04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Sat Jan 30 04:42:05 2021
Date Range Processed: yesterday
( 2021-Jan-29 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [217:218]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 4 sites probed the server
37.187.139.22
45.148.10.61
46.101.99.227
61.219.11.153
Requests with error response codes
400 Bad Request
null: 6 Time(s)
mstshash=Administr: 3 Time(s)
/: 1 Time(s)
/config/getuser?index=0: 1 Time(s)
/manager/html: 1 Time(s)
/manager/text/list: 1 Time(s)
/w00tw00t.at.ISC.SANS.DFind:): 1 Time(s)
HTTP/1.0: 1 Time(s)
403 Forbidden
/resolutionen/sose17/gesellschaftlich_verantwortung/: 1 Time(s)
404 Not Found
/robots.txt: 42 Time(s)
/wp-login.php: 5 Time(s)
/datenschutz/: 1 Time(s)
/download/reader_hb02.pdf: 1 Time(s)
/download/zapfev_satzung.pdf: 1 Time(s)
/protokolle/Protokoll_MV_2019_01_11_Freiburg.pdf: 1 Time(s)
/reader/2016_SoSe_Konstanz_kurz.pdf%7CReader: 1 Time(s)
/sitemap.txt: 1 Time(s)
/sites/all/elfinder/connectors/php/connector.php: 1 Time(s)
/sites/all/elfinder/src/connectors/php/connector.php: 1 Time(s)
/sites/all/libraries/_elfinder/connectors/php/connector.php: 1 Time(s)
/sites/all/libraries/elfinder-1.1/connecto ... p/connector.php: 1 Time(s)
/sites/all/libraries/elfinder-1.1/src/conn ... p/connector.php: 1 Time(s)
/sites/all/libraries/elfinder-1.2/connecto ... p/connector.php: 1 Time(s)
/sites/all/libraries/elfinder-1.2/src/conn ... p/connector.php: 1 Time(s)
/sites/all/libraries/elfinder/php/connector.minimal.php: 1 Time(s)
/sites/all/libraries/elfinder/php/connector.php: 1 Time(s)
/sites/all/modules/elfinder/elfinder.html: 1 Time(s)
/sites/default/files/2006_SoSe_Dresden.pdf: 1 Time(s)
/sites/default/files/2012_WiSe_Karlsruhe.pdf: 1 Time(s)
/sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s)
/sites/default/files/Lehramtstellungnahme.pdf: 1 Time(s)
/sites/default/libraries/elfinder/connecto ... p/connector.php: 1 Time(s)
/sites/default/libraries/elfinder/src/conn ... p/connector.php: 1 Time(s)
/sites/zapfev.de//libraries/elfinder/conne ... p/connector.php: 1 Time(s)
/sites/zapfev.de//libraries/elfinder/src/c ... p/connector.php: 1 Time(s)
/xmlrpc.php: 1 Time(s)
499 (undefined)
/build/index-styles-pack.fef3ca2736298be630a4.css: 1 Time(s)
/fonts/SourceCodePro-Regular.woff: 1 Time(s)
500 Internal Server Error
/: 27 Time(s)
/robots.txt: 8 Time(s)
/atom.xml: 5 Time(s)
/sitemap.xml: 5 Time(s)
/sitemap.xml.gz: 5 Time(s)
/sitemap_index.xml: 5 Time(s)
/sitemaps.xml: 4 Time(s)
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 4 Time(s)
/?XDEBUG_SESSION_START=phpstorm: 2 Time(s)
/Autodiscover/Autodiscover.xml: 2 Time(s)
/admin//config.php: 2 Time(s)
/api/jsonws/invoke: 2 Time(s)
/console/: 2 Time(s)
/index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 2 Time(s)
/mifs/.;/services/LogService: 2 Time(s)
/wp-content/plugins/wp-file-manager/readme.txt: 2 Time(s)
/.env: 1 Time(s)
/actuator/health: 1 Time(s)
/folder: 1 Time(s)
/mob: 1 Time(s)
/solr/: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (159.75.0.175): 130 Time(s)
root (218.92.0.248): 95 Time(s)
root (61.155.217.77): 81 Time(s)
root (157.230.125.207): 79 Time(s)
root (157.245.81.242): 79 Time(s)
root (192.3.22.50): 75 Time(s)
root (113.89.32.164): 68 Time(s)
root (221.181.185.143): 68 Time(s)
root (165.22.210.35): 66 Time(s)
root (178.128.28.241): 64 Time(s)
root (41.72.219.102): 64 Time(s)
