März 2024 - TOPF - ZaPF-Lists

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Fri Mar 22 04:42:03 2024 Date Range Processed: yesterday ( 2024-Mar-21 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [119:120] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 87.121.69.52 -> google.com:443: 4 Time(s) 90.151.171.106 -> check.best-proxies.ru:443: 1 Time(s) A total of 7 sites probed the server 106.75.152.66 161.35.238.241 170.64.145.108 192.241.233.38 198.235.24.100 78.153.140.179 90.151.171.106 Requests with error response codes 400 Bad Request null: 12 Time(s) *: 6 Time(s) /: 5 Time(s) google.com:443: 4 Time(s) mstshash=Administr: 3 Time(s) [\x22miner1\x22,: 2 Time(s) /cgi-bin/luci/;stok=/locale?form=country: 1 Time(s) /remote/hostcheck_validate: 1 Time(s) /sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/: 1 Time(s) /w00tw00t.at.ISC.SANS.DFind:): 1 Time(s) M\xAB\xFC\xB81L\x00\x00\x1A\xC0/\xC0+\xC0\ ... x09\xC0\x14\xC0: 1 Time(s) NT: 1 Time(s) \x00\x00\x00\x00\x00: 1 Time(s) \x86v\x8A\x09E\xE3\xBC2]\x9B,\xDC\x11\x8A8 ... x09\xC0\x13\xC0: 1 Time(s) \xFB\xDB\xFB7\xFEy\x12\xD7\xABG\x83\xFA\xE ... x09\xC0\x13\xC0: 1 Time(s) _\x83\xFEO\x01\x1F|\xB3=w\x08,\x05\x119\xF ... D\xC0$\xC0(\xC0: 1 Time(s) check.best-proxies.ru:443: 1 Time(s) 499 (undefined) /cgi-bin/luci/;stok=/locale?form=country&o ... 20.%2Ftenda.sh): 1 Time(s) 500 Internal Server Error /: 28 Time(s) /.git/config: 4 Time(s) /.env: 3 Time(s) /cgi-bin/luci/;stok=/locale?form=country&o ... 20.%2Ftenda.sh): 3 Time(s) /dqgqoeCXckuwPtxov: 2 Time(s) /+CSCOE+/logon.html: 1 Time(s) /actuator/gateway/routes: 1 Time(s) /dana-na/auth/url_default/welcome.cgi: 1 Time(s) /favicon.ico: 1 Time(s) /geoserver/web/: 1 Time(s) /global-protect/login.esp: 1 Time(s) /vpn/index.html: 1 Time(s) /webui/: 1 Time(s) 502 Bad Gateway /-rCRU_K7RWOzSTXDghlneA/pdf: 1 Time(s) /features/pdf: 1 Time(s) /slide-example/pdf: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (47.236.179.153): 168 Time(s) unknown (174.138.58.211): 153 Time(s) root (218.92.0.59): 52 Time(s) root (218.92.0.47): 48 Time(s) root (218.92.0.40): 42 Time(s) root (218.92.0.51): 42 Time(s) root (218.92.0.53): 42 Time(s) root (183.81.169.238): 40 Time(s) root (218.92.0.45): 36 Time(s) root (218.92.0.33): 30 Time(s) root (218.92.0.55): 30 Time(s) root (host-87-3-79-220.retail.telecomitalia.it): 30 Time(s) unknown (167.71.103.243): 30 Time(s) root (218.92.0.52): 28 Time(s) root (179.43.180.106): 26 Time(s) root (218.92.0.43): 24 Time(s) root (171.217.93.19): 22 Time(s) root (218.92.0.28): 18 Time(s) root (174.138.58.211): 12 Time(s) root (47.236.175.136): 12 Time(s) unknown (202.165.16.209): 10 Time(s) unknown (85.209.11.27): 9 Time(s) unknown (194.169.175.35): 8 Time(s) root (103.186.38.98): 6 Time(s) root (103.36.84.194): 6 Time(s) root (216.126.68.10): 6 Time(s) unknown (194.169.175.36): 6 Time(s) unknown (220.74.78.244): 6 Time(s) unknown (85.209.11.254): 6 Time(s) root (101.35.209.15): 4 Time(s) root (14.46.116.243): 4 Time(s) root (167.71.103.243): 4 Time(s) mysql (174.138.58.211): 3 Time(s) postgres (174.138.58.211): 3 Time(s) root (194.169.175.36): 3 Time(s) root (85.209.11.254): 3 Time(s) unknown (41.207.248.204): 3 Time(s) root (185.11.61.88): 2 Time(s) root (194.169.175.35): 2 Time(s) root (41.207.248.204): 2 Time(s) root (85.209.11.27): 2 Time(s) unknown (119.36.234.10): 2 Time(s) unknown (119.62.212.184): 2 Time(s) unknown (222.128.28.202): 2 Time(s) unknown (37.114.208.13): 2 Time(s) unknown (61-218-134-63.hinet-ip.hinet.net): 2 Time(s) unknown (89-179-242-70.static.corbina.ru): 2 Time(s) nobody (103.91.75.118): 1 Time(s) nobody (109.233.17.91): 1 Time(s) nobody (119246027205.ctinets.com): 1 Time(s) nobody (123.212.0.131): 1 Time(s) nobody (165.16.124.20): 1 Time(s) nobody (188.132.183.92): 1 Time(s) nobody (2.187.118.61): 1 Time(s) nobody (200.108.131.6): 1 Time(s) nobody (202.165.16.209): 1 Time(s) nobody (36.137.22.65): 1 Time(s) nobody (42.112.21.207): 1 Time(s) nobody (45.225.225.195): 1 Time(s) nobody (65.20.175.32): 1 Time(s) nobody (65.20.252.149): 1 Time(s) nobody (91-158-75-221.elisa-laajakaista.fi): 1 Time(s) nobody (agencijaiiz1-155.bih.net.ba): 1 Time(s) nobody (wsip-184-185-103-69.oc.oc.cox.net): 1 Time(s) postgres (167.71.103.243): 1 Time(s) postgres (85.209.11.27): 1 Time(s) root (104-163-198-218.qc.cable.ebox.net): 1 Time(s) root (114.113.152.217): 1 Time(s) root (121.202.200.31): 1 Time(s) root (124.106.213.54): 1 Time(s) root (124.65.142.62): 1 Time(s) root (219-89-206-236.adsl.xtra.co.nz): 1 Time(s) root (223.197.153.143): 1 Time(s) root (65.20.162.185): 1 Time(s) root (65.20.249.17): 1 Time(s) root (n112119252076.netvigator.com): 1 Time(s) unknown (058176110189.ctinets.com): 1 Time(s) unknown (061239150206.ctinets.com): 1 Time(s) unknown (098-010-121-246.res.spectrum.com): 1 Time(s) unknown (101.35.209.15): 1 Time(s) unknown (103.157.115.26): 1 Time(s) unknown (103.172.10.181): 1 Time(s) unknown (103.88.54.6): 1 Time(s) unknown (104-12-19-114.lightspeed.chrlnc.sbcglobal.net): 1 Time(s) unknown (104-163-198-218.qc.cable.ebox.net): 1 Time(s) unknown (105.73.203.1): 1 Time(s) unknown (105.96.13.29): 1 Time(s) unknown (107-135-66-252.lightspeed.sndgca.sbcglobal.net): 1 Time(s) unknown (110.39.182.66): 1 Time(s) unknown (111-70-13-54.emome-ip.hinet.net): 1 Time(s) unknown (113.25.250.80): 1 Time(s) unknown (113.25.250.81): 1 Time(s) unknown (114.108.126.228): 1 Time(s) unknown (114.242.38.20): 1 Time(s) unknown (115.135.194.113): 1 Time(s) unknown (116.109.218.66): 1 Time(s) unknown (117.241.171.215): 1 Time(s) unknown (117.32.249.174): 1 Time(s) unknown (118.41.204.72): 1 Time(s) unknown (122.154.156.234): 1 Time(s) unknown (122.4.70.142): 1 Time(s) unknown (123.138.199.66): 1 Time(s) unknown (124.195.200.102): 1 Time(s) unknown (124.89.116.178): 1 Time(s) unknown (139.198.16.118): 1 Time(s) unknown (139.5.17.55): 1 Time(s) unknown (14.143.32.2): 1 Time(s) unknown (14.227.140.194): 1 Time(s) unknown (152.230.106.235): 1 Time(s) unknown (157.245.106.108): 1 Time(s) unknown (161.132.96.130): 1 Time(s) unknown (162.186.17.147): 1 Time(s) unknown (167-179-148-169.a7b394.syd.nbn.aussiebb.net): 1 Time(s) unknown (167.172.239.86): 1 Time(s) unknown (178-118-89-82.access.telenet.be): 1 Time(s) unknown (180.164.147.174): 1 Time(s) unknown (181.79.32.60): 1 Time(s) unknown (182.253.45.90): 1 Time(s) unknown (182.73.6.19): 1 Time(s) unknown (183.232.32.178): 1 Time(s) unknown (183.88.213.176): 1 Time(s) unknown (183179100127.ctinets.com): 1 Time(s) unknown (185.196.8.151): 1 Time(s) unknown (185.42.61.165): 1 Time(s) unknown (185.81.95.179): 1 Time(s) unknown (186.235.193.57): 1 Time(s) unknown (188-169-66-154.dsl.utg.ge): 1 Time(s) unknown (190-207-94-21.dyn.dsl.cantv.net): 1 Time(s) unknown (19010730116.ip71.static.mediacommerce.com.co): 1 Time(s) unknown (19010730118.ip71.static.mediacommerce.com.co): 1 Time(s) unknown (192.12.113.10): 1 Time(s) unknown (194.29.62.5): 1 Time(s) unknown (194.44.200.98): 1 Time(s) unknown (196.25.113.218): 1 Time(s) unknown (196.25.253.242): 1 Time(s) unknown (198.11.78.181.ufinet.com.co): 1 Time(s) unknown (20.74.152.76): 1 Time(s) unknown (200.229.209.202): 1 Time(s) unknown (200.26.233.245): 1 Time(s) unknown (202.53.94.195): 1 Time(s) unknown (202.65.144.173): 1 Time(s) unknown (203-69-238-26.hinet-ip.hinet.net): 1 Time(s) unknown (203.252.10.4): 1 Time(s) unknown (206.252.194.38): 1 Time(s) unknown (209.122.130.103): 1 Time(s) unknown (210.177.249.193): 1 Time(s) unknown (212.152.216.141): 1 Time(s) unknown (217-210-180-222-no2663.tbcn.telia.com): 1 Time(s) unknown (217-210-89-93-no2663.tbcn.telia.com): 1 Time(s) unknown (217.147.171.48): 1 Time(s) unknown (217.66.25.10): 1 Time(s) unknown (218.77.60.249): 1 Time(s) unknown (220.180.171.185): 1 Time(s) unknown (221.151.7.108): 1 Time(s) unknown (222.121.250.116): 1 Time(s) unknown (223.171.91.130): 1 Time(s) unknown (227.142.48.116.static.netvigator.com): 1 Time(s) unknown (31.28.253.144): 1 Time(s) unknown (36.93.126.12): 1 Time(s) unknown (37.1.215.95): 1 Time(s) unknown (37.255.202.68): 1 Time(s) unknown (38.255.254.35): 1 Time(s) unknown (41.66.219.52): 1 Time(s) unknown (45.115.173.11): 1 Time(s) unknown (47.185.32.189): 1 Time(s) unknown (49.248.17.75): 1 Time(s) unknown (5.30.208.143): 1 Time(s) unknown (52.152.104.58): 1 Time(s) unknown (52.176.51.76): 1 Time(s) unknown (52.252.29.1): 1 Time(s) unknown (59-120-179-121.hinet-ip.hinet.net): 1 Time(s) unknown (60.171.10.42): 1 Time(s) unknown (61.43.92.195): 1 Time(s) unknown (62.122.184.252): 1 Time(s) unknown (62.24.108.57): 1 Time(s) unknown (65.20.135.187): 1 Time(s) unknown (65.20.137.198): 1 Time(s) unknown (65.20.144.244): 1 Time(s) unknown (65.20.145.185): 1 Time(s) unknown (65.20.159.161): 1 Time(s) unknown (65.20.159.224): 1 Time(s) unknown (65.20.162.159): 1 Time(s) unknown (65.20.164.194): 1 Time(s) unknown (65.20.166.132): 1 Time(s) unknown (65.20.169.99): 1 Time(s) unknown (65.20.170.129): 1 Time(s) unknown (65.20.170.218): 1 Time(s) unknown (65.20.173.104): 1 Time(s) unknown (65.20.175.32): 1 Time(s) unknown (65.20.192.86): 1 Time(s) unknown (65.20.194.204): 1 Time(s) unknown (65.20.223.117): 1 Time(s) unknown (65.20.252.139): 1 Time(s) unknown (79.117.236.9): 1 Time(s) unknown (80-186-144-129.elisa-mobile.fi): 1 Time(s) unknown (80.210.26.105): 1 Time(s) unknown (81.68.184.143): 1 Time(s) unknown (85.122.56.15): 1 Time(s) unknown (90.161.217.228): 1 Time(s) unknown (91.238.69.91): 1 Time(s) unknown (91.90.98.102): 1 Time(s) unknown (91.92.214.149): 1 Time(s) unknown (93-62-72-229.ip21.fastwebnet.it): 1 Time(s) unknown (93.118.101.36): 1 Time(s) unknown (93.123.41.211): 1 Time(s) unknown (94.139.201.162): 1 Time(s) unknown (94.206.193.5): 1 Time(s) unknown (94.207.24.223): 1 Time(s) unknown (95.38.15.2): 1 Time(s) unknown (a4.99.a880.ip4.static.sl-reverse.com): 1 Time(s) unknown (apn-87-251-233-179.static.gprs.plus.pl): 1 Time(s) unknown (bba-86-98-59-27.alshamil.net.ae): 1 Time(s) unknown (c-69-244-39-33.hsd1.az.comcast.net): 1 Time(s) unknown (c-73-138-72-68.hsd1.fl.comcast.net): 1 Time(s) unknown (c-73-171-144-54.hsd1.fl.comcast.net): 1 Time(s) unknown (c-73-195-112-141.hsd1.nj.comcast.net): 1 Time(s) unknown (c188-149-108-232.bredband.tele2.se): 1 Time(s) unknown (c188-151-21-67.bredband.tele2.se): 1 Time(s) unknown (c188-151-27-45.bredband.tele2.se): 1 Time(s) unknown (c188-151-33-181.bredband.tele2.se): 1 Time(s) unknown (c27-169.i13-07.melita.com): 1 Time(s) unknown (c80-217-108-111.bredband.tele2.se): 1 Time(s) unknown (c83-191-162-15.bredband.tele2.se): 1 Time(s) unknown (c90-141-11-105.bredband.tele2.se): 1 Time(s) unknown (ec2-52-83-41-163.cn-northwest-1.compute.amazonaws.com.cn): 1 Time(s) unknown (fixed-187-251-246-215.totalplay.net): 1 Time(s) unknown (host-90-233-74-70.mobileonline.telia.com): 1 Time(s) unknown (ip5f5947e8.dynamic.kabel-deutschland.de): 1 Time(s) unknown (ip68-2-152-102.ph.ph.cox.net): 1 Time(s) unknown (lfbn-idf2-1-1001-109.w86-238.abo.wanadoo.fr): 1 Time(s) unknown (mx-ll-183.88.213-176.dynamic.3bb.co.th): 1 Time(s) unknown (node-23m.pool-125-27.dynamic.totinternet.net): 1 Time(s) unknown (ool-18baff48.dyn.optonline.net): 1 Time(s) unknown (ool-4354004d.dyn.optonline.net): 1 Time(s) unknown (p620238-ipxg00a01otsu.shiga.ocn.ne.jp): 1 Time(s) unknown (p667146-ipngn2401imazuka.yamagata.ocn.ne.jp): 1 Time(s) unknown (pool-74-108-38-30.nycmny.fios.verizon.net): 1 Time(s) unknown (static-188-137-34-72.leon.com.pl): 1 Time(s) Invalid Users: Unknown Account: 406 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 31.437K Bytes accepted 32,191 31.437K Bytes sent via SMTP 32,191 ======== ================================================== 3 Accepted 100.00% -------- -------------------------------------------------- 3 Total 100.00% ======== ================================================== 3 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 3 Total 4xx Rejects 100.00% ======== ================================================== 12 Connections 5 Connections lost (inbound) 12 Disconnections 3 Removed from queue 3 Sent via SMTP 1 Timeouts (inbound) 2 SMTP dialog errors 1 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: invalid : 1 Time(s) root : 67 Time(s) Failed logins from: 2.187.118.61: 1 time 14.46.116.243: 5 times 36.137.22.65: 1 time 41.207.248.204: 2 times 42.112.21.207: 1 time 45.225.225.195: 1 time 47.236.175.136: 12 times 47.236.179.153: 168 times 65.20.162.185: 1 time 65.20.175.32: 1 time 65.20.249.17: 1 time 65.20.252.149: 1 time 80.65.90.155 (agencijaiiz1-155.bih.net.ba): 1 time 85.209.11.27: 3 times 85.209.11.254: 3 times 87.3.79.220 (host-87-3-79-220.retail.telecomitalia.it): 30 times 91.158.75.221 (91-158-75-221.elisa-laajakaista.fi): 1 time 101.35.209.15: 4 times 103.36.84.194: 6 times 103.91.75.118 (axntech-dynamic-118.75.91.103.axntechnologies.in): 1 time 103.186.38.98: 6 times 104.163.198.218 (104-163-198-218.qc.cable.ebox.net): 1 time 109.233.17.91: 1 time 112.119.252.76 (n112119252076.netvigator.com): 1 time 114.113.152.217: 1 time 119.246.27.205 (119246027205.ctinets.com): 1 time 121.202.200.31 (m121-202-200-31.smartone.com): 1 time 123.212.0.131: 1 time 124.65.142.62: 1 time 124.106.213.54: 1 time 165.16.124.20: 1 time 167.71.103.243: 5 times 171.217.93.19: 22 times 174.138.58.211: 18 times 179.43.180.106 (hostedby.privatelayer.com): 26 times 183.81.169.238: 40 times 184.185.103.69 (wsip-184-185-103-69.oc.oc.cox.net): 1 time 185.11.61.88: 2 times 188.132.183.92: 1 time 194.169.175.35: 2 times 194.169.175.36: 3 times 200.108.131.6: 1 time 202.165.16.209: 1 time 216.126.68.10: 6 times 218.92.0.28: 18 times 218.92.0.33: 30 times 218.92.0.40: 42 times 218.92.0.43: 24 times 218.92.0.45: 36 times 218.92.0.47: 48 times 218.92.0.51: 42 times 218.92.0.52: 28 times 218.92.0.53: 42 times 218.92.0.55: 30 times 218.92.0.59: 52 times 219.89.206.236 (219-89-206-236.adsl.xtra.co.nz): 1 time 223.197.153.143 (223-197-153-143.static.imsbiz.com): 1 time Illegal users from: 2001:470:1:c84::27 (scan-17p.shadowserver.org): 1 time undef: 130 times 5.30.208.143: 1 time 14.143.32.2 (14.143.32.2.static-Bangalore.vsnl.net.in): 1 time 14.227.140.194 (static.vnpt.vn): 1 time 20.74.152.76: 1 time 24.186.255.72 (ool-18baff48.dyn.optonline.net): 1 time 31.28.253.144 (host-144-253-28-31.sevstar.net): 1 time 36.93.126.12: 1 time 37.1.215.95 (rebuild-retirer.hamaraangels.com): 1 time 37.114.208.13: 2 times 37.255.202.68: 1 time 38.255.254.35: 1 time 41.66.219.52: 1 time 41.207.248.204: 3 times 45.115.173.11: 1 time 47.185.32.189: 1 time 49.248.17.75 (static-75.17.248.49-tataidc.co.in): 1 time 52.83.41.163 (ec2-52-83-41-163.cn-northwest-1.compute.amazonaws.com.cn): 1 time 52.152.104.58: 1 time 52.176.51.76: 1 time 52.252.29.1: 1 time 58.176.110.189 (058176110189.ctinets.com): 1 time 59.120.179.121 (59-120-179-121.hinet-ip.hinet.net): 1 time 60.171.10.42: 1 time 61.43.92.195: 1 time 61.218.134.63 (61-218-134-63.hinet-ip.hinet.net): 2 times 61.239.150.206 (061239150206.ctinets.com): 1 time 62.24.108.57 (ndovu.telkom.co.ke): 1 time 62.122.184.252: 1 time 64.62.197.195 (scan-42n.shadowserver.org): 1 time 65.20.135.187: 1 time 65.20.137.198: 1 time 65.20.144.244: 1 time 65.20.145.185: 1 time 65.20.159.161: 1 time 65.20.159.224: 1 time 65.20.162.159: 1 time 65.20.164.194: 1 time 65.20.166.132: 1 time 65.20.169.99: 1 time 65.20.170.129: 1 time 65.20.170.218: 1 time 65.20.173.104: 1 time 65.20.175.32: 1 time 65.20.192.86: 1 time 65.20.194.204: 1 time 65.20.223.117: 1 time 65.20.252.139: 1 time 65.49.1.115 (scan-59h.shadowserver.org): 1 time 67.84.0.77 (ool-4354004d.dyn.optonline.net): 1 time 68.2.152.102 (ip68-2-152-102.ph.ph.cox.net): 1 time 69.244.39.33 (c-69-244-39-33.hsd1.az.comcast.net): 1 time 73.138.72.68 (c-73-138-72-68.hsd1.fl.comcast.net): 1 time 73.171.144.54 (c-73-171-144-54.hsd1.fl.comcast.net): 1 time 73.195.112.141 (c-73-195-112-141.hsd1.nj.comcast.net): 1 time 74.108.38.30 (pool-74-108-38-30.nycmny.fios.verizon.net): 1 time 79.117.236.9 (79-117-236-9.digimobil.es): 1 time 80.186.144.129 (80-186-144-129.elisa-mobile.fi): 1 time 80.210.26.105: 1 time 80.217.108.111 (c80-217-108-111.bredband.tele2.se): 1 time 81.68.184.143: 1 time 83.191.162.15 (c83-191-162-15.bredband.tele2.se): 1 time 85.122.56.15: 1 time 85.209.11.27: 10 times 85.209.11.254: 6 times 86.98.59.27 (bba-86-98-59-27.alshamil.net.ae): 1 time 86.238.232.109 (lfbn-idf2-1-1001-109.w86-238.abo.wanadoo.fr): 1 time 87.251.233.179 (apn-87-251-233-179.static.gprs.plus.pl): 1 time 89.179.242.70 (89-179-242-70.static.corbina.ru): 2 times 90.141.11.105 (c90-141-11-105.bredband.tele2.se): 1 time 90.161.217.228 (228.pool90-161-217.static.orange.es): 1 time 90.233.74.70 (host-90-233-74-70.mobileonline.telia.com): 1 time 91.90.98.102: 1 time 91.92.214.149: 1 time 91.238.69.91 (tvinnet-91-238-69-91.tvinnet.ru): 1 time 93.62.72.229 (93-62-72-229.ip21.fastwebnet.it): 1 time 93.118.101.36: 1 time 93.123.41.211: 1 time 94.17.27.169 (c27-169.i13-07.melita.com): 1 time 94.139.201.162: 1 time 94.206.193.5: 1 time 94.207.24.223: 1 time 95.38.15.2: 1 time 95.89.71.232 (ip5f5947e8.dynamic.kabel-deutschland.de): 1 time 98.10.121.246 (098-010-121-246.res.spectrum.com): 1 time 101.35.209.15: 2 times 103.88.54.6: 1 time 103.157.115.26 (26.115.157.103.Ai-bkti-hts.iforte.net.id): 1 time 103.172.10.181: 1 time 104.12.19.114 (104-12-19-114.lightspeed.chrlnc.sbcglobal.net): 1 time 104.163.198.218 (104-163-198-218.qc.cable.ebox.net): 1 time 105.73.203.1: 1 time 105.96.13.29: 1 time 107.135.66.252 (107-135-66-252.lightspeed.sndgca.sbcglobal.net): 1 time 110.39.182.66 (WGPON-39182-66.wateen.net): 1 time 110.42.200.114: 1 time 111.70.13.54 (111-70-13-54.emome-ip.hinet.net): 1 time 113.25.250.80: 1 time 113.25.250.81: 1 time 113.106.88.146: 6 times 114.108.126.228: 1 time 114.242.38.20: 1 time 115.135.194.113: 1 time 116.48.142.227 (227.142.48.116.static.netvigator.com): 1 time 116.109.218.66: 1 time 117.32.249.174: 1 time 117.241.171.215: 1 time 118.41.204.72: 1 time 119.36.234.10: 2 times 119.62.212.184: 2 times 122.4.70.142 (142.70.4.122.broad.qd.sd.dynamic.163data.com.cn): 1 time 122.154.156.234: 1 time 123.138.199.66: 1 time 124.89.116.178: 1 time 124.195.200.102: 1 time 125.27.10.162 (node-23m.pool-125-27.dynamic.totinternet.net): 1 time 128.168.153.164 (a4.99.a880.ip4.static.sl-reverse.com): 1 time 139.5.17.55: 1 time 139.198.16.118: 1 time 152.230.106.235 (static.152.230.106.235.gtdinternet.com): 1 time 153.185.110.238 (p620238-ipxg00a01otsu.shiga.ocn.ne.jp): 1 time 157.245.106.108: 1 time 161.132.96.130: 1 time 162.186.17.147: 1 time 167.71.103.243: 30 times 167.172.239.86: 1 time 167.179.148.169 (167-179-148-169.a7b394.syd.nbn.aussiebb.net): 1 time 171.217.93.19: 17 times 174.138.58.211: 153 times 178.118.89.82 (178-118-89-82.access.telenet.be): 1 time 180.164.147.174: 1 time 181.78.11.198 (198.11.78.181.ufinet.com.co): 1 time 181.79.32.60: 1 time 182.73.6.19 (nsg-static-019.6.73.182.airtelbroadband.in): 1 time 182.253.45.90: 1 time 183.88.213.176 (mx-ll-183.88.213-176.dynamic.3bb.in.th): 2 times 183.179.100.127 (183179100127.ctinets.com): 1 time 183.232.32.178: 1 time 185.42.61.165 (165.binat-pool.smarthome.spb.ru): 1 time 185.81.95.179: 1 time 185.196.8.151: 1 time 186.235.193.57 (57.193.235.186.in-addr.arpa.verointernet.com.br): 1 time 187.251.246.215 (fixed-187-251-246-215.totalplay.net): 1 time 188.137.34.72 (static-188-137-34-72.leon.com.pl): 1 time 188.149.108.232 (c188-149-108-232.bredband.tele2.se): 1 time 188.151.21.67 (c188-151-21-67.bredband.tele2.se): 1 time 188.151.27.45 (c188-151-27-45.bredband.tele2.se): 1 time 188.151.33.181 (c188-151-33-181.bredband.tele2.se): 1 time 188.169.66.154 (188-169-66-154.dsl.utg.ge): 1 time 190.107.30.116 (19010730116.ip71.static.mediacommerce.com.co): 1 time 190.107.30.118 (19010730118.ip71.static.mediacommerce.com.co): 1 time 190.207.94.21 (190-207-94-21.dyn.dsl.cantv.net): 1 time 192.12.113.10: 1 time 194.29.62.5 (unassigned-2-5.unitel.net.ua): 1 time 194.44.200.98: 1 time 194.169.175.35: 8 times 194.169.175.36: 7 times 196.25.113.218: 1 time 196.25.253.242 (sainet-internet-gw.telkom-ipnet.co.za): 1 time 200.26.233.245: 1 time 200.229.209.202 (200-229-209-202.r2webnet.com.br): 1 time 202.53.94.195 (www.nettlinx.com): 1 time 202.65.144.173 (static-202-65-144-173.pol.net.in): 1 time 202.165.16.209: 10 times 203.69.238.26 (203-69-238-26.hinet-ip.hinet.net): 1 time 203.252.10.4: 1 time 206.252.194.38: 1 time 209.122.130.103 (209-122-130-103.s7782.c3-0.nso-e6k1.nape.il.cable.rcncustomer.com): 1 time 210.177.249.193: 1 time 212.152.216.141: 1 time 217.66.25.10 (ip10-25.hitv.ru): 1 time 217.147.171.48: 1 time 217.210.89.93 (217-210-89-93-no2663.tbcn.telia.com): 1 time 217.210.180.222 (217-210-180-222-no2663.tbcn.telia.com): 1 time 218.77.60.249: 1 time 219.165.15.146 (p667146-ipngn2401imazuka.yamagata.ocn.ne.jp): 1 time 220.74.78.244: 6 times 220.180.171.185: 1 time 221.151.7.108: 1 time 222.121.250.116: 1 time 222.128.28.202: 2 times 223.171.91.130: 1 time **Unmatched Entries** error: buffer_get_string_ret: incomplete message [preauth] : 1 time(s) fatal: buffer_get_string: buffer error [preauth] : 1 time(s) Disconnecting: Protocol error: expected packet type 21, got 20 [preauth] : 2 time(s) Disconnecting: Change of username or service not allowed: (root,ssh-connection) -> (test,ssh-connection) [preauth] : 1 time(s) fatal: no matching cipher found: client aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,twofish-cbc,arcfour server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop19598p1 394G 243G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

