[TOPF] Logwatch for h2361197.stratoserver.net (Linux)

Dienstag, 13 April 2021

 ################### Logwatch 7.4.0 (03/01/11) #################### 
        Processing Initiated: Tue Apr 13 04:42:04 2021
        Date Range Processed: yesterday
                              ( 2021-Apr-12 )
                              Period is day.
        Detail Level of Output: 0
        Type of Output/Format: mail / text
        Logfiles for Host: h2361197.stratoserver.net
 ################################################################## 

 --------------------- fail2ban-messages Begin ------------------------ 

 Banned services with Fail2Ban:				 Bans:Unbans
    ssh:                                                    [870:873]

 ---------------------- fail2ban-messages End ------------------------- 

 --------------------- httpd Begin ------------------------ 

 Connection attempts using mod_proxy:
    91.239.130.30 -> cdn.jsdelivr.net:443: 3 Time(s)

 A total of 6 sites probed the server 
    142.93.236.38
    167.71.102.181
    192.241.201.180
    35.183.6.39
    52.14.69.15
    66.240.205.34

 Requests with error response codes
    400 Bad Request
       /: 8 Time(s)
       null: 8 Time(s)
       /socket.io/?noteId=8gccwRW2Ss-LXEKNKng3dQ& ... 0yHVOv0VyX7AAGe: 3 Time(s)
       /socket.io/?noteId=8gccwRW2Ss-LXEKNKng3dQ& ... eic7HexTA65AAGd: 3 Time(s)
       /socket.io/?noteId=BKBGAFqNRmix8L7f8LGQng& ... YfzdGEyPTukAAHM: 3 Time(s)
       /socket.io/?noteId=BKBGAFqNRmix8L7f8LGQng& ... mcCE3DFODxeAAGY: 3 Time(s)
       /socket.io/?noteId=BKBGAFqNRmix8L7f8LGQng& ... uFxe0V4UGIpAAGf: 3 Time(s)
       /socket.io/?noteId=BKBGAFqNRmix8L7f8LGQng& ... wuaR4iN_--DAAHL: 3 Time(s)
       /socket.io/?noteId=ring_VO_2&EIO=3&transpo ... QvSXRVJFOxSAAGW: 3 Time(s)
       /socket.io/?noteId=ring_VO_2&EIO=3&transpo ... jPP9dXiHLAQAAHC: 3 Time(s)
       /socket.io/?noteId=ring_VO_2&EIO=3&transpo ... wNhIJghHeBoAAHQ: 3 Time(s)
       /sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/: 3 Time(s)
       cdn.jsdelivr.net:443: 3 Time(s)
       /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: 2 Time(s)
       /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42: 2 Time(s)
       /HNAP1: 2 Time(s)
       /owa/auth/x.js: 2 Time(s)
       /pools: 2 Time(s)
       /pools/default/buckets: 2 Time(s)
       /scripts/WPnBr.dll: 2 Time(s)
       /socket.io/?noteId=8gccwRW2Ss-LXEKNKng3dQ& ... EIZJQ7dpjIeAAHE: 2 Time(s)
       /socket.io/?noteId=8gccwRW2Ss-LXEKNKng3dQ& ... ddvkkkJqqEAAAHK: 2 Time(s)
       /socket.io/?noteId=BKBGAFqNRmix8L7f8LGQng& ... -wVnrzgzSjUAAHD: 2 Time(s)
       /socket.io/?noteId=BKBGAFqNRmix8L7f8LGQng& ... OgxEJ5NJhX8AAHP: 2 Time(s)
       /w00tw00t.at.ISC.SANS.DFind:): 2 Time(s)
       /.git/HEAD: 1 Time(s)
       /bag2: 1 Time(s)
       /favicon.ico: 1 Time(s)
       /nmaplowercheck1618219248: 1 Time(s)
       /nmaplowercheck1618219249: 1 Time(s)
       /nmaplowercheck1618220502: 1 Time(s)
       /nmaplowercheck1618220513: 1 Time(s)
       /sdk: 1 Time(s)
       /socket.io/?noteId=8gccwRW2Ss-LXEKNKng3dQ& ... v9z6PGL9u7kAAHA: 1 Time(s)
       /socket.io/?noteId=BKBGAFqNRmix8L7f8LGQng& ... GcctuJ5Y7xaAAGo: 1 Time(s)
       /socket.io/?noteId=BKBGAFqNRmix8L7f8LGQng& ... c3z2mdAvXzPAAHB: 1 Time(s)
       \xBAm1\xA7\x8D\xF2[\xD3\x85\x06N\xE5\xC3\xA8-: 1 Time(s)
       \xCE\xCF\x00\x00\x00\x00\x00: 1 Time(s)
       v\xC0\x09\xEC\x05\x90\x1D\xDE\xCBh\xD9: 1 Time(s)
    403 Forbidden
       /resolutionen/sose17/gesellschaftlich_verantwortung/: 1 Time(s)
    404 Not Found
       /robots.txt: 36 Time(s)
       /.well-known/security.txt: 2 Time(s)
       /security.txt: 2 Time(s)
       /wp-login.php: 2 Time(s)
       /.env: 1 Time(s)
       /neuigkeiten/einladung-mgv-ss2011: 1 Time(s)
       /protokolle/Protokoll_MV_2019_01_11_Freiburg.pdf: 1 Time(s)
       /protokolle/Protokoll_MV_2020_11_12_Muenchen.pdf: 1 Time(s)
       /reader/1998-so-reader_ro98.pdf: 1 Time(s)
       /sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s)
       /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s)
    405 Method Not Allowed
       /: 1 Time(s)
    499 (undefined)
       /apple-touch-icon.png: 1 Time(s)
       /favicon.png: 1 Time(s)
    500 Internal Server Error
       /: 33 Time(s)
       /.env: 14 Time(s)
       /sitemap.txt: 7 Time(s)
       /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 4 Time(s)
       /?XDEBUG_SESSION_START=phpstorm: 2 Time(s)
       /Autodiscover/Autodiscover.xml: 2 Time(s)
       /_ignition/execute-solution: 2 Time(s)
       /api/jsonws/invoke: 2 Time(s)
       /console/: 2 Time(s)
       /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 2 Time(s)
       /mifs/.;/services/LogService: 2 Time(s)
       /wp-content/plugins/wp-file-manager/readme.txt: 2 Time(s)
       /actuator/health: 1 Time(s)
       /login: 1 Time(s)
       /owa/: 1 Time(s)
       /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s)

