Logwatch for h2361197.stratoserver.net (Linux)

Dienstag, 7 Mai 2024

 ################### Logwatch 7.4.0 (03/01/11) #################### 
        Processing Initiated: Tue May  7 04:42:03 2024
        Date Range Processed: yesterday
                              ( 2024-May-06 )
                              Period is day.
        Detail Level of Output: 0
        Type of Output/Format: mail / text
        Logfiles for Host: h2361197.stratoserver.net
 ################################################################## 

 --------------------- fail2ban-messages Begin ------------------------ 

 Banned services with Fail2Ban:				 Bans:Unbans
    ssh:                                                    [243:242]

 ---------------------- fail2ban-messages End ------------------------- 

 --------------------- httpd Begin ------------------------ 

 Connection attempts using mod_proxy:
    141.98.11.79 -> google.com:443: 1 Time(s)
    87.121.69.52 -> google.com:443: 2 Time(s)

 A total of 2 sites probed the server 
    198.199.119.123
    64.62.156.116

 Requests with error response codes
    400 Bad Request
       /: 3 Time(s)
       google.com:443: 3 Time(s)
       *: 2 Time(s)
       null: 2 Time(s)
       7: 1 Time(s)
       \xF0\xE7:\x8BK\x8B\xB0\x8A\xCA\xB7qw\xB4\x1F\xE4\x16\xB0: 1 Time(s)
       \xF5A\xF1r\xB3\x1CB\xB9\x94z:\x93\xAE: 1 Time(s)
       mstshash=Administr: 1 Time(s)
    500 Internal Server Error
       /: 10 Time(s)
       /.env: 1 Time(s)
       /ecp/Current/exporttool/microsoft.exchange ... ool.application: 1 Time(s)
       /favicon.ico: 1 Time(s)
       /robots.txt: 1 Time(s)
       /sitemap.xml: 1 Time(s)

