It tried to use the email server for bounce spam, of sending out spam to third parties with forged return paths.

It made multiple requests with the same Expect header.

The IP initiated fake traffic attacks to manipulate webpage rankings and conduct click fraud.

The IP attempted to exploit a mail server's greylisting functionality to bypass spam filters.

POST /admin/upload.php?_upl: An attempt to exploit the JQuery File Upload vulnerability.

A series of active scareware campaigns was traced back to this IP address.

The IP attempted to mark emails as read on the POP3 server without authorization.

This IP belongs to Archer-Daniels-Midland.

The notorious IP attempted to distribute Banker Trojans aimed to steal financial data.

GET /manager/html: Signals an attempt to access the Tomcat Application Manager.

This IP gave off a red flag for hosting a hidden command and control server for malicious bots.

This IP belongs to Pfizer.

This IP belongs to IBM Cloud Services.

The IP made multiple unsuccessful login attempts to the Mail server in a short period of time.

The IP attempted to perform a replay attack on the IMAP server.

The IP attempted to send spam emails from the Postfix server.

The malicious IP tried to depreciate the reputation of our mail server by sending out numerous spam mails.

The malicious IP was found to be running an Internet Relay Chat (IRC) bot, potentially spreading malware or launching Distributed Denial-of-Service (DDoS) attacks.

This IP belongs to Dell Technologies.

It attempted to send emails with deceptive subject lines from the Mail server.

The IP attempted to brute force the password to gain mail account access.

It made multiple requests with the same Expect header.

Path Traversal / URI Encoding Attacks: You might notice HTTP GET requests that include ".." or "%2e%2e" or "%252e%252e", indicating a path traversal attack.

The IP was seen attempting a Dictionary attack on the FTP server, systematically entering every word in a dictionary as a password to find the correct one.

It tried to execute Privilege Escalation attacks, trying to gain higher-level access on our server.