################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Thu May 6 04:42:05 2021 Date Range Processed: yesterday ( 2021-May-05 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [134:136] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 185.90.136.199 -> zapf.wiki:443: 1 Time(s) A total of 9 sites probed the server 136.144.209.97 172.104.242.173 185.142.236.43 198.245.53.36 198.71.55.250 58.249.72.77 61.219.11.153 64.227.3.111 82.221.105.6 Requests with error response codes 400 Bad Request null: 22 Time(s) /: 2 Time(s) mstshash=Administr: 2 Time(s) /config/getuser?index=0: 1 Time(s) X\xD4>\x12\x98\xC4<\xE0\x13\xCF\x00\xAC\xA ... 5Cs\x9C\xBD\xCB: 1 Time(s) zapf.wiki:443: 1 Time(s) 403 Forbidden /resolutionen/sose17/gesellschaftlich_verantwortung/: 2 Time(s) 404 Not Found /robots.txt: 47 Time(s) /reader/2017_SoSe_Berlin.pdf%7C: 2 Time(s) /sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 2 Time(s) /verein/satzung/%7CSatzung: 2 Time(s) //2019/wp-includes/wlwmanifest.xml: 1 Time(s) //2020/wp-includes/wlwmanifest.xml: 1 Time(s) //blog/wp-includes/wlwmanifest.xml: 1 Time(s) //cms/wp-includes/wlwmanifest.xml: 1 Time(s) //news/wp-includes/wlwmanifest.xml: 1 Time(s) //shop/wp-includes/wlwmanifest.xml: 1 Time(s) //site/wp-includes/wlwmanifest.xml: 1 Time(s) //sito/wp-includes/wlwmanifest.xml: 1 Time(s) //test/wp-includes/wlwmanifest.xml: 1 Time(s) //web/wp-includes/wlwmanifest.xml: 1 Time(s) //website/wp-includes/wlwmanifest.xml: 1 Time(s) //wordpress/wp-includes/wlwmanifest.xml: 1 Time(s) //wp-includes/wlwmanifest.xml: 1 Time(s) //wp/wp-includes/wlwmanifest.xml: 1 Time(s) //wp1/wp-includes/wlwmanifest.xml: 1 Time(s) //wp2/wp-includes/wlwmanifest.xml: 1 Time(s) //xmlrpc.php?rsd: 1 Time(s) /OLD/wp-admin/: 1 Time(s) /berlin/orientierung/apple-touch-icon.png: 1 Time(s) /download/reader_ma91.pdf: 1 Time(s) /reader/2016_SoSe_Konstanz_kurz.pdf%7CReader: 1 Time(s) /reader/2016_SoSe_Konstanz_lang.pdf%7CLangversion: 1 Time(s) /resolutionen/sose18/Pruefungsanmeldung/reso_: 1 Time(s) /sites/default/files/1984_SoSe_Konstanz.pdf: 1 Time(s) /sites/default/files/1987_SoSe_Aachen.pdf: 1 Time(s) /sites/default/files/2007_WiSe_Bielefeld.pdf: 1 Time(s) /sites/default/files/2008_WiSe_Aachen.pdf: 1 Time(s) /sites/default/files/2010-11-26%20vorgesch ... A4nderungen.pdf: 1 Time(s) /stapf: 1 Time(s) /wordpress/wp-admin/: 1 Time(s) /wp-login.php: 1 Time(s) /zapf/reader/%7CTagungsreader: 1 Time(s) /zapf/reader/2018_WiSe_Wuerzburg: 1 Time(s) 500 Internal Server Error /: 49 Time(s) /drupal/node/4/: 6 Time(s) /api/v2/ajax: 2 Time(s) /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 2 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /Autodiscover/Autodiscover.xml: 1 Time(s) /_ignition/execute-solution: 1 Time(s) /actuator/health: 1 Time(s) /api/jsonws/invoke: 1 Time(s) /console/: 1 Time(s) /ecp/Current/exporttool/microsoft.exchange ... ool.application: 1 Time(s) /favicon.ico: 1 Time(s) /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s) /mifs/.;/services/LogService: 1 Time(s) /owa/: 1 Time(s) /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s) /robots.txt: 1 Time(s) /sitemap.xml: 1 Time(s) /wp-content/plugins/wp-file-manager/readme.txt: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (134.122.130.40): 100 Time(s) root (138.68.167.109): 100 Time(s) root (140.143.239.86): 100 Time(s) root (142.93.99.15): 100 Time(s) root (150.109.113.254): 100 Time(s) root (190.145.192.106): 100 Time(s) root (192.64.83.51): 100 Time(s) root (192.81.211.68): 100 Time(s) root (81.30.162.28): 100 Time(s) root (119.45.22.71): 98 Time(s) root (mx1.theiideacompany.mx): 93 Time(s) root (193.176.240.13): 92 Time(s) root (159.65.224.159): 91 Time(s) root (106.75.250.213): 87 Time(s) root (218.92.0.165): 83 Time(s) root (42.193.144.254): 80 Time(s) root (222-153-75-69-fibre.sparkbb.co.nz): 68 Time(s) root (188.166.225.37): 65 Time(s) root (163.172.165.127): 64 Time(s) root (129.204.177.7): 63 Time(s) root (host-85-172-189-189.stavropol.ru): 59 Time(s) root (114.67.110.227): 56 Time(s) root (81.69.226.44): 56 Time(s) root (101.89.117.25): 55 Time(s) root (150.158.185.207): 54 Time(s) root (192.144.213.187): 54 Time(s) root (162.0.223.44): 52 Time(s) root (113.215.181.54): 51 Time(s) root (c919.cloud.wiroos.net): 51 Time(s) root (157.230.83.210): 49 Time(s) root (189-127-60-22.entre.net.br): 49 Time(s) root (49.232.13.17): 48 Time(s) root (106.75.119.202): 46 Time(s) root (218.92.0.184): 46 Time(s) root (140.249.202.248): 43 Time(s) root (87.255.193.50): 43 Time(s) root (vps-1eb86c89.vps.ovh.ca): 43 Time(s) root (119.45.176.133): 42 Time(s) root (178.128.221.85): 40 Time(s) root (218.92.0.138): 40 Time(s) root (150.136.162.158): 34 Time(s) root (111.68.98.152): 33 Time(s) root (119.28.32.60): 30 Time(s) root (218.92.0.145): 30 Time(s) root (121.4.58.192): 28 Time(s) root (144.126.220.94): 25 Time(s) root (c-71-198-204-77.hsd1.ca.comcast.net): 25 Time(s) root (103.92.31.92): 22 Time(s) root (180.142.130.246): 22 Time(s) root (218.92.0.247): 20 Time(s) root (98.143.148.45): 18 Time(s) root (27.128.229.118): 15 Time(s) root (106.75.141.160): 13 Time(s) root (139.59.29.18): 13 Time(s) root (190.156.231.182): 13 Time(s) root (net-93-145-61-6.cust.vodafonedsl.it): 12 Time(s) unknown (45.146.165.151): 10 Time(s) root (43.226.155.16): 6 Time(s) root (68.183.88.166): 6 Time(s) unknown (180.142.130.246): 4 Time(s) root (39.230.246.35.bc.googleusercontent.com): 3 Time(s) root (45.135.232.165): 3 Time(s) root (59.92.69.22): 3 Time(s) unknown (51.15.197.4): 3 Time(s) unknown (77.79.248.53): 3 Time(s) root (118.25.128.8): 2 Time(s) unknown (118.25.128.8): 2 Time(s) unknown (172.108.131.86): 2 Time(s) unknown (178-189-207-29.adsl.highway.telekom.at): 2 Time(s) unknown (185.36.81.52): 2 Time(s) unknown (89.169.11.199): 2 Time(s) root (1.214.245.27): 1 Time(s) root (132.255.29.233): 1 Time(s) root (180.250.97.19): 1 Time(s) root (185.56.168.188): 1 Time(s) root (197.5.145.66): 1 Time(s) root (209.97.141.67): 1 Time(s) root (221.231.125.146): 1 Time(s) root (45.134.8.158): 1 Time(s) root (45.82.72.128): 1 Time(s) root (49.232.70.69): 1 Time(s) root (51.15.177.63): 1 Time(s) root (51.15.197.4): 1 Time(s) root (59.3.93.107): 1 Time(s) root (64.227.81.135): 1 Time(s) root (68.183.169.251): 1 Time(s) root (77.79.248.53): 1 Time(s) root (vps-004f8962.vps.ovh.ca): 1 Time(s) sshd (45.146.165.151): 1 Time(s) unknown (104.244.77.101): 1 Time(s) unknown (198.144.121.93): 1 Time(s) unknown (45.153.160.136): 1 Time(s) unknown (45.153.160.138): 1 Time(s) unknown (46.182.21.248): 1 Time(s) unknown (korematsu.tor-exit.calyxinstitute.org): 1 Time(s) unknown (this-is-a-tor-exit-node-hviv114.hviv.nl): 1 Time(s) unknown (tor-exit.demfloro.ru): 1 Time(s) unknown (tor-exit0-readme.dfri.se): 1 Time(s) Invalid Users: Unknown Account: 39 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 9 Miscellaneous warnings 18.311K Bytes accepted 18,750 18.311K Bytes sent via SMTP 18,750 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 2 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 2 Total 4xx Rejects 100.00% ======== ================================================== 450 Connections 83 Connections lost (inbound) 450 Disconnections 1 Removed from queue 1 Sent via SMTP 48 