root (gamataxi.com): 64 Time(s)
root (186.47.213.34): 63 Time(s)
root (134.209.81.185): 62 Time(s)
root (node-kg7.pool-182-52.dynamic.totinternet.net): 62 Time(s)
root (195.97.75.174): 61 Time(s)
root (68.183.31.114): 61 Time(s)
root (vps-5ec26a50.vps.ovh.net): 61 Time(s)
root (103.75.34.219): 60 Time(s)
root (119.96.192.249): 60 Time(s)
root (154.ip-51-68-44.eu): 60 Time(s)
root (159.65.81.49): 60 Time(s)
root (165.227.198.222): 60 Time(s)
root (49.51.182.144): 60 Time(s)
root (82-65-117-46.subs.proxad.net): 60 Time(s)
root (thebitcoin.exchange): 60 Time(s)
root (119.28.194.66): 59 Time(s)
root (158.101.12.235): 59 Time(s)
root (178.140.87.34.bc.googleusercontent.com): 59 Time(s)
root (186.214.234.27): 59 Time(s)
root (222.128.6.99): 59 Time(s)
root (sam.valuewarhouse.com): 59 Time(s)
root (193.112.86.231): 57 Time(s)
root (40.112.170.3): 57 Time(s)
root (101.32.178.208): 56 Time(s)
root (65.97.252.131): 56 Time(s)
root (49.213.188.102): 55 Time(s)
root (61.174.171.62): 55 Time(s)
root (62.28.253.197): 55 Time(s)
root (ns368868.ip-94-23-38.eu): 55 Time(s)
root (106.75.251.140): 54 Time(s)
root (159.192.143.249): 54 Time(s)
root (213.193.42.1): 54 Time(s)
root (27.155.101.233): 54 Time(s)
root (61.177.172.104): 54 Time(s)
root (vps-19bfc26a.vps.ovh.net): 54 Time(s)
root (178.128.59.39): 53 Time(s)
root (167.98.71.52): 52 Time(s)
root (211.108.51.122): 52 Time(s)
root (45.118.151.85): 52 Time(s)
root (45.7.116.162): 52 Time(s)
root (49.233.2.204): 52 Time(s)
root (192.95.6.110): 51 Time(s)
root (198.211.107.224): 51 Time(s)
root (64.227.33.176): 51 Time(s)
root (ip-72-167-224-135.ip.secureserver.net): 51 Time(s)
root (222.187.238.87): 50 Time(s)
root (ns3108240.ip-37-187-102.eu): 50 Time(s)
root (112.196.43.202): 49 Time(s)
root (192.144.138.102): 49 Time(s)
root (122.51.15.197): 48 Time(s)
root (81.68.154.150): 48 Time(s)
root (191.31.228.19): 46 Time(s)
root (222.187.239.31): 46 Time(s)
root (66.154.107.47): 43 Time(s)
root (140.143.230.109): 42 Time(s)
root (47.254.179.224): 42 Time(s)
root (119.45.137.52): 41 Time(s)
root (backup2.ibetia.es): 39 Time(s)
root (118.24.211.170): 37 Time(s)
root (221.181.185.140): 36 Time(s)
root (165.22.73.254): 35 Time(s)
root (112.64.52.87): 34 Time(s)
root (139.199.123.152): 34 Time(s)
root (static-css-csq-199-40.business.bouyguestelecom.com): 34 Time(s)
unknown (112.64.52.87): 29 Time(s)
root (210.16.180.231): 21 Time(s)
root (120.53.233.197): 18 Time(s)
root (122.194.229.122): 15 Time(s)
root (221.181.185.141): 14 Time(s)
unknown (195.54.160.134): 13 Time(s)
root (112.85.42.47): 11 Time(s)
root (112.85.42.172): 10 Time(s)
root (112.85.42.174): 10 Time(s)
root (112.85.42.181): 10 Time(s)
root (112.85.42.184): 10 Time(s)
root (180.76.111.247): 10 Time(s)
root (195.54.160.134): 9 Time(s)
root (104.248.248.126): 7 Time(s)
root (68.183.128.56): 7 Time(s)
root (87.241.1.186): 7 Time(s)
root (vps-6d6083e9.vps.ovh.ca): 7 Time(s)
root (112.85.42.53): 6 Time(s)
root (122.194.229.59): 6 Time(s)
root (112.85.42.110): 5 Time(s)
root (112.85.42.119): 5 Time(s)
root (112.85.42.13): 5 Time(s)
root (112.85.42.183): 5 Time(s)
root (112.85.42.230): 5 Time(s)
root (122.194.229.54): 5 Time(s)
root (191.205.136.34): 5 Time(s)
root (152.171.152.2): 4 Time(s)
root (152.136.134.77): 3 Time(s)
unknown (171.226.1.56): 3 Time(s)
unknown (188.126.89.28): 3 Time(s)
unknown (27.70.134.169): 3 Time(s)
unknown (141.98.80.29): 2 Time(s)
