Logwatch for h2361197.stratoserver.net (Linux)

Dienstag, 20 April 2021


 
 ################### Logwatch 7.4.0 (03/01/11) #################### 
        Processing Initiated: Tue Apr 20 04:42:04 2021
        Date Range Processed: yesterday
                              ( 2021-Apr-19 )
                              Period is day.
        Detail Level of Output: 0
        Type of Output/Format: mail / text
        Logfiles for Host: h2361197.stratoserver.net
 ################################################################## 
 
 --------------------- fail2ban-messages Begin ------------------------ 

 Banned services with Fail2Ban:				 Bans:Unbans
    ssh:                                                    [651:654]
 
 ---------------------- fail2ban-messages End ------------------------- 

 
 --------------------- httpd Begin ------------------------ 

 
 A total of 7 sites probed the server 
    111.7.96.143
    178.62.125.227
    192.46.208.239
    217.41.40.224
    45.229.54.117
    45.33.41.11
    61.219.11.153
 
 Requests with error response codes
    400 Bad Request
       null: 10 Time(s)
       /: 3 Time(s)
       /config/getuser?index=0: 1 Time(s)
       \xF2\x9F/\xFF\xB6\xD9\x8D|\x84\xC5y\xB8C=\ ... E\xED\x178\x05<: 1 Time(s)
    404 Not Found
       /robots.txt: 28 Time(s)
       /.well-known/security.txt: 2 Time(s)
       /security.txt: 2 Time(s)
       /hopfully404: 1 Time(s)
       /resolutionen/sose15/Netzneutralitaet_in_U ... %A4tsnetzen.pdf: 1 Time(s)
       /resolutionen/wise15/Gefl%C3%83%C2%BCchtet ... efluechtete.pdf: 1 Time(s)
       /resolutionen/wise15/Transparenz_in_der_Dr ... sparenz_in_der_: 1 Time(s)
       /verein/satzung/%7CSatzung: 1 Time(s)
       /wp-login.php: 1 Time(s)
    500 Internal Server Error
       /: 25 Time(s)
       /.env: 3 Time(s)
       /HNAP1/: 3 Time(s)
       /robots.txt: 2 Time(s)
       /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s)
       /?XDEBUG_SESSION_START=phpstorm: 1 Time(s)
       /Autodiscover/Autodiscover.xml: 1 Time(s)
       /ReportServer: 1 Time(s)
       /_ignition/execute-solution: 1 Time(s)
       /actuator/health: 1 Time(s)
       /api/jsonws/invoke: 1 Time(s)
       /bag2: 1 Time(s)
       /console/: 1 Time(s)
       /favicon.ico: 1 Time(s)
       /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s)
       /login: 1 Time(s)
       /mifs/.;/services/LogService: 1 Time(s)
       /owa/: 1 Time(s)
       /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s)
       /wp-content/plugins/wp-file-manager/readme.txt: 1 Time(s)
 