 ---------------------- httpd End ------------------------- 

 --------------------- pam_unix Begin ------------------------ 

 sshd:
    Authentication Failures:
       unknown (119.6.253.40): 61 Time(s)
       unknown (176.111.173.205): 41 Time(s)
       unknown (111.229.187.216): 33 Time(s)
       unknown (206.189.138.99): 33 Time(s)
       unknown (111.13.102.171): 32 Time(s)
       unknown (129.226.138.179): 32 Time(s)
       unknown (61.49.59.23): 31 Time(s)
       unknown (182.151.16.46): 30 Time(s)
       unknown (111.231.241.201): 29 Time(s)
       unknown (114.67.179.254): 29 Time(s)
       unknown (120.48.19.88): 29 Time(s)
       unknown (167.71.102.201): 29 Time(s)
       unknown (218.108.16.41): 29 Time(s)
       unknown (49.232.48.213): 29 Time(s)
       unknown (qsimh.com): 29 Time(s)
       unknown (103.231.46.66): 28 Time(s)
       unknown (106.12.51.80): 28 Time(s)
       unknown (119.28.53.116): 28 Time(s)
       unknown (128.199.141.33): 28 Time(s)
       unknown (159.75.2.130): 28 Time(s)
       unknown (190.252.184.237): 28 Time(s)
       unknown (211.108.69.103): 28 Time(s)
       unknown (49.233.181.31): 28 Time(s)
       unknown (120.92.110.194): 27 Time(s)
       unknown (128.199.137.91): 27 Time(s)
       unknown (14.46.17.140): 27 Time(s)
       unknown (143.110.225.133): 27 Time(s)
       unknown (150.138.117.36): 27 Time(s)
       unknown (157.230.251.115): 27 Time(s)
       unknown (165.227.196.229): 27 Time(s)
       unknown (178.128.184.213): 27 Time(s)
       unknown (23.101.112.231): 27 Time(s)
       unknown (42.192.213.172): 27 Time(s)
       unknown (68.183.88.166): 27 Time(s)
       unknown (ip-148-72-212-161.ip.secureserver.net): 27 Time(s)
       unknown (103.237.145.182): 26 Time(s)
       unknown (111.93.4.46): 26 Time(s)
       unknown (113.105.131.194): 26 Time(s)
       unknown (118.24.117.134): 26 Time(s)
       unknown (118.25.74.248): 26 Time(s)
       unknown (118.70.233.206): 26 Time(s)
       unknown (120.92.132.245): 26 Time(s)
       unknown (121.4.201.5): 26 Time(s)
       unknown (138.68.72.167): 26 Time(s)
       unknown (139.155.24.139): 26 Time(s)
       unknown (14.63.185.80): 26 Time(s)
       unknown (42.192.154.20): 26 Time(s)
       unknown (62.234.124.104): 26 Time(s)
       unknown (62.57.185.15.dyn.user.ono.com): 26 Time(s)
       unknown (v118-27-9-23.6lby.static.cnode.io): 26 Time(s)
       unknown (104.236.48.174): 25 Time(s)
       unknown (106.53.97.54): 25 Time(s)
       unknown (121.4.235.63): 25 Time(s)
       unknown (129.146.171.254): 25 Time(s)
       unknown (178.62.7.30): 25 Time(s)
       unknown (180.76.146.239): 25 Time(s)
       unknown (181.49.50.202): 25 Time(s)
       unknown (193.112.202.61): 25 Time(s)
       unknown (213.59.135.87): 25 Time(s)
       unknown (219.131.193.180): 25 Time(s)
       unknown (49.233.63.23): 25 Time(s)
       unknown (60.174.234.57): 25 Time(s)
       unknown (81.68.251.58): 25 Time(s)
       unknown (81.70.101.137): 25 Time(s)
       unknown (82.156.22.138): 25 Time(s)
       unknown (94.137.136.45): 25 Time(s)
       unknown (104.131.106.209): 24 Time(s)
       unknown (129.211.188.162): 24 Time(s)
       unknown (144.7.116.1): 24 Time(s)
       unknown (172.81.235.238): 24 Time(s)
       unknown (47.254.237.16): 24 Time(s)
       unknown (d47-69-218-161.try.wideopenwest.com): 24 Time(s)
       root (176.111.173.205): 23 Time(s)
       unknown (106.55.168.150): 23 Time(s)
       unknown (114.246.34.145): 23 Time(s)
       unknown (119.28.32.60): 23 Time(s)
       unknown (119.29.200.79): 23 Time(s)
       unknown (119.45.199.177): 23 Time(s)
       unknown (124.205.84.15): 23 Time(s)
       unknown (159.89.105.53): 23 Time(s)
       unknown (40.84.137.248): 23 Time(s)
       unknown (106.75.253.6): 22 Time(s)
       unknown (152.136.213.45): 22 Time(s)
       unknown (220.181.58.12): 22 Time(s)
       unknown (81.70.173.185): 22 Time(s)
       unknown (maryfindlay.plus.com): 22 Time(s)
       unknown (132.232.84.44): 21 Time(s)
       unknown (211.253.10.96): 21 Time(s)
       unknown (42.192.95.184): 21 Time(s)
       unknown (54033b85.catv.pool.telekom.hu): 21 Time(s)
