Attack Report for Detail

Header

Time

2022/09/14, 14:36:49 (GMT)

Transaction ID

3HH8RPDJBFM8ONBB

Service

sip

Location

DE (Germany)

Attacker

45.93.16.147

Classification

Register

Harm Potential

Medium

Description

SIP Phone and user registeration request

Content

- Received -------------------------------------------------------
REGISTER sip:46.4.222.114 SIP/2.0
Via: SIP/2.0/TCP 45.93.16.147:6053;branch=z9hG4bK-524287-1---5a29ae24e7262c2b;rport
Max-Forwards: 70
Contact: <sip:+19515705286@45.93.16.147:6053;transport=tcp>;+sip.instance="<urn:uuid:CF1E8C14-E545-05F6-0AA1-0CEB8D5D8AB3>"
To: "+19515705286"<sip:+19515705286@46.4.222.114>
From: "+19515705286"<sip:+19515705286@46.4.222.114>;tag=5c5c2647
Call-ID: MfL7As0ssUXFE6RQXYHdwg..
CSeq: 1 REGISTER
Expires: 300
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, REGISTER, SUBSCRIBE, INFO
Supported: replaces
User-Agent: TANDBERG
Allow-Events: hold, talk, conference
Content-Length: 0


- Sended -------------------------------------------------------
SIP/2.0 200 0K
Via: SIP/2.0/TCP 45.93.16.147:6053;branch=z9hG4bK-524287-1---5a29ae24e7262c2b;received=45.93.16.147;rport=54193
Max-Forwards: 70
Contact: <sip:+19515705286@45.93.16.147:6053;transport=tcp>;+sip.instance="<urn:uuid:CF1E8C14-E545-05F6-0AA1-0CEB8D5D8AB3>"
To: "+19515705286"<sip:+19515705286@46.4.222.114>;tag=6g52x6t6dy
From: "+19515705286"<sip:+19515705286@46.4.222.114>;tag=5c5c2647
Call-ID: MfL7As0ssUXFE6RQXYHdwg..
CSeq: 1 REGISTER
Expires: 300
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, REGISTER, SUBSCRIBE, INFO
Supported: replaces
User-Agent: TANDBERG
Allow-Events: hold, talk, conference
Content-Length: 0

All details are coming from honeypot central database.

Please share your wishes, opinions and suggestions with us:

If you like, you can support
with your donations to us..

Donate