The IP attempted to send emails from the Mail server without proper authentication.

The malicious IP was reported for attempting to reroute calls through the SIP server, a tactic often used to commit toll fraud.

It carried out IP spoofing to mimic a trusted IP with the intent of gaining unauthorized SSH access.

Distributed session hijackers from the IP were designed to capture and exploit web browser sessions.

Our team flagged this IP for injecting harmful ActiveX codes.

This IP belongs to United Continental Holdings.

This malicious IP was reported for attempting a Smurf attack, flooding a target system via spoofed broadcast ping messages.

We observed the IP distributing harmful document tracking tools.

GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: request for a file often associated with an outdated version of Composer and phpunit used in a remote code execution attack.

GET /modules/productpageadverts/uploadimage.php: This is related to a known vulnerability in the Prestashop module productpageadverts.

This IP belongs to JPMorgan Chase.

This IP was detected uploading malicious codes in our network.

It initiated multiple account lockouts in a short period.

It attempted to exploit known vulnerabilities in the Mail protocol.

The IP attempted to send emails from the IMAP server without authorization.

The IP attempted to use the Mail server to relay emails with malicious links to other servers.

The IP attempted to inject malicious scripts into the server hoping it would get executed.

It showed unusual activity in the server's error logs.

The IP attempted to perform a Multicast DNS amplification attack on the SSH server.

This IP belongs to American Airlines Group.

Excessive Form Submission Attempts: Numerous form submission attempts within a short time, signifying brute-force or captcha bypass attempts.

The malicious IP attempted to brute-force the .htaccess file to gain unauthorized administrative access.

It attempted to use the FTP server to distribute zombie network tools.

Path/File Enumeration: Logs show multiple HTTP requests to non-existing pages and incrementing filenames, suggesting file or path enumeration.

GET /axis2/axis2-admin/login: Attempt at finding Axis2 web service exploitable applications.