This IP belongs to OVH.

Excessive traffic from a single IP address.

This IP belongs to United Parcel Service.

This IP belongs to Pinterest.

The IP has been distributing browser hijackers that alter the user's browsing experience without their consent.

Multiple unsuccessful attempts to escalate privileges or access root account.

Login Attempts on Non-Existent Users: Many login requests for non-existent usernames could suggest a blind username enumeration attack.

The IP was reported for attempting a Cross-Site Scripting attack, injecting malicious scripts into websites to steal data or disrupt functionality.

Repeated attempts to use the same password across multiple accounts.

The IP made multiple requests using uncommon HTTP methods.

The IP attempted to register as an Asterisk user with no password.

The malicious IP conducted HTTP verb tampering, exploiting varying responses to different HTTP methods.

This IP belongs to United Parcel Service.

This IP was associated with targeted spear phishing attempts against our senior staff.

The IP address has been marked as the source of RAM scrapers aiming to steal sensitive data.

HTTP Request with Large Content-Length: This could potentially indicate a buffer overflow attack where an attacker tries to crash the system by sending more data than it can handle.

The IP attempted to perform a dictionary attack on the IMAP server.

It sent unusually large VOIP packets, potentially indicating a buffer overflow attempt.

The IP was reported for spamming activities, sending unsolicited emails or messages that often contain phishing links or malware.

Web-based Command Injection: Logs indicating command injection attempts via web-based forms or query parameters.

Unusual Query String Patterns: Repeated HTTP requests with minor alterations to the query string data, signifying an attacker mapping out how different inputs affect the response.

It was observed attempting to exploit known vulnerabilities in the IMAP protocol.

It attempted to use the FTP server to distribute botnet command and control software.

Multiple failed login attempts from the same IP address.

It attempted to perform Command Injection attacks on the Apache server.