# DataPlane.org - for operators, by operators # sipregistration # 2021-01-09 11:00 - 2021-01-16 11:00 # # The sipregistration report is free for non-commercial use ONLY. If # you wish to discuss commercial use of this service, please contact us # at info@dataplane.org. Redistribution of the sipregistration report # in whole or in part without the express permission of DataPlane is # expressly prohibited. # # This report is made possible through the generous support of people # like you. Sensor, processing and distribution systems require # non-free resources to setup and maintain. We are always looking for # financial contributions to help pay the bills and hosting to increase # visibility. If you find what we do useful, please consider supporting # us. # # This report is informational. It is not a block list, but some may # choose to use it to actively protect their networks and systems. The # report is provided on an as-is basis with no expressed warranty or # guarantee of accuracy. Use of this data is at your own risk. If you # have questions about this report do not hesitate to contact us. # # Entries below consist of fields with identifying characteristics of a # a source IP address that has been seen initiating a SIP REGISTER # operation to a remote host. This report lists hosts that are # suspicious of more than just port scanning. These hosts may be SIP # client cataloging or conducting various forms of telephony abuse. # Each entry is sorted according to a route origination ASN. An entry # for the IP address may be listed more than once if there are multiple # origin AS (MOAS) announcements for the covering prefix. We use the # Team Cymru IP address to ASN mapping service to construct an origin AS # number and name. For details about this Team Cymru service, see: # # . # # The report format is as follows: # # ASN | ASname | saddr | utc | category # # Each field is described below. Please note any special formatting # rules to aid in processing this file with automated tools and scripts. # Blank lines may be present to improve the visual display of this file. # Lines beginning with a hash ('#') character are comment lines. All # other lines are report entries. Each field is separated by a pipe # symbol ('|') and at least two whitespace characters on either side. # # ASN Autonomous system number originating a route for the entry # IP address. Note, 4-byte ASNs are supported and will be # displayed as a 32-bit integer. # # ASname A descriptive network name for the associated ASN. The # name is truncated to 30 characters. # # saddr The source IPv4 or IPv6 address that is being reported. # # utc A last seen timestamp formatted as YYYY-MM-DD HH:MM:SS # and in UTC time. # # category Descriptive tag name for this entry. For this report, # the text sipregistration will appear. # # A commented footer section shows an aggregate count of ASNs and # addresses seen in the current report. # 8075 | MICROSOFT-CORP-MSN-AS-BLOCK, U | 20.151.64.19 | 2021-01-13 12:11:13 | sipregistration 8075 | MICROSOFT-CORP-MSN-AS-BLOCK, U | 40.121.39.59 | 2021-01-14 19:49:29 | sipregistration 8075 | MICROSOFT-CORP-MSN-AS-BLOCK, U | 102.133.225.173 | 2021-01-15 11:57:21 | sipregistration 8551 | BEZEQ-INTERNATIONAL-AS Bezeq I | 81.218.45.129 | 2021-01-12 18:21:35 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 51.158.31.190 | 2021-01-14 10:50:36 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 62.210.113.237 | 2021-01-13 18:52:22 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 163.172.24.209 | 2021-01-14 12:08:57 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 163.172.35.135 | 2021-01-15 21:36:53 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 62.210.69.173 | 2021-01-10 06:48:12 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 62.210.113.178 | 2021-01-12 12:36:35 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 51.15.157.120 | 2021-01-16 10:53:15 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 163.172.192.243 | 2021-01-10 01:11:51 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 62.210.123.16 | 2021-01-13 18:53:09 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 62.210.123.69 | 2021-01-13 18:41:00 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 62.4.14.145 | 2021-01-16 10:26:30 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 51.158.24.19 | 2021-01-16 09:43:19 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 