Logwatch for h2361197.stratoserver.net (Linux)

Montag, 5 Februar 2024


 
 ################### Logwatch 7.4.0 (03/01/11) #################### 
        Processing Initiated: Mon Feb  5 04:42:03 2024
        Date Range Processed: yesterday
                              ( 2024-Feb-04 )
                              Period is day.
        Detail Level of Output: 0
        Type of Output/Format: mail / text
        Logfiles for Host: h2361197.stratoserver.net
 ################################################################## 
 
 --------------------- fail2ban-messages Begin ------------------------ 

 Banned services with Fail2Ban:				 Bans:Unbans
    ssh:                                                    [167:165]
 
 ---------------------- fail2ban-messages End ------------------------- 

 
 --------------------- httpd Begin ------------------------ 

 
 Connection attempts using mod_proxy:
    141.98.7.179 -> zapf.wiki:443: 1 Time(s)
 
 A total of 5 sites probed the server 
    125.44.35.92
    192.241.203.31
    198.199.118.69
    65.49.1.57
    78.153.140.224
 
 Requests with error response codes
    400 Bad Request
       null: 5 Time(s)
       *: 2 Time(s)
       /: 2 Time(s)
       /bin/zhttpd/${IFS}cd${IFS}/tmp;${IFS}rm${I ... }zyxel.selfrep;: 2 Time(s)
       /.git/config: 1 Time(s)
       /admin/.git/config: 1 Time(s)
       /app/.git/config: 1 Time(s)
       /static../.git/config: 1 Time(s)
       /wp-content/plugins/.git/config: 1 Time(s)
       mstshash=Administr: 1 Time(s)
       zapf.wiki:443: 1 Time(s)
    500 Internal Server Error
       /: 15 Time(s)
       /.git/config: 2 Time(s)
       /?XDEBUG_SESSION_START=phpstorm: 1 Time(s)
       /actuator/gateway/routes: 1 Time(s)
       /admin/.git/config: 1 Time(s)
       /api/.git/config: 1 Time(s)
       /app/.git/config: 1 Time(s)
       /assets/.git/config: 1 Time(s)
       /blogs/.git/config: 1 Time(s)
       /config/.git/config: 1 Time(s)
       /core/.git/config: 1 Time(s)
       /css/.git/config: 1 Time(s)
       /favicon.ico: 1 Time(s)
       /includes/.git/config: 1 Time(s)
       /js/.git/config: 1 Time(s)
       /lib/.git/config: 1 Time(s)
       /modules/.git/config: 1 Time(s)
       /node_modules/.git/config: 1 Time(s)
       /plugins/.git/config: 1 Time(s)
       /scripts/.git/config: 1 Time(s)
       /src/.git/config: 1 Time(s)
       /vendor/.git/config: 1 Time(s)
 
