Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
50.6.231.218 has a threat confidence score of 96%. This IP address from United States (AS31898, Oracle Corporation) has been observed in 81 honeypot sessions and reported 1 times targeting SMTP protocols. Detected attack patterns include smtp open relay probe structured. First observed on February 20, 2026, most recently active March 9, 2026.
Automated SMTP interaction sequence consistent with open-relay validation or spam delivery testing. The client performs a full transaction flow (EHLO → RSET → MAIL FROM → RCPT TO → DATA → QUIT) and submits a minimal test message containing known probe markers such as t_Smtp.LocalIP. This pattern indicates scripted activity attempting to confirm whether the server allows unauthenticated message relaying or outbound mail submission. Such behavior is commonly observed from spam bot infrastructure validating targets before larger abuse campaigns.
| Reporter | Date | Category | Protocol | Comment |
|---|---|---|---|---|
| User | Mar 1, 2026, 12:15 | Brute Force | SMTP | SikkerGuard: 2 blocked packets |