       unknown (8.209.73.223): 21 Time(s)
       unknown (catv-80-99-136-140.catv.broadband.hu): 21 Time(s)
       root (119.6.253.40): 20 Time(s)
       unknown (120.53.2.190): 20 Time(s)
       unknown (121.226.44.31): 20 Time(s)
       unknown (211.161.60.21): 20 Time(s)
       unknown (63.250.40.180): 20 Time(s)
       unknown (152.67.165.129): 19 Time(s)
       unknown (193.112.208.73): 19 Time(s)
       root (220.181.58.12): 18 Time(s)
       unknown (106.55.21.141): 18 Time(s)
       unknown (138.197.107.103): 17 Time(s)
       unknown (182.254.240.238): 17 Time(s)
       root (ip-148-72-212-161.ip.secureserver.net): 16 Time(s)
       unknown (162.102.150.203.sta.inet.co.th): 16 Time(s)
       unknown (68.183.229.218): 16 Time(s)
       root (159.89.105.53): 15 Time(s)
       unknown (113.65.208.104): 15 Time(s)
       unknown (123.139.156.3): 15 Time(s)
       unknown (42.192.121.172): 15 Time(s)
       root (120.92.110.194): 14 Time(s)
       root (182.254.240.238): 14 Time(s)
       root (82.156.22.138): 14 Time(s)
       unknown (206.189.128.215): 14 Time(s)
       root (42.192.154.20): 13 Time(s)
       unknown (112.51.24.191): 13 Time(s)
       root (54033b85.catv.pool.telekom.hu): 12 Time(s)
       unknown (106.54.236.226): 12 Time(s)
       root (106.75.253.6): 11 Time(s)
       root (119.29.200.79): 11 Time(s)
       root (132.232.84.44): 11 Time(s)
       root (40.84.137.248): 11 Time(s)
       root (63.250.40.180): 11 Time(s)
       root (d47-69-218-161.try.wideopenwest.com): 11 Time(s)
       unknown (101.66.172.72): 11 Time(s)
       unknown (134.175.227.48): 11 Time(s)
       unknown (14.98.82.230): 11 Time(s)
       unknown (81.70.34.75): 11 Time(s)
       root (114.67.179.254): 10 Time(s)
       root (138.197.107.103): 10 Time(s)
       root (172.81.235.238): 10 Time(s)
       root (178.62.7.30): 10 Time(s)
       root (180.76.146.239): 10 Time(s)
       root (68.183.229.218): 10 Time(s)
       root (81.70.173.185): 10 Time(s)
       unknown (178.128.215.76): 10 Time(s)
       unknown (43.226.69.100): 10 Time(s)
       root (104.236.48.174): 9 Time(s)
       root (106.12.51.80): 9 Time(s)
       root (118.24.117.134): 9 Time(s)
       root (119.28.53.116): 9 Time(s)
       root (121.4.235.63): 9 Time(s)
       root (129.211.188.162): 9 Time(s)
       root (14.63.185.80): 9 Time(s)
       root (143.110.225.133): 9 Time(s)
       root (150.138.117.36): 9 Time(s)
       root (165.227.196.229): 9 Time(s)
       root (49.233.181.31): 9 Time(s)
       unknown (112.78.177.42): 9 Time(s)
       unknown (ec2-54-179-137-47.ap-southeast-1.compute.amazonaws.com): 9 Time(s)
       root (104.131.106.209): 8 Time(s)
       root (118.70.233.206): 8 Time(s)
       root (119.28.32.60): 8 Time(s)
       root (121.226.44.31): 8 Time(s)
       root (128.199.137.91): 8 Time(s)
       root (129.226.138.179): 8 Time(s)
       root (162.102.150.203.sta.inet.co.th): 8 Time(s)
       root (181.49.50.202): 8 Time(s)
       root (193.112.208.73): 8 Time(s)
       root (213.59.135.87): 8 Time(s)
       root (42.192.213.172): 8 Time(s)
       root (8.209.73.223): 8 Time(s)
       root (81.68.251.58): 8 Time(s)
       root (maryfindlay.plus.com): 8 Time(s)
       root (qsimh.com): 8 Time(s)
       root (106.55.168.150): 7 Time(s)
       root (121.4.201.5): 7 Time(s)
       root (182.151.16.46): 7 Time(s)
       root (190.252.184.237): 7 Time(s)
       root (211.108.69.103): 7 Time(s)
       root (218.108.16.41): 7 Time(s)
       root (23.101.112.231): 7 Time(s)
       root (60.174.234.57): 7 Time(s)
       root (94.137.136.45): 7 Time(s)
       root (catv-80-99-136-140.catv.broadband.hu): 7 Time(s)
       unknown (103.23.100.87): 7 Time(s)
       unknown (106.12.38.109): 7 Time(s)
       unknown (81.71.139.210): 7 Time(s)
       root (124.205.84.15): 6 Time(s)
       root (138.68.72.167): 6 Time(s)
       root (167.71.102.201): 6 Time(s)
       root (186.134.18.107): 6 Time(s)
       root (211.253.10.96): 6 Time(s)
       root (42.192.95.184): 6 Time(s)
       root (43.226.69.100): 6 Time(s)
       root (47.254.237.16): 6 Time(s)
       root (49.233.63.23): 6 Time(s)