unknown (141.98.80.90): 2 Time(s)
unknown (141.98.80.93): 2 Time(s)
root (1.199.195.45): 1 Time(s)
root (103.130.214.25): 1 Time(s)
root (103.57.123.1): 1 Time(s)
root (106.12.174.182): 1 Time(s)
root (106.55.94.189): 1 Time(s)
root (106.75.133.250): 1 Time(s)
root (112.198.15.5): 1 Time(s)
root (113.203.236.211): 1 Time(s)
root (116.24.67.145): 1 Time(s)
root (117.55.241.179): 1 Time(s)
root (119.45.144.250): 1 Time(s)
root (119.45.239.67): 1 Time(s)
root (120.70.101.85): 1 Time(s)
root (141.98.80.89): 1 Time(s)
root (141.98.80.91): 1 Time(s)
root (141.98.80.92): 1 Time(s)
root (157.230.94.116): 1 Time(s)
root (171.226.1.56): 1 Time(s)
root (178.128.52.226): 1 Time(s)
root (203.135.20.36): 1 Time(s)
root (211.251.239.72): 1 Time(s)
root (218.75.121.74): 1 Time(s)
root (219.136.95.234): 1 Time(s)
root (42.192.234.75): 1 Time(s)
root (49.235.74.168): 1 Time(s)
root (52.188.69.174): 1 Time(s)
root (58.214.36.86): 1 Time(s)
root (81.161.63.253): 1 Time(s)
root (81.68.83.82): 1 Time(s)
root (81.70.201.53): 1 Time(s)
root (vps-9384952f.vps.ovh.net): 1 Time(s)
unknown (141.98.80.89): 1 Time(s)
unknown (141.98.80.91): 1 Time(s)
unknown (141.98.80.92): 1 Time(s)
unknown (61.174.171.62): 1 Time(s)
unknown (91.243.45.39): 1 Time(s)
Invalid Users:
Unknown Account: 62 Time(s)
systemd-user:
Unknown Entries:
session closed for user root: 1 Time(s)
session opened for user root by (uid=0): 1 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
7 Miscellaneous warnings
20.755K Bytes accepted 21,253
20.755K Bytes sent via SMTP 21,253
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
6 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
6 Total 4xx Rejects 100.00%
======== ==================================================
181 Connections
6 Connections lost (inbound)
181 Disconnections
1 Removed from queue
1 Sent via SMTP
3 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
root : 49 Time(s)
Failed logins from:
1.199.195.45: 1 time
27.155.101.233: 54 times
34.87.140.178 (178.140.87.34.bc.googleusercontent.com): 59 times
37.59.36.210 (backup2.ibetia.es): 39 times
37.187.102.205 (ns3108240.ip-37-187-102.eu): 50 times
40.112.170.3: 57 times
41.72.219.102 (41.72.219.102.liquidtelecom.net): 64 times
42.192.234.75: 1 time
45.7.116.162: 52 times
45.118.151.85 (hosted-by.vonline.vn): 52 times
47.254.179.224: 42 times
49.51.182.144: 60 times
49.213.188.102 (102-188-213-49.tinp.net.tw): 55 times
49.233.2.204: 52 times
49.235.74.168: 1 time
51.68.44.154 (154.ip-51-68-44.eu): 60 times
51.83.72.208 (vps-19bfc26a.vps.ovh.net): 54 times
51.83.128.210 (vps-9384952f.vps.ovh.net): 1 time
51.210.182.187 (vps-5ec26a50.vps.ovh.net): 61 times
51.222.139.65 (vps-6d6083e9.vps.ovh.ca): 7 times
52.188.69.174: 1 time
58.214.36.86: 1 time
61.155.217.77: 81 times
61.174.171.62: 55 times
61.177.172.104: 54 times
62.28.253.197: 55 times
64.227.33.176: 51 times
65.97.252.131: 56 times
66.154.107.47 (66.154.107.47.static.quadranet.com): 43 times
68.183.31.114: 61 times
68.183.128.56: 7 times
72.167.224.135 (ip-72-167-224-135.ip.secureserver.net): 51 times
81.68.83.82: 1 time
81.68.154.150: 48 times
81.70.201.53: 1 time
81.161.63.253: 1 time
82.65.117.46 (82-65-117-46.subs.proxad.net): 60 times
87.241.1.186: 7 times
94.23.38.191 (ns368868.ip-94-23-38.eu): 55 times
101.32.178.208: 56 times
103.57.123.1: 1 time
103.75.34.219: 60 times
103.130.214.25: 1 time
