Logwatch for h2361197.stratoserver.net (Linux)

Dienstag, 6 August 2019


 
 ################### Logwatch 7.4.0 (03/01/11) #################### 
        Processing Initiated: Tue Aug  6 04:42:09 2019
        Date Range Processed: yesterday
                              ( 2019-Aug-05 )
                              Period is day.
        Detail Level of Output: 0
        Type of Output/Format: mail / text
        Logfiles for Host: h2361197.stratoserver.net
 ################################################################## 
 
 --------------------- fail2ban-messages Begin ------------------------ 

 Banned services with Fail2Ban:				 Bans:Unbans
    ssh:                                                    [210:207]
 
 ---------------------- fail2ban-messages End ------------------------- 

 
 --------------------- httpd Begin ------------------------ 

 
 A total of 3 sites probed the server 
    100.25.164.1
    172.104.242.173
    66.240.205.34
 
 Requests with error response codes
    400 Bad Request
       null: 4 Time(s)
       /robots.txt: 1 Time(s)
       /shell?busybox: 1 Time(s)
       A\x00A\x00A\x00A\x00A\x00A\x00A\x00A\x00A\ ... xBE\xAF\xFE\xEA: 1 Time(s)
       mstshash=Administr: 1 Time(s)
    404 Not Found
       /robots.txt: 30 Time(s)
       /berlin/apple-touch-icon.png: 8 Time(s)
       /wp-login.php: 2 Time(s)
       /xmlrpc.php: 2 Time(s)
       /ads.txt: 1 Time(s)
       /atmjfnhroxmw.html: 1 Time(s)
       /backup/: 1 Time(s)
       /blog/: 1 Time(s)
       /cms/: 1 Time(s)
       /css/main-blue.css: 1 Time(s)
       /demo/: 1 Time(s)
       /dev/: 1 Time(s)
       /main/: 1 Time(s)
       /new/: 1 Time(s)
       /old/: 1 Time(s)
       /portal/: 1 Time(s)
       /protokolle/ergebnisprotokoll_mv_09.06.2017.pdf: 1 Time(s)
       /site/: 1 Time(s)
       /temp/: 1 Time(s)
       /test/: 1 Time(s)
       /tmp/: 1 Time(s)
       /verein/dok: 1 Time(s)
       /verein/satzung/%7CSatzung: 1 Time(s)
       /web/: 1 Time(s)
       /wordpress/: 1 Time(s)
       /wp/: 1 Time(s)
    500 Internal Server Error
       /robots.txt: 41 Time(s)
       /: 37 Time(s)
       //recordings/misc/play_page.php: 1 Time(s)
 