       root (61.49.59.23): 6 Time(s)
       root (62.57.185.15.dyn.user.ono.com): 6 Time(s)
       unknown (106.55.239.96): 6 Time(s)
       unknown (182.254.151.198): 6 Time(s)
       root (106.53.97.54): 5 Time(s)
       root (111.13.102.171): 5 Time(s)
       root (112.78.177.42): 5 Time(s)
       root (113.105.131.194): 5 Time(s)
       root (113.65.208.104): 5 Time(s)
       root (119.45.199.177): 5 Time(s)
       root (120.53.2.190): 5 Time(s)
       root (120.92.132.245): 5 Time(s)
       root (123.139.156.3): 5 Time(s)
       root (14.98.82.230): 5 Time(s)
       root (144.7.116.1): 5 Time(s)
       root (152.67.165.129): 5 Time(s)
       root (178.128.184.213): 5 Time(s)
       root (206.189.138.99): 5 Time(s)
       root (42.192.121.172): 5 Time(s)
       root (81.70.34.75): 5 Time(s)
       unknown (49.235.172.41): 5 Time(s)
       root (103.231.46.66): 4 Time(s)
       root (103.237.145.182): 4 Time(s)
       root (111.229.187.216): 4 Time(s)
       root (120.48.19.88): 4 Time(s)
       root (134.175.227.48): 4 Time(s)
       root (139.155.24.139): 4 Time(s)
       root (14.46.17.140): 4 Time(s)
       root (152.136.213.45): 4 Time(s)
       root (157.230.251.115): 4 Time(s)
       root (193.112.202.61): 4 Time(s)
       root (211.161.60.21): 4 Time(s)
       root (219.131.193.180): 4 Time(s)
       root (68.183.88.166): 4 Time(s)
       unknown (121.121.149.233): 4 Time(s)
       root (101.66.172.72): 3 Time(s)
       root (104.248.79.138): 3 Time(s)
       root (106.55.21.141): 3 Time(s)
       root (111.231.241.201): 3 Time(s)
       root (111.93.4.46): 3 Time(s)
       root (114.246.34.145): 3 Time(s)
       root (128.199.141.33): 3 Time(s)
       root (134.209.174.35): 3 Time(s)
       root (159.75.2.130): 3 Time(s)
       root (170.233.120.21): 3 Time(s)
       root (178.128.215.76): 3 Time(s)
       root (62.234.124.104): 3 Time(s)
       root (v118-27-9-23.6lby.static.cnode.io): 3 Time(s)
       unknown (104.248.79.138): 3 Time(s)
       unknown (134.209.174.35): 3 Time(s)
       unknown (165.22.73.254): 3 Time(s)
       unknown (42.84.33.188): 3 Time(s)
       postgres (111.13.102.171): 2 Time(s)
       postgres (120.53.2.190): 2 Time(s)
       postgres (219.131.193.180): 2 Time(s)
       postgres (42.192.154.20): 2 Time(s)
       root (103.23.100.87): 2 Time(s)
       root (106.54.236.226): 2 Time(s)
       root (118.25.74.248): 2 Time(s)
       root (129.146.171.254): 2 Time(s)
       root (49.232.48.213): 2 Time(s)
       root (81.70.101.137): 2 Time(s)
       unknown (1.224.108.234): 2 Time(s)
       unknown (111.231.59.18): 2 Time(s)
       unknown (99-46-1-60.lightspeed.mssnks.sbcglobal.net): 2 Time(s)
       unknown (apoitiers-654-1-90-216.w92-136.abo.wanadoo.fr): 2 Time(s)
       unknown (dynamic-077-006-081-028.77.6.pool.telefonica.de): 2 Time(s)
       unknown (ipb2197345.dynamic.kabel-deutschland.de): 2 Time(s)
       www-data (193.112.202.61): 2 Time(s)
       backup (132.232.84.44): 1 Time(s)
       backup (14.63.185.80): 1 Time(s)
       backup (206.189.138.99): 1 Time(s)
       backup (62.234.124.104): 1 Time(s)
       backup (68.183.88.166): 1 Time(s)
       backup (81.70.101.137): 1 Time(s)
       games (81.70.101.137): 1 Time(s)
       games (d47-69-218-161.try.wideopenwest.com): 1 Time(s)
       jan (119.6.253.40): 1 Time(s)
       jan (178.128.215.76): 1 Time(s)
       mail (124.205.84.15): 1 Time(s)
       mail (138.68.72.167): 1 Time(s)
       mail (81.70.34.75): 1 Time(s)
       mysql (111.229.187.216): 1 Time(s)
       mysql (114.246.34.145): 1 Time(s)
       mysql (118.70.233.206): 1 Time(s)
       mysql (119.6.253.40): 1 Time(s)
       mysql (120.92.132.245): 1 Time(s)
       mysql (129.226.138.179): 1 Time(s)
       mysql (132.232.84.44): 1 Time(s)
       mysql (138.68.72.167): 1 Time(s)
       mysql (144.7.116.1): 1 Time(s)
       mysql (182.254.240.238): 1 Time(s)
       mysql (193.112.208.73): 1 Time(s)
       mysql (218.108.16.41): 1 Time(s)
       mysql (23.101.112.231): 1 Time(s)
       mysql (40.84.137.248): 1 Time(s)
       mysql (42.192.213.172): 1 Time(s)
       mysql (47.254.237.16): 1 Time(s)
