# DataPlane.org - for operators, by operators # sipregistration # 2019-06-11 22:00 - 2019-06-18 22:00 # # The sipregistration report is free for non-commercial use ONLY. If # you wish to discuss commercial use of this service, please contact us # at info@dataplane.org. Redistribution of the sipregistration report # in whole or in part without the express permission of DataPlane is # expressly prohibited. # # This report is made possible through the generous support of people # like you. Sensor, processing and distribution systems require # non-free resources to setup and maintain. We are always looking for # financial contributions to help pay the bills and hosting to increase # visibility. If you find what we do useful, please consider supporting # us. # # This report is informational. It is not a block list, but some may # choose to use it to actively protect their networks and systems. The # report is provided on an as-is basis with no expressed warranty or # guarantee of accuracy. Use of this data is at your own risk. If you # have questions about this report do not hesitate to contact us. # # Entries below consist of fields with identifying characteristics of a # a source IP address that has been seen initiating a SIP REGISTER # operation to a remote host. This report lists hosts that are # suspicious of more than just port scanning. These hosts may be SIP # client cataloging or conducting various forms of telephony abuse. # Each entry is sorted according to a route origination ASN. An entry # for the IP address may be listed more than once if there are multiple # origin AS (MOAS) announcements for the covering prefix. We use the # Team Cymru IP address to ASN mapping service to construct an origin AS # number and name. For details about this Team Cymru service, see: # # . # # The report format is as follows: # # ASN | ASname | saddr | utc | category # # Each field is described below. Please note any special formatting # rules to aid in processing this file with automated tools and scripts. # Blank lines may be present to improve the visual display of this file. # Lines beginning with a hash ('#') character are comment lines. All # other lines are report entries. Each field is separated by a pipe # symbol ('|') and at least two whitespace characters on either side. # # ASN Autonomous system number originating a route for the entry # IP address. Note, 4-byte ASNs are supported and will be # displayed as a 32-bit integer. # # ASname A descriptive network name for the associated ASN. The # name is truncated to 30 characters. # # saddr The source IPv4 or IPv6 address that is being reported. # # utc A last seen timestamp formatted as YYYY-MM-DD HH:MM:SS # and in UTC time. # # category Descriptive tag name for this entry. For this report, # the text sipregistration will appear. # # A commented footer section shows an aggregate count of ASNs and # addresses seen in the current report. # 4134 | CHINANET-BACKBONE No.31,Jin-ro | 115.195.49.229 | 2019-06-13 05:35:57 | sipregistration 4134 | CHINANET-BACKBONE No.31,Jin-ro | 144.52.56.148 | 2019-06-17 18:39:02 | sipregistration 4134 | CHINANET-BACKBONE No.31,Jin-ro | 180.110.167.238 | 2019-06-15 02:23:07 | sipregistration 4134 | CHINANET-BACKBONE No.31,Jin-ro | 106.86.154.143 | 2019-06-15 02:03:16 | sipregistration 4134 | CHINANET-BACKBONE No.31,Jin-ro | 182.147.82.248 | 2019-06-15 03:41:45 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 221.218.210.162 | 2019-06-15 00:16:54 | sipregistration 4837 | CHINA169-BACKBONE CHINA UNICOM | 1.57.188.105 | 2019-06-17 02:27:22 | sipregistration 4837 | CHINA169-BACKBONE CHINA UNICOM | 124.89.33.109 | 2019-06-17 18:34:04 | sipregistration 12876 | AS12876, FR | 195.154.32.212 | 2019-06-18 09:01:51 | sipregistration 12876 | AS12876, FR | 212.83.153.110 | 2019-06-13 19:20:50 | sipregistration 12876 | AS12876, FR | 212.83.162.254 | 2019-06-13 19:59:35 | sipregistration 12876 | AS12876, FR | 212.83.154.19 | 2019-06-14 12:17:03 | sipregistration 12876 | AS12876, FR | 212.129.38.54 | 2019-06-14 12:18:04 | sipregistration 12876 | AS12876, FR | 212.83.153.233 | 2019-06-15 03:01:11 | sipregistration 12876 | AS12876, FR | 212.83.172.167 | 2019-06-14 16:53:17 | sipregistration 12876 | AS12876, FR | 195.154.35.138 | 2019-06-13 20:23:08 | sipregistration 12876 | AS12876, FR | 212.83.141.137 | 2019-06-15 02:14:18 | sipregistration 12876 | AS12876, FR | 195.154.63.224 | 2019-06-18 21:28:42 | sipregistration 15557 | LDCOMNET, FR | 109.1.125.7 | 2019-06-16 20:09:57 | sipregistration 15975 | HADARA-AS, PS | 37.8.49.71 | 2019-06-16 21:24:05 | sipregistration 15975 | HADARA-AS, PS | 37.8.51.212 | 2019-06-15 22:13:15 | sipregistration 15975 | HADARA-AS, PS | 37.8.16.123 | 2019-06-18 02:21:11 | sipregistration 29066 | VELIANET-AS velia.net Internet | 185.19.216.246 | 2019-06-16 08:23:05 | sipregistration 37963 | CNNIC-ALIBABA-CN-NET-AP Hangzh | 39.98.244.144 | 2019-06-15 05:46:40 | sipregistration 37963 | CNNIC-ALIBABA-CN-NET-AP Hangzh | 39.98.244.186 | 2019-06-15 05:46:45 | sipregistration 37963 | CNNIC-ALIBABA-CN-NET-AP Hangzh | 39.98.243.197 | 2019-06-15 05:42:24 | sipregistration 37963 | CNNIC-ALIBABA-CN-NET-AP Hangzh | 47.104.29.28 | 2019-06-15 16:59:00 | sipregistration 37963 | CNNIC-ALIBABA-CN-NET-AP Hangzh | 39.98.245.84 | 2019-06-15 11:49:20 | sipregistration 37963 | CNNIC-ALIBABA-CN-NET-AP Hangzh | 120.55.61.40 | 2019-06-15 05:47:09 | sipregistration 42314 | FUSION, PS | 141.98.247.242 | 2019-06-13 09:22:19 | sipregistration 42314 | FUSION, PS | 85.114.107.219 | 2019-06-13 15:33:43 | sipregistration 44901 | BELCLOUD, BG | 185.148.146.59 | 2019-06-12 18:52:15 | sipregistration 46664 | VDI-NETWORK - VolumeDrive, US | 102.165.52.101 | 2019-06-12 15:43:01 | sipregistration 51167 | CONTABO, DE | 167.86.124.207 | 2019-06-16 14:21:33 | sipregistration 51167 | CONTABO, DE | 167.86.119.54 | 2019-06-15 15:30:53 | sipregistration 51167 | CONTABO, DE | 207.180.236.126 | 2019-06-18 14:16:40 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.108.88 | 2019-06-12 01:58:29 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.110.138 | 2019-06-18 15:46:38 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.110.88 | 2019-06-14 04:58:37 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.110.126 | 2019-06-17 01:35:44 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.110.93 | 2019-06-16 21:23:18 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.110.151 | 2019-06-17 06:01:59 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.110.78 | 2019-06-17 04:40:16 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.110.136 | 2019-06-18 21:47:00 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.108.87 | 2019-06-14 00:58:41 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.110.161 | 2019-06-18 17:26:20 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.110.152 | 2019-06-17 07:44:06 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.110.86 | 2019-06-17 12:18:34 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.110.122 | 2019-06-13 01:57:22 | sipregistration # # Statistics # ASNs: 13 # Addresses: 49