72-31-29-215 sshd[2823293]: Connection closed by invalid user aptuslegal 24.144.87.77 port 47814 [preauth]
Jul 13 07:26:09 ip-172-31-29-215 sshd[2823295]: Invalid user aptuslegal from 149.12.247.56 port 36356
Jul 13 07:26:09 ip-172-31-29-215 sshd[2823295]: Connection closed by invalid user aptuslegal 149.12.247.56 port 36356 [preauth]
Jul 13 07:30:23 ip-172-31-29-215 sshd[2823300]: Invalid user aptuslegal from 178.128.102.63 port 45586
Jul 13 07:30:23 ip-172-31-29-215 sshd[2823300]: Connection closed by invalid user aptuslegal 178.128.102.63 port 45586 [preauth]
Jul 13 07:34:48 ip-172-31-29-215 sshd[2823303]: Connection closed by authenticating user root 168.228.250.10 port 42656 [preauth]
Jul 13 07:37:44 ip-172-31-29-215 sshd[2823305]: Connection closed by authenticating user root 94.103.34.243 port 40102 [preauth]
Jul 13 07:38:02 ip-172-31-29-215 sshd[2823308]: Connection closed by authenticating user root 193.32.162.112 port 46282 [preauth]
Jul 13 07:39:01 ip-172-31-29-215 CRON[2823311]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 13 07:39:01 ip-172-31-29-215 CRON[2823311]: pam_unix(cron:session): session closed for user root
Jul 13 07:39:50 ip-172-31-29-215 sshd[2823367]: Invalid user aptuslegal from 45.92.8.144 port 48434
Jul 13 07:39:50 ip-172-31-29-215 sshd[2823367]: Connection closed by invalid user aptuslegal 45.92.8.144 port 48434 [preauth]
Jul 13 07:40:01 ip-172-31-29-215 CRON[2823369]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jul 13 07:40:01 ip-172-31-29-215 CRON[2823369]: pam_unix(cron:session): session closed for user smmsp
Jul 13 07:45:00 ip-172-31-29-215 sshd[2823393]: Connection closed by authenticating user root 203.170.129.195 port 58532 [preauth]
Jul 13 07:52:46 ip-172-31-29-215 sshd[2823616]: Invalid user aptuslegal from 85.10.194.162 port 37042
Jul 13 07:52:46 ip-172-31-29-215 sshd[2823616]: Connection closed by invalid user aptuslegal 85.10.194.162 port 37042 [preauth]
Jul 13 07:53:14 ip-172-31-29-215 sshd[2823618]: Invalid user aptuslegal from 185.216.192.61 port 45870
Jul 13 07:53:14 ip-172-31-29-215 sshd[2823618]: Connection closed by invalid user aptuslegal 185.216.192.61 port 45870 [preauth]
Jul 13 07:54:59 ip-172-31-29-215 sshd[2823621]: error: kex_exchange_identification: Connection closed by remote host
Jul 13 07:55:51 ip-172-31-29-215 sshd[2823622]: Connection closed by authenticating user root 178.235.86.152 port 36314 [preauth]
Jul 13 08:00:01 ip-172-31-29-215 CRON[2823628]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jul 13 08:00:01 ip-172-31-29-215 CRON[2823628]: pam_unix(cron:session): session closed for user smmsp
Jul 13 08:06:50 ip-172-31-29-215 sshd[2823652]: Connection closed by authenticating user root 217.156.22.114 port 55220 [preauth]
Jul 13 08:08:40 ip-172-31-29-215 sshd[2823655]: Connection closed by authenticating user root 203.161.62.169 port 45546 [preauth]
Jul 13 08:09:01 ip-172-31-29-215 CRON[2823658]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 13 08:09:01 ip-172-31-29-215 CRON[2823658]: pam_unix(cron:session): session closed for user root
Jul 13 08:11:35 ip-172-31-29-215 sshd[2823715]: Connection closed by authenticating user root 193.32.162.112 port 53974 [preauth]
Jul 13 08:12:43 ip-172-31-29-215 sshd[2823718]: Invalid user aptuslegal from 82.96.167.171 port 58162
Jul 13 08:12:43 ip-172-31-29-215 sshd[2823718]: Connection closed by invalid user aptuslegal 82.96.167.171 port 58162 [preauth]
