscover/Autodiscover.xml: 1 Time(s) /AwsConfig.json: 1 Time(s) /__info.php: 1 Time(s) /_ignition/execute-solution: 1 Time(s) /_info-backoffice.php: 1 Time(s) /_info.php: 1 Time(s) /_phpinf.php: 1 Time(s) /_phpinfo.php: 1 Time(s) /_poopinfo.php: 1 Time(s) /_profiler/phpinfo: 1 Time(s) /admin/: 1 Time(s) /api/index.php/v1/config/application?public=true: 1 Time(s) /autodiscover/autodiscover.json?@zdi/Powershell: 1 Time(s) /autodiscover/autodiscover.json?a..foo.var ... ol=%50owershell: 1 Time(s) /aws.json: 1 Time(s) /awsconfig.json: 1 Time(s) /cgi-bin/config.exp: 1 Time(s) /conf.json: 1 Time(s) /config.json: 1 Time(s) /console/: 1 Time(s) /db.json: 1 Time(s) /debug/default/view: 1 Time(s) /debug/default/view.html: 1 Time(s) /debug/default/view?panel=config: 1 Time(s) /debug/default/view?panel=config/frontend_dev.php: 1 Time(s) /dns-query: 1 Time(s) /dns-query?dns=SikBAAABAAAAAAAABmdvb2dsZQNjb20AAAEAAQ: 1 Time(s) /env.json: 1 Time(s) /frontend/web/debug/default/view: 1 Time(s) /frontend_dev.php/$: 1 Time(s) /geoserver/web/: 1 Time(s) /html/phpinfo.php: 1 Time(s) /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s) /info.php: 1 Time(s) /mifs/.;/services/LogService: 1 Time(s) /owa/: 1 Time(s) /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s) /phpinfo: 1 Time(s) /phpinfo.php: 1 Time(s) /remote/login: 1 Time(s) /remote/login?lang=en: 1 Time(s) /robots.txt: 1 Time(s) /sapi/debug/default/view: 1 Time(s) /sendgrid.json: 1 Time(s) /smtp.json: 1 Time(s) /solr/: 1 Time(s) /sugar_version.json: 1 Time(s) /symfony/public/_profiler/phpinfo: 1 Time(s) /tool/view/phpinfo.view.php: 1 Time(s) /web/debug/default/view: 1 Time(s) 502 Bad Gateway /W4CAUIGNS8CQR7NTZk3g3A/pdf: 2 Time(s) /T_BKxBP1RJe2MgBIWZnSMA/pdf: 1 Time(s) /sose20_protokoll_awareness_spiel/pdf: 1 Time(s) /v7DnD4hVQTudc73ZRJpAVA/pdf: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: unknown (193.233.21.79): 83 Time(s) root (218.92.0.33): 60 Time(s) root (218.92.0.51): 48 Time(s) root (218.92.0.45): 42 Time(s) root (218.92.0.59): 42 Time(s) root (218.92.0.40): 41 Time(s) root (218.92.0.21): 36 Time(s) root (218.92.0.28): 36 Time(s) root (218.92.0.52): 35 Time(s) root (218.92.0.53): 35 Time(s) root (218.92.0.26): 30 Time(s) root (218.92.0.47): 30 Time(s) root (218.92.0.55): 30 Time(s) root (218.92.0.43): 23 Time(s) root (193.233.21.79): 19 Time(s) root (218.92.0.37): 18 Time(s) unknown (43.156.131.197): 12 Time(s) root (139.59.78.95): 10 Time(s) root (bijii.co): 10 Time(s) unknown (177.27.238.11): 10 Time(s) unknown (202.137.10.190): 10 Time(s) unknown (83.97.73.83): 10 Time(s) root (184-15-21-166.dr01.chtn.wv.frontiernet.net): 9 Time(s) root (198.12.85.154): 9 Time(s) root (76.12.109.208.host.secureserver.net): 9 Time(s) root (node-kd8.pool-1-2.dynamic.totinternet.net): 9 Time(s) unknown (159.203.11.247): 9 Time(s) unknown (159.89.92.122): 9 Time(s) unknown (162.13.162.185): 9 Time(s) unknown (36.66.212.226): 9 Time(s) unknown (69.49.235.162): 9 Time(s) root (143.198.99.190): 8 Time(s) root (161.35.21.48): 8 Time(s) root (177.27.238.11): 8 Time(s) root (185.224.128.141): 8 Time(s) root (43.153.38.187): 8 Time(s) unknown (104.248.31.56): 8 Time(s) unknown (143.198.99.190): 8 Time(s) unknown (146.190.227.169): 8 Time(s) unknown (179.41.2.183): 8 Time(s) unknown (180.69.254.177): 8 Time(s) unknown (202.4.42.154): 8 Time(s) unknown (43.155.145.232): 8 Time(s) unknown (43.156.18.253): 8 Time(s) unknown (43.156.70.63): 8 Time(s) unknown (43.159.45.214): 8 Time(s) unknown (8.222.249.19): 8 Time(s) unknown (vps-0301ba2b.vps.ovh.net): 8 Time(s) root (107.173.159.131): 7 Time(s) root (181.188.195.18): 7 Time(s) root (188.166.209.108): 7 Time(s) root (43.128.102.163): 7 Time(s) root (43.156.106.29): 7 Time(s) root (45.162.37.27): 7 Time(s) root (62.122.184.125): 7 Time(s) root (84.53.228.192): 7 Time(s) unknown (129.226.217.148): 7 Time(s) unknown (175.194.108.201): 7 Time(s) unknown (178.46.163.191): 7 Time(s) unknown (181.204.172.178): 7 Time(s) unknown (184-15-21-166.dr01.chtn.wv.frontiernet.net): 7 Time(s) unknown (185.74.5.186): 7 Time(s) unknown (217-133-27-74.static.clienti.tiscali.it): 7 Time(s) unknown (31.41.244.125): 7 Time(s) unknown (43.134.174.180): 7 Time(s) unknown (43.154.102.160): 7 Time(s) unknown (43.157.8.248): 7 Time(s) unknown (59-127-158-223.hinet-ip.hinet.net): 7 Time(s) unknown (62.122.184.124): 7 Time(s) unknown (62.233.50.249): 7 Time(s) unknown (64.227.35.29): 7 Time(s) unknown (68.183.232.27): 7 Time(s) unknown (89.190.156.135): 7 Time(s) root (107.173.86.225): 6 Time(s) root (121.169.251.23): 6 Time(s) root (157.230.236.83): 6 Time(s) root (179.41.2.183): 6 Time(s) root (180.69.254.177): 6 Time(s) root (211-75-183-12.hinet-ip.hinet.net): 6 Time(s) root (211.25.119.142): 6 Time(s) root (43.154.102.160): 6 Time(s) root (43.155.95.31): 6 Time(s) root (68.183.232.27): 6 Time(s) root (8.222.224.48): 6 Time(s) root (81.0.57.187): 6 Time(s) root (host-24-142-8-183.public.eastlink.ca): 6 Time(s) root (icbs26.static.otenet.gr): 6 Time(s) unknown (107.173.159.131): 6 Time(s) unknown (121.169.251.23): 6 Time(s) unknown (139.59.78.95): 6 Time(s) unknown (159.203.72.14): 6 Time(s) unknown (161.35.21.48): 6 Time(s) unknown (181.188.195.18): 6 Time(s) unknown (188.166.209.108): 6 Time(s) unknown (211-75-183-12.hinet-ip.hinet.net): 6 Time(s) unknown (211.25.119.142): 6 Time(s) unknown (43.128.102.163): 6 Time(s) unknown (43.134.170.106): 6 Time(s) unknown (43.153.104.18): 6 Time(s) unknown (43.156.106.29): 6 Time(s) unknown (62.122.184.125): 6 Time(s) unknown (76.12.109.208.host.secureserver.net): 6 Time(s) unknown (8.222.224.48): 6 Time(s) unknown (81.0.57.187): 6 Time(s) unknown (84.53.228.192): 6 Time(s) unknown (icbs26.static.otenet.gr): 6 Time(s) root (104.248.31.56): 5 Time(s) root (129.226.217.148): 5 Time(s) root (137.184.145.62): 5 Time(s) root (151.199.160.108.in-addr.arpa): 5 Time(s) root (157.230.113.181): 5 Time(s) root (165.227.68.95): 5 Time(s) root (175.194.108.201): 5 Time(s) root (178.46.163.191): 5 Time(s) root (180.168.95.234): 5 Time(s) root (181.204.172.178): 5 Time(s) root (185.74.5.186): 5 Time(s) root (217-133-27-74.static.clienti.tiscali.it): 5 Time(s) root (43.153.42.233): 5 Time(s) root (43.156.131.197): 5 Time(s) root (43.157.8.248): 5 Time(s) root (59-127-158-223.hinet-ip.hinet.net): 5 Time(s) root (64.227.35.29): 5 Time(s) unknown (137.184.145.62): 5 Time(s) unknown (157.230.113.181): 5 Time(s) unknown (164.92.115.109): 5 Time(s) unknown (165.227.68.95): 5 Time(s) unknown (198.12.85.154): 5 Time(s) unknown (43.153.38.187): 5 Time(s) unknown (43.153.42.233): 5 Time(s) unknown (43.155.95.31): 5 Time(s) unknown (43.156.109.253): 5 Time(s) unknown (45.162.37.27): 5 Time(s) unknown (45.95.146.115): 5 Time(s) unknown (bijii.co): 5 Time(s) root (159.203.72.14): 4 Time(s) root (164.152.245.19): 4 Time(s) root (202.137.10.190): 4 Time(s) root (202.4.42.154): 4 Time(s) root (43.134.174.180): 4 Time(s) root (43.153.104.18): 4 Time(s) root (43.155.145.232): 4 Time(s) root (43.156.18.253): 4 Time(s) root (vps-0301ba2b.vps.ovh.net): 