Attack Report for Detail

Header

Time

2024/09/24, 10:42:52 (GMT)

Transaction ID

8PJWOM9FCG7QMC98

Service

sip

Location

US (United States)

Attacker

68.178.206.20

Classification

Register

Harm Potential

Medium

Description

SIP Phone and user registeration request

Content

- Received -------------------------------------------------------
REGISTER sip:46.4.222.114 SIP/2.0
Via: SIP/2.0/TCP 68.178.206.20:50573;branch=vuhwjo2bqpeltm5e2ma1jr8cxgqkd9qtkziomxn4qmzgyo7iq8jer3nrsthwx8wkz68mfvs;rport
From:  <sip:123456@46.4.222.114>;tag=00e6f4b5
To:  <sip:123456@46.4.222.114>
Contact: <sip:123456@68.178.206.20:50573;transport=TCP>;expires=60
Call-ID: d4bb944f78ae10b3f3a10111dcff12e5
CSeq: 1 REGISTER
Max-Forwards: 70
User-Agent: cisco
Allow: INVITE, REGISTER, ACK, CANCEL, BYE, NOTIFY, REFER, OPTIONS, INFO, SUBSCRIBE, UPDATE, PRACK, MESSAGE
Expires: 60
Content-Length: 0


- Sended -------------------------------------------------------
SIP/2.0 200 0K
Via: SIP/2.0/TCP 68.178.206.20:50573;branch=vuhwjo2bqpeltm5e2ma1jr8cxgqkd9qtkziomxn4qmzgyo7iq8jer3nrsthwx8wkz68mfvs;received=68.178.206.20;rport=50573
From:  <sip:123456@46.4.222.114>;tag=00e6f4b5
To:  <sip:123456@46.4.222.114>;tag=lfv8ap7hzu
Contact: <sip:123456@68.178.206.20:50573;transport=TCP>;expires=60
Call-ID: d4bb944f78ae10b3f3a10111dcff12e5
CSeq: 1 REGISTER
Max-Forwards: 70
User-Agent: cisco
Allow: INVITE, REGISTER, ACK, CANCEL, BYE, NOTIFY, REFER, OPTIONS, INFO, SUBSCRIBE, UPDATE, PRACK, MESSAGE
Expires: 60
Content-Length: 0

All details are coming from honeypot central database.

Please share your wishes, opinions and suggestions with us:

If you like, you can support
with your donations to us..

Donate