Logwatch for h2361197.stratoserver.net (Linux)

Dienstag, 11 August 2020


 
 ################### Logwatch 7.4.0 (03/01/11) #################### 
        Processing Initiated: Tue Aug 11 04:42:05 2020
        Date Range Processed: yesterday
                              ( 2020-Aug-10 )
                              Period is day.
        Detail Level of Output: 0
        Type of Output/Format: mail / text
        Logfiles for Host: h2361197.stratoserver.net
 ################################################################## 
 
 --------------------- fail2ban-messages Begin ------------------------ 

 Banned services with Fail2Ban:				 Bans:Unbans
    ssh:                                                    [ 42:43 ]
 
 ---------------------- fail2ban-messages End ------------------------- 

 
 --------------------- httpd Begin ------------------------ 

 
 Connection attempts using mod_proxy:
    123.160.174.46 -> zapf.wiki:443: 1 Time(s)
    222.186.61.115 -> ip.ws.126.net:443: 1 Time(s)
 
 A total of 5 sites probed the server 
    103.86.48.16
    172.93.99.2
    185.39.11.105
    62.210.141.218
    66.240.205.34
 
 Requests with error response codes
    400 Bad Request
       mstshash=Administr: 8 Time(s)
       null: 7 Time(s)
       /: 2 Time(s)
       /manager/text/list: 1 Time(s)
       /w00tw00t.at.ISC.SANS.DFind:): 1 Time(s)
       ip.ws.126.net:443: 1 Time(s)
       w1Z\x7F\xEF\x9F\xCAL#\xD9\xD7SI\x0E+zT\xF4 ... D\xC0$\xC0(\xC0: 1 Time(s)
       zapf.wiki:443: 1 Time(s)
    404 Not Found
       /robots.txt: 44 Time(s)
       /wp-login.php: 20 Time(s)
       /berlin/apple-touch-icon.png: 11 Time(s)
       /ads.txt: 2 Time(s)
       /.git/config: 1 Time(s)
       //modules/autoupgrade//vendor/phpunit/phpu ... /eval-stdin.php: 1 Time(s)
       //vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s)
       //wp-1ogin_bak.php: 1 Time(s)
       //wp-includes/css/css.php: 1 Time(s)
       /humans.txt: 1 Time(s)
       /protokolle/Ergebnisprotokoll_MV_09.06.2017.pdf: 1 Time(s)
       /resolutionen/wise15/Transparenz_in_der_: 1 Time(s)
       /sites/default/files/1999_SoSe_Karlsruhe.pdf: 1 Time(s)
       /sites/default/files/Bericht_SommerZaPF13_Jena.pdf: 1 Time(s)
       /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s)
       /zapf/geschaeftsordnung: 1 Time(s)
       /zapf/reader/%7CTagungsreader: 1 Time(s)
    500 Internal Server Error
       /: 17 Time(s)
       /admin//config.php: 2 Time(s)
       /HNAP1/: 1 Time(s)
       /etc/lib/pChart2/examples/index.php?Action ... ./../cnf/db.php: 1 Time(s)
 