163.172.36.117 | 2021-01-13 20:54:11 | sipregistration 12975 | PALTEL-AS Palestine Telecommun | 185.108.25.100 | 2021-01-15 13:46:42 | sipregistration 14061 | DIGITALOCEAN-ASN, US | 198.211.96.226 | 2021-01-12 09:44:50 | sipregistration 14061 | DIGITALOCEAN-ASN, US | 165.22.215.89 | 2021-01-09 18:13:31 | sipregistration 14061 | DIGITALOCEAN-ASN, US | 178.128.176.187 | 2021-01-11 15:33:18 | sipregistration 14061 | DIGITALOCEAN-ASN, US | 159.203.96.191 | 2021-01-13 07:02:50 | sipregistration 14061 | DIGITALOCEAN-ASN, US | 159.203.82.106 | 2021-01-14 07:34:15 | sipregistration 15975 | Hadara-AS Hadara Technologies | 185.108.25.100 | 2021-01-15 13:46:42 | sipregistration 16276 | OVH OVH SAS, FR | 217.182.199.5 | 2021-01-10 05:35:46 | sipregistration 16276 | OVH OVH SAS, FR | 51.89.20.196 | 2021-01-15 10:40:54 | sipregistration 16276 | OVH OVH SAS, FR | 51.195.6.216 | 2021-01-14 23:34:32 | sipregistration 16276 | OVH OVH SAS, FR | 51.75.86.211 | 2021-01-14 23:27:22 | sipregistration 24961 | MYLOC-AS myLoc managed IT AG, | 5.199.136.30 | 2021-01-15 21:20:43 | sipregistration 24961 | MYLOC-AS myLoc managed IT AG, | 89.163.249.179 | 2021-01-16 10:23:48 | sipregistration 24961 | MYLOC-AS myLoc managed IT AG, | 85.114.138.106 | 2021-01-15 16:10:20 | sipregistration 29066 | VELIANET-AS Host Europe GmbH, | 185.19.216.246 | 2021-01-16 07:05:03 | sipregistration 35478 | DATACENTER Bunea TELECOM SRL, | 193.29.14.108 | 2021-01-15 23:23:05 | sipregistration 35478 | DATACENTER Bunea TELECOM SRL, | 193.29.14.104 | 2021-01-11 05:44:37 | sipregistration 35478 | DATACENTER Bunea TELECOM SRL, | 193.29.14.102 | 2021-01-11 22:35:49 | sipregistration 36352 | AS-COLOCROSSING, US | 198.23.212.183 | 2021-01-16 11:15:10 | sipregistration 37002 | Reunicable, RE | 41.213.142.138 | 2021-01-10 01:24:56 | sipregistration 37963 | CNNIC-ALIBABA-CN-NET-AP Hangzh | 39.100.227.126 | 2021-01-14 01:42:55 | sipregistration 37963 | CNNIC-ALIBABA-CN-NET-AP Hangzh | 39.100.234.46 | 2021-01-15 02:37:25 | sipregistration 40021 | CONTABO, US | 209.126.2.56 | 2021-01-15 17:42:04 | sipregistration 40021 | CONTABO, US | 209.126.0.121 | 2021-01-15 17:57:57 | sipregistration 45102 | CNNIC-ALIBABA-US-NET-AP Alibab | 47.241.61.63 | 2021-01-15 03:06:20 | sipregistration 45102 | CNNIC-ALIBABA-US-NET-AP Alibab | 47.242.236.187 | 2021-01-14 10:11:21 | sipregistration 45102 | CNNIC-ALIBABA-US-NET-AP Alibab | 147.139.7.140 | 2021-01-12 12:32:01 | sipregistration 45102 | CNNIC-ALIBABA-US-NET-AP Alibab | 47.241.104.229 | 2021-01-12 12:30:46 | sipregistration 46664 | VDI-NETWORK, US | 23.148.145.13 | 2021-01-16 10:19:36 | sipregistration 46664 | VDI-NETWORK, US | 156.96.115.175 | 2021-01-14 22:26:09 | sipregistration 51167 | CONTABO Contabo GmbH, DE | 167.86.80.172 | 2021-01-12 15:06:21 | sipregistration 60068 | CDN77 Datacamp Limited, GB | 138.199.40.183 | 2021-01-11 17:05:54 | sipregistration 60781 | LEASEWEB-NL-AMS-01 LeaseWeb Ne | 212.7.204.173 | 2021-01-09 14:41:12 | sipregistration 63949 | LINODE-AP Linode, LLC, US | 172.104.190.60 | 2021-01-09 17:15:57 | sipregistration 133398 | TELE-AS Tele Asia Limited, HK | 45.125.65.31 | 2021-01-15 00:45:47 | sipregistration 201814 | PL-SKYTECH-AS Meverywhere sp. | 185.16.38.38 | 2021-01-11 22:38:01 | sipregistration 201814 | PL-SKYTECH-AS Meverywhere sp. | 185.16.38.77 | 2021-01-11 22:34:31 | sipregistration 201814 | PL-SKYTECH-AS Meverywhere sp. | 193.32.8.127 | 2021-01-11 10:48:55 | sipregistration 201814 | PL-SKYTECH-AS Meverywhere sp. | 185.16.38.90 | 2021-01-15 23:26:37 | sipregistration 201814 | PL-SKYTECH-AS Meverywhere sp. | 185.16.38.99 | 2021-01-13 04:57:55 | sipregistration 201814 | PL-SKYTECH-AS Meverywhere sp. | 185.16.38.87 | 2021-01-11 22:29:04 | sipregistration 201814 | PL-SKYTECH-AS Meverywhere sp. | 185.16.38.88 | 2021-01-13 02:48:39 | sipregistration 201814 | PL-SKYTECH-AS Meverywhere sp. | 185.16.38.75 | 2021-01-16 09:13:22 | sipregistration 201814 | PL-SKYTECH-AS Meverywhere sp. | 185.16.38.96 | 2021-01-13 17:40:32 | sipregistration 201814 | PL-SKYTECH-AS Meverywhere sp. | 185.16.38.85 | 2021-01-13 04:18:50 | sipregistration 204601 | ON-LINE-DATA Zomro B.V., NL | 185.224.133.119 | 2021-01-14 00:35:34 | sipregistration 204997 | FIRSTBYTE-AS NTX Technologies | 185.188.183.185 | 2021-01-14 07:07:11 | sipregistration 212370 | PEENQ PEENQ.NL, NL | 37.49.225.234 | 2021-01-15 17:19:05 | sipregistration # # Statistics # ASNs: 25 # Addresses: 64