04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Wed Jan 27 04:42:04 2021
Date Range Processed: yesterday
( 2021-Jan-26 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [237:236]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
Connection attempts using mod_proxy:
182.245.41.109 -> zapf.wiki:443: 1 Time(s)
A total of 6 sites probed the server
164.90.159.33
179.43.140.152
188.166.110.18
34.70.150.94
5.188.210.227
61.219.11.153
Requests with error response codes
400 Bad Request
null: 7 Time(s)
8/\xD0\x9A\xFE`\x11\xE0\xAB\xB5\x06\x94\xFDT: 1 Time(s)
HTTP/1.0: 1 Time(s)
http://5.188.210.227/echo.php: 1 Time(s)
http://nginx.korsangazi.com/scan.html: 1 Time(s)
mstshash=Administr: 1 Time(s)
zapf.wiki:443: 1 Time(s)
404 Not Found
/robots.txt: 46 Time(s)
/wp-login.php: 3 Time(s)
/bbs//install/index.php: 1 Time(s)
/blog/: 1 Time(s)
/club/install/index.php: 1 Time(s)
/cms/: 1 Time(s)
/install/index.php: 1 Time(s)
/new/: 1 Time(s)
/news/: 1 Time(s)
/protokolle/Protokoll_MV_2020_11_12_Muenchen.pdf: 1 Time(s)
/site/: 1 Time(s)
/sitemap.txt: 1 Time(s)
/sites/default/files/2006_SoSe_Dresden.pdf: 1 Time(s)
/sites/default/files/2009_WiSe_M%C3%BCnchen.pdf: 1 Time(s)
/sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s)
/web/: 1 Time(s)
/wordpress/: 1 Time(s)
/wp/: 1 Time(s)
/xiuno/install/index.php: 1 Time(s)
/xiunobbs/install/index.php: 1 Time(s)
500 Internal Server Error
/: 33 Time(s)
/robots.txt: 25 Time(s)
/atom.xml: 5 Time(s)
/sitemap.xml: 5 Time(s)
/sitemap.xml.gz: 5 Time(s)
/sitemap_index.xml: 5 Time(s)
/sitemaps.xml: 4 Time(s)
/admin//config.php: 2 Time(s)
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s)
/?XDEBUG_SESSION_START=phpstorm: 1 Time(s)
/Autodiscover/Autodiscover.xml: 1 Time(s)
/api/jsonws/invoke: 1 Time(s)
/auth/a.php: 1 Time(s)
/cgi-bin/config.exp: 1 Time(s)
/console/: 1 Time(s)
/index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s)
/mifs/.;/services/LogService: 1 Time(s)
/owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s)
/wp-content/plugins/wp-file-manager/readme.txt: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
unknown (ip78.ip-51-77-9.eu): 252 Time(s)
root (221.181.185.140): 84 Time(s)
root (121.4.78.77): 80 Time(s)
root (103.93.180.102): 73 Time(s)
root (42.159.80.91): 72 Time(s)
root (195.161.114.175): 68 Time(s)
root (185.232.70.140): 65 Time(s)
root (vps-741a1ccb.vps.ovh.net): 65 Time(s)
root (116.255.129.3): 64 Time(s)
root (156.ip-51-254-37.eu): 63 Time(s)
root (63.ip-51-178-17.eu): 62 Time(s)
root (42.192.152.72): 61 Time(s)
root (59-126-108-47.hinet-ip.hinet.net): 61 Time(s)
root (101.251.207.228): 60 Time(s)
root (111.125.70.22): 60 Time(s)
root (125.ip-151-80-152.eu): 60 Time(s)
root (129.204.249.11): 60 Time(s)
root (138.197.171.79): 60 Time(s)
root (157.230.234.93): 59 Time(s)
root (175.24.57.24): 59 Time(s)
root (195.19.99.83): 59 Time(s)
root (redmine.whitelynx.center): 59 Time(s)
root (49.234.111.90): 58 Time(s)
root (77.247.94.131): 58 Time(s)
root (201.111.106.35): 57 Time(s)
root (101.236.60.31): 56 Time(s)
root (119.29.144.4): 56 Time(s)
root (91.134.13.250): 53 Time(s)
root (103.99.244.70): 52 Time(s)
root (150.136.208.168): 52 Time(s)