 ---------------------- httpd End ------------------------- 

 
 --------------------- pam_unix Begin ------------------------ 

 sshd:
    Authentication Failures:
       unknown (45.160.149.42): 87 Time(s)
       unknown (123.207.185.54): 82 Time(s)
       unknown (118.24.221.190): 65 Time(s)
       unknown (46.101.242.117): 63 Time(s)
       unknown (104.248.62.208): 62 Time(s)
       unknown (82.166.93.77): 61 Time(s)
       unknown (106.12.98.12): 53 Time(s)
       unknown (49.ip-51-68-227.eu): 52 Time(s)
       unknown (36.110.118.72): 50 Time(s)
       unknown (87.242.240.35.bc.googleusercontent.com): 50 Time(s)
       unknown (122.228.89.67): 49 Time(s)
       unknown (178.128.110.123): 46 Time(s)
       unknown (59.49.99.124): 43 Time(s)
       unknown (ns322356.ip-176-31-110.eu): 42 Time(s)
       unknown (128.199.220.232): 41 Time(s)
       unknown (165.52.187.35.bc.googleusercontent.com): 41 Time(s)
       unknown (mx.loader.cz): 41 Time(s)
       unknown (101.251.237.228): 39 Time(s)
       unknown (200.216.30.2): 36 Time(s)
       unknown (113.105.129.35): 29 Time(s)
       unknown (220-130-190-13.hinet-ip.hinet.net): 27 Time(s)
       unknown (171.221.206.201): 23 Time(s)
       unknown (95.231.139.36): 22 Time(s)
       unknown (106.13.47.10): 18 Time(s)
       unknown (139.199.0.84): 17 Time(s)
       unknown (ip166.ip-51-255-26.eu): 14 Time(s)
       root (45.160.149.42): 10 Time(s)
       unknown (host210.sub-63-41-9.myvzw.com): 9 Time(s)
       root (123.207.185.54): 8 Time(s)
       root (178.128.110.123): 8 Time(s)
       unknown (117.50.19.227): 8 Time(s)
       root (104.248.62.208): 7 Time(s)
       root (49.ip-51-68-227.eu): 7 Time(s)
       unknown (178.128.107.61): 7 Time(s)
       root (106.12.98.12): 6 Time(s)
       root (122.228.89.67): 6 Time(s)
       root (180.126.231.251): 6 Time(s)
       root (200.216.30.2): 6 Time(s)
       root (218.92.0.135): 6 Time(s)
       root (46.101.242.117): 6 Time(s)
       root (ns322356.ip-176-31-110.eu): 6 Time(s)
       root (s010600089bd56950.gv.shawcable.net): 6 Time(s)
       root (118.24.221.190): 5 Time(s)
       root (128.199.220.232): 5 Time(s)
       root (36.110.118.72): 5 Time(s)
       root (mx.loader.cz): 5 Time(s)
       unknown (148.70.11.143): 5 Time(s)
       root (101.251.237.228): 4 Time(s)
       root (220-130-190-13.hinet-ip.hinet.net): 4 Time(s)
       root (59.49.99.124): 4 Time(s)
       unknown (182.61.21.197): 4 Time(s)
       root (165.52.187.35.bc.googleusercontent.com): 3 Time(s)
       root (171.221.206.201): 3 Time(s)
       unknown (106.120.127.32): 3 Time(s)
       unknown (211.114.176.34): 3 Time(s)
       unknown (82-64-126-7.subs.proxad.net): 3 Time(s)
       unknown (92.63.194.26): 3 Time(s)
       postgres (200.216.30.2): 2 Time(s)
       root (111.198.54.173): 2 Time(s)
       root (113.105.129.35): 2 Time(s)
       root (87.242.240.35.bc.googleusercontent.com): 2 Time(s)
       root (host210.sub-63-41-9.myvzw.com): 2 Time(s)
       root (ip166.ip-51-255-26.eu): 2 Time(s)
       unknown (118.24.99.163): 2 Time(s)
       unknown (175.ip-51-68-70.eu): 2 Time(s)
       unknown (220.94.205.218): 2 Time(s)
       unknown (43.226.38.26): 2 Time(s)
       unknown (v22019078713793072.bestsrv.de): 2 Time(s)
       www-data (122.228.89.67): 2 Time(s)
       backup (118.24.221.190): 1 Time(s)
       backup (123.207.185.54): 1 Time(s)
       backup (mx.loader.cz): 1 Time(s)
       bin (46.101.242.117): 1 Time(s)
       daemon (36.110.118.72): 1 Time(s)
       mail (45.160.149.42): 1 Time(s)
       man (165.52.187.35.bc.googleusercontent.com): 1 Time(s)
       mysql (41.76.149.212): 1 Time(s)
       mysql (45.160.149.42): 1 Time(s)
       news (128.199.220.232): 1 Time(s)
       news (171.221.206.201): 1 Time(s)
       postgres (106.12.98.12): 1 Time(s)
       postgres (122.228.89.67): 1 Time(s)
       postgres (123.207.185.54): 1 Time(s)
       postgres (128.199.220.232): 1 Time(s)
       postgres (178.128.110.123): 1 Time(s)
