Logwatch for h2361197.stratoserver.net (Linux)

Freitag, 24 Mai 2019


 
 ################### Logwatch 7.4.0 (03/01/11) #################### 
        Processing Initiated: Fri May 24 04:42:07 2019
        Date Range Processed: yesterday
                              ( 2019-May-23 )
                              Period is day.
        Detail Level of Output: 0
        Type of Output/Format: mail / text
        Logfiles for Host: h2361197.stratoserver.net
 ################################################################## 
 
 --------------------- fail2ban-messages Begin ------------------------ 

 Banned services with Fail2Ban:				 Bans:Unbans
    ssh:                                                    [579:580]
 
 ---------------------- fail2ban-messages End ------------------------- 

 
 --------------------- httpd Begin ------------------------ 

 
 A total of 3 sites probed the server 
    172.104.242.173
    61.219.11.153
    71.6.146.130
 
 Requests with error response codes
    400 Bad Request
       null: 12 Time(s)
       mstshash=Administr: 3 Time(s)
       /: 1 Time(s)
       /moo: 1 Time(s)
       http://110.249.212.46/testget?q=23333&port=80: 1 Time(s)
       http://177.148.191.160:8173/kne3lkkv5qftbz ... 8sv2hkg82k5ipb9: 1 Time(s)
    404 Not Found
       /robots.txt: 37 Time(s)
       /berlin/apple-touch-icon.png: 2 Time(s)
       /berlin/orientierung/apple-touch-icon.png: 1 Time(s)
       /index.php?option=com_user&task=register: 1 Time(s)
       /protokolle/ergebnisprotokoll_mv_09.06.2017.pdf: 1 Time(s)
       /reader/Sammlung_aller_Resolutionen.pdf: 1 Time(s)
       /reader/SoSe13_AK_MatheVorkurs.pdf: 1 Time(s)
       /reader/SoSe14_AK_Kommentierte_Studienordnungen.pdf: 1 Time(s)
       /reader/SoSe14_AK_Pr%C3%BCfungssystem_Sammlung.pdf: 1 Time(s)
       /reader/SoSe14_AK_Zivilklausel.pdf: 1 Time(s)
       /reader/SoSe15_AK_Studienf%C3%BChrer.pdf: 1 Time(s)
       /reader/WiSe12_AK_Schule-Studium.pdf: 1 Time(s)
       /reader/WiSe14_AK_GO_und_Satzungs%C3%A4nderung.pdf: 1 Time(s)
       /reader/ZiP_Zivilklausel.pdf: 1 Time(s)
       /sites/default/files/2009_WiSe_M%C3%BCnchen.pdf: 1 Time(s)
       /user/register: 1 Time(s)
       /wp-login.php: 1 Time(s)
       /wp-login.php?action=register: 1 Time(s)
       /zapf/geschaeftsordnung: 1 Time(s)
    500 Internal Server Error
       /: 10 Time(s)
       /.well-known/security.txt: 1 Time(s)
       /HNAP1/: 1 Time(s)
       /favicon.ico: 1 Time(s)
       /robots.txt: 1 Time(s)
       /sitemap.xml: 1 Time(s)
 
