# DataPlane.org - for operators, by operators # sipregistration # 2019-10-08 23:00 - 2019-10-15 23:00 # # The sipregistration report is free for non-commercial use ONLY. If # you wish to discuss commercial use of this service, please contact us # at info@dataplane.org. Redistribution of the sipregistration report # in whole or in part without the express permission of DataPlane is # expressly prohibited. # # This report is made possible through the generous support of people # like you. Sensor, processing and distribution systems require # non-free resources to setup and maintain. We are always looking for # financial contributions to help pay the bills and hosting to increase # visibility. If you find what we do useful, please consider supporting # us. # # This report is informational. It is not a block list, but some may # choose to use it to actively protect their networks and systems. The # report is provided on an as-is basis with no expressed warranty or # guarantee of accuracy. Use of this data is at your own risk. If you # have questions about this report do not hesitate to contact us. # # Entries below consist of fields with identifying characteristics of a # a source IP address that has been seen initiating a SIP REGISTER # operation to a remote host. This report lists hosts that are # suspicious of more than just port scanning. These hosts may be SIP # client cataloging or conducting various forms of telephony abuse. # Each entry is sorted according to a route origination ASN. An entry # for the IP address may be listed more than once if there are multiple # origin AS (MOAS) announcements for the covering prefix. We use the # Team Cymru IP address to ASN mapping service to construct an origin AS # number and name. For details about this Team Cymru service, see: # # . # # The report format is as follows: # # ASN | ASname | saddr | utc | category # # Each field is described below. Please note any special formatting # rules to aid in processing this file with automated tools and scripts. # Blank lines may be present to improve the visual display of this file. # Lines beginning with a hash ('#') character are comment lines. All # other lines are report entries. Each field is separated by a pipe # symbol ('|') and at least two whitespace characters on either side. # # ASN Autonomous system number originating a route for the entry # IP address. Note, 4-byte ASNs are supported and will be # displayed as a 32-bit integer. # # ASname A descriptive network name for the associated ASN. The # name is truncated to 30 characters. # # saddr The source IPv4 or IPv6 address that is being reported. # # utc A last seen timestamp formatted as YYYY-MM-DD HH:MM:SS # and in UTC time. # # category Descriptive tag name for this entry. For this report, # the text sipregistration will appear. # # A commented footer section shows an aggregate count of ASNs and # addresses seen in the current report. # 4134 | CHINANET-BACKBONE No.31,Jin-ro | 119.123.174.251 | 2019-10-14 09:27:12 | sipregistration 4134 | CHINANET-BACKBONE No.31,Jin-ro | 222.92.145.10 | 2019-10-14 14:39:08 | sipregistration 4134 | CHINANET-BACKBONE No.31,Jin-ro | 59.172.187.14 | 2019-10-14 09:31:02 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 106.75.106.221 | 2019-10-13 22:34:19 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 106.75.22.216 | 2019-10-14 22:10:55 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 117.50.5.94 | 2019-10-14 13:41:24 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 117.50.63.227 | 2019-10-14 13:41:34 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 117.50.6.201 | 2019-10-13 10:44:44 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 117.50.7.159 | 2019-10-09 21:43:46 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 