Logwatch for h2361197.stratoserver.net (Linux)

Mittwoch, 5 Mai 2021


 
 ################### Logwatch 7.4.0 (03/01/11) #################### 
        Processing Initiated: Wed May  5 04:42:06 2021
        Date Range Processed: yesterday
                              ( 2021-May-04 )
                              Period is day.
        Detail Level of Output: 0
        Type of Output/Format: mail / text
        Logfiles for Host: h2361197.stratoserver.net
 ################################################################## 
 
 --------------------- fail2ban-messages Begin ------------------------ 

 Banned services with Fail2Ban:				 Bans:Unbans
    ssh:                                                    [139:137]
 
 ---------------------- fail2ban-messages End ------------------------- 

 
 --------------------- httpd Begin ------------------------ 

 
 Connection attempts using mod_proxy:
    91.239.130.30 -> cdn.jsdelivr.net:443: 3 Time(s)
 
 A total of 3 sites probed the server 
    167.71.102.181
    58.253.4.178
    64.227.3.111
 
 Requests with error response codes
    400 Bad Request
       null: 5 Time(s)
       /: 3 Time(s)
       cdn.jsdelivr.net:443: 3 Time(s)
       /robots.txt: 2 Time(s)
       /.well-known/security.txt: 1 Time(s)
       /favicon.ico: 1 Time(s)
       /sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/: 1 Time(s)
       HTTP/1.0: 1 Time(s)
       \x05~6\x17y\xE9\x84: 1 Time(s)
       \xEF\xCAZ\xFB\xF3\xC13dA\xD2\xFD|\xE9$\x07 ... DEZ\xFFi=Qg\xC5: 1 Time(s)
       mstshash=Administr: 1 Time(s)
    404 Not Found
       /robots.txt: 35 Time(s)
       /wp-login.php: 3 Time(s)
       /protokolle/Protokoll_MV_12.11.2016.pdf: 2 Time(s)
       /.env: 1 Time(s)
       /berlin/apple-touch-icon.png: 1 Time(s)
       /blog/wp-login.php: 1 Time(s)
       /datenschutz: 1 Time(s)
       /download/reader_ka99.pdf: 1 Time(s)
       /protokolle/Ergebnisprotokoll_MV_09.06.2017.pdf: 1 Time(s)
       /reader/2016_SoSe_Konstanz_lang.pdf%7CLangversion: 1 Time(s)
       /reader/2017_SoSe_Berlin_vorlaeufig.pdf%7C: 1 Time(s)
       /resolutionen/sose17/symptompflicht/PosPapier_: 1 Time(s)
       /resolutionen/wise17/zwangsexmatrikulation ... trikulation.pdf: 1 Time(s)
       /sites/default/files/1981_WiSe_K%C3%B6ln.pdf: 1 Time(s)
       /sites/default/files/2009_SoSe_G%C3%B6ttingen.pdf: 1 Time(s)
       /sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s)
       /verein%7CZaPF: 1 Time(s)
       /wordpress/wp-login.php: 1 Time(s)
       /wp-config-backup.txt: 1 Time(s)
       /wp-config.php.0: 1 Time(s)
       /wp-config.php.1: 1 Time(s)
       /wp-config.php.2: 1 Time(s)
       /wp-config.php.3: 1 Time(s)
       /wp-config.php.4: 1 Time(s)
       /wp-config.php.5: 1 Time(s)
       /wp-config.php.7: 1 Time(s)
       /wp-config.php.9: 1 Time(s)
       /wp-config.php.backup: 1 Time(s)
       /wp-config.php.orig: 1 Time(s)
       /wp-config.php_: 1 Time(s)
       /wp/wp-login.php: 1 Time(s)
    416 Request Range Not Satisfiable
       /reader/2017_SoSe_Berlin.pdf: 1 Time(s)
    499 (undefined)
       /build/260ef443edb4dfd026d82e2b21a4c75c.woff: 1 Time(s)
       /fonts/SourceCodePro-Regular.woff: 1 Time(s)
    500 Internal Server Error
       /: 81 Time(s)
       /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 4 Time(s)
       /?XDEBUG_SESSION_START=phpstorm: 2 Time(s)
       /Autodiscover/Autodiscover.xml: 2 Time(s)
       /_ignition/execute-solution: 2 Time(s)
       /api/jsonws/invoke: 2 Time(s)
       /console/: 2 Time(s)
       /favicon.ico: 2 Time(s)
       /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 2 Time(s)
       /mifs/.;/services/LogService: 2 Time(s)
       /wp-content/plugins/wp-file-manager/readme.txt: 2 Time(s)
       /GponForm/diag_Form?style/: 1 Time(s)
       /Telerik.Web.UI.WebResource.axd?type=rau: 1 Time(s)
       /actuator/health: 1 Time(s)
       /owa/: 1 Time(s)
       /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s)
       /remote/login: 1 Time(s)
       /robots.txt: 1 Time(s)
 
