Logwatch for h2361197.stratoserver.net (Linux)

Dienstag, 21 Mai 2019


 
 ################### Logwatch 7.4.0 (03/01/11) #################### 
        Processing Initiated: Tue May 21 04:42:06 2019
        Date Range Processed: yesterday
                              ( 2019-May-20 )
                              Period is day.
        Detail Level of Output: 0
        Type of Output/Format: mail / text
        Logfiles for Host: h2361197.stratoserver.net
 ################################################################## 
 
 --------------------- fail2ban-messages Begin ------------------------ 

 Banned services with Fail2Ban:				 Bans:Unbans
    ssh:                                                    [377:380]
 
 ---------------------- fail2ban-messages End ------------------------- 

 
 --------------------- httpd Begin ------------------------ 

 
 A total of 1 sites probed the server 
    5.188.210.101
 
 Requests with error response codes
    400 Bad Request
       mstshash=Administr: 3 Time(s)
       /robots.txt: 2 Time(s)
       mstshash=Test: 2 Time(s)
       null: 2 Time(s)
       /: 1 Time(s)
    404 Not Found
       /robots.txt: 21 Time(s)
       /berlin/apple-touch-icon.png: 8 Time(s)
       /build/mathjax/config/tex-ams-mml_htmlormml.js: 2 Time(s)
       /berlin/orientierung/apple-touch-icon.png: 1 Time(s)
       /wp-login.php: 1 Time(s)
    499 (undefined)
       /reader/1992-wi-reader_mu92.pdf: 1 Time(s)
    500 Internal Server Error
       /: 16 Time(s)
       /admin//config.php: 1 Time(s)
       /login_sid.lua: 1 Time(s)
 