4 Time(s) unknown (107.173.86.225): 4 Time(s) unknown (164.152.245.19): 4 Time(s) unknown (180.168.95.234): 4 Time(s) unknown (80.66.76.51): 4 Time(s) root (164.92.115.109): 3 Time(s) root (43.134.170.106): 3 Time(s) root (43.156.70.63): 3 Time(s) root (fixed-186-96-145-241.totalplay.net): 3 Time(s) unknown (105.96.11.65): 3 Time(s) unknown (157.230.236.83): 3 Time(s) unknown (91.218.20.237): 3 Time(s) unknown (node-kd8.pool-1-2.dynamic.totinternet.net): 3 Time(s) postgres (211.25.119.142): 2 Time(s) root (159.203.11.247): 2 Time(s) root (159.89.92.122): 2 Time(s) root (43.156.109.253): 2 Time(s) root (43.159.45.214): 2 Time(s) root (62.122.184.124): 2 Time(s) root (69.49.235.162): 2 Time(s) root (8.222.249.19): 2 Time(s) sshd (62.122.184.124): 2 Time(s) unknown (143.110.230.201): 2 Time(s) unknown (176.111.173.193): 2 Time(s) unknown (lfbn-idf2-1-1324-228.w92-169.abo.wanadoo.fr): 2 Time(s) backup (137.184.145.62): 1 Time(s) backup (193.233.21.79): 1 Time(s) backup (43.156.131.197): 1 Time(s) bin (193.233.21.79): 1 Time(s) mysql (193.233.21.79): 1 Time(s) nobody (193.233.21.79): 1 Time(s) phd (137.184.145.62): 1 Time(s) phd (43.156.131.197): 1 Time(s) postgres (107.173.86.225): 1 Time(s) postgres (164.92.115.109): 1 Time(s) postgres (193.233.21.79): 1 Time(s) postgres (202.4.42.154): 1 Time(s) postgres (43.134.170.106): 1 Time(s) postgres (43.155.95.31): 1 Time(s) root (105.96.11.65): 1 Time(s) root (146.190.227.169): 1 Time(s) root (162.13.162.185): 1 Time(s) root (36.66.212.226): 1 Time(s) root (ahc66.internetdsl.tpnet.pl): 1 Time(s) sshd (193.233.21.79): 1 Time(s) sshd (62.122.184.125): 1 Time(s) unknown (059148067170.ctinets.com): 1 Time(s) unknown (110.39.183.18): 1 Time(s) unknown (112.173.125.118): 1 Time(s) unknown (176.111.173.47): 1 Time(s) unknown (185.224.128.141): 1 Time(s) unknown (201.137.41.173): 1 Time(s) unknown (202.79.19.60): 1 Time(s) unknown (203.245.29.159): 1 Time(s) unknown (218.145.166.147): 1 Time(s) unknown (zv083071.ppp.dion.ne.jp): 1 Time(s) Invalid Users: Unknown Account: 655 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 16.220K Bytes accepted 16,609 16.220K Bytes sent via SMTP 16,609 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 1 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 1 Total 4xx Rejects 100.00% ======== ================================================== 51 Connections 15 Connections lost (inbound) 51 Disconnections 1 Removed from queue 1 Sent via SMTP 1 SMTP dialog errors 2 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 87 Time(s) Failed logins from: 1.2.231.28 (node-kd8.pool-1-2.dynamic.totinternet.net): 9 times 8.222.224.48: 6 times 8.222.249.19: 2 times 24.142.8.183 (host-24-142-8-183.public.eastlink.ca): 6 times 36.66.212.226: 1 time 43.128.102.163: 7 times 43.134.170.106: 4 times 43.134.174.180: 4 times 43.153.38.187: 8 times 43.153.42.233: 5 times 43.153.104.18: 4 times 43.154.102.160: 6 times 43.155.95.31: 7 times 43.155.145.232: 4 times 43.156.18.253: 4 times 43.156.70.63: 3 times 43.156.106.29: 7 times 43.156.109.253: 2 times 43.156.131.197: 7 times 43.157.8.248: 5 times 43.159.45.214: 2 times 45.162.37.27 (45-162-37-27.dynamic.fibernetms.com.br): 7 times 51.89.164.205 (vps-0301ba2b.vps.ovh.net): 4 times 59.127.158.223 (59-127-158-223.hinet-ip.hinet.net): 5 times 62.122.184.124: 4 times 62.122.184.125: 8 times 64.227.35.29: 5 times 68.183.232.27: 6 times 69.49.235.162 (69-49-235-162.webhostbox.net): 2 times 81.0.57.187 (static.187.57.0.81.ibercom.com): 6 times 