 ---------------------- httpd End ------------------------- 

 
 --------------------- pam_unix Begin ------------------------ 

 sshd:
    Authentication Failures:
       root (114.80.154.77): 100 Time(s)
       root (123.31.45.49): 100 Time(s)
       root (128.199.90.73): 100 Time(s)
       root (165.227.95.92): 100 Time(s)
       root (178.54.1.21): 100 Time(s)
       root (188.166.246.158): 100 Time(s)
       root (192.241.246.167): 100 Time(s)
       root (200.122.249.203): 100 Time(s)
       root (207.154.205.115): 100 Time(s)
       root (212.83.144.11): 100 Time(s)
       root (218.25.130.220): 100 Time(s)
       root (220.76.192.95): 100 Time(s)
       root (234.164.213.35.bc.googleusercontent.com): 100 Time(s)
       root (45.232.244.5): 100 Time(s)
       root (49.232.163.254): 100 Time(s)
       root (host-2-114-206-97.business.telecomitalia.it): 100 Time(s)
       root (static.140.147.21.65.clients.your-server.de): 100 Time(s)
       root (v2202102141063142863.hotsrv.de): 100 Time(s)
       root (vps-7d8bb9fc.vps.ovh.net): 100 Time(s)
       root (121.5.125.9): 99 Time(s)
       root (178.128.221.85): 99 Time(s)
       root (58.58.71.218): 96 Time(s)
       root (178.128.144.227): 90 Time(s)
       root (27.128.229.118): 85 Time(s)
       root (106.124.140.36): 83 Time(s)
       root (106.54.170.148): 81 Time(s)
       root (121.4.58.192): 70 Time(s)
       root (159.75.84.48): 69 Time(s)
       root (122.225.61.30): 68 Time(s)
       root (49.234.157.245): 64 Time(s)
       root (188.166.251.27): 63 Time(s)
       root (49.235.167.59): 58 Time(s)
       root (87.255.193.50): 57 Time(s)
       root (vps-1eb86c89.vps.ovh.ca): 57 Time(s)
       root (216.80.102.155): 56 Time(s)
       root (178.62.195.233): 55 Time(s)
       root (185.207.136.87): 55 Time(s)
       root (oiltest.aqualinkbd.com): 55 Time(s)
       root (43.128.18.10): 53 Time(s)
       root (170.106.65.54): 52 Time(s)
       root (110.88.160.233): 51 Time(s)
       root (119.29.73.218): 51 Time(s)
       root (111.229.1.180): 48 Time(s)
       root (134.175.121.80): 48 Time(s)
       root (103.82.100.226): 46 Time(s)
       root (49.232.13.17): 42 Time(s)
       root (23.101.22.82): 39 Time(s)
       root (181.49.117.166): 38 Time(s)
       root (202.21.123.124): 38 Time(s)
       root (111.68.98.152): 37 Time(s)
       root (c-71-198-204-77.hsd1.ca.comcast.net): 37 Time(s)
       root (163.172.165.127): 36 Time(s)
       root (79.143.27.40): 36 Time(s)
       root (98.143.148.45): 35 Time(s)
       root (net-93-145-61-6.cust.vodafonedsl.it): 34 Time(s)
       root (187.101.226.148): 31 Time(s)
       root (119.28.32.60): 29 Time(s)
       root (134.122.44.93): 27 Time(s)
       root (150.158.163.46): 27 Time(s)
       root (45.80.189.110): 26 Time(s)
       root (1.15.251.60): 25 Time(s)
       root (119.45.50.126): 25 Time(s)
       root (150.136.162.158): 20 Time(s)
       root (218.92.0.184): 17 Time(s)
       root (140.249.202.248): 16 Time(s)
       root (106.13.148.29): 15 Time(s)
       root (118.24.117.134): 15 Time(s)
       unknown (187.62.183.110): 12 Time(s)
       unknown (181.49.117.166): 11 Time(s)
       unknown (45.146.165.151): 11 Time(s)
       root (81.68.133.86): 8 Time(s)
       root (162.0.223.44): 7 Time(s)
       root (209.141.52.246): 7 Time(s)
