04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Sat Jul 6 04:42:07 2019
Date Range Processed: yesterday
( 2019-Jul-05 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [288:288]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 2 sites probed the server
132.148.144.214
66.240.205.34
Requests with error response codes
400 Bad Request
mstshash=Administr: 4 Time(s)
/w00tw00t.at.ISC.SANS.DFind:): 3 Time(s)
null: 3 Time(s)
/Login.htm: 1 Time(s)
/setup.cgi?next_file=netgear.cfg&todo=sysc ... ntsetting.htm=1: 1 Time(s)
/shell?busybox: 1 Time(s)
http://110.249.212.46/testget?q=23333&port=80: 1 Time(s)
404 Not Found
/robots.txt: 27 Time(s)
/sites/default/files/2005_SoSe_Erlangen.pdf: 2 Time(s)
/wp-login.php: 2 Time(s)
/berlin/,: 1 Time(s)
/download/reader_ka99.pdf: 1 Time(s)
/sites/default/files/2004_WiSe_Hamburg.pdf: 1 Time(s)
/zapf/reader/%7CTagungsreader: 1 Time(s)
499 (undefined)
/fonts/SourceSansPro-Regular.woff: 2 Time(s)
/build/emojify.js/dist/css/basic/emojify.min.css: 1 Time(s)
/build/index-styles.2c73dce02b1eaa3a3b4e.css: 1 Time(s)
/favicon.png: 1 Time(s)
500 Internal Server Error
/: 30 Time(s)
/robots.txt: 22 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
unknown (177.99.197.111): 42 Time(s)
unknown (mdh-16-81.tm.net.my): 31 Time(s)
unknown (159.65.155.227): 30 Time(s)
unknown (111.231.115.27): 27 Time(s)
unknown (118.25.159.7): 27 Time(s)
unknown (103.101.156.18): 26 Time(s)
unknown (111.230.155.145): 26 Time(s)
unknown (166.111.152.230): 26 Time(s)
unknown (181.171.106.167): 26 Time(s)
unknown (201.48.49.118): 26 Time(s)
unknown (210.12.129.112): 26 Time(s)
unknown (111.231.226.12): 25 Time(s)
unknown (142.93.39.181): 25 Time(s)
unknown (202.143.111.156): 25 Time(s)
unknown (61.32.112.246): 25 Time(s)
unknown (108.ip-51-254-140.eu): 24 Time(s)
unknown (114-32-218-77.hinet-ip.hinet.net): 24 Time(s)
unknown (153.37.97.183): 24 Time(s)
unknown (165.227.165.98): 24 Time(s)
unknown (212.112.108.98): 24 Time(s)
unknown (80.227.12.38): 24 Time(s)
unknown (119.27.170.144): 23 Time(s)
unknown (115.47.153.120): 22 Time(s)
unknown (68.183.46.73): 22 Time(s)
unknown (80.211.228.111): 22 Time(s)
unknown (109.202.0.14): 21 Time(s)
unknown (134.209.124.237): 21 Time(s)
unknown (170.210.214.50): 21 Time(s)
unknown (198.199.84.154): 21 Time(s)
unknown (209.105.243.230): 21 Time(s)
unknown (22.ip-37-59-100.eu): 21 Time(s)
unknown (5.51.234.155): 21 Time(s)
unknown (222.127.99.45): 20 Time(s)
unknown (112.35.26.43): 19 Time(s)
unknown (122.55.90.45): 19 Time(s)
unknown (ip39.ip-178-32-141.eu): 18 Time(s)
unknown (118.144.139.219): 17 Time(s)
unknown (asav1.kereta-api.co.id): 16 Time(s)
unknown (80-108-220-67.cable.dynamic.surfer.at): 14 Time(s)
unknown (118.25.60.167): 13 Time(s)
unknown (120.ip-51-38-129.eu): 12 Time(s)
unknown (p4ff9f2e7.dip0.t-ipconnect.de): 12 Time(s)
unknown (124.205.25.114): 10 Time(s)
root (110.9.207.72): 6 Time(s)
root (112.85.42.181): 6 Time(s)