83.16.184.66 (ahc66.internetdsl.tpnet.pl): 1 time 84.53.228.192 (static.elcom.ru): 7 times 94.70.166.88 (icbs26.static.otenet.gr): 6 times 104.248.31.56 (live.petoasis.net-test1): 5 times 105.96.11.65: 1 time 107.173.86.225 (107-173-86-225-host.colocrossing.com): 7 times 107.173.159.131 (ns1.driften.sweclockers.com): 7 times 108.160.199.151 (151.199.160.108.in-addr.arpa): 6 times 121.169.251.23: 6 times 129.226.217.148: 5 times 137.184.145.62: 7 times 139.59.78.95: 10 times 143.198.99.190: 8 times 146.190.227.169 (wholesale.petoasisksa): 1 time 157.230.113.181: 5 times 157.230.236.83: 6 times 159.89.92.122: 2 times 159.203.11.247: 2 times 159.203.72.14: 4 times 161.35.21.48: 8 times 162.13.162.185: 1 time 164.92.115.109: 4 times 164.152.245.19: 4 times 165.227.68.95 (erp.ihcksa-1638619754136-s-1vcpu-2gb-nyc3-01): 5 times 175.194.108.201: 5 times 177.27.238.11 (ip-177-27-238-11.user.vivozap.com.br): 8 times 178.46.163.191: 5 times 179.41.2.183 (179-41-2-183.speedy.com.ar): 6 times 180.69.254.177 (mail.uniforce.or.kr): 6 times 180.168.95.234: 5 times 181.188.195.18 (mail1.colornet-itv.com): 7 times 181.204.172.178 (Static-BA-181-204-172-178.tigoune.com.co): 5 times 184.15.21.166 (184-15-21-166.dr01.chtn.wv.frontiernet.net): 9 times 185.74.5.186: 5 times 185.224.128.141: 8 times 186.96.145.241 (fixed-186-96-145-241.totalplay.net): 3 times 188.166.209.108: 7 times 188.166.232.219 (bijii.co): 10 times 193.233.21.79: 25 times 198.12.85.154 (198-12-85-154-host.colocrossing.com): 9 times 202.4.42.154: 5 times 202.137.10.190 (ln-static-202-137-10-190.link.net.id): 4 times 208.109.12.76 (76.12.109.208.host.secureserver.net): 9 times 211.25.119.142: 8 times 211.75.183.12 (211-75-183-12.hinet-ip.hinet.net): 6 times 217.133.27.74 (217-133-27-74.static.clienti.tiscali.it): 5 times 218.92.0.21: 36 times 218.92.0.26: 30 times 218.92.0.28: 36 times 218.92.0.33: 60 times 218.92.0.37: 18 times 218.92.0.40: 41 times 218.92.0.43: 23 times 218.92.0.45: 42 times 218.92.0.47: 30 times 218.92.0.51: 48 times 218.92.0.52: 35 times 218.92.0.53: 35 times 218.92.0.55: 30 times 218.92.0.59: 42 times Illegal users from: 2001:470:1:c84::23: 1 time undef: 356 times 1.2.231.28 (node-kd8.pool-1-2.dynamic.totinternet.net): 3 times 8.222.224.48: 6 times 8.222.249.19: 8 times 31.41.244.125: 7 times 36.66.212.226: 9 times 43.128.102.163: 6 times 43.134.170.106: 6 times 43.134.174.180: 7 times 43.153.38.187: 5 times 43.153.42.233: 5 times 43.153.104.18: 6 times 43.154.102.160: 7 times 43.155.95.31: 5 times 43.155.145.232: 8 times 43.156.18.253: 8 times 43.156.70.63: 8 times 43.156.106.29: 6 times 43.156.109.253: 5 times 43.156.131.197: 12 times 43.157.8.248: 7 times 43.159.45.214: 8 times 45.95.146.115 (landingpageoffer.cc): 5 times 45.162.37.27 (45-162-37-27.dynamic.fibernetms.com.br): 5 times 51.89.164.205 (vps-0301ba2b.vps.ovh.net): 8 times 59.127.158.223 (59-127-158-223.hinet-ip.hinet.net): 7 times 59.135.83.71 (ZV083071.ppp.dion.ne.jp): 1 time 59.148.67.170 (059148067170.ctinets.com): 1 time 62.122.184.124: 7 times 62.122.184.125: 7 times 62.233.50.249: 7 times 64.62.197.125 (scan-40d.shadowserver.org): 1 time 64.227.35.29: 7 times 65.20.145.172: 1 time 68.183.232.27: 7 times 69.49.235.162 (69-49-235-162.webhostbox.net): 9 times 80.66.76.51: 4 times 81.0.57.187 (static.187.57.0.81.ibercom.com): 6 times 83.97.73.83: 50 times 84.53.228.192 (static.elcom.ru): 6 times 89.190.156.135 (hosted-by.alsycon.net): 7 times 91.218.20.237 (feiying): 3 times 92.169.137.228 (lfbn-idf2-1-1324-228.w92-169.abo.wanadoo.fr): 