This IP belongs to Vkontakte.

The IP actively tried code replacement attacks, swapping legitimate system call addresses with malicious ones.

This IP belongs to Target.

This IP has been identified as running a botnet targeting our server systems with ransomware.

It attempted to send phishing emails from the Postfix server.

This IP belongs to CVS Health.

It initiated multiple account lockouts in a short period.

The IP attempted to login to the Postfix server with an invalid username.

This IP belongs to Home Depot.

The IP attempted to perform a replay attack on the IMAP server.

Attempts to access sensitive areas of the server, such as the admin page or user account information.

This IP belongs to Home Depot.

It sent SIP INVITE requests to non-existent extensions.

This IP belongs to Anthem.

The IP attempted to send emails from the Postfix server to blacklisted email addresses.

This IP belongs to American Express.

It attempted to perform a man-in-the-middle attack on the POP3 server.

Tried to perform a man-in-the-middle attack to intercept and alter communication between the server and clients.

It attempted to use the SIP server as a relay for calls to premium-rate numbers.

This IP belongs to NTT Docomo.

The IP tried to exploit buffer overflow vulnerabilities to run unauthorized code.

The IP attempted to use the FTP server to distribute VPN tools.

Repeated HTTP requests with error codes, indicating failed attempts to access restricted areas.

GET /internal/: Browsing an internal directory.

This IP belongs to Verizon Communications.