root (183.163.131.124): 6 Time(s)
root (188.17.108.165): 6 Time(s)
unknown (180.126.32.214): 6 Time(s)
unknown (61.183.35.44): 6 Time(s)
unknown (plaintext.xyz): 6 Time(s)
unknown (172-220-009-054.dhcp.chtrptr.net): 5 Time(s)
unknown (88.ip-145-239-91.eu): 5 Time(s)
root (115.47.153.120): 4 Time(s)
root (122.230.58.111): 4 Time(s)
unknown (111.230.241.245): 4 Time(s)
root (119.27.170.144): 3 Time(s)
root (108.ip-51-254-140.eu): 2 Time(s)
root (111.230.155.145): 2 Time(s)
root (118.25.159.7): 2 Time(s)
root (153.37.97.183): 2 Time(s)
root (165.227.165.98): 2 Time(s)
root (212.112.108.98): 2 Time(s)
root (22.ip-37-59-100.eu): 2 Time(s)
root (5.51.234.155): 2 Time(s)
root (61.32.112.246): 2 Time(s)
root (80.227.12.38): 2 Time(s)
root (oc-129-150-112-159.compute.oraclecloud.com): 2 Time(s)
unknown (113.65.131.128): 2 Time(s)
unknown (128.199.182.235): 2 Time(s)
unknown (167.99.200.84): 2 Time(s)
unknown (188.226.250.187): 2 Time(s)
unknown (46.101.127.49): 2 Time(s)
unknown (68.183.178.162): 2 Time(s)
unknown (lns-bzn-59-82-252-138-118.adsl.proxad.net): 2 Time(s)
unknown (ns381014.ip-5-196-72.eu): 2 Time(s)
backup (115.47.153.120): 1 Time(s)
backup (210.12.129.112): 1 Time(s)
backup (212.112.108.98): 1 Time(s)
backup (ip39.ip-178-32-141.eu): 1 Time(s)
irc (121.190.197.205): 1 Time(s)
list (114-32-218-77.hinet-ip.hinet.net): 1 Time(s)
mail (181.171.106.167): 1 Time(s)
mysql (122.55.90.45): 1 Time(s)
mysql (134.209.124.237): 1 Time(s)
mysql (5.51.234.155): 1 Time(s)
mysql (61.32.112.246): 1 Time(s)
mysql (ip39.ip-178-32-141.eu): 1 Time(s)
news (109.202.0.14): 1 Time(s)
news (210.12.129.112): 1 Time(s)
nobody (134.209.124.237): 1 Time(s)
openproject (111.231.115.27): 1 Time(s)
openproject (111.231.226.12): 1 Time(s)
postfix (109.202.0.14): 1 Time(s)
postgres (120.ip-51-38-129.eu): 1 Time(s)
postgres (153.37.97.183): 1 Time(s)
postgres (181.171.106.167): 1 Time(s)
postgres (68.183.46.73): 1 Time(s)
postgres (asav1.kereta-api.co.id): 1 Time(s)
postgres (mdh-16-81.tm.net.my): 1 Time(s)
root (104.131.93.33): 1 Time(s)
root (111.230.241.245): 1 Time(s)
root (122.55.90.45): 1 Time(s)
root (124.205.25.114): 1 Time(s)
root (167.99.66.166): 1 Time(s)
root (170.210.214.50): 1 Time(s)
root (177.99.197.111): 1 Time(s)
root (178.128.79.169): 1 Time(s)
root (198.199.84.154): 1 Time(s)
root (218.92.0.135): 1 Time(s)
root (68.183.46.73): 1 Time(s)
root (80.211.228.111): 1 Time(s)
root (asav1.kereta-api.co.id): 1 Time(s)
root (ip-104-238-116-94.ip.secureserver.net): 1 Time(s)
root (p4ff9f2e7.dip0.t-ipconnect.de): 1 Time(s)
sshd (asav1.kereta-api.co.id): 1 Time(s)
sync (124.205.25.114): 1 Time(s)
sys (153.37.97.183): 1 Time(s)
temp (5.51.234.155): 1 Time(s)
unknown (103.73.213.142): 1 Time(s)
unknown (104.236.81.204): 1 Time(s)
unknown (104.248.211.180): 1 Time(s)
unknown (109.110.52.77): 1 Time(s)
unknown (112.17.127.94): 1 Time(s)
unknown (113.53.136.244): 1 Time(s)
