[TOPF] Logwatch for h2361197.stratoserver.net (Linux)

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Tue Jun 4 04:42:03 2024 Date Range Processed: yesterday ( 2024-Jun-03 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 47:47 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 141.98.11.79 -> google.com:443: 1 Time(s) 87.121.69.52 -> google.com:443: 3 Time(s) A total of 6 sites probed the server 107.170.247.15 172.168.41.181 174.138.61.44 35.203.211.205 45.83.66.180 65.49.20.68 Requests with error response codes 400 Bad Request null: 9 Time(s) google.com:443: 4 Time(s) *: 3 Time(s) /manager/html: 1 Time(s) /manager/text/list: 1 Time(s) LM: 1 Time(s) \x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x ... x00\x00\x00\x00: 1 Time(s) \x16\xB7\x8C]a\xE8H\x10\x97\xBF\xCD\xFE\x1 ... 0\xCB3\x86r\xAC: 1 Time(s) \x84\xB4,\x85\xAFn\xE3Y\xBBbhl\xFF(=':\xA9 ... B9\x90\x00(\xC0: 1 Time(s) \xB8\xB6\xEF\xB6\x18g\xA2\x11\xD5\x03\xDBD ... x09\xC0\x13\xC0: 1 Time(s) mstshash=Administr: 1 Time(s) 499 (undefined) /.env: 1 Time(s) 500 Internal Server Error /: 9 Time(s) /clients/MyCRL: 2 Time(s) /.env: 1 Time(s) /.git/config: 1 Time(s) /actuator/health: 1 Time(s) /api/.git/config: 1 Time(s) /app/.git/config: 1 Time(s) 502 Bad Gateway /Z7JgFtprRTu4mj0ux-SJ3w/pdf: 1 Time(s) /w1op49QpSGyk43xo0up_Aw/pdf: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: unknown (134.122.124.61): 60 Time(s) root (134.122.124.61): 43 Time(s) root (183.81.169.238): 30 Time(s) root (201.20.117.198): 15 Time(s) unknown (170.64.198.102): 12 Time(s) unknown (129.226.147.70): 9 Time(s) unknown (139.59.25.164): 9 Time(s) unknown (199.229.221.240): 9 Time(s) unknown (43.131.232.74): 9 Time(s) unknown (43.134.230.45): 9 Time(s) unknown (43.163.222.249): 9 Time(s) unknown (43.224.48.86): 9 Time(s) unknown (78.161.200.177.netflexisp.com.br): 9 Time(s) unknown (82.145.31.212): 9 Time(s) unknown (smtp.enternetprovedor.com.br): 9 Time(s) unknown (vmi1785751.contaboserver.net): 9 Time(s) unknown (24.199.124.106): 8 Time(s) unknown (43.133.47.86): 8 Time(s) unknown (85.209.11.27): 7 Time(s) root (43.163.214.214): 6 Time(s) unknown (121.185.234.165): 5 Time(s) unknown (194.169.175.36): 5 Time(s) unknown (194.169.175.35): 4 Time(s) unknown (43.163.214.214): 4 Time(s) unknown (85.209.11.254): 4 Time(s) root (194.169.175.35): 2 Time(s) root (194.169.175.36): 2 Time(s) unknown (111.91.178.253): 2 Time(s) unknown (142.188.146.86): 2 Time(s) unknown (146.190.172.36): 2 Time(s) backup (203.63.46.34): 1 Time(s) nobody (ip-4c95.sunline.net.ua): 1 Time(s) postgres (111.91.178.253): 1 Time(s) root (111.91.178.253): 1 Time(s) root (199.229.221.240): 1 Time(s) root (221.191.228.35.bc.googleusercontent.com): 1 Time(s) root (85.209.11.27): 1 Time(s) root (pool-100-8-84-162.nwrknj.fios.verizon.net): 1 Time(s) unknown (103.115.117.64): 1 Time(s) unknown (110.175.70.18): 1 Time(s) unknown (111.sub-166-145-64.myvzw.com): 1 Time(s) unknown (114.67.186.49): 1 Time(s) unknown (115.88.121.73): 1 Time(s) unknown (125.135.16.205): 1 Time(s) unknown (128.red-83-37-128.dynamicip.rima-tde.net): 1 Time(s) unknown (159.65.154.96): 1 Time(s) unknown (188.168.12.14): 1 Time(s) unknown (221.159.56.220): 1 Time(s) unknown (222.173.82.198): 1 Time(s) unknown (234.134.220.111.sta.wbroadband.net.au): 1 Time(s) unknown (31.146.45.85): 1 Time(s) unknown (45.127.45.255): 