04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Sat Jun 26 04:42:05 2021
Date Range Processed: yesterday
( 2021-Jun-25 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [186:187]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
Connection attempts using mod_proxy:
180.215.130.62 -> dp3.qq.com:443: 1 Time(s)
A total of 7 sites probed the server
104.248.230.130
139.162.145.250
141.98.119.63
161.35.131.227
162.243.170.87
185.142.239.16
198.20.69.98
Requests with error response codes
400 Bad Request
null: 13 Time(s)
/: 4 Time(s)
/admin/config.php: 4 Time(s)
mstshash=Administr: 4 Time(s)
/aIMe: 1 Time(s)
\xB9\xB5\x99Q\xCE\x81e_J*\xB5\xD5s\xEF\xC9 ... C0$\xC0\x14\xC0: 1 Time(s)
dp3.qq.com:443: 1 Time(s)
403 Forbidden
/resolutionen/sose17/gesellschaftlich_verantwortung/: 2 Time(s)
404 Not Found
/robots.txt: 39 Time(s)
/.env: 2 Time(s)
/protokolle/Protokoll_MV_12.11.2016.pdf: 1 Time(s)
/protokolle/Protokoll_MV_FFM_21.11.2015.pdf: 1 Time(s)
/reader/1993-wi-reader_st93.pdf: 1 Time(s)
/sites/all/libraries/elfinder/src/elfinder-src.php.html: 1 Time(s)
/sites/all/libraries/elfinder/src/elfinder-src.py.html: 1 Time(s)
/sites/default/files/2009_WiSe_M%C3%BCnchen.pdf: 1 Time(s)
/sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s)
/stapf: 1 Time(s)
/verein%7CZaPF: 1 Time(s)
/verein/satzung/%7CSatzung: 1 Time(s)
/zapf/reader/2018_WiSe_Wuerzburg: 1 Time(s)
499 (undefined)
/apple-touch-icon.png: 1 Time(s)
500 Internal Server Error
/: 51 Time(s)
/.env: 5 Time(s)
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 4 Time(s)
/?XDEBUG_SESSION_START=phpstorm: 2 Time(s)
/Autodiscover/Autodiscover.xml: 2 Time(s)
/_ignition/execute-solution: 2 Time(s)
/api/jsonws/invoke: 2 Time(s)
/console/: 2 Time(s)
/favicon.ico: 2 Time(s)
/index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 2 Time(s)
/mifs/.;/services/LogService: 2 Time(s)
/owa/: 2 Time(s)
/robots.txt: 2 Time(s)
/wp-content/plugins/wp-file-manager/readme.txt: 2 Time(s)
/.git/config: 1 Time(s)
/.well-known/security.txt: 1 Time(s)
/actuator/health: 1 Time(s)
/admin/config.php: 1 Time(s)
/ecp/Current/exporttool/microsoft.exchange ... ool.application: 1 Time(s)
/owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s)
/sitemap.xml: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (128.199.230.181): 70 Time(s)
root (129.226.150.149): 70 Time(s)
root (201.229.250.74): 70 Time(s)
root (43.128.108.60): 70 Time(s)
root (ppp91-122-49-173.pppoe.avangarddsl.ru): 70 Time(s)
root (190-132-184-203.on-nets.com): 69 Time(s)
root (117.51.158.223): 67 Time(s)
root (159.65.152.201): 65 Time(s)
root (139.59.132.146): 62 Time(s)
root (188.166.6.130): 57 Time(s)
root (81.70.29.188): 51 Time(s)
root (101.32.187.45): 50 Time(s)
root (104.248.236.232): 50 Time(s)
root (106.245.142.146): 50 Time(s)