Jul 13 08:12:51 ip-172-31-29-215 sshd[2823720]: Invalid user aptuslegal from 96.52.21.96 port 33096
Jul 13 08:12:51 ip-172-31-29-215 sshd[2823720]: Connection closed by invalid user aptuslegal 96.52.21.96 port 33096 [preauth]
Jul 13 08:13:20 ip-172-31-29-215 sshd[2823722]: Connection closed by authenticating user root 89.213.120.14 port 57522 [preauth]
Jul 13 08:17:01 ip-172-31-29-215 CRON[2823724]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 13 08:17:01 ip-172-31-29-215 CRON[2823724]: pam_unix(cron:session): session closed for user root
Jul 13 08:18:28 ip-172-31-29-215 sshd[2823729]: Invalid user aptuslegal from 14.206.12.13 port 37246
Jul 13 08:18:28 ip-172-31-29-215 sshd[2823729]: Connection closed by invalid user aptuslegal 14.206.12.13 port 37246 [preauth]
Jul 13 08:20:01 ip-172-31-29-215 CRON[2823733]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jul 13 08:20:01 ip-172-31-29-215 CRON[2823733]: pam_unix(cron:session): session closed for user smmsp
Jul 13 08:20:56 ip-172-31-29-215 sshd[2823755]: Connection closed by authenticating user root 96.126.101.102 port 39142 [preauth]
Jul 13 08:21:23 ip-172-31-29-215 sshd[2823757]: Invalid user admin from 139.19.117.129 port 55822
Jul 13 08:21:33 ip-172-31-29-215 sshd[2823757]: Connection closed by invalid user admin 139.19.117.129 port 55822 [preauth]
Jul 13 08:22:38 ip-172-31-29-215 sshd[2823759]: Connection closed by authenticating user root 216.176.84.4 port 53632 [preauth]
Jul 13 08:28:44 ip-172-31-29-215 sshd[2823765]: Invalid user aptuslegal from 51.159.18.215 port 45694
Jul 13 08:28:44 ip-172-31-29-215 sshd[2823765]: Connection closed by invalid user aptuslegal 51.159.18.215 port 45694 [preauth]
Jul 13 08:32:30 ip-172-31-29-215 sshd[2823767]: Connection closed by authenticating user root 195.90.222.0 port 53914 [preauth]
Jul 13 08:32:32 ip-172-31-29-215 sshd[2823769]: Invalid user aptuslegal from 120.48.98.125 port 55500
Jul 13 08:32:32 ip-172-31-29-215 sshd[2823769]: Connection closed by invalid user aptuslegal 120.48.98.125 port 55500 [preauth]
Jul 13 08:34:36 ip-172-31-29-215 sshd[2823773]: Invalid user aptuslegal from 85.114.138.47 port 32984
Jul 13 08:34:36 ip-172-31-29-215 sshd[2823773]: Connection closed by invalid user aptuslegal 85.114.138.47 port 32984 [preauth]
Jul 13 08:38:05 ip-172-31-29-215 sshd[2823776]: Invalid user aptuslegal from 51.21.241.70 port 44632
Jul 13 08:38:05 ip-172-31-29-215 sshd[2823776]: Connection closed by invalid user aptuslegal 51.21.241.70 port 44632 [preauth]
Jul 13 08:38:15 ip-172-31-29-215 sshd[2823778]: Connection closed by authenticating user root 178.128.88.9 port 53912 [preauth]
Jul 13 08:39:01 ip-172-31-29-215 CRON[2823782]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 13 08:39:01 ip-172-31-29-215 CRON[2823782]: pam_unix(cron:session): session closed for user root
Jul 13 08:40:01 ip-172-31-29-215 CRON[2823838]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jul 13 08:40:01 ip-172-31-29-215 CRON[2823838]: pam_unix(cron:session): session closed for user smmsp
Jul 13 08:42:12 ip-172-31-29-215 sshd[2823860]: Connection closed by authenticating user root 162.215.128.59 port 34528 [preauth]
Jul 13 08:43:00 ip-172-31-29-215 sshd[2823862]: Connection closed by authenticating user root 34.67.208.20 port 36356 [preauth]
Jul 13 08:44:42 ip-172-31-29-215 sshd[2823864]: Connection closed by authenticating user root 193.32.162.112 port 42252 [preauth]
