Logwatch for h2361197.stratoserver.net (Linux)

Dienstag, 4 Mai 2021


 
 ################### Logwatch 7.4.0 (03/01/11) #################### 
        Processing Initiated: Tue May  4 04:42:05 2021
        Date Range Processed: yesterday
                              ( 2021-May-03 )
                              Period is day.
        Detail Level of Output: 0
        Type of Output/Format: mail / text
        Logfiles for Host: h2361197.stratoserver.net
 ################################################################## 
 
 --------------------- fail2ban-messages Begin ------------------------ 

 Banned services with Fail2Ban:				 Bans:Unbans
    ssh:                                                    [262:267]
 
 ---------------------- fail2ban-messages End ------------------------- 

 
 --------------------- httpd Begin ------------------------ 

 
 A total of 8 sites probed the server 
    103.231.89.236
    163.172.53.195
    172.104.242.173
    207.154.234.221
    34.123.195.66
    61.219.11.153
    64.227.3.111
    94.102.49.193
 
 Requests with error response codes
    400 Bad Request
       null: 15 Time(s)
       /robots.txt: 2 Time(s)
       mstshash=Administr: 2 Time(s)
       /: 1 Time(s)
       /bag2: 1 Time(s)
       /w00tw00t.at.ISC.SANS.DFind:): 1 Time(s)
       X\xD4>\x12\x98\xC4<\xE0\x13\xCF\x00\xAC\xA ... 5Cs\x9C\xBD\xCB: 1 Time(s)
    404 Not Found
       /robots.txt: 32 Time(s)
       /wp-login.php: 4 Time(s)
       /.well-known/security.txt: 2 Time(s)
       /security.txt: 2 Time(s)
       /FCKeditor/editor/filemanager/upload/php/upload.php: 1 Time(s)
       /download/reader_aachen08.pdf: 1 Time(s)
       /download/reader_ma97.pdf: 1 Time(s)
       /neuigkeiten/einladung-mgv-ss2011: 1 Time(s)
       /node: 1 Time(s)
       /protokolle/Protokoll_MV_2019_01_11_Freiburg.pdf: 1 Time(s)
       /reader/2017_SoSe_Berlin_vorlaeufig.pdf%7C: 1 Time(s)
       /resolutionen/sose17/symptompflicht/PosPapier_: 1 Time(s)
       /resolutionen/sose18/akkreditierung/reso_laender_akkr.pdf: 1 Time(s)
       /resolutionen/sose18/hochschulgesetze/reso_hsgesetze.pdf: 1 Time(s)
       /resolutionen/sose18/pruefungsanmeldung/re ... gsanmeldung.pdf: 1 Time(s)
       /resolutionen/wise15/transparenz_in_der_dr ... ittelforschung/: 1 Time(s)
       /resolutionen/wise16/zugangs-zulassungsbeschraenkung/reso: 1 Time(s)
       /stapf: 1 Time(s)
       /verein%7CZaPF: 1 Time(s)
       /wp-json/wp/v2/users/: 1 Time(s)
       /wp/wp-admin/: 1 Time(s)
       /zapf/geschaeftsordnung: 1 Time(s)
       /zapf/reader/2018_WiSe_Wuerzburg: 1 Time(s)
    499 (undefined)
       /: 1 Time(s)
       /apple-touch-icon.png: 1 Time(s)
    500 Internal Server Error
       /: 30 Time(s)
       /favicon.ico: 2 Time(s)
       /robots.txt: 2 Time(s)
       /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s)
       /.well-known/security.txt: 1 Time(s)
       /?XDEBUG_SESSION_START=phpstorm: 1 Time(s)
       /ReportServer: 1 Time(s)
       /actuator/health: 1 Time(s)
       /api/jsonws/invoke: 1 Time(s)
       /console/: 1 Time(s)
       /ecp/Current/exporttool/microsoft.exchange ... ool.application: 1 Time(s)
       /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s)
       /login: 1 Time(s)
       /mifs/.;/services/LogService: 1 Time(s)
       /owa/: 1 Time(s)
       /sitemap.xml: 1 Time(s)
       /wp-content/plugins/wp-file-manager/readme.txt: 1 Time(s)
 