 ---------------------- httpd End ------------------------- 

 
 --------------------- pam_unix Begin ------------------------ 

 sshd:
    Authentication Failures:
       root (49.231.192.36): 38 Time(s)
       root (47.242.112.41): 32 Time(s)
       root (104.250.50.18): 29 Time(s)
       root (140.249.206.244): 24 Time(s)
       root (124.156.205.190): 23 Time(s)
       root (15.126.101.34.bc.googleusercontent.com): 23 Time(s)
       root (43.156.150.246): 23 Time(s)
       root (142.171.231.195): 22 Time(s)
       root (178.128.91.222): 22 Time(s)
       root (181.94.223.139): 22 Time(s)
       root (202.55.175.236): 22 Time(s)
       root (1.22.54.163): 21 Time(s)
       root (103.130.213.105): 21 Time(s)
       root (103.130.214.137): 21 Time(s)
       root (161.35.185.110): 21 Time(s)
       root (162.0.213.180): 21 Time(s)
       root (185.91.69.78): 21 Time(s)
       root (188.121.101.133): 21 Time(s)
       root (89.117.25.244): 21 Time(s)
       root (host-92-27-101-99.static.as13285.net): 21 Time(s)
       root (185.227.154.53): 20 Time(s)
       root (192.3.176.170): 20 Time(s)
       root (20.226.9.78): 20 Time(s)
       root (86.57.244.81.ripe.vitebsk.by): 20 Time(s)
       root (103.59.209.5): 19 Time(s)
       root (150.230.62.85): 19 Time(s)
       root (180.242.219.6): 19 Time(s)
       root (206.217.131.233): 19 Time(s)
       root (vmd117916.contaboserver.net): 19 Time(s)
       root (102.220.23.35): 18 Time(s)
       root (106.240.228.244): 18 Time(s)
       root (158.160.6.234): 18 Time(s)
       root (162.62.218.43): 18 Time(s)
       root (165.154.199.17): 18 Time(s)
       root (178.22.120.71): 18 Time(s)
       root (198.23.143.193): 18 Time(s)
       root (43.133.56.252): 18 Time(s)
       root (43.134.63.194): 18 Time(s)
       root (43.153.84.125): 18 Time(s)
       root (43.154.96.206): 18 Time(s)
       root (43.156.49.75): 18 Time(s)
       root (45.138.74.24): 18 Time(s)
       root (46.101.3.129): 18 Time(s)
       root (ll-220-228-152-176.ll.sparqnet.net): 18 Time(s)
       root (vps-9de7d664.vps.ovh.ca): 18 Time(s)
       root (101.91.225.182): 17 Time(s)
       root (174.138.72.191): 17 Time(s)
       root (185.196.9.199): 17 Time(s)
       root (199.21.115.199): 17 Time(s)
       root (101.43.49.47): 16 Time(s)
       root (186.10.245.152): 16 Time(s)
       root (217.7.93.34.bc.googleusercontent.com): 16 Time(s)
       root (v150-95-66-126.a005.g.bkk2.static.cnode.io): 16 Time(s)
       root (152.32.209.108): 15 Time(s)
       root (static.11.143.107.91.clients.your-server.de): 15 Time(s)
       root (vps-a1e5e441.vps.ovh.net): 15 Time(s)
       unknown (85.209.11.27): 15 Time(s)
       root (106.13.223.14): 14 Time(s)
       root (111.229.25.192): 14 Time(s)
       root (118.122.72.88): 14 Time(s)
       root (122.237.99.187): 14 Time(s)
       root (103.47.51.215): 13 Time(s)
       root (128.199.71.12): 13 Time(s)
       root (222.70.137.13): 11 Time(s)
       root (147.182.247.119): 10 Time(s)
       root (178.128.84.59): 10 Time(s)
       unknown (141.98.11.11): 10 Time(s)
       root (58.209.80.228): 8 Time(s)
       unknown (85.209.11.254): 8 Time(s)
       root (104-230-097-051.res.spectrum.com): 6 Time(s)
       root (121.183.30.17): 6 Time(s)
       root (141.98.11.11): 6 Time(s)
       root (67.174.80.230): 6 Time(s)
       root (host210.sub-63-41-9.myvzw.com): 6 Time(s)
       unknown (141.98.11.90): 6 Time(s)
       unknown (147.182.247.119): 5 Time(s)
       unknown (ool-4579b5ab.dyn.optonline.net): 5 Time(s)
       unknown (128.199.229.98): 4 Time(s)
       unknown (185.11.61.234): 4 Time(s)
       unknown (85.209.11.226): 4 Time(s)
       root (85.209.11.254): 3 Time(s)
       root (85.209.11.27): 3 Time(s)
       unknown (128.199.71.12): 3 Time(s)
       unknown (vps-a1e5e441.vps.ovh.net): 3 Time(s)
       root (141.98.11.90): 2 Time(s)
       root (49.51.46.161): 2 Time(s)
       unknown (150.230.62.85): 2 Time(s)
       unknown (180.242.219.6): 2 Time(s)
       unknown (43.153.84.125): 2 Time(s)
       unknown (43.156.49.75): 2 Time(s)
       unknown (58.209.80.228): 2 Time(s)
       unknown (static-53-80-60-95.ipcom.comunitel.net): 2 Time(s)
       mysql (147.182.247.119): 1 Time(s)
       postgres (128.199.229.98): 1 Time(s)
       postgres (85.209.11.27): 1 Time(s)
       root (128.199.229.98): 1 Time(s)
       root (8.130.23.183): 1 Time(s)
       root (85.209.11.226): 1 Time(s)
       sshd (141.98.11.90): 1 Time(s)
       unknown (103.130.213.105): 1 Time(s)
       unknown (103.130.214.137): 1 Time(s)
       unknown (106.13.223.14): 1 Time(s)
       unknown (121.152.45.237): 1 Time(s)
       unknown (140.249.206.244): 1 Time(s)
       unknown (142.171.231.195): 1 Time(s)
       unknown (15.126.101.34.bc.googleusercontent.com): 1 Time(s)
       unknown (152.32.209.108): 1 Time(s)
       unknown (162.0.213.180): 1 Time(s)
       unknown (178.128.84.59): 1 Time(s)
       unknown (178.128.91.222): 1 Time(s)
       unknown (185.196.9.199): 1 Time(s)
       unknown (185.227.154.53): 1 Time(s)
       unknown (185.91.69.78): 1 Time(s)
       unknown (186.10.245.152): 1 Time(s)
       unknown (188.121.101.133): 1 Time(s)
       unknown (192.3.176.170): 1 Time(s)
       unknown (20.226.9.78): 1 Time(s)
       unknown (217.7.93.34.bc.googleusercontent.com): 1 Time(s)
       unknown (43.133.56.252): 1 Time(s)
       unknown (86.57.244.81.ripe.vitebsk.by): 1 Time(s)
       unknown (89.117.25.244): 1 Time(s)
       unknown (v150-95-66-126.a005.g.bkk2.static.cnode.io): 1 Time(s)
       uucp (141.98.11.90): 1 Time(s)
    Invalid Users:
       Unknown Account: 105 Time(s)
 