Jul 13 08:47:23 ip-172-31-29-215 sshd[2823868]: error: kex_exchange_identification: Connection closed by remote host
Jul 13 08:48:24 ip-172-31-29-215 sshd[2823870]: Connection closed by 34.201.151.183 port 36954 [preauth]
Jul 13 08:50:39 ip-172-31-29-215 sshd[2823873]: Connection closed by authenticating user root 211.233.37.178 port 59660 [preauth]
Jul 13 08:54:15 ip-172-31-29-215 sshd[2823876]: Connection closed by authenticating user root 68.183.10.249 port 37662 [preauth]
Jul 13 08:57:12 ip-172-31-29-215 sshd[2823878]: Connection closed by authenticating user root 221.156.137.104 port 60838 [preauth]
Jul 13 09:00:01 ip-172-31-29-215 CRON[2823885]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jul 13 09:00:01 ip-172-31-29-215 CRON[2823885]: pam_unix(cron:session): session closed for user smmsp
Jul 13 09:00:36 ip-172-31-29-215 sshd[2823907]: Invalid user aptuslegal from 92.205.108.192 port 50348
Jul 13 09:00:37 ip-172-31-29-215 sshd[2823907]: Connection closed by invalid user aptuslegal 92.205.108.192 port 50348 [preauth]
Jul 13 09:01:07 ip-172-31-29-215 sshd[2823909]: Invalid user aptuslegal from 103.82.38.102 port 47450
Jul 13 09:01:07 ip-172-31-29-215 sshd[2823909]: Copdo_sqlsrv.so: undefined symbol: php_pdo_unregister_driver), /usr/lib/php/20190902/pdo_sqlsrv.so.so (/usr/lib/php/20190902/pdo_sqlsrv.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0
Jul 13 08:39:19 ip-172-31-29-215 sessionclean[2823796]: PHP Warning:  Module 'gettext' already loaded in Unknown on line 0
Jul 13 08:39:19 ip-172-31-29-215 sessionclean[2823796]: PHP Warning:  Module 'mbstring' already loaded in Unknown on line 0
Jul 13 08:39:19 ip-172-31-29-215 sessionclean[2823796]: PHP Warning:  Module 'sqlsrv' already loaded in Unknown on line 0
Jul 13 08:39:20 ip-172-31-29-215 systemd[1]: phpsessionclean.service: Succeeded.
Jul 13 08:39:20 ip-172-31-29-215 systemd[1]: Finished Clean php session files.
Jul 13 08:40:01 ip-172-31-29-215 CRON[2823839]: (smmsp) CMD (test -x /etc/init.d/sendmail && test -x /usr/share/sendmail/sendmail && test -x /usr/lib/sm.bin/sendmail && /usr/share/sendmail/sendmail cron-msp)
Jul 13 09:00:01 ip-172-31-29-215 CRON[2823886]: (smmsp) CMD (test -x /etc/init.d/sendmail && test -x /usr/share/sendmail/sendmail && test -x /usr/lib/sm.bin/sendmail && /usr/share/sendmail/sendmail cron-msp)
Jul 13 09:05:34 ip-172-31-29-215 amazon-ssm-agent.amazon-ssm-agent[1875640]: 2025-07-13 09:05:34.2026 WARN EC2RoleProvider Failed to connect to Systems Manager with instance profile role credentials. Err: retrieved credentials failed to report to ssm. Error: EC2RoleRequestError: no EC2 instance role found
Jul 13 09:05:34 ip-172-31-29-215 amazon-ssm-agent.amazon-ssm-agent[1875640]: 2025-07-13 09:05:34.2421 ERROR EC2RoleProvider Failed to connect to Systems Manager with SSM role credentials. error calling RequestManagedInstanceRoleToken: AccessDeniedException: Systems Manager's instance management role is not configured for account: 227937466084
Jul 13 09:05:34 ip-172-31-29-215 amazon-ssm-agent.amazon-ssm-agent[1875640]: #011status code: 400, request id: 4a300686-c6f1-4e4f-a084-354ae8394a62
Jul 13 09:09:01 ip-172-31-29-215 CRON[2823919]: (root) CMD (  [ -x /usr/lib/php/sessionclean ] && if [ ! -d /run/systemd/system ]; then /usr/lib/php/sessionclean; fi)
Jul 13 09:09:19 ip-172-31-29-215 systemd[1]: Starting Clean php session files...