root (188.166.190.225): 52 Time(s)
root (19.128.121.138.itechtelecom.net.br): 52 Time(s)
root (222.187.238.97): 52 Time(s)
root (49.232.221.213): 52 Time(s)
root (152.136.122.172): 50 Time(s)
root (221.181.185.143): 50 Time(s)
root (187.12.167.85): 48 Time(s)
root (166.237.93.34.bc.googleusercontent.com): 43 Time(s)
root (27.50.164.114): 43 Time(s)
root (68.183.108.46): 43 Time(s)
root (139.186.67.94): 42 Time(s)
root (213.ip-51-83-68.eu): 42 Time(s)
root (204.48.20.154): 41 Time(s)
root (207.154.196.106): 41 Time(s)
root (115.159.208.207): 40 Time(s)
root (42.192.78.13): 38 Time(s)
root (207.ip-51-255-203.eu): 37 Time(s)
root (170.ip-51-254-129.eu): 36 Time(s)
root (51.68.94.206): 36 Time(s)
root (61.177.172.104): 36 Time(s)
root (vps-1210d974.vps.ovh.net): 34 Time(s)
root (187.237.217.18): 33 Time(s)
root (49.232.137.200): 28 Time(s)
root (165.227.166.247): 26 Time(s)
root (41.77.146.98): 26 Time(s)
root (vps-1f3f632e.vps.ovh.net): 25 Time(s)
root (37.152.183.32): 22 Time(s)
root (static-200-58-83-144.supernet.com.bo): 22 Time(s)
root (14.232.214.138): 21 Time(s)
root (destek.in): 21 Time(s)
root (fixed-187-188-236-198.totalplay.net): 21 Time(s)
root (106.52.248.150): 17 Time(s)
root (222.252.27.212): 15 Time(s)
unknown (121.204.164.89): 15 Time(s)
root (121.204.164.89): 14 Time(s)
root (182.254.149.33): 14 Time(s)
root (182.254.211.79): 14 Time(s)
root (ti0107a400-3732.bb.online.no): 14 Time(s)
root (14.29.64.91): 13 Time(s)
root (218.92.0.248): 12 Time(s)
root (81.70.147.144): 12 Time(s)
root (81.70.180.77): 12 Time(s)
root (112.85.42.119): 10 Time(s)
root (122.194.229.54): 10 Time(s)
root (134.122.69.50): 10 Time(s)
root (222.252.98.12): 10 Time(s)
root (222.252.30.29): 9 Time(s)
unknown (193.27.229.200): 9 Time(s)
root (113.31.109.63): 8 Time(s)
root (125.70.244.4): 7 Time(s)
root (112.85.42.174): 6 Time(s)
root (112.85.42.98): 6 Time(s)
root (174.30.107.91): 6 Time(s)
root (184.97.63.124): 6 Time(s)
root (205.185.125.189): 6 Time(s)
root (207-118-180-166.dyn.centurytel.net): 6 Time(s)
root (67.6.97.130): 6 Time(s)
root (71-38-33-79.lsv2.qwest.net): 6 Time(s)
root (71.210.237.161): 6 Time(s)
root (71.219.123.128): 6 Time(s)
root (71.220.152.11): 6 Time(s)
root (75.165.28.88): 6 Time(s)
root (75.170.115.153): 6 Time(s)
root (97.124.201.86): 6 Time(s)
unknown (205.185.125.189): 6 Time(s)
root (112.85.42.172): 5 Time(s)
root (122.194.229.122): 5 Time(s)
root (122.194.229.59): 5 Time(s)
root (static-200-105-168-210.acelerate.net): 5 Time(s)
root (81.161.63.252): 4 Time(s)
mysql (ip78.ip-51-77-9.eu): 3 Time(s)
postgres (ip78.ip-51-77-9.eu): 3 Time(s)
root (81.161.63.253): 2 Time(s)
unknown (141.98.80.29): 2 Time(s)
unknown (141.98.80.90): 2 Time(s)
unknown (141.98.80.93): 2 Time(s)
unknown (188.126.89.28): 2 Time(s)
unknown (79-66-66-18.dynamic.dsl.as9105.com): 2 Time(s)
backup (ip78.ip-51-77-9.eu): 1 Time(s)
proxy (ip78.ip-51-77-9.eu): 1 Time(s)
root (101.32.184.141): 1 Time(s)
root (104.224.183.154.16clouds.com): 1 Time(s)
root (104.248.181.156): 1 Time(s)
root (106.54.83.253): 1 Time(s)
root (111.67.195.77): 1 Time(s)
root (115.99.14.202): 1 Time(s)
root (119.29.121.229): 1 Time(s)
root (121.4.49.216): 1 Time(s)