unknown (116.238.224.222): 1 Time(s)
unknown (118.185.186.194): 1 Time(s)
unknown (118.89.40.174): 1 Time(s)
unknown (122.154.134.38): 1 Time(s)
unknown (123-51-146-85.ftth.glasoperator.nl): 1 Time(s)
unknown (123.207.58.104): 1 Time(s)
unknown (124.158.5.112): 1 Time(s)
unknown (128.ip-51-38-37.eu): 1 Time(s)
unknown (139.59.56.121): 1 Time(s)
unknown (142.93.59.240): 1 Time(s)
unknown (159.65.159.1): 1 Time(s)
unknown (159.65.82.105): 1 Time(s)
unknown (165.22.248.215): 1 Time(s)
unknown (165.22.251.129): 1 Time(s)
unknown (167.99.75.174): 1 Time(s)
unknown (180.250.183.154): 1 Time(s)
unknown (185.152.114.206): 1 Time(s)
unknown (187.60.97.209): 1 Time(s)
unknown (188.166.72.240): 1 Time(s)
unknown (193.32.163.182): 1 Time(s)
unknown (197.157.221.199): 1 Time(s)
unknown (201.163.180.183): 1 Time(s)
unknown (206.189.122.133): 1 Time(s)
unknown (206.189.131.213): 1 Time(s)
unknown (206.189.197.48): 1 Time(s)
unknown (206.189.94.158): 1 Time(s)
unknown (213.77.62.84): 1 Time(s)
unknown (221.181.73.31): 1 Time(s)
unknown (221.7.253.18): 1 Time(s)
unknown (31.163.109.88): 1 Time(s)
unknown (37.139.21.75): 1 Time(s)
unknown (45.248.133.36): 1 Time(s)
unknown (45.55.131.104): 1 Time(s)
unknown (45.55.157.147): 1 Time(s)
unknown (61.72.254.71): 1 Time(s)
unknown (74.208.27.191): 1 Time(s)
unknown (81.12.159.146): 1 Time(s)
unknown (93.55.209.46): 1 Time(s)
unknown (94.101.82.10): 1 Time(s)
unknown (host81-130-138-156.in-addr.btopenworld.com): 1 Time(s)
unknown (host81-130-149-101.in-addr.btopenworld.com): 1 Time(s)
unknown (ip-104-238-116-94.ip.secureserver.net): 1 Time(s)
unknown (ip182.ip-51-254-51.eu): 1 Time(s)
unknown (ip25.ip-147-135-244.eu): 1 Time(s)
unknown (makeoverbyshoaib.com): 1 Time(s)
unknown (ns3016508.ip-51-254-47.eu): 1 Time(s)
unknown (ns3019109.ip-91-121-136.eu): 1 Time(s)
unknown (oc-129-150-112-159.compute.oraclecloud.com): 1 Time(s)
unknown (planetahost.ru): 1 Time(s)
unknown (server.mrtsolutions.it): 1 Time(s)
unknown (ti0177a400-0738.bb.online.no): 1 Time(s)
uucp (170.210.214.50): 1 Time(s)
www-data (201.48.49.118): 1 Time(s)
Invalid Users:
Unknown Account: 1068 Time(s)
systemd-user:
Unknown Entries:
session closed for user root: 1 Time(s)
session opened for user root by (uid=0): 1 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
9 Miscellaneous warnings
17.432K Bytes accepted 17,850
17.432K Bytes sent via SMTP 17,850
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
5 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
5 Total 4xx Rejects 100.00%
======== ==================================================
107 Connections
87 Connections lost (inbound)
107 Disconnections
1 Removed from queue
1 Sent via SMTP
1 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
invalid : 1 Time(s)
root : 4 Time(s)
Failed logins from:
5.51.234.155: 4 times
37.59.100.22 (22.ip-37-59-100.eu): 2 times
51.38.129.120 (120.ip-51-38-129.eu): 1 time