Jul 13 09:09:19 ip-172-31-29-215 sessionclean[2823932]: Cannot load Xdebug - it was already loaded
Jul 13 09:09:19 ip-172-31-29-215 sessionclean[2823932]: PHP Warning:  PHP Startup: Unable to load dynamic library 'pdo_sqlsrv.so' (tried: /usr/lib/php/20190902/pdo_sqlsrv.so (/usr/lib/php/20190902/pdo_sqlsrv.so: undefined symbol: php_pdo_unregister_driver), /usr/lib/php/20190902/pdo_sqlsrv.so.so (/usr/lib/php/20190902/pdo_sqlsrv.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0
Jul 13 09:09:19 ip-172-31-29-215 sessionclean[2823932]: PHP Warning:  Module 'gettext' already loaded in Unknown on line 0
Jul 13 09:09:19 ip-172-31-29-215 sessionclean[2823932]: PHP Warning:  Module 'mbstring' already loaded in Unknown on line 0
Jul 13 09:09:19 ip-172-31-29-215 sessionclean[2823932]: PHP Warning:  Module 'sqlsrv' already loaded in Unknown on line 0
Jul 13 09:09:20 ip-172-31-29-215 systemd[1]: phpsessionclean.service: Succeeded.
Jul 13 09:09:20 ip-172-31-29-215 systemd[1]: Finished Clean php session files.
Jul 13 09:17:01 ip-172-31-29-215 CRON[2823983]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly)
Jul 13 09:20:01 ip-172-31-29-215 CRON[2823991]: (smmsp) CMD (test -x /etc/init.d/sendmail && test -x /usr/share/sendmail/sendmail && test -x /usr/lib/sm.bin/sendmail && /usr/share/sendmail/sendmail cron-msp)
Jul 13 09:32:04 ip-172-31-29-215 amazon-ssm-agent.amazon-ssm-agent[1875640]: 2025-07-13 09:32:04.3229 WARN EC2RoleProvider Failed to connect to Systems Manager with instance profile role credentials. Err: retrieved credentials failed to report to ssm. Error: EC2RoleRequestError: no EC2 instance role found
Jul 13 09:32:04 ip-172-31-29-215 amazon-ssm-agent.amazon-ssm-agent[1875640]: 2025-07-13 09:32:04.3634 ERROR EC2RoleProvider Failed to connect to Systems Manager with SSM role credentials. error calling RequestMa6.168.34.218 - - [13/Jul/2025:08:40:42 -0600] "\x16\x03\x01" 400 488 "-" "-"
206.168.34.218 - - [13/Jul/2025:08:40:46 -0600] "GET /robots.txt HTTP/1.1" 404 435 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
5.133.192.135 - - [13/Jul/2025:08:46:52 -0600] "GET / HTTP/1.1" 200 7192 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36"
5.133.192.135 - - [13/Jul/2025:08:46:52 -0600] "GET /favicon.ico HTTP/1.1" 404 4165 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36"
54.209.243.67 - - [13/Jul/2025:08:49:29 -0600] "GET / HTTP/1.1" 200 3421 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
136.143.176.60 - - [13/Jul/2025:09:03:56 -0600] "GET /PCI-test/trademarks.csv HTTP/1.1" 200 36733924 "-" "Zoho_Analytics"
136.143.176.64 - - [13/Jul/2025:09:05:39 -0600] "GET /PCI-test/trademarks.csv HTTP/1.1" 200 36733924 "-" "Zoho_Analytics"
189.131.74.4 - - [13/Jul/2025:09:08:05 -0600] "GET /imagenesAptusLegal/arochi/LogosArochi/MAR-90319.gif HTTP/1.1" 200 9759 "-" "Mozilla/4.0 (compatible; ms-office; MSOffice 16)"
44.222.226.245 - - [13/Jul/2025:09:08:52 -0600] "GET / HTTP/1.1" 200 7156 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
189.131.74.4 - - [13/Jul/2025:09:11:11 -0600] "GET /imagenesAptusLegal/arochi/LogosArochi/MAR-90319.gif HTTP/1.1" 304 767 "-" "Mozilla/4.0 (compatible; ms-office; MSOffice 16)"