2 times 94.70.166.88 (icbs26.static.otenet.gr): 6 times 104.248.31.56 (live.petoasis.net-test1): 8 times 105.96.11.65: 3 times 107.173.86.225 (107-173-86-225-host.colocrossing.com): 4 times 107.173.159.131 (ns1.driften.sweclockers.com): 6 times 110.39.183.18 (WGPON-39183-18.wateen.net): 1 time 112.173.125.118: 1 time 121.169.251.23: 6 times 129.226.217.148: 7 times 137.184.145.62: 5 times 139.59.78.95: 6 times 143.110.230.201: 2 times 143.198.99.190: 8 times 146.190.227.169 (wholesale.petoasisksa): 8 times 157.230.113.181: 5 times 157.230.236.83: 3 times 159.89.92.122: 9 times 159.203.11.247: 9 times 159.203.72.14: 6 times 161.35.21.48: 6 times 162.13.162.185: 9 times 164.92.115.109: 5 times 164.152.245.19: 4 times 165.227.68.95 (erp.ihcksa-1638619754136-s-1vcpu-2gb-nyc3-01): 5 times 175.194.108.201: 7 times 176.111.173.47: 5 times 176.111.173.193: 10 times 177.27.238.11 (ip-177-27-238-11.user.vivozap.com.br): 10 times 178.46.163.191: 7 times 179.41.2.183 (179-41-2-183.speedy.com.ar): 8 times 180.69.254.177 (mail.uniforce.or.kr): 8 times 180.168.95.234: 4 times 181.188.195.18 (mail1.colornet-itv.com): 6 times 181.204.172.178 (Static-BA-181-204-172-178.tigoune.com.co): 7 times 184.15.21.166 (184-15-21-166.dr01.chtn.wv.frontiernet.net): 7 times 185.74.5.186: 7 times 185.224.128.141: 1 time 188.166.209.108: 6 times 188.166.232.219 (bijii.co): 5 times 193.233.21.79: 83 times 194.55.224.58: 1 time 198.12.85.154 (198-12-85-154-host.colocrossing.com): 5 times 201.137.41.173 (dsl-201-137-41-173-dyn.prod-infinitum.com.mx): 1 time 202.4.42.154: 8 times 202.79.19.60: 1 time 202.137.10.190 (ln-static-202-137-10-190.link.net.id): 10 times 203.245.29.159: 1 time 208.109.12.76 (76.12.109.208.host.secureserver.net): 6 times 211.25.119.142: 6 times 211.75.183.12 (211-75-183-12.hinet-ip.hinet.net): 6 times 217.133.27.74 (217-133-27-74.static.clienti.tiscali.it): 7 times 218.145.166.147: 2 times **Unmatched Entries** error: Received disconnect from 91.218.20.237: 3: com.jcraft.jsch.JSchException: Auth fail [preauth] : 3 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop13985p1 394G 243G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

2 Jahre, 4 Monate

1
0
0 / 0

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Wed Jun 7 04:42:03 2023 Date Range Processed: yesterday ( 2023-Jun-06 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [215:215] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 14 sites probed the server 161.35.230.183 161.35.230.3 167.99.47.47 179.43.177.244 185.17.0.39 185.224.128.15 188.166.71.161 45.79.181.94 45.93.201.57 5.8.10.202 64.227.99.233 79.110.49.5 87.251.67.226 96.62.164.250 Requests with error response codes 400 Bad Request null: 16 Time(s) /: 7 Time(s) mstshash=Administr: 7 Time(s) /aaa9: 5 Time(s) /aab8: 5 Time(s) *: 4 Time(s) /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh: 2 Time(s) /sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/: 2 Time(s) /home.asp: 1 Time(s) /private/api/v1/service/premaster: 1 Time(s) 7: 1 Time(s) N\x09\x5C\x9AK}\xC3tE\xBF\xE4\xF8=U\xF6\xD ... x09\xC0\x13\xC0: 1 Time(s) \x10\xC6\xA2\x9C\xFD`CrC\x9F\xCD_9\x97\x82 ... D\xC0$\xC0(\xC0: 1 Time(s) \x13b\x81\xC9\x7F\xAB\xF7w\x92\x02\xC3\xD4 ... x09\xC0\x13\xC0: 1 Time(s) \xF5\xEB2%V\xD1: 1 Time(s) 403 Forbidden /FrcS3CFURGOhH8IZnOVeEw: 1 Time(s) 500 Internal Server Error /: 25 Time(s) /favicon.ico: 3 Time(s) /.git/config: 2 Time(s) ///remote/fgt_lang?lang=/../../../..