It attempted to perform a man-in-the-middle attack on the SSH server.

The IP attempted to use the FTP server to distribute ransomware.

Unusual Query String Patterns: Repeated HTTP requests with minor alterations to the query string data, signifying an attacker mapping out how different inputs affect the response.

This IP was responsible for circulating malicious images masked with spyware.

The malicious IP was involved in a SQL Injection attack, attempting to manipulate a database for unauthorized access or data theft.

The IP address attempted to stealthily spread screen scrapers, programs that take screenshots of the user's display.

This IP belongs to Costco Wholesale.

Arbitrarily Long GET Requests: Very long GET requests may suggest an attacker is attempting a GET Flood DDoS attack.

Unauthorized Access Attempts to Admin Directories: Repeated HTTP requests to known admin directories.

It attempted to flood the Asterisk server with REGISTER requests.

It attempted to use the FTP server to distribute terrorist propaganda.

It launched a botnet to infiltrate our Apache-DDoS service.

Our data indicates this IP has performed data breaches by launching phishing attacks.

This IP belongs to Sony Network Communications.

The IP was reported for hosting a phishing website, deceiving users into providing their sensitive personal or financial information.

It attempted to delete directories on the FTP server.

This IP belongs to Cox Communications.

The IP made multiple unsuccessful login attempts in a short period of time.

The IP was involved in a phishing attack, creating a fake webpage to deceive users into providing their sensitive personal or financial information.

A dangerous data surveillance spyware was tied back to this IP.

It launched a privilege escalation attack aiming to gain unauthorized access with higher-level permissions.

This IP executed mass-probing of various ports to seek vulnerabilities.

Our system flagged the IP for injecting malicious script into benign pages through the man-in-the-browser attack.

The IP attempted fileless malware attacks, directly injecting malicious script into server memory.

The IP was seen trying to exploit known vulnerabilities in the Asterisk server, a common tactic for gaining unauthorized access or control.