Logwatch for h2361197.stratoserver.net (Linux)

Mittwoch, 17 November 2021


 
 ################### Logwatch 7.4.0 (03/01/11) #################### 
        Processing Initiated: Wed Nov 17 04:42:05 2021
        Date Range Processed: yesterday
                              ( 2021-Nov-16 )
                              Period is day.
        Detail Level of Output: 0
        Type of Output/Format: mail / text
        Logfiles for Host: h2361197.stratoserver.net
 ################################################################## 
 
 --------------------- fail2ban-messages Begin ------------------------ 

 Banned services with Fail2Ban:				 Bans:Unbans
    ssh:                                                    [ 60:60 ]
 
 ---------------------- fail2ban-messages End ------------------------- 

 
 --------------------- httpd Begin ------------------------ 

 
 A total of 10 sites probed the server 
    125.127.149.159
    164.92.66.113
    178.239.21.102
    178.239.21.162
    195.15.226.153
    34.77.162.25
    64.227.97.195
    64.227.99.233
    66.240.205.34
    80.82.65.247
 
 Requests with error response codes
    400 Bad Request
       null: 9 Time(s)
       mstshash=Administr: 2 Time(s)
       /: 1 Time(s)
       /.env: 1 Time(s)
       /bag2: 1 Time(s)
       /sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/: 1 Time(s)
       7: 1 Time(s)
       G\xE8\x94(O\x9B\xFCY\xB1I\xBD\xE5cf\xE4\xC ... x09\xC0\x14\xC0: 1 Time(s)
       \x88\xC1`\xE8\xBC\xB6F\xC4\x12\x0BAx\xD8\x ... (\xC0#\xC0'\xC0: 1 Time(s)
    500 Internal Server Error
       /: 72 Time(s)
       /.env: 5 Time(s)
       /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 3 Time(s)
       /?XDEBUG_SESSION_START=phpstorm: 2 Time(s)
       /ecp/Current/exporttool/microsoft.exchange ... ool.application: 2 Time(s)
       /users/sign_in: 2 Time(s)
       /.git/config: 1 Time(s)
       ///remote/fgt_lang?lang=/../../../..//////////dev/: 1 Time(s)
       /?s=/Index/\x5Cthink\x5Capp/invokefunction ... s[1][]=otwksbpu: 1 Time(s)
       /Autodiscover/Autodiscover.xml: 1 Time(s)
       /_ignition/execute-solution: 1 Time(s)
       /_profiler/phpinfo: 1 Time(s)
       /actuator/health: 1 Time(s)
       /debug/default/view?panel=config: 1 Time(s)
       /index.php?s=/Index/\x5Cthink\x5Capp/invok ... HelloThinkPHP21: 1 Time(s)
       /jenkins/login: 1 Time(s)
       /login: 1 Time(s)
       /manager/html: 1 Time(s)
       /owa/auth/logon.aspx: 1 Time(s)
       /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s)
       /owa/auth/x.js: 1 Time(s)
       /remote/fgt_lang?lang=/../../../..//////// ... lvpn_websession: 1 Time(s)
       /robots.txt: 1 Time(s)
       /script: 1 Time(s)
       /wp-login.php: 1 Time(s)
 
 ---------------------- httpd End ------------------------- 

 
 --------------------- pam_unix Begin ------------------------ 

 sshd:
    Authentication Failures:
       root (93-47-3-47.ip110.fastwebnet.it): 46 Time(s)
       root (pppoe-static-209-91-178-224.vianet.ca): 35 Time(s)
       root (61.148.90.118): 26 Time(s)
       root (42.248.78.142): 23 Time(s)
       root (5.181.80.180): 23 Time(s)
       unknown (93-47-3-47.ip110.fastwebnet.it): 23 Time(s)
       root (69.49.228.198): 22 Time(s)
       root (40.115.79.44): 20 Time(s)
       unknown (167.172.207.139): 20 Time(s)
       unknown (120.92.34.203): 19 Time(s)
       root (43.129.93.101): 18 Time(s)
       root (222.90.82.234): 15 Time(s)
       unknown (pppoe-static-209-91-178-224.vianet.ca): 15 Time(s)
       unknown (40.115.79.44): 14 Time(s)
       unknown (61.148.90.118): 12 Time(s)
       root (167.172.207.139): 10 Time(s)
       unknown (69.49.228.198): 10 Time(s)
       unknown (176.111.173.237): 9 Time(s)
       unknown (slot0.epaperitaliait.com): 9 Time(s)
       root (123.231.90.100): 8 Time(s)
       unknown (222.90.82.234): 8 Time(s)
       unknown (43.129.93.101): 7 Time(s)
       root (175.11.202.102): 6 Time(s)
       root (d204-191-196-151.abhsia.telus.net): 6 Time(s)
       unknown (42.248.78.142): 6 Time(s)
       unknown (123.231.90.100): 5 Time(s)
       unknown (45.144.225.69): 5 Time(s)
       root (112.194.208.93): 4 Time(s)
       unknown (188.164.175.126): 4 Time(s)
       unknown (212.192.241.124): 4 Time(s)
       unknown (2.56.59.198): 3 Time(s)
       unknown (205.185.114.87): 3 Time(s)
       unknown (205.185.119.112): 3 Time(s)
       unknown (209.141.33.193): 3 Time(s)
       unknown (209.141.62.185): 3 Time(s)
       unknown (smtp4.achtungumbedingt.de): 3 Time(s)
       root (120.92.34.203): 2 Time(s)
       unknown (195.133.18.210): 2 Time(s)
       unknown (199.19.225.172): 2 Time(s)
       unknown (205.185.115.39): 2 Time(s)
       unknown (209.141.32.141): 2 Time(s)
       unknown (209.141.44.165): 2 Time(s)
       unknown (5.181.80.180): 2 Time(s)
       unknown (93-43-223-61.ip94.fastwebnet.it): 2 Time(s)
       unknown (ip5f5a3cd1.dynamic.kabel-deutschland.de): 2 Time(s)
       unknown (smtp17.mib360realestate.com): 2 Time(s)
       postgres (69.49.228.198): 1 Time(s)
       root (129.146.188.246): 1 Time(s)
       root (152.136.18.77): 1 Time(s)
       root (185.235.146.29): 1 Time(s)
       root (212.192.241.124): 1 Time(s)
       root (h-37-123-163-58.a785.priv.bahnhof.se): 1 Time(s)
       unknown (112.194.208.93): 1 Time(s)
       unknown (141.98.10.92): 1 Time(s)
       unknown (209.141.62.233): 1 Time(s)
       unknown (220.241.80.114): 1 Time(s)
       unknown (41.137.137.92): 1 Time(s)
    Invalid Users:
       Unknown Account: 211 Time(s)
 