 ---------------------- httpd End ------------------------- 

 
 --------------------- pam_unix Begin ------------------------ 

 sshd:
    Authentication Failures:
       unknown (123.49.33.235): 61 Time(s)
       unknown (165-73-41-214.ip.afrihost.joburg): 61 Time(s)
       unknown (104.236.52.94): 60 Time(s)
       unknown (200.49.39.210): 60 Time(s)
       unknown (180.76.150.87): 58 Time(s)
       unknown (222.184.233.222): 58 Time(s)
       unknown (111.231.87.204): 55 Time(s)
       unknown (host81-142-80-97.in-addr.btopenworld.com): 55 Time(s)
       unknown (114.113.221.162): 53 Time(s)
       unknown (149.ip-51-254-206.eu): 51 Time(s)
       unknown (158.ip-51-83-74.eu): 51 Time(s)
       unknown (16.ip-145-239-90.eu): 51 Time(s)
       unknown (186.151.18.213): 51 Time(s)
       unknown (68.183.16.188): 51 Time(s)
       unknown (matteosistisette.com): 51 Time(s)
       unknown (104.248.29.180): 50 Time(s)
       unknown (167.99.54.4): 50 Time(s)
       unknown (178.128.13.21): 50 Time(s)
       unknown (92.ip-51-75-204.eu): 49 Time(s)
       unknown (c-73-88-85-67.hsd1.sc.comcast.net): 49 Time(s)
       unknown (dedicated.totopsy.ovh): 49 Time(s)
       unknown (25.ip-51-75-195.eu): 48 Time(s)
       unknown (49.205.166.14): 47 Time(s)
       unknown (103.99.109.126): 42 Time(s)
       unknown (185.46.191.40): 42 Time(s)
       unknown (112.64.33.38): 41 Time(s)
       unknown (106.12.204.44): 38 Time(s)
       unknown (142.93.72.131): 33 Time(s)
       unknown (177.139.167.7): 33 Time(s)
       unknown (msmail.mouthshut.com): 33 Time(s)
       unknown (196.205.110.229): 32 Time(s)
       unknown (202.29.221.202): 30 Time(s)
       unknown (121.204.148.98): 29 Time(s)
       unknown (77-161-191-90.dyn.estpak.ee): 29 Time(s)
       unknown (198.187.30.125): 27 Time(s)
       unknown (79.61.51.195): 27 Time(s)
       unknown (58.140.223.5): 24 Time(s)
       unknown (182.70.253.202): 21 Time(s)
       unknown (189-211-85-194.static.axtel.net): 21 Time(s)
       unknown (140.143.170.123): 19 Time(s)
       unknown (222.240.1.0): 19 Time(s)
       unknown (177.71.74.230): 18 Time(s)
       unknown (206.189.165.94): 18 Time(s)
       unknown (kvm10.dc01.octopeek.com): 18 Time(s)
       unknown (199.195.251.227): 17 Time(s)
       unknown (177.94.224.157): 15 Time(s)
       unknown (121.69.128.147): 14 Time(s)
       unknown (190.189.107.101): 12 Time(s)
       unknown (82-64-88-94.subs.proxad.net): 12 Time(s)
       unknown (213-47-38-104.cable.dynamic.surfer.at): 11 Time(s)
       unknown (142.197.22.33): 10 Time(s)
       unknown (122.3.139.131): 9 Time(s)
       unknown (77-105-106-51.lpok.fi): 7 Time(s)
       root (broadband-5-228-94-115.ip.moscow.rt.ru): 6 Time(s)
       unknown (112.161.29.49): 6 Time(s)
       unknown (178.128.201.224): 6 Time(s)
       unknown (128.199.136.129): 5 Time(s)
       unknown (95.58.194.141): 5 Time(s)
       unknown (46.32.69.242): 4 Time(s)
       unknown (104-0-142-113.lightspeed.austtx.sbcglobal.net): 3 Time(s)
       unknown (121.132.17.79): 3 Time(s)
       postgres (104.248.29.180): 2 Time(s)
       temp (92.ip-51-75-204.eu): 2 Time(s)
       unknown (193.32.163.89): 2 Time(s)
       unknown (50-252-159-185-static.hfc.comcastbusiness.net): 2 Time(s)
       unknown (66-214-207-90.dhcp.atsc.ca.charter.com): 2 Time(s)
       unknown (aputeaux-652-1-91-233.w86-217.abo.wanadoo.fr): 2 Time(s)
       unknown (s01069050cad122b3.ok.shawcable.net): 2 Time(s)
       unknown (s10.lateos.net): 2 Time(s)
       www-data (178.128.13.21): 2 Time(s)
       backup (121.69.128.147): 1 Time(s)
       backup (123.49.33.235): 1 Time(s)
       backup (199.195.251.227): 1 Time(s)
       backup (200.49.39.210): 1 Time(s)
