2020-04-10T08:57:13.960452ns386461 sshd\[11199\]: Invalid user bkp from 2.59.153.39 port 49158
2020-04-10T08:57:13.965048ns386461 sshd\[11199\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.59.153.39
2020-04-10T08:57:16.386466ns386461 sshd\[11199\]: Failed password for invalid user bkp from 2.59.153.39 port 49158 ssh2
2020-04-10T09:17:14.861779ns386461 sshd\[30678\]: Invalid user test from 2.59.153.39 port 52844
2020-04-10T09:17:14.866493ns386461 sshd\[30678\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.59.153.39
...

Apr 10 00:05:02 v22018086721571380 sshd[10952]: Failed password for invalid user developer from 2.59.153.39 port 60868 ssh2

invalid user

Apr  3 10:26:14 our-server-hostname sshd[12505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.59.153.39  user=r.r
Apr  3 10:26:17 our-server-hostname sshd[12505]: Failed password for r.r from 2.59.153.39 port 34786 ssh2
Apr  3 10:36:45 our-server-hostname sshd[14921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.59.153.39  user=r.r
Apr  3 10:36:48 our-server-hostname sshd[14921]: Failed password for r.r from 2.59.153.39 port 46830 ssh2
Apr  3 10:45:29 our-server-hostname sshd[18535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.59.153.39  user=r.r
Apr  3 10:45:31 our-server-hostname sshd[18535]: Failed password for r.r from 2.59.153.39 port 60648 ssh2
Apr  3 10:53:50 our-server-hostname sshd[21590]: Invalid user in from 2.59.153.39
Apr  3 10:53:50 our-server-hostname sshd[21590]: pam_unix(sshd:auth): authentication failure; logname= uid=........
-------------------------------

Nov 10 14:12:44 sso sshd[30447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.59.153.97
Nov 10 14:12:46 sso sshd[30447]: Failed password for invalid user valeria from 2.59.153.97 port 60818 ssh2
...

Nov  4 17:05:39 HOST sshd[25251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.59.153.97  user=r.r
Nov  4 17:05:41 HOST sshd[25251]: Failed password for r.r from 2.59.153.97 port 60746 ssh2
Nov  4 17:05:41 HOST sshd[25251]: Received disconnect from 2.59.153.97: 11: Bye Bye [preauth]
Nov  4 17:29:21 HOST sshd[25725]: Failed password for invalid user team from 2.59.153.97 port 52564 ssh2
Nov  4 17:29:21 HOST sshd[25725]: Received disconnect from 2.59.153.97: 11: Bye Bye [preauth]
Nov  4 17:33:15 HOST sshd[25807]: Failed password for invalid user sv from 2.59.153.97 port 50208 ssh2
Nov  4 17:33:15 HOST sshd[25807]: Received disconnect from 2.59.153.97: 11: Bye Bye [preauth]
Nov  4 17:36:59 HOST sshd[25895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.59.153.97  user=r.r
Nov  4 17:37:02 HOST sshd[25895]: Failed password for r.r from 2.59.153.97 port 47842 ssh2
Nov  4 17:37:02 HOST ssh........
-------------------------------

Sep  7 05:42:28 meumeu sshd[5704]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.80.39 
Sep  7 05:42:30 meumeu sshd[5704]: Failed password for invalid user admin from 114.67.80.39 port 55984 ssh2
Sep  7 05:47:33 meumeu sshd[6225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.80.39 
...

Sep  7 09:29:19 nextcloud sshd\[19683\]: Invalid user ubuntu from 49.234.116.13
Sep  7 09:29:19 nextcloud sshd\[19683\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.13
Sep  7 09:29:21 nextcloud sshd\[19683\]: Failed password for invalid user ubuntu from 49.234.116.13 port 41910 ssh2
...

Sep  7 03:44:00 MK-Soft-VM5 sshd\[19049\]: Invalid user abc123 from 207.154.194.145 port 44428
Sep  7 03:44:00 MK-Soft-VM5 sshd\[19049\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.194.145
Sep  7 03:44:03 MK-Soft-VM5 sshd\[19049\]: Failed password for invalid user abc123 from 207.154.194.145 port 44428 ssh2
...

Sep  6 20:20:03 vtv3 sshd\[12807\]: Invalid user ts3 from 81.16.8.220 port 50646
Sep  6 20:20:03 vtv3 sshd\[12807\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.16.8.220
Sep  6 20:20:05 vtv3 sshd\[12807\]: Failed password for invalid user ts3 from 81.16.8.220 port 50646 ssh2
Sep  6 20:24:57 vtv3 sshd\[15131\]: Invalid user teamspeak from 81.16.8.220 port 42656
Sep  6 20:24:57 vtv3 sshd\[15131\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.16.8.220
Sep  6 20:37:37 vtv3 sshd\[21695\]: Invalid user minecraft from 81.16.8.220 port 60484
Sep  6 20:37:37 vtv3 sshd\[21695\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.16.8.220
Sep  6 20:37:39 vtv3 sshd\[21695\]: Failed password for invalid user minecraft from 81.16.8.220 port 60484 ssh2
Sep  6 20:41:55 vtv3 sshd\[23842\]: Invalid user server from 81.16.8.220 port 47600
Sep  6 20:41:55 vtv3 sshd\[23842\]: pam_unix\(sshd