       root (mx1.theiideacompany.mx): 7 Time(s)
       root (113.120.62.249): 6 Time(s)
       root (113.128.11.64): 6 Time(s)
       root (113.128.120.199): 6 Time(s)
       root (113.128.34.123): 6 Time(s)
       root (122.4.40.27): 6 Time(s)
       root (122.4.44.59): 6 Time(s)
       root (122.4.47.162): 6 Time(s)
       root (122.4.51.33): 6 Time(s)
       root (213.74.22.134): 6 Time(s)
       root (218.92.0.165): 6 Time(s)
       unknown (116.110.68.228): 6 Time(s)
       unknown (77.79.248.53): 6 Time(s)
       root (162.62.133.130): 5 Time(s)
       root (188.166.151.44): 4 Time(s)
       root (211.36.146.34): 4 Time(s)
       root (45.135.232.165): 3 Time(s)
       root (45.146.165.72): 3 Time(s)
       unknown (116.110.29.161): 3 Time(s)
       root (187.62.183.110): 2 Time(s)
       root (45.146.165.151): 2 Time(s)
       root (77.79.248.53): 2 Time(s)
       unknown (pd9e53b4f.dip0.t-ipconnect.de): 2 Time(s)
       root (102.164.61.126): 1 Time(s)
       root (103.114.100.87): 1 Time(s)
       root (111.0.123.73): 1 Time(s)
       root (113.128.27.29): 1 Time(s)
       root (117.50.120.133): 1 Time(s)
       root (122.225.203.162): 1 Time(s)
       root (123.206.104.110): 1 Time(s)
       root (138.197.111.192): 1 Time(s)
       root (140.143.229.207): 1 Time(s)
       root (171.226.0.208): 1 Time(s)
       root (171.227.212.203): 1 Time(s)
       root (181.30.28.174): 1 Time(s)
       root (223.68.169.180): 1 Time(s)
       root (45.158.22.211): 1 Time(s)
       root (49.234.200.68): 1 Time(s)
       root (static-201-163-162-179.alestra.net.mx): 1 Time(s)
       root (tor-exit-relay-3.anonymizing-proxy.digitalcourage.de): 1 Time(s)
       root (tor-exit-relay-4.anonymizing-proxy.digitalcourage.de): 1 Time(s)
       unknown (116.110.48.177): 1 Time(s)
       unknown (171.227.212.203): 1 Time(s)
       unknown (178.128.221.85): 1 Time(s)
       unknown (185.220.101.198): 1 Time(s)
       unknown (185.220.102.244): 1 Time(s)
       unknown (185.38.175.71): 1 Time(s)
       unknown (198.144.120.234): 1 Time(s)
       unknown (198.98.54.56): 1 Time(s)
       unknown (211.36.146.34): 1 Time(s)
       unknown (23.129.64.236): 1 Time(s)
       unknown (23.129.64.239): 1 Time(s)
       unknown (23.129.64.251): 1 Time(s)
       unknown (43.128.18.10): 1 Time(s)
       unknown (89.163.252.30): 1 Time(s)
       unknown (ip168.ip-51-195-166.eu): 1 Time(s)
       unknown (marcuse-1.nos-oignons.net): 1 Time(s)
       unknown (marcuse-2.nos-oignons.net): 1 Time(s)
       unknown (snowden.tor-exit.calyxinstitute.org): 1 Time(s)
       unknown (this-is-a-tor-exit-node-hviv117.hviv.nl): 1 Time(s)
       unknown (tor-exit-relay-3.anonymizing-proxy.digitalcourage.de): 1 Time(s)
       unknown (tor-exit-relay-4.anonymizing-proxy.digitalcourage.de): 1 Time(s)
       unknown (tor-exit1-readme.dfri.se): 1 Time(s)
    Invalid Users:
       Unknown Account: 73 Time(s)
 
 
 ---------------------- pam_unix End ------------------------- 

 
 --------------------- Postfix Begin ------------------------ 

        7   Miscellaneous warnings  
 
   17.957K  Bytes accepted                              18,388
   17.957K  Bytes sent via SMTP                         18,388
 ========   ==================================================
 