       backup (49.205.166.14): 1 Time(s)
       backup (77-161-191-90.dyn.estpak.ee): 1 Time(s)
       backup (msmail.mouthshut.com): 1 Time(s)
       daemon (dedicated.totopsy.ovh): 1 Time(s)
       gnats (165-73-41-214.ip.afrihost.joburg): 1 Time(s)
       gnats (49.205.166.14): 1 Time(s)
       lp (25.ip-51-75-195.eu): 1 Time(s)
       mailman (222.184.233.222): 1 Time(s)
       mysql (158.ip-51-83-74.eu): 1 Time(s)
       mysql (167.99.54.4): 1 Time(s)
       nobody (139.59.78.236): 1 Time(s)
       nobody (202.29.221.202): 1 Time(s)
       postfix (104.248.29.180): 1 Time(s)
       postgres (114.113.221.162): 1 Time(s)
       postgres (123.49.33.235): 1 Time(s)
       postgres (167.99.54.4): 1 Time(s)
       postgres (180.76.150.87): 1 Time(s)
       postgres (200.49.39.210): 1 Time(s)
       postgres (202.29.221.202): 1 Time(s)
       postgres (25.ip-51-75-195.eu): 1 Time(s)
       postgres (77-161-191-90.dyn.estpak.ee): 1 Time(s)
       postgres (c-73-88-85-67.hsd1.sc.comcast.net): 1 Time(s)
       postgres (dedicated.totopsy.ovh): 1 Time(s)
       root (112.140.185.64): 1 Time(s)
       root (119.42.175.200): 1 Time(s)
       root (124.158.5.112): 1 Time(s)
       root (128.199.182.235): 1 Time(s)
       root (146.185.149.245): 1 Time(s)
       root (162.144.72.163): 1 Time(s)
       root (178.128.79.169): 1 Time(s)
       root (210.183.236.30): 1 Time(s)
       root (222.240.1.0): 1 Time(s)
       root (45.55.42.17): 1 Time(s)
       root (46.101.27.6): 1 Time(s)
       root (72-24-99-155.cpe.cableone.net): 1 Time(s)
       root (74.63.193.14): 1 Time(s)
       root (exit4.tor-network.net): 1 Time(s)
       root (zrh-exit.privateinternetaccess.com): 1 Time(s)
       sync (25.ip-51-75-195.eu): 1 Time(s)
       sys (104.248.29.180): 1 Time(s)
       temp (185.46.191.40): 1 Time(s)
       temp (200.49.39.210): 1 Time(s)
       temp (49.167.241.224): 1 Time(s)
       unknown (104.236.81.204): 1 Time(s)
       unknown (123.20.104.168): 1 Time(s)
       unknown (132.255.29.228): 1 Time(s)
       unknown (139.59.85.89): 1 Time(s)
       unknown (142.93.177.246): 1 Time(s)
       unknown (155.0.235.14): 1 Time(s)
       unknown (159.203.77.51): 1 Time(s)
       unknown (167.99.161.15): 1 Time(s)
       unknown (178.128.91.227): 1 Time(s)
       unknown (178.62.57.246): 1 Time(s)
       unknown (180.250.18.20): 1 Time(s)
       unknown (187.183.84.178): 1 Time(s)
       unknown (194.206.185.35.bc.googleusercontent.com): 1 Time(s)
       unknown (206.189.132.204): 1 Time(s)
       unknown (211.110.140.200): 1 Time(s)
       unknown (212.98.190.248): 1 Time(s)
       unknown (25.ip-66-70-188.net): 1 Time(s)
       unknown (45.117.81.147): 1 Time(s)
       unknown (45.119.81.253): 1 Time(s)
       unknown (45.252.249.148): 1 Time(s)
       unknown (45.55.157.147): 1 Time(s)
       unknown (68.183.150.54): 1 Time(s)
       unknown (74.63.193.14): 1 Time(s)
       unknown (74.63.232.2): 1 Time(s)
       unknown (85.195.212.6): 1 Time(s)
       unknown (bld25-1-78-214-125-119.fbx.proxad.net): 1 Time(s)
       unknown (crushdigital.co.uk): 1 Time(s)
       unknown (ns388423.ip-176-31-253.eu): 1 Time(s)
       uucp (106.12.204.44): 1 Time(s)
       uucp (68.183.105.52): 1 Time(s)
       www-data (103.99.109.126): 1 Time(s)
       www-data (104.248.29.180): 1 Time(s)
       www-data (111.231.87.204): 1 Time(s)
       www-data (16.ip-145-239-90.eu): 1 Time(s)
       www-data (189-211-85-194.static.axtel.net): 1 Time(s)
       www-data (25.ip-51-75-195.eu): 1 Time(s)
       www-data (74.63.232.2): 1 Time(s)
       www-data (c-73-88-85-67.hsd1.sc.comcast.net): 1 Time(s)
       www-data (msmail.mouthshut.com): 1 Time(s)
    Invalid Users:
       Unknown Account: 1996 Time(s)
 