root (110.45.155.101): 50 Time(s)
root (123.140.114.196): 50 Time(s)
root (139.155.20.5): 50 Time(s)
root (178.128.121.137): 50 Time(s)
root (191.13.148.37): 50 Time(s)
root (212.83.165.111): 50 Time(s)
root (49.235.179.234): 50 Time(s)
root (host109.ptr202.iplanet.ec): 50 Time(s)
root (180.215.215.161): 44 Time(s)
root (119.194.242.212): 40 Time(s)
root (36.133.156.35): 40 Time(s)
root (64.225.119.164): 40 Time(s)
root (27.128.173.81): 38 Time(s)
root (121.4.85.107): 37 Time(s)
root (170.106.82.81): 36 Time(s)
root (212.64.64.185): 35 Time(s)
root (210.211.116.80): 34 Time(s)
root (1.15.174.167): 33 Time(s)
root (200.111.120.180): 33 Time(s)
root (140.249.17.131): 32 Time(s)
root (1.234.58.220): 30 Time(s)
root (165.22.236.96): 26 Time(s)
unknown (81.4.110.236): 24 Time(s)
root (138.197.194.81): 23 Time(s)
unknown (202.91.92.162): 23 Time(s)
unknown (157.245.109.222): 21 Time(s)
unknown (212.45.23.163): 21 Time(s)
unknown (94.181.51.252): 21 Time(s)
root (139.59.122.41): 19 Time(s)
unknown (111.95.141.34): 19 Time(s)
unknown (123.125.194.157): 19 Time(s)
unknown (157.230.210.84): 19 Time(s)
unknown (167.71.77.9): 19 Time(s)
unknown (188.166.180.17): 19 Time(s)
root (174.138.177.19): 16 Time(s)
unknown (125.46.81.106): 16 Time(s)
unknown (139.155.13.21): 16 Time(s)
unknown (45.149.77.27): 16 Time(s)
unknown (82.223.66.48): 14 Time(s)
unknown (49.51.207.154): 13 Time(s)
root (115.159.191.199): 12 Time(s)
root (123.58.7.223): 12 Time(s)
unknown (82.156.81.59): 12 Time(s)
root (45.149.77.27): 11 Time(s)
unknown (221.232.192.140): 10 Time(s)
unknown (178.62.237.221): 9 Time(s)
root (123.125.194.157): 8 Time(s)
root (139.155.13.21): 8 Time(s)
root (157.230.210.84): 8 Time(s)
root (167.71.77.9): 7 Time(s)
root (82.156.81.59): 7 Time(s)
root (bzq-25-168-31-44.red.bezeqint.net): 7 Time(s)
unknown (139.59.122.41): 7 Time(s)
unknown (167.71.74.3): 7 Time(s)
root (117.248.249.70): 6 Time(s)
root (120.224.50.233): 6 Time(s)
root (188.166.180.17): 6 Time(s)
root (82.223.66.48): 6 Time(s)
root (111.95.141.34): 5 Time(s)
root (155.94.145.191): 5 Time(s)
root (167.71.74.3): 5 Time(s)
root (202.91.92.162): 5 Time(s)
root (212.45.23.163): 5 Time(s)
root (43.128.70.127): 5 Time(s)
root (81.4.110.236): 5 Time(s)
unknown (209.141.47.144): 5 Time(s)
root (103.53.113.42): 4 Time(s)
root (121.37.9.235): 4 Time(s)
root (125.46.81.106): 4 Time(s)
root (157.245.109.222): 4 Time(s)
root (209.141.47.144): 4 Time(s)
unknown (155.94.145.191): 4 Time(s)
unknown (176.113.115.117): 4 Time(s)
unknown (199.195.248.154): 4 Time(s)
unknown (205.185.125.109): 4 Time(s)
root (45.135.232.165): 3 Time(s)
root (94.181.51.252): 3 Time(s)
unknown (171.249.138.7): 3 Time(s)
unknown (45.135.232.165): 3 Time(s)
unknown (45.14.151.191): 3 Time(s)
unknown (buyvm1.server.fansipan.fun): 3 Time(s)