189.131.74.4 - - [13/Jul/2025:09:11:38 -0600] "GET /imagenesAptusLegal/arochi/LogosArochi/MAR-90319.gif HTTP/1.1" 304 767 "-" "Mozilla/4.0 (compatible; ms-office; MSOffice 16)"
189.131.74.4 - - [13/Jul/2025:09:12:19 -0600] "GET /imagenesAptusLegal/arochi/LogosArochi/MAR-90319.gif HTTP/1.1" 304 767 "-" "Mozilla/4.0 (compatible; ms-office; MSOffice 16)"
34.38.154.242 - - [13/Jul/2025:09:31:43 -0600] "GET / HTTP/1.1" 200 3477 "-" "python-requests/2.32.4"
45.39.15.12 - - [13/Jul/2025:09:45:18 -0600] "GET /.env HTTP/1.1" 404 454 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36"
45.39.15.12 - - [13/Jul/2025:09:45:18 -0600] "POST / HTTP/1.1" 200 3440 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36"
36.81.17.162 - - [13/Jul/2025:10:01:51 -0600] "GET /sftp-config.json HTTP/1.1" 404 498 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
36.81.17.162 - - [13/Jul/2025:10:01:52 -0600] "GET /.vscode/sftp.json HTTP/1.1" 200 558 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
36.81.17.162 - - [13/Jul/2025:10:01:57 -0600] "GET /sftp-config.json HTTP/1.1" 404 493 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
36.81.17.162 - - [13/Jul/2025:10:01:57 -0600] "GET /.vscode/sftp.json HTTP/1.1" 200 558 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
136.143.177.61 - - [13/Jul/2025:10:05:45 -0600] "GET /PCI-test/trademarks.csv HTTP/1.1" 200 36733924 "-" "Zoho_Analytics"
36.81.17.162 - - [13/Jul/2025:10:08:34 -0600] "GET /.vscode/sftp.json HTTP/1.1" 200 558 "-" "python-requests/2.31.0"
36.81.17.162 - - [13/Jul/2025:10:10:22 -0600] "GET /.vscode/sftp.json HTTP/1.1" 200 558 "-" "python-requests/2.31.0"
36.81.17.162 - - [13/Jul/2025:10:25:42 -0600] "GET /.vscode/sftp.json HTTP/1.1" 200 558 "-" "python-requests/2.32.4"
36.81.17.162 - - [13/Jul/2025:10:25:45 -0600] "GET /bypltspd.php HTTP/1.1" 404 493 "-" "python-requests/2.32.4"
36.81.17.162 - - [13/Jul/2025:10:31:12 -0600] "GET /.vscode/sftp.json HTTP/1.1" 200 558 "-" "python-requests/2.32.4"
36.81.17.162 - - [13/Jul/2025:10:31:15 -0600] "GET /bypltspd.php HTTP/1.1" 404 491 "-" "python-requests/2.32.4"
43.166.253.94 - - [13/Jul/2025:10:34:09 -0600] "GET / HTTP/1.1" 200 3440 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 13_nnection closed by invalid user aptuslegal 103.82.38.102 port 47450 [preauth]
Jul 13 09:01:53 ip-172-31-29-215 sshd[2823911]: Invalid user aptuslegal from 218.38.121.43 port 49974
Jul 13 09:01:54 ip-172-31-29-215 sshd[2823911]: Connection closed by invalid user aptuslegal 218.38.121.43 port 49974 [preauth]
Jul 13 09:04:55 ip-172-31-29-215 sshd[2823913]: Invalid user aptuslegal from 103.214.6.212 port 37458
Jul 13 09:04:55 ip-172-31-29-215 sshd[2823913]: Connection closed by invalid user aptuslegal 103.214.6.212 port 37458 [preauth]
Jul 13 09:09:01 ip-172-31-29-215 CRON[2823918]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 13 09:09:01 ip-172-31-29-215 CRON[2823918]: pam_unix(cron:session): session closed for user root
Jul 13 09:09:28 ip-172-31-29-215 sshd[2823974]: Connection closed by authenticating user root 197.242.151.53 port 47450 [preauth]
Jul 13 09:10:28 ip-172-31-29-215 sshd[2823977]: Connection closed by authenticating user root 38.123.220.10 port 51798 [preauth]
