################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Tue Sep 1 04:42:12 2020 Date Range Processed: yesterday ( 2020-Aug-31 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [268:268] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 143.92.32.108 -> g.alicdn.com:443: 2 Time(s) 143.92.32.108 -> httpbin.org:443: 2 Time(s) 143.92.32.108 -> sm.bdimg.com:443: 2 Time(s) 185.39.11.105 -> zapf.wiki:443: 1 Time(s) 45.138.72.22 -> ip-api.com:80: 1 Time(s) A total of 2 sites probed the server 45.138.72.22 61.219.11.153 Requests with error response codes 400 Bad Request mstshash=Administr: 10 Time(s) /socket.io/?noteId=yczOqgwYRqybSms7tmurFQ& ... ETdKB2zzGDqAAn7: 4 Time(s) /socket.io/?noteId=yczOqgwYRqybSms7tmurFQ& ... eOJBG74LzKVAAn0: 4 Time(s) null: 4 Time(s) /socket.io/?noteId=yczOqgwYRqybSms7tmurFQ& ... R7hu-jstoMsAAns: 3 Time(s) /socket.io/?noteId=yczOqgwYRqybSms7tmurFQ& ... VIP_uKIiWk6AAnx: 3 Time(s) /socket.io/?noteId=yczOqgwYRqybSms7tmurFQ& ... l2ZG3WFnGpXAAny: 3 Time(s) /: 2 Time(s) /w00tw00t.at.ISC.SANS.DFind:): 2 Time(s) g.alicdn.com:443: 2 Time(s) httpbin.org:443: 2 Time(s) sm.bdimg.com:443: 2 Time(s) /confirm/%s: 1 Time(s) /socket.io/?noteId=yczOqgwYRqybSms7tmurFQ& ... zg406wH7VnaAAni: 1 Time(s) 7: 1 Time(s) \xC2\xBD\x07\xAD\xBB\xBE\xCA\xD0\x01D\xA9\xEF\xAB\xC0\x9At: 1 Time(s) ip-api.com:80: 1 Time(s) zapf.wiki:443: 1 Time(s) zapfev.de: 1 Time(s) 404 Not Found /robots.txt: 27 Time(s) /berichte/WiSe14/Bericht_WiSe14-Bremen.pdf: 1 Time(s) /blog/xmlrpc.php: 1 Time(s) /neuigkeiten/einladung-zapf-wise2011: 1 Time(s) /node: 1 Time(s) /phpMyAdmin/index.php: 1 Time(s) /phpmyadmin/index.php: 1 Time(s) /pma/index.php: 1 Time(s) /reader/https//zapf.wiki/User:Kuschelb%C3%A4r9000: 1 Time(s) /sites/default/files/Bericht_SommerZaPF13_Jena.pdf: 1 Time(s) /sites/default/files/Empfehlungen_der_ZaPF ... Fach_Physik.pdf: 1 Time(s) /vendor/phpunit/phpunit/LICENSE: 1 Time(s) /wordpress/xmlrpc.php: 1 Time(s) /wp-login.php: 1 Time(s) /xmlrpc.php: 1 Time(s) /zapf/reader/%7CTagungsreader: 1 Time(s) 499 (undefined) /apple-touch-icon.png: 2 Time(s) /build/font-pack.fef3ca2736298be630a4.css: 1 Time(s) /favicon.png: 1 Time(s) 500 Internal Server Error /: 16 Time(s) /a2billing/admin/Public/index.php: 1 Time(s) /admin//config.php: 1 Time(s) /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s) /robots.txt: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: unknown (180.166.114.14): 38 Time(s) unknown (68.183.121.252): 33 Time(s) unknown (27.115.51.162): 32 Time(s) unknown (66.37.110.238): 31 Time(s) unknown (94.191.23.15): 31 Time(s) unknown (212.129.16.53): 30 Time(s) unknown (ns360710.ip-91-121-164.eu): 30 Time(s) unknown (138.197.217.164): 29 Time(s) unknown (45.40.206.194): 29 Time(s) unknown (49.233.143.87): 28 Time(s) unknown (93.51.1.120): 28 Time(s) unknown (122.51.83.195): 27 Time(s) unknown (210.ip-54-37-75.eu): 27 Time(s) unknown (80.66.146.84): 27 Time(s) unknown (106.54.64.77): 26 Time(s) unknown (198.199.83.174): 26 Time(s) unknown (2.224.168.43): 26 Time(s) unknown (218.146.20.61): 26 Time(s) unknown (87.ip-54-37-136.eu): 26 Time(s) unknown (121.101.132.241): 25 Time(s) unknown (13.68.137.194): 25 Time(s) unknown (193.112.160.203): 25 Time(s) unknown (122.51.221.250): 24 Time(s) unknown (180.76.101.202): 24 Time(s) unknown (119.29.161.236): 23 Time(s) unknown (157.245.12.36): 23 Time(s) unknown (106.54.140.250): 22 Time(s) unknown (139.186.77.46): 22 Time(s) unknown (206.189.145.251): 22 Time(s) unknown (27.115.50.114): 22 Time(s) unknown (49.235.74.168): 22 Time(s) unknown (134.175.55.10): 21 Time(s) unknown (148.70.208.187): 21 Time(s) unknown (178.128.89.86): 21 Time(s) unknown (180.ip-137-74-199.eu): 21 Time(s) unknown (41.190.153.35): 21 Time(s) unknown (1.186.57.150): 20 Time(s) unknown (33.ip-51-255-199.eu): 20 Time(s) unknown (94.191.75.220): 20 Time(s) root (106.54.64.77): 19 Time(s) unknown (106.13.119.163): 19 Time(s) unknown (150.109.99.68): 19 Time(s) unknown (152.32.229.70): 19 Time(s) unknown (41.73.213.186): 19 Time(s) unknown (46.180.174.134): 17 Time(s) unknown (ns3058090.ip-37-187-5.eu): 17 Time(s) unknown (static-186-29-70-85.static.etb.net.co): 17 Time(s) unknown (152.174.69.247): 15 Time(s) root (178.128.89.86): 14 Time(s) root (68.183.121.252): 14 Time(s) unknown (111.229.78.121): 14 Time(s) root (121.101.132.241): 13 Time(s) root (87.ip-54-37-136.eu): 12 Time(s) root (152.174.69.247): 11 Time(s) root (180.ip-137-74-199.eu): 11 Time(s) root (210.ip-54-37-75.eu): 11 Time(s) root (41.190.153.35): 11 Time(s) root (49.235.74.168): 11 Time(s) root (ns360710.ip-91-121-164.eu): 11 Time(s) unknown (106.12.173.236): 11 Time(s) root (139.186.77.46): 10 Time(s) root (193.112.160.203): 10 Time(s) root (218.146.20.61): 10 Time(s) root (49.233.143.87): 10 Time(s) root (138.197.217.164): 9 Time(s) root (157.245.12.36): 9 Time(s) root (180.76.101.202): 9 Time(s) root (2.224.168.43): 9 Time(s) root (80.66.146.84): 9 Time(s) root (93.51.1.120): 9 Time(s) root (94.191.23.15): 9 Time(s) unknown (189.90.14.101): 9 Time(s) unknown (82.221.100.91): 9 Time(s) root (122.51.221.250): 8 Time(s) root (122.51.83.195): 8 Time(s) root (148.70.208.187): 8 Time(s) root (27.115.51.162): 8 Time(s) root (41.73.213.186): 8 Time(s) root (66.37.110.238): 8 Time(s) root (94.191.75.220): 8 Time(s) unknown (109.167.200.10): 8 Time(s) unknown (120.92.122.249): 8 Time(s) unknown (43.225.151.142): 8 Time(s) root (106.54.140.250): 7 Time(s) root (13.68.137.194): 7 Time(s) root (134.175.55.10): 7 Time(s) root (180.166.114.14): 7 Time(s) root (ns3058090.ip-37-187-5.eu): 7 Time(s) unknown (213.87.44.152): 7 Time(s) unknown (84.38.182.16): 7 Time(s) unknown (ip175.ip-137-74-132.eu): 7 Time(s) root (1.186.57.150): 6 Time(s) root (119.29.161.236): 6 Time(s) root (189.90.14.101): 6 Time(s) root (198.199.83.174): 6 Time(s) root (206.189.145.251): 6 Time(s) root (45.40.206.194): 6 Time(s) root (46.180.174.134): 6 Time(s) root (111.229.78.121): 5 Time(s) root (150.109.99.68): 5 Time(s) root (212.129.16.53): 5 Time(s) root (27.115.50.114): 5 Time(s) root (82.221.100.91): 5 Time(s) root (static-186-29-70-85.static.etb.net.co): 5 Time(s) unknown (60.30.98.194): 5 Time(s) root (106.13.119.163): 4 Time(s) root (152.32.229.70): 4 Time(s) unknown (111.229.39.187): 4 Time(s) unknown (121.166.187.187): 4 Time(s) postgres (122.51.221.250): 3 Time(s) root (33.ip-51-255-199.eu): 3 Time(s) root (84.38.182.16): 3 Time(s) root (ip175.ip-137-74-132.eu): 3 Time(s) unknown (141.98.9.31): 3 Time(s) unknown (159.65.13.76): 3 Time(s) unknown (89.144.47.28): 3 Time(s) postgres (180.76.101.202): 2 Time(s) root (106.12.173.236): 2 Time(s) root (111.229.39.187): 2 Time(s) root (121.166.187.187): 2 Time(s) root (213.87.44.152): 2 Time(s) root (45.227.255.4): 2 Time(s) root (85.209.0.252): 2 Time(s) unknown (119.162.78.159): 2 Time(s) unknown (128.199.241.107): 2 Time(s) unknown (141.98.9.32): 2 Time(s) unknown (141.98.9.33): 2 Time(s) unknown (141.98.9.34): 2 Time(s) unknown (141.98.9.35): 2 Time(s) unknown (141.98.9.36): 2 Time(s) unknown (182.61.104.246): 2 Time(s) unknown (193.218.118.130): 2 Time(s) unknown (93.55.192.42): 2 Time(s) backup (109.167.200.10): 1 Time(s) backup (134.175.55.10): 1 Time(s) backup (152.174.69.247): 1 Time(s) backup (152.32.229.70): 1 Time(s) backup (178.128.89.86): 1 Time(s) backup (198.199.83.174): 1 Time(s) backup (27.115.50.114): 1 Time(s) backup (94.191.23.15): 1 Time(s) backup (ns360710.ip-91-121-164.eu): 1 Time(s) irc (41.190.153.35): 1 Time(s) mysql (210.ip-54-37-75.eu): 1 Time(s) mysql (27.115.51.162): 1 Time(s) mysql (33.ip-51-255-199.eu): 1 Time(s) mysql (41.190.153.35): 1 Time(s) mysql (46.180.174.134): 1 Time(s) postgres (120.92.122.249): 1 Time(s) postgres (122.51.83.195): 1 Time(s) postgres (148.70.208.187): 1 Time(s) postgres (178.128.89.86): 1 Time(s) postgres (206.189.145.251): 1 Time(s) postgres (212.129.16.53): 1 Time(s) postgres (41.73.213.186): 1 Time(s) postgres (49.233.143.87): 1 Time(s) postgres (66.37.110.238): 1 Time(s) postgres (94.191.23.15): 1 Time(s) postgres (94.191.75.220): 1 Time(s) postgres (ip175.ip-137-74-132.eu): 1 Time(s) root (106.54.245.12): 1 Time(s) root (106.75.174.87): 1 Time(s) root (120.92.122.249): 1 Time(s) root (128.199.241.107): 1 Time(s) root (141.98.9.32): 1 Time(s) root (141.98.9.34): 1 Time(s) root (141.98.9.35): 1 Time(s) root (141.98.9.36): 1 Time(s) root (159.65.13.76): 1 Time(s) root (178.128.221.162): 1 Time(s) root (180.76.102.226): 1 Time(s) root (182.61.104.246): 1 Time(s) root (185.171.10.96): 1 Time(s) root (187-60-169-230.linharesonline.com.br): 1 Time(s) root (202.115.30.5): 1 Time(s) root (39.107.40.43): 1 Time(s) root (60.30.98.194): 1 Time(s) root (78.red-2-139-209.staticip.rima-tde.net): 1 Time(s) root (85.209.0.253): 1 Time(s) temp (122.51.221.250): 1 Time(s) temp (180.ip-137-74-199.eu): 1 Time(s) unknown (103.216.62.73): 1 Time(s) unknown (117.55.241.178): 1 Time(s) unknown (129.146.171.142): 1 Time(s) unknown (152.67.35.185): 1 Time(s) unknown (177.72.4.74): 1 Time(s) unknown (180.76.188.98): 1 Time(s) unknown (203.230.6.175): 1 Time(s) unknown (213.178.252.28): 1 Time(s) unknown (45.227.255.4): 1 Time(s) unknown (58.213.102.62): 1 Time(s) unknown (78.red-2-139-209.staticip.rima-tde.net): 