postgres (157.245.109.222): 2 Time(s)
postgres (167.71.74.3): 2 Time(s)
unknown (107-131-14-238.lightspeed.irvnca.sbcglobal.net): 2 Time(s)
unknown (116.110.125.241): 2 Time(s)
unknown (168.187.232.218): 2 Time(s)
unknown (194.61.25.28): 2 Time(s)
unknown (45.146.165.72): 2 Time(s)
unknown (lfbn-cle-1-571-93.w92-157.abo.wanadoo.fr): 2 Time(s)
jan (125.46.81.106): 1 Time(s)
mysql (101.230.251.216): 1 Time(s)
mysql (123.125.194.157): 1 Time(s)
mysql (82.223.66.48): 1 Time(s)
postgres (157.230.210.84): 1 Time(s)
postgres (194.61.25.28): 1 Time(s)
postgres (94.181.51.252): 1 Time(s)
root (118.24.48.15): 1 Time(s)
root (156.67.220.75): 1 Time(s)
root (162.62.117.85): 1 Time(s)
root (194.61.25.28): 1 Time(s)
root (200.73.129.6): 1 Time(s)
root (221.232.192.140): 1 Time(s)
root (45.153.160.136): 1 Time(s)
root (59.20.252.136): 1 Time(s)
root (59.29.227.55): 1 Time(s)
root (60.6.209.7): 1 Time(s)
root (82.156.88.237): 1 Time(s)
root (billsf.tor-exit.calyxinstitute.org): 1 Time(s)
root (h-46-59-65-88.a785.priv.bahnhof.se): 1 Time(s)
root (netcupde.tor-exit.de): 1 Time(s)
root (tor-exit0-readme.dfri.se): 1 Time(s)
root (tor-exit1-readme.dfri.se): 1 Time(s)
sshd (45.146.165.72): 1 Time(s)
temp (111.95.141.34): 1 Time(s)
temp (45.149.77.27): 1 Time(s)
unknown (103.53.113.42): 1 Time(s)
unknown (112.166.133.216): 1 Time(s)
unknown (116.52.1.211): 1 Time(s)
unknown (120.48.13.82): 1 Time(s)
unknown (121.122.34.137): 1 Time(s)
unknown (121.201.95.106): 1 Time(s)
unknown (121.37.9.235): 1 Time(s)
unknown (14.232.160.213): 1 Time(s)
unknown (154.73.162.86): 1 Time(s)
unknown (172-124-38-41.lightspeed.clmasc.sbcglobal.net): 1 Time(s)
unknown (172.247.123.229): 1 Time(s)
unknown (181.94.226.212): 1 Time(s)
unknown (185.27.192.199): 1 Time(s)
unknown (186.251.247.67): 1 Time(s)
unknown (198.98.54.56): 1 Time(s)
unknown (206.253.161.75): 1 Time(s)
unknown (37.183.188.131): 1 Time(s)
unknown (5.2.69.9): 1 Time(s)
unknown (51.159.94.134): 1 Time(s)
unknown (58.71.188.161): 1 Time(s)
unknown (60.178.128.195): 1 Time(s)
unknown (61.157.18.2): 1 Time(s)
unknown (62-210-201-139.rev.poneytelecom.eu): 1 Time(s)
unknown (64.227.29.26): 1 Time(s)
unknown (81.71.87.156): 1 Time(s)
unknown (bl13-100-29.dsl.telepac.pt): 1 Time(s)
unknown (bl17-107-196.dsl.telepac.pt): 1 Time(s)
unknown (customer-212-237-96-181.ip4.gigabit.dk): 1 Time(s)
unknown (ip166.ip-51-195-166.eu): 1 Time(s)
unknown (pepaya.padinet.com): 1 Time(s)
unknown (vps-79.35.101.185.stwvps.net): 1 Time(s)
www-data (111.95.141.34): 1 Time(s)
Invalid Users:
Unknown Account: 401 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
4 Miscellaneous warnings
24.136K Bytes accepted 24,715
24.136K Bytes sent via SMTP 24,715
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
5 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
