################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Thu Jun 27 04:42:08 2019 Date Range Processed: yesterday ( 2019-Jun-26 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [281:283] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 2 sites probed the server 108.178.16.154 61.219.11.153 Requests with error response codes 400 Bad Request mstshash=Administr: 3 Time(s) null: 2 Time(s) /: 1 Time(s) /Login.htm: 1 Time(s) 404 Not Found /robots.txt: 36 Time(s) /wp-login.php: 5 Time(s) /reader/1995-wi-reader_bn95.pdf: 2 Time(s) /sites/default/modules/civicrm/packages/Op ... pload_image.php: 2 Time(s) /index.php?option=com_user&task=register: 1 Time(s) /kontakt: 1 Time(s) /protokolle/ergebnisprotokoll_mv_09.06.2017.pdf: 1 Time(s) /reader/1993-so-reader_do93.pdf: 1 Time(s) /reader/Sammlung_aller_Resolutionen.pdf: 1 Time(s) /reader/SoSe13_AK_MatheVorkurs.pdf: 1 Time(s) /reader/SoSe14_AK_Kommentierte_Studienordnungen.pdf: 1 Time(s) /reader/SoSe14_AK_Pr%C3%BCfungssystem_Sammlung.pdf: 1 Time(s) /reader/SoSe14_AK_Zivilklausel.pdf: 1 Time(s) /reader/SoSe15_AK_Studienf%C3%BChrer.pdf: 1 Time(s) /reader/WiSe14_AK_GO_und_Satzungs%C3%A4nderung.pdf: 1 Time(s) /reader/ZiP_Zivilklausel.pdf: 1 Time(s) /reader/commit/09360d9fceaee264132be600f2762d7b2827fd01: 1 Time(s) /reader/commit/82b5625412a9488dc60b801646d3cc89c9316610: 1 Time(s) /reader/commit/bc29b23744db65c1ce152b44c6d6b27a7e79fd5f: 1 Time(s) /reader/commit/da0fd0463ced8baff84cce5549ee7c76a5e7ca05: 1 Time(s) /sites/all/modules/civicrm/packages/OpenFl ... _bar_hollow.php: 1 Time(s) /sites/all/modules/civicrm/packages/OpenFl ... _bar_online.php: 1 Time(s) /sites/all/modules/contrib/civicrm/package ... pload_image.php: 1 Time(s) /sites/default/files/2012_WiSe_Karlsruhe.pdf: 1 Time(s) /sites/zapfev.de/modules/civicrm/packages/ ... pload_image.php: 1 Time(s) /user/register: 1 Time(s) /wp-login.php?action=register: 1 Time(s) 499 (undefined) /resolutionen/sose17/Akkreditiertungsrat/p ... eilung_ZaPF.pdf: 1 Time(s) 500 Internal Server Error /: 28 Time(s) /index.php/admin/: 4 Time(s) /downloader/index.php: 3 Time(s) /errors/503.php: 3 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: unknown (200110174137.ip23.static.mediacommerce.com.co): 24 Time(s) unknown (201.6.99.139): 20 Time(s) unknown (203.92.62.242): 20 Time(s) unknown (net-2-39-31-183.cust.vodafonedsl.it): 20 Time(s) unknown (41.72.219.102): 19 Time(s) unknown (104.208.218.167): 18 Time(s) unknown (drone.xulepth.fr): 18 Time(s) unknown (175.ip-92-222-77.eu): 17 Time(s) unknown (97.64.111.246.16clouds.com): 15 Time(s) unknown (ip103.ip-46-105-94.eu): 15 Time(s) unknown (104.160.41.234.16clouds.com): 14 Time(s) unknown (132.232.108.198): 14 Time(s) unknown (200.70.56.204): 14 Time(s) unknown (207.154.193.178): 14 Time(s) unknown (jimmytremblaybernier.ca): 14 Time(s) unknown (ns3003413.ip-5-196-75.eu): 14 Time(s) unknown (88.red-83-55-220.dynamicip.rima-tde.net): 13 Time(s) unknown (103.209.20.36): 12 Time(s) unknown (103.242.13.70): 12 Time(s) unknown (112.172.147.34): 12 Time(s) unknown (113.ip-51-68-215.eu): 12 Time(s) unknown (114.112.81.180): 12 Time(s) unknown (118-163-181-157.hinet-ip.hinet.net): 12 Time(s) unknown (118.98.96.184): 12 Time(s) unknown (119.200.186.168): 12 Time(s) unknown (119.29.58.239): 12 Time(s) unknown (129.204.85.252): 12 Time(s) unknown (132.232.101.100): 12 Time(s) unknown (132.232.34.218): 12 Time(s) unknown (134.175.175.88): 12 Time(s) unknown (134.175.59.235): 12 Time(s) unknown (139.59.135.84): 12 Time(s) unknown (152.136.95.118): 12 Time(s) unknown (157.230.168.4): 12 Time(s) unknown (171.ip-79-137-72.eu): 12 Time(s) unknown (177.1.213.19): 12 Time(s) unknown (177.92.16.186): 12 Time(s) unknown (180.250.18.71): 12 Time(s) unknown (180.ip-149-56-99.net): 12 Time(s) unknown (189.62.155.159): 12 Time(s) unknown (198.187.30.125): 12 Time(s) unknown (201.16.246.71): 12 Time(s) unknown (211.159.187.191): 12 Time(s) unknown (220.225.126.55): 12 Time(s) unknown (27.0.141.4): 12 Time(s) unknown (41.204.191.53): 12 Time(s) unknown (41.84.131.10): 12 Time(s) unknown (52.227.166.139): 12 Time(s) unknown (ns3262586.ip-5-39-77.eu): 12 Time(s) unknown (014198006164.ctinets.com): 11 Time(s) unknown (177.68.148.10): 11 Time(s) unknown (178.16.28.253): 11 Time(s) unknown (194.228.3.191): 11 Time(s) unknown (219.142.28.206): 11 Time(s) unknown (62.ip-145-239-82.eu): 11 Time(s) unknown (84-113-99-164.cable.dynamic.surfer.at): 11 Time(s) unknown (ip66.ip-188-165-74.eu): 11 Time(s) unknown (ns342689.ip-91-121-132.eu): 11 Time(s) unknown (103.120.224.10): 10 Time(s) unknown (103.23.100.87): 10 Time(s) unknown (125.ip-217-182-74.eu): 10 Time(s) unknown (181.237.189.35.bc.googleusercontent.com): 10 Time(s) unknown (46.101.230.131): 10 Time(s) unknown (91.215.128.131): 10 Time(s) unknown (ns3306296.ip-178-32-219.eu): 10 Time(s) unknown (125.22.76.77): 9 Time(s) unknown (140.143.97.81): 9 Time(s) unknown (150.242.213.189): 9 Time(s) unknown (173.239.37.163): 9 Time(s) unknown (157.230.85.180): 8 Time(s) unknown (1.101.180.127): 7 Time(s) unknown (182.254.145.29): 7 Time(s) root (177.223.111.227.txfiber.net.br): 6 Time(s) root (218.92.0.170): 6 Time(s) root (58.242.82.13): 6 Time(s) unknown (178.128.107.164): 6 Time(s) unknown (36.67.106.106): 6 Time(s) unknown (116.196.83.181): 4 Time(s) unknown (188.117.171.116): 4 Time(s) unknown (193.112.58.212): 4 Time(s) unknown (36.189.253.226): 4 Time(s) unknown (221.148.45.168): 3 Time(s) backup (152.136.95.118): 2 Time(s) root (157.230.85.180): 2 Time(s) root (s17783852.onlinehome-server.info): 2 Time(s) unknown (139.59.79.56): 2 Time(s) unknown (172.ip-142-44-160.net): 2 Time(s) unknown (193.32.163.182): 2 Time(s) unknown (206.189.232.29): 2 Time(s) unknown (210.105.192.76): 2 Time(s) unknown (d162-157-178-15.abhsia.telus.net): 2 Time(s) backup (103.120.224.10): 1 Time(s) backup (103.242.13.70): 1 Time(s) backup (125.ip-217-182-74.eu): 1 Time(s) bin (97.64.111.246.16clouds.com): 1 Time(s) games (177.68.148.10): 1 Time(s) gnats (189.62.155.159): 1 Time(s) irc (104.208.218.167): 1 Time(s) irc (132.232.34.218): 1 Time(s) list (129.204.85.252): 1 Time(s) mail (140.143.97.81): 1 Time(s) mysql (014198006164.ctinets.com): 1 Time(s) mysql (150.242.213.189): 1 Time(s) mysql (157.230.85.180): 1 Time(s) postgres (175.ip-92-222-77.eu): 1 Time(s) postgres (177.68.148.10): 1 Time(s) postgres (181.237.189.35.bc.googleusercontent.com): 1 Time(s) postgres (194.228.3.191): 1 Time(s) postgres (200110174137.ip23.static.mediacommerce.com.co): 1 Time(s) postgres (203.92.62.242): 