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 38 Time(s) Failed logins from: 1.214.245.27: 1 time 27.128.229.118: 15 times 35.246.230.39 (39.230.246.35.bc.googleusercontent.com): 3 times 42.193.144.254: 80 times 43.226.155.16: 6 times 45.82.72.128: 1 time 45.134.8.158: 1 time 45.135.232.165: 3 times 45.146.165.151: 1 time 49.232.13.17: 48 times 49.232.70.69: 1 time 51.15.177.63 (51-15-177-63.rev.poneytelecom.eu): 1 time 51.15.197.4 (4-197-15-51.instances.scw.cloud): 1 time 51.79.164.156 (vps-1eb86c89.vps.ovh.ca): 43 times 51.161.9.81 (vps-004f8962.vps.ovh.ca): 1 time 51.222.14.172 (c919.cloud.wiroos.net): 51 times 59.3.93.107: 1 time 59.92.69.22: 3 times 64.227.81.135: 1 time 68.183.88.166: 6 times 68.183.169.251: 1 time 71.198.204.77 (c-71-198-204-77.hsd1.ca.comcast.net): 25 times 77.79.248.53 (ip-2.77-79-248-52.net.eco.atman.pl): 1 time 81.30.162.28 (dial-up05.vsau.org): 100 times 81.69.226.44: 56 times 85.172.189.189 (host-85-172-189-189.stavropol.ru): 59 times 87.255.193.50: 44 times 93.145.61.6 (net-93-145-61-6.cust.vodafonedsl.it): 12 times 98.143.148.45: 18 times 101.89.117.25: 55 times 103.92.31.92: 22 times 106.75.119.202: 46 times 106.75.141.160: 13 times 106.75.250.213: 87 times 111.68.98.152 (111.68.98.152.pern.pk): 33 times 113.215.181.54: 51 times 114.67.110.227: 56 times 118.25.128.8: 2 times 119.28.32.60: 30 times 119.45.22.71: 98 times 119.45.176.133: 42 times 121.4.58.192: 28 times 129.204.177.7: 63 times 132.255.29.233 (132-255-29-233.informac.com.br): 1 time 134.122.130.40: 100 times 138.68.167.109: 100 times 139.59.29.18: 13 times 140.143.239.86: 100 times 140.249.202.248: 43 times 142.93.99.15: 100 times 144.126.220.94: 25 times 150.109.113.254: 100 times 150.136.162.158: 34 times 150.158.185.207: 54 times 157.230.83.210: 49 times 159.65.224.159: 91 times 162.0.223.44: 52 times 163.172.165.127 (127-165-172-163.instances.scw.cloud): 64 times 178.128.221.85: 40 times 180.142.130.246: 22 times 180.250.97.19: 1 time 185.56.168.188 (oneproject502.com): 1 time 188.166.225.37: 65 times 189.127.60.22 (189-127-60-22.entre.net.br): 49 times 189.206.165.62 (mx1.theiideacompany.mx): 93 times 190.145.192.106: 100 times 190.156.231.182 (static-ip-cr190156231182.cable.net.co): 13 times 192.64.83.51 (smtp.tasmanianlabs.com): 100 times 192.81.211.68: 100 times 192.144.213.187: 54 times 193.176.240.13: 92 times 197.5.145.66: 1 time 209.97.141.67: 1 time 218.92.0.138: 40 times 218.92.0.145: 31 times 218.92.0.165: 83 times 218.92.0.184: 46 times 218.92.0.247: 22 times 221.231.125.146: 1 time 222.153.75.69 (222-153-75-69-fibre.sparkbb.co.nz): 68 times Illegal users from: undef: 16 times 45.146.165.151: 10 times 45.153.160.136: 1 time 45.153.160.138: 1 time 46.182.21.248 (tor-exit-relay.anonymizing-proxy.digitalcourage.de): 1 time 51.15.197.4 (4-197-15-51.instances.scw.cloud): 3 times 77.79.248.53 (ip-2.77-79-248-52.net.eco.atman.pl): 3 times 89.169.11.199: 2 times 104.244.77.101 (LuxembourgTor8.lu): 1 time 107.189.10.42 (tor-exit.demfloro.ru): 1 time 118.25.128.8: 2 times 162.247.74.7 (korematsu.tor-exit.calyxinstitute.org): 1 time 171.25.193.20 (tor-exit0-readme.dfri.se): 1 time 172.108.131.86: 2 times 178.189.207.29 (178-189-207-29.adsl.highway.telekom.at): 2 times 180.142.130.246: 4 times 185.36.81.52 (sterharvest.com): 2 times 192.42.116.14 (this-is-a-tor-exit-node-hviv114.hviv.nl): 1 time 198.144.121.93: 1 time **Unmatched Entries** error: Received disconnect from 118.25.128.8: 3: com.jcraft.jsch.JSchException: Auth fail [preauth] : 4 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop47755p1 394G 242G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################