        1   Accepted                                   100.00%
 --------   --------------------------------------------------
        1   Total                                      100.00%
 ========   ==================================================
 
        4   4xx Reject relay denied                    100.00%
 --------   --------------------------------------------------
        4   Total 4xx Rejects                          100.00%
 ========   ==================================================
 
      385   Connections             
       19   Connections lost (inbound) 
      385   Disconnections          
        1   Removed from queue      
        1   Sent via SMTP           
 
        2   Timeouts (inbound)      
       48   Hostname verification errors (FCRDNS) 
 
 
 ---------------------- Postfix End ------------------------- 

 
 --------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------ 

 Large Mailbox threshold: 40MB (41943040 bytes)
  Warning: Large mailbox: mailman.gz (1747199807)
  Warning: Large mailbox: mailman (235703599967)
 
 ---------------------- sendmail-largeboxes (large mail spool files) End
------------------------- 

 
 --------------------- SSHD Begin ------------------------ 

 
 Disconnecting after too many authentication failures for user:
    root : 4 Time(s)
 
 Failed logins from:
    1.15.251.60: 25 times
    2.114.206.97 (host-2-114-206-97.business.telecomitalia.it): 100 times
    23.101.22.82: 39 times
    27.128.229.118: 85 times
    35.213.164.234 (234.164.213.35.bc.googleusercontent.com): 100 times
    43.128.18.10: 53 times
    45.80.189.110: 26 times
    45.135.232.165: 3 times
    45.146.165.72: 3 times
    45.146.165.151: 2 times
    45.158.22.211: 1 time
    45.232.244.5: 100 times
    49.232.13.17: 42 times
    49.232.163.254: 100 times
    49.234.157.245: 64 times
    49.234.200.68: 1 time
    49.235.167.59: 58 times
    51.79.164.156 (vps-1eb86c89.vps.ovh.ca): 57 times
    51.91.250.20 (vps-7d8bb9fc.vps.ovh.net): 100 times
    58.58.71.218: 96 times
    65.21.147.140 (static.140.147.21.65.clients.your-server.de): 100 times
    71.198.204.77 (c-71-198-204-77.hsd1.ca.comcast.net): 37 times
    77.79.248.53 (ip-2.77-79-248-52.net.eco.atman.pl): 2 times
    79.143.27.40: 36 times
    81.68.133.86: 8 times
    87.255.193.50: 56 times
    93.145.61.6 (net-93-145-61-6.cust.vodafonedsl.it): 34 times
    98.143.148.45: 35 times
    102.164.61.126: 1 time
    103.82.100.226: 46 times
    103.114.100.87: 1 time
    106.13.148.29: 15 times
    106.54.170.148: 81 times
    106.124.140.36: 83 times
    110.88.160.233: 51 times
    111.0.123.73: 1 time
    111.68.98.152 (111.68.98.152.pern.pk): 37 times
    111.229.1.180: 48 times
    113.120.62.249: 6 times
    113.128.11.64: 6 times
    113.128.27.29: 1 time
    113.128.34.123: 6 times
    113.128.120.199: 6 times
    114.80.154.77: 100 times
    117.50.120.133: 1 time
    118.24.117.134: 15 times
    119.28.32.60: 29 times
    119.29.73.218: 51 times
    119.45.50.126: 25 times
    121.4.58.192: 70 times
    121.5.125.9: 99 times
    122.4.40.27 (27.40.4.122.broad.jn.sd.dynamic.163data.com.cn): 6 times
    122.4.44.59 (59.44.4.122.broad.jn.sd.dynamic.163data.com.cn): 6 times
    122.4.47.162 (162.47.4.122.broad.jn.sd.dynamic.163data.com.cn): 6 times
    122.4.51.33 (33.51.4.122.broad.jn.sd.dynamic.163data.com.cn): 6 times
    122.225.61.30: 68 times
    122.225.203.162: 1 time
    123.31.45.49 (static.vnpt.vn): 100 times
    123.206.104.110: 1 time
    128.199.90.73: 100 times
    134.122.44.93: 27 times
    134.175.121.80: 48 times
    138.197.111.192: 1 time
    140.143.229.207: 1 time
    140.249.202.248: 16 times
    150.136.162.158: 20 times
    150.158.163.46: 27 times
    159.75.84.48: 69 times
    162.0.223.44: 7 times
    162.62.133.130: 5 times
    163.172.165.127 (127-165-172-163.instances.scw.cloud): 36 times
    165.227.95.92: 100 times
    170.106.65.54: 52 times
    171.226.0.208 (dynamic-ip-adsl.viettel.vn): 1 time
    171.227.212.203 (dynamic-adsl.viettel.vn): 1 time
    178.54.1.21 (unallocated.sta.synapse.net.ua): 100 times
    178.62.195.233: 55 times
    178.128.144.227: 90 times
    178.128.148.223 (oiltest.aqualinkbd.com): 55 times
    178.128.221.85: 99 times
    181.30.28.174 (174-28-30-181.fibertel.com.ar): 1 time
    181.49.117.166: 38 times
    185.207.136.87: 55 times
    185.220.102.249 (tor-exit-relay-3.anonymizing-proxy.digitalcourage.de): 1 time
    185.220.102.250 (tor-exit-relay-4.anonymizing-proxy.digitalcourage.de): 1 time
    187.62.183.110 (110.183.62.187.cnnet.com.br): 2 times
    187.101.226.148 (187-101-226-148.dsl.telesp.net.br): 31 times
    188.166.151.44: 4 times
    188.166.246.158: 100 times
    188.166.251.27: 63 times
    189.206.165.62 (mx1.theiideacompany.mx): 7 times
    192.241.246.167: 100 times
    200.122.249.203 (static-dedicado-200-122-249-203.une.net.co): 100 times
    201.163.162.179 (static-201-163-162-179.alestra.net.mx): 1 time
    202.21.123.124: 38 times
    202.61.240.203 (v2202102141063142863.hotsrv.de): 100 times
    207.154.205.115: 100 times
    209.141.52.246 (lab.lv.dgv.dev.br): 7 times
    211.36.146.34: 4 times
    212.83.144.11 (212-83-144-11.rev.poneytelecom.eu): 100 times
    213.74.22.134 (host-213-74-22-134.superonline.net): 6 times
    216.80.102.155: 56 times
    218.25.130.220: 100 times
    218.92.0.165: 6 times
    218.92.0.184: 17 times
    220.76.192.95: 100 times
    223.68.169.180: 1 time
 