       mysql (54033b85.catv.pool.telekom.hu): 1 Time(s)
       mysql (63.250.40.180): 1 Time(s)
       mysql (68.183.88.166): 1 Time(s)
       news (167.71.102.201): 1 Time(s)
       news (178.128.215.76): 1 Time(s)
       news (23.101.112.231): 1 Time(s)
       nobody (119.6.253.40): 1 Time(s)
       openproject (118.70.233.206): 1 Time(s)
       openproject (152.67.165.129): 1 Time(s)
       postfix (206.189.138.99): 1 Time(s)
       postgres (103.237.145.182): 1 Time(s)
       postgres (104.236.48.174): 1 Time(s)
       postgres (106.55.21.141): 1 Time(s)
       postgres (119.28.53.116): 1 Time(s)
       postgres (121.226.44.31): 1 Time(s)
       postgres (124.205.84.15): 1 Time(s)
       postgres (128.199.141.33): 1 Time(s)
       postgres (132.232.84.44): 1 Time(s)
       postgres (138.68.72.167): 1 Time(s)
       postgres (159.75.203.31): 1 Time(s)
       postgres (165.227.196.229): 1 Time(s)
       postgres (172.81.235.238): 1 Time(s)
       postgres (182.254.240.238): 1 Time(s)
       postgres (206.189.138.99): 1 Time(s)
       postgres (23.101.112.231): 1 Time(s)
       postgres (49.233.63.23): 1 Time(s)
       postgres (54033b85.catv.pool.telekom.hu): 1 Time(s)
       postgres (60.174.234.57): 1 Time(s)
       postgres (81.70.173.185): 1 Time(s)
       postgres (82.156.22.138): 1 Time(s)
       postgres (d47-69-218-161.try.wideopenwest.com): 1 Time(s)
       proxy (111.231.241.201): 1 Time(s)
       proxy (129.211.188.162): 1 Time(s)
       root (106.12.38.109): 1 Time(s)
       root (106.55.239.96): 1 Time(s)
       root (111.231.59.18): 1 Time(s)
       root (112.51.24.191): 1 Time(s)
       root (139.186.141.171): 1 Time(s)
       root (157.245.108.35): 1 Time(s)
       root (168.138.236.77): 1 Time(s)
       root (170.106.142.211): 1 Time(s)
       root (186.16.209.222): 1 Time(s)
       root (201.62.54.96): 1 Time(s)
       root (206.189.128.215): 1 Time(s)
       root (42.193.110.36): 1 Time(s)
       root (61.98.205.218): 1 Time(s)
       root (81.71.139.210): 1 Time(s)
       root (ec2-54-179-137-47.ap-southeast-1.compute.amazonaws.com): 1 Time(s)
       sshd (catv-80-99-136-140.catv.broadband.hu): 1 Time(s)
       sys (111.93.4.46): 1 Time(s)
       sys (159.89.105.53): 1 Time(s)
       temp (106.53.97.54): 1 Time(s)
       temp (111.13.102.171): 1 Time(s)
       temp (120.53.2.190): 1 Time(s)
       temp (150.138.117.36): 1 Time(s)
       temp (182.254.240.238): 1 Time(s)
       temp (47.254.237.16): 1 Time(s)
       temp (8.209.73.223): 1 Time(s)
       temp (82.156.22.138): 1 Time(s)
       unknown (111.229.211.66): 1 Time(s)
       unknown (112.29.149.206): 1 Time(s)
       unknown (129.28.154.240): 1 Time(s)
       unknown (150.158.214.155): 1 Time(s)
       unknown (152.136.204.118): 1 Time(s)
       unknown (170.106.153.18): 1 Time(s)
       unknown (178.128.31.3): 1 Time(s)
       unknown (179.43.80.6): 1 Time(s)
       unknown (181.143.228.174): 1 Time(s)
       unknown (181.143.232.91): 1 Time(s)
       unknown (187.9.78.166): 1 Time(s)
       unknown (200.216.31.20): 1 Time(s)
       unknown (202.70.87.193): 1 Time(s)
       unknown (219.91.153.198): 1 Time(s)
       unknown (45.153.160.140): 1 Time(s)
       unknown (62.234.15.136): 1 Time(s)
       unknown (91.192.136.43): 1 Time(s)
       unknown (ip-182-16-240-238.interlink.net.id): 1 Time(s)
       unknown (srv1033.dedicated.server-hosting.expert): 1 Time(s)
       unknown (testjn-140-123.cust.b2b2c.ca): 1 Time(s)
       unknown (this-is-a-tor-exit-node-hviv128.hviv.nl): 1 Time(s)
       unknown (tor-exit.angarod.net): 1 Time(s)
       www-data (103.231.46.66): 1 Time(s)
       www-data (113.105.131.194): 1 Time(s)
       www-data (119.6.253.40): 1 Time(s)
       www-data (176.111.173.205): 1 Time(s)
       www-data (211.161.60.21): 1 Time(s)
       www-data (40.84.137.248): 1 Time(s)
       www-data (42.192.154.20): 1 Time(s)
       www-data (43.226.69.100): 1 Time(s)
       www-data (8.209.73.223): 1 Time(s)
       www-data (ip-148-72-212-161.ip.secureserver.net): 1 Time(s)
       www-data (maryfindlay.plus.com): 1 Time(s)
    Invalid Users:
       Unknown Account: 2854 Time(s)

