Attack Report for Detail

Header

Time

2022/06/16, 12:33:07 (GMT)

Transaction ID

ZE8SIP76K7HZQP4M

Service

sip

Location

HK (Hong Kong)

Attacker

193.107.216.92

Classification

Invite

Harm Potential

High

Description

Invites a user to a call request

Content

- Received -------------------------------------------------------
INVITE sip:912149374606@47.229.158 SIP/2.0
Via: SIP/2.0/TCP 193.107.216.92:6380;branch=z9hG4bK-524287-1---6f4c6321b42d6260;rport
Max-Forwards: 70
Contact: <sip:10000@193.107.216.92:6380;transport=tcp>;+sip.instance="<urn:uuid:4F401836-CC96-F225-29E5-D3D87A591797>"
To: <sip:912149374606@47.229.158>
From: "10000"<sip:10000@47.229.158>;tag=b10d7c1e
Call-ID: LlMCxt7CvMRAHe4-zCn49A..
CSeq: 1 INVITE
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, REGISTER, SUBSCRIBE, INFO
Supported: replaces
User-Agent: Cisco
Allow-Events: hold, talk, conference
Content-Length: 0


- Sended -------------------------------------------------------
SIP/2.0 400 Bad Request
Via: SIP/2.0/TCP 193.107.216.92:6380;branch=z9hG4bK-524287-1---6f4c6321b42d6260;received=193.107.216.92;rport=60005
Max-Forwards: 70
Contact: <sip:10000@193.107.216.92:6380;transport=tcp>;+sip.instance="<urn:uuid:4F401836-CC96-F225-29E5-D3D87A591797>"
To: <sip:912149374606@47.229.158>;tag=1btoini9ay
From: "10000"<sip:10000@47.229.158>;tag=b10d7c1e
Call-ID: LlMCxt7CvMRAHe4-zCn49A..
CSeq: 1 INVITE
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, REGISTER, SUBSCRIBE, INFO
Supported: replaces
User-Agent: Cisco
Allow-Events: hold, talk, conference
Content-Length: 0

All details are coming from honeypot central database.

Please share your wishes, opinions and suggestions with us:

If you like, you can support
with your donations to us..

Donate