106.75.2.200 | 2019-10-11 23:56:00 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 106.75.21.25 | 2019-10-14 09:42:35 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 117.50.65.167 | 2019-10-11 17:19:13 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 106.75.92.239 | 2019-10-15 08:02:06 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 117.50.60.193 | 2019-10-15 10:33:51 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 106.75.85.37 | 2019-10-15 12:27:58 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 106.75.2.81 | 2019-10-13 10:09:05 | sipregistration 4808 | CHINA169-BJ China Unicom Beiji | 106.75.3.52 | 2019-10-12 12:38:14 | sipregistration 4812 | CHINANET-SH-AP China Telecom ( | 222.72.159.70 | 2019-10-13 21:26:36 | sipregistration 4812 | CHINANET-SH-AP China Telecom ( | 116.235.182.14 | 2019-10-14 22:58:00 | sipregistration 4837 | CHINA169-BACKBONE CHINA UNICOM | 218.56.152.138 | 2019-10-11 19:14:59 | sipregistration 4837 | CHINA169-BACKBONE CHINA UNICOM | 60.214.143.254 | 2019-10-14 20:42:23 | sipregistration 11403 | NYINTERNET - NYI, US | 208.78.163.191 | 2019-10-09 14:33:46 | sipregistration 12876 | AS12876, FR | 212.83.142.49 | 2019-10-14 20:26:49 | sipregistration 12876 | AS12876, FR | 163.172.123.218 | 2019-10-12 12:56:05 | sipregistration 12876 | AS12876, FR | 212.83.158.222 | 2019-10-15 22:53:32 | sipregistration 12876 | AS12876, FR | 163.172.116.167 | 2019-10-09 15:31:36 | sipregistration 12876 | AS12876, FR | 195.154.63.204 | 2019-10-13 14:44:59 | sipregistration 12876 | AS12876, FR | 212.83.134.250 | 2019-10-12 12:21:37 | sipregistration 12876 | AS12876, FR | 212.129.50.2 | 2019-10-09 15:28:38 | sipregistration 12876 | AS12876, FR | 163.172.127.64 | 2019-10-13 13:52:55 | sipregistration 12876 | AS12876, FR | 163.172.201.178 | 2019-10-15 15:54:02 | sipregistration 12876 | AS12876, FR | 51.158.25.171 | 2019-10-14 21:21:44 | sipregistration 12876 | AS12876, FR | 195.154.40.99 | 2019-10-15 19:45:21 | sipregistration 12975 | PALTEL-AS PALTEL Autonomous Sy | 188.161.169.38 | 2019-10-09 22:22:33 | sipregistration 12989 | HWNG, NL | 209.107.214.55 | 2019-10-12 15:32:28 | sipregistration 12989 | HWNG, NL | 209.107.214.54 | 2019-10-14 21:46:10 | sipregistration 12989 | HWNG, NL | 209.107.214.56 | 2019-10-13 15:12:07 | sipregistration 12989 | HWNG, NL | 209.107.214.57 | 2019-10-15 22:54:48 | sipregistration 13188 | TRIOLAN, UA | 178.151.255.35 | 2019-10-14 13:46:06 | sipregistration 15975 | HADARA-AS, PS | 82.205.14.56 | 2019-10-14 22:54:28 | sipregistration 16276 | OVH, FR | 54.37.74.100 | 2019-10-09 09:45:37 | sipregistration 16276 | OVH, FR | 94.23.207.207 | 2019-10-10 05:36:31 | sipregistration 16276 | OVH, FR | 51.89.125.125 | 2019-10-12 21:59:49 | sipregistration 34300 | SPACENET-AS Internet Service P | 185.31.160.81 | 2019-10-15 01:39:48 | sipregistration 34300 | SPACENET-AS Internet Service P | 62.173.154.12 | 2019-10-12 20:13:52 | sipregistration 36352 | AS-COLOCROSSING - ColoCrossing | 23.94.182.206 | 2019-10-09 18:44:44 | sipregistration 46844 | ST-BGP - Sharktech, US | 174.128.239.226 | 2019-10-12 19:24:08 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.110.254 | 2019-10-09 12:21:42 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.110.245 | 2019-10-10 19:43:40 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 185.53.88.127 | 2019-10-15 15:49:54 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.110.216 | 2019-10-15 22:37:47 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.108.125 | 2019-10-15 22:58:17 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.110.233 | 2019-10-09 13:03:47 | sipregistration 209299 | VITOX-TELECOM VITOX TELECOM, N | 77.247.110.204 | 2019-10-09 13:54:43 | sipregistration # # Statistics # ASNs: 15 # Addresses: 54