# DataPlane.org - for operators, by operators # sipregistration # 2020-11-24 23:00 - 2020-12-01 23:00 # # The sipregistration report is free for non-commercial use ONLY. If # you wish to discuss commercial use of this service, please contact us # at info@dataplane.org. Redistribution of the sipregistration report # in whole or in part without the express permission of DataPlane is # expressly prohibited. # # This report is made possible through the generous support of people # like you. Sensor, processing and distribution systems require # non-free resources to setup and maintain. We are always looking for # financial contributions to help pay the bills and hosting to increase # visibility. If you find what we do useful, please consider supporting # us. # # This report is informational. It is not a block list, but some may # choose to use it to actively protect their networks and systems. The # report is provided on an as-is basis with no expressed warranty or # guarantee of accuracy. Use of this data is at your own risk. If you # have questions about this report do not hesitate to contact us. # # Entries below consist of fields with identifying characteristics of a # a source IP address that has been seen initiating a SIP REGISTER # operation to a remote host. This report lists hosts that are # suspicious of more than just port scanning. These hosts may be SIP # client cataloging or conducting various forms of telephony abuse. # Each entry is sorted according to a route origination ASN. An entry # for the IP address may be listed more than once if there are multiple # origin AS (MOAS) announcements for the covering prefix. We use the # Team Cymru IP address to ASN mapping service to construct an origin AS # number and name. For details about this Team Cymru service, see: # # . # # The report format is as follows: # # ASN | ASname | saddr | utc | category # # Each field is described below. Please note any special formatting # rules to aid in processing this file with automated tools and scripts. # Blank lines may be present to improve the visual display of this file. # Lines beginning with a hash ('#') character are comment lines. All # other lines are report entries. Each field is separated by a pipe # symbol ('|') and at least two whitespace characters on either side. # # ASN Autonomous system number originating a route for the entry # IP address. Note, 4-byte ASNs are supported and will be # displayed as a 32-bit integer. # # ASname A descriptive network name for the associated ASN. The # name is truncated to 30 characters. # # saddr The source IPv4 or IPv6 address that is being reported. # # utc A last seen timestamp formatted as YYYY-MM-DD HH:MM:SS # and in UTC time. # # category Descriptive tag name for this entry. For this report, # the text sipregistration will appear. # # A commented footer section shows an aggregate count of ASNs and # addresses seen in the current report. # 7489 | HOSTUS-GLOBAL-AS HostUS, HK | 45.249.91.246 | 2020-12-01 22:08:53 | sipregistration 8075 | MICROSOFT-CORP-MSN-AS-BLOCK, U | 40.74.226.113 | 2020-11-26 18:06:38 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 212.129.41.9 | 2020-11-30 21:05:56 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 51.159.93.160 | 2020-11-27 10:52:08 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 62.210.8.216 | 2020-11-26 17:55:29 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 51.15.148.90 | 2020-12-01 15:37:32 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 195.154.60.3 | 2020-11-26 15:34:12 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 195.154.63.224 | 2020-11-30 09:25:32 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 