04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Tue Jul 13 04:42:05 2021
Date Range Processed: yesterday
( 2021-Jul-12 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [199:198]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 6 sites probed the server
128.199.206.213
143.244.128.164
161.35.230.183
205.185.115.135
209.141.50.63
64.227.99.233
Requests with error response codes
400 Bad Request
/: 25 Time(s)
null: 8 Time(s)
mstshash=Administr: 4 Time(s)
/manager/html: 1 Time(s)
/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/: 1 Time(s)
7: 1 Time(s)
\xFEH\xF9\x08xz\xAE\xB9\x080^\x84\x00\x13: ... '\xC0r\xC0v\xC0: 1 Time(s)
403 Forbidden
/resolutionen/sose17/gesellschaftlich_verantwortung/: 1 Time(s)
404 Not Found
/robots.txt: 38 Time(s)
/wp-login.php: 16 Time(s)
/sites/default/file/2013_05_Stellungnahme_CHERanking.pdf: 3 Time(s)
//2018/wp-includes/wlwmanifest.xml: 1 Time(s)
//2019/wp-includes/wlwmanifest.xml: 1 Time(s)
//blog/wp-includes/wlwmanifest.xml: 1 Time(s)
//cms/wp-includes/wlwmanifest.xml: 1 Time(s)
//media/wp-includes/wlwmanifest.xml: 1 Time(s)
//news/wp-includes/wlwmanifest.xml: 1 Time(s)
//shop/wp-includes/wlwmanifest.xml: 1 Time(s)
//site/wp-includes/wlwmanifest.xml: 1 Time(s)
//sito/wp-includes/wlwmanifest.xml: 1 Time(s)
//test/wp-includes/wlwmanifest.xml: 1 Time(s)
//web/wp-includes/wlwmanifest.xml: 1 Time(s)
//website/wp-includes/wlwmanifest.xml: 1 Time(s)
//wordpress/wp-includes/wlwmanifest.xml: 1 Time(s)
//wp-includes/wlwmanifest.xml: 1 Time(s)
//wp/wp-includes/wlwmanifest.xml: 1 Time(s)
//wp1/wp-includes/wlwmanifest.xml: 1 Time(s)
//wp2/wp-includes/wlwmanifest.xml: 1 Time(s)
//xmlrpc.php?rsd: 1 Time(s)
/_profiler/phpinfo: 1 Time(s)
/download/reader_hb02.pdf: 1 Time(s)
/sites/default/files/2001_SoSe_Erlangen.pdf: 1 Time(s)
/sites/default/files/2009_WiSe_M%C3%BCnchen.pdf: 1 Time(s)
/sites/default/files/2011_SoSe_Dresden.pdf: 1 Time(s)
/sites/default/files/2011_WiSe_Bonn.pdf: 1 Time(s)
/xmlrpc.php: 1 Time(s)
/zapfev.de.sql: 1 Time(s)
/zapfev.sql: 1 Time(s)
500 Internal Server Error
/: 23 Time(s)
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 4 Time(s)
/.env: 3 Time(s)
/?XDEBUG_SESSION_START=phpstorm: 2 Time(s)
/Autodiscover/Autodiscover.xml: 2 Time(s)
/_ignition/execute-solution: 2 Time(s)
/api/jsonws/invoke: 2 Time(s)
/console/: 2 Time(s)
/index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 2 Time(s)
/mifs/.;/services/LogService: 2 Time(s)
/wp-content/plugins/wp-file-manager/readme.txt: 2 Time(s)
//login_sid.lua: 1 Time(s)
/Default.aspx: 1 Time(s)
/actuator/health: 1 Time(s)
/bag2: 1 Time(s)
/ecp/Current/exporttool/microsoft.exchange ... ool.application: 1 Time(s)
/favicon.ico: 1 Time(s)
/owa/: 1 Time(s)
/owa/auth/logon.aspx: 1 Time(s)
/owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (104.248.155.136): 70 Time(s)
root (201-92-19-97.dsl.telesp.net.br): 70 Time(s)
root (23.94.216.121): 70 Time(s)
root (82.157.178.120): 70 Time(s)
root (119.29.77.63): 69 Time(s)
