################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Sun Mar 31 04:42:02 2024 Date Range Processed: yesterday ( 2024-Mar-30 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 53:52 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 193.111.248.5 -> api64.ipify.org:443: 2 Time(s) 80.75.212.75 -> api64.ipify.org:443: 5 Time(s) 87.121.69.52 -> google.com:443: 4 Time(s) A total of 7 sites probed the server 107.170.243.8 138.68.136.152 162.243.142.57 198.199.119.89 64.62.197.175 78.153.140.179 84.252.74.36 Requests with error response codes 400 Bad Request null: 9 Time(s) api64.ipify.org:443: 7 Time(s) /: 5 Time(s) google.com:443: 4 Time(s) *: 2 Time(s) .: 1 Time(s) /manager/text/list: 1 Time(s) QQ\xD9\xF3\x9Dj9\x9D\x87I\x86;\x89\xAB\xAD ... x09\xC0\x13\xC0: 1 Time(s) \x01\x00\x01\x1C\x03\x03\xA0DFuf\x1EWR\xA6 ... Ek\xAFn\xD2\x98: 1 Time(s) \x01\x00\x01\x1C\x03\x03\xC6])\x8E\xBB\xAA ... 9\x96\x06-i\xD1: 1 Time(s) \x8F\xAC[[\xB0f\xC7\x17\xB5\xF3\xB7\xFC\xD ... x09\xC0\x13\xC0: 1 Time(s) \x9F\xD2\x10\xC7\xA4ck\xC3\x8C\x19\xA30\x8 ... x09\xC0\x13\xC0: 1 Time(s) \xA5\xE5\x04\xE1\xBA!\xF3\xE9\xE9JV\x05\x0 ... C0$\xC0\x14\xC0: 1 Time(s) \xC68TqiW\x15\x91di\xF2\xF9\xEB\x8C\xDB\xB ... x09\xC0\x13\xC0: 1 Time(s) \xD2\xAAdi\x11\xDB\xF4G.\xDA\x88\xAA/\xA6] ... x09\xC0\x13\xC0: 1 Time(s) \xFEM\xB5\x82SJ/\xE2^\x8D`\xA8ew\xBE\x03\x ... A0v\x18\xF5\xAA: 1 Time(s) mstshash=: 1 Time(s) mstshash=Administr: 1 Time(s) 403 Forbidden /FrcS3CFURGOhH8IZnOVeEw: 1 Time(s) 404 Not Found /wp-content/plugins/wp-automatic/js/main-front.js: 1 Time(s) 500 Internal Server Error /: 17 Time(s) /cgi-bin/luci/;stok=/locale?form=country&o ... 20.%2Ftenda.sh): 8 Time(s) /.env: 2 Time(s) /.git/config: 2 Time(s) /dqgqoeCXckuwPtxov: 2 Time(s) /favicon.ico: 2 Time(s) /.well-known/security.txt: 1 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /RDWeb/Pages/: 1 Time(s) /actuator/health: 1 Time(s) /ajax: 1 Time(s) /config.ini: 1 Time(s) /geoserver/web/: 1 Time(s) /login: 1 Time(s) /robots.txt: 1 Time(s) /webui/: 1 Time(s) 502 Bad Gateway /DigitalZaPF:Anforderungen_an_psychologisc ... ungsstellen/pdf: 1 Time(s) /WS22_nachhaltigkeitsresolution/pdf: 1 Time(s) /bibundlern/pdf: 1 Time(s) /features/pdf: 1 Time(s) /reso_abschlussarbeiten/pdf: 1 Time(s) /slide-example/pdf: 1 Time(s) /yaml-metadata/pdf: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (223.111.168.11): 48 Time(s) root (183.81.169.238): 47 Time(s) root (103.36.84.194): 42 Time(s) root (179.43.180.106): 32 Time(s) unknown (212.70.149.150): 27 Time(s) root (218.92.0.43): 24 Time(s) root (218.92.0.45): 18 Time(s) unknown (fixed-186-96-145-241.totalplay.net): 18 Time(s) root (218.92.0.28): 12 Time(s) root (218.92.0.51): 12 Time(s) root (218.92.0.52): 12 Time(s) root (218.92.0.55): 11 Time(s) root (113.106.88.146): 6 Time(s) root (171.217.93.19): 6 Time(s) root (218.92.0.47): 6 Time(s) root (218.92.0.59): 6 Time(s) root (47.236.179.153): 6 Time(s) root (61.72.41.94): 6 Time(s) root (86-63-218-110.client.rionet.cz): 6 Time(s) unknown (96.88.139.138): 6 Time(s) root (218.147.183.177): 5 Time(s) unknown (185.196.8.151): 5 Time(s) unknown (222.111.228.155): 5 Time(s) root (212.70.149.150): 4 Time(s) unknown (175.202.106.205): 4 Time(s) unknown (185.224.128.34): 4 Time(s) root (183.98.107.63): 3 Time(s) unknown (112.163.53.106): 3 Time(s) unknown (121.129.177.87): 3 Time(s) unknown (139.59.91.160): 3 Time(s) unknown (158.160.32.99): 3 Time(s) unknown (121.149.240.79): 2 Time(s) unknown (185.11.61.88): 2 Time(s) unknown (62.122.184.252): 2 Time(s) postgres (139.59.91.160): 1 Time(s) postgres (158.160.32.99): 1 Time(s) root (185.226.106.138): 1 Time(s) root (193.222.96.178): 1 Time(s) root (36.110.228.254): 1 Time(s) unknown (193.222.96.178): 1 Time(s) unknown (209.97.157.165): 1 Time(s) unknown (212.154.7.246): 1 Time(s) unknown (45.55.35.178): 1 Time(s) unknown (static-n49-176-220-21.mrk2.qld.optusnet.com.au): 1 Time(s) Invalid Users: Unknown Account: 92 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 1 Miscellaneous warnings 8.827K Bytes accepted 9,039 8.827K Bytes sent via SMTP 9,039 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 3 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 3 Total 4xx Rejects 100.00% ======== ================================================== 29 Connections 24 Connections lost (inbound) 29 Disconnections 1 Removed from queue 1 Sent via SMTP 2 SMTP dialog errors 2 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: invalid : 2 Time(s) root : 20 Time(s) Failed logins from: 36.110.228.254: 1 time 47.236.179.153: 6 times 61.72.41.94: 6 times 86.63.218.110 (86-63-218-110.client.rionet.cz): 6 times 103.36.84.194: 42 times 113.106.88.146: 6 times 139.59.91.160: 1 time 158.160.32.99: 1 time 171.217.93.19: 6 times 179.43.180.106 (hostedby.privatelayer.com): 32 times 183.81.169.238: 47 times 183.98.107.63: 4 times 185.226.106.138 (sky.net): 1 time 193.222.96.178: 1 time 212.70.149.150: 4 times 218.92.0.28: 12 times 218.92.0.43: 24 times 218.92.0.45: 18 times 218.92.0.47: 6 times 218.92.0.51: 12 times 218.92.0.52: 12 times 218.92.0.55: 11 times 218.92.0.59: 6 times 218.147.183.177: 6 times 223.111.168.11: 48 times Illegal users from: 2001:470:1:332::5 (scan-39af.shadowserver.org): 1 time undef: 20 times 43.134.92.159: 1 time 45.55.35.178: 1 time 49.176.220.21 (static-n49-176-220-21.mrk2.qld.optusnet.com.au): 1 time 62.122.184.252: 2 times 65.49.1.38 (scan-54a.shadowserver.org): 1 time 96.88.139.138 (96-88-139-138-static.hfc.comcastbusiness.net): 6 times 112.163.53.106: 3 times 121.129.177.87: 3 times 121.149.240.79: 2 times 139.59.91.160: 3 times 158.160.32.99: 3 times 175.202.106.205: 4 times 185.11.61.88: 2 times 185.196.8.151: 5 times 185.224.128.34: 4 times 186.96.145.241 (fixed-186-96-145-241.totalplay.net): 18 times 193.222.96.178: 1 time 209.97.157.165: 1 time 212.70.149.150: 27 times 212.154.7.246 (246.7.154.212.dsl.static.turk.net): 1 time 222.111.228.155: 6 times **Unmatched Entries** Disconnecting: Protocol error: expected packet type 21, got 20 [preauth] : 3 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop17333p1 394G 243G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################