 
 ---------------------- pam_unix End ------------------------- 

 
 --------------------- Postfix Begin ------------------------ 

       10   Miscellaneous warnings  
 
      663   Bytes accepted                                 663
      663   Bytes sent via SMTP                            663
 ========   ==================================================
 
        1   Accepted                                   100.00%
 --------   --------------------------------------------------
        1   Total                                      100.00%
 ========   ==================================================
 
       23   4xx Reject relay denied                    100.00%
 --------   --------------------------------------------------
       23   Total 4xx Rejects                          100.00%
 ========   ==================================================
 
      118   Connections             
       16   Connections lost (inbound) 
      118   Disconnections          
        1   Removed from queue      
        1   Sent via SMTP           
 
        1   SMTP dialog errors      
 
 
 ---------------------- Postfix End ------------------------- 

 
 --------------------- PostgreSQL Begin ------------------------ 

 Fatals:
 -------
 
 4 times:
 [2024-02-04 22:57:13 +/-1 seconds]  the database system is starting up
 
 
 ---------------------- PostgreSQL End ------------------------- 

 
 --------------------- rsyslogd Begin ------------------------ 

 
 **** Unmatched entries ****
     [origin software="rsyslogd" swVersion="8.4.2"
x-pid="209" x-info="http://www.rsyslog.com"] exiting on signal 15. : 1
Times
 
 ---------------------- rsyslogd End ------------------------- 

 
 --------------------- Connections (secure-log) Begin ------------------------ 

 
 **Unmatched Entries**
    systemd-logind: New seat seat0.: 2 Time(s)
 
 ---------------------- Connections (secure-log) End ------------------------- 

 
 --------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------ 

 Large Mailbox threshold: 40MB (41943040 bytes)
  Warning: Large mailbox: mailman.gz (1747199807)
  Warning: Large mailbox: mailman (235703599967)
 
 ---------------------- sendmail-largeboxes (large mail spool files) End
------------------------- 

 
 --------------------- SSHD Begin ------------------------ 

 
 SSHD Killed: 1 Time(s)
 
 SSHD Started: 4 Time(s)
 
 Disconnecting after too many authentication failures for user:
    invalid : 1 Time(s)
    root : 3 Time(s)
 