       postgres (36.110.118.72): 1 Time(s)
       postgres (49.ip-51-68-227.eu): 1 Time(s)
       postgres (87.242.240.35.bc.googleusercontent.com): 1 Time(s)
       postgres (host210.sub-63-41-9.myvzw.com): 1 Time(s)
       postgres (mx.loader.cz): 1 Time(s)
       root (106.12.28.36): 1 Time(s)
       root (106.13.47.10): 1 Time(s)
       root (121.160.198.198): 1 Time(s)
       root (139.199.0.84): 1 Time(s)
       root (165.22.143.229): 1 Time(s)
       root (178.128.107.61): 1 Time(s)
       root (178.128.241.99): 1 Time(s)
       root (213.ip-51-77-231.eu): 1 Time(s)
       root (58.ip-51-75-202.eu): 1 Time(s)
       root (69.196.164.172): 1 Time(s)
       root (81.ip-92-222-216.eu): 1 Time(s)
       root (91.204.188.50): 1 Time(s)
       root (95.231.139.36): 1 Time(s)
       root (mail.askcable.lk): 1 Time(s)
       sshd (139.199.0.84): 1 Time(s)
       sync (mx.loader.cz): 1 Time(s)
       temp (45.160.149.42): 1 Time(s)
       unknown (103.109.52.35): 1 Time(s)
       unknown (103.206.135.211): 1 Time(s)
       unknown (106.12.10.119): 1 Time(s)
       unknown (106.12.132.3): 1 Time(s)
       unknown (107.170.113.190): 1 Time(s)
       unknown (107.179.116.226): 1 Time(s)
       unknown (115.159.237.89): 1 Time(s)
       unknown (117.36.50.61): 1 Time(s)
       unknown (121.160.198.198): 1 Time(s)
       unknown (127.ip-213-32-16.eu): 1 Time(s)
       unknown (128.199.83.29): 1 Time(s)
       unknown (128.199.95.60): 1 Time(s)
       unknown (131.ip-79-137-77.eu): 1 Time(s)
       unknown (139.99.221.61): 1 Time(s)
       unknown (140.143.136.89): 1 Time(s)
       unknown (144.ip-79-137-84.eu): 1 Time(s)
       unknown (148.74.199.35.bc.googleusercontent.com): 1 Time(s)
       unknown (150.254.123.96): 1 Time(s)
       unknown (153.254.115.57): 1 Time(s)
       unknown (157.230.58.231): 1 Time(s)
       unknown (159.65.255.153): 1 Time(s)
       unknown (159.89.38.26): 1 Time(s)
       unknown (163.172.187.30): 1 Time(s)
       unknown (165.22.144.147): 1 Time(s)
       unknown (165.22.72.226): 1 Time(s)
       unknown (177.85.161.134): 1 Time(s)
       unknown (178.128.75.154): 1 Time(s)
       unknown (180.178.106.124): 1 Time(s)
       unknown (181.40.66.179): 1 Time(s)
       unknown (187.95.124.230): 1 Time(s)
       unknown (187.ip-147-135-210.eu): 1 Time(s)
       unknown (188.131.218.175): 1 Time(s)
       unknown (190.147.159.34): 1 Time(s)
       unknown (192.241.175.250): 1 Time(s)
       unknown (198.211.125.131): 1 Time(s)
       unknown (2.ip-91-134-143.eu): 1 Time(s)
       unknown (200.128.251.23.bc.googleusercontent.com): 1 Time(s)
       unknown (207.154.206.212): 1 Time(s)
       unknown (214.ip-158-69-192.net): 1 Time(s)
       unknown (23.94.16.72): 1 Time(s)
       unknown (242.ip-54-38-157.eu): 1 Time(s)
       unknown (245.ip-164-132-107.eu): 1 Time(s)
       unknown (254.ip-51-75-27.eu): 1 Time(s)
       unknown (27.106.45.6): 1 Time(s)
       unknown (27.124.8.175): 1 Time(s)
       unknown (43.239.145.190): 1 Time(s)
       unknown (58.119.3.76): 1 Time(s)
       unknown (61.72.255.26): 1 Time(s)
       unknown (67.205.136.215): 1 Time(s)
       unknown (68.183.181.7): 1 Time(s)
       unknown (75.ip-164-132-98.eu): 1 Time(s)
       unknown (83.175.213.246): 1 Time(s)
       unknown (86.105.53.166): 1 Time(s)
       unknown (91.214.114.7): 1 Time(s)
       unknown (98.ip-151-80-155.eu): 1 Time(s)
       unknown (cpe-121-215-253-87.static.nsw.bigpond.net.au): 1 Time(s)
       unknown (host-109-89-132-137.dynamic.voo.be): 1 Time(s)
       unknown (host-92-25-125-159.as13285.net): 1 Time(s)
       unknown (ip-176-199-254-15.hsi06.unitymediagroup.de): 1 Time(s)
       unknown (ip168-243-232-149.intercom.com.sv): 1 Time(s)
       unknown (l37-195-105-57.novotelecom.ru): 1 Time(s)
       unknown (ns328430.ip-37-187-113.eu): 1 Time(s)
       unknown (static-50-126-95-22.frr01.wivl.or.frontiernet.net): 1 Time(s)
    Invalid Users:
       Unknown Account: 1271 Time(s)
 