51.254.140.108 (108.ip-51-254-140.eu): 2 times
61.32.112.246: 3 times
68.183.46.73: 2 times
79.249.242.231 (p4FF9F2E7.dip0.t-ipconnect.de): 1 time
80.211.228.111 (host111-228-211-80.serverdedicati.aruba.it): 1 time
80.227.12.38: 2 times
103.54.225.10 (asav1.kereta-api.co.id): 3 times
104.131.93.33 (mcp.org.py): 1 time
104.238.116.94 (ip-104-238-116-94.ip.secureserver.net): 1 time
109.202.0.14 (host-109-202-0-14.avantel.ru): 2 times
110.9.207.72: 6 times
111.230.155.145: 2 times
111.230.241.245: 1 time
111.231.115.27: 1 time
111.231.226.12: 1 time
112.85.42.181: 6 times
114.32.218.77 (114-32-218-77.HINET-IP.hinet.net): 1 time
115.47.153.120: 5 times
118.25.159.7: 2 times
119.27.170.144: 3 times
121.190.197.205: 1 time
122.55.90.45 (122.55.90.45.pldt.net): 2 times
122.230.58.111: 4 times
124.205.25.114: 2 times
129.150.112.159 (oc-129-150-112-159.compute.oraclecloud.com): 2 times
134.209.124.237: 2 times
153.37.97.183 (abcd.com): 4 times
165.227.165.98: 2 times
167.99.66.166: 1 time
170.210.214.50: 2 times
177.99.197.111 (177.99.197.111.static.gvt.net.br): 1 time
178.32.141.39 (ip39.ip-178-32-141.eu): 2 times
178.128.79.169: 1 time
181.171.106.167 (167-106-171-181.fibertel.com.ar): 2 times
183.163.131.124: 6 times
188.17.108.165: 6 times
198.199.84.154 (180128.cloudwaysapps.com): 1 time
201.48.49.118 (201-048-049-118.static.ctbctelecom.com.br): 1 time
210.12.129.112: 2 times
212.112.108.98 (212-112-108-98.aknet.kg): 3 times
218.92.0.135: 3 times
219.92.16.81 (mdh-16-81.tm.net.my): 1 time
Illegal users from:
undef: 799 times
5.51.234.155: 21 times
5.196.72.58 (ns381014.ip-5-196-72.eu): 2 times
31.163.109.88: 1 time
37.59.100.22 (22.ip-37-59-100.eu): 21 times
37.139.21.75: 1 time
45.55.131.104: 1 time
45.55.157.147: 1 time
45.248.133.36: 1 time
46.101.127.49: 2 times
51.38.37.128 (128.ip-51-38-37.eu): 1 time
51.38.129.120 (120.ip-51-38-129.eu): 12 times
51.254.47.198 (ns3016508.ip-51-254-47.eu): 1 time
51.254.51.182 (ip182.ip-51-254-51.eu): 1 time
51.254.140.108 (108.ip-51-254-140.eu): 24 times
61.32.112.246: 25 times
61.72.254.71: 1 time
61.183.35.44: 6 times
62.173.149.176 (planetahost.ru): 1 time
68.183.46.73: 22 times
68.183.178.162: 2 times
74.208.27.191: 1 time
79.249.242.231 (p4FF9F2E7.dip0.t-ipconnect.de): 12 times
80.108.220.67 (80-108-220-67.cable.dynamic.surfer.at): 14 times
80.211.228.111 (host111-228-211-80.serverdedicati.aruba.it): 22 times
80.227.12.38: 24 times
81.12.159.146: 1 time
81.130.138.156 (host81-130-138-156.in-addr.btopenworld.com): 1 time
81.130.149.101 (host81-130-149-101.in-addr.btopenworld.com): 1 time
82.252.138.118 (lns-bzn-59-82-252-138-118.adsl.proxad.net): 2 times
85.146.51.123 (123-51-146-85.ftth.glasoperator.nl): 1 time
88.88.193.230 (ti0177a400-0738.bb.online.no): 1 time
91.121.136.44 (ns3019109.ip-91-121-136.eu): 1 time
93.55.209.46: 1 time
94.101.82.10 (server-94.101.82.10.as42926.net): 1 time
103.54.225.10 (asav1.kereta-api.co.id): 16 times
