Attack Report for Detail

Header

Time

2022/06/16, 12:33:02 (GMT)

Transaction ID

K4NZHMMU6AA813UU

Service

sip

Location

HK (Hong Kong)

Attacker

193.107.216.92

Classification

Register

Harm Potential

Medium

Description

SIP Phone and user registeration request

Content

- Received -------------------------------------------------------
REGISTER sip:47.229.158 SIP/2.0
Via: SIP/2.0/TCP 193.107.216.92:6380;branch=z9hG4bK-524287-1---1033513908540344;rport
Max-Forwards: 70
Contact: <sip:10000@193.107.216.92:6380;transport=tcp>;+sip.instance="<urn:uuid:4F401836-CC96-F225-29E5-D3D87A591797>"
To: "10000"<sip:10000@47.229.158>
From: "10000"<sip:10000@47.229.158>;tag=f7506e70
Call-ID: -sY2dkw05MUbVNP73-_myg..
CSeq: 1 REGISTER
Expires: 300
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, REGISTER, SUBSCRIBE, INFO
Supported: replaces
User-Agent: Cisco
Allow-Events: hold, talk, conference
Content-Length: 0


- Sended -------------------------------------------------------
SIP/2.0 200 0K
Via: SIP/2.0/TCP 193.107.216.92:6380;branch=z9hG4bK-524287-1---1033513908540344;received=193.107.216.92;rport=59594
Max-Forwards: 70
Contact: <sip:10000@193.107.216.92:6380;transport=tcp>;+sip.instance="<urn:uuid:4F401836-CC96-F225-29E5-D3D87A591797>"
To: "10000"<sip:10000@47.229.158>;tag=1tpbnfyu7g
From: "10000"<sip:10000@47.229.158>;tag=f7506e70
Call-ID: -sY2dkw05MUbVNP73-_myg..
CSeq: 1 REGISTER
Expires: 300
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, REGISTER, SUBSCRIBE, INFO
Supported: replaces
User-Agent: Cisco
Allow-Events: hold, talk, conference
Content-Length: 0

All details are coming from honeypot central database.

Please share your wishes, opinions and suggestions with us:

If you like, you can support
with your donations to us..

Donate