 ---------------------- httpd End ------------------------- 

 --------------------- pam_unix Begin ------------------------ 

 sshd:
    Authentication Failures:
       root (183.81.169.238): 18 Time(s)
       unknown (104.250.50.49): 14 Time(s)
       unknown (218.55.114.89): 13 Time(s)
       root (179.43.180.108): 12 Time(s)
       unknown (104.250.49.108): 12 Time(s)
       unknown (143.255.140.129): 12 Time(s)
       unknown (186.67.248.6): 12 Time(s)
       unknown (102.220.23.35): 11 Time(s)
       unknown (110.49.76.244): 11 Time(s)
       unknown (118.194.232.111): 11 Time(s)
       unknown (139.198.104.138): 11 Time(s)
       unknown (194.169.175.35): 11 Time(s)
       unknown (61-231-91-79.dynamic-ip.hinet.net): 11 Time(s)
       unknown (1.13.248.53): 10 Time(s)
       unknown (122.51.45.37): 10 Time(s)
       unknown (58.56.23.210): 10 Time(s)
       unknown (1.55.33.86): 9 Time(s)
       unknown (103.140.219.142): 9 Time(s)
       unknown (107.175.111.46): 9 Time(s)
       unknown (109.32.167.72.host.secureserver.net): 9 Time(s)
       unknown (112.217.207.26): 9 Time(s)
       unknown (124.156.198.8): 9 Time(s)
       unknown (129.226.155.129): 9 Time(s)
       unknown (129.226.81.66): 9 Time(s)
       unknown (136.233.27.164): 9 Time(s)
       unknown (158.51.124.197): 9 Time(s)
       unknown (167.172.86.222): 9 Time(s)
       unknown (168.167.228.74): 9 Time(s)
       unknown (179.185.90.114): 9 Time(s)
       unknown (185.218.139.228): 9 Time(s)
       unknown (185.29.121.106): 9 Time(s)
       unknown (189.45.198.38): 9 Time(s)
       unknown (206.189.121.231): 9 Time(s)
       unknown (43.133.62.215): 9 Time(s)
       unknown (43.134.186.17): 9 Time(s)
       unknown (43.134.95.210): 9 Time(s)
       unknown (43.135.172.115): 9 Time(s)
       unknown (43.156.153.186): 9 Time(s)
       unknown (43.157.11.195): 9 Time(s)
       unknown (43.159.46.253): 9 Time(s)
       unknown (43.163.237.109): 9 Time(s)
       unknown (49.249.83.115): 9 Time(s)
       unknown (5.182.26.91): 9 Time(s)
       unknown (64.227.114.107): 9 Time(s)
       unknown (64.227.131.100): 9 Time(s)
       unknown (64.23.169.150): 9 Time(s)
       unknown (68.183.17.85): 9 Time(s)
       unknown (h117-51.pool193-151.dyn.tolna.net): 9 Time(s)
       unknown (vps-9508d174.vps.ovh.net): 9 Time(s)
       unknown (vps-aac1ac7a.vps.ovh.net): 9 Time(s)
       unknown (103.171.84.43): 8 Time(s)
       unknown (107.173.153.212): 8 Time(s)
       unknown (111.67.198.176): 8 Time(s)
       unknown (118.193.68.241): 8 Time(s)
       unknown (119.45.181.50): 8 Time(s)
       unknown (128.1.132.44): 8 Time(s)
       unknown (129.226.157.206): 8 Time(s)
       unknown (129.226.158.246): 8 Time(s)
       unknown (131.186.19.116): 8 Time(s)
       unknown (134.122.114.194): 8 Time(s)
       unknown (139-177-179-83.ip.linodeusercontent.com): 8 Time(s)
       unknown (175.139.245.76): 8 Time(s)
       unknown (182.151.29.51): 8 Time(s)
       unknown (183.87.223.5): 8 Time(s)
       unknown (191.7.159.192): 8 Time(s)
       unknown (194.169.175.36): 8 Time(s)
       unknown (43.128.111.113): 8 Time(s)
       unknown (43.134.72.167): 8 Time(s)
       unknown (43.153.229.30): 8 Time(s)
       unknown (43.153.43.145): 8 Time(s)
       unknown (62.234.50.209): 8 Time(s)
       unknown (67.205.190.61): 8 Time(s)
       unknown (82.157.193.14): 8 Time(s)
       unknown (vps-d05b247a.vps.ovh.net): 8 Time(s)
       unknown (1.15.155.17): 7 Time(s)
       unknown (110.238.73.12): 7 Time(s)
       unknown (129.226.210.126): 7 Time(s)
       unknown (159.65.41.104): 7 Time(s)
       unknown (178.62.194.205): 7 Time(s)
       unknown (43.134.97.219): 7 Time(s)
       unknown (43.153.119.179): 7 Time(s)
       unknown (43.153.177.56): 7 Time(s)
       unknown (vps-c3dafa63.vps.ovh.net): 7 Time(s)
       root (106.248.39.107): 6 Time(s)
       root (121.238.172.233): 6 Time(s)
       root (212.70.149.150): 6 Time(s)
       unknown (119.198.131.7): 6 Time(s)
       unknown (120.48.98.154): 6 Time(s)
       unknown (120.53.88.44): 6 Time(s)
       unknown (124.222.242.192): 6 Time(s)