1 Jahr, 7 Monate

1
0
0 / 0

Cron <root@h2361197> /srv/sommer17-webseite/update.sh

by root＠zapf.in

fatal: unable to access 'https://github.com/zapf-berlin/sommer17-webseite.git/': Could not resolve host: github.com

1 Jahr, 7 Monate

1
0
0 / 0

For your own safety, I highly recommend reading this email.

by topf＠zapf.in

Hello, You are in big trouble. However, don't panic right away. Listen to me first, because there is always a way out. You are now on the radar of an international group of hackers, and such things never end well for anyone. I'm sure you've heard of Anonymous. Well, compared to us, they are a bunch of schoolboys. We are a worldwide network of several thousand professionals, each with their own role. Someone hacks corporate and government networks, someone cooperates with intelligence agencies on the most delicate tasks, and someone (including me) deals with people like you to maintain the infrastructure of our group. "What kind of people like me?" - that is the question you are probably asking yourself now. The answer is simple: people who like to watch highly controversial and, shall we say, unconventional pornography on the internet that most normal people would consider perverted. But not you! In order to leave you without any doubts, I'll explain how I found it out. Two months ago, my colleagues and I installed spyware software on your computer and then gained access to all of your devices, including your phone. It was easy - one of those many pop-ups on porn sites was our work. I think you already understand that we would not write to an ordinary man who watches "vanilla" and even hardcore porn - there is nothing special about that. But the things you're watching are beyond good and evil. So after accessing your phone and computer cameras, we recorded you masturbating to extremely controversial videos. There is a close-up footage of you and a little square on the right with the videos you're pleasing yourself. However, as I said earlier, there is always a way out, because even the most degraded sinner deserves leniency. You are lucky today because I am not a sadist who enjoys other people's suffering. Only money matters to me. Here is your salvation: you must transfer $1490 in Bitcoin to this BTC cryptocurrency wallet: 13RuNi9xhDN5ngYy251h4WFDYoE3VA4kPJ You have exactly 48 hours to make the payment, so think less, and do more. As soon as I receive confirmation of the transaction, I will delete all compromising content and permanently disable our computer worm. Believe me, I always abide by gentleman's agreements. Even with people who are hardly gentlemen. Because it's nothing personal, just business. If I do not receive a payment, I will send all videos of you to every person in your contact list, messengers and email. Relatives, loved ones, colleagues, friends-everyone you've ever been in contact with will receive them. You understand perfectly well that you will never be able to wash this stain on your reputation. Everyone will remember you as sick as fuck. Your life will be completely ruined, and, most likely, only a tightened noose around your neck will be able to save the day. If you haven't dealt with crypto before, I suppose it won't be difficult for you to figure it all out. Simply type in the "crypto exchange" into the search bar and pay with a credit card. Besides, based on your browser history, you are a savvy user. When you want to, you can dig into the darkest depths of the Internet, so I'm sure you will be able to find out what is what. Here is what my colleagues and I should warn you against: ...Do not reply to this email. Do you really think we are so stupid to be tracked by an email address? This is a temporary disposable email. As soon as I clicked "Send", it was gone for good. ...Forget about law-enforcement authorities. As soon as I see that you are trying to contact them, the compromising material will be published. Remember, I have access to all your devices, and I can even track your movements. ...Do not reset your devices to factory settings and do not try to get rid of your devices. It won't help in any way. Look above - my All-seeing eye is watching all your actions. It is easy to hunt you down. I am sorry that we met in such circumstances. Probably, everything could be different if you had been more careful about what you are doing on the Internet. Watch yourself from now on, because even such things that you previously considered insignificant can destroy your life in the future like a butterfly effect. I hope this is goodbye forever. However, it depends on you. P.S. The countdown is on. The choice is yours.