103.73.213.142: 1 time
103.101.156.18: 26 times
104.236.81.204: 1 time
104.236.94.49 (plaintext.xyz): 6 times
104.238.116.94 (ip-104-238-116-94.ip.secureserver.net): 1 time
104.248.211.180: 1 time
109.110.52.77: 1 time
109.202.0.14 (host-109-202-0-14.avantel.ru): 21 times
111.230.155.145: 26 times
111.230.241.245: 4 times
111.231.115.27: 27 times
111.231.226.12: 25 times
112.17.127.94: 1 time
112.35.26.43: 19 times
113.53.136.244 (node-1ro.pool-113-53.dynamic.totinternet.net): 1 time
113.65.131.128: 2 times
114.32.218.77 (114-32-218-77.HINET-IP.hinet.net): 24 times
115.47.153.120: 22 times
116.238.224.222: 1 time
118.25.60.167: 13 times
118.25.159.7: 27 times
118.89.40.174: 1 time
118.144.139.219: 17 times
118.185.186.194: 1 time
119.27.170.144: 23 times
122.55.90.45 (122.55.90.45.pldt.net): 19 times
122.154.134.38: 1 time
123.207.58.104: 1 time
124.158.5.112: 1 time
124.205.25.114: 10 times
128.199.182.235: 2 times
129.150.112.159 (oc-129-150-112-159.compute.oraclecloud.com): 1 time
134.209.124.237: 21 times
139.59.56.121: 1 time
142.93.39.181: 25 times
142.93.59.240: 1 time
145.239.91.88 (88.ip-145-239-91.eu): 5 times
147.135.244.25 (ip25.ip-147-135-244.eu): 1 time
149.202.56.54 (server.mrtsolutions.it): 1 time
153.37.97.183 (abcd.com): 24 times
159.65.82.105: 1 time
159.65.139.107 (makeoverbyshoaib.com): 1 time
159.65.155.227: 30 times
159.65.159.1: 1 time
165.22.248.215: 1 time
165.22.251.129: 1 time
165.227.165.98: 24 times
166.111.152.230: 26 times
167.99.75.174: 1 time
167.99.200.84: 2 times
170.210.214.50: 21 times
172.220.9.54 (172-220-009-054.dhcp.chtrptr.net): 5 times
177.99.197.111 (177.99.197.111.static.gvt.net.br): 42 times
178.32.141.39 (ip39.ip-178-32-141.eu): 18 times
180.126.32.214: 6 times
180.250.183.154: 1 time
181.171.106.167 (167-106-171-181.fibertel.com.ar): 26 times
185.152.114.206 (206-114-152-185.kiki.sk): 1 time
187.60.97.209 (1876097209.tvnsul.com.br): 1 time
188.166.72.240: 1 time
188.226.250.187: 2 times
193.32.163.182 (hosting-by.cloud-home.me): 1 time
197.157.221.199: 1 time
198.199.84.154 (180128.cloudwaysapps.com): 21 times
201.48.49.118 (201-048-049-118.static.ctbctelecom.com.br): 26 times
201.163.180.183 (static-201-163-180-183.alestra.net.mx): 1 time
202.143.111.156 (ip.viettelidchcm.com): 25 times
206.189.94.158: 1 time
206.189.122.133: 1 time
206.189.131.213: 1 time
206.189.197.48: 1 time
209.105.243.230: 21 times
210.12.129.112: 26 times
212.112.108.98 (212-112-108-98.aknet.kg): 24 times
213.77.62.84: 1 time
219.92.16.81 (mdh-16-81.tm.net.my): 31 times
221.7.253.18: 1 time
221.181.73.31 (.): 1 time
222.127.99.45: 20 times
Users logging in through sshd:
root:
141.23.179.50 (client-141-23-179-50.wlan.tu-berlin.de): 1 time
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 400G 242G 159G 61% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
2300
days inactive
2300
days old
0 comments
1 participants
participants (1)
-
root@zapf.in