1 Time(s) postgres (41.72.219.102): 1 Time(s) postgres (drone.xulepth.fr): 1 Time(s) postgres (ns3016508.ip-51-254-47.eu): 1 Time(s) root (103.209.20.36): 1 Time(s) root (103.23.100.87): 1 Time(s) root (118.98.96.184): 1 Time(s) root (125.ip-217-182-74.eu): 1 Time(s) root (134.175.175.88): 1 Time(s) root (139.59.135.84): 1 Time(s) root (150.242.213.189): 1 Time(s) root (157.230.168.4): 1 Time(s) root (165.227.140.123): 1 Time(s) root (173.239.37.163): 1 Time(s) root (177.68.148.10): 1 Time(s) root (181.237.189.35.bc.googleusercontent.com): 1 Time(s) root (182.52.224.33): 1 Time(s) root (183.87.35.162): 1 Time(s) root (193.112.19.168): 1 Time(s) root (201.16.246.71): 1 Time(s) root (203.92.62.242): 1 Time(s) root (219.141.176.186): 1 Time(s) root (46.101.230.131): 1 Time(s) root (52.227.166.139): 1 Time(s) root (62.ip-145-239-82.eu): 1 Time(s) root (88.red-83-55-220.dynamicip.rima-tde.net): 1 Time(s) root (91.215.128.131): 1 Time(s) root (95.240.131.160): 1 Time(s) root (lputeaux-657-1-142-172.w193-248.abo.wanadoo.fr): 1 Time(s) root (net-2-39-31-183.cust.vodafonedsl.it): 1 Time(s) root (ns3306296.ip-178-32-219.eu): 1 Time(s) root (vps11961.publiccloud.com.br): 1 Time(s) sync (ns342689.ip-91-121-132.eu): 1 Time(s) unknown (103.21.148.16): 1 Time(s) unknown (104.248.158.29): 1 Time(s) unknown (106.13.59.16): 1 Time(s) unknown (118-163-193-82.hinet-ip.hinet.net): 1 Time(s) unknown (124.158.5.112): 1 Time(s) unknown (128.199.133.249): 1 Time(s) unknown (128.199.182.235): 1 Time(s) unknown (128.199.255.146): 1 Time(s) unknown (129.211.146.180): 1 Time(s) unknown (14.186.148.170): 1 Time(s) unknown (142.93.208.158): 1 Time(s) unknown (159.65.144.233): 1 Time(s) unknown (159.65.91.16): 1 Time(s) unknown (170.231.81.165): 1 Time(s) unknown (179.42.197.107): 1 Time(s) unknown (197.45.219.15): 1 Time(s) unknown (206.189.145.152): 1 Time(s) unknown (45.55.42.17): 1 Time(s) unknown (58.243.182.85): 1 Time(s) unknown (88.213.3.230): 1 Time(s) unknown (aztlan.fi-b.unam.mx): 1 Time(s) unknown (bdimedan.kemenperin.go.id): 1 Time(s) unknown (ec2-35-174-228-90.compute-1.amazonaws.com): 1 Time(s) unknown (ip235.ip-51-79-129.net): 1 Time(s) unknown (lfbn-orl-1-505-201.w86-196.abo.wanadoo.fr): 1 Time(s) unknown (mail-server.dominiosbr.com.br): 1 Time(s) unknown (mail155.orgafarma.com.br): 1 Time(s) unknown (server.herojus.lt): 1 Time(s) unknown (softbank126074184085.bbtec.net): 1 Time(s) unknown (sonet.tychy.pl): 1 Time(s) www-data (129.204.85.252): 1 Time(s) www-data (139.59.135.84): 1 Time(s) www-data (178.16.28.253): 1 Time(s) www-data (net-2-39-31-183.cust.vodafonedsl.it): 1 Time(s) Invalid Users: Unknown Account: 971 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 20 Miscellaneous warnings 18.146K Bytes accepted 18,582 18.146K Bytes sent via SMTP 18,582 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 3 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 3 Total 4xx Rejects 100.00% ======== ================================================== 223 Connections 111 Connections lost (inbound) 223 Disconnections 1 Removed from queue 1 Sent via SMTP 9 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 3 Time(s) Failed logins from: 2.39.31.183 (net-2-39-31-183.cust.vodafonedsl.it): 2 times 14.198.6.164 (014198006164.ctinets.com): 