Attack Report for Detail

Header

Time

2024/09/24, 14:37:38 (GMT)

Transaction ID

W88KUZN9V2QP300V

Service

sip

Location

US (United States)

Attacker

68.178.206.20

Classification

Invite

Harm Potential

High

Description

Invites a user to a call request

Content

- Received -------------------------------------------------------
INVITE sip:00442037698298@46.4.222.114 SIP/2.0
Via: SIP/2.0/TCP 68.178.206.20:53174;branch=7os2u92gms6078tdtr609b5zuxn8gcoo00q2j66ij209t1b7al0131ly7ql46x84lr8wzbk;rport
From:  <sip:123456@46.4.222.114>;tag=ed00bf1c
To:  <sip:00442037698298@46.4.222.114>
Contact: <sip:123456@68.178.206.20:53174;transport=TCP>;expires=60
Call-ID: 84e49d303261fd1ecbd04cbc2a9d7674
CSeq: 1 INVITE
Max-Forwards: 70
User-Agent: cisco
Allow: INVITE, REGISTER, ACK, CANCEL, BYE, NOTIFY, REFER, OPTIONS, INFO, SUBSCRIBE, UPDATE, PRACK, MESSAGE
Content-Length: 0


- Sended -------------------------------------------------------
SIP/2.0 400 Bad Request
Via: SIP/2.0/TCP 68.178.206.20:53174;branch=7os2u92gms6078tdtr609b5zuxn8gcoo00q2j66ij209t1b7al0131ly7ql46x84lr8wzbk;received=68.178.206.20;rport=53174
From:  <sip:123456@46.4.222.114>;tag=ed00bf1c
To:  <sip:00442037698298@46.4.222.114>;tag=klcpph9hxl
Contact: <sip:123456@68.178.206.20:53174;transport=TCP>;expires=60
Call-ID: 84e49d303261fd1ecbd04cbc2a9d7674
CSeq: 1 INVITE
Max-Forwards: 70
User-Agent: cisco
Allow: INVITE, REGISTER, ACK, CANCEL, BYE, NOTIFY, REFER, OPTIONS, INFO, SUBSCRIBE, UPDATE, PRACK, MESSAGE
Content-Length: 0

All details are coming from honeypot central database.

Please share your wishes, opinions and suggestions with us:

If you like, you can support
with your donations to us..

Donate