 ---------------------- httpd End ------------------------- 

 
 --------------------- pam_unix Begin ------------------------ 

 sshd:
    Authentication Failures:
       unknown (210.114.22.116): 60 Time(s)
       unknown (101.32.7.111): 47 Time(s)
       unknown (14.29.200.186): 47 Time(s)
       unknown (165.22.214.1): 46 Time(s)
       unknown (106.52.15.196): 43 Time(s)
       unknown (27.254.150.77): 43 Time(s)
       unknown (49.234.42.143): 43 Time(s)
       unknown (node-yz2.pool-101-109.dynamic.totinternet.net): 43 Time(s)
       unknown (132.232.59.247): 42 Time(s)
       unknown (119.28.59.172): 41 Time(s)
       unknown (222.95.249.97): 41 Time(s)
       unknown (115.159.213.195): 40 Time(s)
       unknown (161.35.58.169): 40 Time(s)
       unknown (49.234.92.108): 40 Time(s)
       unknown (68.183.189.30): 40 Time(s)
       unknown (81.70.147.144): 40 Time(s)
       unknown (ip136.ip-139-99-48.net): 40 Time(s)
       unknown (211.219.29.107): 39 Time(s)
       unknown (static-200-105-183-118.acelerate.net): 39 Time(s)
       unknown (118.195.159.67): 38 Time(s)
       unknown (31.89.144.52.cust.ip.kpnqwest.it): 38 Time(s)
       unknown (117.156.119.39): 37 Time(s)
       unknown (152.136.230.30): 37 Time(s)
       unknown (172.81.210.122): 37 Time(s)
       unknown (207.154.244.110): 37 Time(s)
       unknown (51.15.199.62): 37 Time(s)
       unknown (120.48.22.116): 36 Time(s)
       unknown (122.51.167.43): 36 Time(s)
       unknown (116.196.94.108): 34 Time(s)
       unknown (134.209.231.248): 34 Time(s)
       unknown (103.69.124.247): 33 Time(s)
       unknown (128.199.158.182): 33 Time(s)
       unknown (static-189-206-160-153.alestra.net.mx): 33 Time(s)
       unknown (106.55.240.252): 31 Time(s)
       unknown (121.4.108.200): 31 Time(s)
       unknown (200.91.160.238): 30 Time(s)
       unknown (121.4.189.34): 29 Time(s)
       unknown (122.152.222.180): 28 Time(s)
       unknown (104.248.236.10): 26 Time(s)
       unknown (121.4.68.192): 26 Time(s)
       unknown (219.150.93.157): 26 Time(s)
       unknown (49.235.101.138): 26 Time(s)
       unknown (5.50.31.171): 26 Time(s)
       unknown (40.84.137.248): 25 Time(s)
       unknown (49.234.43.127): 25 Time(s)
       unknown (1.119.144.186): 24 Time(s)
       unknown (106.54.67.233): 23 Time(s)
       unknown (111.230.211.183): 23 Time(s)
       unknown (192.144.138.102): 22 Time(s)
       unknown (195.196.101.34.bc.googleusercontent.com): 21 Time(s)
       unknown (132.232.77.87): 20 Time(s)
       unknown (111.229.187.216): 19 Time(s)
       unknown (180.167.168.2): 19 Time(s)
       unknown (104.131.48.26): 18 Time(s)
       root (210.114.22.116): 17 Time(s)
       unknown (159.89.115.75): 17 Time(s)
       unknown (211.253.10.96): 17 Time(s)
       unknown (221.223.24.88): 17 Time(s)
       root (101.32.7.111): 16 Time(s)
       root (222.95.249.97): 16 Time(s)
       unknown (188.166.28.246): 16 Time(s)
       root (200.91.160.238): 15 Time(s)
       root (27.254.150.77): 15 Time(s)
       root (ip136.ip-139-99-48.net): 15 Time(s)
       root (static-200-105-183-118.acelerate.net): 15 Time(s)
       unknown (101.32.14.194): 15 Time(s)
       unknown (193.169.254.238): 15 Time(s)
       root (193.169.254.238): 14 Time(s)