1 Jahr, 7 Monate

1
0
0 / 0

Cron <root@h2361197> /srv/sommer17-webseite/update.sh

by root＠zapf.in

fatal: unable to access 'https://github.com/zapf-berlin/sommer17-webseite.git/': Could not resolve host: github.com

1 Jahr, 7 Monate

1
0
0 / 0

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Thu Mar 21 04:42:02 2024 Date Range Processed: yesterday ( 2024-Mar-20 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [155:155] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 87.121.69.52 -> google.com:443: 2 Time(s) A total of 10 sites probed the server 106.75.134.86 138.68.178.141 170.64.228.39 172.104.242.173 172.105.128.12 172.234.96.249 185.100.87.136 198.235.24.181 205.210.31.89 85.90.246.159 Requests with error response codes 400 Bad Request null: 11 Time(s) /: 7 Time(s) *: 4 Time(s) /.env: 2 Time(s) /c/msdownload/update/software/update/2021/ ... -967441-x86.cab: 2 Time(s) /fw6I: 2 Time(s) /session: 2 Time(s) google.com:443: 2 Time(s) mstshash=Administr: 2 Time(s) //api/attach: 1 Time(s) /QKBFJBVZsPKeqFS/HAchGeCttVyEtqZ.php: 1 Time(s) /aXr1: 1 Time(s) /cdn-cgi/trace: 1 Time(s) /login: 1 Time(s) /new/login: 1 Time(s) /nvidia_license_upd.php: 1 Time(s) /search/s.php?i=1&id=APOX8NWOV42320: 1 Time(s) /viwwwsogou?op=8&query=%E7%A8%8F%E5%BB%BA% ... %BE%90%E1%B7%A2: 1 Time(s) /wh/glass.php: 1 Time(s) /wp-content/themes/twentytwentyone/inc/block-css.php: 1 Time(s) /zMLUH93A: 1 Time(s) 12.1.2: 1 Time(s) 7: 1 Time(s) A@BAE@FAI: 1 Time(s) L\xCF\x9E\xFC\xD16\x1ALi\x12\xE5\xCD\xAA(\ ... x09\xC0\x14\xC0: 1 Time(s) \x84\xF9\x86\x86\xDB\x03Ru\x0C\xB9\xD4\x5C ... x09\xC0\x13\xC0: 1 Time(s) \x8D*f\x17\x7Fa\xDF}A\xBC: 1 Time(s) \xED\xD1\x1DH\xF7\x1EG\x17\xB0\xF0\x7F\xD0 ... x09\xC0\x13\xC0: 1 Time(s) 404 Not Found //cdnjs.cloudflare.com/ajax/libs/es5-shim/ ... es5-shim.min.js: 2 Time(s) //cdnjs.cloudflare.com/ajax/libs/html5shiv ... tml5shiv.min.js: 2 Time(s) //cdnjs.cloudflare.com/ajax/libs/respond.j ... /respond.min.js: 2 Time(s) //protokolle.zapf.in/build/6.cover-pack.fe ... 36298be630a4.js: 2 Time(s) //protokolle.zapf.in/build/8.common.fef3ca2736298be630a4.js: 2 Time(s) //protokolle.zapf.in/build/constant.js: 2 Time(s) 500 Internal Server Error /: 23 Time(s) /.env: 3 Time(s) /.git/config: 3 Time(s) /favicon.ico: 3 Time(s) /c/msdownload/update/software/update/2021/ ... -967441-x86.cab: 2 Time(s) /cgi-bin/luci/;stok=/locale?form=country&o ... 20.%2Ftenda.sh): 2 Time(s) /fw6I: 2 Time(s) /+CSCOE+/logon.html: 1 Time(s) /.aws/credentials: 1 Time(s) /.env.php: 1 Time(s) /.env.txt: 1 Time(s) //api/attach: 1 Time(s) /QKBFJBVZsPKeqFS/HAchGeCttVyEtqZ.php: 1 Time(s) /Temporary_Listen_Addresses: 1 Time(s) /actuator/gateway/routes: 1 Time(s) /app/.env: 1 Time(s) /autodiscove/: 1 Time(s) /autodiscover/autodiscover%20/: 1 Time(s) /autodiscover/autodiscover.json?@zdi/Powershell: 1 Time(s) /autodiscover/autodiscoverrs/: 1 Time(s) /autodiscover/autodiscovers/: 1 Time(s) /aws-secret.yaml: 1 Time(s) /aws/credentials: 1 Time(s) /cms/.env: 1 Time(s) /current/phpinfo.php: 1 Time(s) /develop/info.php: 1 Time(s) /ews/%20/: 1 Time(s) /ews/autodiscovers/: 1 Time(s) /ews/ews/: 1 Time(s) /ews/exchange%20/: 1 Time(s) /ews/exchange/: 1 Time(s) /ews/exchanges/: 1 Time(s) /js/NewWindow_2_all.js: 1 Time(s) /local-phpinfo.php: 1 Time(s) /login: 1 Time(s) /new/login: 1 Time(s) /nvidia_license_upd.php: 1 Time(s) /owa/auth/x.js: 1 Time(s) /rest/.env: 1 Time(s) /robots.txt: 1 Time(s) /search/s.php?i=1&id=APOX8NWOV42320: 1 Time(s) /sitemap.xml: 1 Time(s) /testphpinfo.php: 1 Time(s) /tools/phpinfo.php: 1 Time(s) /viwwwsogou?op=8&query=%E7%A8%8F%E5%BB%BA% ... %BE%90%E1%B7%A2: 1 Time(s) /webui/: 1 Time(s) /wh/glass.php: 1 Time(s) /wp-content/themes/twentytwentyone/inc/block-css.php: 1 Time(s) /zMLUH93A: 1 Time(s) 502 Bad Gateway /4mAvBdYMS2CRIJl9MnI8fg/pdf: 1 Time(s) /DigitalZaPF:Selbsthilfe_in_Zeiten_von_Corona/pdf: 1 Time(s) /PnihMtr6Qf6cWqyqSXRJ5g/pdf: 1 Time(s) /UavHVD8RQBKspC6giVp5ow/pdf: 1 Time(s) /berlin17_ak_bafoeg/pdf: 1 Time(s) /cNLvvGbtQGm2tQV4potgIQ/pdf: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: unknown (174.138.58.211): 224 Time(s) root (47.236.179.153): 128 Time(s) root (218.92.0.55): 102 Time(s) root (218.92.0.52): 72 Time(s) root (host-87-3-79-220.retail.telecomitalia.it): 68 Time(s) root (218.92.0.40): 66 Time(s) root (218.92.0.28): 48 Time(s) root (218.92.0.51): 47 Time(s) root (218.92.0.33): 42 Time(s) root (218.92.0.47): 42 Time(s) root (218.92.0.43): 36 Time(s) root (218.92.0.45): 35 Time(s) root (179.43.180.106): 32 Time(s) root (218.92.0.53): 30 Time(s) unknown (188.164.179.126): 27 Time(s) root (218.92.0.59): 18 Time(s) root (174.138.58.211): 15 Time(s) root (188.164.179.126): 11 Time(s) unknown (202.165.16.209): 9 Time(s) root (112.185.18.150): 6 Time(s) root (131.72.171.178): 6 Time(s) root (210.99.41.174): 6 Time(s) root (213-66-185-48-no600.tbcn.telia.com): 6 Time(s) root (220.117.3.198): 6 Time(s) root (222.168.30.19): 6 Time(s) unknown (62.122.184.252): 6 Time(s) root (121.158.249.166): 5 Time(s) root (185.11.61.88): 5 Time(s) backup (174.138.58.211): 4 Time(s) postgres (174.138.58.211): 4 Time(s) unknown (211.197.45.55): 4 Time(s) root (185.216.70.138): 3 Time(s) root (36.24.41.38.static.mds-telecom.net): 3 Time(s) unknown (185.196.8.151): 3 Time(s) unknown (185.246.130.20): 3 Time(s) unknown (41.207.248.204): 3 Time(s) unknown (49.248.17.75): 3 Time(s) root (mail.web.dneproves.ua): 2 Time(s) root (ti-002.chefnotepad.com): 2 Time(s) sshd (188.164.179.126): 2 Time(s) unknown (110.189.153.136): 2 Time(s) unknown (122.4.70.142): 2 Time(s) unknown (188-169-66-154.dsl.utg.ge): 2 Time(s) unknown (31.184.198.71): 2 Time(s) unknown (47.185.33.88): 2 Time(s) unknown (65.20.192.86): 2 Time(s) unknown (95.38.15.2): 2 Time(s) unknown (modemcable020.176-59-74.mc.videotron.ca): 2 Time(s) bin (174.138.58.211): 1 Time(s) mysql (188.164.179.126): 1 Time(s) nobody (1.197.88.174): 1 Time(s) nobody (103.127.53.114): 1 Time(s) nobody (117.198.97.239): 1 Time(s) nobody (117.216.138.77): 1 Time(s) nobody (14.111.241.0): 1 Time(s) nobody (151.253.138.19): 1 Time(s) nobody (182.246.203.42): 1 Time(s) nobody (200-171-87-153.dsl.telesp.net.br): 1 Time(s) nobody (220.169.100.15): 1 Time(s) nobody (61.154.122.122): 1 Time(s) nobody (65.20.159.161): 1 Time(s) nobody (65.20.196.183): 1 Time(s) nobody (91.92.124.199): 1 Time(s) root (103.108.220.163): 1 Time(s) root (103.181.141.50): 1 Time(s) root (107.173.81.60): 1 Time(s) root (13.16.154.177.wavetelecom.com.br): 1 Time(s) root (130.61.173.144): 1 Time(s) root (139.59.234.93): 1 Time(s) root (143.59.112.150): 1 Time(s) root (146.235.207.155): 1 Time(s) root (159.223.98.75): 1 Time(s) root (167.99.8.87): 1 Time(s) root (171.244.50.39): 1 Time(s) root (185.246.130.20): 1 Time(s) root (185.63.191.104): 1 Time(s) root (195.74.115.115): 1 Time(s) root (204.10.19.212): 1 Time(s) root (31.184.198.71): 1 Time(s) root (41.79.46.104): 1 Time(s) root (67.205.156.161): 1 Time(s) root (67.207.80.113): 1 Time(s) root (82.67.30.217): 1 Time(s) root (92.120.29.34.bc.googleusercontent.com): 1 Time(s) root (94.139.201.162): 1 Time(s) root (c188-151-34-213.bredband.tele2.se): 1 Time(s) unknown (058176134168.ctinets.com): 1 Time(s) unknown (1.20.156.196): 1 Time(s) unknown (101.50.75.112): 1 Time(s) unknown (102.38.3.93): 1 Time(s) unknown (103.146.233.169): 1 Time(s) unknown (103.147.248.44): 1 Time(s) unknown (103.157.114.186): 1 Time(s) unknown (103.157.114.202): 1 Time(s) unknown (103.157.114.234): 1 Time(s) unknown (103.157.115.18): 1 Time(s) unknown (103.157.116.93): 1 Time(s) unknown (103.250.159.26): 1 Time(s) unknown (105.73.81.42): 1 Time(s) unknown (112.167.233.14): 1 Time(s) unknown (112.31.167.7): 1 Time(s) unknown (113.183.67.127): 1 Time(s) unknown (113.59.119.97): 1 Time(s) unknown (115.241.228.34): 1 Time(s) unknown (116.97.240.172): 1 Time(s) unknown (117.114.3.15): 1 Time(s) unknown (117.160.3.137): 1 Time(s) unknown (117.241.148.98): 1 Time(s) unknown (117.247.73.168): 1 Time(s) unknown (117.250.236.234): 1 Time(s) unknown (121.154.155.80): 1 Time(s) unknown (121.159.163.6): 1 Time(s) unknown (121.202.204.251): 1 Time(s) unknown (121.202.206.37): 1 Time(s) unknown (122-117-15-25.hinet-ip.hinet.net): 1 Time(s) unknown (122.225.203.106): 1 Time(s) unknown (123.212.20.131): 1 Time(s) unknown (124.41.217.210): 1 Time(s) unknown (124.89.116.178): 1 Time(s) unknown (128.199.179.202): 1 Time(s) unknown (137.63.134.152): 1 Time(s) unknown (138.197.38.127): 1 Time(s) unknown (139.198.16.118): 1 Time(s) unknown (14.155.69.105): 1 Time(s) unknown (14.39.23.47): 1 Time(s) unknown (141.147.79.211): 1 Time(s) unknown (146.255.229.214): 1 Time(s) unknown (148.202.102.151): 1 Time(s) unknown (149.23.117.254): 1 Time(s) unknown (156.112.153.95.dyn.idknet.com): 1 Time(s) unknown (157.119.110.11): 1 Time(s) unknown (157.122.198.36): 1 Time(s) unknown (168.126.90.210): 1 Time(s) unknown (175.206.113.91): 1 Time(s) unknown (176.62.189.81): 1 Time(s) unknown (178.137.114.144): 1 Time(s) unknown (182.253.215.12): 1 Time(s) unknown (183.196.174.235): 1 Time(s) unknown (183.62.20.2): 1 Time(s) unknown (183.82.126.117): 1 Time(s) unknown (185.11.61.88): 1 Time(s) unknown (185.209.108.42): 1 Time(s) unknown (185.42.61.165): 1 Time(s) unknown (186.217.211.130): 1 Time(s) unknown (187-103-196-124.comfibranet.com.br): 1 Time(s) unknown (188.129.219.2): 1 Time(s) unknown (188.225.140.30): 1 Time(s) unknown (190.196.165.186): 1 Time(s) unknown (19010730115.ip71.static.mediacommerce.com.co): 1 Time(s) unknown (19010730117.ip71.static.mediacommerce.com.co): 1 Time(s) unknown (19010730119.ip71.static.mediacommerce.com.co): 1 Time(s) unknown (195.97.11.188): 1 Time(s) unknown (196.28.226.66): 1 Time(s) unknown (2.55.100.104): 1 Time(s) unknown (2.57.219.2): 1 Time(s) unknown (200.11.109.32): 1 Time(s) unknown (200.192.208.85): 1 Time(s) unknown (200.32.84.12): 1 Time(s) unknown (200.32.84.13): 1 Time(s) unknown (200.91.234.36): 1 Time(s) unknown (201.202.13.61): 1 Time(s) unknown (201.237.145.163): 1 Time(s) unknown (203.134.219.10): 1 Time(s) unknown (213-67-81-157-no600.tbcn.telia.com): 1 Time(s) unknown (213.230.64.246): 1 Time(s) unknown (213.5.194.114): 1 Time(s) unknown (217-210-242-205-no2560.tbcn.telia.com): 1 Time(s) unknown (217.12.114.70): 1 Time(s) unknown (218.6.64.194): 1 Time(s) unknown (218.76.30.193): 1 Time(s) unknown (219-89-197-82.adsl.xtra.co.nz): 1 Time(s) unknown (219.145.62.106): 1 Time(s) unknown (220-130-84-232.hinet-ip.hinet.net): 1 Time(s) unknown (221.234.48.147): 1 Time(s) unknown (221.4.152.184): 1 Time(s) unknown (222.128.28.48): 1 Time(s) unknown (223.197.208.79): 1 Time(s) unknown (223.82.116.251): 1 Time(s) unknown (27.128.203.51): 1 Time(s) unknown (27.71.60.22): 1 Time(s) unknown (31-10-205-94.static.upc.ch): 1 Time(s) unknown (41.176.145.71): 1 Time(s) unknown (41.190.39.142): 1 Time(s) unknown (41.66.219.52): 1 Time(s) unknown (45.71.68.73): 1 Time(s) unknown (46.100.49.51): 1 Time(s) unknown (47.188.209.237): 1 Time(s) unknown (5.21.5.139): 1 Time(s) unknown (59.94.35.242): 1 Time(s) unknown (60.213.9.146): 1 Time(s) unknown (61-230-27-140.dynamic-ip.hinet.net): 1 Time(s) unknown (61.164.51.34): 1 Time(s) unknown (65.20.137.127): 1 Time(s) unknown (65.20.144.159): 1 Time(s) unknown (65.20.145.72): 1 Time(s) unknown (65.20.150.2): 1 Time(s) unknown (65.20.152.71): 1 Time(s) unknown (65.20.155.223): 1 Time(s) unknown (65.20.156.21): 1 Time(s) unknown (65.20.162.153): 1 Time(s) unknown (65.20.162.39): 1 Time(s) unknown (65.20.165.5): 1 Time(s) unknown (65.20.166.97): 1 Time(s) unknown (65.20.167.135): 1 Time(s) unknown (65.20.168.210): 1 Time(s) unknown (65.20.168.53): 1 Time(s) unknown (65.20.172.104): 1 Time(s) unknown (65.20.184.175): 1 Time(s) unknown (65.20.192.58): 1 Time(s) unknown (65.20.193.137): 1 Time(s) unknown (65.20.209.146): 1 Time(s) unknown (65.20.215.208): 1 Time(s) unknown (65.20.249.223): 1 Time(s) unknown (65.20.251.41): 1 Time(s) unknown (65.20.252.149): 1 Time(s) unknown (69.79.197.196): 1 Time(s) unknown (78-71-131-176-no271.tbcn.telia.com): 1 Time(s) unknown (81-229-15-242-no600.tbcn.telia.com): 1 Time(s) unknown (81.16.121.86): 1 Time(s) unknown (82.67.30.217): 