04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Sat Jun 15 04:42:08 2019
Date Range Processed: yesterday
( 2019-Jun-14 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [372:370]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 3 sites probed the server
134.249.141.24
61.219.11.153
77.247.110.141
Requests with error response codes
400 Bad Request
null: 4 Time(s)
/: 1 Time(s)
mstshash=Administr: 1 Time(s)
404 Not Found
/robots.txt: 32 Time(s)
/berlin/apple-touch-icon.png: 6 Time(s)
//2015/wp-includes/wlwmanifest.xml: 1 Time(s)
//2016/wp-includes/wlwmanifest.xml: 1 Time(s)
//2017/wp-includes/wlwmanifest.xml: 1 Time(s)
//2018/wp-includes/wlwmanifest.xml: 1 Time(s)
//blog/wp-includes/wlwmanifest.xml: 1 Time(s)
//cms/wp-includes/wlwmanifest.xml: 1 Time(s)
//media/wp-includes/wlwmanifest.xml: 1 Time(s)
//news/wp-includes/wlwmanifest.xml: 1 Time(s)
//shop/wp-includes/wlwmanifest.xml: 1 Time(s)
//site/wp-includes/wlwmanifest.xml: 1 Time(s)
//sito/wp-includes/wlwmanifest.xml: 1 Time(s)
//test/wp-includes/wlwmanifest.xml: 1 Time(s)
//web/wp-includes/wlwmanifest.xml: 1 Time(s)
//website/wp-includes/wlwmanifest.xml: 1 Time(s)
//wordpress//: 1 Time(s)
//wordpress/wp-includes/wlwmanifest.xml: 1 Time(s)
//wp-includes/wlwmanifest.xml: 1 Time(s)
//wp/wp-includes/wlwmanifest.xml: 1 Time(s)
//wp1/wp-includes/wlwmanifest.xml: 1 Time(s)
//wp2/wp-includes/wlwmanifest.xml: 1 Time(s)
//xmlrpc.php?rsd: 1 Time(s)
/berlin/helfika/apple-touch-icon.png: 1 Time(s)
/protokolle/ergebnisprotokoll_mv_09.06.2017.pdf: 1 Time(s)
/reader/1982-wi-Stuttgart_Wi82.pdf;Stuttgart: 1 Time(s)
/sites/default/files/2009_WiSe_M%C3%BCnchen.pdf: 1 Time(s)
/wp-login.php: 1 Time(s)
500 Internal Server Error
/: 64 Time(s)
/downloader/index.php: 3 Time(s)
/errors/503.php: 3 Time(s)
/index.php/admin/: 3 Time(s)
//libs/js/iframe.js: 1 Time(s)
/HNAP1: 1 Time(s)
/HNAP1/: 1 Time(s)
/evox/about: 1 Time(s)
/nmaplowercheck1560532158: 1 Time(s)
/sdk: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
unknown (94.191.78.128): 46 Time(s)
unknown (165.22.141.139): 44 Time(s)
unknown (181.164.150.65): 40 Time(s)
unknown (139.59.3.151): 39 Time(s)
unknown (178.128.119.59): 39 Time(s)
unknown (212.64.59.94): 39 Time(s)
unknown (118.24.165.163): 38 Time(s)
unknown (124.193.207.90): 38 Time(s)
unknown (140.143.151.93): 38 Time(s)
unknown (180.96.28.87): 38 Time(s)
unknown (194.59.165.27): 38 Time(s)
unknown (120.132.117.254): 37 Time(s)
unknown (139.199.34.112): 37 Time(s)
unknown (111.231.139.30): 36 Time(s)
unknown (121.49.99.9): 36 Time(s)
unknown (221.124.16.208): 36 Time(s)
unknown (115.159.25.60): 35 Time(s)
unknown (118.25.138.95): 34 Time(s)
unknown (174.138.9.132): 34 Time(s)
unknown (212.156.136.114): 34 Time(s)
unknown (255.ip-151-80-144.eu): 34 Time(s)
unknown (41.138.220.67): 34 Time(s)
unknown (106.12.87.149): 33 Time(s)
unknown (170.0.128.10.livecom.net.br): 33 Time(s)
unknown (ns3052098.ip-46-105-112.eu): 33 Time(s)
unknown (45.55.20.128): 32 Time(s)
unknown (119.10.58.58): 29 Time(s)
unknown (203.118.57.21): 27 Time(s)
unknown (118.89.26.58): 24 Time(s)
unknown (150.109.23.56): 24 Time(s)
root (118.25.138.95): 15 Time(s)
root (170.0.128.10.livecom.net.br): 15 Time(s)
root (212.156.136.114): 14 Time(s)
root (221.124.16.208): 11 Time(s)
root (111.231.139.30): 10 Time(s)
root (121.49.99.9): 10 Time(s)
root (124.193.207.90): 10 Time(s)
root (45.55.20.128): 10 Time(s)