       root (31.89.144.52.cust.ip.kpnqwest.it): 14 Time(s)
       root (122.51.167.43): 13 Time(s)
       root (128.199.158.182): 13 Time(s)
       root (49.234.42.143): 13 Time(s)
       root (119.28.59.172): 12 Time(s)
       root (134.209.231.248): 12 Time(s)
       root (207.154.244.110): 12 Time(s)
       root (node-yz2.pool-101-109.dynamic.totinternet.net): 12 Time(s)
       root (104.248.236.10): 11 Time(s)
       root (40.84.137.248): 11 Time(s)
       root (51.15.199.62): 11 Time(s)
       unknown (103.147.3.173): 11 Time(s)
       unknown (104.131.40.97): 11 Time(s)
       unknown (187.111.192.13): 11 Time(s)
       root (106.52.15.196): 10 Time(s)
       root (116.196.94.108): 10 Time(s)
       root (118.195.159.67): 10 Time(s)
       root (120.48.22.116): 10 Time(s)
       root (132.232.59.247): 10 Time(s)
       root (132.232.77.87): 10 Time(s)
       root (172.81.210.122): 10 Time(s)
       root (211.219.29.107): 10 Time(s)
       root (219.150.93.157): 10 Time(s)
       root (221.223.24.88): 10 Time(s)
       root (68.183.189.30): 10 Time(s)
       root (111.230.211.183): 9 Time(s)
       root (117.156.119.39): 9 Time(s)
       root (165.22.214.1): 9 Time(s)
       root (5.50.31.171): 9 Time(s)
       unknown (118.195.159.82): 9 Time(s)
       unknown (202.202.32.40): 9 Time(s)
       unknown (223.247.207.75): 9 Time(s)
       root (106.54.67.233): 8 Time(s)
       root (152.136.230.30): 8 Time(s)
       root (161.35.58.169): 8 Time(s)
       root (211.253.10.96): 8 Time(s)
       root (49.234.43.127): 8 Time(s)
       root (49.235.101.138): 8 Time(s)
       root (static-189-206-160-153.alestra.net.mx): 8 Time(s)
       unknown (60.255.230.126): 8 Time(s)
       unknown (81.68.234.113): 8 Time(s)
       root (104.131.48.26): 7 Time(s)
       root (115.159.213.195): 7 Time(s)
       root (121.4.189.34): 7 Time(s)
       root (14.29.200.186): 7 Time(s)
       root (188.166.28.246): 7 Time(s)
       root (192.144.138.102): 7 Time(s)
       root (81.70.147.144): 7 Time(s)
       unknown (191.217.84.232): 7 Time(s)
       unknown (49.235.61.62): 7 Time(s)
       root (1.119.144.186): 6 Time(s)
       root (122.152.222.180): 6 Time(s)
       unknown (182.180.82.28): 6 Time(s)
       root (103.69.124.247): 5 Time(s)
       root (104.131.40.97): 5 Time(s)
       root (106.55.240.252): 5 Time(s)
       root (121.4.108.200): 5 Time(s)
       root (191.217.84.232): 5 Time(s)
       root (81.68.234.113): 5 Time(s)
       root (103.147.3.173): 4 Time(s)
       root (134.122.103.82): 4 Time(s)
       root (223.247.207.75): 4 Time(s)
       root (49.234.92.108): 4 Time(s)
       root (60.255.230.126): 4 Time(s)
       unknown (134.122.103.82): 4 Time(s)
       root (118.195.159.82): 3 Time(s)
       root (121.4.68.192): 3 Time(s)
       root (180.167.168.2): 3 Time(s)
       root (195.196.101.34.bc.googleusercontent.com): 3 Time(s)
       root (49.235.61.62): 3 Time(s)
       unknown (40.73.59.55): 3 Time(s)
       mysql (128.199.158.182): 2 Time(s)
       mysql (165.22.214.1): 2 Time(s)
       postgres (106.54.67.233): 2 Time(s)
       postgres (27.254.150.77): 2 Time(s)
       root (159.89.115.75): 2 Time(s)
       temp (211.253.10.96): 2 Time(s)
       unknown (103.100.210.198): 2 Time(s)