 ---------------------- httpd End ------------------------- 

 
 --------------------- pam_unix Begin ------------------------ 

 sshd:
    Authentication Failures:
       unknown (118.89.26.58): 76 Time(s)
       unknown (202.70.89.55): 62 Time(s)
       unknown (113.161.66.214): 61 Time(s)
       unknown (1.83.94.4): 60 Time(s)
       unknown (207.236.146.198): 54 Time(s)
       unknown (177.ip-137-74-199.eu): 53 Time(s)
       unknown (46.105.89.195): 53 Time(s)
       unknown (159.65.84.164): 51 Time(s)
       unknown (37-252-190-224.rev.ipax.at): 51 Time(s)
       unknown (128.154.199.35.bc.googleusercontent.com): 50 Time(s)
       unknown (173-12-157-141-northgulf.hfc.comcastbusiness.net): 50 Time(s)
       unknown (ip104.ip-217-182-158.eu): 50 Time(s)
       unknown (128.199.220.232): 48 Time(s)
       unknown (74.208.252.136): 45 Time(s)
       unknown (107.ip-158-69-215.net): 39 Time(s)
       unknown (111.ip-51-77-140.eu): 39 Time(s)
       unknown (120.88.185.39): 36 Time(s)
       unknown (177.206.87.206.static.gvt.net.br): 35 Time(s)
       unknown (182.140.196.20): 35 Time(s)
       unknown (190.147.166.247): 34 Time(s)
       unknown (118.24.121.65): 30 Time(s)
       unknown (181.49.43.238): 29 Time(s)
       unknown (189.206.1.142): 28 Time(s)
       unknown (119.29.39.236): 26 Time(s)
       unknown (l37-195-205-135.novotelecom.ru): 25 Time(s)
       unknown (159.203.139.128): 23 Time(s)
       unknown (ns549998.ip-142-44-137.net): 21 Time(s)
       unknown (222.128.13.94): 16 Time(s)
       unknown (111.230.21.80): 14 Time(s)
       unknown (178.128.107.61): 13 Time(s)
       unknown (112.170.78.118): 12 Time(s)
       unknown (128.199.244.39): 11 Time(s)
       unknown (119.29.247.225): 10 Time(s)
       unknown (121.191.177.224): 10 Time(s)
       unknown (c-24-2-205-235.hsd1.ma.comcast.net): 8 Time(s)
       unknown (66-190-183-35.dhcp.jcsn.tn.charter.com): 7 Time(s)
       unknown (137.110.67.98): 6 Time(s)
       unknown (193.201.224.232): 5 Time(s)
       unknown (159.65.144.233): 4 Time(s)
       unknown (193.32.163.89): 4 Time(s)
       postgres (202.70.89.55): 3 Time(s)
       unknown (143.ip-51-38-179.eu): 3 Time(s)
       unknown (212.83.183.155): 3 Time(s)
       unknown (mcp.org.py): 3 Time(s)
       postgres (181.49.43.238): 2 Time(s)
       unknown (1.232.77.181): 2 Time(s)
       unknown (103.21.148.16): 2 Time(s)
       unknown (115.254.63.52): 2 Time(s)
       unknown (119.28.57.220): 2 Time(s)
       unknown (162.ip-54-37-205.eu): 2 Time(s)
       unknown (185.58.53.66): 2 Time(s)
       unknown (2.229.214.195): 2 Time(s)
       unknown (20.ip-46-105-30.eu): 2 Time(s)
       unknown (212.98.190.248): 2 Time(s)
       unknown (74.63.193.14): 2 Time(s)
       unknown (exit1.ipredator.se): 2 Time(s)
       unknown (exit3.tor-network.net): 2 Time(s)
       unknown (lfbn-1-3288-45.w90-79.abo.wanadoo.fr): 2 Time(s)
       unknown (plex5.domin8.media): 2 Time(s)
       unknown (s17783852.onlinehome-server.info): 2 Time(s)
       backup (111.ip-51-77-140.eu): 1 Time(s)
       backup (119.29.247.225): 1 Time(s)
       backup (121.191.177.224): 1 Time(s)
       backup (128.199.220.232): 1 Time(s)
       backup (173-12-157-141-northgulf.hfc.comcastbusiness.net): 1 Time(s)
       backup (177.ip-137-74-199.eu): 1 Time(s)
       mysql (1.83.94.4): 1 Time(s)
       mysql (118.89.26.58): 1 Time(s)
       mysql (173-12-157-141-northgulf.hfc.comcastbusiness.net): 1 Time(s)
       mysql (177.ip-137-74-199.eu): 1 Time(s)
       mysql (189.206.1.142): 1 Time(s)
       mysql (76.ip-37-59-104.eu): 1 Time(s)
       news (177.206.87.206.static.gvt.net.br): 1 Time(s)
       postfix (178.128.107.61): 1 Time(s)
       postfix (ip104.ip-217-182-158.eu): 1 Time(s)
       postgres (103.237.147.69): 1 Time(s)
       postgres (113.161.66.214): 1 Time(s)
       postgres (118.89.26.58): 1 Time(s)
       postgres (159.65.84.164): 1 Time(s)
       postgres (37-252-190-224.rev.ipax.at): 1 Time(s)
       postgres (61.72.254.71): 1 Time(s)
       postgres (68.183.150.54): 1 Time(s)
       postgres (ip104.ip-217-182-158.eu): 1 Time(s)
       postgres (ns549998.ip-142-44-137.net): 1 Time(s)
       root (103.245.181.208): 1 Time(s)
       root (128.199.69.86): 1 Time(s)
