Sep 25 20:39:57 roki sshd[26235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.71.16.51  user=root
Sep 25 20:39:59 roki sshd[26235]: Failed password for root from 13.71.16.51 port 35803 ssh2
Sep 26 06:12:47 roki sshd[2767]: Invalid user admin from 13.71.16.51
Sep 26 06:12:47 roki sshd[2767]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.71.16.51
Sep 26 06:12:49 roki sshd[2767]: Failed password for invalid user admin from 13.71.16.51 port 50505 ssh2
...

Invalid user ftpuser from 1.194.238.226 port 54029

2020-03-08T09:52:54.035531suse-nuc sshd[23180]: Invalid user form-test from 1.213.195.155 port 60741
...

Sep 26 00:02:39 mout sshd[15471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.13.61  user=root
Sep 26 00:02:41 mout sshd[15471]: Failed password for root from 106.55.13.61 port 47348 ssh2

Invalid user prueba from 2.47.183.107 port 53462

51.158.145.216 - - [25/Sep/2020:21:39:28 +0100] "POST /wp-login.php HTTP/1.1" 200 2252 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
51.158.145.216 - - [25/Sep/2020:21:39:29 +0100] "POST /wp-login.php HTTP/1.1" 200 2231 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
51.158.145.216 - - [25/Sep/2020:21:39:30 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

Amazon phisg.
Received:  from mx.steamfair.co.uk () by mx-ha.gmx.net (mxgmx016 ) with ESMTPS (Nemesis) id 1MvJ8l-1kRfbn0yv3-00rKiM for ; Thu, 24 Sep 2020 21:48:01 +0200
Tracking message source: 49.12.118.79:
Routing details for 49.12.118.79
Report routing for 49.12.118.79: abuse@hetzner.de
"From:  (Gluckwunsch! Exklusive Pramien uber 50 USD- uber Amazon Prime!)
 Gesendet: Donnerstag, 24. Septemb
 er 2020 um 21:48 Uhr"

164.90.181.196 - - [25/Sep/2020:23:25:11 +0000] "POST /wp-login.php HTTP/1.1" 200 2077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"
164.90.181.196 - - [25/Sep/2020:23:25:14 +0000] "POST /wp-login.php HTTP/1.1" 200 2055 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"
164.90.181.196 - - [25/Sep/2020:23:25:20 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"
164.90.181.196 - - [25/Sep/2020:23:25:27 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"
164.90.181.196 - - [25/Sep/2020:23:25:33 +0000] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"

SSH Invalid Login

Automatic report - Banned IP Access

Sep 26 07:09:17 marvibiene sshd[13432]: Failed password for root from 222.186.173.238 port 17770 ssh2
Sep 26 07:09:22 marvibiene sshd[13432]: Failed password for root from 222.186.173.238 port 17770 ssh2

SSH 168.61.34.21 [26/Sep/2020:04:50:55 "-" "GET /xmlrpc.php?rsd 404 529
168.61.34.21 [26/Sep/2020:08:48:32 "-" "POST /xmlrpc.php 500 724
168.61.34.21 [26/Sep/2020:08:48:32 "-" "POST /xmlrpc.php 500 724

2020-03-22T00:28:58.297867suse-nuc sshd[23911]: Invalid user wc from 1.194.238.187 port 46340
...

ssh brute force

Sep 26 04:33:30 ns308116 sshd[17080]: Invalid user vmware from 220.149.227.105 port 51350
Sep 26 04:33:30 ns308116 sshd[17080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.149.227.105
Sep 26 04:33:32 ns308116 sshd[17080]: Failed password for invalid user vmware from 220.149.227.105 port 51350 ssh2
Sep 26 04:42:13 ns308116 sshd[1721]: Invalid user s from 220.149.227.105 port 48253
Sep 26 04:42:13 ns308116 sshd[1721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.149.227.105
...