       unknown (111.95.141.34): 2 Time(s)
       unknown (62.210.205.143): 2 Time(s)
       unknown (h-148-79.a163.priv.bahnhof.se): 2 Time(s)
       unknown (ip81-84-173-82.adsl2.static.versatel.nl): 2 Time(s)
       backup (120.48.22.116): 1 Time(s)
       backup (152.136.230.30): 1 Time(s)
       backup (49.234.43.127): 1 Time(s)
       bin (165.22.214.1): 1 Time(s)
       daemon (122.51.167.43): 1 Time(s)
       irc (1.119.144.186): 1 Time(s)
       irc (ip136.ip-139-99-48.net): 1 Time(s)
       mysql (111.229.187.216): 1 Time(s)
       mysql (121.4.189.34): 1 Time(s)
       mysql (121.4.68.192): 1 Time(s)
       mysql (132.232.59.247): 1 Time(s)
       mysql (134.209.231.248): 1 Time(s)
       mysql (14.29.200.186): 1 Time(s)
       mysql (193.169.254.238): 1 Time(s)
       mysql (195.196.101.34.bc.googleusercontent.com): 1 Time(s)
       mysql (210.114.22.116): 1 Time(s)
       mysql (211.253.10.96): 1 Time(s)
       mysql (219.150.93.157): 1 Time(s)
       news (68.183.189.30): 1 Time(s)
       nobody (132.232.77.87): 1 Time(s)
       openproject (49.235.61.62): 1 Time(s)
       postgres (1.119.144.186): 1 Time(s)
       postgres (104.131.40.97): 1 Time(s)
       postgres (104.131.48.26): 1 Time(s)
       postgres (106.52.15.196): 1 Time(s)
       postgres (132.232.59.247): 1 Time(s)
       postgres (132.232.77.87): 1 Time(s)
       postgres (202.202.32.40): 1 Time(s)
       postgres (219.150.93.157): 1 Time(s)
       postgres (222.95.249.97): 1 Time(s)
       postgres (31.89.144.52.cust.ip.kpnqwest.it): 1 Time(s)
       root (103.100.210.198): 1 Time(s)
       root (112.196.117.137): 1 Time(s)
       root (182.180.82.28): 1 Time(s)
       root (200.196.28.168): 1 Time(s)
       root (202.202.32.40): 1 Time(s)
       root (5.188.206.98): 1 Time(s)
       root (81.161.63.100): 1 Time(s)
       sys (51.15.199.62): 1 Time(s)
       temp (106.55.240.252): 1 Time(s)
       temp (115.159.213.195): 1 Time(s)
       temp (31.89.144.52.cust.ip.kpnqwest.it): 1 Time(s)
       unknown (106.12.57.149): 1 Time(s)
       unknown (106.54.112.173): 1 Time(s)
       unknown (115.159.53.71): 1 Time(s)
       unknown (121.5.159.57): 1 Time(s)
       unknown (134.209.185.4): 1 Time(s)
       unknown (150.158.160.25): 1 Time(s)
       unknown (167.172.195.99): 1 Time(s)
       unknown (185.165.171.14): 1 Time(s)
       unknown (198.98.54.56): 1 Time(s)
       unknown (2.57.90.34): 1 Time(s)
       unknown (20.83.32.5): 1 Time(s)
       unknown (200.116.193.122): 1 Time(s)
       unknown (202.77.105.98): 1 Time(s)
       unknown (209.141.42.35): 1 Time(s)
       unknown (217.198.86.36): 1 Time(s)
       unknown (49.234.50.235): 1 Time(s)
       unknown (5.188.206.99): 1 Time(s)
       unknown (61.250.179.125): 1 Time(s)
       unknown (62.102.148.69): 1 Time(s)
       unknown (80.66.150.238): 1 Time(s)
       unknown (81.70.152.154): 1 Time(s)
       unknown (static-201-163-162-179.alestra.net.mx): 1 Time(s)
       unknown (tor-exit1-readme.dfri.se): 1 Time(s)
       www-data (188.166.28.246): 1 Time(s)
       www-data (200.91.160.238): 1 Time(s)
       www-data (211.219.29.107): 1 Time(s)
       www-data (221.223.24.88): 1 Time(s)
       www-data (49.234.92.108): 1 Time(s)
    Invalid Users:
       Unknown Account: 2065 Time(s)
 