 ---------------------- httpd End ------------------------- 

 
 --------------------- pam_unix Begin ------------------------ 

 sshd:
    Authentication Failures:
       root (106.12.175.226): 70 Time(s)
       root (159.65.142.103): 70 Time(s)
       root (123.206.81.59): 68 Time(s)
       root (ns389831.ip-176-31-102.eu): 67 Time(s)
       root (103.3.226.230): 56 Time(s)
       root (128.14.230.12): 53 Time(s)
       root (162.243.10.64): 52 Time(s)
       root (95.ip-51-178-46.eu): 50 Time(s)
       root (79.143.44.122): 48 Time(s)
       root (134.175.129.204): 47 Time(s)
       root (167.99.99.10): 47 Time(s)
       root (27.221.97.4): 47 Time(s)
       root (43.226.41.171): 46 Time(s)
       root (120.92.210.196): 45 Time(s)
       root (141.ip-51-79-55.net): 45 Time(s)
       root (190.85.183.250): 45 Time(s)
       root (49.232.101.33): 45 Time(s)
       root (200.ip-51-75-24.eu): 44 Time(s)
       root (62-210-215-34.rev.poneytelecom.eu): 44 Time(s)
       root (69.ip-51-68-189.eu): 44 Time(s)
       root (51.158.70.82): 43 Time(s)
       root (62.28.253.197): 43 Time(s)
       root (128.ip-51-254-129.eu): 42 Time(s)
       root (129.211.70.87): 42 Time(s)
       root (bsn-95-247-90.static.siol.net): 42 Time(s)
       root (ns506885.ip-198-27-82.net): 42 Time(s)
       root (122.227.159.84): 41 Time(s)
       root (201.ip-51-91-127.eu): 41 Time(s)
       root (211.253.133.48): 41 Time(s)
       root (1.119.195.58): 40 Time(s)
       root (180.76.118.181): 40 Time(s)
       root (221.13.203.102): 40 Time(s)
       root (118.125.106.12): 39 Time(s)
       root (157.0.134.164): 39 Time(s)
       root (181.52.249.213): 39 Time(s)
       root (167.71.237.144): 38 Time(s)
       root (213.169.39.218): 38 Time(s)
       root (91.72.219.110): 38 Time(s)
       root (115.84.91.63): 37 Time(s)
       root (139.99.98.248): 37 Time(s)
       root (222.112.255.124): 37 Time(s)
       root (188.166.9.210): 36 Time(s)
       root (139.59.95.60): 35 Time(s)
       root (142.93.68.181): 35 Time(s)
       root (181.94.226.188): 35 Time(s)
       root (202.29.33.245): 35 Time(s)
       root (8.30.197.230): 35 Time(s)
       root (onstageobra.cl): 35 Time(s)
       root (150.158.188.241): 34 Time(s)
       root (203.245.29.148): 34 Time(s)
       root (51.37.253.225): 34 Time(s)
       root (65.168.200.35.bc.googleusercontent.com): 34 Time(s)
       root (106.12.16.149): 33 Time(s)
       root (118.24.36.247): 33 Time(s)
       root (125.141.139.29): 33 Time(s)
       root (134.175.195.138): 33 Time(s)
       root (server.ikadocteur.com): 33 Time(s)
       root (129.122.16.156): 32 Time(s)
       root (210.212.29.215): 32 Time(s)
       root (49.234.82.165): 32 Time(s)
       root (ip52.ip-213-32-111.eu): 32 Time(s)
       root (122.166.192.26): 31 Time(s)
       root (111.229.4.247): 30 Time(s)
       root (49.234.226.13): 30 Time(s)
       root (106.13.98.226): 29 Time(s)
       root (192.241.155.88): 29 Time(s)
       root (222.186.171.247): 29 Time(s)
       root (106.12.17.214): 28 Time(s)
       root (106.13.45.212): 28 Time(s)
       root (111.229.39.146): 28 Time(s)
       root (106.12.45.110): 27 Time(s)
       root (159.65.132.140): 27 Time(s)
       root (175.24.72.19): 27 Time(s)
       unknown (39.115.113.146): 27 Time(s)
       root (122.51.238.211): 26 Time(s)
       root (134.175.121.80): 26 Time(s)
       root (128.199.123.170): 25 Time(s)
       root (180.76.181.152): 25 Time(s)
       root (202.143.111.42): 25 Time(s)
       root (ns3141807.ip-176-31-127.eu): 25 Time(s)