       root (138.197.180.16): 1 Time(s)
       root (139.59.56.121): 1 Time(s)
       root (142.93.245.174): 1 Time(s)
       root (159.192.107.238): 1 Time(s)
       root (159.203.77.51): 1 Time(s)
       root (182.52.224.33): 1 Time(s)
       root (210.211.99.243): 1 Time(s)
       root (212.83.183.155): 1 Time(s)
       root (45.55.12.248): 1 Time(s)
       root (46.101.27.6): 1 Time(s)
       root (46.101.49.156): 1 Time(s)
       root (51.158.168.30): 1 Time(s)
       root (78-21-57-20.access.telenet.be): 1 Time(s)
       root (96.57.82.166): 1 Time(s)
       root (backup.cpdcollege.com): 1 Time(s)
       root (out-mail.toi.no): 1 Time(s)
       root (plex5.domin8.media): 1 Time(s)
       sys (128.199.220.232): 1 Time(s)
       temp (173-12-157-141-northgulf.hfc.comcastbusiness.net): 1 Time(s)
       temp (202.70.89.55): 1 Time(s)
       temp (45.117.81.147): 1 Time(s)
       unknown (103.36.11.162): 1 Time(s)
       unknown (106.12.222.70): 1 Time(s)
       unknown (106.13.47.252): 1 Time(s)
       unknown (112.216.6.43): 1 Time(s)
       unknown (113.172.170.122): 1 Time(s)
       unknown (124.205.9.241): 1 Time(s)
       unknown (128.199.133.249): 1 Time(s)
       unknown (130.61.114.175): 1 Time(s)
       unknown (138.68.146.186): 1 Time(s)
       unknown (138.68.186.24): 1 Time(s)
       unknown (138.94.20.188): 1 Time(s)
       unknown (139.59.59.90): 1 Time(s)
       unknown (139.59.74.143): 1 Time(s)
       unknown (142.93.208.158): 1 Time(s)
       unknown (142.93.39.29): 1 Time(s)
       unknown (146.185.149.245): 1 Time(s)
       unknown (159.65.148.241): 1 Time(s)
       unknown (159.65.175.37): 1 Time(s)
       unknown (159.65.81.187): 1 Time(s)
       unknown (159.89.164.167): 1 Time(s)
       unknown (165.227.138.245): 1 Time(s)
       unknown (165.227.49.242): 1 Time(s)
       unknown (174.138.6.123): 1 Time(s)
       unknown (178.128.67.41): 1 Time(s)
       unknown (178.128.81.125): 1 Time(s)
       unknown (178.62.57.246): 1 Time(s)
       unknown (179.146.42.211): 1 Time(s)
       unknown (180.167.198.186): 1 Time(s)
       unknown (180.250.18.20): 1 Time(s)
       unknown (182.218.64.111): 1 Time(s)
       unknown (188.166.216.84): 1 Time(s)
       unknown (195.25.27.89): 1 Time(s)
       unknown (196.1.99.12): 1 Time(s)
       unknown (202.51.74.189): 1 Time(s)
       unknown (203186158178.ctinets.com): 1 Time(s)
       unknown (206.189.145.152): 1 Time(s)
       unknown (206.189.65.11): 1 Time(s)
       unknown (206.189.94.158): 1 Time(s)
       unknown (216.158.235.213): 1 Time(s)
       unknown (220-128-109-148.hinet-ip.hinet.net): 1 Time(s)
       unknown (222.112.65.55): 1 Time(s)
       unknown (222.127.30.130): 1 Time(s)
       unknown (222.239.78.88): 1 Time(s)
       unknown (222.90.213.62): 1 Time(s)
       unknown (244.ip-164-132-230.eu): 1 Time(s)
       unknown (25.ip-66-70-188.net): 1 Time(s)
       unknown (45.117.81.147): 1 Time(s)
       unknown (68.183.150.54): 1 Time(s)
       unknown (74.63.232.2): 1 Time(s)
       unknown (78-21-57-20.access.telenet.be): 1 Time(s)
       unknown (85.195.212.6): 1 Time(s)
       unknown (85.86.222.35.bc.googleusercontent.com): 1 Time(s)
       unknown (89.189.154.66.dynamic.ufanet.ru): 1 Time(s)
       unknown (96.57.82.166): 1 Time(s)
       unknown (crushdigital.co.uk): 1 Time(s)
       unknown (fixed-187-190-235-43.totalplay.net): 1 Time(s)
       unknown (hsi-kbw-095-208-226-199.hsi5.kabel-badenwuerttemberg.de): 1 Time(s)
       unknown (ip125.ip-147-135-158.eu): 1 Time(s)
       unknown (ip170.ip-5-196-110.eu): 1 Time(s)
       unknown (ns3100709.ip-54-36-175.eu): 1 Time(s)
       unknown (s010660e327a1338c.cg.shawcable.net): 1 Time(s)
       unknown (static-217-77-221-85.wildpark.net): 1 Time(s)
       unknown (viva.isrv.tech): 1 Time(s)
       uucp (177.ip-137-74-199.eu): 1 Time(s)
       www-data (121.191.177.224): 1 Time(s)
       www-data (128.154.199.35.bc.googleusercontent.com): 1 Time(s)
       www-data (128.199.220.232): 1 Time(s)
       www-data (177.ip-137-74-199.eu): 1 Time(s)
       www-data (l37-195-205-135.novotelecom.ru): 1 Time(s)
       www-data (p2.ajeel.be): 1 Time(s)
    Invalid Users:
       Unknown Account: 1390 Time(s)
 