 
 ---------------------- pam_unix End ------------------------- 

 
 --------------------- Postfix Begin ------------------------ 

      141   Miscellaneous warnings  
 
   28.841K  Bytes accepted                              29,533
   28.841K  Bytes sent via SMTP                         29,533
 ========   ==================================================
 
        1   Accepted                                   100.00%
 --------   --------------------------------------------------
        1   Total                                      100.00%
 ========   ==================================================
 
        2   4xx Reject relay denied                    100.00%
 --------   --------------------------------------------------
        2   Total 4xx Rejects                          100.00%
 ========   ==================================================
 
      604   Connections             
      216   Connections lost (inbound) 
      604   Disconnections          
        1   Removed from queue      
        1   Sent via SMTP           
 
        2   SMTP dialog errors      
        8   Hostname verification errors (FCRDNS) 
 
 
 ---------------------- Postfix End ------------------------- 

 
 --------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------ 

 Large Mailbox threshold: 40MB (41943040 bytes)
  Warning: Large mailbox: mailman.gz (1747199807)
  Warning: Large mailbox: mailman (235703599967)
 
 ---------------------- sendmail-largeboxes (large mail spool files) End
------------------------- 

 
 --------------------- SSHD Begin ------------------------ 

 
 Failed logins from:
    1.119.144.186: 8 times
    5.50.31.171: 9 times
    5.188.206.98: 1 time
    14.29.200.186: 8 times
    27.254.150.77: 17 times
    34.101.196.195 (195.196.101.34.bc.googleusercontent.com): 4 times
    40.84.137.248: 11 times
    49.234.42.143: 13 times
    49.234.43.127: 9 times
    49.234.92.108: 5 times
    49.235.61.62: 4 times
    49.235.101.138: 8 times
    51.15.199.62 (62-199-15-51.instances.scw.cloud): 12 times
    52.144.89.31 (31.89.144.52.cust.ip.kpnqwest.it): 16 times
    60.255.230.126: 4 times
    68.183.189.30: 11 times
    81.68.234.113: 5 times
    81.70.147.144: 7 times
    81.161.63.100: 1 time
    101.32.7.111: 16 times
    101.109.177.14 (node-yz2.pool-101-109.dynamic.totinternet.net): 12 times
    103.69.124.247: 5 times
    103.100.210.198: 1 time
    103.147.3.173: 4 times
    104.131.40.97: 6 times
    104.131.48.26: 8 times
    104.248.236.10: 11 times
    106.52.15.196: 11 times
    106.54.67.233: 10 times
    106.55.240.252: 6 times
    111.229.187.216: 1 time
    111.230.211.183: 9 times
    112.196.117.137: 1 time
    115.159.213.195: 8 times
    116.196.94.108: 10 times
    117.156.119.39: 9 times
    118.195.159.67: 10 times
    118.195.159.82: 3 times
    119.28.59.172: 12 times
    120.48.22.116: 11 times
    121.4.68.192: 4 times
    121.4.108.200: 5 times
    121.4.189.34: 8 times
    122.51.167.43: 14 times
    122.152.222.180: 6 times
    128.199.158.182: 15 times
    132.232.59.247: 12 times
    132.232.77.87: 12 times
    134.122.103.82: 4 times
    134.209.231.248: 13 times
    139.99.48.136 (ip136.ip-139-99-48.net): 16 times
    152.136.230.30: 9 times
    159.89.115.75: 2 times
    161.35.58.169: 8 times
    165.22.214.1: 12 times
    172.81.210.122: 10 times
    180.167.168.2: 3 times
    182.180.82.28: 1 time
    188.166.28.246: 8 times
    189.206.160.153 (static-189-206-160-153.alestra.net.mx): 8 times
    191.217.84.232: 5 times
    192.144.138.102: 7 times
    193.169.254.238: 15 times
    200.91.160.238: 16 times
    200.105.183.118 (static-200-105-183-118.acelerate.net): 15 times
    200.196.28.168 (mx01.matrix.com.br): 1 time
    202.202.32.40: 2 times
    207.154.244.110: 12 times
    210.114.22.116: 18 times
    211.219.29.107: 11 times
    211.253.10.96: 11 times
    219.150.93.157: 12 times
    221.223.24.88: 11 times
    222.95.249.97: 17 times
    223.247.207.75: 4 times
 