 ---------------------- httpd End ------------------------- 

 
 --------------------- pam_unix Begin ------------------------ 

 sshd:
    Authentication Failures:
       root (103.80.38.82): 100 Time(s)
       root (104.248.123.197): 100 Time(s)
       root (111.204.176.209): 100 Time(s)
       root (118.25.144.49): 100 Time(s)
       root (148.66.129.194): 100 Time(s)
       root (154.92.14.211): 100 Time(s)
       root (159.65.64.70): 100 Time(s)
       root (188.166.237.18): 100 Time(s)
       root (41.60.239.148): 100 Time(s)
       root (41.94.218.3): 100 Time(s)
       root (46.101.189.181): 100 Time(s)
       root (h-62.96.251.229.host.de.colt.net): 100 Time(s)
       root (r201-217-143-51.ir-static.anteldata.net.uy): 100 Time(s)
       root (static-201-163-1-66.alestra.net.mx): 100 Time(s)
       root (106.13.88.44): 99 Time(s)
       root (116.204.160.115): 99 Time(s)
       root (211.159.146.141): 99 Time(s)
       root (119.45.144.174): 98 Time(s)
       root (119.45.145.58): 98 Time(s)
       root (187.72.177.131): 97 Time(s)
       root (111.229.253.130): 93 Time(s)
       root (152.67.109.176): 92 Time(s)
       root (107.170.37.74): 91 Time(s)
       root (61.98.205.218): 90 Time(s)
       root (140.143.136.89): 89 Time(s)
       root (42.192.79.20): 89 Time(s)
       root (218.93.206.15): 88 Time(s)
       root (117.89.14.16): 87 Time(s)
       root (150.136.85.176): 87 Time(s)
       root (187.35.147.87): 87 Time(s)
       root (101.32.95.113): 86 Time(s)
       root (189.15.195.125): 86 Time(s)
       root (125.124.182.52): 85 Time(s)
       root (159.89.105.53): 85 Time(s)
       root (40.118.10.133): 85 Time(s)
       root (82.156.246.141): 84 Time(s)
       root (58.243.181.70): 83 Time(s)
       root (103.43.186.10): 82 Time(s)
       root (152.32.213.192): 82 Time(s)
       root (165.227.165.128): 82 Time(s)
       root (128.199.22.32): 81 Time(s)
       root (49.233.2.204): 81 Time(s)
       root (106.75.165.225): 80 Time(s)
       root (186.67.229.154): 80 Time(s)
       root (49.234.71.65): 80 Time(s)
       root (189.154.98.68): 78 Time(s)
       root (111.229.188.112): 75 Time(s)
       root (164.90.217.133): 72 Time(s)
       root (49.234.124.82): 71 Time(s)
       root (134.122.44.93): 70 Time(s)
       root (167.172.145.53): 70 Time(s)
       root (81.68.133.86): 70 Time(s)
       root (187.101.226.148): 69 Time(s)
       root (81.68.143.205): 68 Time(s)
       root (150.158.163.46): 67 Time(s)
       root (81.68.230.55): 67 Time(s)
       root (51.15.204.155): 63 Time(s)
       root (106.75.26.160): 62 Time(s)
       root (1.15.76.31): 61 Time(s)
       root (49.234.181.60): 61 Time(s)
       root (180.102.202.190): 58 Time(s)
       root (106.52.117.86): 57 Time(s)
       root (222.209.85.197): 57 Time(s)
       root (themarketingadvice.com): 57 Time(s)
       root (188.166.161.20): 56 Time(s)
       root (121.4.138.102): 55 Time(s)
       root (161.35.179.74): 55 Time(s)
       root (61.160.251.98): 55 Time(s)
       root (68.183.88.166): 55 Time(s)
       root (103.82.100.226): 54 Time(s)
       root (117.186.244.210): 54 Time(s)
       root (106.13.148.29): 53 Time(s)
       root (14.63.220.150): 52 Time(s)
       root (200.44.50.155): 52 Time(s)
       root (178.128.148.229): 51 Time(s)
       root (222.249.234.100): 51 Time(s)