Jul 13 09:12:33 ip-172-31-29-215 sshd[2823980]: Invalid user aptuslegal from 164.90.149.164 port 45862
Jul 13 09:12:33 ip-172-31-29-215 sshd[2823980]: Connection closed by invalid user aptuslegal 164.90.149.164 port 45862 [preauth]
Jul 13 09:17:01 ip-172-31-29-215 CRON[2823982]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 13 09:17:01 ip-172-31-29-215 CRON[2823982]: pam_unix(cron:session): session closed for user root
Jul 13 09:18:51 ip-172-31-29-215 sshd[2823988]: Connection closed by authenticating user root 193.32.162.112 port 58700 [preauth]
Jul 13 09:20:01 ip-172-31-29-215 CRON[2823990]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jul 13 09:20:01 ip-172-31-29-215 CRON[2823990]: pam_unix(cron:session): session closed for user smmsp
Jul 13 09:22:59 ip-172-31-29-215 sshd[2824012]: Connection closed by authenticating user root 125.212.244.35 port 37044 [preauth]
Jul 13 09:23:24 ip-172-31-29-215 sshd[2824014]: Invalid user aptuslegal from 51.161.172.215 port 43758
Jul 13 09:23:24 ip-172-31-29-215 sshd[2824014]: Connection closed by invalid user aptuslegal 51.161.172.215 port 43758 [preauth]
Jul 13 09:23:24 ip-172-31-29-215 sshd[2824016]: Invalid user aptuslegal from 185.149.146.202 port 35892
Jul 13 09:23:24 ip-172-31-29-215 sshd[2824016]: Connection closed by invalid user aptuslegal 185.149.146.202 port 35892 [preauth]
Jul 13 09:27:24 ip-172-31-29-215 sshd[2824019]: Invalid user aptuslegal from 132.148.77.164 port 43458
Jul 13 09:27:24 ip-172-31-29-215 sshd[2824019]: Connection closed by invalid user aptuslegal 132.148.77.164 port 43458 [preauth]
Jul 13 09:29:39 ip-172-31-29-215 sshd[2824025]: Invalid user aptuslegal from 158.220.124.69 port 45960
Jul 13 09:29:39 ip-172-31-29-215 sshd[2824025]: Connection closed by invalid user aptuslegal 158.220.124.69 port 45960 [preauth]
Jul 13 09:31:10 ip-172-31-29-215 sshd[2824027]: Invalid user perl from 193.34.212.116 port 40540
Jul 13 09:31:10 ip-172-31-29-215 sshd[2824027]: Connection closed by invalid user perl 193.34.212.116 port 40540 [preauth]
Jul 13 09:36:34 ip-172-31-29-215 sshd[2824030]: Connection closed by authenticating user root 193.32.177.116 port 37724 [preauth]
Jul 13 09:39:01 ip-172-31-29-215 CRON[2824035]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 13 09:39:01 ip-172-31-29-215 CRON[2824035]: pam_unix(cron:session): session closed for user root
Jul 13 09:40:01 ip-172-31-29-215 CRON[2824091]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jul 13 09:40:01 ip-172-31-29-215 CRON[2824091]: pam_unix(cron:session): session closed for user smmsp
Jul 13 09:40:47 ip-172-31-29-215 sshd[2824113]: Connection closed by authenticating user root 125.130.113.204 port 51878 [preauth]
Jul 13 09:48:37 ip-172-31-29-215 sshd[2824131]: Invalid user aptuslegal from 45.169.204.193 port 42448
Jul 13 09:48:37 ip-172-31-29-215 sshd[2824131]: Connection closed by invalid user aptuslegal 45.169.204.193 port 42448 [preauth]
Jul 13 09:49:03 ip-172-31-29-215 sshd[2824134]: Invalid user aptuslegal from 202.155.137.173 po/1.1" 404 491 "http://3.22.251.217:80/admin/login.asp" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0"
