Attack Report for Detail

Header

Time

2022/11/21, 04:41:55 (GMT)

Transaction ID

UQGGKRU7S43LRFN9

Service

smtp

Location

NL (Netherlands)

Attacker

185.239.242.37

Classification

Hfilter hostname unknown

Harm Potential

Medium

Description

Unknown client hostname (PTR or FCrDNS verification failed)

Content

Message-ID: <69c1dec96d1842c0866a0f0d29d609b4@158-229-47-212.instances.scw.cloud>
From: <test@158-229-47-212.instances.scw.cloud>
To: <test@gmail.com>
Subject: Valid SMTP ***.***.***.***
Date: Sun, 20 Nov 2022 17:41:55 -0800
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="a154099b456135ea7dc9e957000cfa90"

This is a multi-part message in MIME format.

--a154099b456135ea7dc9e957000cfa90
Content-Type: text/plain;
	charset="utf-8"
Content-Transfer-Encoding: quoted-printable

***.***.***.***:25 | no auth |  SSL: False | Hostname: =
158-229-47-212.instances.scw.cloud

--a154099b456135ea7dc9e957000cfa90
Content-Type: text/html;
	charset="utf-8"
Content-Transfer-Encoding: quoted-printable

***.***.***.***:25 | no auth |  SSL: False | Hostname: =
158-229-47-212.instances.scw.cloud

--a154099b456135ea7dc9e957000cfa90--

.

All details are coming from honeypot central database.

Please share your wishes, opinions and suggestions with us:

If you like, you can support
with your donations to us..

Donate