//////////dev/: 2 Time(s) /_ignition/execute-solution: 2 Time(s) /.env: 1 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /Autodiscover/Autodiscover.xml: 1 Time(s) /ab2g: 1 Time(s) /ab2h: 1 Time(s) /actuator/gateway/routes: 1 Time(s) /actuator/health: 1 Time(s) /console/: 1 Time(s) /download/po: 1 Time(s) /ecp/Current/exporttool/microsoft.exchange ... ool.application: 1 Time(s) /geoserver: 1 Time(s) /geoserver/web/: 1 Time(s) /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s) /mifs/.;/services/LogService: 1 Time(s) /owa/auth/logon.aspx: 1 Time(s) /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s) /owa/auth/x.js: 1 Time(s) /remote/fgt_lang?lang=/../../../..//////// ... lvpn_websession: 1 Time(s) /robots.txt: 1 Time(s) /t4: 1 Time(s) /wsman: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: unknown (45.95.147.218): 88 Time(s) root (218.92.0.40): 84 Time(s) root (218.92.0.43): 60 Time(s) root (218.92.0.45): 54 Time(s) root (218.92.0.52): 54 Time(s) root (218.92.0.37): 42 Time(s) root (218.92.0.53): 42 Time(s) root (218.92.0.51): 37 Time(s) root (218.92.0.28): 36 Time(s) root (218.92.0.33): 36 Time(s) root (218.92.0.47): 36 Time(s) root (45.95.147.218): 36 Time(s) root (218.92.0.26): 30 Time(s) root (218.92.0.59): 30 Time(s) unknown (193.233.21.79): 25 Time(s) root (218.92.0.21): 24 Time(s) root (218.92.0.55): 23 Time(s) root (185.224.128.141): 22 Time(s) root (148.101.67.78): 19 Time(s) root (43.153.229.39): 18 Time(s) root (the1281806.lnk.telstra.net): 17 Time(s) root (159.223.101.183): 15 Time(s) unknown (185.224.128.144): 15 Time(s) root (207.154.226.163): 14 Time(s) root (218.147.131.59): 14 Time(s) root (43.153.219.75): 14 Time(s) root (164.90.163.215): 13 Time(s) root (165.22.248.122): 13 Time(s) root (dynamic-046-114-094-228.46.114.pool.telefonica.de): 13 Time(s) root (193.233.21.79): 12 Time(s) root (43.154.143.144): 12 Time(s) root (64.225.22.216): 12 Time(s) root (202.158.139.123): 11 Time(s) unknown (67.207.94.128): 11 Time(s) unknown (83.97.73.83): 11 Time(s) root (159.223.57.252): 10 Time(s) root (159.89.236.71): 10 Time(s) root (98.82.142.34.bc.googleusercontent.com): 10 Time(s) unknown (159.89.236.71): 10 Time(s) root (187.53.232.74): 9 Time(s) root (43.154.159.239): 9 Time(s) unknown (159.65.127.239): 8 Time(s) unknown (205.185.123.242): 8 Time(s) unknown (49.36.43.143): 8 Time(s) unknown (80.68.7.179): 8 Time(s) unknown (ip247.ip-87-98-145.eu): 8 Time(s) unknown (static-190-181-27-5.acelerate.net): 8 Time(s) root (203.135.20.36): 7 Time(s) root (67.207.94.128): 7 Time(s) unknown (128.199.52.45): 7 Time(s) unknown (157.230.185.9): 7 Time(s) unknown (201.103.138.133): 7 Time(s) unknown (203.135.20.36): 7 Time(s) unknown (43.153.168.139): 7 Time(s) unknown (43.153.193.51): 7 Time(s) unknown (43.153.66.145): 7 Time(s) root (103.171.157.58): 6 Time(s) root (152.97.49.60.jb03-home.tm.net.my): 6 Time(s) root (157.230.185.9): 6 Time(s) root (43.133.102.2): 6 Time(s) root (43.153.168.139): 6 Time(s) root (80.68.7.179): 6 Time(s) unknown (45.95.147.220): 6 Time(s) root (112.163.156.210): 5 Time(s) root (118.45.117.215): 5 Time(s) root (128.199.52.45): 5 Time(s) root (167.71.18.151): 5 Time(s) root (185.224.128.144): 5 Time(s) root (201.103.138.133): 5 Time(s) root (223.22.233.132): 5 Time(s) root (43.153.193.51): 5 Time(s) root (93.69.72.170): 5 Time(s) root (d66-183-157-210.bchsia.telus.net): 5 Time(s) root (static-108-6-214-115.nycmny.fios.verizon.net): 5 Time(s) root (static-190-181-27-5.acelerate.net): 5 Time(s) unknown (103.72.6.149): 5 Time(s) unknown (167.71.18.151): 5 