       root (134.175.121.80): 50 Time(s)
       root (140.207.232.13): 50 Time(s)
       root (188.166.151.44): 50 Time(s)
       root (81.70.3.190): 49 Time(s)
       root (81.68.255.228): 48 Time(s)
       root (106.52.31.195): 47 Time(s)
       root (118.24.107.179): 47 Time(s)
       root (68.183.94.63): 44 Time(s)
       root (106.13.25.242): 43 Time(s)
       root (104.131.41.109): 42 Time(s)
       root (121.5.166.139): 42 Time(s)
       root (180.117.202.75): 42 Time(s)
       root (154.83.14.119): 41 Time(s)
       root (58.26.26.65): 41 Time(s)
       root (64.227.100.165): 41 Time(s)
       root (180.76.112.15): 40 Time(s)
       root (119.29.206.207): 39 Time(s)
       root (188.166.251.27): 37 Time(s)
       root (49.232.201.233): 37 Time(s)
       root (106.75.141.160): 36 Time(s)
       root (139.198.122.116): 35 Time(s)
       root (159.203.185.151): 34 Time(s)
       root (119.45.35.97): 30 Time(s)
       root (124.156.146.217): 30 Time(s)
       root (212.64.69.175): 30 Time(s)
       root (121.204.213.37): 29 Time(s)
       root (118.25.10.3): 28 Time(s)
       root (79.143.27.40): 28 Time(s)
       root (c-69-245-71-26.hsd1.ga.comcast.net): 25 Time(s)
       root (212.64.76.91): 19 Time(s)
       root (1.15.251.60): 17 Time(s)
       root (213.74.22.134): 12 Time(s)
       unknown (45.146.165.151): 9 Time(s)
       root (119.200.186.168): 8 Time(s)
       root (152.32.175.114): 7 Time(s)
       unknown (45.15.143.141): 7 Time(s)
       root (159.75.91.118): 6 Time(s)
       root (43.226.155.16): 6 Time(s)
       unknown (185.36.81.58): 6 Time(s)
       root (128.199.129.55): 5 Time(s)
       root (45.146.165.151): 4 Time(s)
       root (45.135.232.165): 3 Time(s)
       root (45.146.165.72): 3 Time(s)
       root (p5dcb5f5d.dip0.t-ipconnect.de): 2 Time(s)
       unknown (153.33.95.145): 2 Time(s)
       unknown (ip1f120d1d.dynamic.kabel-deutschland.de): 2 Time(s)
       unknown (ti0090a400-3617.bb.online.no): 2 Time(s)
       root (119.45.5.55): 1 Time(s)
       root (124.156.153.16): 1 Time(s)
       root (139.59.81.146): 1 Time(s)
       root (175.24.84.160): 1 Time(s)
       root (177.220.164.122): 1 Time(s)
       root (178.205.141.180): 1 Time(s)
       root (180.96.11.20): 1 Time(s)
       root (185.228.113.216): 1 Time(s)
       root (188.166.22.79): 1 Time(s)
       root (202.70.72.217): 1 Time(s)
       root (220.164.250.31): 1 Time(s)
       root (221.213.129.46): 1 Time(s)
       root (47.101.207.137): 1 Time(s)
       root (62.234.58.195): 1 Time(s)
       root (mail.ustv.com.tw): 1 Time(s)
       root (net-2-45-179-5.cust.vodafonedsl.it): 1 Time(s)
       root (p5dcb4fc8.dip0.t-ipconnect.de): 1 Time(s)
       root (tor-exit-relay-6.anonymizing-proxy.digitalcourage.de): 1 Time(s)
       unknown (185.220.103.111): 1 Time(s)
       unknown (198.144.120.234): 1 Time(s)
       unknown (198.144.121.93): 1 Time(s)
       unknown (45.153.160.131): 1 Time(s)
       unknown (5.104.110.89): 1 Time(s)
       unknown (89.163.252.30): 1 Time(s)
       unknown (anatkamm.tor-exit.calyxinstitute.org): 1 Time(s)
       unknown (mario-louis-sylvester-lap.tor-exit.calyxinstitute.org): 1 Time(s)
       unknown (this-is-a-tor-exit-node-hviv118.hviv.nl): 1 Time(s)
    Invalid Users:
       Unknown Account: 37 Time(s)
 
