04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Sat Mar 30 04:42:03 2024
Date Range Processed: yesterday
( 2024-Mar-29 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [ 16:16 ]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
Connection attempts using mod_proxy:
87.121.69.52 -> google.com:443: 2 Time(s)
A total of 6 sites probed the server
118.123.105.93
151.236.219.123
198.199.110.61
198.199.116.116
198.235.24.121
65.49.1.32
Requests with error response codes
400 Bad Request
null: 6 Time(s)
/: 5 Time(s)
google.com:443: 2 Time(s)
%: 1 Time(s)
/.env: 1 Time(s)
/cgi-bin/authLogin.cgi: 1 Time(s)
/query?q=SHOW+DIAGNOSTICS: 1 Time(s)
/solr/admin/cores?action=STATUS&wt=json: 1 Time(s)
/solr/admin/info/system: 1 Time(s)
/v2/_catalog: 1 Time(s)
12.1.2: 1 Time(s)
1W\xFC\xD1\x9A\xA3\x03vD\xE8s\x06\x8CP\xE7 ... x09\xC0\x13\xC0: 1 Time(s)
J\x22\x7F\xFA\x16E\xD7FZ\xE6Jj\xED\x8B\xD8 ... x09\xC0\x13\xC0: 1 Time(s)
L\xDC\xD6@\x12\xD4\x851\x00\x00: 1 Time(s)
\x10K\xF2;\x89\x1E\x00+h\x0E\x97\xE2+n: 1 Time(s)
\x97H\x04\xAE\x94d\xD5\x0C(J\xB0P`\xCEuWt3 ... 3\xB2\x058\xDFQ: 1 Time(s)
\x9C\x89\x80]\xCD\xB2\xE2J\xC7d\xAExA8\xE2 ... x00\x01\x02\x00: 1 Time(s)
\xA3\x03\x1A\xBFO\x90h$\xBFC\x03\x01\xA4\x ... x09\xC0\x13\xC0: 1 Time(s)
\xCA\xE3}f%\xE5\x90E(u\x86\x16\x1C\x85\xFC ... x09\xC0\x13\xC0: 1 Time(s)
\xED\xDDpO<\xAC\xA1HB})\xAE\xAF*\x161\x802 ... x09\xC0\x13\xC0: 1 Time(s)
mstshash=Administr: 1 Time(s)
x\xAFU\x0C\x7F\x12f\xB7\xB2\x85\xAE?4\xF7E ... x09\xC0\x13\xC0: 1 Time(s)
500 Internal Server Error
/: 17 Time(s)
/favicon.ico: 4 Time(s)
/.env: 2 Time(s)
/cgi-bin/luci/;stok=/locale?form=country&o ... 20.%2Ftenda.sh): 2 Time(s)
/.git/config: 1 Time(s)
/HNAP1: 1 Time(s)
/RDWeb/Pages/: 1 Time(s)
/evox/about: 1 Time(s)
/geoserver/web/: 1 Time(s)
/nmaplowercheck1711675449: 1 Time(s)
/robots.txt: 1 Time(s)
/sdk: 1 Time(s)
/sitemap.xml: 1 Time(s)
/webui/: 1 Time(s)
502 Bad Gateway
/0UvGs4_tS96nBJR8_3s22w/pdf: 1 Time(s)
/4MXgyPY_SmK3ZPjFnq1udw/pdf: 1 Time(s)
/5VuR_cJwQHG8RKBmlDNsmQ/pdf: 1 Time(s)
/7jwd27jqSqyTeQN-crCNpQ/pdf: 1 Time(s)
/DigitalZaPF:Selbsthilfe_in_Zeiten_von_Corona/pdf: 1 Time(s)
/LXfQG2qcTpSj_0d9YLsf0g/pdf: 1 Time(s)
/O2CAPBprSRO1hR9J52_r_w/pdf: 1 Time(s)
/O_PWvHQ6ThS_0LBdh9LDJQ/pdf: 1 Time(s)
/StAPF18,6:FSAntworten_auf_resos/pdf: 1 Time(s)
/Studirendenwerk/pdf: 1 Time(s)
/Xu_AkwRlSSCs-QwgS4RjuA/pdf: 1 Time(s)
/YsmARieUTPGHR1-N837aTg/pdf: 1 Time(s)
/ZK2RBX4fRciSlr-ZKLFXcw/pdf: 1 Time(s)
/akkreditierungsworkshop/pdf: 1 Time(s)
/berlin17_ak_bafoeg/pdf: 1 Time(s)
/berlin17_ak_physik_nebenfaechler/pdf: 1 Time(s)
/berlin17_ak_pratikum_2_0_bu/pdf: 1 Time(s)
/digitalklausurtagung/pdf: 1 Time(s)
/eRS1_n_IRVirXNN_X4ryVQ/pdf: 1 Time(s)
/klausurtagung_garching%3E/pdf: 1 Time(s)
/sose17_bama1/pdf: 1 Time(s)
/sose20_protokoll_awareness_spiel/pdf: 1 Time(s)
/sq0-cswPQGi9pvVdOpDdOA/pdf: 1 Time(s)