Time(s) unknown (185.224.128.141): 5 Time(s) unknown (187.53.232.74): 5 Time(s) unknown (43.154.159.239): 5 Time(s) root (43.153.66.145): 4 Time(s) root (fixed-186-96-145-241.totalplay.net): 4 Time(s) unknown (121.137.203.25): 4 Time(s) unknown (148.101.67.78): 4 Time(s) unknown (164.90.163.215): 4 Time(s) unknown (202.158.139.123): 4 Time(s) unknown (45.95.146.115): 4 Time(s) root (103.72.6.149): 3 Time(s) root (152.32.207.133): 3 Time(s) root (159.65.127.239): 3 Time(s) root (ip247.ip-87-98-145.eu): 3 Time(s) unknown (159.223.57.252): 3 Time(s) unknown (165.22.248.122): 3 Time(s) unknown (223.22.233.132): 3 Time(s) unknown (31.41.244.125): 3 Time(s) unknown (62.233.50.249): 3 Time(s) unknown (80.66.76.51): 3 Time(s) unknown (89.190.156.135): 3 Time(s) mysql (45.95.147.218): 2 Time(s) root (205.185.123.242): 2 Time(s) root (49.36.43.143): 2 Time(s) unknown (118.44.18.129): 2 Time(s) unknown (118.47.181.231): 2 Time(s) unknown (152.32.207.133): 2 Time(s) unknown (176.111.173.193): 2 Time(s) unknown (176.111.173.47): 2 Time(s) unknown (220.80.14.246): 2 Time(s) unknown (98.82.142.34.bc.googleusercontent.com): 2 Time(s) postgres (61.74.52.146): 1 Time(s) root (59.4.194.202): 1 Time(s) root (80.66.76.51): 1 Time(s) temp (201.103.138.133): 1 Time(s) unknown (121.188.160.55): 1 Time(s) unknown (122.180.84.226): 1 Time(s) unknown (125.140.246.14): 1 Time(s) unknown (149.74.85.156): 1 Time(s) unknown (157.230.236.83): 1 Time(s) unknown (167.99.134.76): 1 Time(s) unknown (186-240-132-230.user.veloxzone.com.br): 1 Time(s) unknown (221.145.184.61): 1 Time(s) unknown (49.249.8.242): 1 Time(s) unknown (60.221.58.93): 1 Time(s) unknown (62.122.184.125): 1 Time(s) unknown (c-73-243-43-96.hsd1.co.comcast.net): 1 Time(s) unknown (dynamic-046-114-094-228.46.114.pool.telefonica.de): 1 Time(s) uucp (148.101.67.78): 1 Time(s) uucp (159.223.57.252): 1 Time(s) Invalid Users: Unknown Account: 428 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 1 Miscellaneous warnings 23.732K Bytes accepted 24,302 23.732K Bytes sent via SMTP 24,302 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 1 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 1 Total 4xx Rejects 100.00% ======== ================================================== 719 Connections 681 Connections lost (inbound) 719 Disconnections 1 Removed from queue 1 Sent via SMTP 1 Illegal address syntax in SMTP command 1 SMTP dialog errors 1 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 106 Time(s) Failed logins from: 34.142.82.98 (98.82.142.34.bc.googleusercontent.com): 10 times 43.133.102.2: 6 times 43.153.66.145: 4 times 43.153.168.139: 6 times 43.153.193.51: 5 times 43.153.219.75: 14 times 43.153.229.39: 18 times 43.154.143.144: 12 times 43.154.159.239: 9 times 45.95.147.218: 38 times 46.114.94.228 (dynamic-046-114-094-228.46.114.pool.telefonica.de): 13 times 49.36.43.143: 2 times 59.4.194.202: 1 time 60.49.97.152 (152.97.49.60.jb03-home.tm.net.my): 6 times 61.74.52.146: 1 time 64.225.22.216: 12 times 66.183.157.210 (d66-183-157-210.bchsia.telus.net): 6 times 67.207.94.128 (stylemeupsalon.com): 7 times 80.66.76.51: 1 time 80.68.7.179 (host7-179.adsl.infotecstt.ru): 6 times 87.98.145.247 (ip247.ip-87-98-145.eu): 3 times 93.69.72.170: 6 times 103.72.6.149: 3 times 103.171.157.58: 6 times 108.6.214.115 (static-108-6-214-115.nycmny.fios.verizon.net): 6 times 112.163.156.210: 6 times 118.45.117.215: 6 times 128.199.52.45: 5 times 139.130.88.199 (the1281806.lnk.telstra.net): 17 times 148.101.67.78 (78.67.101.148.d.dyn.claro.net.do): 