1 time 35.189.237.181 (181.237.189.35.bc.googleusercontent.com): 2 times 41.72.219.102 (41.72.219.102.liquidtelecom.net): 1 time 46.101.230.131 (gerasymiuk.owncloud): 1 time 46.105.124.52 (drone.xulepth.fr): 1 time 51.254.47.198 (ns3016508.ip-51-254-47.eu): 1 time 52.227.166.139: 1 time 58.242.82.13: 6 times 82.165.35.17 (s17783852.onlinehome-server.info): 2 times 83.55.220.88 (88.red-83-55-220.dynamicip.rima-tde.net): 1 time 91.121.132.116 (ns342689.ip-91-121-132.eu): 1 time 91.215.128.131: 1 time 92.222.77.175 (175.ip-92-222-77.eu): 1 time 95.240.131.160 (host160-131-static.240-95-b.business.telecomitalia.it): 1 time 97.64.111.246 (97.64.111.246.16clouds.com): 1 time 103.23.100.87 (87.subnet-103.23.100.host.unnes.ac.id): 1 time 103.120.224.10: 1 time 103.209.20.36: 1 time 103.242.13.70: 1 time 104.208.218.167: 1 time 118.98.96.184: 1 time 129.204.85.252: 2 times 132.232.34.218: 1 time 134.175.175.88: 1 time 139.59.135.84: 2 times 140.143.97.81: 1 time 145.239.82.62 (62.ip-145-239-82.eu): 1 time 150.242.213.189: 2 times 152.136.95.118: 2 times 157.230.85.180: 3 times 157.230.168.4: 1 time 165.227.140.123: 1 time 173.239.37.163: 1 time 177.68.148.10 (177-68-148-10.dsl.telesp.net.br): 3 times 177.223.111.227 (177.223.111.227.txfiber.net.br): 6 times 178.16.28.253 (rev-178-16-28-253.deac.net): 1 time 178.32.219.209 (ns3306296.ip-178-32-219.eu): 1 time 182.52.224.33 (node-189t.pool-182-52.dynamic.totinternet.net): 1 time 183.87.35.162 (162-35-87-183.mysipl.com): 1 time 189.62.155.159 (bd3e9b9f.virtua.com.br): 1 time 191.252.192.25 (vps11961.publiccloud.com.br): 1 time 193.112.19.168: 1 time 193.248.201.172 (lputeaux-657-1-142-172.w193-248.abo.wanadoo.fr): 1 time 194.228.3.191 (renuska.nuabi.com): 1 time 200.110.174.137 (200110174137.ip23.static.mediacommerce.com.co): 1 time 201.16.246.71: 1 time 203.92.62.242 (203.92.62.242.reverse.spectranet.in): 2 times 217.182.74.125 (125.ip-217-182-74.eu): 2 times 218.92.0.170: 6 times 219.141.176.186: 1 time Illegal users from: undef: 732 times 1.101.180.127: 7 times 2.39.31.183 (net-2-39-31-183.cust.vodafonedsl.it): 20 times 5.39.77.117 (ns3262586.ip-5-39-77.eu): 12 times 5.196.75.47 (ns3003413.ip-5-196-75.eu): 14 times 14.186.148.170 (static.vnpt.vn): 1 time 14.198.6.164 (014198006164.ctinets.com): 11 times 27.0.141.4: 12 times 35.174.228.90 (ec2-35-174-228-90.compute-1.amazonaws.com): 1 time 35.189.237.181 (181.237.189.35.bc.googleusercontent.com): 10 times 36.67.106.106: 6 times 36.189.253.226: 4 times 41.72.219.102 (41.72.219.102.liquidtelecom.net): 19 times 41.84.131.10 (41.84.131.10.liquidtelecom.net): 12 times 41.204.191.53: 12 times 45.55.42.17: 1 time 46.101.163.220 (server.herojus.lt): 1 time 46.101.230.131 (gerasymiuk.owncloud): 10 times 46.105.94.103 (ip103.ip-46-105-94.eu): 15 times 46.105.124.52 (drone.xulepth.fr): 18 times 51.68.215.113 (113.ip-51-68-215.eu): 12 times 51.79.129.235 (ip235.ip-51-79-129.net): 1 time 52.227.166.139: 12 times 58.243.182.85: 1 time 62.141.50.140 (mail-server.dominiosbr.com.br): 1 time 79.137.72.171 (171.ip-79-137-72.eu): 12 times 81.15.218.220 (sonet.tychy.pl): 1 time 83.55.220.88 (88.red-83-55-220.dynamicip.rima-tde.net): 13 times 84.113.99.164 (84-113-99-164.cable.dynamic.surfer.at): 11 times 86.196.206.201 (lfbn-orl-1-505-201.w86-196.abo.wanadoo.fr): 1 time 88.213.3.230: 1 time 91.121.132.116 (ns342689.ip-91-121-132.eu): 11 times 91.215.128.131: 10 times 92.222.77.175 (175.ip-92-222-77.eu): 17 times 97.64.111.246 (97.64.111.246.16clouds.com): 15 times 103.21.148.16: 1 time 103.23.100.87 (87.subnet-103.23.100.host.unnes.ac.id): 10 times 103.120.224.10: 10 times 103.209.20.36: 12 times 103.242.13.70: 12 times 104.160.41.234 (104.160.41.234.16clouds.com): 14 times 104.208.218.167: 18 times 104.248.158.29: 1 time 106.13.59.16: 1 time 112.172.147.34: 12 times 114.112.81.180: 12 times 116.196.83.181: 4 times 118.98.96.184: 12 times 118.163.181.157 (118-163-181-157.HINET-IP.hinet.net): 12 times 118.163.193.82 (118-163-193-82.HINET-IP.hinet.net): 1 time 119.29.58.239: 12 times 119.200.186.168: 12 times 124.158.5.112: 1 time 125.22.76.77 (aes-static-077.76.22.125.airtel.in): 9 times 126.74.184.85 (softbank126074184085.bbtec.net): 5 times 128.199.133.249 (152717.cloudwaysapps.com): 1 time 128.199.182.235: 1 time 128.199.255.146: 1 time 129.204.85.252: 12 times 129.211.146.180: 1 time 132.232.34.218: 12 times 132.232.101.100: 12 times 132.232.108.198: 14 times 132.248.59.140 (aztlan.fi-b.unam.mx): 1 time 134.175.59.235: 12 times 134.175.175.88: 12 times 139.59.79.56: 2 times 139.59.135.84: 12 times 140.143.97.81: 9 times 142.44.160.172 (172.ip-142-44-160.net): 2 times 142.93.208.158: 1 time 145.239.82.62 (62.ip-145-239-82.eu): 11 times 149.56.99.180 (180.ip-149-56-99.net): 12 times 150.242.213.189: 9 times 152.136.95.118: 12 times 157.230.85.180: 8 times 157.230.168.4: 12 times 158.69.192.147 (jimmytremblaybernier.ca): 14 times 159.65.91.16: 1 time 159.65.144.233: 1 time 162.157.178.15 (d162-157-178-15.abhsia.telus.net): 2 times 170.231.81.165: 1 time 173.239.37.163: 9 times 177.1.213.19: 12 times 177.68.148.10 (177-68-148-10.dsl.telesp.net.br): 11 times 177.92.16.186 (186.16.92.177.static.copel.net): 12 times 178.16.28.253 (rev-178-16-28-253.deac.net): 11 times 178.32.219.209 (ns3306296.ip-178-32-219.eu): 10 times 178.128.107.164: 6 times 179.42.197.107: 1 time 180.250.18.71: 12 times 182.254.145.29: 7 times 188.117.171.116 (host-188.117.171.116.static.3s.pl): 4 times 188.165.74.66 (ip66.ip-188-165-74.eu): 11 times 189.62.155.159 (bd3e9b9f.virtua.com.br): 12 times 193.32.163.182 (hosting-by.cloud-home.me): 2 times 193.112.58.212: 4 times 194.228.3.191 (renuska.nuabi.com): 11 times 197.45.219.15 (host-197.45.219.15.tedata.net): 1 time 198.187.30.125: 12 times 200.70.56.204 (host204.advance.com.ar): 14 times 200.110.174.137 (200110174137.ip23.static.mediacommerce.com.co): 24 times 200.225.201.155 (mail155.orgafarma.com.br): 1 time 201.6.99.139 (c906638b.virtua.com.br): 20 times 201.16.246.71: 12 times 202.47.80.65 (bdimedan.kemenperin.go.id): 1 time 203.92.62.242 (203.92.62.242.reverse.spectranet.in): 20 times 206.189.145.152: 1 time 206.189.232.29: 2 times 207.154.193.178: 14 times 210.105.192.76: 2 times 211.159.187.191: 12 times 217.182.74.125 (125.ip-217-182-74.eu): 10 times 219.142.28.206 (206.28.142.219.broad.bj.bj.dynamic.163data.com.cn): 11 times 220.225.126.55: 12 times 221.148.45.168: 3 times ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 242G 159G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################