/u24dL2y8RIGSpTp_YM-pCQ/pdf: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (183.81.169.238): 32 Time(s)
root (103.36.84.194): 30 Time(s)
unknown (212.70.149.150): 16 Time(s)
root (179.43.180.106): 13 Time(s)
unknown (fixed-186-96-145-241.totalplay.net): 12 Time(s)
root (47.236.175.136): 7 Time(s)
root (113.106.88.146): 6 Time(s)
root (171.217.93.19): 6 Time(s)
root (208.65.84.203): 6 Time(s)
unknown (175.205.160.137): 3 Time(s)
unknown (185.11.61.88): 3 Time(s)
unknown (62.122.184.252): 3 Time(s)
root (212.70.149.150): 2 Time(s)
unknown (185.196.8.151): 2 Time(s)
unknown (36.139.63.59): 2 Time(s)
unknown (95.179.122.132): 2 Time(s)
root (185.11.61.88): 1 Time(s)
unknown (45.55.35.178): 1 Time(s)
Invalid Users:
Unknown Account: 44 Time(s)
systemd-user:
Unknown Entries:
session opened for user root by (uid=0): 1 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
1 Miscellaneous warnings
17.952K Bytes accepted 18,383
17.952K Bytes sent via SMTP 18,383
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
15 Connections
6 Connections lost (inbound)
15 Disconnections
1 Removed from queue
1 Sent via SMTP
1 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- rsyslogd Begin ------------------------
**** Unmatched entries ****
[origin software="rsyslogd" swVersion="8.4.2"
x-pid="226" x-info="http://www.rsyslog.com"] exiting on signal 15. : 1
Times
---------------------- rsyslogd End -------------------------
--------------------- Connections (secure-log) Begin ------------------------
**Unmatched Entries**
systemd-logind: New seat seat0.: 1 Time(s)
---------------------- Connections (secure-log) End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
SSHD Started: 2 Time(s)
Failed logins from:
47.236.175.136: 7 times
103.36.84.194: 30 times
113.106.88.146: 6 times
171.217.93.19: 6 times
179.43.180.106 (hostedby.privatelayer.com): 13 times
183.81.169.238: 32 times
185.11.61.88: 1 time
208.65.84.203 (server-by.c1vhosting.it): 6 times
212.70.149.150: 2 times
Illegal users from:
undef: 20 times
36.139.63.59: 4 times
45.55.35.178: 1 time
62.122.184.252: 3 times
82.156.167.244: 1 time
95.179.122.132 (X132.bbn2-122.lipetsk.ru): 2 times
175.205.160.137: 4 times
185.11.61.88: 3 times
185.196.8.151: 2 times
186.96.145.241 (fixed-186-96-145-241.totalplay.net): 12 times
212.70.149.150: 16 times
Users logging in through sshd:
root:
77.12.216.250 (dynamic-077-012-216-250.77.12.pool.telefonica.de): 1 time
**Unmatched Entries**
Disconnecting: Protocol error: expected packet type 21, got 20 [preauth] : 1 time(s)
Bad packet length 734012632. [preauth] : 1 time(s)
Disconnecting: Packet corrupt [preauth] : 1 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/ploop17333p1 394G 243G 132G 65% /
none 4.0G 0 4.0G 0% /dev
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################