1 Time(s) unknown (87-198-60-128.ptr.magnet.ie): 1 Time(s) unknown (87.200.181.208): 1 Time(s) unknown (91-241-150-246-dyn.neotele.com.ru): 1 Time(s) unknown (91.92.214.149): 1 Time(s) unknown (92.247.162.57): 1 Time(s) unknown (94.139.201.162): 1 Time(s) unknown (95.164.21.173): 1 Time(s) unknown (95.164.69.247): 1 Time(s) unknown (ae003119.ppp.asahi-net.or.jp): 1 Time(s) unknown (agencijaiiz1-155.bih.net.ba): 1 Time(s) unknown (c-73-180-208-11.hsd1.md.comcast.net): 1 Time(s) unknown (c-73-62-210-252.hsd1.mn.comcast.net): 1 Time(s) unknown (c-76-29-47-29.hsd1.il.comcast.net): 1 Time(s) unknown (c-98-244-20-77.hsd1.ca.comcast.net): 1 Time(s) unknown (c188-151-21-146.bredband.tele2.se): 1 Time(s) unknown (c188-151-34-213.bredband.tele2.se): 1 Time(s) unknown (c188-151-57-198.bredband.tele2.se): 1 Time(s) unknown (c83-250-237-135.bredband.tele2.se): 1 Time(s) unknown (fixed-187-251-246-215.totalplay.net): 1 Time(s) unknown (fp73a31e6e.stmb122.ap.nuro.jp): 1 Time(s) unknown (hmx.static.otenet.gr): 1 Time(s) unknown (host-80-21-208-94.business.telecomitalia.it): 1 Time(s) unknown (host-95-255-196-183.business.telecomitalia.it): 1 Time(s) unknown (n218250074117.netvigator.com): 1 Time(s) unknown (n219078218231.netvigator.com): 1 Time(s) unknown (node-bax.pool-1-2.dynamic.totinternet.net): 1 Time(s) unknown (ool-43522457.dyn.optonline.net): 1 Time(s) unknown (s0106e8782951a2b3.cg.shawcable.net): 1 Time(s) unknown (s1.thehost.com.ua): 1 Time(s) unknown (ti0117a400-0528.bb.online.no): 1 Time(s) unknown (ua-84-217-215-241.bbcust.telenor.se): 1 Time(s) Invalid Users: Unknown Account: 467 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 10 Miscellaneous warnings 33.586K Bytes accepted 34,392 33.586K Bytes sent via SMTP 34,392 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 26 Connections 17 Connections lost (inbound) 26 Disconnections 1 Removed from queue 1 Sent via SMTP 2 SMTP dialog errors 2 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 96 Time(s) Failed logins from: 1.197.88.174 (197.1.broad.ha.dynamic.163data.com.cn): 1 time 14.111.241.0: 1 time 31.184.198.71: 1 time 34.29.120.92 (92.120.29.34.bc.googleusercontent.com): 1 time 38.41.24.36 (36.24.41.38.static.mds-telecom.net): 3 times 41.79.46.104: 1 time 45.83.193.159 (mail.web.dneproves.ua): 2 times 47.236.179.153: 128 times 61.154.122.122: 1 time 65.20.159.161: 1 time 65.20.196.183: 1 time 67.205.156.161: 1 time 67.207.80.113: 1 time 82.67.30.217 (ril69-1_migr-82-67-30-217.fbx.proxad.net): 1 time 87.3.79.220 (host-87-3-79-220.retail.telecomitalia.it): 68 times 91.92.124.199: 1 time 94.139.201.162: 1 time 103.108.220.163 (server.buyacsgo.com): 1 time 103.127.53.114: 1 time 103.181.141.50: 1 time 107.173.81.60 (supplyfra.co.uk): 1 time 112.185.18.150: 6 times 117.198.97.239: 1 time 117.216.138.77 (static.ftth.vlr.117.216.138.77.bsnl.in): 1 time 121.158.249.166: 6 times 130.61.173.144: 1 time 131.72.171.178 (131-72-171-178.telcorplatam.com): 6 times 139.59.234.93: 1 time 143.59.112.150 (static-143-59-112-150.knology.net): 1 time 146.235.207.155: 1 time 151.253.138.19: 1 time 159.223.98.75: 1 time 167.99.8.87: 1 time 171.244.50.39: 1 time 174.138.58.211: 24 times 177.154.16.13 (13.16.154.177.wavetelecom.com.br): 1 time 178.128.51.37 (ti-002.chefnotepad.com): 2 times 179.43.180.106 (hostedby.privatelayer.com): 32 times 182.246.203.42: 1 time 185.11.61.88: 5 times 185.63.191.104 (default.clo.ru): 1 time 185.216.70.138: 3 times 185.246.130.20: 1 time 188.151.34.213 (c188-151-34-213.bredband.tele2.se): 1 time 188.164.179.126: 14 times 195.74.115.115 (notset.1024.co.uk): 1 time 200.171.87.153 (200-171-87-153.dsl.telesp.net.br): 1 time 204.10.19.212: 1 time 210.99.41.174: 6 times 213.66.185.48 (213-66-185-48-no600.tbcn.telia.com): 6 times 218.92.0.28: 48 times 218.92.0.33: 42 times 218.92.0.40: 66 times 218.92.0.43: 36 times 218.92.0.45: 35 times 218.92.0.47: 42 times 218.92.0.51: 47 times 218.92.0.52: 72 times 218.92.0.53: 30 times 218.92.0.55: 102 times 218.92.0.59: 18 times 220.117.3.198: 6 times 220.169.100.15: 1 time 222.168.30.19: 6 times Illegal users from: 2001:470:1:332::2 (scan-36af.shadowserver.org): 1 time undef: 131 times 1.2.185.57 (node-bax.pool-1-2.dynamic.totinternet.net): 1 time 1.20.156.196: 1 time 2.55.100.104 (2-55-100-104.orange.net.il): 1 time 2.57.219.2: 1 time 5.21.5.139 (dynamic.isp.ooredoo.om): 1 time 8.210.233.20: 6 times 14.3.3.119 (ae003119.ppp.asahi-net.or.jp): 1 time 14.39.23.47: 1 time 14.155.69.105: 1 time 27.71.60.22 (localhost): 1 time 27.128.203.51: 1 time 31.10.205.94 (31-10-205-94.static.upc.ch): 1 time 31.184.198.71: 3 times 41.66.219.52: 1 time 41.176.145.71 (HOST-71-145.176.41.nile-online.net): 1 time 41.190.39.142 (142-39sxx.broadband.yoafrica.com): 1 time 41.207.248.204: 3 times 43.134.92.159: 1 time 45.71.68.73: 1 time 46.100.49.51: 1 time 47.185.33.88: 2 times 47.188.209.237: 1 time 47.236.179.153: 16 times 49.248.17.75 (static-75.17.248.49-tataidc.co.in): 3 times 58.176.134.168 (058176134168.ctinets.com): 1 time 59.94.35.242: 1 time 60.213.9.146: 1 time 61.164.51.34: 1 time 61.230.27.140 (61-230-27-140.dynamic-ip.hinet.net): 1 time 62.122.184.252: 6 times 64.62.197.99 (scan-39h.shadowserver.org): 1 time 65.20.137.127: 1 time 65.20.144.159: 1 time 65.20.145.72: 1 time 65.20.150.2: 1 time 65.20.152.71: 1 time 65.20.155.223: 1 time 65.20.156.21: 1 time 65.20.162.39: 1 time 65.20.162.153: 1 time 65.20.165.5: 1 time 65.20.166.97: 1 time 65.20.167.135: 1 time 65.20.168.53: 1 time 65.20.168.210: 1 time 65.20.172.104: 1 time 65.20.184.175: 1 time 65.20.192.58: 1 time 65.20.192.86: 2 times 65.20.193.137: 1 time 65.20.209.146: 1 time 65.20.215.208: 1 time 65.20.249.223: 1 time 65.20.251.41: 1 time 65.20.252.149: 1 time 67.82.36.87 (ool-43522457.dyn.optonline.net): 1 time 69.79.197.196 (196-197-79-69-static.flowja.com): 1 time 70.75.146.87 (S0106e8782951a2b3.cg.shawcable.net): 1 time 73.62.210.252 (c-73-62-210-252.hsd1.mn.comcast.net): 1 time 73.180.208.11 (c-73-180-208-11.hsd1.md.comcast.net): 1 time 74.59.176.20 (modemcable020.176-59-74.mc.videotron.ca): 2 times 76.29.47.29 (c-76-29-47-29.hsd1.il.comcast.net): 1 time 78.71.131.176 (78-71-131-176-no271.tbcn.telia.com): 1 time 79.129.206.144 (hmx.static.otenet.gr): 1 time 80.21.208.94 (host-80-21-208-94.business.telecomitalia.it): 1 time 80.65.90.155 (agencijaiiz1-155.bih.net.ba): 1 time 81.16.121.86: 1 time 81.229.15.242 (81-229-15-242-no600.tbcn.telia.com): 1 time 82.67.30.217 (ril69-1_migr-82-67-30-217.fbx.proxad.net): 1 time 83.250.237.135 (c83-250-237-135.bredband.tele2.se): 1 time 84.217.215.241 (ua-84-217-215-241.bbcust.telenor.se): 1 time 85.166.1.20 (ti0117a400-0528.bb.online.no): 1 time 87.3.79.220 (host-87-3-79-220.retail.telecomitalia.it): 16 times 87.198.60.128 (87-198-60-128.ptr.magnet.ie): 1 time 87.200.181.208: 1 time 91.92.214.149: 1 time 91.234.33.250 (s1.thehost.com.ua): 1 time 91.241.150.246 (91-241-150-246-dyn.neotele.com.ru): 1 time 92.247.162.57: 1 time 94.139.201.162: 1 time 95.38.15.2: 2 times 95.153.112.156 (156.112.153.95.dyn.idknet.com): 1 time 95.164.21.173 (vm2163161.stark-industries.solutions): 1 time 95.164.69.247 (vm1949209.stark-industries.solutions): 1 time 95.255.196.183 (host-95-255-196-183.business.telecomitalia.it): 1 time 98.244.20.77 (c-98-244-20-77.hsd1.ca.comcast.net): 1 time 101.50.75.112 (ntl-50-75-112.nayatel.com): 1 time 102.38.3.93: 1 time 103.146.233.169: 1 time 103.147.248.44: 1 time 103.157.114.186 (186.114.157.103.Ai-bkti-hts.iforte.net.id): 1 time 103.157.114.202 (202.114.157.103.Ai-bkti-hts.iforte.net.id): 1 time 103.157.114.234 (234.114.157.103.Ai-bkti-hts.iforte.net.id): 1 time 103.157.115.18 (18.115.157.103.Ai-bkti-hts.iforte.net.id): 1 time 103.157.116.93: 1 time 103.250.159.26: 1 time 105.73.81.42: 1 time 110.189.153.136: 2 times 112.31.167.7: 1 time 112.167.233.14: 1 time 113.59.119.97: 1 time 113.106.88.146: 3 times 113.183.67.127 (static.vnpt.vn): 1 time 115.163.30.110 (fp73a31e6e.stmb122.ap.nuro.jp): 1 time 115.241.228.34: 1 time 116.97.240.172 (dynamic-ip-adsl.viettel.vn): 1 time 117.114.3.15: 1 time 117.160.3.137: 1 time 117.241.148.98 (static.ftth.hpr.117.241.148.98.bsnl.in): 1 time 117.247.73.168 (static.ftth.bbr.117.247.73.168.bsnl.in): 1 time 117.250.236.234 (static.ill.117.250.236.234.bsnl.co.in): 1 time 121.154.155.80: 1 time 121.159.163.6: 5 times 121.202.204.251 (m121-202-204-251.smartone.com): 1 time 121.202.206.37 (m121-202-206-37.smartone.com): 1 time 122.4.70.142 (142.70.4.122.broad.qd.sd.dynamic.163data.com.cn): 2 times 122.117.15.25 (122-117-15-25.hinet-ip.hinet.net): 1 time 122.225.203.106: 1 time 123.212.20.131: 1 time 124.41.217.210 (210.217.41.124.dynamic.wlink.com.np): 1 time 124.89.116.178: 1 time 128.199.179.202: 1 time 137.63.134.152: 1 time 138.197.38.127: 1 time 139.198.16.118: 1 time 141.147.79.211: 1 time 146.255.229.214 (146-255-229-214.customers.silknet.com): 1 time 148.202.102.151 (151-102.cuaad.udg.mx): 1 time 149.23.117.254: 1 time 157.119.110.11: 1 time 157.122.198.36: 1 time 168.126.90.210: 1 time 174.138.58.211: 225 times 175.206.113.91: 1 time 176.62.189.81: 1 time 178.137.114.144 (178-137-114-144.broadband.kyivstar.net): 1 time 182.253.215.12 (nyadin001.yanmar.co.id): 1 time 183.62.20.2: 1 time 183.82.126.117 (183.82.126.117.actcorp.in): 1 time 183.196.174.235: 1 time 185.11.61.88: 1 time 185.42.61.165 (165.binat-pool.smarthome.spb.ru): 1 time 185.196.8.151: 3 times 185.209.108.42: 1 time 185.246.130.20: 3 times 186.217.211.130: 1 time 187.103.196.124 (187-103-196-124.comfibranet.com.br): 1 time 187.251.246.215 (fixed-187-251-246-215.totalplay.net): 1 time 188.129.219.2: 1 time 188.151.21.146 (c188-151-21-146.bredband.tele2.se): 1 time 188.151.34.213 (c188-151-34-213.bredband.tele2.se): 1 time 188.151.57.198 (c188-151-57-198.bredband.tele2.se): 1 time 188.164.179.126: 27 times 188.169.66.154 (188-169-66-154.dsl.utg.ge): 2 times 188.225.140.30: 1 time 190.107.30.115 (19010730115.ip71.static.mediacommerce.com.co): 1 time 190.107.30.117 (19010730117.ip71.static.mediacommerce.com.co): 1 time 190.107.30.119 (19010730119.ip71.static.mediacommerce.com.co): 1 time 190.196.165.186 (static.190.196.165.186.gtdinternet.com): 1 time 195.97.11.188: 1 time 196.28.226.66: 1 time 200.11.109.32: 1 time 200.32.84.12 (200-32-84-12.static.impsat.net.ar): 1 time 200.32.84.13 (200-32-84-13.static.impsat.net.ar): 1 time 200.91.234.36 (desenliste.ifxcorp.com): 1 time 200.192.208.85 (ip-200-192-208-85.novafibratelecom.com.br): 1 time 201.202.13.61: 1 time 201.237.145.163: 1 time 202.165.16.209: 9 times 203.134.219.10: 1 time 211.197.45.55: 4 times 213.5.194.114: 1 time 213.67.81.157 (213-67-81-157-no600.tbcn.telia.com): 1 time 213.230.64.246: 1 time 217.12.114.70 (static.217.12.114.70.tmg.md): 1 time 217.210.242.205 (217-210-242-205-no2560.tbcn.telia.com): 1 time 218.6.64.194: 1 time 218.76.30.193: 1 time 218.250.74.117 (n218250074117.netvigator.com): 1 time 219.78.218.231 (n219078218231.netvigator.com): 1 time 219.89.197.82 (219-89-197-82.adsl.xtra.co.nz): 1 time 219.145.62.106: 1 time 220.130.84.232 (220-130-84-232.hinet-ip.hinet.net): 1 time 221.4.152.184: 1 time 221.234.48.147: 1 time 222.128.28.48: 1 time 223.82.116.251: 1 time 223.111.168.11: 6 times 223.197.208.79 (223-197-208-79.static.imsbiz.com): 1 time **Unmatched Entries** Disconnecting: Change of username or service not allowed: (admin,ssh-connection) -> (ubnt,ssh-connection) [preauth] : 2 time(s) Disconnecting: Change of username or service not allowed: (root,ssh-connection) -> (admin,ssh-connection) [preauth] : 2 time(s) Disconnecting: Protocol error: expected packet type 21, got 20 [preauth] : 1 time(s) fatal: no matching cipher found: client aes128-cbc,blowfish-cbc,3des-cbc server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 23 time(s) fatal: buffer_get_string: buffer error [preauth] : 2 time(s) Disconnecting: Change of username or service not allowed: (0,ssh-connection) -> (root,ssh-connection) [preauth] : 2 time(s) error: buffer_get_string_ret: incomplete message [preauth] : 2 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop19598p1 394G 243G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