1 Time(s) unknown (ip192.ip-142-44-218.net): 1 Time(s) www-data (84.38.182.16): 1 Time(s) Invalid Users: Unknown Account: 1278 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 6 Miscellaneous warnings 21.821K Bytes accepted 22,345 21.821K Bytes sent via SMTP 22,345 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 10 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 10 Total 4xx Rejects 100.00% ======== ================================================== 320 Connections 31 Connections lost (inbound) 320 Disconnections 1 Removed from queue 1 Sent via SMTP 2 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Failed logins from: 1.186.57.150 (1.186.57.150.dvois.com): 6 times 2.139.209.78 (78.red-2-139-209.staticip.rima-tde.net): 1 time 2.224.168.43: 9 times 13.68.137.194: 7 times 27.115.50.114: 6 times 27.115.51.162 (mx.able-elec.com): 9 times 37.187.5.175 (ns3058090.ip-37-187-5.eu): 7 times 39.107.40.43: 1 time 41.73.213.186: 9 times 41.190.153.35 (serverfarmip-41-190-153-35.liquidtelecom.net): 13 times 45.40.206.194: 6 times 45.227.255.4 (hostby.web4net.org): 2 times 46.180.174.134: 7 times 49.233.143.87: 11 times 49.235.74.168: 11 times 51.255.199.33 (33.ip-51-255-199.eu): 4 times 54.37.75.210 (210.ip-54-37-75.eu): 12 times 54.37.136.87 (87.ip-54-37-136.eu): 12 times 60.30.98.194 (no-data): 1 time 66.37.110.238: 9 times 68.183.121.252: 14 times 80.66.146.84 (static-80-66-146-84.ivnet.ru): 9 times 82.221.100.91: 5 times 84.38.182.16 (stainedglassaust.com): 4 times 85.209.0.252: 2 times 85.209.0.253: 1 time 91.121.164.188 (ns360710.ip-91-121-164.eu): 12 times 93.51.1.120: 9 times 94.191.23.15: 11 times 94.191.75.220: 9 times 106.12.173.236: 2 times 106.13.119.163: 4 times 106.54.64.77: 19 times 106.54.140.250: 7 times 106.54.245.12: 1 time 106.75.174.87: 1 time 109.167.200.10 (109-167-200-10.westcall.net): 1 time 111.229.39.187: 2 times 111.229.78.121: 5 times 119.29.161.236: 6 times 120.92.122.249: 2 times 121.101.132.241 (ip-241.132.101.terabit.net.id): 13 times 121.166.187.187: 2 times 122.51.83.195: 9 times 122.51.221.250: 12 times 128.199.241.107: 1 time 134.175.55.10: 8 times 137.74.132.175 (ip175.ip-137-74-132.eu): 4 times 137.74.199.180 (180.ip-137-74-199.eu): 12 times 138.197.217.164: 9 times 139.186.77.46: 10 times 141.98.9.32 (reaia.tumblles.com): 1 time 141.98.9.34 (hausch.tumblles.com): 1 time 141.98.9.35 (pyprak.tumblles.com): 1 time 141.98.9.36 (ababwa.tumblles.com): 1 time 148.70.208.187: 9 times 150.109.99.68: 5 times 152.32.229.70: 5 times 152.174.69.247: 12 times 157.245.12.36: 9 times 159.65.13.76: 1 time 178.128.89.86: 16 times 178.128.221.162: 1 time 180.76.101.202: 11 times 180.76.102.226: 1 time 180.166.114.14: 7 times 182.61.104.246: 1 time 185.171.10.96: 1 time 186.29.70.85 (static-186-29-70-85.static.etb.net.co): 5 times 187.60.169.230 (187-60-169-230.linharesonline.com.br): 1 time 189.90.14.101: 6 times 193.112.160.203: 10 times 198.199.83.174: 7 times 202.115.30.5: 1 time 206.189.145.251: 7 times 212.129.16.53 (212-129-16-53.rev.poneytelecom.eu): 6 times 213.87.44.152 (infrastructure-152-44.mts.ru): 2 times 218.146.20.61: 10 times Illegal users from: undef: 540 times 1.186.57.150 (1.186.57.150.dvois.com): 20 times 2.139.209.78 (78.red-2-139-209.staticip.rima-tde.net): 1 time 2.224.168.43: 26 times 13.68.137.194: 25 times 27.115.50.114: 22 times 27.115.51.162 (mx.able-elec.com): 32 times 37.187.5.175 (ns3058090.ip-37-187-5.eu): 17 times 41.73.213.186: 19 times 41.190.153.35 (serverfarmip-41-190-153-35.liquidtelecom.net): 21 times 43.225.151.142: 8 times 45.40.206.194: 29 times 45.227.255.4 (hostby.web4net.org): 1 time 46.180.174.134: 17 times 49.233.143.87: 28 times 49.235.74.168: 22 times 51.255.199.33 (33.ip-51-255-199.eu): 20 times 54.37.75.210 (210.ip-54-37-75.eu): 27 times 54.37.136.87 (87.ip-54-37-136.eu): 26 times 58.213.102.62: 1 time 60.30.98.194 (no-data): 5 times 65.49.20.67 (scan-18.shadowserver.org): 1 time 66.37.110.238: 31 times 68.183.121.252: 33 times 80.66.146.84 (static-80-66-146-84.ivnet.ru): 27 times 82.221.100.91: 9 times 84.38.182.16 (stainedglassaust.com): 7 times 89.144.47.28: 3 times 91.121.164.188 (ns360710.ip-91-121-164.eu): 30 times 93.51.1.120: 28 times 93.55.192.42: 2 times 94.191.23.15: 31 times 94.191.75.220: 20 times 103.216.62.73 (host.sindad.com): 1 time 106.12.173.236: 11 times 106.13.119.163: 19 times 106.54.64.77: 26 times 106.54.140.250: 22 times 109.167.200.10 (109-167-200-10.westcall.net): 8 times 111.229.39.187: 4 times 111.229.78.121: 14 times 117.55.241.178: 1 time 119.29.161.236: 23 times 119.162.78.159: 2 times 120.92.122.249: 8 times 121.101.132.241 (ip-241.132.101.terabit.net.id): 25 times 121.166.187.187: 4 times 122.51.83.195: 27 times 122.51.221.250: 24 times 128.199.241.107: 2 times 129.146.171.142: 1 time 134.175.55.10: 21 times 137.74.132.175 (ip175.ip-137-74-132.eu): 7 times 137.74.199.180 (180.ip-137-74-199.eu): 21 times 138.197.217.164: 29 times 139.186.77.46: 22 times 141.98.9.31 (cgsmac.tumblles.com): 3 times 141.98.9.32 (reaia.tumblles.com): 2 times 141.98.9.33 (kei.tumblles.com): 3 times 141.98.9.34 (hausch.tumblles.com): 2 times 141.98.9.35 (pyprak.tumblles.com): 2 times 141.98.9.36 (ababwa.tumblles.com): 2 times 142.44.218.192 (ip192.ip-142-44-218.net): 1 time 148.70.208.187: 21 times 150.109.99.68: 19 times 152.32.229.70: 19 times 152.67.35.185: 1 time 152.174.69.247: 15 times 157.245.12.36: 23 times 159.65.13.76: 3 times 177.72.4.74 (static-74.4.72.177-ttvi.com.br): 1 time 178.128.89.86: 21 times 180.76.101.202: 24 times 180.76.188.98: 1 time 180.166.114.14: 38 times 182.61.104.246: 2 times 186.29.70.85 (static-186-29-70-85.static.etb.net.co): 17 times 189.90.14.101: 9 times 193.112.160.203: 25 times 193.218.118.130 (130.118.218.193.urdn.com.ua): 2 times 198.199.83.174: 26 times 203.230.6.175: 1 time 206.189.145.251: 22 times 212.129.16.53 (212-129-16-53.rev.poneytelecom.eu): 30 times 213.87.44.152 (infrastructure-152-44.mts.ru): 7 times 213.178.252.28: 1 time 218.146.20.61: 26 times ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 242G 159G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################