# DataPlane.org - for operators, by operators # sipregistration # 2019-02-16 08:00 - 2019-02-23 08:00 # # The sipregistration report is free for non-commercial use ONLY. If # you wish to discuss commercial use of this service, please contact us # at info@dataplane.org. Redistribution of the sipregistration report # in whole or in part without the express permission of DataPlane is # expressly prohibited. # # This report is made possible through the generous support of people # like you. Sensor, processing and distribution systems require # non-free resources to setup and maintain. We are always looking for # financial contributions to help pay the bills and hosting to increase # visibility. If you find what we do useful, please consider supporting # us. # # This report is informational. It is not a block list, but some may # choose to use it to actively protect their networks and systems. The # report is provided on an as-is basis with no expressed warranty or # guarantee of accuracy. Use of this data is at your own risk. If you # have questions about this report do not hesitate to contact us. # # Entries below consist of fields with identifying characteristics of a # a source IP address that has been seen initiating a SIP REGISTER # operation to a remote host. This report lists hosts that are # suspicious of more than just port scanning. These hosts may be SIP # client cataloging or conducting various forms of telephony abuse. # Each entry is sorted according to a route origination ASN. An entry # for the IP address may be listed more than once if there are multiple # origin AS (MOAS) announcements for the covering prefix. We use the # Team Cymru IP address to ASN mapping service to construct an origin AS # number and name. For details about this Team Cymru service, see: # # . # # The report format is as follows: # # ASN | ASname | saddr | utc | category # # Each field is described below. Please note any special formatting # rules to aid in processing this file with automated tools and scripts. # Blank lines may be present to improve the visual display of this file. # Lines beginning with a hash ('#') character are comment lines. All # other lines are report entries. Each field is separated by a pipe # symbol ('|') and at least two whitespace characters on either side. # # ASN Autonomous system number originating a route for the entry # IP address. Note, 4-byte ASNs are supported and will be # displayed as a 32-bit integer. # # ASname A descriptive network name for the associated ASN. The # name is truncated to 30 characters. # # saddr The source IPv4 or IPv6 address that is being reported. # # utc A last seen timestamp formatted as YYYY-MM-DD HH:MM:SS # and in UTC time. # # category Descriptive tag name for this entry. For this report, # the text sipregistration will appear. # # A commented footer section shows an aggregate count of ASNs and # addresses seen in the current report. # 4134 | CHINANET-BACKBONE No.31,Jin-ro | 218.17.209.173 | 2019-02-16 20:11:07 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 106.75.84.197 | 2019-02-22 10:00:24 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 106.75.3.52 | 2019-02-20 23:56:13 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 106.75.64.59 | 2019-02-23 01:51:28 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 117.50.6.201 | 2019-02-21 16:12:23 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 106.75.63.218 | 2019-02-22 16:59:04 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 106.75.79.172 | 2019-02-20 21:59:10 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 106.75.65.85 | 2019-02-21 20:15:12 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 117.50.7.159 | 2019-02-21 08:54:57 | sipregistration 4837 | CHINA169-BACKBONE CHINA UNICOM | 60.214.148.174 | 2019-02-18 11:25:45 | sipregistration 8551 | BEZEQ-INTERNATIONAL-AS Bezeqin | 109.64.24.120 | 2019-02-23 04:18:43 | sipregistration 9009 | M247, GB | 185.245.84.24 | 2019-02-22 22:25:40 | sipregistration 9009 | M247, GB | 185.245.84.26 | 2019-02-23 07:58:52 | sipregistration 12876 | AS12876, FR | 51.15.154.96 | 2019-02-22 21:47:18 | sipregistration 12876 | AS12876, FR | 212.83.188.169 | 2019-02-21 18:36:16 | sipregistration 12876 | AS12876, FR | 212.83.149.171 | 2019-02-22 12:06:21 | sipregistration 12876 | AS12876, FR | 62.210.105.209 | 2019-02-18 22:52:02 | sipregistration 12876 | AS12876, FR | 62.210.5.142 | 2019-02-16 10:34:37 | sipregistration 12876 | AS12876, FR | 212.83.148.180 | 2019-02-16 14:26:41 | sipregistration 12876 | AS12876, FR | 212.83.171.226 | 2019-02-17 17:11:46 | sipregistration 12876 | AS12876, FR | 62.210.247.125 | 2019-02-22 15:34:32 | sipregistration 12876 | AS12876, FR | 62.210.31.220 | 2019-02-17 16:04:16 | sipregistration 12876 | AS12876, FR | 163.172.201.55 | 2019-02-20 19:53:40 | sipregistration 12876 | AS12876, FR | 51.15.159.185 | 2019-02-19 21:34:30 | sipregistration 12876 | AS12876, FR | 62.210.30.210 | 2019-02-17 12:50:56 | sipregistration 12876 | AS12876, FR | 212.129.11.255 | 2019-02-22 11:25:37 | sipregistration 12876 | AS12876, FR | 195.154.48.30 | 2019-02-23 07:55:33 | sipregistration 12876 | AS12876, FR | 62.210.251.233 | 2019-02-21 22:58:15 | sipregistration 12876 | AS12876, FR | 163.172.224.41 | 2019-02-22 13:31:26 | sipregistration 12975 | PALTEL-AS PALTEL Autonomous Sy | 188.161.247.201 | 2019-02-19 12:09:27 | sipregistration 15975 | HADARA-AS, PS | 37.8.87.215 | 2019-02-21 21:57:26 | sipregistration 16276 | OVH, FR | 217.182.79.173 | 2019-02-17 16:35:08 | sipregistration 29066 | VELIANET-AS velia.net Internet | 185.19.216.246 | 2019-02-23 02:10:01 | sipregistration 30633 | LEASEWEB-USA-WDC-01 - Leaseweb | 207.244.100.149 | 2019-02-23 07:52:26 | sipregistration 31034 | ARUBA-ASN, IT | 5.249.155.136 | 2019-02-23 00:15:03 | sipregistration 31408 | ORANGE-PALESTINE, PS | 185.19.222.95 | 2019-02-20 00:17:38 | sipregistration 31408 | ORANGE-PALESTINE, PS | 188.161.247.201 | 2019-02-19 12:09:27 | sipregistration 39020 | COMVIVE-AS Seville - Spain, ES | 192.71.213.14 | 2019-02-19 00:07:10 | sipregistration 46664 | VDI-NETWORK - VolumeDrive, US | 102.165.39.15 | 2019-02-19 10:34:35 | sipregistration 46664 | VDI-NETWORK - VolumeDrive, US | 102.165.38.242 | 2019-02-19 11:50:25 | sipregistration 46664 | VDI-NETWORK - VolumeDrive, US | 102.165.39.167 | 2019-02-19 10:49:48 | sipregistration 46664 | VDI-NETWORK - VolumeDrive, US | 102.165.52.231 | 2019-02-21 02:00:43 | sipregistration 46664 | VDI-NETWORK - VolumeDrive, US | 102.165.33.46 | 2019-02-19 09:06:29 | sipregistration 46664 | VDI-NETWORK - VolumeDrive, US | 102.165.51.46 | 2019-02-19 20:47:30 | sipregistration 46664 | VDI-NETWORK - VolumeDrive, US | 102.165.52.215 | 2019-02-19 08:26:00 | sipregistration 46664 | VDI-NETWORK - VolumeDrive, US | 102.165.36.71 | 2019-02-19 12:53:46 | sipregistration 46664 | VDI-NETWORK - VolumeDrive, US | 102.165.34.154 | 2019-02-18 12:33:02 | sipregistration 46664 | VDI-NETWORK - VolumeDrive, US | 102.165.38.246 | 2019-02-19 11:45:09 | sipregistration 51167 | CONTABO, DE | 207.180.222.104 | 2019-02-21 01:39:14 | sipregistration 51167 | CONTABO, DE | 167.86.74.27 | 2019-02-17 22:49:06 | sipregistration 57704 | SPEED-CLICK-LTD, PS | 192.145.123.168 | 2019-02-23 05:09:05 | sipregistration 61317 | ASDETUK http://www.host1plus.c | 102.165.39.15 | 2019-02-19 10:34:35 | sipregistration 61317 | ASDETUK http://www.host1plus.c | 102.165.38.242 | 2019-02-19 11:50:25 | sipregistration 61317 | ASDETUK http://www.host1plus.c | 102.165.39.167 | 2019-02-19 10:49:48 | sipregistration 61317 | ASDETUK http://www.host1plus.c | 102.165.52.231 | 2019-02-21 02:00:43 | sipregistration 61317 | ASDETUK http://www.host1plus.c | 102.165.33.46 | 2019-02-19 09:06:29 | sipregistration 61317 | ASDETUK http://www.host1plus.c | 102.165.51.46 | 2019-02-19 20:47:30 | sipregistration 61317 | ASDETUK http://www.host1plus.c | 102.165.52.215 | 2019-02-19 08:26:00 | sipregistration 61317 | ASDETUK http://www.host1plus.c | 102.165.36.71 | 2019-02-19 12:53:46 | sipregistration 61317 | ASDETUK http://www.host1plus.c | 102.165.34.154 | 2019-02-18 12:33:02 | sipregistration 61317 | ASDETUK http://www.host1plus.c | 102.165.38.246 | 2019-02-19 11:45:09 | sipregistration 199264 | CLOUDSTAR CLOUD STAR HOSTING S | 37.49.231.235 | 2019-02-22 16:26:13 | sipregistration 199264 | CLOUDSTAR CLOUD STAR HOSTING S | 185.53.88.2 | 2019-02-22 08:59:59 | sipregistration 199264 | CLOUDSTAR CLOUD STAR HOSTING S | 37.49.231.87 | 2019-02-21 23:24:29 | sipregistration 199264 | CLOUDSTAR CLOUD STAR HOSTING S | 185.53.88.25 | 2019-02-21 09:51:23 | sipregistration 199264 | CLOUDSTAR CLOUD STAR HOSTING S | 37.49.231.171 | 2019-02-23 07:57:40 | sipregistration 199264 | CLOUDSTAR CLOUD STAR HOSTING S | 185.53.91.66 | 2019-02-23 07:04:51 | sipregistration 199264 | CLOUDSTAR CLOUD STAR HOSTING S | 37.49.231.161 | 2019-02-23 05:19:48 | sipregistration # # Statistics # ASNs: 19 # Addresses: 57