 
 ---------------------- pam_unix End ------------------------- 

 
 --------------------- Postfix Begin ------------------------ 

        7   Miscellaneous warnings  
 
   21.289K  Bytes accepted                              21,800
   21.289K  Bytes sent via SMTP                         21,800
 ========   ==================================================
 
        1   Accepted                                   100.00%
 --------   --------------------------------------------------
        1   Total                                      100.00%
 ========   ==================================================
 
        9   4xx Reject relay denied                    100.00%
 --------   --------------------------------------------------
        9   Total 4xx Rejects                          100.00%
 ========   ==================================================
 
      426   Connections             
       76   Connections lost (inbound) 
      426   Disconnections          
        1   Removed from queue      
        1   Sent via SMTP           
 
       49   Hostname verification errors (FCRDNS) 
 
 
 ---------------------- Postfix End ------------------------- 

 
 --------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------ 

 Large Mailbox threshold: 40MB (41943040 bytes)
  Warning: Large mailbox: mailman.gz (1747199807)
  Warning: Large mailbox: mailman (235703599967)
 
 ---------------------- sendmail-largeboxes (large mail spool files) End
------------------------- 

 
 --------------------- SSHD Begin ------------------------ 

 
 Disconnecting after too many authentication failures for user:
    root : 1 Time(s)
 
 Failed logins from:
    1.15.76.31: 61 times
    1.15.251.60: 17 times
    2.45.179.5 (net-2-45-179-5.cust.vodafonedsl.it): 1 time
    14.63.220.150: 52 times
    40.118.10.133: 85 times
    41.60.239.148: 100 times
    41.94.218.3: 100 times
    42.192.79.20: 89 times
    43.226.155.16: 6 times
    45.135.232.165: 3 times
    45.146.165.72: 3 times
    45.146.165.151: 4 times
    46.101.189.181: 100 times
    47.101.207.137: 1 time
    49.232.201.233: 37 times
    49.233.2.204: 81 times
    49.234.71.65: 80 times
    49.234.124.82: 71 times
    49.234.181.60: 61 times
    51.15.204.155 (155-204-15-51.instances.scw.cloud): 63 times
    54.39.235.200 (themarketingadvice.com): 57 times
    58.26.26.65: 41 times
    58.243.181.70: 83 times
    60.250.164.169 (mail.ustv.com.tw): 1 time
    61.98.205.218: 90 times
    61.160.251.98: 55 times
    62.96.251.229 (h-62.96.251.229.host.de.colt.net): 100 times
    62.234.58.195: 1 time
    64.227.100.165: 41 times
    68.183.88.166: 55 times
    68.183.94.63: 44 times
    69.245.71.26 (c-69-245-71-26.hsd1.ga.comcast.net): 25 times
    79.143.27.40: 28 times
    81.68.133.86: 70 times
    81.68.143.205: 68 times
    81.68.230.55: 67 times
    81.68.255.228: 48 times
    81.70.3.190: 49 times
    82.156.246.141: 84 times
    93.203.79.200 (p5dcb4fc8.dip0.t-ipconnect.de): 1 time
    93.203.95.93 (p5dcb5f5d.dip0.t-ipconnect.de): 2 times
    101.32.95.113: 86 times
    103.43.186.10: 83 times
    103.80.38.82: 100 times
    103.82.100.226: 54 times
    104.131.41.109: 42 times
    104.248.123.197: 100 times
    106.13.25.242: 43 times
    106.13.88.44: 99 times
    106.13.148.29: 53 times
    106.52.31.195: 47 times
    106.52.117.86: 57 times
    106.75.26.160: 62 times
    106.75.141.160: 36 times
    106.75.165.225: 80 times
    107.170.37.74: 91 times
    111.204.176.209: 100 times
    111.229.188.112: 75 times
    111.229.253.130: 93 times
    116.204.160.115: 99 times
    117.89.14.16: 87 times
    117.186.244.210 (.): 54 times
    118.24.107.179: 47 times
    118.25.10.3: 28 times
    118.25.144.49: 100 times
    119.29.206.207: 39 times
    119.45.5.55: 1 time
    119.45.35.97: 30 times
    119.45.144.174: 98 times
    119.45.145.58: 98 times
    119.200.186.168: 8 times
    121.4.138.102: 55 times
    121.5.166.139: 42 times
    121.204.213.37: 29 times
    124.156.146.217: 30 times
    124.156.153.16: 1 time
    125.124.182.52: 85 times
    128.199.22.32: 81 times
    128.199.129.55: 5 times
    134.122.44.93: 70 times
    134.175.121.80: 50 times
    139.59.81.146: 1 time
    139.198.122.116: 35 times
    140.143.136.89: 89 times
    140.207.232.13 (ptr.not.exist): 50 times
    148.66.129.194: 100 times
    150.136.85.176: 87 times
    150.158.163.46: 67 times
    152.32.175.114: 7 times
    152.32.213.192: 82 times
    152.67.109.176: 92 times
    154.83.14.119: 41 times
    154.92.14.211: 100 times
    159.65.64.70: 100 times
    159.75.91.118: 7 times
    159.89.105.53: 85 times
    159.203.185.151: 34 times
    161.35.179.74: 55 times
    164.90.217.133: 72 times
    165.227.165.128: 82 times
    167.172.145.53: 70 times
    175.24.84.160: 1 time
    177.220.164.122 (122.164.220.177.dynamic.copel.net): 1 time
    178.128.148.229: 51 times
    178.205.141.180 (180.141.205.178.in-addr.arpa): 1 time
    180.76.112.15: 40 times
    180.96.11.20: 1 time
    180.102.202.190: 58 times
    180.117.202.75: 42 times
    185.220.102.252 (tor-exit-relay-6.anonymizing-proxy.digitalcourage.de): 1 time
    185.228.113.216: 1 time
    186.67.229.154: 80 times
    187.35.147.87 (187-35-147-87.dsl.telesp.net.br): 87 times
    187.72.177.131 (abinee.org.br): 97 times
    187.101.226.148 (187-101-226-148.dsl.telesp.net.br): 69 times
    188.166.22.79: 1 time
    188.166.151.44: 50 times
    188.166.161.20: 56 times
    188.166.237.18: 100 times
    188.166.251.27: 37 times
    189.15.195.125 (189-015-195-125.xd-dynamic.algarnetsuper.com.br): 86 times
    189.154.98.68 (dsl-189-154-98-68-dyn.prod-infinitum.com.mx): 78 times
    200.44.50.155 (200-44-50-155.genericrev.cantv.net): 52 times
    201.163.1.66 (static-201-163-1-66.alestra.net.mx): 100 times
    201.217.143.51 (r201-217-143-51.ir-static.anteldata.net.uy): 100 times
    202.70.72.217: 1 time
    211.159.146.141: 99 times
    212.64.69.175: 30 times
    212.64.76.91: 19 times
    213.74.22.134 (host-213-74-22-134.superonline.net): 12 times
    218.93.206.15: 88 times
    220.164.250.31: 1 time
    221.213.129.46: 1 time
    222.209.85.197 (197.85.209.222.broad.cd.sc.dynamic.163data.com.cn): 57 times
    222.249.234.100: 51 times
 