root (121.5.62.146): 1 Time(s)
root (129.211.205.136): 1 Time(s)
root (141.98.80.89): 1 Time(s)
root (141.98.80.91): 1 Time(s)
root (141.98.80.92): 1 Time(s)
root (179.210.165.2): 1 Time(s)
root (188.126.89.28): 1 Time(s)
root (190.85.108.186): 1 Time(s)
root (51.ip-51-91-110.eu): 1 Time(s)
root (81.161.63.101): 1 Time(s)
root (81.161.63.251): 1 Time(s)
root (81.68.152.105): 1 Time(s)
root (82.55.1.52): 1 Time(s)
sshd (193.27.229.200): 1 Time(s)
temp (ip78.ip-51-77-9.eu): 1 Time(s)
unknown (141.98.80.89): 1 Time(s)
unknown (141.98.80.91): 1 Time(s)
unknown (141.98.80.92): 1 Time(s)
unknown (200.216.31.148): 1 Time(s)
unknown (tor-exit-relay-3.anonymizing-proxy.digitalcourage.de): 1 Time(s)
unknown (tor-exit4-readme.dfri.se): 1 Time(s)
Invalid Users:
Unknown Account: 298 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
8 Miscellaneous warnings
20.999K Bytes accepted 21,503
20.999K Bytes sent via SMTP 21,503
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
1 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
1 Total 4xx Rejects 100.00%
======== ==================================================
59 Connections
8 Connections lost (inbound)
59 Disconnections
1 Removed from queue
1 Sent via SMTP
2 SMTP dialog errors
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
root : 28 Time(s)
Failed logins from:
14.29.64.91: 13 times
14.232.214.138: 21 times
27.50.164.114: 43 times
34.93.237.166 (166.237.93.34.bc.googleusercontent.com): 43 times
37.152.183.32: 22 times
41.77.146.98 (41.77.146.98.liquidtelecom.net): 26 times
42.159.80.91: 72 times
42.192.78.13: 38 times
42.192.152.72: 61 times
49.232.137.200: 28 times
49.232.221.213: 52 times
49.234.111.90: 58 times
51.68.94.206 (ip-51-68-94.eu): 36 times
51.77.9.78 (ip78.ip-51-77-9.eu): 9 times
51.83.68.213 (213.ip-51-83-68.eu): 42 times
51.91.110.51 (51.ip-51-91-110.eu): 1 time
51.178.17.63 (63.ip-51-178-17.eu): 62 times
51.210.14.124 (vps-1210d974.vps.ovh.net): 34 times
51.254.37.156 (156.ip-51-254-37.eu): 63 times
51.254.129.170 (170.ip-51-254-129.eu): 36 times
51.255.203.207 (207.ip-51-255-203.eu): 37 times
54.38.243.187 (vps-741a1ccb.vps.ovh.net): 65 times
59.126.108.47 (59-126-108-47.HINET-IP.hinet.net): 61 times
61.177.172.104: 36 times
64.225.20.153 (redmine.whitelynx.center): 59 times
67.6.97.130 (67-6-97-130.clma.centurylink.net): 6 times
68.183.108.46: 43 times
71.38.33.79 (71-38-33-79.lsv2.qwest.net): 6 times
71.210.237.161 (71-210-237-161.rcmt.qwest.net): 6 times
71.219.123.128 (71-219-123-128.chvl.qwest.net): 6 times
71.220.152.11 (71-220-152-11.tlhs.qwest.net): 6 times
75.165.28.88 (75-165-28-88.crls.qwest.net): 6 times
75.170.115.153 (75-170-115-153.rcmt.centurylink.net): 6 times
77.247.94.131: 58 times
81.68.152.105: 1 time
81.70.147.144: 12 times
81.70.180.77: 12 times
81.161.63.101: 1 time
81.161.63.251: 1 time
81.161.63.252: 4 times
81.161.63.253: 2 times
82.55.1.52: 1 time
88.88.130.173 (ti0107a400-3732.bb.online.no): 14 times
91.134.13.250: 53 times
97.124.201.86 (97-124-201-86.phnx.qwest.net): 6 times
101.32.184.141: 1 time
101.236.60.31: 56 times
101.251.207.228: 60 times
103.93.180.102: 73 times
103.99.244.70: 52 times
