Attack Report for Detail

Header

Time

2022/08/01, 04:33:15 (GMT)

Transaction ID

R2HC2593D12OFBL8

Service

sip

Location

DE (Germany)

Attacker

45.134.144.172

Classification

Register

Harm Potential

Medium

Description

SIP Phone and user registeration request

Content

- Received -------------------------------------------------------
REGISTER sip:***.***.***.*** SIP/2.0
Via: SIP/2.0/TCP 45.134.144.172:5689;branch=z9hG4bK-524287-1---1705a677d66c635e;rport
Max-Forwards: 70
Contact: <sip:+12464307800@45.134.144.172:5689;transport=tcp>;+sip.instance="<urn:uuid:6A7C4DAD-DCED-381D-7DF7-30861B5611E9>"
To: "+12464307800"<sip:+12464307800@***.***.***.***>
From: "+12464307800"<sip:+12464307800@***.***.***.***>;tag=a502ee15
Call-ID: KIz0dHzOQGepYCOpmjiAqw..
CSeq: 2 REGISTER
Expires: 300
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, REGISTER, SUBSCRIBE, INFO
Supported: replaces
User-Agent: Linphone
Allow-Events: hold, talk, conference
Content-Length: 0


- Sended -------------------------------------------------------
SIP/2.0 200 0K
Via: SIP/2.0/TCP 45.134.144.172:5689;branch=z9hG4bK-524287-1---1705a677d66c635e;received=45.134.144.172;rport=55208
Max-Forwards: 70
Contact: <sip:+12464307800@45.134.144.172:5689;transport=tcp>;+sip.instance="<urn:uuid:6A7C4DAD-DCED-381D-7DF7-30861B5611E9>"
To: "+12464307800"<sip:+12464307800@***.***.***.***>;tag=a45524kr5e
From: "+12464307800"<sip:+12464307800@***.***.***.***>;tag=a502ee15
Call-ID: KIz0dHzOQGepYCOpmjiAqw..
CSeq: 2 REGISTER
Expires: 300
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, REGISTER, SUBSCRIBE, INFO
Supported: replaces
User-Agent: Linphone
Allow-Events: hold, talk, conference
Content-Length: 0

All details are coming from honeypot central database.

Please share your wishes, opinions and suggestions with us:

If you like, you can support
with your donations to us..

Donate