 
 ---------------------- pam_unix End ------------------------- 

 
 --------------------- Postfix Begin ------------------------ 

      152   Miscellaneous warnings  
 
   22.759K  Bytes accepted                              23,305
   22.759K  Bytes sent via SMTP                         23,305
 ========   ==================================================
 
        1   Accepted                                   100.00%
 --------   --------------------------------------------------
        1   Total                                      100.00%
 ========   ==================================================
 
        4   4xx Reject relay denied                    100.00%
 --------   --------------------------------------------------
        4   Total 4xx Rejects                          100.00%
 ========   ==================================================
 
      389   Connections             
      155   Connections lost (inbound) 
      389   Disconnections          
        1   Removed from queue      
        1   Sent via SMTP           
 
 
 ---------------------- Postfix End ------------------------- 

 
 --------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------ 

 Large Mailbox threshold: 40MB (41943040 bytes)
  Warning: Large mailbox: mailman.gz (1747199807)
  Warning: Large mailbox: mailman (235703599967)
 
 ---------------------- sendmail-largeboxes (large mail spool files) End
------------------------- 

 
 --------------------- SSHD Begin ------------------------ 

 
 Disconnecting after too many authentication failures for user:
    root : 3 Time(s)
 
 Failed logins from:
    24.69.133.64 (S010600089bd56950.gv.shawcable.net): 6 times
    35.187.52.165 (165.52.187.35.bc.googleusercontent.com): 4 times
    35.240.242.87 (87.242.240.35.bc.googleusercontent.com): 3 times
    36.110.118.72 (72.118.110.36.static.bjtelecom.net): 7 times
    41.76.149.212: 1 time
    45.160.149.42: 13 times
    46.101.242.117: 7 times
    51.68.227.49 (49.ip-51-68-227.eu): 8 times
    51.75.202.58 (58.ip-51-75-202.eu): 1 time
    51.77.231.213 (213.ip-51-77-231.eu): 1 time
    51.255.26.166 (ip166.ip-51-255-26.eu): 2 times
    59.49.99.124: 4 times
    63.41.9.210 (host210.sub-63-41-9.myvzw.com): 3 times
    69.196.164.172 (net.cloud.ca): 1 time
    85.163.230.163 (mx.loader.cz): 8 times
    91.204.188.50: 1 time
    92.222.216.81 (81.ip-92-222-216.eu): 1 time
    95.231.139.36 (host36-139-static.231-95-b.business.telecomitalia.it): 1 time
    101.251.237.228: 4 times
    104.248.62.208: 7 times
    106.12.28.36: 1 time
    106.12.98.12: 7 times
    106.13.47.10: 1 time
    111.198.54.173: 2 times
    113.105.129.35: 2 times
    118.24.221.190: 6 times
    121.160.198.198: 1 time
    122.228.89.67: 9 times
    123.207.185.54: 10 times
    124.43.21.213 (mail.askcable.lk): 1 time
    128.199.220.232: 7 times
    139.199.0.84: 2 times
    165.22.143.229 (coinage.cloud): 1 time
    171.221.206.201: 4 times
    176.31.110.213 (ns322356.ip-176-31-110.eu): 6 times
    178.128.107.61: 1 time
    178.128.110.123: 9 times
    178.128.241.99: 1 time
    180.126.231.251: 6 times
    200.216.30.2: 8 times
    218.92.0.135: 6 times
    220.130.190.13 (220-130-190-13.HINET-IP.hinet.net): 4 times
 