 
 ---------------------- pam_unix End ------------------------- 

 
 --------------------- Postfix Begin ------------------------ 

       11   Miscellaneous warnings  
 
   22.932K  Bytes accepted                              23,482
   22.932K  Bytes sent via SMTP                         23,482
 ========   ==================================================
 
        2   Accepted                                   100.00%
 --------   --------------------------------------------------
        2   Total                                      100.00%
 ========   ==================================================
 
        1   4xx Reject relay denied                    100.00%
 --------   --------------------------------------------------
        1   Total 4xx Rejects                          100.00%
 ========   ==================================================
 
      827   Connections             
      263   Connections lost (inbound) 
      827   Disconnections          
        2   Removed from queue      
        2   Sent via SMTP           
 
        1   SMTP dialog errors      
 
 
 ---------------------- Postfix End ------------------------- 

 
 --------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------ 

 Large Mailbox threshold: 40MB (41943040 bytes)
  Warning: Large mailbox: mailman.gz (1747199807)
  Warning: Large mailbox: mailman (235703599967)
 
 ---------------------- sendmail-largeboxes (large mail spool files) End
------------------------- 

 
 --------------------- SSHD Begin ------------------------ 

 
 Disconnecting after too many authentication failures for user:
    root : 1 Time(s)
 
 Failed logins from:
    5.228.94.115 (broadband-5-228-94-115.ip.moscow.rt.ru): 6 times
    31.220.40.54 (exit4.tor-network.net): 1 time
    37.187.107.54 (dedicated.totopsy.ovh): 2 times
    45.55.42.17: 1 time
    46.101.27.6: 1 time
    49.167.241.224: 1 time
    49.205.166.14 (broadband.actcorp.in): 2 times
    51.75.195.25 (25.ip-51-75-195.eu): 4 times
    51.75.204.92 (92.ip-51-75-204.eu): 2 times
    51.83.74.158 (158.ip-51-83-74.eu): 1 time
    68.183.105.52: 1 time
    72.24.99.155 (72-24-99-155.cpe.cableone.net): 1 time
    73.88.85.67 (c-73-88-85-67.hsd1.sc.comcast.net): 2 times
    74.63.193.14 (14-193-63-74.static.reverse.lstn.net): 1 time
    74.63.232.2 (2-232-63-74.static.reverse.lstn.net): 1 time
    90.191.161.77 (77-161-191-90.dyn.estpak.ee): 2 times
    103.99.109.126: 1 time
    104.248.29.180: 5 times
    106.12.204.44: 1 time
    111.231.87.204: 1 time
    112.140.185.64: 1 time
    114.113.221.162: 1 time
    119.42.175.200: 1 time
    121.69.128.147: 1 time
    123.49.33.235: 2 times
    124.158.5.112: 1 time
    128.199.182.235: 1 time
    139.59.78.236: 1 time
    145.239.90.16 (16.ip-145-239-90.eu): 1 time
    146.185.149.245: 1 time
    162.144.72.163 (162-144-72-163.unifiedlayer.com): 1 time
    165.73.41.214 (165-73-41-214.ip.afrihost.joburg): 1 time
    167.99.54.4: 2 times
    178.128.13.21: 2 times
    178.128.79.169: 1 time
    180.76.150.87: 1 time
    180.179.174.247 (msmail.mouthshut.com): 2 times
    185.46.191.40 (185-46-191-40-ptr.langate.ua): 1 time
    189.211.85.194 (189-211-85-194.static.axtel.net): 1 time
    195.206.105.217 (zrh-exit.privateinternetaccess.com): 1 time
    199.195.251.227: 1 time
    200.49.39.210: 3 times
    202.29.221.202: 2 times
    210.183.236.30: 1 time
    222.184.233.222: 1 time
    222.240.1.0: 1 time
 
