Dear Administrator(s),
Our security system detected an IP address of your responsibility 138.201.192.9
tried to abuse one or more machines in our network.
We hope this is the correct email address for abuse reports; if not, please read
the end of this email.
Here’s a summary of the abuse:
[2023-04-12 05:53:40] Analyze-1: IP: src::138.201.192.9 dst::194.140.135.75 | UDP: sport::56151 dport::5060 | SIP: type::REGISTER
[2023-04-12 05:53:44] Analyze-1: IP: src::138.201.192.9 dst::194.140.135.110 | UDP: sport::57438 dport::5060 | SIP: type::REGISTER
[2023-04-12 05:53:44] Analyze-1: IP: src::138.201.192.9 dst::194.140.135.110 | UDP: sport::57438 dport::5060 | SIP: type::REGISTER
[2023-04-12 05:53:44] Analyze-1: IP: src::138.201.192.9 dst::194.140.135.80 | UDP: sport::57477 dport::5060 | SIP: type::REGISTER
[2023-04-12 05:53:44] Analyze-1: IP: src::138.201.192.9 dst::194.140.135.100 | UDP: sport::57506 dport::5060 | SIP: type::REGISTER
[2023-04-12 05:53:44] Analyze-1: IP: src::138.201.192.9 dst::194.140.135.80 | UDP: sport::57477 dport::5060 | SIP: type::REGISTER
Note that all dates and times are in Madrid timezone.
We expect you to take the necessary steps to avoid recurrence. If the number of
abuse incidents is too high, will block all traffic from/to network.
If this abuse is part of a «research project», please provide us with a name of
your project and list of IP-addresses to exclude them.
Thanks for your collaboration. Do not hesitate send us an email to abuse@telcombs.net
if you need any additional information.
Best regards,
Telcom BS NOC Team
Telcom Business Solucions S.L.
noc@telcombs.net
Attacked hosts in our Network:
[2023-04-12 05:53:40] Analyze-1: IP: src::138.201.192.9 dst::194.140.135.75 | UDP: sport::56151 dport::5060 | SIP: type::REGISTER Payload::’REGISTER sip:194.140.135.75:5060 SIP/2.0′ To::'<sip:001@194.140.135.75>’ From::'<sip:001@194.140.135.75>;tag=e5f4a260233275746EBC’ User-Agent::’FPBX-2.11.0(11.8.1)’
[2023-04-12 05:53:44] Analyze-1: IP: src::138.201.192.9 dst::194.140.135.110 | UDP: sport::57438 dport::5060 | SIP: type::REGISTER Payload::’REGISTER sip:194.140.135.110:5060 SIP/2.0′ To::'<sip:003@194.140.135.110>’ From::'<sip:003@194.140.135.110>;tag=e5f4a6339343275731EBC’ User-Agent::’FPBX-2.11.0(11.8.1)’
[2023-04-12 05:53:44] Analyze-1: IP: src::138.201.192.9 dst::194.140.135.110 | UDP: sport::57438 dport::5060 | SIP: type::REGISTER Payload::’REGISTER sip:194.140.135.110:5060 SIP/2.0′ To::'<sip:003@194.140.135.110>’ From::'<sip:003@194.140.135.110>;tag=e5f4a6339343275731EBC’ User-Agent::’FPBX-2.11.0(11.8.1)’
[2023-04-12 05:53:44] Analyze-1: IP: src::138.201.192.9 dst::194.140.135.80 | UDP: sport::57477 dport::5060 | SIP: type::REGISTER Payload::’REGISTER sip:194.140.135.80:5060 SIP/2.0′ To::'<sip:003@194.140.135.80>’ From::'<sip:003@194.140.135.80>;tag=e5f4a9340669275743EBC’ User-Agent::’FPBX-2.11.0(11.8.1)’
[2023-04-12 05:53:44] Analyze-1: IP: src::138.201.192.9 dst::194.140.135.100 | UDP: sport::57506 dport::5060 | SIP: type::REGISTER Payload::’REGISTER sip:194.140.135.100:5060 SIP/2.0′ To::'<sip:003@194.140.135.100>’ From::'<sip:003@194.140.135.100>;tag=e5f4a5237656275752EBC’ User-Agent::’FPBX-2.11.0(11.8.1)’
[2023-04-12 05:53:44] Analyze-1: IP: src::138.201.192.9 dst::194.140.135.80 | UDP: sport::57477 dport::5060 | SIP: type::REGISTER Payload::’REGISTER sip:194.140.135.80:5060 SIP/2.0′ To::'<sip:003@194.140.135.80>’ From::'<sip:003@194.140.135.80>;tag=e5f4a9340669275743EBC’ User-Agent::’FPBX-2.11.0(11.8.1)’