root (106.12.87.149): 9 Time(s)
root (118.24.165.163): 9 Time(s)
root (139.59.3.151): 9 Time(s)
root (165.22.141.139): 9 Time(s)
root (194.59.165.27): 9 Time(s)
root (ns3052098.ip-46-105-112.eu): 9 Time(s)
root (180.96.28.87): 8 Time(s)
root (94.191.78.128): 8 Time(s)
unknown (106.13.9.153): 8 Time(s)
root (120.132.117.254): 7 Time(s)
root (178.128.119.59): 7 Time(s)
root (181.164.150.65): 7 Time(s)
root (212.64.59.94): 7 Time(s)
unknown (c-24-2-205-235.hsd1.ma.comcast.net): 7 Time(s)
root (113.238.165.92): 6 Time(s)
root (118.89.26.58): 6 Time(s)
root (174.138.9.132): 6 Time(s)
root (182.244.74.54): 6 Time(s)
root (203.118.57.21): 6 Time(s)
root (218.92.0.141): 6 Time(s)
root (218.92.0.179): 6 Time(s)
root (41.138.220.67): 6 Time(s)
unknown (182.254.146.167): 6 Time(s)
root (119.10.58.58): 5 Time(s)
root (255.ip-151-80-144.eu): 5 Time(s)
root (140.143.151.93): 4 Time(s)
root (c-24-2-205-235.hsd1.ma.comcast.net): 4 Time(s)
unknown (2.235.236.254): 4 Time(s)
root (106.13.9.153): 3 Time(s)
root (150.109.23.56): 3 Time(s)
root (2.235.236.254): 3 Time(s)
root (115.159.25.60): 2 Time(s)
root (58.242.82.6): 2 Time(s)
unknown (136-41-146-85.ftth.glasoperator.nl): 2 Time(s)
backup (118.24.165.163): 1 Time(s)
backup (118.89.26.58): 1 Time(s)
backup (124.193.207.90): 1 Time(s)
games (120.132.117.254): 1 Time(s)
games (194.59.165.27): 1 Time(s)
gnats (121.49.99.9): 1 Time(s)
irc (118.24.165.163): 1 Time(s)
irc (140.143.151.93): 1 Time(s)
irc (174.138.9.132): 1 Time(s)
list (120.132.117.254): 1 Time(s)
list (170.0.128.10.livecom.net.br): 1 Time(s)
list (178.128.119.59): 1 Time(s)
list (212.156.136.114): 1 Time(s)
lp (41.138.220.67): 1 Time(s)
mail (111.231.139.30): 1 Time(s)
mail (119.10.58.58): 1 Time(s)
mail (174.138.9.132): 1 Time(s)
mail (212.64.59.94): 1 Time(s)
mailman (165.22.141.139): 1 Time(s)
mailman (212.156.136.114): 1 Time(s)
mailman (41.138.220.67): 1 Time(s)
man (255.ip-151-80-144.eu): 1 Time(s)
mysql (115.159.25.60): 1 Time(s)
mysql (121.49.99.9): 1 Time(s)
mysql (165.22.141.139): 1 Time(s)
mysql (174.138.9.132): 1 Time(s)
postfix (221.124.16.208): 1 Time(s)
postgres (140.143.151.93): 1 Time(s)
postgres (178.128.119.59): 1 Time(s)
postgres (180.96.28.87): 1 Time(s)
postgres (181.164.150.65): 1 Time(s)
postgres (94.191.78.128): 1 Time(s)
proxy (212.64.59.94): 1 Time(s)
root (136-41-146-85.ftth.glasoperator.nl): 1 Time(s)
root (218.92.0.160): 1 Time(s)
root (58.59.2.26): 1 Time(s)
smmsp (118.24.165.163): 1 Time(s)
smmta (120.132.117.254): 1 Time(s)
sshd (111.231.139.30): 1 Time(s)
sshd (118.89.26.58): 1 Time(s)
sshd (180.96.28.87): 1 Time(s)
sync (140.143.151.93): 1 Time(s)
temp (165.22.141.139): 1 Time(s)
unknown (110.78.147.241): 1 Time(s)
unknown (114-32-3-138.hinet-ip.hinet.net): 1 Time(s)
unknown (117.0.35.153): 1 Time(s)
unknown (159.89.235.255): 1 Time(s)
unknown (181.111.181.50): 1 Time(s)
unknown (196.32.194.90): 1 Time(s)
unknown (61.39.60.178.static.reverse-mundo-r.com): 1 Time(s)
unknown (72.49.25.1): 1 Time(s)
unknown (91.218.101.157): 1 Time(s)
unknown (ns397581.ip-151-80-40.eu): 1 Time(s)
unknown (oc-129-152-43-143.compute.oraclecloud.com): 1 Time(s)
www-data (170.0.128.10.livecom.net.br): 1 Time(s)
Invalid Users:
Unknown Account: 1097 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
4 Miscellaneous warnings
12.200K Bytes accepted 12,493
12.200K Bytes sent via SMTP 12,493
