Honeypots.tk

Attack Report for Detail

Header

Time

2022/08/01, 01:32:18 (GMT)

Transaction ID

N9W0VZ9P5SKDY0BJ

Service

sip

Location

DE (Germany)

Attacker

45.134.144.172

Classification

Invite

Harm Potential

High

Description

Invites a user to a call request

Content

- Received -------------------------------------------------------
INVITE sip:915513140567@***.***.***.*** SIP/2.0
Via: SIP/2.0/TCP 45.134.144.172:5689;branch=z9hG4bK-524287-1---1f5db8498308021d;rport
Max-Forwards: 70
Contact: <sip:+12464307800@45.134.144.172:5689;transport=tcp>;+sip.instance="<urn:uuid:6A7C4DAD-DCED-381D-7DF7-30861B5611E9>"
To: <sip:915513140567@***.***.***.***>
From: "+12464307800"<sip:+12464307800@***.***.***.***>;tag=c12d0d64
Call-ID: SimWYMI2TH0ySbNYTiJMRw..
CSeq: 1 INVITE
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, REGISTER, SUBSCRIBE, INFO
Supported: replaces
User-Agent: Linphone
Allow-Events: hold, talk, conference
Content-Length: 0


- Sended -------------------------------------------------------
SIP/2.0 400 Bad Request
Via: SIP/2.0/TCP 45.134.144.172:5689;branch=z9hG4bK-524287-1---1f5db8498308021d;received=45.134.144.172;rport=54955
Max-Forwards: 70
Contact: <sip:+12464307800@45.134.144.172:5689;transport=tcp>;+sip.instance="<urn:uuid:6A7C4DAD-DCED-381D-7DF7-30861B5611E9>"
To: <sip:915513140567@***.***.***.***>;tag=hy2gufoc1x
From: "+12464307800"<sip:+12464307800@***.***.***.***>;tag=c12d0d64
Call-ID: SimWYMI2TH0ySbNYTiJMRw..
CSeq: 1 INVITE
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, REGISTER, SUBSCRIBE, INFO
Supported: replaces
User-Agent: Linphone
Allow-Events: hold, talk, conference
Content-Length: 0

All details are coming from honeypot central database.

Please share your wishes, opinions and suggestions with us:

If you like, you can support
with your donations to us..

Donate

honeypots.tk ©2020