       unknown (175.6.127.104): 6 Time(s)
       unknown (183.180.128.204.ap.gmobb-fix.jp): 6 Time(s)
       unknown (192.241.156.218): 6 Time(s)
       unknown (8.219.89.130): 6 Time(s)
       unknown (85.209.11.254): 6 Time(s)
       root (101.126.11.251): 5 Time(s)
       root (103.171.84.43): 5 Time(s)
       root (43.134.97.219): 5 Time(s)
       root (43.153.177.56): 5 Time(s)
       root (85.209.11.254): 5 Time(s)
       unknown (113.31.119.15): 5 Time(s)
       unknown (152.32.217.128): 5 Time(s)
       unknown (220.89.169.242): 5 Time(s)
       unknown (49.7.227.136): 5 Time(s)
       root (129.226.210.126): 4 Time(s)
       root (175.139.245.76): 4 Time(s)
       root (43.134.72.167): 4 Time(s)
       unknown (117.72.41.146): 4 Time(s)
       root (1.55.33.86): 3 Time(s)
       root (110.49.76.244): 3 Time(s)
       root (120.48.98.154): 3 Time(s)
       root (124.156.198.8): 3 Time(s)
       root (124.222.242.192): 3 Time(s)
       root (175.6.127.104): 3 Time(s)
       root (182.151.29.51): 3 Time(s)
       root (194.169.175.36): 3 Time(s)
       root (62.234.50.209): 3 Time(s)
       root (82.157.193.14): 3 Time(s)
       unknown (139.150.83.178): 3 Time(s)
       unknown (60.208.131.117): 3 Time(s)
       unknown (81.70.209.88): 3 Time(s)
       root (1.13.248.53): 2 Time(s)
       root (102.220.23.35): 2 Time(s)
       root (104.250.49.108): 2 Time(s)
       root (107.173.153.212): 2 Time(s)
       root (111.67.198.176): 2 Time(s)
       root (118.193.68.241): 2 Time(s)
       root (129.226.157.206): 2 Time(s)
       root (129.226.158.246): 2 Time(s)
       root (131.186.19.116): 2 Time(s)
       root (136.233.27.164): 2 Time(s)
       root (139-177-179-83.ip.linodeusercontent.com): 2 Time(s)
       root (143.255.140.129): 2 Time(s)
       root (183.87.223.5): 2 Time(s)
       root (191.7.159.192): 2 Time(s)
       root (194.169.175.35): 2 Time(s)
       root (43.128.111.113): 2 Time(s)
       root (43.134.95.210): 2 Time(s)
       root (43.135.172.115): 2 Time(s)
       root (43.153.119.179): 2 Time(s)
       root (43.153.229.30): 2 Time(s)
       root (43.157.11.195): 2 Time(s)
       root (61-231-91-79.dynamic-ip.hinet.net): 2 Time(s)
       root (64.227.114.107): 2 Time(s)
       root (68.183.17.85): 2 Time(s)
       root (vps-9508d174.vps.ovh.net): 2 Time(s)
       unknown (101.126.11.251): 2 Time(s)
       unknown (85.209.11.27): 2 Time(s)
       unknown (ecs-110-238-73-12.compute.hwclouds-dns.com): 2 Time(s)
       mail (62.234.50.209): 1 Time(s)
       postgres (183.87.223.5): 1 Time(s)
       root (1.15.155.17): 1 Time(s)
       root (107.175.111.46): 1 Time(s)
       root (120.53.88.44): 1 Time(s)
       root (122.51.45.37): 1 Time(s)
       root (129.226.155.129): 1 Time(s)
       root (129.226.81.66): 1 Time(s)
       root (134.122.114.194): 1 Time(s)
       root (152.32.217.128): 1 Time(s)
       root (158.51.124.197): 1 Time(s)
       root (159.65.41.104): 1 Time(s)
       root (167.172.86.222): 1 Time(s)
       root (178.62.194.205): 1 Time(s)
       root (185.29.121.106): 1 Time(s)
       root (189.45.198.38): 1 Time(s)
       root (192.241.156.218): 1 Time(s)
       root (206.189.121.231): 1 Time(s)
       root (218.55.114.89): 1 Time(s)
       root (43.133.62.215): 1 Time(s)
       root (43.134.186.17): 1 Time(s)
       root (43.153.43.145): 1 Time(s)
       root (43.159.46.253): 1 Time(s)
       root (43.163.237.109): 1 Time(s)
       root (49.249.83.115): 1 Time(s)
       root (49.7.227.136): 1 Time(s)
       root (5.182.26.91): 1 Time(s)
       root (58.56.23.210): 1 Time(s)
       root (60.208.131.117): 1 Time(s)
       root (64.227.131.100): 1 Time(s)
       root (64.23.169.150): 1 Time(s)
       root (67.205.190.61): 1 Time(s)
       root (ecs-110-238-73-12.compute.hwclouds-dns.com): 1 Time(s)
       root (vps-aac1ac7a.vps.ovh.net): 1 Time(s)
       root (vps-c3dafa63.vps.ovh.net): 1 Time(s)
       root (vps-d05b247a.vps.ovh.net): 1 Time(s)
       sshd (194.169.175.35): 1 Time(s)
       sshd (85.209.11.254): 1 Time(s)
       unknown (095-097-136-202.static.chello.nl): 1 Time(s)
    Invalid Users:
       Unknown Account: 814 Time(s)