5 Total 4xx Rejects 100.00%
======== ==================================================
286 Connections
159 Connections lost (inbound)
286 Disconnections
1 Removed from queue
1 Sent via SMTP
5 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
root : 2 Time(s)
Failed logins from:
1.15.174.167: 33 times
1.234.58.220: 30 times
27.128.173.81: 38 times
31.168.25.44 (bzq-25-168-31-44.red.bezeqint.net): 7 times
36.133.156.35: 40 times
43.128.70.127: 5 times
43.128.108.60: 70 times
45.4.202.109 (host109.ptr202.iplanet.ec): 50 times
45.135.232.165: 3 times
45.146.165.72: 1 time
45.149.77.27: 12 times
45.153.160.136: 1 time
46.59.65.88 (h-46-59-65-88.A785.priv.bahnhof.se): 1 time
49.235.179.234: 50 times
59.20.252.136: 1 time
59.29.227.55: 1 time
60.6.209.7: 1 time
64.225.119.164 (newmymartini.in): 40 times
81.4.110.236 (81-4-110-236.cloud.ramnode.com): 5 times
81.70.29.188: 51 times
82.156.81.59: 7 times
82.156.88.237: 1 time
82.223.66.48: 7 times
91.122.49.173 (ppp91-122-49-173.pppoe.avangarddsl.ru): 70 times
91.132.147.168 (netcupDE.tor-exit.de): 1 time
94.181.51.252 (94x181x51x252.dynamic.spb.ertelecom.ru): 4 times
101.32.187.45: 50 times
101.230.251.216: 1 time
103.53.113.42: 4 times
104.248.236.232: 50 times
106.245.142.146: 50 times
110.45.155.101: 50 times
111.95.141.34 (fm-dyn-111-95-141-34.fast.net.id): 7 times
115.159.191.199: 12 times
117.51.158.223: 67 times
117.248.249.70: 6 times
118.24.48.15: 1 time
119.194.242.212: 40 times
120.224.50.233: 6 times
121.4.85.107: 37 times
121.37.9.235 (ecs-121-37-9-235.compute.hwclouds-dns.com): 4 times
123.58.7.223: 12 times
123.125.194.157: 9 times
123.140.114.196: 50 times
125.46.81.106 (hn.kd.ny.adsl): 5 times
128.199.230.181: 70 times
129.226.150.149: 70 times
138.197.194.81: 23 times
139.59.122.41: 19 times
139.59.132.146: 62 times
139.155.13.21: 8 times
139.155.20.5: 50 times
140.249.17.131: 32 times
155.94.145.191: 5 times
156.67.220.75: 1 time
157.230.210.84: 9 times
157.245.109.222: 6 times
159.65.152.201: 65 times
162.62.117.85: 1 time
162.247.74.204 (billsf.tor-exit.calyxinstitute.org): 1 time
165.22.236.96: 26 times
167.71.74.3: 7 times
167.71.77.9: 7 times
170.106.82.81: 36 times
171.25.193.20 (tor-exit0-readme.dfri.se): 1 time
171.25.193.77 (tor-exit1-readme.dfri.se): 1 time
174.138.177.19 (vps2207859.trouble-free.net): 16 times
178.128.121.137: 50 times
180.215.215.161: 44 times
188.166.6.130: 57 times
188.166.180.17: 6 times
191.13.148.37 (191-13-148-37.user.vivozap.com.br): 50 times
194.61.25.28: 2 times
200.73.129.6 (6.129.73.200.cab.prima.net.ar): 1 time
200.111.120.180: 33 times
201.229.250.74 (250.229.201.l.static.claro.net.do): 70 times
202.91.92.162: 5 times
203.184.132.190 (190-132-184-203.on-nets.com): 69 times
209.141.47.144 (seafoam.minuette.net): 4 times
210.211.116.80: 34 times