       root (222.190.130.62): 24 Time(s)
       root (49.51.160.139): 23 Time(s)
       root (112.199.98.42): 22 Time(s)
       root (122.51.108.64): 22 Time(s)
       root (vps-3076ac11.vps.ovh.net): 22 Time(s)
       root (111.231.21.153): 21 Time(s)
       root (212.129.246.52): 21 Time(s)
       root (220-133-95-68.hinet-ip.hinet.net): 21 Time(s)
       root (onion2.hosting.ovh.web-et-solutions.com): 21 Time(s)
       root (122.97.130.196): 19 Time(s)
       root (152.136.34.52): 19 Time(s)
       root (183.12.243.252): 19 Time(s)
       root (hsi-kbw-078-042-135-089.hsi3.kabel-badenwuerttemberg.de): 19 Time(s)
       root (80.241.46.6): 18 Time(s)
       root (107.174.39.87): 17 Time(s)
       unknown (220-133-95-68.hinet-ip.hinet.net): 17 Time(s)
       root (213.87.101.176): 16 Time(s)
       root (47.88.153.61): 14 Time(s)
       root (20.37.241.8): 13 Time(s)
       root (vps-7997d461.vps.ovh.net): 13 Time(s)
       root (198.46.152.161): 12 Time(s)
       root (31.42.11.180): 8 Time(s)
       root (39.115.113.146): 8 Time(s)
       root (45.14.150.140): 7 Time(s)
       root (166.111.68.25): 6 Time(s)
       root (179.222.96.70): 5 Time(s)
       root (221.163.8.108): 5 Time(s)
       root (23.95.85.68): 5 Time(s)
       root (133.242.231.162): 4 Time(s)
       root (195.70.59.121): 4 Time(s)
       root (64.227.97.122): 4 Time(s)
       root (fixed-187-190-109-142.totalplay.net): 4 Time(s)
       root (105.184.68.180): 3 Time(s)
       root (153.ip-51-75-140.eu): 3 Time(s)
       root (159.65.155.255): 3 Time(s)
       root (v150-95-31-150.a006.g.bkk1.static.cnode.io): 3 Time(s)
       root (85.209.0.251): 2 Time(s)
       unknown (112-70-191-130f1.osk2.eonet.ne.jp): 2 Time(s)
       unknown (142-217-140-186.telebecinternet.net): 2 Time(s)
       unknown (185.220.101.207): 2 Time(s)
       root (103.140.83.18): 1 Time(s)
       root (105.226.225.174): 1 Time(s)
       root (106.13.166.38): 1 Time(s)
       root (106.75.157.9): 1 Time(s)
       root (106.75.174.87): 1 Time(s)
       root (107.170.99.119): 1 Time(s)
       root (111.229.48.141): 1 Time(s)
       root (112.35.145.179): 1 Time(s)
       root (116.228.122.188): 1 Time(s)
       root (119.4.225.31): 1 Time(s)
       root (122.152.196.222): 1 Time(s)
       root (122.51.89.18): 1 Time(s)
       root (128.199.96.1): 1 Time(s)
       root (147.red-83-48-89.staticip.rima-tde.net): 1 Time(s)
       root (159.65.158.30): 1 Time(s)
       root (165.22.206.182): 1 Time(s)
       root (168.194.111.110): 1 Time(s)
       root (177.72.4.74): 1 Time(s)
       root (180.76.148.87): 1 Time(s)
       root (182.23.82.19): 1 Time(s)
       root (187.155.209.200): 1 Time(s)
       root (187.5.3.56): 1 Time(s)
       root (190.146.13.180): 1 Time(s)
       root (20.44.229.142): 1 Time(s)
       root (201.234.66.133): 1 Time(s)
       root (211.157.164.162): 1 Time(s)
       root (218.25.130.220): 1 Time(s)
       root (219.239.47.66): 1 Time(s)
       root (223.31.196.3): 1 Time(s)
       root (27.128.162.183): 1 Time(s)
       root (49.207.185.52): 1 Time(s)
       root (51.37.201.121): 1 Time(s)
       root (58.250.86.44): 1 Time(s)
       root (60.170.255.63): 1 Time(s)
       root (60.30.98.194): 1 Time(s)
       root (64.202.186.78): 1 Time(s)
       root (74.82.218.75.16clouds.com): 1 Time(s)
       root (fixed-187-189-241-135.totalplay.net): 1 Time(s)
       root (vps-e4a844d8.vps.ovh.ca): 1 Time(s)
       unknown (118.125.106.12): 1 Time(s)
       unknown (ns3012242.ip-149-202-69.eu): 1 Time(s)
    Invalid Users:
       Unknown Account: 52 Time(s)
 