 ---------------------- pam_unix End ------------------------- 

 --------------------- Postfix Begin ------------------------ 

       12   Miscellaneous warnings  

   44.784K  Bytes accepted                              45,859
   44.784K  Bytes sent via SMTP                         45,859
 ========   ==================================================

        1   Accepted                                   100.00%
 --------   --------------------------------------------------
        1   Total                                      100.00%
 ========   ==================================================

        8   4xx Reject relay denied                    100.00%
 --------   --------------------------------------------------
        8   Total 4xx Rejects                          100.00%
 ========   ==================================================

      467   Connections             
      110   Connections lost (inbound) 
      467   Disconnections          
        1   Removed from queue      
        1   Sent via SMTP           

        7   Hostname verification errors (FCRDNS) 

 ---------------------- Postfix End ------------------------- 

 --------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------ 

 Large Mailbox threshold: 40MB (41943040 bytes)
  Warning: Large mailbox: mailman.gz (1747199807)
  Warning: Large mailbox: mailman (235703599967)

 ---------------------- sendmail-largeboxes (large mail spool files) End
------------------------- 

 --------------------- SSHD Begin ------------------------ 

 Disconnecting after too many authentication failures for user:
    root : 1 Time(s)

 Failed logins from:
    8.209.73.223: 10 times
    14.46.17.140: 4 times
    14.63.185.80: 10 times
    14.98.82.230 (static-230.82.98.14-tataidc.co.in): 5 times
    23.101.112.231: 10 times
    40.84.137.248: 13 times
    42.192.95.184: 6 times
    42.192.121.172: 5 times
    42.192.154.20: 16 times
    42.192.213.172: 9 times
    42.193.110.36: 1 time
    43.226.69.100: 7 times
    47.254.237.16: 8 times
    49.232.48.213: 2 times
    49.233.63.23: 7 times
    49.233.181.31: 9 times
    54.179.137.47 (ec2-54-179-137-47.ap-southeast-1.compute.amazonaws.com): 1 time
    60.174.234.57: 8 times
    61.49.59.23: 6 times
    61.98.205.218: 1 time
    62.57.185.15 (62.57.185.15.dyn.user.ono.com): 6 times
    62.234.124.104: 4 times
    63.250.40.180: 12 times
    68.183.88.166: 6 times
    68.183.229.218: 10 times
    69.47.161.218 (d47-69-218-161.try.wideopenwest.com): 13 times
    80.99.136.140 (catv-80-99-136-140.catv.broadband.hu): 8 times
    80.229.18.62 (maryfindlay.plus.com): 9 times
    81.68.251.58: 8 times
    81.70.34.75: 6 times
    81.70.101.137: 4 times
    81.70.173.185: 11 times
    81.71.139.210: 1 time
    82.156.22.138: 16 times
    84.3.59.133 (54033B85.catv.pool.telekom.hu): 14 times
    94.137.136.45: 7 times
    101.66.172.72: 3 times
    103.23.100.87: 2 times
    103.231.46.66: 5 times
    103.237.145.182: 5 times
    104.131.106.209: 8 times
    104.236.48.174: 10 times
    104.248.79.138: 3 times
    106.12.38.109: 1 time
    106.12.51.80: 9 times
    106.53.97.54: 6 times
    106.54.236.226: 2 times
    106.55.21.141: 4 times
    106.55.168.150: 7 times
    106.55.239.96: 1 time
    106.75.253.6: 11 times
    111.13.102.171: 8 times
    111.93.4.46 (static-46.4.93.111-tataidc.co.in): 4 times
    111.229.187.216: 5 times
    111.231.59.18: 1 time
    111.231.241.201: 4 times
    112.51.24.191: 1 time
    112.78.177.42: 5 times
    113.65.208.104: 5 times
    113.105.131.194: 6 times
    114.67.179.254: 10 times
    114.246.34.145: 4 times
    118.24.117.134: 9 times
    118.25.74.248: 2 times
    118.27.9.23 (v118-27-9-23.6lby.static.cnode.io): 3 times
    118.70.233.206: 10 times
    119.6.253.40: 24 times
    119.28.32.60: 8 times
    119.28.53.116: 10 times
    119.29.200.79: 11 times
    119.45.199.177: 5 times
    120.48.19.88: 4 times
    120.53.2.190: 8 times
    120.92.110.194: 14 times
    120.92.132.245: 6 times
    121.4.201.5: 7 times
    121.4.235.63: 9 times
    121.226.44.31: 9 times
    123.139.156.3: 5 times
    124.205.84.15: 8 times
    128.199.137.91: 8 times
    128.199.141.33: 4 times
    129.146.171.254: 2 times
    129.211.188.162: 10 times
    129.226.138.179: 9 times
    132.232.84.44: 14 times
    134.175.227.48: 4 times
    134.209.174.35: 3 times
    138.68.72.167: 9 times
    138.197.107.103: 10 times
    139.155.24.139: 4 times
    139.186.141.171: 1 time
    143.110.225.133: 9 times
    144.7.116.1: 6 times
    148.72.212.161 (ip-148-72-212-161.ip.secureserver.net): 17 times
    150.138.117.36: 10 times
    152.67.165.129: 6 times
    152.136.213.45: 4 times
    157.230.251.115: 4 times
    157.245.108.35: 1 time
    159.75.2.130: 3 times
    159.75.203.31: 1 time
    159.89.105.53: 16 times
    165.22.121.56 (qsimh.com): 8 times
    165.227.196.229: 10 times
    167.71.102.201: 7 times
    168.138.236.77: 1 time
    170.106.142.211: 1 time
    170.233.120.21: 3 times
    172.81.235.238: 11 times
    176.111.173.205: 24 times
    178.62.7.30: 10 times
    178.128.184.213: 5 times
    178.128.215.76: 5 times
    180.76.146.239: 10 times
    181.49.50.202: 8 times
    182.151.16.46: 7 times
    182.254.240.238: 17 times
    186.16.209.222 (pool-222-209-16-186.telecel.com.py): 1 time
    186.134.18.107 (186-134-18-107.speedy.com.ar): 6 times
    190.252.184.237: 7 times
    193.112.202.61: 6 times
    193.112.208.73: 9 times
    201.62.54.96 (static-201-62-54-96.v4.naclick.com.br): 1 time
    203.150.102.162 (162.102.150.203.sta.inet.co.th): 8 times
    206.189.128.215: 1 time
    206.189.138.99: 8 times
    211.108.69.103: 7 times
    211.161.60.21: 5 times
    211.253.10.96: 6 times
    213.59.135.87 (ip-213.59.135.87.lipetsk.zelenaya.net): 8 times
    218.108.16.41: 8 times
    219.131.193.180: 6 times
    220.181.58.12: 18 times

