Time | 2023/09/15, 10:49:28 (GMT) |
Transaction ID | 435AG11T5F2PE2IF |
Service | sip |
Location | US (United States) |
Attacker | 199.187.211.193 |
Classification | Invite |
Harm Potential | High |
- Received ------------------------------------------------------- INVITE sip:+442032876005@46.4.222.114 SIP/2.0 Via: SIP/2.0/TCP 100.126.2.217:24801;branch=z9hG4bK-524287-1---45c7163b83417e1f;rport Max-Forwards: 70 Contact: <sip:1000@100.126.2.217:24801;ob;transport=tcp>;+sip.instance="<urn:uuid:14DB19F6-F8AD-87AB-5274-DC10A1205CDD>" To: <sip:+442032876005@46.4.222.114> From: <sip:1000@46.4.222.114>;tag=7f426a7e Call-ID: mR6fJhPR0noaPGbbxQQHag.. CSeq: 1 INVITE Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, REGISTER, SUBSCRIBE, INFO, PUBLISH, UPDATE Content-Type: application/sdp Supported: replaces, answermode, eventlist, park-info, outbound, path User-Agent: Yealink SIP-T20 Allow-Events: hold, talk, conference, dialog, park-info Content-Length: 299 v=0 o=- 7567236007737115941 2 IN IP4 127.0.0.1 s=- t=0 0 m=audio 9 RTP/AVP 0 8 18 101 c=IN IP4 0.0.0.0 a=mid:audio a=sendrecv a=rtpmap:0 PCMU/8000 a=rtpmap:8 PCMA/8000 a=rtpmap:18 G729/8000 a=fmtp:18 annexb=no a=rtpmap:101 telephone-event/8000 a=ssrc:1125040354 cname:F2KIY/5jjupw3hOp - Sended ------------------------------------------------------- SIP/2.0 400 Bad Request Via: SIP/2.0/TCP 100.126.2.217:24801;branch=z9hG4bK-524287-1---45c7163b83417e1f;received=199.187.211.193;rport=4566 Max-Forwards: 70 Contact: <sip:1000@100.126.2.217:24801;ob;transport=tcp>;+sip.instance="<urn:uuid:14DB19F6-F8AD-87AB-5274-DC10A1205CDD>" To: <sip:+442032876005@46.4.222.114>;tag=5axldci5ri From: <sip:1000@46.4.222.114>;tag=7f426a7e Call-ID: mR6fJhPR0noaPGbbxQQHag.. CSeq: 1 INVITE Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, REGISTER, SUBSCRIBE, INFO, PUBLISH, UPDATE Content-Type: application/sdp Supported: replaces, answermode, eventlist, park-info, outbound, path User-Agent: Yealink SIP-T20 Allow-Events: hold, talk, conference, dialog, park-info Content-Length: 0
All details are coming from honeypot central database.
Please share your wishes, opinions and suggestions with us: Honeypots.tk Admin |
If you like, you can support |