 
 ---------------------- pam_unix End ------------------------- 

 
 --------------------- Postfix Begin ------------------------ 

        1   Miscellaneous warnings  
 
   21.569K  Bytes accepted                              22,087
   21.569K  Bytes sent via SMTP                         22,087
 ========   ==================================================
 
        1   Accepted                                   100.00%
 --------   --------------------------------------------------
        1   Total                                      100.00%
 ========   ==================================================
 
        2   4xx Reject relay denied                    100.00%
 --------   --------------------------------------------------
        2   Total 4xx Rejects                          100.00%
 ========   ==================================================
 
      380   Connections             
      359   Connections lost (inbound) 
      380   Disconnections          
        1   Removed from queue      
        1   Sent via SMTP           
 
        1   SMTP dialog errors      
 
 
 ---------------------- Postfix End ------------------------- 

 
 --------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------ 

 Large Mailbox threshold: 40MB (41943040 bytes)
  Warning: Large mailbox: mailman.gz (1747199807)
  Warning: Large mailbox: mailman (235703599967)
 
 ---------------------- sendmail-largeboxes (large mail spool files) End
------------------------- 

 
 --------------------- SSHD Begin ------------------------ 

 
 Disconnecting after too many authentication failures for user:
    invalid : 1 Time(s)
 
 Failed logins from:
    1.83.94.4: 1 time
    35.199.154.128 (128.154.199.35.bc.googleusercontent.com): 1 time
    37.59.104.76 (76.ip-37-59-104.eu): 1 time
    37.195.205.135 (l37-195-205-135.novotelecom.ru): 1 time
    37.252.190.224 (37-252-190-224.rev.ipax.at): 1 time
    45.55.12.248 (hostmaster.vitalconnectionuniversity.com): 1 time
    45.117.81.147: 1 time
    46.101.27.6: 1 time
    46.101.49.156: 1 time
    51.77.140.111 (111.ip-51-77-140.eu): 1 time
    51.158.168.30 (30-168-158-51.rev.cloud.scaleway.com): 1 time
    54.36.165.226 (plex5.domin8.media): 1 time
    54.39.17.195 (backup.cpdcollege.com): 1 time
    61.72.254.71: 1 time
    68.183.150.54: 1 time
    78.21.57.20 (78-21-57-20.access.telenet.be): 1 time
    89.191.20.146 (out-mail.toi.no): 1 time
    96.57.82.166 (ool-603952a6.static.optonline.net): 1 time
    103.237.147.69: 1 time
    103.245.181.208: 1 time
    113.161.66.214 (static.vnpt.vn): 1 time
    118.89.26.58: 2 times
    119.29.247.225: 1 time
    121.191.177.224: 2 times
    128.199.69.86: 1 time
    128.199.220.232: 3 times
    137.74.199.177 (177.ip-137-74-199.eu): 4 times
    138.197.180.16: 1 time
    139.59.56.121: 1 time
    142.44.137.62 (ns549998.ip-142-44-137.net): 1 time
    142.93.245.174: 1 time
    151.80.153.174 (p2.ajeel.be): 1 time
    159.65.84.164: 1 time
    159.192.107.238: 1 time
    159.203.77.51: 1 time
    173.12.157.141 (173-12-157-141-northgulf.hfc.comcastbusiness.net): 3 times
    177.206.87.206 (177.206.87.206.static.gvt.net.br): 1 time
    178.128.107.61: 1 time
    181.49.43.238: 2 times
    182.52.224.33 (node-189t.pool-182-52.dynamic.totinternet.net): 1 time
    189.206.1.142 (static-189-206-142.alestra.net.mx): 1 time
    202.70.89.55: 4 times
    210.211.99.243: 1 time
    212.83.183.155 (212-83-183-155.rev.poneytelecom.eu): 1 time
    217.182.158.104 (ip104.ip-217-182-158.eu): 2 times
 