1 Jahr, 7 Monate

1
0
0 / 0

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Wed Mar 20 04:42:02 2024 Date Range Processed: yesterday ( 2024-Mar-19 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 50:49 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 107.148.207.137 -> baidu.com:443: 1 Time(s) 45.142.182.92 -> zapf.wiki:443: 1 Time(s) 87.121.69.25 -> google.com:443: 1 Time(s) A total of 9 sites probed the server 164.52.0.94 185.100.87.136 45.95.169.184 47.245.6.91 63.251.106.21 66.240.205.34 68.183.34.174 74.82.47.2 78.153.140.179 Requests with error response codes 400 Bad Request null: 8 Time(s) mstshash=Administr: 7 Time(s) *: 2 Time(s) /: 2 Time(s) \x00\x00BBBB\xBA\x8C\xC1\xABDAAA: 2 Time(s) -]\xB2\x94\xABU\xCC\x92\xEF\xE9\xFB\x01$\x ... C0\xAD\xC0$\xC0: 1 Time(s) /aaa9: 1 Time(s) /aab8: 1 Time(s) /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%3 ... 5%%32%65/bin/sh: 1 Time(s) /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2 ... %2e/.%2e/bin/sh: 1 Time(s) /index.htm: 1 Time(s) \x1Bt;\x01X\xB1\xB9\x83H\x1B\x19\xA2\xAE\x ... \xBE\xE4<\xF1h[: 1 Time(s) \x5CC\xBCbw^@\x09\xDF\x1AG\xDB\x03\xBA}G?f ... C0\xAE\xC0+\xC0: 1 Time(s) \x94\x89QFx\xCC\xEEx\x94\x1Fk\xF4\x91\xD7\ ... C\x00<\x00/\x00: 1 Time(s) \x98\xB0\xBA\x86\xE1\xD0\x991#p\x96\x1F\xD ... C0$\x13\x05\xC0: 1 Time(s) \x9B\x13\xA7\xB0A]?\x22U\xF8\xF0\xC3)s'Y\x ... D\xC0$\xC0(\xC0: 1 Time(s) \xB3\xD0\xCE\x80\x14t\xC1\xCB: 1 Time(s) \xB7'\x12\xFB9\xFE\xA6j\xB8\x9F\xE2y\xBF\xF0}\x13: 1 Time(s) \xD5e(\x9B\xE4\xCF\x86E\x07c\x1E\x85|\x1D\ ... C\x00<\x00/\x00: 1 Time(s) baidu.com:443: 1 Time(s) google.com:443: 1 Time(s) http://httpbin.org/ip: 1 Time(s) zapf.wiki:443: 1 Time(s) {\xBB9\x8A\xBA\xB5`\xAB\xA4\x81\xACA\xC3}[ ... C0\xAE\xC0+\xC0: 1 Time(s) 404 Not Found //cdnjs.cloudflare.com/ajax/libs/es5-shim/ ... es5-shim.min.js: 1 Time(s) //cdnjs.cloudflare.com/ajax/libs/html5shiv ... tml5shiv.min.js: 1 Time(s) //protokolle.zapf.in/build/6.cover-pack.fe ... 36298be630a4.js: 1 Time(s) //protokolle.zapf.in/build/8.common.fef3ca2736298be630a4.js: 1 Time(s) //protokolle.zapf.in/build/constant.js: 1 Time(s) 500 Internal Server Error /: 120 Time(s) /.git/config: 6 Time(s) /cgi-bin/luci/;stok=/locale?form=country&o ... 20.%2Ftenda.sh): 2 Time(s) /.env: 1 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /ReportServer: 1 Time(s) /V2/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /aaa9: 1 Time(s) /aab8: 1 Time(s) /actuator/health: 1 Time(s) /admin/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /api/v2/cmdb/system/admin/admin: 1 Time(s) /api/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /app/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /apps/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /backup/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /blog/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /board-of-directors/: 1 Time(s) /catalog-portal/ui/oauth/verify?error=&dev ... %73%68%22%29%7d: 1 Time(s) /cf_scripts/scripts/ajax/ckeditor/ckeditor.js: 1 Time(s) /cms/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /crm/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /demo/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /favicon.ico: 1 Time(s) /geoserver/web/: 1 Time(s) /index.php?lang=../../../../../../../../us ... /tmp/index1.php: 1 Time(s) /index.php?lang=../../../../../../../../var/tmp/index1: 1 Time(s) /index.php?s=/index/\x5Cthink\x5Capp/invok ... vars[1][]=Hello: 1 Time(s) /infusions/downloads/downloads.php?cat_id=${system(ls)}: 1 Time(s) /lib/phpunit/Util/PHP/eval-stdin.php: 1 Time(s) /lib/phpunit/phpunit/Util/PHP/eval-stdin.php: 1 Time(s) /lib/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /lib/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /lib/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /panel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /phpunit/Util/PHP/eval-stdin.php: 1 Time(s) /phpunit/phpunit/Util/PHP/eval-stdin.php: 1 Time(s) /phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /public/index.php?s=/index/\x5Cthink\x5Cap ... vars[1][]=Hello: 1 Time(s) /public/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /remote/fgt_lang?lang=/../../../..//////// ... lvpn_websession: 1 Time(s) /robots.txt: 1 Time(s) /test/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /testing/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /tests/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /vendor/phpunit/Util/PHP/eval-stdin.php: 1 Time(s) /vendor/phpunit/phpunit/LICENSE/eval-stdin.php: 1 Time(s) /vendor/phpunit/phpunit/Util/PHP/eval-stdin.php: 1 Time(s) /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /vendor/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /vendor/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /vpnsvc/connect.cgi: 1 Time(s) /webui/: 1 Time(s) /workspace/drupal/vendor/phpunit/phpunit/s ... /eval-stdin.php: 1 Time(s) /ws/ec/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /ws/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /www/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /yii/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) /zend/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) 502 Bad Gateway /5VuR_cJwQHG8RKBmlDNsmQ/pdf: 1 Time(s) /7mVft8aUS7CAYCnKfmwhIw/pdf: 1 Time(s) /F0wTGo9bRVeZ9MHALPZ6qA/pdf: 1 Time(s) /LPV5bWb2RHqvHxvRFmHErA/pdf: 1 Time(s) /W4CAUIGNS8CQR7NTZk3g3A/pdf: 1 Time(s) /Xu_AkwRlSSCs-QwgS4RjuA/pdf: 1 Time(s) /cdZDOUK6SMuuOAgcE8hemA/pdf: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (47.236.175.136): 44 Time(s) root (103.36.84.194): 36 Time(s) root (179.43.180.106): 32 Time(s) root (218.92.0.40): 24 Time(s) root (218.92.0.45): 24 Time(s) root (218.92.0.55): 18 Time(s) root (218.92.0.43): 17 Time(s) root (218.92.0.28): 12 Time(s) root (218.92.0.51): 12 Time(s) unknown (202.165.16.209): 11 Time(s) root (114-34-122-232.hinet-ip.hinet.net): 6 Time(s) root (129.126.243.175): 6 Time(s) root (183.109.148.15): 6 Time(s) root (218.92.0.33): 6 Time(s) root (218.92.0.52): 6 Time(s) root (218.92.0.53): 6 Time(s) root (47.200.113.85): 6 Time(s) root (c6a7d155.vpn.njalla.net): 5 Time(s) root (174.138.58.211): 3 Time(s) unknown (119.28.105.239): 3 Time(s) unknown (174.138.58.211): 3 Time(s) unknown (185.196.8.151): 3 Time(s) unknown (194.169.175.36): 3 Time(s) unknown (41.207.248.204): 3 Time(s) unknown (45.71.24.198): 3 Time(s) root (100.86.65.34.bc.googleusercontent.com): 2 Time(s) root (45.95.147.236): 2 Time(s) root (mail.web.dneproves.ua): 2 Time(s) root (wsip-174-75-63-184.lv.lv.cox.net): 2 Time(s) unknown (123202018045.ctinets.com): 2 Time(s) unknown (124.89.116.178): 2 Time(s) unknown (128.199.238.36): 2 Time(s) unknown (139.5.17.55): 2 Time(s) unknown (176.32.195.49): 2 Time(s) unknown (185.11.61.88): 2 Time(s) unknown (19010730117.ip71.static.mediacommerce.com.co): 2 Time(s) unknown (206.189.141.115): 2 Time(s) unknown (210.4.68.72): 2 Time(s) unknown (221.165.136.172): 2 Time(s) unknown (25.182.62.50.host.secureserver.net): 2 Time(s) unknown (36.137.22.65): 2 Time(s) unknown (45.95.147.236): 2 Time(s) unknown (58.246.253.218): 2 Time(s) unknown (85.209.11.27): 2 Time(s) unknown (host80.sub-63-46-205.myvzw.com): 2 Time(s) unknown (mail1.oralchirurgie-mosbach.de): 2 Time(s) nobody (129.226.189.223): 1 Time(s) nobody (175.136.228.145): 1 Time(s) nobody (183.88.213.176): 1 Time(s) nobody (190.196.165.186): 1 Time(s) nobody (19010730117.ip71.static.mediacommerce.com.co): 1 Time(s) nobody (2.57.219.2): 1 Time(s) nobody (202.165.16.209): 1 Time(s) nobody (217-210-89-93-no2663.tbcn.telia.com): 1 Time(s) nobody (41.207.248.204): 1 Time(s) nobody (45.115.173.11): 1 Time(s) nobody (65.20.222.114): 1 Time(s) nobody (71.190.9.151): 1 Time(s) root (110.242.49.235): 1 Time(s) root (128.199.238.36): 1 Time(s) root (139.59.9.198): 1 Time(s) root (154.12.58.130): 1 Time(s) root (167.99.8.87): 1 Time(s) root (176.10.248.195): 1 Time(s) root (178.128.106.167): 1 Time(s) root (182.23.64.139): 1 Time(s) root (186-88-2-1.dyn.dsl.cantv.net): 1 Time(s) root (190.113.12.253): 1 Time(s) root (197.249.5.16): 1 Time(s) root (2.57.219.2): 1 Time(s) root (202.165.16.209): 1 Time(s) root (223.197.133.87): 1 Time(s) root (41.79.46.104): 1 Time(s) root (45.14.5.90): 1 Time(s) root (64.227.168.78): 1 Time(s) root (67.207.80.113): 1 Time(s) root (68.183.186.15): 1 Time(s) root (80.120.67.22): 1 Time(s) root (88-176-220-139.subs.proxad.net): 1 Time(s) root (mail1.oralchirurgie-mosbach.de): 1 Time(s) root (ti-002.chefnotepad.com): 1 Time(s) root (vps-8d56cdf9.vps.ovh.net): 1 Time(s) sshd (194.169.175.36): 1 Time(s) sshd (62.122.184.252): 1 Time(s) unknown (014199168188.ctinets.com): 1 Time(s) unknown (024-199-036-058.biz.spectrum.com): 1 Time(s) unknown (1.6.90.157): 1 Time(s) unknown (100.86.65.34.bc.googleusercontent.com): 1 Time(s) unknown (101.78.144.86): 1 Time(s) unknown (101.98.52.66): 1 Time(s) unknown (103.121.19.171): 1 Time(s) unknown (103.129.221.223): 1 Time(s) unknown (103.133.160.160): 1 Time(s) unknown (103.157.114.122): 1 Time(s) unknown (103.157.114.242): 1 Time(s) unknown (103.157.114.66): 1 Time(s) unknown (103.157.114.74): 1 Time(s) unknown (103.157.115.138): 1 Time(s) unknown (103.157.115.26): 1 Time(s) unknown (103.172.205.61): 1 Time(s) unknown (103.250.159.26): 1 Time(s) unknown (103.251.143.14): 1 Time(s) unknown (103.3.43.242): 1 Time(s) unknown (103.4.231.226): 1 Time(s) unknown (103.78.39.214): 1 Time(s) unknown (105.73.203.61): 1 Time(s) unknown (110.39.181.194): 1 Time(s) unknown (110.39.51.118): 1 Time(s) unknown (110.7.40.114): 1 Time(s) unknown (111-70-19-149.emome-ip.hinet.net): 1 Time(s) unknown (111.23.117.97): 1 Time(s) unknown (111.93.170.146): 1 Time(s) unknown (112.14.132.197): 1 Time(s) unknown (112.220.235.237): 1 Time(s) unknown (112.28.128.172): 1 Time(s) unknown (112.28.128.173): 1 Time(s) unknown (113.140.95.250): 1 Time(s) unknown (113.59.34.5): 1 Time(s) unknown (115.135.194.113): 1 Time(s) unknown (116.109.218.66): 1 Time(s) unknown (117.198.97.239): 1 Time(s) unknown (117.220.162.66): 1 Time(s) unknown (117.240.149.39): 1 Time(s) unknown (117.39.63.46): 1 Time(s) unknown (117.4.162.225): 1 Time(s) unknown (117.4.187.19): 1 Time(s) unknown (118.118.234.136): 1 Time(s) unknown (121.202.205.222): 1 Time(s) unknown (122.96.63.50): 1 Time(s) unknown (123.212.20.131): 1 Time(s) unknown (124.167.21.95): 1 Time(s) unknown (124.65.142.62): 1 Time(s) unknown (125-229-102-40.hinet-ip.hinet.net): 1 Time(s) unknown (125.142.192.144): 1 Time(s) unknown (125.66.243.1): 1 Time(s) unknown (128.199.237.60): 1 Time(s) unknown (130.61.173.144): 1 Time(s) unknown (136.255.158.118): 1 Time(s) unknown (139.135.136.34): 1 Time(s) unknown (139.213.240.6): 1 Time(s) unknown (139.59.87.48): 1 Time(s) unknown (14.183.62.50.host.secureserver.net): 1 Time(s) unknown (14.41.43.78): 1 Time(s) unknown (14.98.28.43): 1 Time(s) unknown (14.98.73.66): 1 Time(s) unknown (14.99.199.106): 1 Time(s) unknown (149.23.117.254): 1 Time(s) unknown (150.107.204.146): 1 Time(s) unknown (154.12.58.130): 1 Time(s) unknown (158.140.176.169): 1 Time(s) unknown (158.160.62.27): 1 Time(s) unknown (159.223.57.53): 1 Time(s) unknown (159.223.98.75): 1 Time(s) unknown (159.89.109.235): 1 Time(s) unknown (167.172.86.222): 1 Time(s) unknown (167.99.8.87): 1 Time(s) unknown (175.136.228.145): 1 Time(s) unknown (175.204.36.249): 1 Time(s) unknown (176.121.9.169): 1 Time(s) unknown (178.206.118.34.bc.googleusercontent.com): 1 Time(s) unknown (178.35.155.182): 1 Time(s) unknown (183.233.177.34): 1 Time(s) unknown (183179010068.ctinets.com): 1 Time(s) unknown (185.216.70.138): 1 Time(s) unknown (188-169-66-154.dsl.utg.ge): 1 Time(s) unknown (188.166.211.228): 1 Time(s) unknown (190.155.233.179): 1 Time(s) unknown (19010730118.ip71.static.mediacommerce.com.co): 1 Time(s) unknown (193.222.96.163): 1 Time(s) unknown (194.169.175.35): 1 Time(s) unknown (196.191.212.238): 1 Time(s) unknown (196.28.226.123): 1 Time(s) unknown (2.187.118.61): 1 Time(s) unknown (200.174.198.170): 1 Time(s) unknown (202.134.147.67): 1 Time(s) unknown (202.170.206.211): 1 Time(s) unknown (203.124.60.148): 1 Time(s) unknown (203.76.183.26): 1 Time(s) unknown (206.252.194.38): 1 Time(s) unknown (211.224.208.91): 1 Time(s) unknown (211.243.43.58): 1 Time(s) unknown (213-67-213-21-no2663.tbcn.telia.com): 1 Time(s) unknown (213.154.80.36): 1 Time(s) unknown (217.147.171.48): 1 Time(s) unknown (218.27.148.86): 1 Time(s) unknown (219.139.192.226): 1 Time(s) unknown (22.82-134-69.bkkb.no): 1 Time(s) unknown (220-130-84-232.hinet-ip.hinet.net): 1 Time(s) unknown (220.80.223.144): 1 Time(s) unknown (223.171.91.127): 1 Time(s) unknown (223.19.196.101): 1 Time(s) unknown (31.202.53.78): 1 Time(s) unknown (36.92.114.20): 1 Time(s) unknown (37.114.208.13): 1 Time(s) unknown (37.114.208.9): 1 Time(s) unknown (47.185.18.177): 1 Time(s) unknown (47.185.32.189): 1 Time(s) unknown (47.187.182.21): 1 Time(s) unknown (47.188.209.237): 1 Time(s) unknown (51.250.10.19): 1 Time(s) unknown (59.94.35.242): 1 Time(s) unknown (60-251-229-144.hinet-ip.hinet.net): 1 Time(s) unknown (60.247.92.186): 1 Time(s) unknown (61-221-30-246.hinet-ip.hinet.net): 1 Time(s) unknown (62.122.184.252): 1 Time(s) unknown (62.220.104.155): 1 Time(s) unknown (65.20.145.185): 1 Time(s) unknown (65.20.149.57): 1 Time(s) unknown (65.20.150.2): 1 Time(s) unknown (65.20.152.13): 1 Time(s) unknown (65.20.162.39): 1 Time(s) unknown (65.20.173.115): 1 Time(s) unknown (65.20.173.202): 1 Time(s) unknown (65.20.174.161): 1 Time(s) unknown (65.20.184.175): 1 Time(s) unknown (65.20.190.84): 1 Time(s) unknown (65.20.235.177): 1 Time(s) unknown (65.20.235.80): 1 Time(s) unknown (65.20.250.102): 1 Time(s) unknown (67.207.80.113): 1 Time(s) unknown (67.207.88.231): 1 Time(s) unknown (69-38.mc.ccapcable.com): 1 Time(s) unknown (73.159.182.59): 1 Time(s) unknown (77.206.164.56): 1 Time(s) unknown (78-128-28-128.blagoevgrad.ddns.bulsat.com): 1 Time(s) unknown (78-67-62-35-no2663.tbcn.telia.com): 1 Time(s) unknown (79.171.183.109): 1 Time(s) unknown (81.16.121.86): 1 Time(s) unknown (84.175.242.35.bc.googleusercontent.com): 1 Time(s) unknown (87.88.68.130): 1 Time(s) unknown (89.23.116.75): 1 Time(s) unknown (94.142.51.44): 1 Time(s) unknown (94.201.110.43): 1 Time(s) unknown (94.203.171.157): 1 Time(s) unknown (94.231.123.164): 1 Time(s) unknown (95.164.21.173): 1 Time(s) unknown (95.9.224.218): 1 Time(s) unknown (99-70-214-56.lightspeed.dybhfl.sbcglobal.net): 1 Time(s) unknown (balticom-142-84-61.balticom.lv): 1 Time(s) unknown (c-67-183-162-103.hsd1.wa.comcast.net): 1 Time(s) unknown (c-68-35-16-210.hsd1.al.comcast.net): 1 Time(s) unknown (c-73-155-248-188.hsd1.tx.comcast.net): 1 Time(s) unknown (c-73-231-202-194.hsd1.ca.comcast.net): 1 Time(s) unknown (c-98-221-202-174.hsd1.nj.comcast.net): 1 Time(s) unknown (c-98-52-116-108.hsd1.il.comcast.net): 1 Time(s) unknown (c188-151-36-56.bredband.tele2.se): 1 Time(s) unknown (c188-151-63-219.bredband.tele2.se): 1 Time(s) unknown (c6a7d155.vpn.njalla.net): 1 Time(s) unknown (c83-254-230-160.bredband.tele2.se): 1 Time(s) unknown (client-67-58-229-248.consolidated.net): 1 Time(s) unknown (ec2-3-110-153-58.ap-south-1.compute.amazonaws.com): 1 Time(s) unknown (ec2-54-200-94-105.us-west-2.compute.amazonaws.com): 1 Time(s) unknown (ec2-54-223-28-128.cn-north-1.compute.amazonaws.com.cn): 1 Time(s) unknown (fp73a31e6e.stmb122.ap.nuro.jp): 1 Time(s) unknown (host2.osm3jm.ondsl.gr): 1 Time(s) unknown (ip-130-180-053-198.um40.pools.vodafone-ip.de): 1 Time(s) unknown (ip213-165-73-136.pbiaas.com): 1 Time(s) unknown (lfbn-mar-1-1124-54.w109-208.abo.wanadoo.fr): 1 Time(s) unknown (mx-ll-183.89.210-225.dynamic.3bb.co.th): 1 Time(s) unknown (node-1736.pool-182-53.dynamic.totinternet.net): 1 Time(s) unknown (node-1e1m.pool-101-109.dynamic.totinternet.net): 1 Time(s) unknown (ool-45716aae.dyn.optonline.net): 1 Time(s) unknown (ool-4577f7de.dyn.optonline.net): 1 Time(s) unknown (pool-173-56-88-209.nycmny.ftas.verizon.net): 1 Time(s) unknown (s010644d9e79fa7c2.pk.shawcable.net): 1 Time(s) unknown (static-188-137-77-155.leon.com.pl): 1 Time(s) unknown (vps-b0e7bc94.vps.ovh.net): 1 Time(s) Invalid Users: Unknown Account: 254 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 2 Miscellaneous warnings 18.174K Bytes accepted 18,610 18.174K Bytes sent via SMTP 18,610 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 5 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 5 Total 4xx Rejects 100.00% ======== ================================================== 17 Connections 9 Connections lost (inbound) 17 Disconnections 1 Removed from queue 1 Sent via SMTP 1 SMTP dialog errors 2 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 25 Time(s) Failed logins from: 2.57.219.2: 2 times 34.65.86.100 (100.86.65.34.bc.googleusercontent.com): 2 times 41.79.46.104: 1 time 41.207.248.204: 1 time 45.14.5.90: 1 time 45.83.193.159 (mail.web.dneproves.ua): 2 times 45.95.147.236 (hosted-by.as49870.net): 2 times 45.115.173.11: 1 time 47.200.113.85: 6 times 47.236.175.136: 44 times 62.122.184.252: 1 time 64.227.168.78: 1 time 65.20.222.114: 1 time 67.207.80.113: 1 time 68.183.186.15: 1 time 71.190.9.151 (pool-71-190-9-151.nycmny.fios.verizon.net): 1 time 80.120.67.22: 1 time 87.234.204.235 (mail1.oralchirurgie-mosbach.de): 1 time 88.176.220.139 (88-176-220-139.subs.proxad.net): 1 time 103.36.84.194: 36 times 110.242.49.235: 1 time 114.34.122.232 (114-34-122-232.hinet-ip.hinet.net): 6 times 128.199.238.36: 1 time 129.126.243.175: 6 times 129.226.189.223: 1 time 139.59.9.198: 1 time 141.94.237.232 (vps-8d56cdf9.vps.ovh.net): 1 time 154.12.58.130: 1 time 167.99.8.87: 1 time 174.75.63.184 (wsip-174-75-63-184.lv.lv.cox.net): 2 times 174.138.58.211: 3 times 175.136.228.145: 1 time 176.10.248.195 (se-248-195.integrity.st): 1 time 178.128.51.37 (ti-002.chefnotepad.com): 1 time 178.128.106.167: 1 time 179.43.180.106 (hostedby.privatelayer.com): 32 times 182.23.64.139: 1 time 183.88.213.176 (mx-ll-183.88.213-176.dynamic.3bb.co.th): 1 time 183.109.148.15: 6 times 186.88.2.1 (186-88-2-1.dyn.dsl.cantv.net): 1 time 190.107.30.117 (19010730117.ip71.static.mediacommerce.com.co): 1 time 190.113.12.253: 1 time 190.196.165.186 (static.190.196.165.186.gtdinternet.com): 1 time 194.169.175.36: 1 time 197.249.5.16 (cust16-5-249-197.netcabo.co.mz): 1 time 198.167.209.85 (c6a7d155.vpn.njalla.net): 5 times 202.165.16.209: 2 times 217.210.89.93 (217-210-89-93-no2663.tbcn.telia.com): 1 time 218.92.0.28: 12 times 218.92.0.33: 6 times 218.92.0.40: 24 times 218.92.0.43: 17 times 218.92.0.45: 24 times 218.92.0.51: 12 times 218.92.0.52: 6 times 218.92.0.53: 6 times 218.92.0.55: 18 times 223.197.133.87 (223-197-133-87.static.imsbiz.com): 1 time Illegal users from: 2001:470:1:c84::31 (scan-21c.shadowserver.org): 1 time undef: 77 times 1.6.90.157: 1 time 2.187.118.61: 1 time 3.110.153.58 (ec2-3-110-153-58.ap-south-1.compute.amazonaws.com): 1 time 14.41.43.78: 5 times 14.98.28.43: 1 time 14.98.73.66: 1 time 14.99.199.106: 1 time 14.199.168.188 (014199168188.ctinets.com): 1 time 24.69.81.129 (S010644d9e79fa7c2.pk.shawcable.net): 1 time 24.199.36.58 (024-199-036-058.biz.spectrum.com): 1 time 31.202.53.78 (31-202-53-78-kh.maxnet.ua): 1 time 34.65.86.100 (100.86.65.34.bc.googleusercontent.com): 1 time 34.118.206.178 (178.206.118.34.bc.googleusercontent.com): 1 time 35.242.175.84 (84.175.242.35.bc.googleusercontent.com): 1 time 36.92.114.20: 1 time 36.137.22.65: 2 times 37.114.208.9: 1 time 37.114.208.13: 1 time 37.187.32.207 (vps-b0e7bc94.vps.ovh.net): 1 time 41.207.248.204: 3 times 45.71.24.198: 3 times 45.95.147.236 (hosted-by.as49870.net): 2 times 47.185.18.177: 1 time 47.185.32.189: 1 time 47.187.182.21: 1 time 47.188.209.237: 1 time 47.236.175.136: 16 times 50.62.182.25 (25.182.62.50.host.secureserver.net): 2 times 50.62.183.14 (14.183.62.50.host.secureserver.net): 1 time 51.250.10.19: 1 time 54.200.94.105 (ec2-54-200-94-105.us-west-2.compute.amazonaws.com): 1 time 54.223.28.128 (ec2-54-223-28-128.cn-north-1.compute.amazonaws.com.cn): 1 time 58.246.253.218: 2 times 59.94.35.242: 1 time 60.247.92.186: 1 time 60.251.229.144 (60-251-229-144.hinet-ip.hinet.net): 1 time 61.221.30.246 (61-221-30-246.hinet-ip.hinet.net): 1 time 62.122.184.252: 1 time 62.220.104.155: 1 time 63.46.205.80 (host80.sub-63-46-205.myvzw.com): 2 times 64.62.197.50 (scan-45d.shadowserver.org): 1 time 65.20.145.185: 1 time 65.20.149.57: 1 time 65.20.150.2: 1 time 65.20.152.13: 1 time 65.20.162.39: 1 time 65.20.173.115: 1 time 65.20.173.202: 1 time 65.20.174.161: 1 time 65.20.184.175: 1 time 65.20.190.84: 1 time 65.20.235.80: 1 time 65.20.235.177: 1 time 65.20.250.102: 1 time 67.58.229.248 (client-67-58-229-248.consolidated.net): 1 time 67.183.162.103 (c-67-183-162-103.hsd1.wa.comcast.net): 1 time 67.207.80.113: 1 time 67.207.88.231: 1 time 68.35.16.210 (c-68-35-16-210.hsd1.al.comcast.net): 1 time 69.113.106.174 (ool-45716aae.dyn.optonline.net): 1 time 69.119.247.222 (ool-4577f7de.dyn.optonline.net): 1 time 73.155.248.188 (c-73-155-248-188.hsd1.tx.comcast.net): 1 time 73.159.182.59: 1 time 73.231.202.194 (c-73-231-202-194.hsd1.ca.comcast.net): 1 time 77.206.164.56 (56.164.206.77.rev.sfr.net): 1 time 78.67.62.35 (78-67-62-35-no2663.tbcn.telia.com): 1 time 78.128.28.128 (78-128-28-128.blagoevgrad.ddns.bulsat.com): 1 time 79.171.183.109: 1 time 81.16.121.86: 1 time 82.134.69.22 (22.82-134-69.bkkb.no): 1 time 83.254.230.160 (c83-254-230-160.bredband.tele2.se): 1 time 85.209.11.27: 2 times 87.88.68.130: 1 time 87.234.204.235 (mail1.oralchirurgie-mosbach.de): 2 times 89.23.116.75: 1 time 94.67.125.162 (host2.osm3jm.ondsl.gr): 1 time 94.142.51.44 (ip94-142-51-44.zaindata.jo): 1 time 94.201.110.43: 1 time 94.203.171.157: 1 time 94.231.123.164 (dhcp-dynamic-94-231-123-164.broadband.nlink.ru): 1 time 95.9.224.218 (95.9.224.218.static.ttnet.com.tr): 1 time 95.164.21.173 (vm2163161.stark-industries.solutions): 1 time 98.52.116.108 (c-98-52-116-108.hsd1.il.comcast.net): 1 time 98.221.202.174 (c-98-221-202-174.hsd1.nj.comcast.net): 1 time 99.70.214.56 (99-70-214-56.lightspeed.dybhfl.sbcglobal.net): 1 time 101.78.144.86: 1 time 101.98.52.66 (dice.westbrook.school.nz): 1 time 101.109.253.90 (node-1e1m.pool-101-109.dynamic.totinternet.net): 1 time 103.3.43.242 (static-242.43.3.103-tataidc.co.in): 1 time 103.4.231.226: 1 time 103.78.39.214 (ip-103-78-39-214.moratelindo.net.id): 1 time 103.121.19.171 (host-103-121-19-171.myrepublic.co.id): 1 time 103.129.221.223 (ip103-129-221-223.cloudhost.web.id): 1 time 103.133.160.160: 1 time 103.157.114.66 (66.114.157.103.Ai-bkti-hts.iforte.net.id): 1 time 103.157.114.74 (74.114.157.103.Ai-bkti-hts.iforte.net.id): 1 time 103.157.114.122 (122.114.157.103.Ai-bkti-hts.iforte.net.id): 1 time 103.157.114.242 (242.114.157.103.Ai-bkti-hts.iforte.net.id): 1 time 103.157.115.26 (26.115.157.103.Ai-bkti-hts.iforte.net.id): 1 time 103.157.115.138 (138.115.157.103.Ai-bkti-hts.iforte.net.id): 1 time 103.172.205.61 (ip103-172-205-61.cloudhost.web.id): 1 time 103.250.159.26: 1 time 103.251.143.14: 1 time 105.73.203.61: 1 time 109.208.73.54 (lfbn-mar-1-1124-54.w109-208.abo.wanadoo.fr): 1 time 110.7.40.114: 1 time 110.39.51.118 (WGPON-3951-118.wateen.net): 1 time 110.39.181.194 (WGPON-39181-194.wateen.net): 1 time 111.23.117.97: 1 time 111.70.19.149 (111-70-19-149.emome-ip.hinet.net): 1 time 111.93.170.146: 1 time 112.14.132.197: 1 time 112.28.128.172: 1 time 112.28.128.173: 1 time 112.220.235.237: 1 time 113.59.34.5: 1 time 113.140.95.250: 1 time 115.135.194.113: 1 time 115.163.30.110 (fp73a31e6e.stmb122.ap.nuro.jp): 1 time 116.109.218.66: 1 time 117.4.162.225 (localhost): 1 time 117.4.187.19 (localhost): 1 time 117.39.63.46: 1 time 117.198.97.239: 1 time 117.220.162.66: 1 time 117.240.149.39: 1 time 118.118.234.136: 1 time 119.28.105.239: 3 times 121.202.205.222 (m121-202-205-222.smartone.com): 1 time 122.96.63.50: 1 time 123.202.18.45 (123202018045.ctinets.com): 2 times 123.212.20.131: 1 time 124.65.142.62: 1 time 124.89.116.178: 2 times 124.167.21.95 (95.21.167.124.adsl-pool.sx.cn): 1 time 125.66.243.1 (1.243.66.125.broad.zg.sc.dynamic.163data.com.cn): 1 time 125.142.192.144: 1 time 125.229.102.40 (125-229-102-40.hinet-ip.hinet.net): 1 time 128.199.237.60: 1 time 128.199.238.36: 2 times 130.61.173.144: 1 time 130.180.53.198 (ip-130-180-053-198.um40.pools.vodafone-ip.de): 1 time 136.255.158.118: 1 time 139.5.17.55: 2 times 139.59.87.48: 1 time 139.135.136.34: 1 time 139.213.240.6 (6.240.213.139.adsl-pool.jlccptt.net.cn): 1 time 149.23.117.254: 1 time 150.107.204.146: 1 time 154.12.58.130: 1 time 158.140.176.169 (host-158.140.176-169.myrepublic.co.id): 1 time 158.160.62.27: 1 time 159.89.109.235: 1 time 159.223.57.53: 1 time 159.223.98.75: 1 time 167.99.8.87: 1 time 167.172.86.222: 1 time 173.56.88.209 (pool-173-56-88-209.nycmny.ftas.verizon.net): 1 time 174.138.58.211: 3 times 175.136.228.145: 1 time 175.204.36.249: 5 times 176.32.195.49: 2 times 176.121.9.169: 1 time 178.35.155.182 (dsl-178-35-155-182.avtlg.ru): 1 time 182.53.218.34 (node-1736.pool-182-53.dynamic.totinternet.net): 1 time 183.89.210.225 (mx-ll-183.89.210-225.dynamic.3bb.co.th): 1 time 183.179.10.68 (183179010068.ctinets.com): 1 time 183.233.177.34: 1 time 185.11.61.88: 2 times 185.196.8.151: 3 times 185.216.70.138: 1 time 188.137.77.155 (static-188-137-77-155.leon.com.pl): 1 time 188.151.36.56 (c188-151-36-56.bredband.tele2.se): 1 time 188.151.63.219 (c188-151-63-219.bredband.tele2.se): 1 time 188.166.211.228: 1 time 188.169.66.154 (188-169-66-154.dsl.utg.ge): 1 time 190.107.30.117 (19010730117.ip71.static.mediacommerce.com.co): 2 times 190.107.30.118 (19010730118.ip71.static.mediacommerce.com.co): 1 time 190.155.233.179 (179.190-155-233.uio.satnet.net): 1 time 193.222.96.163: 1 time 194.169.175.35: 1 time 194.169.175.36: 3 times 196.28.226.123: 1 time 196.191.212.238: 1 time 198.167.209.85 (c6a7d155.vpn.njalla.net): 1 time 200.174.198.170 (200-174-198-170.embratel.cloud): 1 time 202.134.147.67: 1 time 202.165.16.209: 11 times 202.170.206.211 (ws211-206.170.202.rcil.gov.in): 1 time 203.76.183.26: 1 time 203.124.60.148: 1 time 206.189.141.115: 2 times 206.252.194.38: 1 time 210.4.68.72 (210.4.68-72.bdcom.com): 2 times 211.224.208.91: 1 time 211.243.43.58: 1 time 212.142.84.61 (balticom-142-84-61.balticom.lv): 1 time 213.67.213.21 (213-67-213-21-no2663.tbcn.telia.com): 1 time 213.154.80.36: 1 time 213.165.73.136 (ip213-165-73-136.pbiaas.com): 1 time 216.113.69.38 (69-38.mc.ccapcable.com): 1 time 217.147.171.48: 1 time 218.27.148.86 (86.148.27.218.adsl-pool.jlccptt.net.cn): 1 time 219.139.192.226: 1 time 220.80.223.144: 1 time 220.130.84.232 (220-130-84-232.hinet-ip.hinet.net): 1 time 221.165.136.172: 2 times 223.19.196.101 (101-196-19-223-on-nets.com): 1 time 223.171.91.127: 1 time **Unmatched Entries** Disconnecting: Protocol error: expected packet type 21, got 20 [preauth] : 4 time(s) fatal: buffer_get_string: buffer error [preauth] : 1 time(s) error: buffer_get_string_ret: incomplete message [preauth] : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop19598p1 394G 243G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