20 times 152.32.207.133: 3 times 157.230.185.9: 6 times 159.65.127.239: 3 times 159.89.236.71: 10 times 159.223.57.252: 11 times 159.223.101.183: 15 times 164.90.163.215: 13 times 165.22.248.122: 13 times 167.71.18.151: 5 times 185.224.128.141: 22 times 185.224.128.144: 5 times 186.96.145.241 (fixed-186-96-145-241.totalplay.net): 4 times 187.53.232.74 (187-53-232-74.sance302.ipd.brasiltelecom.net.br): 9 times 190.181.27.5 (static-190-181-27-5.acelerate.net): 5 times 193.233.21.79: 12 times 201.103.138.133 (dsl-201-103-138-133-dyn.prod-infinitum.com.mx): 6 times 202.158.139.123: 11 times 203.135.20.36: 7 times 205.185.123.242 (lab.texacrox.com): 2 times 207.154.226.163: 14 times 218.92.0.21: 24 times 218.92.0.26: 30 times 218.92.0.28: 36 times 218.92.0.33: 36 times 218.92.0.37: 42 times 218.92.0.40: 84 times 218.92.0.43: 60 times 218.92.0.45: 54 times 218.92.0.47: 36 times 218.92.0.51: 38 times 218.92.0.52: 54 times 218.92.0.53: 42 times 218.92.0.55: 23 times 218.92.0.59: 30 times 218.147.131.59: 14 times 223.22.233.132 (223-22-233-132.mobile.dynamic.aptg.com.tw): 5 times Illegal users from: 2001:470:1:332::8: 1 time undef: 171 times 31.41.244.125: 3 times 34.142.82.98 (98.82.142.34.bc.googleusercontent.com): 2 times 43.153.66.145: 7 times 43.153.168.139: 7 times 43.153.193.51: 7 times 43.154.159.239: 5 times 45.95.146.115 (landingpageoffer.cc): 4 times 45.95.147.218: 89 times 45.95.147.220 (afcyt.aasedana.com): 6 times 46.114.94.228 (dynamic-046-114-094-228.46.114.pool.telefonica.de): 1 time 49.36.43.143: 8 times 49.249.8.242 (static-242.8.249.49-tataidc.co.in): 1 time 60.221.58.93 (93.58.221.60.adsl-pool.sx.cn): 1 time 62.122.184.125: 1 time 62.233.50.249: 3 times 67.207.94.128 (stylemeupsalon.com): 11 times 73.243.43.96 (c-73-243-43-96.hsd1.co.comcast.net): 1 time 80.66.76.51: 3 times 80.68.7.179 (host7-179.adsl.infotecstt.ru): 8 times 83.97.73.83: 55 times 87.98.145.247 (ip247.ip-87-98-145.eu): 8 times 89.190.156.135 (hosted-by.alsycon.net): 3 times 103.72.6.149: 5 times 118.44.18.129: 10 times 118.47.181.231: 3 times 121.137.203.25: 5 times 121.188.160.55: 3 times 122.180.84.226 (abts-north-static-226.84.180.122.airtelbroadband.in): 1 time 125.140.246.14: 1 time 128.199.52.45: 7 times 148.101.67.78 (78.67.101.148.d.dyn.claro.net.do): 4 times 149.74.85.156 (156.pool149-74-85.dynamic.orange.es): 5 times 152.32.207.133: 2 times 157.230.185.9: 7 times 157.230.236.83: 1 time 159.65.127.239: 8 times 159.89.236.71: 10 times 159.223.57.252: 3 times 164.90.163.215: 4 times 165.22.248.122: 3 times 167.71.18.151: 5 times 167.99.134.76: 1 time 176.111.173.47: 10 times 176.111.173.193: 10 times 185.224.128.141: 5 times 185.224.128.144: 15 times 186.240.132.230 (186-240-132-230.user.veloxzone.com.br): 1 time 187.53.232.74 (187-53-232-74.sance302.ipd.brasiltelecom.net.br): 5 times 190.181.27.5 (static-190-181-27-5.acelerate.net): 8 times 193.233.21.79: 25 times 194.55.224.58: 1 time 201.103.138.133 (dsl-201-103-138-133-dyn.prod-infinitum.com.mx): 7 times 202.158.139.123: 4 times 203.135.20.36: 7 times 205.185.123.242 (lab.texacrox.com): 8 times 220.80.14.246: 2 times 221.145.184.61: 2 times 223.22.233.132 (223-22-233-132.mobile.dynamic.aptg.com.tw): 3 times **Unmatched Entries** Disconnecting: Corrupted padlen 0 on input. [preauth] : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop13985p1 394G 243G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

2 Jahre, 4 Monate

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

TOPF Juni 2023