This IP belongs to Wells Fargo.

It tried cookie theft, attempting to steal session data of a legit email user which can be misused to hijack the session.

The IP attempted to use the FTP server to distribute spam.

The IP was noted for executing SYN flood attacks, purposefully creating half-open connections to deplete server resources.

This malicious IP was reported for attempting to execute a Cross-Site Request Forgery (CSRF) attack, tricking a victim into executing unwanted actions on the FTP server.

This IP had been flagged for attempting to manipulate server behaviour by injecting shellcodes.

The IP performed Covert Timing Channel attacks, gathering information about encrypted SSH traffic by analyzing packet timing.

This malicious IP was reported for attempting a Zero-day exploit, exploiting a software vulnerability before it's known or fixed by the vendor.

GET /muieblackcat: This is often a precursor for additional scanning and likely attacks.

It attempted to perform a Land attack on the SSH server.

The IP tried to crack S/MIME encryption for accessing secured email contents.

The IP attempted to use the FTP server to distribute keylogging software.

Multiple requests with the same Range header.

The IP was seen trying to exploit known vulnerabilities in the Asterisk server, a common tactic for gaining unauthorized access or control.

Login attempts at unusual times (e.g., in the middle of the night).

It made multiple requests with the same X-Forwarded-For header.

Numerous incidents of botnet infestations were traced back to this offensive IP address.

This IP belongs to AT&T.

This malicious IP was reported for attempting a FTP Spoof attack, falsifying its IP address to bypass IP-based access controls on the FTP server.

This IP belongs to FedEx.

It attempted to perform HTTP Response Splitting attacks on the Apache server.

This malicious IP was reported for trying to perform a Man-in-the-Middle attack, intercepting and potentially altering communication between the FTP server and its clients.

This IP belongs to Xbox Live.

The IP made multiple requests to the password reset page.

It attempted to send emails from the Postfix server that violate the server's usage policy.