 
 ---------------------- pam_unix End ------------------------- 

 
 --------------------- Postfix Begin ------------------------ 

       51   Miscellaneous warnings  
 
    9.230K  Bytes accepted                               9,452
    9.230K  Bytes sent via SMTP                          9,452
 ========   ==================================================
 
        1   Accepted                                   100.00%
 --------   --------------------------------------------------
        1   Total                                      100.00%
 ========   ==================================================
 
        2   4xx Reject relay denied                     66.67%
        1   4xx Reject VRFY                             33.33%
 --------   --------------------------------------------------
        3   Total 4xx Rejects                          100.00%
 ========   ==================================================
 
      369   Connections             
       72   Connections lost (inbound) 
      369   Disconnections          
        1   Removed from queue      
        1   Sent via SMTP           
 
        1   Hostname verification errors (FCRDNS) 
 
 
 ---------------------- Postfix End ------------------------- 

 
 --------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------ 

 Large Mailbox threshold: 40MB (41943040 bytes)
  Warning: Large mailbox: mailman.gz (1747199807)
  Warning: Large mailbox: mailman (235703599967)
 
 ---------------------- sendmail-largeboxes (large mail spool files) End
------------------------- 

 
 --------------------- SSHD Begin ------------------------ 

 
 Disconnecting after too many authentication failures for user:
    root : 1 Time(s)
 
 Failed logins from:
    5.181.80.180 (ip-80-180-bullethost.net): 23 times
    37.123.163.58 (h-37-123-163-58.A785.priv.bahnhof.se): 1 time
    40.115.79.44: 20 times
    42.248.78.142: 23 times
    43.129.93.101: 18 times
    61.148.90.118: 26 times
    69.49.228.198 (69-49-228-198.unifiedlayer.com): 23 times
    93.47.3.47 (93-47-3-47.ip110.fastwebnet.it): 46 times
    112.194.208.93: 4 times
    120.92.34.203: 2 times
    123.231.90.100: 8 times
    129.146.188.246: 1 time
    152.136.18.77: 1 time
    167.172.207.139: 10 times
    175.11.202.102: 6 times
    185.235.146.29: 1 time
    204.191.196.151 (d204-191-196-151.abhsia.telus.net): 6 times
    209.91.178.224 (pppoe-static-209-91-178-224.vianet.ca): 35 times
    212.192.241.124: 1 time
    222.90.82.234: 15 times
 
 Illegal users from:
    2001:470:1:332::7: 1 time
    undef: 127 times
    2.56.59.198: 3 times
    5.181.80.180 (ip-80-180-bullethost.net): 2 times
    40.115.79.44: 14 times
    41.137.137.92: 1 time
    42.248.78.142: 6 times
    43.129.93.101: 7 times
    45.144.225.69: 5 times
    61.148.90.118: 12 times
    69.49.228.198 (69-49-228-198.unifiedlayer.com): 10 times
    93.43.223.61 (93-43-223-61.ip94.fastwebnet.it): 2 times
    93.47.3.47 (93-47-3-47.ip110.fastwebnet.it): 23 times
    95.90.60.209 (ip5f5a3cd1.dynamic.kabel-deutschland.de): 2 times
    107.189.30.134 (smtp4.achtungumbedingt.de): 3 times
    112.194.208.93: 1 time
    120.92.34.203: 19 times
    123.231.90.100: 5 times
    141.98.10.92: 1 time
    167.172.207.139: 20 times
    176.111.173.237: 9 times
    188.164.175.126: 4 times
    195.133.18.24 (slot0.epaperitaliait.com): 9 times
    195.133.18.210: 2 times
    199.19.225.172: 2 times
    205.185.114.87: 3 times
    205.185.115.39 (mx.learnmorefun.org): 2 times
    205.185.119.40 (smtp17.mib360realestate.com): 2 times
    205.185.119.112: 3 times
    209.91.178.224 (pppoe-static-209-91-178-224.vianet.ca): 15 times
    209.141.32.141 (smtp9.dfsfasfasf.xyz): 2 times
    209.141.33.193 (mx.chinadomainregistry.org): 3 times
    209.141.44.165: 2 times
    209.141.62.185: 3 times
    209.141.62.233 (hhb8.cn): 1 time
    212.192.241.124: 4 times
    220.241.80.114 (mx2.hkucs.org): 1 time
    222.90.82.234: 8 times
 
 ---------------------- SSHD End ------------------------- 

 
 --------------------- Disk Space Begin ------------------------ 

 Filesystem         Size  Used Avail Use% Mounted on
 /dev/ploop33257p1  394G  242G  132G  65% /
 none               4.0G     0  4.0G   0% /dev
 
 
 ---------------------- Disk Space End ------------------------- 

 
 ###################### Logwatch End #########################

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016