107.174.194.28 - - [13/Jul/2025:13:42:58 -0600] "GET /.env HTTP/1.1" 404 4230 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36"
107.174.194.28 - - [13/Jul/2025:13:42:59 -0600] "POST / HTTP/1.1" 200 7259 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36"
172.105.128.12 - - [13/Jul/2025:13:45:55 -0600] "\x16\x03\x01\x01\n" 400 488 "-" "-"
172.105.128.12 - - [13/Jul/2025:13:45:56 -0600] "\x16\x03\x01\x01\n" 400 488 "-" "-"
185.247.137.47 - - [13/Jul/2025:13:48:41 -0600] "GET / HTTP/1.1" 200 3440 "-" "Mozilla/5.0 (compatible; InternetMeasurement/1.0; +https://internet-measurement.com/)"
162.142.125.114 - - [13/Jul/2025:13:52:28 -0600] "GET / HTTP/1.1" 200 7156 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
162.142.125.114 - - [13/Jul/2025:13:52:31 -0600] "GET /favicon.ico HTTP/1.1" 404 4146 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
162.142.125.114 - - [13/Jul/2025:13:53:00 -0600] "GET /favicon.ico HTTP/1.1" 404 4146 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
162.142.125.114 - - [13/Jul/2025:13:53:35 -0600] "GET / HTTP/1.0" 400 624 "-" "-"
185.247.137.12 - - [13/Jul/2025:13:55:05 -0600] "GET / HTTP/1.1" 200 7175 "-" "Mozilla/5.0 (compatible; InternetMeasurement/1.0; +https://internet-measurement.com/)"
136.143.177.62 - - [13/Jul/2025:13:54:28 -0600] "GET /PCI-test/fetch_trademark_csv.php HTTP/1.1" 200 4032 "-" "Apache-HttpClient/4.5.13 (Java/17.0.15)"
43.157.158.178 - - [13/Jul/2025:14:01:42 -0600] "GET / HTTP/1.1" 200 3440 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1"
124.156.187.113 - - [13/Jul/2025:14:05:45 -0600] "HEAD /Core/Skin/Login.aspx HTTP/1.1" 404 140 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"
136.143.176.64 - - [13/Jul/2025:14:06:13 -0600] "GET /PCI-test/trademarks.csv HTTP/1.1" 200 36733924 "-" "Zoho_Analytics"
195.2.78.89 - - [13/Jul/2025:14:13:40 -0600] "GET / HTTP/1.1" 200 7211 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
195.2.78.89 - - [13/Jul/2025:14:13:41 -0600] "GET /en/mod/mod_userdir.html HTTP/1.1" 404 4184 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
195.2.78.89 - - [13/Jul/2025:14:13:41 -0600] "GET /fr/mod/mod_userdir.html HTTP/1.1" 404 4184 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
195.2.78.89 - - [13/Jul/2025:14:13:42 -0600] "GET /ja/mod/mod_userdir.html HTTP/1.1" 404 4184 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
195.2.78.89 - - [13/Jul/2025:14:13:42 -0600] "GET /ko/mod/mod_userdir.html HTTP/1.1" 404 4184 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
195.2.78.89 - - [13/Jul/2025:14:13:43 -0600] "GET /tr/mod/mod_userdir.html HTTP/1.1" 404 4184 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
195.2.78.89 - - [13/Jul/2025:14:13:43 -0600] "GET / HTTP/1.1" 200 7211 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
195.2.78.89 - - [13/Jul/2025:14:13:45 -0600] "GET / HTTP/1.1" 200 7211 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
36.81.17.162 - - [13/Jul/2025:14:19:01 -0600] "GET /.vscode/sftp.json HTTP/1.1" 200 4332 "-" "Mozilla/5.0 (Windows NT 1
 * Introducing Expanded Security Maintenance for Applications.
   Receive updates to over 25,000 software packages with your
   Ubuntu Pro subscription. Free for personal use.

     https://ubuntu.com/aws/pro