 Illegal users from:
    undef: 37 times
    23.129.64.236: 1 time
    23.129.64.239: 1 time
    23.129.64.251: 1 time
    43.128.18.10: 1 time
    45.146.165.151: 11 times
    51.195.166.168 (ip168.ip-51-195-166.eu): 1 time
    65.49.20.66 (scan-17.shadowserver.org): 1 time
    77.79.248.53 (ip-2.77-79-248-52.net.eco.atman.pl): 6 times
    89.163.252.30 (srv1016.dedicated.server-hosting.expert): 1 time
    116.110.29.161: 3 times
    116.110.48.177: 1 time
    116.110.68.228: 6 times
    162.247.74.213 (snowden.tor-exit.calyxinstitute.org): 1 time
    171.25.193.77 (tor-exit1-readme.dfri.se): 1 time
    171.227.212.203 (dynamic-adsl.viettel.vn): 1 time
    178.20.55.16 (marcuse-1.nos-oignons.net): 1 time
    178.20.55.18 (marcuse-2.nos-oignons.net): 1 time
    178.128.221.85: 1 time
    181.49.117.166: 11 times
    185.38.175.71: 1 time
    185.220.101.198: 1 time
    185.220.102.244 (185-220-102-244.torservers.net): 1 time
    185.220.102.249 (tor-exit-relay-3.anonymizing-proxy.digitalcourage.de): 1 time
    185.220.102.250 (tor-exit-relay-4.anonymizing-proxy.digitalcourage.de): 1 time
    187.62.183.110 (110.183.62.187.cnnet.com.br): 14 times
    192.42.116.17 (this-is-a-tor-exit-node-hviv117.hviv.nl): 1 time
    198.98.54.56: 1 time
    198.144.120.234: 1 time
    211.36.146.34: 1 time
    217.229.59.79 (pd9e53b4f.dip0.t-ipconnect.de): 2 times
 
 ---------------------- SSHD End ------------------------- 

 
 --------------------- Disk Space Begin ------------------------ 

 Filesystem         Size  Used Avail Use% Mounted on
 /dev/ploop47755p1  394G  242G  132G  65% /
 none               4.0G     0  4.0G   0% /dev
 
 
 ---------------------- Disk Space End ------------------------- 

 
 ###################### Logwatch End #########################

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016