51.158.31.190 | 2020-12-01 22:54:50 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 212.83.175.36 | 2020-11-29 00:19:32 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 51.159.93.108 | 2020-11-25 09:11:59 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 163.172.88.67 | 2020-11-25 16:01:15 | sipregistration 12876 | AS12876 ONLINE S.A.S., FR | 212.83.149.170 | 2020-11-28 13:02:06 | sipregistration 12975 | PALTEL-AS Palestine Telecommun | 185.108.26.142 | 2020-11-27 00:49:44 | sipregistration 14061 | DIGITALOCEAN-ASN, US | 143.110.248.145 | 2020-11-28 01:39:17 | sipregistration 14061 | DIGITALOCEAN-ASN, US | 206.81.21.150 | 2020-11-28 09:36:58 | sipregistration 14061 | DIGITALOCEAN-ASN, US | 159.89.136.170 | 2020-11-25 16:15:25 | sipregistration 14061 | DIGITALOCEAN-ASN, US | 165.22.9.249 | 2020-11-26 18:46:31 | sipregistration 14061 | DIGITALOCEAN-ASN, US | 157.245.213.183 | 2020-11-27 18:54:18 | sipregistration 14061 | DIGITALOCEAN-ASN, US | 167.99.144.23 | 2020-11-25 22:01:46 | sipregistration 15975 | Hadara-AS Hadara Technologies | 89.239.43.19 | 2020-12-01 21:07:41 | sipregistration 15975 | Hadara-AS Hadara Technologies | 185.108.26.142 | 2020-11-27 00:49:44 | sipregistration 15975 | Hadara-AS Hadara Technologies | 89.239.44.145 | 2020-11-29 14:34:11 | sipregistration 16276 | OVH OVH SAS, FR | 51.75.86.211 | 2020-12-01 22:52:25 | sipregistration 16276 | OVH OVH SAS, FR | 198.100.146.121 | 2020-11-25 09:50:38 | sipregistration 16276 | OVH OVH SAS, FR | 54.36.166.196 | 2020-11-30 20:19:55 | sipregistration 24961 | MYLOC-AS myLoc managed IT AG, | 85.114.138.106 | 2020-11-30 12:57:27 | sipregistration 24961 | MYLOC-AS myLoc managed IT AG, | 5.104.108.127 | 2020-12-01 22:56:24 | sipregistration 29066 | VELIANET-AS Host Europe GmbH, | 185.19.216.246 | 2020-12-01 12:19:48 | sipregistration 32097 | WII, US | 173.208.214.66 | 2020-12-01 03:21:57 | sipregistration 40156 | THEOPT-HOU, US | 66.187.71.78 | 2020-11-25 14:49:15 | sipregistration 46475 | LIMESTONENETWORKS, US | 216.245.196.210 | 2020-12-01 12:20:27 | sipregistration 46562 | PERFORMIVE, US | 198.8.85.134 | 2020-11-30 12:39:46 | sipregistration 46664 | VDI-NETWORK, US | 45.249.91.246 | 2020-12-01 22:08:53 | sipregistration 201814 | PL-SKYTECH-AS Meverywhere sp. | 193.32.8.52 | 2020-11-26 20:39:26 | sipregistration 201814 | PL-SKYTECH-AS Meverywhere sp. | 193.32.8.42 | 2020-11-30 21:10:36 | sipregistration 204997 | FIRSTBYTE-AS NTX Technologies | 147.78.66.33 | 2020-11-28 17:07:51 | sipregistration 212370 | PEENQ PEENQ.NL, NL | 37.49.225.148 | 2020-12-01 21:51:58 | sipregistration 212370 | PEENQ PEENQ.NL, NL | 37.49.225.232 | 2020-11-26 13:58:40 | sipregistration 213371 | SQUITTER-NETWORKS ABC Consulta | 103.145.13.116 | 2020-12-01 16:45:23 | sipregistration 213371 | SQUITTER-NETWORKS ABC Consulta | 80.94.93.40 | 2020-11-30 23:39:30 | sipregistration 213371 | SQUITTER-NETWORKS ABC Consulta | 80.94.93.16 | 2020-11-30 06:26:23 | sipregistration 213371 | SQUITTER-NETWORKS ABC Consulta | 37.49.230.164 | 2020-11-29 12:49:31 | sipregistration 213371 | SQUITTER-NETWORKS ABC Consulta | 37.49.230.203 | 2020-11-28 05:01:02 | sipregistration 213371 | SQUITTER-NETWORKS ABC Consulta | 103.145.13.115 | 2020-11-27 12:01:35 | sipregistration 213371 | SQUITTER-NETWORKS ABC Consulta | 80.94.93.60 | 2020-11-30 23:36:26 | sipregistration 213371 | SQUITTER-NETWORKS ABC Consulta | 103.145.12.47 | 2020-12-01 17:31:31 | sipregistration 213371 | SQUITTER-NETWORKS ABC Consulta | 103.145.13.109 | 2020-12-01 22:53:46 | sipregistration 213371 | SQUITTER-NETWORKS ABC Consulta | 80.94.93.85 | 2020-11-29 18:53:37 | sipregistration # # Statistics # ASNs: 18 # Addresses: 47