1 Jahr, 7 Monate

1
0
0 / 0

Undelivered Mail Returned to Sender

by MAILER-DAEMON＠zapf.in

This is the mail system at host mail.zapf.in. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system <javensr(a)countryday.net>: host countryday-net.mail.protection.outlook.com[52.101.8.44] said: 550 5.4.1 Recipient address rejected: Access denied. [DS2PEPF00003442.namprd04.prod.outlook.com 2024-03-20T02:10:56.912Z 08DC4689FAE2169A] (in reply to RCPT TO command)

1 Jahr, 7 Monate

1
0
0 / 0

You have 11 pending messages

by zapf.in

1 Jahr, 7 Monate

1
0
0 / 0

Undeliverable: [ZaPF-Lists] Bitte bestätige deine E-Mail-Adresse

by postmaster＠eccaremgt.org

[https://products.office.com/en-us/CMSImages/Office365Logo_Orange.png?vers...] Your message to JBOWES(a)ECCAREMGT.ORG couldn't be delivered. JBOWES wasn't found at eccaremgt.org. topf Office 365 JBOWES Action Required Recipient Unknown To address How to Fix It The address may be misspelled or may not exist. Try one or more of the following: * Send the message again following these steps: In Outlook, open this non-delivery report (NDR) and choose Send Again from the Report ribbon. In Outlook on the web, select this NDR, then select the link "To send this message again, click here." Then delete and retype the entire recipient address. If prompted with an Auto-Complete List suggestion don't select it. After typing the complete address, click Send. * Contact the recipient (by phone, for example) to check that the address exists and is correct. * The recipient may have set up email forwarding to an incorrect address. Ask them to check that any forwarding they've set up is working correctly. * Clear the recipient Auto-Complete List in Outlook or Outlook on the web by following the steps in this article: Fix email delivery issues for error code 5.1.10 in Office 365<https://go.microsoft.com/fwlink/?LinkId=532972>, and then send the message again. Retype the entire recipient address before selecting Send. If the problem continues, forward this message to your email admin. If you're an email admin, refer to the More Info for Email Admins section below. Was this helpful? Send feedback to Microsoft<https://go.microsoft.com/fwlink/?LinkId=525921>. ________________________________ More Info for Email Admins Status code: 550 5.1.10 This error occurs because the sender sent a message to an email address hosted by Office 365 but the address is incorrect or doesn't exist at the destination domain. The error is reported by the recipient domain's email server, but most often it must be fixed by the person who sent the message. If the steps in the How to Fix It section above don't fix the problem, and you're the email admin for the recipient, try one or more of the following: The email address exists and is correct - Confirm that the recipient address exists, is correct, and is accepting messages. Synchronize your directories - If you have a hybrid environment and are using directory synchronization make sure the recipient's email address is synced correctly in both Office 365 and in your on-premises directory. Errant forwarding rule - Check for forwarding rules that aren't behaving as expected. Forwarding can be set up by an admin via mail flow rules or mailbox forwarding address settings, or by the recipient via the Inbox Rules feature. Recipient has a valid license - Make sure the recipient has an Office 365 license assigned to them. The recipient's email admin can use the Office 365 admin center to assign a license (Users > Active Users > select the recipient > Assigned License > Edit). Mail flow settings and MX records are not correct - Misconfigured mail flow or MX record settings can cause this error. Check your Office 365 mail flow settings to make sure your domain and any mail flow connectors are set up correctly. Also, work with your domain registrar to make sure the MX records for your domain are configured correctly. For more information and additional tips to fix this issue, see Fix email delivery issues for error code 5.1.10 in Office 365<https://go.microsoft.com/fwlink/?LinkId=532972>. Original Message Details Created Date: 3/19/2024 2:07:35 PM Sender Address: topf(a)zapf.in Recipient Address: JBOWES(a)ECCAREMGT.ORG Subject: [ZaPF-Lists] Bitte bestätige deine E-Mail-Adresse Error Details Error: 550 5.1.10 RESOLVER.ADR.RecipientNotFound; Recipient JBOWES(a)ECCAREMGT.ORG not found by SMTP address lookup Message rejected by: BL3PR01MB6931.prod.exchangelabs.com Notification Details Sent by: BL3PR01MB6931.prod.exchangelabs.com Message Hops HOP TIME (UTC) FROM TO WITH RELAY TIME 1 3/19/2024 2:07:35 PM localhost mail.zapf.in ESMTPS * 2 3/19/2024 2:07:42 PM mail.zapf.in mx1-us1.ppe-hosted.com ESMTPS 7 sec 3 3/19/2024 2:07:45 PM dispatch1-us1.ppe-hosted.com CH2PEPF0000014A.mail.protection.outlook.com Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) 3 sec 4 3/19/2024 2:07:47 PM CH2PEPF0000014A.namprd02.prod.outlook.com CH2PR05CA0029.outlook.office365.com Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) 2 sec 5 3/19/2024 2:07:47 PM CH2PR05CA0029.namprd05.prod.outlook.com BL3PR01MB6931.prod.exchangelabs.com Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) * Original Message Headers Received: from CH2PR05CA0029.namprd05.prod.outlook.com (2603:10b6:610::42) by BL3PR01MB6931.prod.exchangelabs.com (2603:10b6:208:356::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7386.29; Tue, 19 Mar 2024 14:07:47 +0000 Received: from CH2PEPF0000014A.namprd02.prod.outlook.com (2603:10b6:610:0:cafe::12) by CH2PR05CA0029.outlook.office365.com (2603:10b6:610::42) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.11 via Frontend Transport; Tue, 19 Mar 2024 14:07:47 +0000 Authentication-Results: spf=fail (sender IP is 148.163.129.48) smtp.mailfrom=zapf.in; dkim=none (message not signed) header.d=none;dmarc=temperror action=none header.from=zapf.in; Received-SPF: Fail (protection.outlook.com: domain of zapf.in does not designate 148.163.129.48 as permitted sender) receiver=protection.outlook.com; client-ip=148.163.129.48; helo=dispatch1-us1.ppe-hosted.com; Received: from dispatch1-us1.ppe-hosted.com (148.163.129.48) by CH2PEPF0000014A.mail.protection.outlook.com (10.167.244.107) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.10 via Frontend Transport; Tue, 19 Mar 2024 14:07:45 +0000 Authentication-Results-Original: ppe-hosted.com; spf=pass smtp.mailfrom=zapf.in; dmarc=none header.from=zapf.in header.policy=none; X-Virus-Scanned: Proofpoint Essentials engine Received: from mail.zapf.in (hetzner.zapf.in [94.130.65.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1-us1.ppe-hosted.com (PPE Hosted ESMTP Server) with ESMTPS id 16471C0009F for <JBOWES(a)ECCAREMGT.ORG>; Tue, 19 Mar 2024 14:07:42 +0000 (UTC) Received: from localhost (localhost [IPv6:::1]) by mail.zapf.in (Postfix) with ESMTPS id ADA15E042C for <JBOWES(a)ECCAREMGT.ORG>; Tue, 19 Mar 2024 15:07:35 +0100 (CET) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Subject: =?utf-8?q?=5BZaPF-Lists=5D_Bitte_best=C3=A4tige_deine_E-Mail-Adresse?= From: topf(a)zapf.in To: JBOWES(a)ECCAREMGT.ORG Date: Tue, 19 Mar 2024 14:07:35 -0000 Message-ID: <171085725569.278.950749880234820476@localhost> X-MDID: 1710857263-gYYj5qAMe3RV X-MDID-I: us5;ut7;1710857263;gYYj5qAMe3RV;<topf(a)zapf.in>;179438640a889d21a7561ca7db951677 Return-Path: topf(a)zapf.in X-EOPAttributedMessage: 0 X-EOPTenantAttributedMessage: bd124aad-6f8f-4e2f-b0f4-4d126e529160:0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH2PEPF0000014A:EE_|BL3PR01MB6931:EE_ X-MS-Office365-Filtering-Correlation-Id: c9772c64-c5b8-4b98-bc8b-08dc481df3dd