104.236.5.8 (gamataxi.com): 64 times
104.248.248.126: 7 times
106.12.174.182: 1 time
106.55.94.189: 1 time
106.75.133.250: 1 time
106.75.251.140: 54 times
112.64.52.87: 34 times
112.85.42.13: 5 times
112.85.42.47: 11 times
112.85.42.53: 6 times
112.85.42.110: 5 times
112.85.42.119: 5 times
112.85.42.172: 10 times
112.85.42.174: 10 times
112.85.42.181: 10 times
112.85.42.183: 5 times
112.85.42.184: 10 times
112.85.42.230: 5 times
112.196.43.202: 49 times
112.198.15.5: 1 time
113.89.32.164: 68 times
113.203.236.211: 1 time
116.24.67.145: 1 time
117.55.241.179: 1 time
118.24.211.170: 37 times
119.28.194.66: 59 times
119.45.137.52: 41 times
119.45.144.250: 1 time
119.45.239.67: 1 time
119.96.192.249: 60 times
120.53.233.197: 18 times
120.70.101.85: 1 time
122.51.15.197: 48 times
122.194.229.54: 5 times
122.194.229.59: 6 times
122.194.229.122: 15 times
134.209.81.185: 62 times
139.199.123.152: 34 times
140.143.230.109: 42 times
141.98.80.89: 1 time
141.98.80.91: 1 time
141.98.80.92: 1 time
152.136.134.77: 3 times
152.171.152.2 (2-152-171-152.fibertel.com.ar): 4 times
157.230.94.116: 1 time
157.230.125.207 (dreamon.pk): 79 times
157.245.81.242: 79 times
158.101.12.235: 59 times
159.65.81.49: 60 times
159.75.0.175: 130 times
159.192.143.249: 54 times
159.203.184.19 (thebitcoin.exchange): 60 times
165.22.73.254: 35 times
165.22.210.35: 66 times
165.227.198.222: 60 times
167.98.71.52: 52 times
171.226.1.56 (dynamic-adsl.viettel.vn): 1 time
173.249.0.88 (sam.valuewarhouse.com): 59 times
176.174.199.40 (static-css-csq-199-40.business.bouyguestelecom.com): 34 times
178.128.28.241: 64 times
178.128.52.226: 1 time
178.128.59.39: 53 times
180.76.111.247: 10 times
182.52.103.135 (node-kg7.pool-182-52.dynamic.totinternet.net): 62 times
186.47.213.34 (34.213.47.186.static.anycast.cnt-grms.ec): 63 times
186.214.234.27 (186.214.234.27.static.host.gvt.net.br): 59 times
191.31.228.19 (191.31.228.19.dynamic.adsl.gvt.net.br): 46 times
191.205.136.34 (191-205-136-34.user.vivozap.com.br): 5 times
192.3.22.50 (192-3-22-50-host.colocrossing.com): 75 times
192.95.6.110 (sa.signifi.com): 51 times
192.144.138.102: 49 times
193.112.86.231: 57 times
195.54.160.134: 9 times
195.97.75.174: 61 times
198.211.107.224: 51 times
203.135.20.36: 1 time
210.16.180.231: 21 times
211.108.51.122: 52 times
211.251.239.72: 1 time
213.193.42.1: 54 times
218.75.121.74: 1 time
218.92.0.248: 95 times
219.136.95.234 (234.95.136.219.broad.gz.gd.dynamic.163data.com.cn): 1 time
221.181.185.140: 42 times
221.181.185.141: 18 times
221.181.185.143: 78 times
222.128.6.99: 59 times
222.187.238.87: 54 times
222.187.239.31: 48 times
Illegal users from:
undef: 48 times
27.70.134.169 (localhost): 3 times
61.174.171.62: 1 time
65.49.20.68 (scan-19.shadowserver.org): 1 time
91.243.45.39: 1 time
112.64.52.87: 29 times
141.98.80.29: 2 times
141.98.80.89: 1 time
141.98.80.90: 2 times
141.98.80.91: 1 time
141.98.80.92: 1 time
141.98.80.93: 2 times
171.226.1.56 (dynamic-adsl.viettel.vn): 3 times
188.126.89.28: 3 times
195.54.160.134: 13 times
Users logging in through sshd:
root:
176.94.82.115 (business-176-094-082-115.static.arcor-ip.net): 1 time
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/ploop47755p1 394G 243G 132G 65% /
none 4.0G 0 4.0G 0% /dev
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
1723
days inactive
1723
days old
0 comments
1 participants
participants (1)
-
root@zapf.in