 ---------------------- pam_unix End ------------------------- 

 --------------------- Postfix Begin ------------------------ 

        4   Miscellaneous warnings  

        1   4xx Reject relay denied                    100.00%
 --------   --------------------------------------------------
        1   Total 4xx Rejects                          100.00%
 ========   ==================================================

       57   Connections             
       10   Connections lost (inbound) 
       57   Disconnections          

        1   Hostname verification errors (FCRDNS) 

 ---------------------- Postfix End ------------------------- 

 --------------------- Connections (secure-log) Begin ------------------------ 

 **Unmatched Entries**
    systemd-logind: New seat seat0.: 1 Time(s)

 ---------------------- Connections (secure-log) End ------------------------- 

 --------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------ 

 Large Mailbox threshold: 40MB (41943040 bytes)
  Warning: Large mailbox: mailman.gz (1747199807)
  Warning: Large mailbox: mailman (235703599967)

 ---------------------- sendmail-largeboxes (large mail spool files) End
------------------------- 

 --------------------- SSHD Begin ------------------------ 

 SSHD Started: 2 Time(s)

 Disconnecting after too many authentication failures for user:
    invalid : 1 Time(s)
    root : 2 Time(s)

 Failed logins from:
    1.13.248.53: 2 times
    1.15.155.17: 1 time
    1.55.33.86: 3 times
    5.182.26.91: 1 time
    43.128.111.113: 2 times
    43.133.62.215: 1 time
    43.134.72.167: 4 times
    43.134.95.210: 2 times
    43.134.97.219: 5 times
    43.134.186.17: 1 time
    43.135.172.115: 2 times
    43.153.43.145: 1 time
    43.153.119.179: 2 times
    43.153.177.56: 5 times
    43.153.229.30: 2 times
    43.157.11.195: 2 times
    43.159.46.253: 1 time
    43.163.237.109: 1 time
    49.7.227.136: 1 time
    49.249.83.115 (static-115.83.249.49-tataidc.co.in): 1 time
    51.38.126.105 (vps-9508d174.vps.ovh.net): 2 times
    51.195.103.245 (vps-d05b247a.vps.ovh.net): 1 time
    51.195.138.37 (vps-c3dafa63.vps.ovh.net): 1 time
    58.56.23.210: 1 time
    60.208.131.117: 1 time
    61.231.91.79 (61-231-91-79.dynamic-ip.hinet.net): 2 times
    62.234.50.209: 4 times
    64.23.169.150: 1 time
    64.227.114.107: 2 times
    64.227.131.100: 1 time
    67.205.190.61: 1 time
    68.183.17.85: 2 times
    82.157.193.14: 3 times
    85.209.11.254: 6 times
    101.126.11.251: 5 times
    102.220.23.35: 2 times
    103.171.84.43 (ip103-171-84-43.cloudhost.web.id): 5 times
    104.250.49.108: 2 times
    106.248.39.107: 6 times
    107.173.153.212 (107-173-153-212-host.colocrossing.com): 2 times
    107.175.111.46 (107-175-111-46-host.colocrossing.com): 1 time
    110.49.76.244: 3 times
    110.238.73.12 (ecs-110-238-73-12.compute.hwclouds-dns.com): 1 time
    111.67.198.176: 2 times
    118.193.68.241: 2 times
    120.48.98.154: 3 times
    120.53.88.44: 1 time
    121.238.172.233: 6 times
    122.51.45.37: 1 time
    124.156.198.8: 3 times
    124.222.242.192: 3 times
    129.226.81.66: 1 time
    129.226.155.129: 1 time
    129.226.157.206: 2 times
    129.226.158.246: 2 times
    129.226.210.126: 4 times
    131.186.19.116: 2 times
    134.122.114.194: 1 time
    136.233.27.164: 2 times
    139.177.179.83 (139-177-179-83.ip.linodeusercontent.com): 2 times
    143.255.140.129 (143-255-140-129.giganet.net.py): 2 times
    152.32.217.128: 1 time
    158.51.124.197: 1 time
    159.65.41.104: 1 time
    167.172.86.222: 1 time
    175.6.127.104: 3 times
    175.139.245.76: 4 times
    178.62.194.205: 1 time
    179.43.180.108 (hostedby.privatelayer.com): 12 times
    182.151.29.51: 3 times
    183.81.169.238: 18 times
    183.87.223.5 (undefined.hostname.localhost): 3 times
    185.29.121.106 (host-185.29.121.106.routergate.com): 1 time
    189.45.198.38 (189-45-198-38.tpa.net.br): 1 time
    191.7.159.192: 2 times
    192.241.156.218: 1 time
    194.169.175.35: 3 times
    194.169.175.36: 3 times
    206.189.121.231: 1 time
    212.70.149.150: 6 times
    217.182.73.127 (vps-aac1ac7a.vps.ovh.net): 1 time
    218.55.114.89: 1 time

