Found on   CINS badguys     / proto=6  .  srcport=8080  .  dstport=4491  .     (752)

Sep  9 18:42:56 xeon cyrus/imaps[34233]: badlogin: [117.242.147.93] plaintext szabo.abel@taylor.hu SASL(-13): authentication failure: checkpass failed

Sep  9 12:40:08 moo sshd[29841]: Failed password for invalid user lambregtse from 154.85.52.194 port 35650 ssh2
Sep  9 12:47:45 moo sshd[30179]: Failed password for invalid user user2 from 154.85.52.194 port 48560 ssh2
Sep  9 12:59:56 moo sshd[30723]: Failed password for r.r from 154.85.52.194 port 54620 ssh2
Sep  9 13:03:10 moo sshd[30893]: Failed password for r.r from 154.85.52.194 port 49094 ssh2
Sep  9 13:06:25 moo sshd[31087]: Failed password for invalid user webuser from 154.85.52.194 port 43564 ssh2
Sep  9 13:19:12 moo sshd[31856]: Failed password for invalid user crick from 154.85.52.194 port 49664 ssh2
Sep  9 13:22:31 moo sshd[32042]: Failed password for r.r from 154.85.52.194 port 44144 ssh2
Sep  9 13:35:15 moo sshd[32712]: Failed password for invalid user roen from 154.85.52.194 port 50234 ssh2
Sep  9 13:38:32 moo sshd[424]: Failed password for invalid user admin from 154.85.52.194 port 44708 ssh2
Sep  9 13:51:17 moo sshd[1274]: Failed password for r.r from 15........
------------------------------

sshd: Failed password for .... from 178.128.201.175 port 35880 ssh2

Sep 10 12:39:18 gospond sshd[18204]: Failed password for root from 139.59.3.170 port 57392 ssh2
Sep 10 12:39:16 gospond sshd[18204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.3.170  user=root
Sep 10 12:39:18 gospond sshd[18204]: Failed password for root from 139.59.3.170 port 57392 ssh2
...

Chat Spam

Sep 10 08:42:50 root sshd[5184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.57.21 
...

Sep 10 18:21:29 rocket sshd[8231]: Failed password for root from 222.186.180.147 port 30274 ssh2
Sep 10 18:21:42 rocket sshd[8231]: Failed password for root from 222.186.180.147 port 30274 ssh2
Sep 10 18:21:42 rocket sshd[8231]: error: maximum authentication attempts exceeded for root from 222.186.180.147 port 30274 ssh2 [preauth]
...

firewall-block, port(s): 1081/tcp

Invalid user bk from 118.174.211.220 port 53196

Scanning unused Default website or suspicious access to valid sites from IP marked as abusive

Sep 10 18:19:11 funkybot sshd[7392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.105.59.80 
Sep 10 18:19:13 funkybot sshd[7392]: Failed password for invalid user ubuntu from 103.105.59.80 port 59610 ssh2
...

Sep 10 05:08:01 vm1 sshd[16015]: Failed password for root from 49.88.112.110 port 43553 ssh2
Sep 10 05:08:02 vm1 sshd[16013]: Failed password for root from 49.88.112.110 port 37417 ssh2
...

Sep 10 19:27:04 server sshd[30898]: Failed password for root from 31.129.173.162 port 40210 ssh2
Sep 10 19:33:40 server sshd[32669]: Failed password for root from 31.129.173.162 port 33888 ssh2
Sep 10 19:35:32 server sshd[33275]: Failed password for invalid user mcserver from 31.129.173.162 port 36780 ssh2

[2020-09-10 13:31:19] NOTICE[1239] chan_sip.c: Registration from '' failed for '185.108.106.251:56218' - Wrong password
[2020-09-10 13:31:19] SECURITY[1264] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-10T13:31:19.078-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="6556",SessionID="0x7f4d480d6c18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.108.106.251/56218",Challenge="4794918a",ReceivedChallenge="4794918a",ReceivedHash="fe9603b1c0bfd0d02dda0c5b8a5bea53"
[2020-09-10 13:31:47] NOTICE[1239] chan_sip.c: Registration from '' failed for '185.108.106.251:54291' - Wrong password
[2020-09-10 13:31:47] SECURITY[1264] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-10T13:31:47.349-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="4127",SessionID="0x7f4d481284c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.108
...