 Illegal users from:
    undef: 1411 times
    1.119.144.186: 24 times
    2.57.90.34: 1 time
    5.50.31.171: 26 times
    5.188.206.99: 1 time
    14.29.200.186: 47 times
    20.83.32.5: 1 time
    27.254.150.77: 43 times
    34.101.196.195 (195.196.101.34.bc.googleusercontent.com): 21 times
    40.73.59.55: 3 times
    40.84.137.248: 25 times
    49.234.42.143: 43 times
    49.234.43.127: 25 times
    49.234.50.235: 1 time
    49.234.92.108: 40 times
    49.235.61.62: 7 times
    49.235.101.138: 26 times
    51.15.199.62 (62-199-15-51.instances.scw.cloud): 37 times
    52.144.89.31 (31.89.144.52.cust.ip.kpnqwest.it): 38 times
    60.255.230.126: 8 times
    61.250.179.125: 1 time
    62.102.148.69: 1 time
    62.210.205.143 (surai.ddns.net): 2 times
    65.49.20.68 (scan-19.shadowserver.org): 1 time
    68.183.189.30: 40 times
    80.66.150.238 (static-80-66-150-238.ivnet.ru): 1 time
    81.68.234.113: 8 times
    81.70.147.144: 40 times
    81.70.152.154: 1 time
    82.173.84.81 (ip81-84-173-82.adsl2.static.versatel.nl): 2 times
    101.32.7.111: 47 times
    101.32.14.194: 15 times
    101.109.177.14 (node-yz2.pool-101-109.dynamic.totinternet.net): 43 times
    103.69.124.247: 33 times
    103.100.210.198: 2 times
    103.147.3.173: 11 times
    104.131.40.97: 11 times
    104.131.48.26: 18 times
    104.248.236.10: 26 times
    106.12.57.149: 1 time
    106.52.15.196: 43 times
    106.54.67.233: 23 times
    106.54.112.173: 1 time
    106.55.240.252: 31 times
    111.95.141.34 (fm-dyn-111-95-141-34.fast.net.id): 2 times
    111.229.187.216: 19 times
    111.230.211.183: 23 times
    115.159.53.71: 1 time
    115.159.213.195: 40 times
    116.196.94.108: 34 times
    117.156.119.39: 37 times
    118.195.159.67: 38 times
    118.195.159.82: 9 times
    119.28.59.172: 41 times
    120.48.22.116: 36 times
    121.4.68.192: 26 times
    121.4.108.200: 31 times
    121.4.189.34: 29 times
    121.5.159.57: 1 time
    122.51.167.43: 36 times
    122.152.222.180: 28 times
    128.199.158.182: 33 times
    132.232.59.247: 42 times
    132.232.77.87: 20 times
    134.122.103.82: 4 times
    134.209.185.4: 1 time
    134.209.231.248: 34 times
    139.99.48.136 (ip136.ip-139-99-48.net): 40 times
    150.158.160.25: 1 time
    152.136.230.30: 37 times
    159.89.115.75: 17 times
    161.35.58.169: 40 times
    165.22.214.1: 46 times
    167.172.195.99: 1 time
    171.25.193.77 (tor-exit1-readme.dfri.se): 1 time
    172.81.210.122: 37 times
    178.174.148.79 (h-148-79.A163.priv.bahnhof.se): 2 times
    180.167.168.2: 19 times
    182.180.82.28: 6 times
    185.165.171.14: 1 time
    187.111.192.13 (187111192013.powertelecom.net.br): 11 times
    188.166.28.246: 16 times
    189.206.160.153 (static-189-206-160-153.alestra.net.mx): 33 times
    191.217.84.232: 7 times
    192.144.138.102: 22 times
    193.169.254.238: 15 times
    198.98.54.56: 1 time
    200.91.160.238: 30 times
    200.105.183.118 (static-200-105-183-118.acelerate.net): 39 times
    200.116.193.122 (static-200-116-193-122.une.net.co): 1 time
    201.163.162.179 (static-201-163-162-179.alestra.net.mx): 1 time
    202.77.105.98: 1 time
    202.202.32.40: 9 times
    207.154.244.110: 37 times
    209.141.42.35: 1 time
    210.114.22.116: 60 times
    211.219.29.107: 39 times
    211.253.10.96: 17 times
    217.198.86.36: 1 time
    219.150.93.157: 26 times
    221.223.24.88: 17 times
    222.95.249.97: 41 times
    223.247.207.75: 9 times
 
 ---------------------- SSHD End ------------------------- 

 
 --------------------- Disk Space Begin ------------------------ 

 Filesystem         Size  Used Avail Use% Mounted on
 /dev/ploop47755p1  394G  242G  132G  65% /
 none               4.0G     0  4.0G   0% /dev
 
 
 ---------------------- Disk Space End ------------------------- 

 
 ###################### Logwatch End #########################

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016