104.224.183.154 (104.224.183.154.16clouds.com): 1 time
104.248.181.156: 1 time
106.52.248.150: 17 times
106.54.83.253: 1 time
111.67.195.77: 1 time
111.125.70.22: 60 times
112.85.42.98: 6 times
112.85.42.119: 10 times
112.85.42.172: 5 times
112.85.42.174: 6 times
113.31.109.63: 8 times
115.99.14.202: 1 time
115.159.208.207: 40 times
116.255.129.3: 64 times
119.29.121.229: 1 time
119.29.144.4: 56 times
121.4.49.216: 1 time
121.4.78.77: 80 times
121.5.62.146: 1 time
121.204.164.89: 14 times
122.194.229.54: 10 times
122.194.229.59: 5 times
122.194.229.122: 5 times
125.70.244.4 (4.244.70.125.broad.cd.sc.dynamic.163data.com.cn): 7 times
129.204.249.11: 60 times
129.211.205.136: 1 time
134.122.69.50: 10 times
138.121.128.19 (19.128.121.138.itechtelecom.net.br): 52 times
138.197.171.79: 60 times
139.186.67.94: 42 times
141.98.80.89: 1 time
141.98.80.91: 1 time
141.98.80.92: 1 time
142.93.211.36 (destek.in): 21 times
150.136.208.168: 52 times
151.80.152.125 (125.ip-151-80-152.eu): 60 times
152.136.122.172: 50 times
157.230.234.93: 59 times
165.227.166.247: 26 times
174.30.107.91 (174-30-107-91.wrbg.centurylink.net): 6 times
175.24.57.24: 59 times
179.210.165.2 (b3d2a502.virtua.com.br): 1 time
182.254.149.33: 14 times
182.254.211.79: 14 times
184.97.63.124 (184-97-63-124.lcrs.centurylink.net): 6 times
185.232.70.140 (matze19999.goodsrv.de): 65 times
187.12.167.85: 48 times
187.188.236.198 (fixed-187-188-236-198.totalplay.net): 21 times
187.237.217.18 (customer-187-237-217-18.uninet-ide.com.mx): 33 times
188.126.89.28: 1 time
188.166.190.225: 52 times
190.85.108.186: 1 time
193.27.229.200: 1 time
193.70.84.104 (vps-1f3f632e.vps.ovh.net): 25 times
195.19.99.83: 59 times
195.161.114.175: 68 times
200.58.83.144 (static-200-58-83-144.supernet.com.bo): 22 times
200.105.168.210 (static-200-105-168-210.acelerate.net): 5 times
201.111.106.35 (dup-201-111-106-35.prod-dial.com.mx): 57 times
204.48.20.154: 41 times
205.185.125.189: 6 times
207.118.180.166 (207-118-180-166.dyn.centurytel.net): 6 times
207.154.196.106: 41 times
218.92.0.248: 12 times
221.181.185.140: 90 times
221.181.185.143: 54 times
222.187.238.97: 54 times
222.252.27.212 (static.vnpt-hanoi.com.vn): 15 times
222.252.30.29 (static.vnpt-hanoi.com.vn): 9 times
222.252.98.12 (static.vnpt-hanoi.com.vn): 10 times
Illegal users from:
undef: 193 times
51.77.9.78 (ip78.ip-51-77-9.eu): 252 times
65.49.20.69 (scan-20.shadowserver.org): 1 time
79.66.66.18 (79-66-66-18.dynamic.dsl.as9105.com): 2 times
121.204.164.89: 15 times
139.162.122.110 (scan-8.security.ipip.net): 1 time
141.98.80.29: 2 times
141.98.80.89: 1 time
141.98.80.90: 2 times
141.98.80.91: 1 time
141.98.80.92: 1 time
141.98.80.93: 2 times
171.25.193.78 (tor-exit4-readme.dfri.se): 1 time
185.220.102.249 (tor-exit-relay-3.anonymizing-proxy.digitalcourage.de): 1 time
188.126.89.28: 2 times
193.27.229.200: 9 times
200.216.31.148: 1 time
205.185.125.189: 6 times
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/ploop47755p1 394G 242G 132G 65% /
none 4.0G 0 4.0G 0% /dev
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
1727
days inactive
1727
days old
0 comments
1 participants
participants (1)
-
root@zapf.in