# DataPlane.org - for operators, by operators # sipregistration # 2019-12-04 03:00 - 2019-12-11 03:00 # # The sipregistration report is free for non-commercial use ONLY. If # you wish to discuss commercial use of this service, please contact us # at info@dataplane.org. Redistribution of the sipregistration report # in whole or in part without the express permission of DataPlane is # expressly prohibited. # # This report is made possible through the generous support of people # like you. Sensor, processing and distribution systems require # non-free resources to setup and maintain. We are always looking for # financial contributions to help pay the bills and hosting to increase # visibility. If you find what we do useful, please consider supporting # us. # # This report is informational. It is not a block list, but some may # choose to use it to actively protect their networks and systems. The # report is provided on an as-is basis with no expressed warranty or # guarantee of accuracy. Use of this data is at your own risk. If you # have questions about this report do not hesitate to contact us. # # Entries below consist of fields with identifying characteristics of a # a source IP address that has been seen initiating a SIP REGISTER # operation to a remote host. This report lists hosts that are # suspicious of more than just port scanning. These hosts may be SIP # client cataloging or conducting various forms of telephony abuse. # Each entry is sorted according to a route origination ASN. An entry # for the IP address may be listed more than once if there are multiple # origin AS (MOAS) announcements for the covering prefix. We use the # Team Cymru IP address to ASN mapping service to construct an origin AS # number and name. For details about this Team Cymru service, see: # # . # # The report format is as follows: # # ASN | ASname | saddr | utc | category # # Each field is described below. Please note any special formatting # rules to aid in processing this file with automated tools and scripts. # Blank lines may be present to improve the visual display of this file. # Lines beginning with a hash ('#') character are comment lines. All # other lines are report entries. Each field is separated by a pipe # symbol ('|') and at least two whitespace characters on either side. # # ASN Autonomous system number originating a route for the entry # IP address. Note, 4-byte ASNs are supported and will be # displayed as a 32-bit integer. # # ASname A descriptive network name for the associated ASN. The # name is truncated to 30 characters. # # saddr The source IPv4 or IPv6 address that is being reported. # # utc A last seen timestamp formatted as YYYY-MM-DD HH:MM:SS # and in UTC time. # # category Descriptive tag name for this entry. For this report, # the text sipregistration will appear. # # A commented footer section shows an aggregate count of ASNs and # addresses seen in the current report. # 9009 | M247, GB | 89.46.101.70 | 2019-12-05 19:27:21 | sipregistration 9009 | M247, GB | 77.81.107.220 | 2019-12-06 12:22:57 | sipregistration 12876 | Online SAS, FR | 62.210.10.244 | 2019-12-09 19:54:21 | sipregistration 12876 | Online SAS, FR | 163.172.71.6 | 2019-12-10 12:50:46 | sipregistration 12876 | Online SAS, FR | 51.15.16.192 | 2019-12-06 14:02:03 | sipregistration 12876 | Online SAS, FR | 51.158.24.203 | 2019-12-10 19:46:01 | sipregistration 12876 | Online SAS, FR | 212.129.16.244 | 2019-12-08 11:02:18 | sipregistration 12876 | Online SAS, FR | 51.158.24.19 | 2019-12-08 09:23:36 | sipregistration 12876 | Online SAS, FR | 163.172.230.73 | 2019-12-04 17:04:06 | sipregistration 12876 | Online SAS, FR | 51.158.21.110 | 2019-12-10 15:39:23 | sipregistration 12876 | Online SAS, FR | 212.129.54.61 | 2019-12-11 01:42:02 | sipregistration 12975 | PALTEL-AS PALTEL Autonomous Sy | 188.161.170.81 | 2019-12-09 16:42:25 | sipregistration 12989 | HWNG, NL | 64.145.65.217 | 2019-12-09 23:37:31 | sipregistration 12989 | HWNG, NL | 209.107.216.182 | 2019-12-09 05:38:08 | sipregistration 12989 | HWNG, NL | 216.151.184.184 | 2019-12-04 15:50:29 | sipregistration 12989 | HWNG, NL | 209.107.204.63 | 2019-12-10 16:37:10 | sipregistration 12989 | HWNG, NL | 205.185.223.42 | 2019-12-09 00:27:57 | sipregistration 12989 | HWNG, NL | 209.197.30.87 | 2019-12-04 04:01:45 | sipregistration 12989 | HWNG, NL | 216.151.184.183 | 2019-12-04 15:16:03 | sipregistration 12989 | HWNG, NL | 64.145.65.216 | 2019-12-04 10:39:03 | sipregistration 12989 | HWNG, NL | 209.197.30.86 | 2019-12-10 01:38:01 | sipregistration 12989 | HWNG, NL | 216.151.184.57 | 2019-12-10 10:30:05 | sipregistration 16276 | OVH, FR | 51.38.101.36 | 2019-12-05 09:43:24 | sipregistration 16276 | OVH, FR | 54.36.100.174 | 2019-12-06 00:39:29 | sipregistration 16276 | OVH, FR | 87.98.166.209 | 2019-12-11 02:14:33 | sipregistration 16276 | OVH, FR | 51.83.231.233 | 2019-12-06 18:21:40 | sipregistration 23724 | CHINANET-IDC-BJ-AP IDC, China | 119.61.6.132 | 2019-12-08 17:22:30 | sipregistration 30900 | WEBWORLD-AS t/a Web World Irel | 185.108.129.104 | 2019-12-06 01:12:54 | sipregistration 36352 | AS-COLOCROSSING - ColoCrossing | 23.249.164.60 | 2019-12-07 15:02:46 | sipregistration 46562 | TOTAL-SERVER-SOLUTIONS - Total | 107.181.189.144 | 2019-12-10 06:49:08 | sipregistration 46562 | TOTAL-SERVER-SOLUTIONS - Total | 107.181.189.229 | 2019-12-10 05:18:03 | sipregistration 46562 | TOTAL-SERVER-SOLUTIONS - Total | 107.181.189.140 | 2019-12-10 03:26:16 | sipregistration 51167 | CONTABO, DE | 167.86.98.158 | 2019-12-04 21:48:47 | sipregistration 51290 | HOSTEAM-AS, PL | 37.235.48.79 | 2019-12-05 23:26:02 | sipregistration 208666 | ESTROWEB, NL | 37.49.230.91 | 2019-12-11 02:06:02 | sipregistration 208666 | ESTROWEB, NL | 37.49.230.19 | 2019-12-06 08:34:08 | sipregistration 208666 | ESTROWEB, NL | 37.49.230.57 | 2019-12-11 02:44:03 | sipregistration 208666 | ESTROWEB, NL | 37.49.230.89 | 2019-12-10 14:53:49 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.108.10 | 2019-12-10 20:08:50 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 37.49.231.108 | 2019-12-10 13:40:41 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 45.143.220.112 | 2019-12-11 02:59:27 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.110.245 | 2019-12-05 16:54:34 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 37.49.229.169 | 2019-12-10 17:36:53 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 185.53.88.11 | 2019-12-04 23:34:20 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 37.49.231.129 | 2019-12-11 02:16:08 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 185.53.88.98 | 2019-12-04 22:51:11 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.109.37 | 2019-12-10 18:13:23 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.109.73 | 2019-12-09 01:25:14 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 45.143.220.100 | 2019-12-05 04:20:51 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 37.49.231.107 | 2019-12-08 22:38:40 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 37.49.231.126 | 2019-12-10 16:37:07 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 37.49.231.131 | 2019-12-11 01:47:19 | sipregistration # # Statistics # ASNs: 13 # Addresses: 52