 Illegal users from:
    undef: 1027 times
    23.94.16.72 (23-94-16-72-host.colocrossing.com): 1 time
    23.251.128.200 (200.128.251.23.bc.googleusercontent.com): 1 time
    27.106.45.6 (6.45.106.27.mysipl.com): 1 time
    27.124.8.175: 1 time
    35.187.52.165 (165.52.187.35.bc.googleusercontent.com): 41 times
    35.199.74.148 (148.74.199.35.bc.googleusercontent.com): 1 time
    35.240.242.87 (87.242.240.35.bc.googleusercontent.com): 50 times
    36.110.118.72 (72.118.110.36.static.bjtelecom.net): 50 times
    37.187.113.229 (ns328430.ip-37-187-113.eu): 1 time
    37.195.105.57 (l37-195-105-57.novotelecom.ru): 1 time
    43.226.38.26: 2 times
    43.239.145.190: 1 time
    45.160.149.42: 87 times
    46.101.242.117: 63 times
    50.126.95.22 (static-50-126-95-22.frr01.wivl.or.frontiernet.net): 1 time
    51.68.70.175 (175.ip-51-68-70.eu): 2 times
    51.68.227.49 (49.ip-51-68-227.eu): 52 times
    51.75.27.254 (254.ip-51-75-27.eu): 1 time
    51.255.26.166 (ip166.ip-51-255-26.eu): 14 times
    54.38.157.242 (242.ip-54-38-157.eu): 1 time
    58.119.3.76: 1 time
    59.49.99.124: 43 times
    61.72.255.26: 1 time
    63.41.9.210 (host210.sub-63-41-9.myvzw.com): 9 times
    67.205.136.215: 1 time
    68.183.181.7: 1 time
    79.137.77.131 (131.ip-79-137-77.eu): 1 time
    79.137.84.144 (144.ip-79-137-84.eu): 1 time
    82.64.126.7 (82-64-126-7.subs.proxad.net): 3 times
    82.166.93.77 (82-166-93-77.barak-online.net): 61 times
    83.175.213.246: 1 time
    85.163.230.163 (mx.loader.cz): 41 times
    86.105.53.166 (host166-53-105-86.static.arubacloud.de): 1 time
    91.134.143.2 (2.ip-91-134-143.eu): 1 time
    91.214.114.7 (mail.lonil.ru): 1 time
    92.25.125.159 (host-92-25-125-159.as13285.net): 1 time
    92.63.194.26: 3 times
    94.16.113.159 (v22019078713793072.bestsrv.de): 2 times
    95.231.139.36 (host36-139-static.231-95-b.business.telecomitalia.it): 22 times
    101.251.237.228: 39 times
    103.109.52.35: 1 time
    103.206.135.211: 1 time
    104.248.62.208: 62 times
    106.12.10.119: 1 time
    106.12.98.12: 53 times
    106.12.132.3: 1 time
    106.13.47.10: 18 times
    106.120.127.32: 3 times
    107.170.113.190 (www.flatland-01): 1 time
    107.179.116.226: 1 time
    109.89.132.137 (host-109-89-132-137.dynamic.voo.be): 1 time
    113.105.129.35: 29 times
    115.159.237.89: 1 time
    117.36.50.61: 1 time
    117.50.19.227: 8 times
    118.24.99.163: 2 times
    118.24.221.190: 65 times
    121.160.198.198: 1 time
    121.215.253.87 (CPE-121-215-253-87.static.nsw.bigpond.net.au): 1 time
    122.228.89.67: 49 times
    123.207.185.54: 82 times
    128.199.83.29: 1 time
    128.199.95.60: 1 time
    128.199.220.232: 41 times
    139.99.221.61: 1 time
    139.199.0.84: 17 times
    140.143.136.89: 1 time
    147.135.210.187 (187.ip-147-135-210.eu): 1 time
    148.70.11.143: 5 times
    150.254.123.96: 1 time
    151.80.155.98 (98.ip-151-80-155.eu): 1 time
    153.254.115.57 (153-254-115-57-revip-sg1-default.115.254.153.in-addr.arpa): 1 time
    157.230.58.231: 1 time
    158.69.192.214 (214.ip-158-69-192.net): 1 time
    159.65.255.153: 1 time
    159.89.38.26: 1 time
    163.172.187.30 (30-187-172-163.rev.cloud.scaleway.com): 1 time
    164.132.98.75 (75.ip-164-132-98.eu): 1 time
    164.132.107.245 (245.ip-164-132-107.eu): 1 time
    165.22.72.226: 1 time
    165.22.144.147: 1 time
    168.243.232.149 (ip168-243-232-149.intercom.com.sv): 1 time
    171.221.206.201: 23 times
    176.31.110.213 (ns322356.ip-176-31-110.eu): 42 times
    176.199.254.15 (ip-176-199-254-15.hsi06.unitymediagroup.de): 1 time
    177.85.161.134 (134.cl9.com.br): 1 time
    178.128.75.154: 1 time
    178.128.107.61: 7 times
    178.128.110.123: 46 times
    180.178.106.124: 1 time
    181.40.66.179 (vmhost-179-66-40-181.tigocloud.com.py): 1 time
    182.61.21.197: 4 times
    187.95.124.230 (230.124.95.187.static.copel.net): 1 time
    188.131.218.175: 1 time
    190.147.159.34 (static-ip-cr19014715934.cable.net.co): 1 time
    192.241.175.250 (sheriff.mobi): 1 time
    198.211.125.131: 1 time
    200.216.30.2: 36 times
    207.154.206.212: 1 time
    211.114.176.34: 3 times
    213.32.16.127 (127.ip-213-32-16.eu): 1 time
    220.94.205.218: 2 times
    220.130.190.13 (220-130-190-13.HINET-IP.hinet.net): 27 times
 
 ---------------------- SSHD End ------------------------- 

 
 --------------------- Disk Space Begin ------------------------ 

 Filesystem      Size  Used Avail Use% Mounted on
 /dev/vzfs       400G  242G  159G  61% /
 
 
 ---------------------- Disk Space End ------------------------- 

 
 ###################### Logwatch End #########################

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016