 
 ---------------------- pam_unix End ------------------------- 

 
 --------------------- Postfix Begin ------------------------ 

        8   Miscellaneous warnings  
 
   29.455K  Bytes accepted                              30,162
   29.455K  Bytes sent via SMTP                         30,162
 ========   ==================================================
 
        1   Accepted                                   100.00%
 --------   --------------------------------------------------
        1   Total                                      100.00%
 ========   ==================================================
 
        1   4xx Reject relay denied                    100.00%
 --------   --------------------------------------------------
        1   Total 4xx Rejects                          100.00%
 ========   ==================================================
 
       52   Connections             
       29   Connections lost (inbound) 
       52   Disconnections          
        1   Removed from queue      
        1   Sent via SMTP           
 
 
 ---------------------- Postfix End ------------------------- 

 
 --------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------ 

 Large Mailbox threshold: 40MB (41943040 bytes)
  Warning: Large mailbox: mailman.gz (1747199807)
  Warning: Large mailbox: mailman (235703599967)
 
 ---------------------- sendmail-largeboxes (large mail spool files) End
------------------------- 

 
 --------------------- SSHD Begin ------------------------ 

 
 Failed logins from:
    1.119.195.58: 40 times
    8.30.197.230: 35 times
    20.37.241.8: 13 times
    20.44.229.142: 1 time
    23.95.85.68 (23-95-85-68-host.colocrossing.com): 5 times
    27.128.162.183: 1 time
    27.221.97.4: 47 times
    31.42.11.180 (31.42.11.180.alfanet24.pl): 8 times
    35.200.168.65 (65.168.200.35.bc.googleusercontent.com): 34 times
    39.115.113.146: 8 times
    43.226.41.171: 46 times
    45.14.150.140: 7 times
    47.88.153.61: 14 times
    49.51.160.139: 23 times
    49.207.185.52 (broadband.actcorp.in): 1 time
    49.232.101.33: 45 times
    49.234.82.165: 32 times
    49.234.226.13: 30 times
    51.37.201.121: 1 time
    51.37.253.225: 34 times
    51.38.32.230 (server.ikadocteur.com): 33 times
    51.68.189.69 (69.ip-51-68-189.eu): 44 times
    51.75.24.200 (200.ip-51-75-24.eu): 44 times
    51.75.140.153 (153.ip-51-75-140.eu): 3 times
    51.79.55.141 (141.ip-51-79-55.net): 45 times
    51.79.145.158 (vps-e4a844d8.vps.ovh.ca): 1 time
    51.83.33.202 (vps-3076ac11.vps.ovh.net): 22 times
    51.83.133.24 (vps-7997d461.vps.ovh.net): 13 times
    51.91.127.201 (201.ip-51-91-127.eu): 41 times
    51.158.70.82 (82-70-158-51.instances.scw.cloud): 43 times
    51.178.46.95 (95.ip-51-178-46.eu): 50 times
    51.254.129.128 (128.ip-51-254-129.eu): 42 times
    58.250.86.44: 1 time
    60.30.98.194 (no-data): 1 time
    60.170.255.63: 1 time
    62.28.253.197: 43 times
    62.210.215.34 (62-210-215-34.rev.poneytelecom.eu): 44 times
    64.202.186.78 (ip-64-202-186-78.secureserver.net): 1 time
    64.227.97.122: 4 times
    74.82.218.75 (74.82.218.75.16clouds.com): 1 time
    78.42.135.89 (HSI-KBW-078-042-135-089.hsi3.kabel-badenwuerttemberg.de): 19 times
    79.143.44.122 (79.143.44.122.vntp.net): 48 times
    80.241.46.6: 18 times
    83.48.89.147 (147.red-83-48-89.staticip.rima-tde.net): 1 time
    85.209.0.251: 2 times
    91.72.219.110: 38 times
    103.3.226.230 (103.3.226.230-static.reserve.tomatoweb.com.bd): 56 times
    103.140.83.18: 1 time
    105.184.68.180 (68-184-105-180.east.dsl.telkomsa.net): 3 times
    105.226.225.174 (225-226-105-174.north.dsl.telkomsa.net): 1 time
    106.12.16.149: 33 times
    106.12.17.214: 28 times
    106.12.45.110: 27 times
    106.12.175.226: 70 times
    106.13.45.212: 28 times
    106.13.98.226: 29 times
    106.13.166.38: 1 time
    106.75.157.9: 1 time
    106.75.174.87: 1 time
    107.170.99.119: 1 time
    107.174.39.87 (107-174-39-87-host.colocrossing.com): 17 times
    111.229.4.247: 30 times
    111.229.39.146: 28 times
    111.229.48.141: 1 time
    111.231.21.153: 21 times
    112.35.145.179: 1 time