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
2 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
2 Total 4xx Rejects 100.00%
======== ==================================================
17 Connections
11 Connections lost (inbound)
17 Disconnections
1 Removed from queue
1 Sent via SMTP
1 SMTP protocol violations
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
root : 4 Time(s)
Failed logins from:
2.235.236.254: 3 times
24.2.205.235 (c-24-2-205-235.hsd1.ma.comcast.net): 4 times
41.138.220.67: 8 times
45.55.20.128: 10 times
46.105.112.107 (ns3052098.ip-46-105-112.eu): 9 times
58.59.2.26: 1 time
58.242.82.6: 7 times
85.146.41.136 (136-41-146-85.ftth.glasoperator.nl): 1 time
94.191.78.128: 9 times
106.12.87.149: 9 times
106.13.9.153: 3 times
111.231.139.30: 12 times
113.238.165.92: 6 times
115.159.25.60: 3 times
118.24.165.163: 12 times
118.25.138.95: 15 times
118.89.26.58: 8 times
119.10.58.58: 6 times
120.132.117.254: 10 times
121.49.99.9: 12 times
124.193.207.90: 11 times
139.59.3.151: 9 times
140.143.151.93: 7 times
150.109.23.56: 3 times
151.80.144.255 (255.ip-151-80-144.eu): 6 times
165.22.141.139: 12 times
170.0.128.10 (170.0.128.10.livecom.net.br): 17 times
174.138.9.132: 9 times
178.128.119.59: 9 times
180.96.28.87: 10 times
181.164.150.65 (65-150-164-181.fibertel.com.ar): 8 times
182.244.74.54: 6 times
194.59.165.27: 10 times
203.118.57.21: 6 times
212.64.59.94: 9 times
212.156.136.114 (212.156.136.114.static.turktelekom.com.tr): 16 times
218.92.0.141: 6 times
218.92.0.160: 2 times
218.92.0.179: 6 times
221.124.16.208: 12 times
Illegal users from:
undef: 853 times
2.235.236.254: 4 times
24.2.205.235 (c-24-2-205-235.hsd1.ma.comcast.net): 7 times
41.138.220.67: 34 times
45.55.20.128: 32 times
46.105.112.107 (ns3052098.ip-46-105-112.eu): 33 times
72.49.25.1 (fl1-dsl-72-49-25-1.fuse.net): 1 time
85.146.41.136 (136-41-146-85.ftth.glasoperator.nl): 2 times
91.218.101.157 (client.157.101.218.91.kvartal-net.ru): 1 time
94.191.78.128: 46 times
106.12.87.149: 33 times
106.13.9.153: 8 times
110.78.147.241: 1 time
111.231.139.30: 36 times
114.32.3.138 (114-32-3-138.HINET-IP.hinet.net): 1 time
115.159.25.60: 35 times
117.0.35.153: 1 time
118.24.165.163: 38 times
118.25.138.95: 34 times
118.89.26.58: 24 times
119.10.58.58: 29 times
120.132.117.254: 37 times
121.49.99.9: 36 times
124.193.207.90: 38 times
129.152.43.143 (oc-129-152-43-143.compute.oraclecloud.com): 1 time
139.59.3.151: 39 times
139.199.34.112: 37 times
140.143.151.93: 38 times
150.109.23.56: 24 times
151.80.40.199 (ns397581.ip-151-80-40.eu): 1 time
151.80.144.255 (255.ip-151-80-144.eu): 34 times
159.89.235.255: 1 time
165.22.141.139: 44 times
170.0.128.10 (170.0.128.10.livecom.net.br): 33 times
174.138.9.132: 34 times
178.60.39.61 (61.39.60.178.static.reverse-mundo-r.com): 1 time
178.128.119.59: 39 times
180.96.28.87: 38 times
181.111.181.50 (host50.181-111-181.telecom.net.ar): 1 time
181.164.150.65 (65-150-164-181.fibertel.com.ar): 40 times
182.254.146.167: 6 times
194.59.165.27: 38 times
196.32.194.90: 1 time
203.118.57.21: 27 times
212.64.59.94: 39 times
212.156.136.114 (212.156.136.114.static.turktelekom.com.tr): 34 times
221.124.16.208: 36 times
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 400G 242G 159G 61% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
2320
days inactive
2320
days old
0 comments
1 participants
participants (1)
-
root@zapf.in