root (125.141.139.7): 69 Time(s)
root (106.52.178.166): 67 Time(s)
root (132.232.94.80): 66 Time(s)
root (41.76.175.130): 58 Time(s)
root (150.158.181.197): 56 Time(s)
root (42.194.217.197): 55 Time(s)
root (190.110.101.147): 50 Time(s)
root (52.183.128.237): 50 Time(s)
root (61-216-131-31.hinet-ip.hinet.net): 50 Time(s)
root (81.71.38.159): 50 Time(s)
root (p54b4eacd.dip0.t-ipconnect.de): 50 Time(s)
root (v150-95-30-158.a005.g.bkk1.static.cnode.io): 50 Time(s)
root (106.13.208.80): 49 Time(s)
root (114.67.68.191): 43 Time(s)
root (118.25.133.121): 40 Time(s)
root (51.158.104.101): 40 Time(s)
root (106.52.115.36): 38 Time(s)
root (180.76.96.164): 37 Time(s)
root (061093240018.static.ctinets.com): 36 Time(s)
root (host184.186-109-86.telecom.net.ar): 36 Time(s)
root (150.158.189.163): 34 Time(s)
root (120.48.16.153): 33 Time(s)
root (143.110.212.213): 30 Time(s)
root (157.230.185.9): 30 Time(s)
root (193.151.128.13): 29 Time(s)
root (42.159.80.91): 29 Time(s)
root (49.232.137.200): 26 Time(s)
unknown (113.65.32.196): 25 Time(s)
root (106.75.226.175): 24 Time(s)
root (net-31-27-35-138.cust.vodafonedsl.it): 24 Time(s)
unknown (163.172.36.126): 24 Time(s)
unknown (45.146.166.238): 24 Time(s)
unknown (112.216.3.211): 22 Time(s)
unknown (118.89.245.202): 22 Time(s)
root (159.65.51.82): 21 Time(s)
unknown (121.5.145.30): 20 Time(s)
unknown (68.183.178.162): 20 Time(s)
unknown (112.33.50.31): 19 Time(s)
unknown (138.68.176.38): 19 Time(s)
unknown (180.76.152.17): 19 Time(s)
unknown (67.207.86.191): 19 Time(s)
root (124.89.83.117): 18 Time(s)
unknown (141.98.10.203): 18 Time(s)
unknown (178.128.254.128): 18 Time(s)
unknown (176.95.26.14): 16 Time(s)
unknown (42.194.189.116): 16 Time(s)
unknown (81.70.205.107): 16 Time(s)
unknown (132.232.53.85): 15 Time(s)
unknown (106.75.211.48): 14 Time(s)
unknown (119.28.25.33): 12 Time(s)
unknown (175.137.174.62): 12 Time(s)
unknown (181.46.139.170): 12 Time(s)
unknown (36.69.159.157): 11 Time(s)
root (176.95.26.14): 9 Time(s)
unknown (141.98.10.29): 9 Time(s)
root (81.70.205.107): 8 Time(s)
root (121.5.145.30): 7 Time(s)
root (132.232.53.85): 7 Time(s)
root (42.194.189.116): 7 Time(s)
root (45.146.166.238): 7 Time(s)
unknown (ec2-54-169-177-248.ap-southeast-1.compute.amazonaws.com): 7 Time(s)
root (112.33.50.31): 6 Time(s)
root (119.28.25.33): 6 Time(s)
root (180.76.152.17): 6 Time(s)
root (189.113.131.44): 6 Time(s)
root (36.69.159.157): 6 Time(s)
root (60.8.87.190): 6 Time(s)
root (68.183.178.162): 6 Time(s)
root (106.75.211.48): 5 Time(s)
root (118.89.245.202): 5 Time(s)
root (163.172.36.126): 5 Time(s)
root (117.111.5.85): 4 Time(s)
root (138.68.176.38): 4 Time(s)
root (178.128.254.128): 4 Time(s)
root (183.196.186.92): 4 Time(s)
root (67.207.86.191): 3 Time(s)
unknown (141.98.10.179): 3 Time(s)
unknown (185.65.134.175): 3 Time(s)
unknown (193.169.254.113): 3 Time(s)
unknown (205.185.125.109): 3 Time(s)
unknown (205.185.125.24): 3 Time(s)
unknown (45.146.165.72): 3 Time(s)
mysql (112.216.3.211): 2 Time(s)
