# DataPlane.org - for operators, by operators # sipregistration # 2020-01-13 03:00 - 2020-01-20 03:00 # # The sipregistration report is free for non-commercial use ONLY. If # you wish to discuss commercial use of this service, please contact us # at info@dataplane.org. Redistribution of the sipregistration report # in whole or in part without the express permission of DataPlane is # expressly prohibited. # # This report is made possible through the generous support of people # like you. Sensor, processing and distribution systems require # non-free resources to setup and maintain. We are always looking for # financial contributions to help pay the bills and hosting to increase # visibility. If you find what we do useful, please consider supporting # us. # # This report is informational. It is not a block list, but some may # choose to use it to actively protect their networks and systems. The # report is provided on an as-is basis with no expressed warranty or # guarantee of accuracy. Use of this data is at your own risk. If you # have questions about this report do not hesitate to contact us. # # Entries below consist of fields with identifying characteristics of a # a source IP address that has been seen initiating a SIP REGISTER # operation to a remote host. This report lists hosts that are # suspicious of more than just port scanning. These hosts may be SIP # client cataloging or conducting various forms of telephony abuse. # Each entry is sorted according to a route origination ASN. An entry # for the IP address may be listed more than once if there are multiple # origin AS (MOAS) announcements for the covering prefix. We use the # Team Cymru IP address to ASN mapping service to construct an origin AS # number and name. For details about this Team Cymru service, see: # # . # # The report format is as follows: # # ASN | ASname | saddr | utc | category # # Each field is described below. Please note any special formatting # rules to aid in processing this file with automated tools and scripts. # Blank lines may be present to improve the visual display of this file. # Lines beginning with a hash ('#') character are comment lines. All # other lines are report entries. Each field is separated by a pipe # symbol ('|') and at least two whitespace characters on either side. # # ASN Autonomous system number originating a route for the entry # IP address. Note, 4-byte ASNs are supported and will be # displayed as a 32-bit integer. # # ASname A descriptive network name for the associated ASN. The # name is truncated to 30 characters. # # saddr The source IPv4 or IPv6 address that is being reported. # # utc A last seen timestamp formatted as YYYY-MM-DD HH:MM:SS # and in UTC time. # # category Descriptive tag name for this entry. For this report, # the text sipregistration will appear. # # A commented footer section shows an aggregate count of ASNs and # addresses seen in the current report. # 4134 | CHINANET-BACKBONE No.31,Jin-ro | 223.220.159.153 | 2020-01-19 10:20:09 | sipregistration 4538 | ERX-CERNET-BKB China Education | 202.196.65.124 | 2020-01-18 19:36:39 | sipregistration 4538 | ERX-CERNET-BKB China Education | 210.34.62.148 | 2020-01-19 05:43:41 | sipregistration 8075 | MICROSOFT-CORP-MSN-AS-BLOCK, U | 52.179.99.106 | 2020-01-18 05:39:02 | sipregistration 8551 | BEZEQ-INTERNATIONAL-AS Bezeqin | 81.218.45.180 | 2020-01-15 17:47:22 | sipregistration 9405 | TPS-CN-AS Test platform Servic | 103.115.120.250 | 2020-01-18 20:00:16 | sipregistration 9405 | TPS-CN-AS Test platform Servic | 103.115.120.249 | 2020-01-19 18:13:21 | sipregistration 12876 | Online SAS, FR | 51.158.24.19 | 2020-01-20 01:35:42 | sipregistration 12876 | Online SAS, FR | 62.210.162.65 | 2020-01-16 12:42:41 | sipregistration 12876 | Online SAS, FR | 195.154.28.205 | 2020-01-19 05:38:26 | sipregistration 12876 | Online SAS, FR | 51.158.21.110 | 2020-01-19 16:16:04 | sipregistration 12876 | Online SAS, FR | 51.158.24.203 | 2020-01-19 21:38:37 | sipregistration 12876 | Online SAS, FR | 62.210.10.244 | 2020-01-15 08:01:34 | sipregistration 12876 | Online SAS, FR | 212.83.180.233 | 2020-01-20 02:59:59 | sipregistration 12989 | HWNG, NL | 216.151.184.183 | 2020-01-18 16:18:18 | sipregistration 12989 | HWNG, NL | 216.151.184.182 | 2020-01-17 11:40:05 | sipregistration 12989 | HWNG, NL | 209.107.214.56 | 2020-01-18 19:47:40 | sipregistration 12989 | HWNG, NL | 209.107.214.54 | 2020-01-17 18:05:43 | sipregistration 12989 | HWNG, NL | 216.151.184.184 | 2020-01-17 09:31:43 | sipregistration 14061 | DIGITALOCEAN-ASN, US | 159.89.125.205 | 2020-01-20 00:14:36 | sipregistration 14061 | DIGITALOCEAN-ASN, US | 167.172.29.6 | 2020-01-13 18:06:59 | sipregistration 16276 | OVH, FR | 139.99.84.99 | 2020-01-17 02:25:16 | sipregistration 16276 | OVH, FR | 178.32.50.4 | 2020-01-18 05:09:11 | sipregistration 16276 | OVH, FR | 54.37.200.111 | 2020-01-19 18:06:32 | sipregistration 20860 | IOMART-AS, GB | 5.152.207.100 | 2020-01-19 01:46:20 | sipregistration 32097 | WII, US | 204.12.202.18 | 2020-01-19 22:08:10 | sipregistration 34300 | SPACENET-AS Internet Service P | 62.173.149.21 | 2020-01-18 08:45:34 | sipregistration 51167 | CONTABO, DE | 144.91.86.28 | 2020-01-18 17:37:59 | sipregistration 57704 | SPEED-CLICK-LTD, PS | 185.132.248.171 | 2020-01-19 20:02:30 | sipregistration 199046 | JETNET, PS | 185.132.248.171 | 2020-01-19 20:02:30 | sipregistration 199653 | ARUBAFR-AS, FR | 217.61.97.218 | 2020-01-15 05:56:02 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 45.143.220.163 | 2020-01-17 20:30:01 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.110.20 | 2020-01-14 06:01:08 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 45.143.220.128 | 2020-01-14 19:41:59 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.109.17 | 2020-01-18 19:53:46 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 45.143.220.171 | 2020-01-19 17:18:43 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 185.53.88.111 | 2020-01-20 01:51:17 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 185.53.88.116 | 2020-01-19 08:50:55 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 37.49.231.115 | 2020-01-17 06:56:13 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 37.49.231.183 | 2020-01-15 10:27:00 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 37.49.231.182 | 2020-01-20 00:02:13 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 45.143.220.136 | 2020-01-17 18:12:57 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 37.49.229.173 | 2020-01-14 19:28:38 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 37.49.231.118 | 2020-01-19 20:16:03 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 37.49.231.131 | 2020-01-13 08:57:31 | sipregistration 396362 | LEASEWEB-USA-NYC-11, US | 173.234.158.163 | 2020-01-14 02:22:08 | sipregistration # # Statistics # ASNs: 18 # Addresses: 45