 Illegal users from:
    undef: 938 times
    1.83.94.4: 60 times
    1.232.77.181: 2 times
    2.229.214.195: 2 times
    5.196.110.170 (ip170.ip-5-196-110.eu): 1 time
    24.2.205.235 (c-24-2-205-235.hsd1.ma.comcast.net): 8 times
    31.220.0.225 (exit3.tor-network.net): 2 times
    35.199.154.128 (128.154.199.35.bc.googleusercontent.com): 50 times
    35.222.86.85 (85.86.222.35.bc.googleusercontent.com): 1 time
    37.195.205.135 (l37-195-205-135.novotelecom.ru): 25 times
    37.252.190.224 (37-252-190-224.rev.ipax.at): 51 times
    45.117.81.147: 1 time
    46.101.88.10 (crushdigital.co.uk): 1 time
    46.105.30.20 (20.ip-46-105-30.eu): 2 times
    46.105.89.195: 53 times
    50.66.116.189 (S010660e327a1338c.cg.shawcable.net): 1 time
    51.38.179.143 (143.ip-51-38-179.eu): 3 times
    51.77.140.111 (111.ip-51-77-140.eu): 39 times
    54.36.165.226 (plex5.domin8.media): 2 times
    54.36.175.30 (ns3100709.ip-54-36-175.eu): 1 time
    54.37.205.162 (162.ip-54-37-205.eu): 2 times
    66.70.188.25 (25.ip-66-70-188.net): 1 time
    66.190.183.35 (66-190-183-35.dhcp.jcsn.tn.charter.com): 7 times
    68.183.150.54: 1 time
    74.63.193.14 (14-193-63-74.static.reverse.lstn.net): 2 times
    74.63.232.2 (2-232-63-74.static.reverse.lstn.net): 1 time
    74.208.252.136: 45 times
    78.21.57.20 (78-21-57-20.access.telenet.be): 1 time
    82.165.35.17 (s17783852.onlinehome-server.info): 2 times
    85.195.212.6 (85-195-212-6.init7.net): 1 time
    89.189.154.66 (89.189.154.66.dynamic.ufanet.ru): 1 time
    90.79.61.45 (lfbn-1-3288-45.w90-79.abo.wanadoo.fr): 2 times
    95.208.226.199 (HSI-KBW-095-208-226-199.hsi5.kabel-badenwuerttemberg.de): 1 time
    96.57.82.166 (ool-603952a6.static.optonline.net): 1 time
    103.21.148.16: 2 times
    103.36.11.162: 5 times
    104.131.93.33 (mcp.org.py): 3 times
    106.12.222.70: 1 time
    106.13.47.252: 1 time
    111.230.21.80: 14 times
    112.170.78.118: 12 times
    112.216.6.43: 1 time
    113.161.66.214 (static.vnpt.vn): 61 times
    113.172.170.122 (static.vnpt.vn): 1 time
    115.254.63.52: 2 times
    118.24.121.65: 30 times
    118.89.26.58: 76 times
    119.28.57.220: 2 times
    119.29.39.236: 26 times
    119.29.247.225: 10 times
    120.88.185.39: 36 times
    121.191.177.224: 10 times
    124.205.9.241: 1 time
    128.199.133.249 (152717.cloudwaysapps.com): 1 time
    128.199.220.232: 48 times
    128.199.244.39: 11 times
    130.61.114.175: 1 time
    137.74.199.177 (177.ip-137-74-199.eu): 53 times
    137.110.67.98: 6 times
    138.68.146.186 (server.fsxapp.xyz): 1 time
    138.68.186.24: 1 time
    138.94.20.188: 1 time
    139.59.59.90: 1 time
    139.59.74.143: 1 time
    142.44.137.62 (ns549998.ip-142-44-137.net): 21 times
    142.93.39.29: 1 time