 Illegal users from:
    2001:470:1:332::3 (scan-37af.shadowserver.org): 1 time
    undef: 360 times
    1.13.248.53: 10 times
    1.15.155.17: 7 times
    1.55.33.86: 9 times
    5.182.26.91: 9 times
    8.219.89.130: 6 times
    43.128.111.113: 8 times
    43.133.62.215: 9 times
    43.134.72.167: 8 times
    43.134.95.210: 9 times
    43.134.97.219: 7 times
    43.134.186.17: 9 times
    43.135.172.115: 9 times
    43.153.43.145: 8 times
    43.153.119.179: 7 times
    43.153.177.56: 7 times
    43.153.229.30: 8 times
    43.156.153.186: 9 times
    43.157.11.195: 9 times
    43.159.46.253: 9 times
    43.163.237.109: 9 times
    49.7.227.136: 5 times
    49.249.83.115 (static-115.83.249.49-tataidc.co.in): 9 times
    51.38.126.105 (vps-9508d174.vps.ovh.net): 9 times
    51.195.103.245 (vps-d05b247a.vps.ovh.net): 8 times
    51.195.138.37 (vps-c3dafa63.vps.ovh.net): 7 times
    58.56.23.210: 10 times
    60.208.131.117: 3 times
    61.231.91.79 (61-231-91-79.dynamic-ip.hinet.net): 11 times
    62.234.50.209: 8 times
    64.23.169.150: 9 times
    64.62.197.203 (scan-50g.shadowserver.org): 1 time
    64.227.114.107: 9 times
    64.227.131.100: 9 times
    67.205.190.61: 8 times
    68.183.17.85: 9 times
    72.167.32.109 (109.32.167.72.host.secureserver.net): 9 times
    81.70.209.88: 3 times
    82.157.193.14: 8 times
    85.209.11.27: 2 times
    85.209.11.254: 7 times
    95.97.136.202 (095-097-136-202.static.chello.nl): 1 time
    101.126.11.251: 2 times
    102.220.23.35: 11 times
    103.140.219.142: 9 times
    103.171.84.43 (ip103-171-84-43.cloudhost.web.id): 8 times
    104.250.49.108: 12 times
    104.250.50.49: 14 times
    107.173.153.212 (107-173-153-212-host.colocrossing.com): 8 times
    107.175.111.46 (107-175-111-46-host.colocrossing.com): 9 times
    110.49.76.244: 11 times
    110.238.73.12 (ecs-110-238-73-12.compute.hwclouds-dns.com): 9 times
    111.67.198.176: 8 times
    112.217.207.26: 9 times
    113.31.119.15: 5 times
    117.72.41.146: 4 times
    118.193.68.241: 8 times
    118.194.232.111: 11 times
    119.45.181.50: 8 times
    119.198.131.7: 6 times
    120.48.98.154: 6 times
    120.53.88.44: 6 times
    122.51.45.37: 10 times
    124.156.198.8: 9 times
    124.222.242.192: 6 times
    128.1.132.44: 8 times
    129.226.81.66: 9 times
    129.226.155.129: 9 times
    129.226.157.206: 8 times
    129.226.158.246: 8 times
    129.226.210.126: 7 times
    131.186.19.116: 8 times
    134.122.114.194: 8 times
    136.233.27.164: 9 times
    139.150.83.178: 3 times
    139.177.179.83 (139-177-179-83.ip.linodeusercontent.com): 8 times
    139.198.104.138: 11 times
    143.255.140.129 (143-255-140-129.giganet.net.py): 12 times
    152.32.217.128: 5 times
    158.51.124.197: 9 times
    159.65.41.104: 7 times
    167.172.86.222: 9 times
    168.167.228.74: 9 times
    175.6.127.104: 6 times
    175.139.245.76: 8 times
    178.62.194.205: 7 times
    179.185.90.114 (179.185.90.114.static.gvt.net.br): 9 times
    182.151.29.51: 8 times
    183.87.223.5 (undefined.hostname.localhost): 8 times
    183.180.128.204 (183.180.128.204.ap.gmobb-fix.jp): 6 times
    185.29.121.106 (host-185.29.121.106.routergate.com): 9 times
    185.218.139.228: 9 times
    186.67.248.6: 12 times
    189.45.198.38 (189-45-198-38.tpa.net.br): 9 times
    191.7.159.192: 8 times
    192.241.156.218: 6 times
    193.151.117.51 (h117-51.pool193-151.dyn.tolna.net): 9 times
    194.169.175.35: 12 times
    194.169.175.36: 8 times
    206.189.121.231: 9 times
    217.182.73.127 (vps-aac1ac7a.vps.ovh.net): 9 times
    218.55.114.89: 13 times
    220.89.169.242: 5 times

 **Unmatched Entries**
 Protocol major versions differ for 165.154.164.21: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3
vs. SSH-1.5-Server : 1 time(s)
 Disconnecting: Protocol error: expected packet type 21, got 20 [preauth] : 3 time(s)

 ---------------------- SSHD End ------------------------- 

 --------------------- Disk Space Begin ------------------------ 

 Filesystem         Size  Used Avail Use% Mounted on
 /dev/ploop22185p1  394G  243G  132G  65% /
 none               4.0G     0  4.0G   0% /dev

 ---------------------- Disk Space End ------------------------- 

 ###################### Logwatch End ######################### 

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016