root (175.137.174.62): 2 Time(s)
root (181.46.139.170): 2 Time(s)
root (185.65.134.175): 2 Time(s)
unknown (176.111.173.156): 2 Time(s)
unknown (199.195.248.154): 2 Time(s)
unknown (86.127.250.128): 2 Time(s)
unknown (ec2-3-84-130-132.compute-1.amazonaws.com): 2 Time(s)
www-data (67.207.86.191): 2 Time(s)
backup (132.232.53.85): 1 Time(s)
mysql (112.33.50.31): 1 Time(s)
mysql (113.65.32.196): 1 Time(s)
mysql (121.5.145.30): 1 Time(s)
mysql (178.128.254.128): 1 Time(s)
postgres (112.216.3.211): 1 Time(s)
postgres (121.5.145.30): 1 Time(s)
postgres (ec2-54-169-177-248.ap-southeast-1.compute.amazonaws.com): 1 Time(s)
root (106.13.92.200): 1 Time(s)
root (112.216.3.211): 1 Time(s)
root (113.65.32.196): 1 Time(s)
root (119.45.252.147): 1 Time(s)
root (139.59.121.221): 1 Time(s)
root (150.158.173.227): 1 Time(s)
root (157.230.11.164): 1 Time(s)
root (181.214.243.18): 1 Time(s)
root (183.230.71.67): 1 Time(s)
root (198.199.97.218): 1 Time(s)
root (222.190.110.196): 1 Time(s)
root (39.97.109.91): 1 Time(s)
root (42.194.149.96): 1 Time(s)
root (45.153.160.140): 1 Time(s)
root (5.183.209.217): 1 Time(s)
root (ec2-54-169-177-248.ap-southeast-1.compute.amazonaws.com): 1 Time(s)
root (tor-exit0-readme.dfri.se): 1 Time(s)
root (tor-exit4-readme.dfri.se): 1 Time(s)
unknown (117.111.5.85): 1 Time(s)
unknown (124.205.84.18): 1 Time(s)
unknown (183.196.186.92): 1 Time(s)
unknown (195.133.40.104): 1 Time(s)
Invalid Users:
Unknown Account: 439 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
1 Miscellaneous warnings
20.463K Bytes accepted 20,954
20.463K Bytes sent via SMTP 20,954
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
4 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
4 Total 4xx Rejects 100.00%
======== ==================================================
365 Connections
235 Connections lost (inbound)
365 Disconnections
1 Removed from queue
1 Sent via SMTP
12 Timeouts (inbound)
48 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
root : 2 Time(s)
Failed logins from:
5.183.209.217: 1 time
23.94.216.121 (23-94-216-121-host.colocrossing.com): 70 times
31.27.35.138 (net-31-27-35-138.cust.vodafonedsl.it): 24 times
36.69.159.157: 6 times
39.97.109.91: 1 time
41.76.175.130: 58 times
42.159.80.91: 29 times
42.194.149.96: 1 time
42.194.189.116: 7 times
42.194.217.197: 55 times
45.146.166.238: 7 times
45.153.160.140: 1 time
49.232.137.200: 26 times
51.158.104.101 (101-104-158-51.instances.scw.cloud): 40 times
52.183.128.237: 50 times
54.169.177.248 (ec2-54-169-177-248.ap-southeast-1.compute.amazonaws.com): 2 times
60.8.87.190: 6 times
61.93.240.18 (061093240018.static.ctinets.com): 36 times
61.216.131.31 (61-216-131-31.HINET-IP.hinet.net): 50 times
67.207.86.191: 5 times
68.183.178.162: 6 times
81.70.205.107: 8 times
81.71.38.159: 50 times
82.157.178.120: 70 times
84.180.234.205 (p54b4eacd.dip0.t-ipconnect.de): 50 times
104.248.155.136: 70 times
106.13.92.200: 1 time
106.13.208.80: 49 times
106.52.115.36: 38 times
106.52.178.166: 67 times