 Illegal users from:
    undef: 1282 times
    35.185.206.194 (194.206.185.35.bc.googleusercontent.com): 1 time
    37.187.107.54 (dedicated.totopsy.ovh): 49 times
    45.55.157.147: 1 time
    45.117.81.147: 1 time
    45.119.81.253: 1 time
    45.252.249.148: 1 time
    46.32.69.242: 4 times
    46.101.88.10 (crushdigital.co.uk): 1 time
    49.205.166.14 (broadband.actcorp.in): 47 times
    50.252.159.185 (50-252-159-185-static.hfc.comcastbusiness.net): 2 times
    51.15.162.224 (kvm10.dc01.octopeek.com): 18 times
    51.75.195.25 (25.ip-51-75-195.eu): 48 times
    51.75.204.92 (92.ip-51-75-204.eu): 49 times
    51.83.74.158 (158.ip-51-83-74.eu): 51 times
    51.254.206.149 (149.ip-51-254-206.eu): 51 times
    58.140.223.5: 24 times
    66.70.188.25 (25.ip-66-70-188.net): 1 time
    66.214.207.90 (66-214-207-90.dhcp.atsc.ca.charter.com): 2 times
    68.183.16.188: 51 times
    68.183.150.54: 1 time
    73.88.85.67 (c-73-88-85-67.hsd1.sc.comcast.net): 49 times
    74.63.193.14 (14-193-63-74.static.reverse.lstn.net): 1 time
    74.63.232.2 (2-232-63-74.static.reverse.lstn.net): 1 time
    77.105.106.51 (77-105-106-51.lpok.fi): 7 times
    78.214.125.119 (bld25-1-78-214-125-119.fbx.proxad.net): 1 time
    79.61.51.195 (host195-51-static.61-79-b.business.telecomitalia.it): 27 times
    81.142.80.97 (host81-142-80-97.in-addr.btopenworld.com): 55 times
    82.64.88.94 (82-64-88-94.subs.proxad.net): 12 times
    85.195.212.6 (85-195-212-6.init7.net): 1 time
    86.217.74.233 (aputeaux-652-1-91-233.w86-217.abo.wanadoo.fr): 2 times
    90.191.161.77 (77-161-191-90.dyn.estpak.ee): 29 times
    95.58.194.141 (95.58.194.141.megaline.telecom.kz): 5 times
    103.99.109.126: 42 times
    104.0.142.113 (104-0-142-113.lightspeed.austtx.sbcglobal.net): 3 times
    104.236.52.94: 60 times
    104.236.81.204: 1 time
    104.248.29.180: 50 times
    106.12.204.44: 38 times
    111.231.87.204: 55 times
    112.64.33.38: 41 times
    112.161.29.49: 6 times
    114.113.221.162: 53 times
    121.69.128.147: 14 times
    121.132.17.79: 3 times
    121.204.148.98: 29 times
    122.3.139.131 (122.3.139.131.pldt.net): 9 times
    123.20.104.168: 1 time
    123.49.33.235: 61 times
    128.199.136.129: 5 times
    132.255.29.228: 1 time
    139.59.85.89 (187125.cloudwaysapps.com): 1 time
    140.143.170.123: 19 times
    142.93.72.131: 33 times
    142.93.177.246: 1 time
    142.197.22.33 (142-197-22-33.res.bhn.net): 10 times
    145.239.90.16 (16.ip-145-239-90.eu): 51 times
    155.0.235.14: 5 times
    159.203.77.51: 1 time
    165.73.41.214 (165-73-41-214.ip.afrihost.joburg): 61 times
    167.99.54.4: 50 times
    167.99.161.15: 1 time
    174.4.245.109 (S01069050cad122b3.ok.shawcable.net): 2 times
    176.31.202.90 (s10.lateos.net): 2 times
    176.31.253.204 (ns388423.ip-176-31-253.eu): 1 time
    177.71.74.230 (host-177-71-74-230.brip.net.br): 18 times
    177.94.224.157 (177-94-224-157.dsl.telesp.net.br): 15 times
    177.139.167.7 (177-139-167-7.dsl.telesp.net.br): 33 times
    178.62.57.246: 1 time
    178.62.237.38 (matteosistisette.com): 51 times
    178.128.13.21: 50 times
    178.128.91.227: 1 time
    178.128.201.224: 6 times
    180.76.150.87: 58 times
    180.179.174.247 (msmail.mouthshut.com): 33 times
    180.250.18.20: 1 time
    182.70.253.202 (abts-mp-dynamic-202.253.70.182.airtelbroadband.in): 21 times
    185.46.191.40 (185-46-191-40-ptr.langate.ua): 42 times
    186.151.18.213 (213.18.151.186.static.intelnet.net.gt): 51 times
    187.183.84.178 (bbb754b2.virtua.com.br): 1 time
    189.211.85.194 (189-211-85-194.static.axtel.net): 21 times
    190.189.107.101 (101-107-189-190.cab.prima.net.ar): 12 times
    193.32.163.89: 2 times
    196.205.110.229 (host-196-205-109-229.static.link.com.eg): 32 times
    198.187.30.125: 27 times
    199.195.251.227: 17 times
    200.49.39.210: 60 times
    202.29.221.202: 30 times
    206.189.132.204: 1 time
    206.189.165.94: 18 times
    211.110.140.200: 1 time
    212.98.190.248: 1 time
    213.47.38.104 (213-47-38-104.cable.dynamic.surfer.at): 11 times
    222.184.233.222: 58 times
    222.240.1.0: 19 times
 
 ---------------------- SSHD End ------------------------- 

 
 --------------------- Disk Space Begin ------------------------ 

 Filesystem      Size  Used Avail Use% Mounted on
 /dev/vzfs       400G  241G  160G  61% /
 
 
 ---------------------- Disk Space End ------------------------- 

 
 ###################### Logwatch End #########################

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016