It launched SQL injection attempts, to break our server database through poorly secured entry fields.

This IP belongs to Walmart.

This IP belongs to Microsoft Azure.

Identification of Known Vulnerabilities: Attempts to exploit known vulnerabilities related to your server application.

GET /wp-config.php~: Requesting the backup files which may expose sensitive information.

It attempted to use the FTP server to distribute wireless cracking tools.

The IP tried to launch 'Dark Tequila' malware that steals banking information and login credentials from the server.

It tried to execute dictionary attacks on our Mail service causing potential delays.

The IP address has been linked to the creation of artificial traffic to crash our website.

Attempts to access the server using known malicious IP addresses or domains.

Usage of Obscure HTTP Verbs: Seeing non-standard HTTP methods like DEBUG, PUT, or CONNECT could imply a web-based attack.

The deceptive IP was sneaking in spyware through clickjacking attacks to manipulate our users.

Multiple requests with the same TE (Transfer Encoding) header.

It attempted to delete files from the SSH server.

Excessive traffic from a single IP address.

This IP belongs to Prudential Financial.

The malicious IP was reported for trying to perform a VoIP Phreaking attack, exploiting weaknesses in VoIP systems to make free calls or disrupt services.

This IP belongs to the United States Department of Defense.

It attempted to delete emails from the IMAP server without authorization.

It sent SIP INVITE requests to non-existent extensions.

This malicious IP was reported for trying to inject malicious scripts into the VoIP server, potentially to disrupt its operation or steal data.

System logs have traced multiple cases of our servers being bombed with trojans to this IP.

It started header injection or email injection attempts, by adding extra data into the headers and confusing the server processes.

The IP attempted to execute unauthorized commands on the SSH server.

The IP was seen attempting a FTP Command Injection attack, inserting malicious commands into legitimate FTP requests.