Honeypots.tk

Attack Report for Detail

Header

Time

2023/05/18, 07:29:23 (GMT)

Transaction ID

CSOTDO4J8VH67MTS

Service

sip

Location

US (United States)

Attacker

184.168.22.183

Classification

Register

Harm Potential

Medium

Description

SIP Phone and user registeration request

Content

- Received -------------------------------------------------------
REGISTER sip:46.4.222.114:5060 SIP/2.0
To: <sip:1001@46.4.222.114>
From: <sip:1001@46.4.222.114>;tag=e5f4a9864304e4f7a
Via: SIP/2.0/UDP 172.31.119.207:54036;branch=z9hG4bK-d87543-987664149-1--d87543-;rport
Call-ID: e5f4a986430564e4f7a
CSeq: 1 REGISTER
Contact: <sip:1001@172.31.119.207:54036>
Expires: 3600
Max-Forwards: 70
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO
User-Agent: PolycomVVX-VVX_410-UA5.5.1.11526
Content-Length: 0


- Sended -------------------------------------------------------
SIP/2.0 200 0K
To: <sip:1001@46.4.222.114>;tag=ztlaat347h
From: <sip:1001@46.4.222.114>;tag=e5f4a9864304e4f7a
Via: SIP/2.0/UDP 172.31.119.207:54036;branch=z9hG4bK-d87543-987664149-1--d87543-;received=184.168.22.183;rport=54036
Call-ID: e5f4a986430564e4f7a
CSeq: 1 REGISTER
Contact: <sip:1001@172.31.119.207:54036>
Expires: 3600
Max-Forwards: 70
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO
User-Agent: PolycomVVX-VVX_410-UA5.5.1.11526
Content-Length: 0

All details are coming from honeypot central database.

Please share your wishes, opinions and suggestions with us:

If you like, you can support
with your donations to us..

Donate

honeypots.tk ©2020