# DataPlane.org - for operators, by operators
# sipregistration
# 2017-09-17 17:00 - 2017-09-24 17:00
#
# The sipregistration report is free for non-commercial use ONLY.  If
# you wish to discuss commercial use of this service, please contact us
# at info@dataplane.org.  Redistribution of the sipregistration report
# in whole or in part without the express permission of DataPlane is
# expressly prohibited.
#
# This report is made possible through the generous support of people
# like you.  Sensor, processing and distribution systems require
# non-free resources to setup and maintain.  We are always looking for
# financial contributions to help pay the bills and hosting to increase
# visibility.  If you find what we do useful, please consider supporting
# us.
#
# This report is informational.  It is not a blacklist, but some may
# choose to use it to actively protect their networks and systems.  The
# report is provided on an as-is basis with no expressed warranty or
# guarantee of accuracy.  Use of this data is at your own risk.  If you
# have questions about this report do not hesitate to contact us.
#
# Entries below consist of fields with identifying characteristics of a
# a source IP address that has been seen initiating a SIP REGISTER
# operation to a remote host.  This report lists hosts that are
# suspicious of more than just port scanning.  These hosts may be SIP
# client cataloging or conducting various forms of telephony abuse.
# Each entry is sorted according to a route origination ASN.  An entry
# for the IP address may be listed more than once if there are multiple
# origin AS (MOAS) announcements for the covering prefix.  We use the
# Team Cymru IP address to ASN mapping service to construct an origin AS
# number and name.  For details about this Team Cymru service, see:
#
#   <http://www.team-cymru.org/Services/ip-to-asn.html>.
#
# The report format is as follows:
#
# ASN  |  ASname  |  saddr  |  utc  |  category
#
# Each field is described below.  Please note any special formatting
# rules to aid in processing this file with automated tools and scripts.
# Blank lines may be present to improve the visual display of this file.
# Lines beginning with a hash ('#') character are comment lines.  All
# other lines are report entries.  Each field is separated by a pipe
# symbol ('|') and at least two whitespace characters on either side.
#
#   ASN       Autonomous system number originating a route for the entry
#             IP address. Note, 4-byte ASNs are supported and will be
#             displayed as a 32-bit integer.
#
#   ASname    A descriptive network name for the associated ASN.  The
#             name is truncated to 30 characters.
#
#   saddr     The source IPv4 or IPv6 address that is being reported.
#
#   utc       A last seen timestamp formatted as YYYY-MM-DD HH:MM:SS
#             and in UTC time.
#
#   category  Descriptive tag name for this entry.  For this report,
#             the text sipregistration will appear.
#
# A commented footer section shows an aggregate count of ASNs and
# addresses seen in the current report.
#
4808         |  CHINA169-BJ China Unicom Beiji  |    123.59.78.122  |  2017-09-19 23:31:21  |  sipregistration
4808         |  CHINA169-BJ China Unicom Beiji  |     117.50.7.159  |  2017-09-23 01:38:00  |  sipregistration
12876        |  AS12876, FR                     |    212.83.191.72  |  2017-09-19 01:56:27  |  sipregistration
12876        |  AS12876, FR                     |     51.15.148.78  |  2017-09-22 12:49:44  |  sipregistration
12876        |  AS12876, FR                     |   163.172.109.70  |  2017-09-23 22:34:33  |  sipregistration
12876        |  AS12876, FR                     |  195.154.183.207  |  2017-09-17 19:03:28  |  sipregistration
12876        |  AS12876, FR                     |  195.154.168.127  |  2017-09-19 23:12:37  |  sipregistration
12876        |  AS12876, FR                     |  195.154.167.218  |  2017-09-19 23:25:29  |  sipregistration
12876        |  AS12876, FR                     |   163.172.194.85  |  2017-09-23 19:45:28  |  sipregistration
12876        |  AS12876, FR                     |   212.83.180.209  |  2017-09-22 13:35:15  |  sipregistration
12876        |  AS12876, FR                     |    163.172.99.30  |  2017-09-24 14:28:02  |  sipregistration
12876        |  AS12876, FR                     |   195.154.187.30  |  2017-09-24 12:51:53  |  sipregistration
19531        |  NODESDIRECT - Nodes Direct, US  |     155.94.88.83  |  2017-09-24 09:41:45  |  sipregistration
19531        |  NODESDIRECT - Nodes Direct, US  |    155.94.88.154  |  2017-09-24 16:28:34  |  sipregistration
24961        |  MYLOC-AS, DE                    |   213.202.233.79  |  2017-09-24 08:49:24  |  sipregistration
29066        |  VELIANET-AS velia.net Internet  |   185.19.216.243  |  2017-09-22 08:32:26  |  sipregistration
32097        |  WII-KC - WholeSale Internet, I  |    204.12.196.74  |  2017-09-22 21:50:30  |  sipregistration
33387        |  DATASHACK - DataShack, LC, US   |     74.91.16.226  |  2017-09-19 03:33:24  |  sipregistration
33387        |  DATASHACK - DataShack, LC, US   |   63.141.251.122  |  2017-09-19 10:04:53  |  sipregistration
49223        |  EVEREST-AS, UA                  |   185.59.159.140  |  2017-09-22 10:18:40  |  sipregistration
62370        |  SNEL, NL                        |    185.62.57.118  |  2017-09-17 19:41:56  |  sipregistration
#
# Statistics
#        ASNs: 9
#   Addresses: 21