 Illegal users from:
    undef: 1823 times
    1.224.108.234: 2 times
    2.57.122.18: 1 time
    8.209.73.223: 21 times
    14.46.17.140: 27 times
    14.63.185.80: 26 times
    14.98.82.230 (static-230.82.98.14-tataidc.co.in): 11 times
    23.101.112.231: 27 times
    40.84.137.248: 23 times
    42.84.33.188: 3 times
    42.192.95.184: 21 times
    42.192.121.172: 15 times
    42.192.154.20: 26 times
    42.192.213.172: 27 times
    43.226.69.100: 10 times
    45.130.60.26: 1 time
    45.153.160.140: 1 time
    47.254.237.16: 24 times
    49.232.48.213: 29 times
    49.233.63.23: 25 times
    49.233.181.31: 28 times
    49.235.172.41: 5 times
    54.179.137.47 (ec2-54-179-137-47.ap-southeast-1.compute.amazonaws.com): 9 times
    60.174.234.57: 25 times
    61.49.59.23: 31 times
    62.57.185.15 (62.57.185.15.dyn.user.ono.com): 26 times
    62.234.15.136: 1 time
    62.234.124.104: 26 times
    63.250.40.180: 20 times
    65.49.20.66 (scan-17.shadowserver.org): 1 time
    68.183.88.166: 27 times
    68.183.229.218: 16 times
    69.47.161.218 (d47-69-218-161.try.wideopenwest.com): 24 times
    72.10.140.123 (testjn-140-123.cust.b2b2c.ca): 1 time
    77.6.81.28 (dynamic-077-006-081-028.77.6.pool.telefonica.de): 2 times
    80.99.136.140 (catv-80-99-136-140.catv.broadband.hu): 21 times
    80.229.18.62 (maryfindlay.plus.com): 22 times
    81.68.251.58: 25 times
    81.70.34.75: 11 times
    81.70.101.137: 25 times
    81.70.173.185: 22 times
    81.71.139.210: 7 times
    82.156.22.138: 25 times
    84.3.59.133 (54033B85.catv.pool.telekom.hu): 21 times
    91.192.136.43: 1 time
    92.136.193.216 (apoitiers-654-1-90-216.w92-136.abo.wanadoo.fr): 2 times
    94.137.136.45: 25 times
    99.46.1.60 (99-46-1-60.lightspeed.mssnks.sbcglobal.net): 2 times
    101.66.172.72: 11 times
    103.23.100.87: 7 times
    103.231.46.66: 28 times
    103.237.145.182: 26 times
    104.131.106.209: 24 times
    104.236.48.174: 25 times
    104.248.79.138: 3 times
    106.12.38.109: 7 times
    106.12.51.80: 28 times
    106.53.97.54: 25 times
    106.54.236.226: 12 times
    106.55.21.141: 18 times
    106.55.168.150: 23 times
    106.55.239.96: 6 times
    106.75.253.6: 22 times
    111.13.102.171: 32 times
    111.93.4.46 (static-46.4.93.111-tataidc.co.in): 26 times
    111.229.187.216: 33 times
    111.229.211.66: 1 time
    111.231.59.18: 2 times
    111.231.241.201: 29 times
    112.29.149.206: 1 time
    112.51.24.191: 13 times
    112.78.177.42: 9 times
    113.65.208.104: 15 times
    113.105.131.194: 26 times
    114.67.179.254: 29 times
    114.246.34.145: 23 times
    118.24.117.134: 26 times
    118.25.74.248: 26 times
    118.27.9.23 (v118-27-9-23.6lby.static.cnode.io): 26 times
    118.70.233.206: 26 times
    119.6.253.40: 61 times
    119.28.32.60: 23 times
    119.28.53.116: 28 times
    119.29.200.79: 23 times
    119.45.199.177: 23 times
    120.48.19.88: 29 times
    120.53.2.190: 20 times
    120.92.110.194: 27 times
    120.92.132.245: 26 times
    121.4.201.5: 26 times
    121.4.235.63: 25 times
    121.121.149.233: 4 times
    121.226.44.31: 20 times
    123.139.156.3: 15 times
    124.205.84.15: 23 times
    128.199.137.91: 27 times
    128.199.141.33: 28 times
    129.28.154.240: 1 time
    129.146.171.254: 25 times
    129.211.188.162: 24 times
    129.226.138.179: 32 times
