Active Threat β’ HIGH
167.99.230.219
Country of OriginπΊπΈ United States
First Detection1/4/2026
Last Activity1/23/2026
ISPDIGITALOCEAN-ASN
π―
122
Total Attacks
π
4
Ports
π‘
2
Attack Types
π¦
1
Malware
Geolocation
- Country
- πΊπΈ United States
- City
- North Bergen
- ASN
- AS14061
- ISP
- DIGITALOCEAN-ASN
Attack Types
honeytrap
cowrie
Attacked Ports
600044818922223
Associated Malware
Attempted Credentials
πContent-Type: application/octet-stream/Content-Length: 7
1xπCall-ID: 50000/CSeq: 42 OPTIONS
1xπContent-Id: body@ff3af301-3196-497a-a918-72147c871a13/(empty)
1xπMax-Forwards: 70/Content-Length: 0
1xπ <to>http://192.168.10.100/msmq/private$/queuejumper</to>/ <id>uuid:1@00000000-0000-0000-0000-000000000000
1xπContent-Type: text/xml; charset=UTF-8/Content-Length: 606
1xπContact: <sip:nm@nm>/Accept: application/sdp
1xπContent-Type: multipart/related; boundary="MSMQ - SOAP boundary, 53287"; type=text/xml/Host: 192.168.10.100
1xπGET /nice%20ports%2C/Tri%6Eity.txt%2ebak HTTP/1.0/(empty)
1xπFrom: <sip:nm@nm>;tag=root/To: <sip:nm2@nm2>
1xπSOAPAction: "MSMQMessage"/Proxy-Accept: NonInteractiveClient
1xπ <path xmlns="http://schemas.xmlsoap.org/rp/" se:mustUnderstand="1">/ <action>MSMQ:poc</action>
1xπb'\x00\x00\x00\x00\x00\xf4\x01\x00\x00\x0c\x04\x00\x00\x07\x00\x00\x00\xe3\x03\x00\x00POST /msmq HTTP/1.1'/Content-Length: 816
1xπ <expiresAt>20600609T164419</expiresAt>/ <sentAt>20230724T164419</sentAt>
1xπ </path>/ <properties se:mustUnderstand="1">
1xRisk Assessment
70
/100
LowMediumHighCritical