    142.93.208.158: 1 time
    144.217.237.117 (viva.isrv.tech): 1 time
    146.185.149.245: 1 time
    147.135.158.125 (ip125.ip-147-135-158.eu): 1 time
    158.69.215.107 (107.ip-158-69-215.net): 39 times
    159.65.81.187: 1 time
    159.65.84.164: 51 times
    159.65.144.233: 4 times
    159.65.148.241: 1 time
    159.65.175.37: 1 time
    159.89.164.167: 1 time
    159.203.139.128: 23 times
    164.132.230.244 (244.ip-164-132-230.eu): 1 time
    165.227.49.242 (184473.cloudwaysapps.com): 1 time
    165.227.138.245: 1 time
    173.12.157.141 (173-12-157-141-northgulf.hfc.comcastbusiness.net): 50 times
    174.138.6.123: 1 time
    177.206.87.206 (177.206.87.206.static.gvt.net.br): 35 times
    178.62.57.246: 1 time
    178.128.67.41: 1 time
    178.128.81.125: 1 time
    178.128.107.61: 13 times
    179.146.42.211 (179-146-42-211.user.vivozap.com.br): 1 time
    180.167.198.186: 1 time
    180.250.18.20: 1 time
    181.49.43.238: 29 times
    182.140.196.20: 35 times
    182.218.64.111: 1 time
    185.58.53.66 (185-58-53-66.customers.tirolnet.com): 2 times
    187.190.235.43 (fixed-187-190-235-43.totalplay.net): 1 time
    188.166.216.84: 1 time
    189.206.1.142 (static-189-206-142.alestra.net.mx): 28 times
    190.147.166.247 (static-ip-cr190147166247.cable.net.co): 34 times
    193.32.163.89: 4 times
    193.201.224.232: 6 times
    195.25.27.89: 1 time
    196.1.99.12: 1 time
    197.231.221.211 (exit1.ipredator.se): 2 times
    202.51.74.189: 1 time
    202.70.89.55: 62 times
    203.186.158.178 (203186158178.ctinets.com): 1 time
    206.189.65.11: 1 time
    206.189.94.158: 1 time
    206.189.145.152: 1 time
    207.236.146.198 (NMS-L.bluarc.ca): 54 times
    212.83.183.155 (212-83-183-155.rev.poneytelecom.eu): 3 times
    212.98.190.248: 2 times
    216.158.235.213 (cbew1.webcontactomagonomoveis.com.br): 1 time
    217.77.221.85 (static-217-77-221-85.wildpark.net): 1 time
    217.182.158.104 (ip104.ip-217-182-158.eu): 50 times
    220.128.109.148 (220-128-109-148.HINET-IP.hinet.net): 1 time
    222.90.213.62: 1 time
    222.112.65.55: 1 time
    222.127.30.130: 1 time
    222.128.13.94: 16 times
    222.239.78.88 (222-239-78-88.youiwe.co.kr): 1 time
 
 **Unmatched Entries**
 Disconnecting: Change of username or service not allowed: (admin,ssh-connection) ->
(user,ssh-connection) [preauth] : 4 time(s)
 
 ---------------------- SSHD End ------------------------- 

 
 --------------------- Disk Space Begin ------------------------ 

 Filesystem      Size  Used Avail Use% Mounted on
 /dev/vzfs       400G  241G  160G  61% /
 
 
 ---------------------- Disk Space End ------------------------- 

 
 ###################### Logwatch End #########################

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016