    132.232.84.44: 21 times
    134.175.227.48: 11 times
    134.209.174.35: 3 times
    138.68.72.167: 26 times
    138.128.114.216 (ec39f.zethasknorsea.info): 1 time
    138.197.107.103: 17 times
    139.155.24.139: 26 times
    143.110.225.133: 27 times
    144.7.116.1: 24 times
    148.72.212.161 (ip-148-72-212-161.ip.secureserver.net): 27 times
    150.138.117.36: 27 times
    150.158.214.155: 1 time
    152.67.165.129: 19 times
    152.136.204.118: 1 time
    152.136.213.45: 22 times
    157.230.251.115: 27 times
    159.75.2.130: 28 times
    159.89.105.53: 23 times
    165.22.73.254: 3 times
    165.22.121.56 (qsimh.com): 29 times
    165.227.196.229: 27 times
    167.71.102.201: 29 times
    170.106.153.18: 1 time
    172.81.235.238: 24 times
    176.111.173.205: 41 times
    178.25.115.69 (ipb2197345.dynamic.kabel-deutschland.de): 2 times
    178.62.7.30: 25 times
    178.128.31.3: 1 time
    178.128.184.213: 27 times
    178.128.215.76: 10 times
    179.43.80.6 (mc0-ip7.mcperu.pe): 1 time
    180.76.146.239: 25 times
    181.49.50.202: 25 times
    181.143.228.174 (static-181-143-228-174.une.net.co): 1 time
    181.143.232.91 (iteco.com.co): 1 time
    182.16.240.238 (ip-182-16-240-238.interlink.net.id): 1 time
    182.151.16.46: 30 times
    182.254.151.198: 6 times
    182.254.240.238: 17 times
    187.9.78.166 (187-9-78-166.customer.tdatabrasil.net.br): 1 time
    190.252.184.237: 28 times
    192.42.116.28 (this-is-a-tor-exit-node-hviv128.hviv.nl): 1 time
    193.112.202.61: 25 times
    193.112.208.73: 19 times
    200.216.31.20: 1 time
    202.70.87.193: 1 time
    203.150.102.162 (162.102.150.203.sta.inet.co.th): 16 times
    206.189.128.215: 14 times
    206.189.138.99: 33 times
    211.108.69.103: 28 times
    211.161.60.21: 20 times
    211.253.10.96: 21 times
    212.47.229.4 (tor-exit.angarod.net): 1 time
    213.59.135.87 (ip-213.59.135.87.lipetsk.zelenaya.net): 25 times
    213.202.233.34 (srv1033.dedicated.server-hosting.expert): 1 time
    218.108.16.41: 29 times
    219.91.153.198 (198-153-91-219.static.youbroadband.in): 1 time
    219.131.193.180: 25 times
    220.181.58.12: 22 times

 **Unmatched Entries**
 Protocol major versions differ for 138.128.114.216: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3
vs. SSH-1.5-NmapNSE_1.0 : 1 time(s)
 Protocol major versions differ for 138.128.114.216: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3
vs. SSH-1.5-Nmap-SSH1-Hostkey : 1 time(s)
 fatal: Unable to negotiate a key exchange method [preauth] : 2 time(s)
 Protocol major versions differ for 45.130.60.26: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3
vs. SSH-1.5-NmapNSE_1.0 : 1 time(s)
 Protocol major versions differ for 45.130.60.26: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3
vs. SSH-1.5-Nmap-SSH1-Hostkey : 1 time(s)

 ---------------------- SSHD End ------------------------- 

 --------------------- Disk Space Begin ------------------------ 

 Filesystem         Size  Used Avail Use% Mounted on
 /dev/ploop47755p1  394G  242G  132G  65% /
 none               4.0G     0  4.0G   0% /dev

 ---------------------- Disk Space End ------------------------- 

 ###################### Logwatch End ######################### 

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

[TOPF] Logwatch for h2361197.stratoserver.net (Linux)