1 Time(s) unknown (67-200-135-46.static.logixcom.net): 1 Time(s) unknown (c-98-52-116-108.hsd1.il.comcast.net): 1 Time(s) unknown (c188-149-58-162.bredband.tele2.se): 1 Time(s) unknown (n1164946198.netvigator.com): 1 Time(s) unknown (syn-096-010-249-114.biz.spectrum.com): 1 Time(s) unknown (syn-172-223-231-064.res.spectrum.com): 1 Time(s) Invalid Users: Unknown Account: 242 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 3 Miscellaneous warnings 9 Connections 5 Connections lost (inbound) 9 Disconnections ---------------------- Postfix End ------------------------- --------------------- Connections (secure-log) Begin ------------------------ **Unmatched Entries** systemd-logind: New seat seat0.: 1 Time(s) ---------------------- Connections (secure-log) End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ SSHD Started: 2 Time(s) Failed logins from: 35.228.191.221 (221.191.228.35.bc.googleusercontent.com): 1 time 43.163.214.214: 6 times 85.209.11.27: 1 time 94.45.76.149 (ip-4c95.sunline.net.ua): 1 time 100.8.84.162 (pool-100-8-84-162.nwrknj.fios.verizon.net): 1 time 111.91.178.253: 2 times 134.122.124.61: 43 times 183.81.169.238: 30 times 194.169.175.35: 2 times 194.169.175.36: 2 times 199.229.221.240: 1 time 201.20.117.198 (201-20-117-198.mobtelecom.com.br): 15 times 203.63.46.34: 1 time Illegal users from: 2001:470:1:c84::23 (scan-13p.shadowserver.org): 1 time 2a02:d480:4c0:10b4:42::7 (inet-research-scan-7.mpi-inf.mpg.de): 10 times undef: 152 times 24.199.124.106: 8 times 31.146.45.85: 1 time 43.131.232.74: 9 times 43.133.47.86: 8 times 43.134.230.45: 9 times 43.163.214.214: 4 times 43.163.222.249: 9 times 43.224.48.86: 9 times 45.127.45.255: 1 time 64.62.197.168 (scan-49b.shadowserver.org): 1 time 67.200.135.46 (67-200-135-46.static.logixcom.net): 1 time 70.77.225.190 (S010664777d9d1153.cg.shawcable.net): 1 time 82.145.31.212: 9 times 83.37.128.128 (128.red-83-37-128.dynamicip.rima-tde.net): 1 time 85.209.11.27: 8 times 85.209.11.254: 4 times 96.10.249.114 (syn-096-010-249-114.biz.spectrum.com): 1 time 98.52.116.108 (c-98-52-116-108.hsd1.il.comcast.net): 1 time 103.115.117.64: 1 time 110.175.70.18 (pandacapital.com.au): 1 time 111.91.178.253: 2 times 111.220.134.234 (234.134.220.111.sta.wbroadband.net.au): 1 time 114.67.186.49: 1 time 115.88.121.73: 1 time 116.49.46.198 (n1164946198.netvigator.com): 1 time 121.185.234.165: 5 times 125.135.16.205: 1 time 129.226.147.70: 9 times 134.122.124.61: 60 times 139.59.25.164: 9 times 142.188.146.86: 2 times 146.190.172.36: 2 times 149.129.240.234: 6 times 159.65.154.96: 1 time 160.20.186.237 (smtp.enternetprovedor.com.br): 9 times 166.145.64.111 (111.sub-166-145-64.myvzw.com): 1 time 170.64.198.102: 12 times 172.223.231.64 (syn-172-223-231-064.res.spectrum.com): 1 time 177.200.161.78 (78.161.200.177.netflexisp.com.br): 9 times 188.149.58.162 (c188-149-58-162.bredband.tele2.se): 1 time 188.168.12.14 (14.12.168.188.retail.ttk.ru): 1 time 194.163.132.107 (vmi1785751.contaboserver.net): 9 times 194.169.175.35: 5 times 194.169.175.36: 5 times 199.229.221.240: 9 times 221.159.56.220: 1 time 222.173.82.198: 1 time **Unmatched Entries** Disconnecting: Protocol error: expected packet type 21, got 20 [preauth] : 3 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop38839p1 394G 243G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################