 Failed logins from:
    1.22.54.163: 21 times
    8.130.23.183: 1 time
    20.226.9.78: 20 times
    34.93.7.217 (217.7.93.34.bc.googleusercontent.com): 16 times
    34.101.126.15 (15.126.101.34.bc.googleusercontent.com): 23 times
    43.133.56.252: 18 times
    43.134.63.194: 18 times
    43.153.84.125: 18 times
    43.154.96.206: 18 times
    43.156.49.75: 18 times
    43.156.150.246: 23 times
    45.138.74.24 (scared-giraffe.aeza.network): 18 times
    46.101.3.129: 18 times
    47.242.112.41: 32 times
    49.51.46.161: 2 times
    49.231.192.36: 38 times
    51.222.13.180 (vps-9de7d664.vps.ovh.ca): 18 times
    58.209.80.228: 8 times
    63.41.9.210 (host210.sub-63-41-9.myvzw.com): 6 times
    67.174.80.230: 6 times
    85.209.11.27: 4 times
    85.209.11.226: 1 time
    85.209.11.254: 3 times
    86.57.244.81 (86.57.244.81.ripe.vitebsk.by): 20 times
    89.117.25.244: 21 times
    91.107.143.11 (static.11.143.107.91.clients.your-server.de): 15 times
    92.27.101.99 (host-92-27-101-99.static.as13285.net): 21 times
    101.43.49.47: 16 times
    101.91.225.182: 17 times
    102.220.23.35: 18 times
    103.47.51.215: 13 times
    103.59.209.5: 19 times
    103.130.213.105 (ip.bkhost.vn): 21 times
    103.130.214.137 (ip.bkhost.vn): 21 times
    104.230.97.51 (104-230-097-051.res.spectrum.com): 6 times
    104.250.50.18: 29 times
    106.13.223.14: 14 times
    106.240.228.244: 18 times
    111.229.25.192: 14 times
    118.122.72.88: 14 times
    121.183.30.17: 6 times
    122.237.99.187: 14 times
    124.156.205.190: 23 times
    128.199.71.12: 13 times
    128.199.229.98: 2 times
    140.249.206.244: 24 times
    141.98.11.11 (axon-stall.riddlecamera.net): 6 times
    141.98.11.90 (lighten.medyamol.com): 4 times
    142.171.231.195 (lynde.ddsctric.com): 22 times
    146.59.228.105 (vps-a1e5e441.vps.ovh.net): 15 times
    147.182.247.119: 11 times
    150.95.66.126 (v150-95-66-126.a005.g.bkk2.static.cnode.io): 16 times
    150.230.62.85: 19 times
    152.32.209.108: 15 times
    158.160.6.234: 18 times
    161.35.185.110: 21 times
    162.0.213.180 (server1.24htradingcrypto.com): 21 times
    162.62.218.43: 18 times
    165.154.199.17: 18 times
    174.138.72.191: 17 times
    178.22.120.71: 18 times
    178.128.84.59: 10 times
    178.128.91.222: 22 times
    180.242.219.6: 19 times
    181.94.223.139 (host-139.181-94-223.personal.net.py): 22 times
    185.91.69.78: 21 times
    185.196.9.199: 17 times
    185.227.154.53: 20 times
    186.10.245.152 (z350.entelchile.net): 16 times
    188.121.101.133: 21 times
    192.3.176.170 (192-3-176-170-host.colocrossing.com): 20 times
    198.23.143.193 (royaserver.com): 18 times
    199.21.115.199 (199-21-115-199-host.colocrossing.com): 17 times
    202.55.175.236: 22 times
    206.217.131.233 (206-217-131-233-host.colocrossing.com): 19 times
    207.180.198.53 (vmd117916.contaboserver.net): 19 times
    220.228.152.176 (ll-220-228-152-176.ll.sparqnet.net): 18 times
    222.70.137.13 (13.137.70.222.broad.xw.sh.dynamic.163data.com.cn): 11 times
 
 Illegal users from:
    2001:470:1:c84::15 (scan-05p.shadowserver.org): 1 time
    undef: 41 times
    20.226.9.78: 1 time
    34.93.7.217 (217.7.93.34.bc.googleusercontent.com): 1 time
    34.101.126.15 (15.126.101.34.bc.googleusercontent.com): 1 time
    43.133.56.252: 1 time
    43.153.84.125: 2 times
    43.156.49.75: 2 times
    58.209.80.228: 2 times
    64.62.197.181 (scan-49o.shadowserver.org): 1 time
    69.121.181.171 (ool-4579b5ab.dyn.optonline.net): 6 times
    85.209.11.27: 16 times
    85.209.11.226: 4 times
    85.209.11.254: 9 times
    86.57.244.81 (86.57.244.81.ripe.vitebsk.by): 1 time
    89.117.25.244: 1 time
    95.60.80.53 (static-53-80-60-95.ipcom.comunitel.net): 2 times
    103.130.213.105 (ip.bkhost.vn): 1 time
    103.130.214.137 (ip.bkhost.vn): 1 time
    106.13.223.14: 1 time
    121.152.45.237: 5 times
    128.199.71.12: 3 times
    128.199.229.98: 4 times
    140.249.206.244: 1 time
    141.98.11.11 (axon-stall.riddlecamera.net): 10 times
    141.98.11.90 (lighten.medyamol.com): 6 times
    142.171.231.195 (lynde.ddsctric.com): 1 time
    146.59.228.105 (vps-a1e5e441.vps.ovh.net): 3 times
    147.182.247.119: 5 times
    150.95.66.126 (v150-95-66-126.a005.g.bkk2.static.cnode.io): 1 time
    150.230.62.85: 2 times
    152.32.209.108: 1 time
    162.0.213.180 (server1.24htradingcrypto.com): 1 time
    178.128.84.59: 1 time
    178.128.91.222: 1 time
    180.242.219.6: 2 times
    185.11.61.234: 4 times
    185.91.69.78: 1 time
    185.196.9.199: 1 time
    185.227.154.53: 1 time
    186.10.245.152 (z350.entelchile.net): 1 time
    188.121.101.133: 1 time
    192.3.176.170 (192-3-176-170-host.colocrossing.com): 1 time
 
 ---------------------- SSHD End ------------------------- 

 
 --------------------- Disk Space Begin ------------------------ 

 Filesystem         Size  Used Avail Use% Mounted on
 /dev/ploop41848p1  394G  243G  132G  65% /
 none               4.0G     0  4.0G   0% /dev
 
 
 ---------------------- Disk Space End ------------------------- 

 
 ###################### Logwatch End #########################

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016