212.45.23.163: 5 times
212.64.64.185: 35 times
212.83.165.111 (212-83-165-111.rev.poneytelecom.eu): 50 times
221.232.192.140: 1 time
Illegal users from:
undef: 265 times
5.2.69.9: 1 time
14.232.160.213: 1 time
37.183.188.131: 1 time
45.14.151.191: 3 times
45.135.232.165: 3 times
45.146.165.72: 2 times
45.149.77.27: 16 times
49.51.207.154: 13 times
51.159.94.134 (51-159-94-134.rev.poneytelecom.eu): 1 time
51.195.166.166 (ip166.ip-51-195-166.eu): 1 time
58.71.188.161: 1 time
60.178.128.195: 1 time
61.157.18.2 (2.18.157.61.dial.dy.sc.dynamic.163data.com.cn): 1 time
62.210.201.139 (62-210-201-139.rev.poneytelecom.eu): 1 time
64.227.29.26: 1 time
65.49.20.68 (scan-19.shadowserver.org): 1 time
81.4.110.236 (81-4-110-236.cloud.ramnode.com): 24 times
81.71.87.156: 1 time
82.156.81.59: 12 times
82.223.66.48: 14 times
85.246.100.29 (bl13-100-29.dsl.telepac.pt): 1 time
92.157.186.93 (lfbn-cle-1-571-93.w92-157.abo.wanadoo.fr): 2 times
94.181.51.252 (94x181x51x252.dynamic.spb.ertelecom.ru): 21 times
103.53.113.42: 1 time
107.131.14.238 (107-131-14-238.lightspeed.irvnca.sbcglobal.net): 2 times
111.95.141.34 (fm-dyn-111-95-141-34.fast.net.id): 19 times
112.166.133.216: 1 time
116.52.1.211: 1 time
116.110.125.241: 2 times
120.48.13.82: 1 time
121.37.9.235 (ecs-121-37-9-235.compute.hwclouds-dns.com): 1 time
121.122.34.137: 1 time
121.201.95.106 (121.201.95.106): 1 time
123.125.194.157: 19 times
125.46.81.106 (hn.kd.ny.adsl): 16 times
139.59.122.41: 7 times
139.155.13.21: 16 times
154.73.162.86: 1 time
155.94.145.191: 4 times
157.230.210.84: 19 times
157.245.109.222: 21 times
167.71.74.3: 7 times
167.71.77.9: 19 times
168.187.232.218: 2 times
171.249.138.7 (dynamic-ip-adsl.viettel.vn): 3 times
172.124.38.41 (172-124-38-41.lightspeed.clmasc.sbcglobal.net): 1 time
172.247.123.229: 1 time
176.113.115.117: 4 times
178.62.237.221: 9 times
181.94.226.212 (host-212.181-94-226.personal.net.py): 1 time
185.27.192.199 (argue-qui.swapcoast.net): 1 time
185.101.35.79 (vps-79.35.101.185.stwvps.net): 1 time
186.251.247.67 (67-247-251-186.yawl.com.br): 1 time
188.82.107.196 (bl17-107-196.dsl.telepac.pt): 1 time
188.166.180.17: 19 times
194.61.25.28: 2 times
198.98.54.56: 1 time
199.195.248.154: 4 times
202.6.233.8 (pepaya.padinet.com): 1 time
202.91.92.162: 23 times
205.185.125.109: 4 times
206.253.161.75: 1 time
209.141.42.39 (buyvm1.server.fansipan.fun): 3 times
209.141.47.144 (seafoam.minuette.net): 5 times
212.45.23.163: 21 times
212.237.96.181 (customer-212-237-96-181.ip4.gigabit.dk): 1 time
221.232.192.140: 10 times
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/ploop23974p1 394G 242G 132G 65% /
none 4.0G 0 4.0G 0% /dev
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
1578
days inactive
1578
days old
0 comments
1 participants
participants (1)
-
root@zapf.in