1 Jahr, 7 Monate

1
0
0 / 0

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Tue Mar 19 04:42:03 2024 Date Range Processed: yesterday ( 2024-Mar-18 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 33:33 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 179.43.180.106 -> 49.13.151.148:5555: 1 Time(s) A total of 11 sites probed the server 138.197.28.126 138.68.208.46 139.59.58.140 152.42.212.135 198.199.92.134 198.235.24.114 198.235.24.238 45.128.232.191 66.240.205.34 74.82.47.3 87.251.64.153 Requests with error response codes 400 Bad Request null: 15 Time(s) mstshash=Administr: 7 Time(s) *: 6 Time(s) /: 5 Time(s) /.env: 1 Time(s) /favicon.ico: 1 Time(s) 49.13.151.148:5555: 1 Time(s) \x07\xF5\xCA\x9B\xBA?+\x7F\x80\xFB: 1 Time(s) \x18\xAE\x92<F\xBFS\xF3\xAE\x09\xFF\xE8\xD ... x09\xC0\x14\xC0: 1 Time(s) \xE40Y\xFEJ%x\x88\x0B\xED\x02\xA49\x84=\xE ... x09\xC0\x14\xC0: 1 Time(s) \xFEr\xB7\xB8\xD6\xE7\xA0\x896a/\x00\x00\x ... x09\xC0\x14\xC0: 1 Time(s) ]\xDF\x0F\xBC//\xFA}\x9Bb\xDC\xA1.\xBD&]\xDFD;: 1 Time(s) 500 Internal Server Error /: 57 Time(s) /.env: 6 Time(s) /.git/config: 6 Time(s) /cgi-bin/luci/;stok=/locale?form=country&o ... 20.%2Ftenda.sh): 2 Time(s) /favicon.ico: 2 Time(s) /.well-known/security.txt: 1 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /FD873AC4-CF86-4FED-84EC-4BD59C6F17A7: 1 Time(s) /actuator/gateway/routes: 1 Time(s) /actuator/health: 1 Time(s) /api.json: 1 Time(s) /autodiscover/autodiscover.json?@zdi/Powershell: 1 Time(s) /docker-compose.yml: 1 Time(s) /geoserver/web/: 1 Time(s) /info.php: 1 Time(s) /robots.txt: 1 Time(s) /sendgrid.env: 1 Time(s) /version: 1 Time(s) /webui/: 1 Time(s) 502 Bad Gateway /0UvGs4_tS96nBJR8_3s22w/pdf: 1 Time(s) /1sUrbDPnRPO14t0k66Jlig/pdf: 1 Time(s) /6lQV19a7TVerl8yEJ2vCLQ/pdf: 1 Time(s) /7MJ3fYYeSt6NNHrCr2upag/pdf: 1 Time(s) /7jwd27jqSqyTeQN-crCNpQ/pdf: 1 Time(s) /9igFCEdFSomw4HrDmKD5JQ/pdf: 1 Time(s) /FCDj6VIwTKm8h8i9d5B8FQ/pdf: 1 Time(s) /HJQnJPlrQZiMJi9HvD0qWA/pdf: 1 Time(s) /HQRuyRIvSWi2CzWlobKfMA/pdf: 1 Time(s) /IMaThXcFRzyCNIcz9TkidQ/pdf: 1 Time(s) /R4z4mBDLSPWY6fV0d3vqjg/pdf: 1 Time(s) /WBpjrPU6QDmYns7aYwCn8A/pdf: 1 Time(s) /e9MRve_5Ss-WIGygIFrjDw/pdf: 1 Time(s) /klausurtagung_garching%3E/pdf: 1 Time(s) /rHu6N32pQtmByz067anNsw/pdf: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (103.36.84.194): 84 Time(s) root (162.240.146.93): 79 Time(s) root (179.43.180.106): 25 Time(s) root (mail.rokor.kz): 18 Time(s) unknown (194.169.175.36): 10 Time(s) unknown (139.59.16.110): 9 Time(s) unknown (202.165.16.209): 8 Time(s) unknown (85.209.11.254): 8 Time(s) root (164.92.95.215): 6 Time(s) root (218.149.19.39): 6 Time(s) root (92-108-18-13.cable.dynamic.v4.ziggo.nl): 6 Time(s) root (c-185-45-239-65.customer.ggaweb.ch): 6 Time(s) unknown (194.169.175.35): 6 Time(s) root (85.209.11.27): 5 Time(s) unknown (121.158.203.212): 5 Time(s) unknown (159.203.10.201): 5 Time(s) unknown (19010730117.ip71.static.mediacommerce.com.co): 5 Time(s) unknown (185.224.128.34): 4 Time(s) unknown (85.209.11.27): 4 Time(s) root (85.209.11.254): 3 Time(s) unknown (167.99.117.16): 3 Time(s) unknown (220.74.78.244): 3 Time(s) root (19010730117.ip71.static.mediacommerce.com.co): 2 Time(s) unknown (103.157.114.186): 2 Time(s) unknown (103.157.114.66): 2 Time(s) unknown (200.26.233.245): 2 Time(s) unknown (65.20.166.97): 2 Time(s) unknown (dslb-092-075-135-104.092.075.pools.vodafone-ip.de): 2 Time(s) unknown (mail.pi.net.ua): 2 Time(s) nobody (114-32-191-1.hinet-ip.hinet.net): 1 Time(s) nobody (115.187.61.70): 1 Time(s) nobody (222.217.65.21): 1 Time(s) nobody (lfbn-idf2-1-1001-109.w86-238.abo.wanadoo.fr): 1 Time(s) root (122-117-15-25.hinet-ip.hinet.net): 1 Time(s) root (14.98.28.43): 1 Time(s) root (159.203.10.201): 1 Time(s) root (194.169.175.35): 1 Time(s) root (194.169.175.36): 1 Time(s) root (200.11.109.32): 1 Time(s) root (218.248.17.227): 1 Time(s) root (36.137.22.65): 1 Time(s) root (47.185.32.189): 1 Time(s) root (65.20.144.159): 1 Time(s) root (65.20.152.71): 1 Time(s) root (65.20.192.5): 1 Time(s) root (65.20.192.58): 1 Time(s) root (c-67-177-243-114.hsd1.co.comcast.net): 1 Time(s) root (c151-177-209-203.bredband.tele2.se): 1 Time(s) root (c188-149-255-119.bredband.tele2.se): 1 Time(s) sshd (85.209.11.27): 1 Time(s) unknown (1.9.249.234): 1 Time(s) unknown (102.16.85.8): 1 Time(s) unknown (103.157.114.106): 1 Time(s) unknown (103.157.114.74): 1 Time(s) unknown (103.157.88.15): 1 Time(s) unknown (103.91.103.51): 1 Time(s) unknown (111-70-36-174.emome-ip.hinet.net): 1 Time(s) unknown (112.196.59.146): 1 Time(s) unknown (113.183.67.127): 1 Time(s) unknown (114-32-191-1.hinet-ip.hinet.net): 1 Time(s) unknown (119.93.87.71): 1 Time(s) unknown (119247187113.ctinets.com): 1 Time(s) unknown (122.14.197.22): 1 Time(s) unknown (124.104.151.235): 1 Time(s) unknown (124.65.142.62): 1 Time(s) unknown (125.209.118.235): 1 Time(s) unknown (139.59.16.168): 1 Time(s) unknown (164.92.95.215): 1 Time(s) unknown (167-179-148-169.a7b394.syd.nbn.aussiebb.net): 1 Time(s) unknown (172.210.34.226): 1 Time(s) unknown (179.84.173.90): 1 Time(s) unknown (183.196.174.235): 1 Time(s) unknown (185.39.167.72.host.secureserver.net): 1 Time(s) unknown (188-169-66-154.dsl.utg.ge): 1 Time(s) unknown (191.241.235.54): 1 Time(s) unknown (191.36.157.35): 1 Time(s) unknown (199.162.178.68.host.secureserver.net): 1 Time(s) unknown (203-69-238-26.hinet-ip.hinet.net): 1 Time(s) unknown (210.4.68.73): 1 Time(s) unknown (211.107.124.218): 1 Time(s) unknown (211.109.93.134): 1 Time(s) unknown (211.169.212.206): 1 Time(s) unknown (211.216.58.204): 1 Time(s) unknown (217-211-252-37-no2663.tbcn.telia.com): 1 Time(s) unknown (218.188.217.102): 1 Time(s) unknown (219-89-206-236.adsl.xtra.co.nz): 1 Time(s) unknown (222.128.28.202): 1 Time(s) unknown (222.74.217.106): 1 Time(s) unknown (25.red-95-124-251.staticip.rima-tde.net): 1 Time(s) unknown (36.137.22.65): 1 Time(s) unknown (4.224.63.83): 1 Time(s) unknown (4.232.161.33): 1 Time(s) unknown (41.207.248.204): 1 Time(s) unknown (45.71.24.198): 1 Time(s) unknown (61.185.50.166): 1 Time(s) unknown (62.183.82.70): 1 Time(s) unknown (62.201.223.132): 1 Time(s) unknown (65.20.129.205): 1 Time(s) unknown (65.20.132.251): 1 Time(s) unknown (65.20.150.90): 1 Time(s) unknown (65.20.161.130): 1 Time(s) unknown (65.20.172.104): 1 Time(s) unknown (65.20.175.32): 1 Time(s) unknown (65.20.178.174): 1 Time(s) unknown (65.20.184.25): 1 Time(s) unknown (65.20.204.17): 1 Time(s) unknown (65.20.204.228): 1 Time(s) unknown (65.76.237.121): 1 Time(s) unknown (77.47.94.16): 1 Time(s) unknown (80.191.71.68): 1 Time(s) unknown (82-65-140-218.subs.proxad.net): 1 Time(s) unknown (85.51.24.68): 1 Time(s) unknown (87.200.225.10): 1 Time(s) unknown (91.74.96.181): 1 Time(s) unknown (94.45.113.113): 1 Time(s) unknown (95.38.15.2): 1 Time(s) unknown (95.65.98.254): 1 Time(s) unknown (95.9.224.218): 1 Time(s) unknown (c-67-160-200-79.hsd1.ca.comcast.net): 1 Time(s) unknown (c-73-171-144-54.hsd1.fl.comcast.net): 1 Time(s) unknown (c80-217-108-111.bredband.tele2.se): 1 Time(s) unknown (cable-84-43-254-214.mnet.bg): 1 Time(s) unknown (ip68-111-93-31.oc.oc.cox.net): 1 Time(s) unknown (ip68-2-152-102.ph.ph.cox.net): 1 Time(s) unknown (n11211911093.netvigator.com): 1 Time(s) unknown (n1164828130.netvigator.com): 1 Time(s) unknown (node-1736.pool-182-53.dynamic.totinternet.net): 1 Time(s) unknown (red71-200.powerfast.net): 1 Time(s) unknown (s0106001aae04a6d0.vc.shawcable.net): 1 Time(s) unknown (s83-188-240-220.cust.comviq.se): 1 Time(s) unknown (softbank126049119110.bbtec.net): 1 Time(s) unknown (static-47-206-124-11.tamp.fl.frontiernet.net): 1 Time(s) Invalid Users: Unknown Account: 168 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 18.271K Bytes accepted 18,710 18.271K Bytes sent via SMTP 18,710 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 1 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 1 Total 4xx Rejects 100.00% ======== ================================================== 58 Connections 18 Connections lost (inbound) 58 Disconnections 1 Removed from queue 1 Sent via SMTP 1 SMTP dialog errors 14 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 3 Time(s) Failed logins from: 14.98.28.43: 1 time 36.137.22.65: 1 time 47.185.32.189: 1 time 65.20.144.159: 1 time 65.20.152.71: 1 time 65.20.192.5: 1 time 65.20.192.58: 1 time 67.177.243.114 (c-67-177-243-114.hsd1.co.comcast.net): 1 time 85.209.11.27: 6 times 85.209.11.254: 3 times 86.238.232.109 (lfbn-idf2-1-1001-109.w86-238.abo.wanadoo.fr): 1 time 92.108.18.13 (92-108-18-13.cable.dynamic.v4.ziggo.nl): 6 times 103.36.84.194: 84 times 114.32.191.1 (114-32-191-1.hinet-ip.hinet.net): 1 time 115.187.61.70 (node-115-187-61-70.alliancebroadband.in): 1 time 122.117.15.25 (122-117-15-25.hinet-ip.hinet.net): 1 time 151.177.209.203 (c151-177-209-203.bredband.tele2.se): 1 time 159.203.10.201: 1 time 162.240.146.93 (7229191.fundamicro.net): 79 times 164.92.95.215: 6 times 178.88.167.38 (mail.rokor.kz): 18 times 179.43.180.106 (hostedby.privatelayer.com): 25 times 185.45.239.65 (c-185-45-239-65.customer.ggaweb.ch): 6 times 188.149.255.119 (c188-149-255-119.bredband.tele2.se): 1 time 190.107.30.117 (19010730117.ip71.static.mediacommerce.com.co): 2 times 194.169.175.35: 1 time 194.169.175.36: 1 time 200.11.109.32: 1 time 218.149.19.39: 6 times 218.248.17.227: 1 time 222.217.65.21: 1 time Illegal users from: 2001:470:1:c84::23 (scan-13p.shadowserver.org): 1 time undef: 49 times 1.9.249.234 (nexusnetwork.com.my): 1 time 4.224.63.83: 1 time 4.232.161.33: 1 time 24.86.28.152 (S0106001aae04a6d0.vc.shawcable.net): 1 time 36.137.22.65: 1 time 41.207.248.204: 1 time 45.71.24.198: 1 time 47.206.124.11 (static-47-206-124-11.tamp.fl.frontiernet.net): 1 time 61.185.50.166: 1 time 62.183.82.70 (net-62-183-82-70.kbrnet.ru): 1 time 62.201.223.132: 1 time 64.62.197.185 (scan-42d.shadowserver.org): 1 time 65.20.129.205: 1 time 65.20.132.251: 1 time 65.20.150.90: 1 time 65.20.161.130: 1 time 65.20.166.97: 2 times 65.20.172.104: 1 time 65.20.175.32: 1 time 65.20.178.174: 1 time 65.20.184.25: 1 time 65.20.204.17: 1 time 65.20.204.228: 1 time 65.76.237.121: 1 time 67.160.200.79 (c-67-160-200-79.hsd1.ca.comcast.net): 1 time 68.2.152.102 (ip68-2-152-102.ph.ph.cox.net): 1 time 68.111.93.31 (ip68-111-93-31.oc.oc.cox.net): 1 time 68.178.162.199 (199.162.178.68.host.secureserver.net): 1 time 72.167.39.185 (185.39.167.72.host.secureserver.net): 1 time 73.171.144.54 (c-73-171-144-54.hsd1.fl.comcast.net): 1 time 77.47.94.16 (77.47.94.16.dyn.pyur.net): 1 time 78.102.14.10 (ip-78-102-14-10.net.vodafone.cz): 6 times 80.191.71.68: 1 time 80.217.108.111 (c80-217-108-111.bredband.tele2.se): 1 time 82.65.140.218 (82-65-140-218.subs.proxad.net): 1 time 83.188.240.220 (s83-188-240-220.cust.comviq.se): 1 time 84.43.254.214 (cable-84-43-254-214.mnet.bg): 1 time 85.51.24.68 (68.pool85-51-24.static.orange.es): 1 time 85.209.11.27: 5 times 85.209.11.254: 10 times 87.200.225.10: 1 time 91.74.96.181: 1 time 92.75.135.104 (dslb-092-075-135-104.092.075.pools.vodafone-ip.de): 2 times 94.45.113.113: 1 time 95.9.224.218 (95.9.224.218.static.ttnet.com.tr): 1 time 95.38.15.2: 1 time 95.65.98.254 (95-65-98-254.starnet.md): 1 time 95.124.251.25 (25.red-95-124-251.staticip.rima-tde.net): 1 time 102.16.85.8 (tgn.16.85.8.tgn.mg): 1 time 103.91.103.51: 1 time 103.157.88.15: 1 time 103.157.114.66 (66.114.157.103.Ai-bkti-hts.iforte.net.id): 2 times 103.157.114.74 (74.114.157.103.Ai-bkti-hts.iforte.net.id): 1 time 103.157.114.106 (106.114.157.103.Ai-bkti-hts.iforte.net.id): 1 time 103.157.114.186 (186.114.157.103.Ai-bkti-hts.iforte.net.id): 2 times 110.42.200.114: 1 time 111.70.36.174 (111-70-36-174.emome-ip.hinet.net): 1 time 112.119.11.93 (n11211911093.netvigator.com): 1 time 112.196.59.146: 1 time 113.106.88.146: 5 times 113.183.67.127 (static.vnpt.vn): 1 time 114.32.191.1 (114-32-191-1.hinet-ip.hinet.net): 1 time 116.48.28.130 (n1164828130.netvigator.com): 1 time 119.93.87.71 (119.93.87.71.static.pldt.net): 1 time 119.247.187.113 (119247187113.ctinets.com): 1 time 121.158.203.212: 5 times 122.14.197.22: 1 time 124.65.142.62: 1 time 124.104.151.235 (124.104.151.235.pldt.net): 1 time 125.209.118.235 (webmail.macter.com): 1 time 126.49.119.110 (softbank126049119110.bbtec.net): 1 time 139.59.16.110: 9 times 139.59.16.168: 1 time 159.203.10.201: 5 times 164.92.95.215: 1 time 167.99.117.16: 3 times 167.179.148.169 (167-179-148-169.a7b394.syd.nbn.aussiebb.net): 1 time 172.210.34.226: 1 time 179.84.173.90 (179-84-173-90.user.vivozap.com.br): 1 time 182.53.218.34 (node-1736.pool-182-53.dynamic.totinternet.net): 1 time 183.196.174.235: 1 time 185.224.128.34: 4 times 188.169.66.154 (188-169-66-154.dsl.utg.ge): 1 time 190.107.30.117 (19010730117.ip71.static.mediacommerce.com.co): 5 times 190.107.71.200 (red71-200.powerfast.net): 1 time 191.36.157.35 (vipturbo.com.br): 1 time 191.241.235.54: 1 time 193.110.89.2 (mail.pi.net.ua): 2 times 194.169.175.35: 6 times 194.169.175.36: 10 times 200.26.233.245: 2 times 202.165.16.209: 8 times 203.69.238.26 (203-69-238-26.hinet-ip.hinet.net): 1 time 210.4.68.73 (210.4.68-73.bdcom.com): 1 time 211.107.124.218: 5 times 211.109.93.134: 1 time 211.169.212.206: 1 time 211.216.58.204: 1 time 217.211.252.37 (217-211-252-37-no2663.tbcn.telia.com): 1 time 218.188.217.102 (static-bbs-102-217-188-218-on-nets.com): 1 time 219.89.206.236 (219-89-206-236.adsl.xtra.co.nz): 1 time 220.74.78.244: 3 times 222.74.217.106: 1 time 222.128.28.202: 1 time **Unmatched Entries** Disconnecting: Protocol error: expected packet type 21, got 20 [preauth] : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop19598p1 394G 243G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

1 Jahr, 7 Monate

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

TOPF März 2024