$f2bV_matches

Sep  6 21:19:38 lcprod sshd\[24886\]: Invalid user oracle123 from 45.40.194.129
Sep  6 21:19:38 lcprod sshd\[24886\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.40.194.129
Sep  6 21:19:40 lcprod sshd\[24886\]: Failed password for invalid user oracle123 from 45.40.194.129 port 60708 ssh2
Sep  6 21:25:16 lcprod sshd\[25396\]: Invalid user d3v from 45.40.194.129
Sep  6 21:25:16 lcprod sshd\[25396\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.40.194.129

Sep  7 09:48:54 saschabauer sshd[18872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.47.125
Sep  7 09:48:56 saschabauer sshd[18872]: Failed password for invalid user user8 from 142.93.47.125 port 36102 ssh2

2019-09-06 19:34:41 H=(119.86.182.87) [119.86.182.87]:65501 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.11, 127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS)
2019-09-06 19:36:55 H=(119.86.182.87) [119.86.182.87]:64642 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.11, 127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/119.86.182.87)
2019-09-06 19:36:55 H=(119.86.182.87) [119.86.182.87]:64642 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.11, 127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/119.86.182.87)
...

Sep  7 08:11:19 OPSO sshd\[29836\]: Invalid user user from 203.110.90.195 port 37862
Sep  7 08:11:19 OPSO sshd\[29836\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.110.90.195
Sep  7 08:11:21 OPSO sshd\[29836\]: Failed password for invalid user user from 203.110.90.195 port 37862 ssh2
Sep  7 08:16:36 OPSO sshd\[30534\]: Invalid user test from 203.110.90.195 port 59402
Sep  7 08:16:36 OPSO sshd\[30534\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.110.90.195

Sep  6 21:31:19 lcprod sshd\[26029\]: Invalid user demo3 from 34.68.136.212
Sep  6 21:31:19 lcprod sshd\[26029\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.136.68.34.bc.googleusercontent.com
Sep  6 21:31:21 lcprod sshd\[26029\]: Failed password for invalid user demo3 from 34.68.136.212 port 51180 ssh2
Sep  6 21:35:17 lcprod sshd\[26428\]: Invalid user live from 34.68.136.212
Sep  6 21:35:17 lcprod sshd\[26428\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.136.68.34.bc.googleusercontent.com

[munged]::443 134.209.203.238 - - [07/Sep/2019:02:35:31 +0200] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
[munged]::443 134.209.203.238 - - [07/Sep/2019:02:35:43 +0200] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
[munged]::443 134.209.203.238 - - [07/Sep/2019:02:35:46 +0200] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
[munged]::443 134.209.203.238 - - [07/Sep/2019:02:35:54 +0200] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
[munged]::443 134.209.203.238 - - [07/Sep/2019:02:35:57 +0200] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
[munged]::443 134.209.203.238 - - [07/Sep/2019:02:36:09 +0200] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.

$f2bV_matches

Aug 31 23:53:34 itv-usvr-01 sshd[24059]: Invalid user admin from 49.83.95.42
Aug 31 23:53:34 itv-usvr-01 sshd[24059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.83.95.42
Aug 31 23:53:34 itv-usvr-01 sshd[24059]: Invalid user admin from 49.83.95.42
Aug 31 23:53:36 itv-usvr-01 sshd[24059]: Failed password for invalid user admin from 49.83.95.42 port 53398 ssh2
Aug 31 23:53:34 itv-usvr-01 sshd[24059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.83.95.42
Aug 31 23:53:34 itv-usvr-01 sshd[24059]: Invalid user admin from 49.83.95.42
Aug 31 23:53:36 itv-usvr-01 sshd[24059]: Failed password for invalid user admin from 49.83.95.42 port 53398 ssh2
Aug 31 23:53:40 itv-usvr-01 sshd[24059]: Failed password for invalid user admin from 49.83.95.42 port 53398 ssh2

Sep  7 06:52:34 intra sshd\[55466\]: Invalid user hadoop from 178.32.219.209Sep  7 06:52:36 intra sshd\[55466\]: Failed password for invalid user hadoop from 178.32.219.209 port 50220 ssh2Sep  7 06:56:42 intra sshd\[55518\]: Invalid user 1 from 178.32.219.209Sep  7 06:56:44 intra sshd\[55518\]: Failed password for invalid user 1 from 178.32.219.209 port 37060 ssh2Sep  7 07:00:47 intra sshd\[55597\]: Invalid user 123 from 178.32.219.209Sep  7 07:00:49 intra sshd\[55597\]: Failed password for invalid user 123 from 178.32.219.209 port 52132 ssh2
...

Sep  6 17:48:25 php2 sshd\[8984\]: Invalid user deploy from 111.231.132.94
Sep  6 17:48:25 php2 sshd\[8984\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.132.94
Sep  6 17:48:27 php2 sshd\[8984\]: Failed password for invalid user deploy from 111.231.132.94 port 39472 ssh2
Sep  6 17:54:19 php2 sshd\[9502\]: Invalid user nagios from 111.231.132.94
Sep  6 17:54:19 php2 sshd\[9502\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.132.94