Mar  8 00:07:51 sso sshd[3341]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.26.12
Mar  8 00:07:53 sso sshd[3341]: Failed password for invalid user admin from 129.211.26.12 port 48750 ssh2
...

Invalid user direction from 95.81.207.196 port 44698
pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.81.207.196
Failed password for invalid user direction from 95.81.207.196 port 44698 ssh2
pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.81.207.196  user=root
Failed password for root from 95.81.207.196 port 49930 ssh2

Mar  7 15:19:14 hanapaa sshd\[1766\]: Invalid user tomcat from 212.47.253.178
Mar  7 15:19:14 hanapaa sshd\[1766\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178-253-47-212.rev.cloud.scaleway.com
Mar  7 15:19:16 hanapaa sshd\[1766\]: Failed password for invalid user tomcat from 212.47.253.178 port 48418 ssh2
Mar  7 15:27:43 hanapaa sshd\[2403\]: Invalid user chenyang from 212.47.253.178
Mar  7 15:27:43 hanapaa sshd\[2403\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178-253-47-212.rev.cloud.scaleway.com

Attempted WordPress login: "GET /wp-login.php"

Mar  8 00:04:30 lukav-desktop sshd\[31656\]: Invalid user gaojian from 159.89.194.103
Mar  8 00:04:30 lukav-desktop sshd\[31656\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.194.103
Mar  8 00:04:32 lukav-desktop sshd\[31656\]: Failed password for invalid user gaojian from 159.89.194.103 port 38696 ssh2
Mar  8 00:05:21 lukav-desktop sshd\[11276\]: Invalid user guest3 from 159.89.194.103
Mar  8 00:05:21 lukav-desktop sshd\[11276\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.194.103

fail2ban

Mar  8 01:07:52 v22018076622670303 sshd\[27715\]: Invalid user bugzilla from 125.91.116.181 port 41566
Mar  8 01:07:52 v22018076622670303 sshd\[27715\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.91.116.181
Mar  8 01:07:54 v22018076622670303 sshd\[27715\]: Failed password for invalid user bugzilla from 125.91.116.181 port 41566 ssh2
...

Mar  8 02:19:44 vps691689 sshd[18063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.122.222
Mar  8 02:19:45 vps691689 sshd[18063]: Failed password for invalid user rooot#123 from 49.234.122.222 port 58122 ssh2
...

Mar  8 01:02:25 host3 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=89.248.174.39, lip=207.180.241.50, session=
Mar  8 01:02:41 host3 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=89.248.174.39, lip=207.180.241.50, session=
Mar  8 01:03:05 host3 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=89.248.174.39, lip=207.180.241.50, session=
Mar  8 01:03:38 host3 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=89.248.174.39, lip=207.180.241.50, session=
Mar  8 01:04:07 host3 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=89.248.174.39, lip=207.180.241.50, session=<5zX1n0ygVmBZ+K4n>
...

Invalid user test from 149.202.206.206 port 46436

Mar  8 00:24:09 * sshd[3382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.71.166.70
Mar  8 00:24:10 * sshd[3382]: Failed password for invalid user 1qazzaq!2wsx from 125.71.166.70 port 50134 ssh2

fail2ban

Mar  4 20:02:18 minden010 sshd[18650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.136.205.8
Mar  4 20:02:20 minden010 sshd[18650]: Failed password for invalid user dighostnamealdsvm from 195.136.205.8 port 61063 ssh2
Mar  4 20:10:57 minden010 sshd[21449]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.136.205.8


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=195.136.205.8

Invalid user sarvub from 124.207.29.72 port 46514

Mar  8 01:26:35 srv-ubuntu-dev3 sshd[14457]: Invalid user znyjjszx from 121.229.25.154
Mar  8 01:26:35 srv-ubuntu-dev3 sshd[14457]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.25.154
Mar  8 01:26:35 srv-ubuntu-dev3 sshd[14457]: Invalid user znyjjszx from 121.229.25.154
Mar  8 01:26:37 srv-ubuntu-dev3 sshd[14457]: Failed password for invalid user znyjjszx from 121.229.25.154 port 37850 ssh2
Mar  8 01:30:22 srv-ubuntu-dev3 sshd[15080]: Invalid user frappe from 121.229.25.154
Mar  8 01:30:22 srv-ubuntu-dev3 sshd[15080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.25.154
Mar  8 01:30:22 srv-ubuntu-dev3 sshd[15080]: Invalid user frappe from 121.229.25.154
Mar  8 01:30:24 srv-ubuntu-dev3 sshd[15080]: Failed password for invalid user frappe from 121.229.25.154 port 55046 ssh2
Mar  8 01:34:13 srv-ubuntu-dev3 sshd[15720]: Invalid user rust from 121.229.25.154
...