    112.199.98.42 (42.98.199.112.clbrz.inet.static.eastern-tele.com): 22 times
    115.84.91.63: 37 times
    116.228.122.188: 1 time
    118.24.36.247: 33 times
    118.125.106.12: 39 times
    119.4.225.31: 1 time
    120.92.210.196: 45 times
    122.51.89.18: 1 time
    122.51.108.64: 22 times
    122.51.238.211: 26 times
    122.97.130.196: 19 times
    122.152.196.222: 1 time
    122.166.192.26 (abts-kk-static-26.192.166.122.airtelbroadband.in): 31 times
    122.227.159.84: 41 times
    123.206.81.59: 68 times
    125.141.139.29: 33 times
    128.14.230.12: 53 times
    128.199.96.1: 1 time
    128.199.123.170: 25 times
    129.122.16.156: 32 times
    129.211.70.87: 42 times
    133.242.231.162: 4 times
    134.175.121.80: 26 times
    134.175.129.204: 47 times
    134.175.195.138: 33 times
    139.59.95.60: 35 times
    139.99.98.248 (248.ip-139-99-98.eu): 37 times
    142.93.68.181 (m2.k12-solutions.com): 35 times
    150.95.31.150 (v150-95-31-150.a006.g.bkk1.static.cnode.io): 3 times
    150.158.188.241: 34 times
    152.136.34.52: 19 times
    157.0.134.164: 39 times
    159.65.132.140: 27 times
    159.65.142.103: 70 times
    159.65.155.255: 3 times
    159.65.158.30: 1 time
    162.243.10.64: 52 times
    165.22.206.182 (digitalgg.com): 1 time
    166.111.68.25: 6 times
    167.71.237.144: 38 times
    167.99.99.10: 47 times
    168.194.111.110: 1 time
    170.239.85.39 (onstageobra.cl): 35 times
    175.24.72.19: 27 times
    176.31.102.37 (ns389831.ip-176-31-102.eu): 67 times
    176.31.127.152 (ns3141807.ip-176-31-127.eu): 25 times
    177.72.4.74 (static-74.4.72.177-ttvi.com.br): 1 time
    178.33.216.187 (onion2.hosting.ovh.web-et-solutions.com): 21 times
    179.222.96.70 (b3de6046.virtua.com.br): 5 times
    180.76.118.181: 40 times
    180.76.148.87: 1 time
    180.76.181.152: 25 times
    181.52.249.213 (static-ip-181520249213.cable.net.co): 39 times
    181.94.226.188 (host-188.181-94-226.personal.net.py): 35 times
    182.23.82.19: 1 time
    183.12.243.252: 19 times
    187.5.3.56 (4235331237.e.brasiltelecom.net.br): 1 time
    187.155.209.200 (dsl-187-155-209-200-dyn.prod-infinitum.com.mx): 1 time
    187.189.241.135 (fixed-187-189-241-135.totalplay.net): 1 time
    187.190.109.142 (fixed-187-190-109-142.totalplay.net): 4 times
    188.166.9.210: 36 times
    190.85.183.250: 45 times
    190.146.13.180 (static-ip-19014613180.cable.net.co): 1 time
    192.241.155.88: 29 times
    193.95.247.90 (BSN-95-247-90.static.siol.net): 42 times
    195.70.59.121: 4 times
    198.27.82.155 (ns506885.ip-198-27-82.net): 42 times
    198.46.152.161 (198-46-152-161-host.colocrossing.com): 12 times
    201.234.66.133 (201.234.66-133.static.impsat.com.co): 1 time
    202.29.33.245: 35 times
    202.143.111.42 (ip.viettelidchcm.com): 25 times
    203.245.29.148: 34 times
    210.212.29.215: 32 times
    211.157.164.162: 1 time
    211.253.133.48: 41 times
    212.129.246.52: 21 times
    213.32.111.52 (ip52.ip-213-32-111.eu): 32 times
    213.87.101.176: 16 times
    213.169.39.218: 38 times
    218.25.130.220: 1 time
    219.239.47.66: 1 time
    220.133.95.68 (220-133-95-68.HINET-IP.hinet.net): 21 times
    221.13.203.102 (hn.kd.smx.adsl): 40 times
    221.163.8.108: 5 times
    222.112.255.124: 37 times
    222.186.171.247: 29 times
    222.190.130.62: 24 times
    223.31.196.3 (223-30-0-0.lan.sify.net): 1 time
 
 Illegal users from:
    undef: 43 times
    39.115.113.146: 27 times
    65.49.20.69: 1 time
    112.70.191.130 (112-70-191-130f1.osk2.eonet.ne.jp): 2 times
    118.125.106.12: 1 time
    142.217.140.186 (142-217-140-186.telebecinternet.net): 2 times
    149.202.69.159 (ns3012242.ip-149-202-69.eu): 1 time
    185.220.101.207: 2 times
    220.133.95.68 (220-133-95-68.HINET-IP.hinet.net): 17 times
 
 ---------------------- SSHD End ------------------------- 

 
 --------------------- Disk Space Begin ------------------------ 

 Filesystem      Size  Used Avail Use% Mounted on
 /dev/vzfs       400G  242G  159G  61% /
 
 
 ---------------------- Disk Space End ------------------------- 

 
 ###################### Logwatch End #########################

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016