 Illegal users from:
    undef: 16 times
    5.104.110.89 (ca248.calcit.dedicated.server-hosting.expert): 1 time
    31.18.13.29 (ip1f120d1d.dynamic.kabel-deutschland.de): 2 times
    45.15.143.141: 7 times
    45.146.165.151: 9 times
    45.153.160.131: 1 time
    65.49.20.69 (scan-20.shadowserver.org): 1 time
    88.89.28.49 (ti0090a400-3617.bb.online.no): 2 times
    89.163.252.30 (srv1016.dedicated.server-hosting.expert): 1 time
    153.33.95.145: 2 times
    162.247.73.192 (mario-louis-sylvester-lap.tor-exit.calyxinstitute.org): 1 time
    185.36.81.58: 6 times
    185.220.103.7 (anatkamm.tor-exit.calyxinstitute.org): 1 time
    185.220.103.111: 1 time
    192.42.116.18 (this-is-a-tor-exit-node-hviv118.hviv.nl): 1 time
    198.144.120.234: 1 time
    198.144.121.93: 1 time
 
 ---------------------- SSHD End ------------------------- 

 
 --------------------- Disk Space Begin ------------------------ 

 Filesystem         Size  Used Avail Use% Mounted on
 /dev/ploop47755p1  394G  242G  132G  65% /
 none               4.0G     0  4.0G   0% /dev
 
 
 ---------------------- Disk Space End ------------------------- 

 
 ###################### Logwatch End #########################

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016