106.75.211.48: 5 times
106.75.226.175: 24 times
112.33.50.31: 7 times
112.216.3.211: 4 times
113.65.32.196: 2 times
114.67.68.191: 43 times
117.111.5.85: 4 times
118.25.133.121: 40 times
118.89.245.202: 5 times
119.28.25.33: 6 times
119.29.77.63: 69 times
119.45.252.147: 1 time
120.48.16.153: 33 times
121.5.145.30: 9 times
124.89.83.117: 18 times
125.141.139.7: 69 times
132.232.53.85: 8 times
132.232.94.80: 66 times
138.68.176.38: 4 times
139.59.121.221: 1 time
143.110.212.213: 30 times
150.95.30.158 (v150-95-30-158.a005.g.bkk1.static.cnode.io): 50 times
150.158.173.227: 1 time
150.158.181.197: 56 times
150.158.189.163: 34 times
157.230.11.164: 1 time
157.230.185.9: 30 times
159.65.51.82: 21 times
163.172.36.126 (163-172-36-126.rev.poneytelecom.eu): 5 times
171.25.193.20 (tor-exit0-readme.dfri.se): 1 time
171.25.193.78 (tor-exit4-readme.dfri.se): 1 time
175.137.174.62: 2 times
176.95.26.14: 9 times
178.128.254.128: 5 times
180.76.96.164: 37 times
180.76.152.17: 6 times
181.46.139.170 (cpe-181-46-139-170.telecentro-reversos.com.ar): 2 times
181.214.243.18: 1 time
183.196.186.92 (error.arpa): 4 times
183.230.71.67: 1 time
185.65.134.175: 2 times
186.109.86.184 (host184.186-109-86.telecom.net.ar): 36 times
189.113.131.44 (189-113-131-44.telecall.com.br): 6 times
190.110.101.147 (utalca-190.110.101.147.utalca.cl): 50 times
193.151.128.13: 29 times
198.199.97.218: 1 time
201.92.19.97 (201-92-19-97.dsl.telesp.net.br): 70 times
222.190.110.196: 1 time
Illegal users from:
undef: 252 times
3.84.130.132 (ec2-3-84-130-132.compute-1.amazonaws.com): 2 times
36.69.159.157: 12 times
42.194.189.116: 16 times
45.146.165.72: 3 times
45.146.166.238: 24 times
54.169.177.248 (ec2-54-169-177-248.ap-southeast-1.compute.amazonaws.com): 7 times
65.49.20.67 (scan-18.shadowserver.org): 1 time
67.207.86.191: 19 times
68.183.178.162: 20 times
81.70.205.107: 16 times
86.127.250.128 (86-127-250-128.digimobil.es): 2 times
106.75.211.48: 14 times
112.33.50.31: 19 times
112.216.3.211: 22 times
113.65.32.196: 25 times
117.111.5.85: 1 time
118.89.245.202: 22 times
119.28.25.33: 12 times
121.5.145.30: 20 times
124.205.84.18: 1 time
132.232.53.85: 15 times
138.68.176.38: 19 times
141.98.10.29: 9 times
141.98.10.179 (er.includeswitche.com): 3 times
141.98.10.203: 18 times
163.172.36.126 (163-172-36-126.rev.poneytelecom.eu): 24 times
175.137.174.62: 14 times
176.95.26.14: 16 times
176.111.173.156: 2 times
178.128.254.128: 18 times
180.76.152.17: 19 times
181.46.139.170 (cpe-181-46-139-170.telecentro-reversos.com.ar): 14 times
183.196.186.92 (error.arpa): 1 time
185.65.134.175: 3 times
193.169.254.113: 3 times
195.133.40.104: 1 time
199.195.248.154: 2 times
205.185.125.24: 3 times
205.185.125.109: 3 times
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/ploop23974p1 394G 242G 132G 65% /
none 4.0G 0 4.0G 0% /dev
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
1561
days inactive
1561
days old
0 comments
1 participants
participants (1)
-
root@zapf.in