Jul 26 11:22:27 vps647732 sshd[4965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.231.161
Jul 26 11:22:29 vps647732 sshd[4965]: Failed password for invalid user ladev from 51.77.231.161 port 56188 ssh2
...

Jul 26 05:25:49 mail.srvfarm.net postfix/smtps/smtpd[1013059]: warning: unknown[185.224.176.130]: SASL PLAIN authentication failed: 
Jul 26 05:25:49 mail.srvfarm.net postfix/smtps/smtpd[1013059]: lost connection after AUTH from unknown[185.224.176.130]
Jul 26 05:27:20 mail.srvfarm.net postfix/smtpd[1028327]: warning: unknown[185.224.176.130]: SASL PLAIN authentication failed: 
Jul 26 05:27:20 mail.srvfarm.net postfix/smtpd[1028327]: lost connection after AUTH from unknown[185.224.176.130]
Jul 26 05:32:50 mail.srvfarm.net postfix/smtps/smtpd[1029363]: warning: unknown[185.224.176.130]: SASL PLAIN authentication failed:

Jul 26 05:28:11 mail.srvfarm.net postfix/smtps/smtpd[1027770]: warning: unknown[103.99.189.48]: SASL PLAIN authentication failed: 
Jul 26 05:28:11 mail.srvfarm.net postfix/smtps/smtpd[1027770]: lost connection after AUTH from unknown[103.99.189.48]
Jul 26 05:33:36 mail.srvfarm.net postfix/smtpd[1029338]: warning: unknown[103.99.189.48]: SASL PLAIN authentication failed: 
Jul 26 05:33:36 mail.srvfarm.net postfix/smtpd[1029338]: lost connection after AUTH from unknown[103.99.189.48]
Jul 26 05:34:31 mail.srvfarm.net postfix/smtps/smtpd[1027919]: warning: unknown[103.99.189.48]: SASL PLAIN authentication failed:

Jul 26 11:07:05 mail.srvfarm.net dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=93.174.93.25, lip=185.118.197.126, session=<4p2Rh1SrPqZdrl0Z>
Jul 26 11:07:36 mail.srvfarm.net dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=93.174.93.25, lip=185.118.197.126, session=<3r1piVSruIxdrl0Z>
Jul 26 11:08:01 mail.srvfarm.net dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=93.174.93.25, lip=185.118.197.126, session=<4OLrilSrQhpdrl0Z>
Jul 26 11:08:39 mail.srvfarm.net dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=93.174.93.25, lip=185.118.197.126, session=<6uAmjVSrMmFdrl0Z>
Jul 26 11:09:50 mail.srvfarm.net dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method

$f2bV_matches

/wp-login.php

failed_logins

Jul 26 11:27:17 myvps sshd[6965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.103.1 
Jul 26 11:27:19 myvps sshd[6965]: Failed password for invalid user crp from 106.13.103.1 port 43490 ssh2
Jul 26 11:36:40 myvps sshd[12655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.103.1 
...

Jul 26 10:36:42 host sshd[31649]: Invalid user mac from 106.51.78.18 port 55044
...

Jul 26 08:30:20 vps639187 sshd\[13884\]: Invalid user support from 119.254.155.187 port 5862
Jul 26 08:30:20 vps639187 sshd\[13884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.254.155.187
Jul 26 08:30:22 vps639187 sshd\[13884\]: Failed password for invalid user support from 119.254.155.187 port 5862 ssh2
...

invalid user test1 from 114.67.230.163 port 44922 ssh2

"fail2ban match"

(smtpauth) Failed SMTP AUTH login from 186.227.41.177 (BR/Brazil/186.227.41.177-cliente.icenet.com.br): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-26 09:40:10 plain authenticator failed for ([186.227.41.177]) [186.227.41.177]: 535 Incorrect authentication data (set_id=ghanbarian)

Jul 26 05:47:01 mail.srvfarm.net postfix/smtps/smtpd[1028921]: warning: unknown[187.1.180.202]: SASL PLAIN authentication failed: 
Jul 26 05:47:02 mail.srvfarm.net postfix/smtps/smtpd[1028921]: lost connection after AUTH from unknown[187.1.180.202]
Jul 26 05:50:15 mail.srvfarm.net postfix/smtps/smtpd[1032033]: warning: unknown[187.1.180.202]: SASL PLAIN authentication failed: 
Jul 26 05:50:15 mail.srvfarm.net postfix/smtps/smtpd[1032033]: lost connection after AUTH from unknown[187.1.180.202]
Jul 26 05:51:44 mail.srvfarm.net postfix/smtps/smtpd[1032032]: warning: unknown[187.1.180.202]: SASL PLAIN authentication failed:

2020-07-26T05:27:58.380921mail.thespaminator.com sshd[5983]: Invalid user william from 37.139.23.222 port 43652
2020-07-26T05:28:00.363604mail.thespaminator.com sshd[5983]: Failed password for invalid user william from 37.139.23.222 port 43652 ssh2
...