ONYPHE
datascan ctl threatlist sniffer vulnscan riskscan

Returning 3 result(s) out of 3 in 0.024 second(s)

  • 13.211.211.9:5060 (udp/sip) - last seen on 2024-11-01 at 02:32:13 UTC

    • IP
      13.211.211.9
      Network
      13.208.0.0/13
      Domain(s)
      amazonaws.com
      Device

      <enterprise field>: device.class

      Reverse DNS
      ec2-13-211-211-9.ap-southeast-2.compute.amazonaws.com
      ASN
      AS16509
      Organization
      AMAZON-02
      Protocol
      sip
      Source
      udpscan

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      656be75bbfa8d003ca85ec5bdbd1d870 
    • SIP/2.0 200 OK\x0d
Via: SIP/2.0/UDP nm;branch=foo;rport=12934;received=<srcip>\x0d
To: <sip:nm2@nm2>;tag=3f689344\x0d
From: <sip:nm@nm>;tag=root\x0d
Call-ID: 50000\x0d
CSeq: 42 OPTIONS\x0d
Accept: application/sdp\x0d
Accept-Language: en\x0d
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\x0d
Supported: replaces, timer\x0d
Allow-Events: message-summary, dialog, call-info, line-seize\x0d
Content-Length: 0\x0d
\x0d

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T02:32:13.000Z",
   "app" : {
      "length" : "429"
   },
   "asn" : "AS16509",
   "city" : "Sydney",
   "country" : "AU",
   "data" : "SIP/2.0 200 OK\\x0d\nVia: SIP/2.0/UDP nm;branch=foo;rport=12934;received=<srcip>\\x0d\nTo: <sip:nm2@nm2>;tag=3f689344\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nCall-ID: 50000\\x0d\nCSeq: 42 OPTIONS\\x0d\nAccept: application/sdp\\x0d\nAccept-Language: en\\x0d\nAllow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\\x0d\nSupported: replaces, timer\\x0d\nAllow-Events: message-summary, dialog, call-info, line-seize\\x0d\nContent-Length: 0\\x0d\n\\x0d\n",
   "datamd5" : "656be75bbfa8d003ca85ec5bdbd1d870",
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "OC",
      "continentname" : "Oceania",
      "country" : "AU",
      "countryname" : "Australia",
      "isineu" : "false",
      "latitude" : "-25.274398",
      "location" : "-25.274398,133.775136",
      "longitude" : "133.775136",
      "netname" : "AMAZO-SYD",
      "organization" : "Amazon Corporate Services Pty Ltd",
      "subnet" : "13.210.0.0/15"
   },
   "host" : [
      "ec2-13-211-211-9"
   ],
   "hostname" : [
      "ec2-13-211-211-9.ap-southeast-2.compute.amazonaws.com"
   ],
   "ip" : "13.211.211.9",
   "ipv6" : "false",
   "latitude" : "-33.8715",
   "location" : "-33.8715,151.2006",
   "longitude" : "151.2006",
   "organization" : "AMAZON-02",
   "port" : "5060",
   "protocol" : "sip",
   "reverse" : [
      "ec2-13-211-211-9.ap-southeast-2.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-01",
   "source" : "udpscan",
   "subdomains" : [
      "ap-southeast-2.compute.amazonaws.com",
      "compute.amazonaws.com"
   ],
   "subnet" : "13.208.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "udp"
}

  • 13.211.211.9:5060 (tcp/sip) - last seen on 2024-10-11 at 10:06:53 UTC

    • IP
      13.211.211.9
      Network
      13.208.0.0/13
      Domain(s)
      amazonaws.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      Reverse DNS
      ec2-13-211-211-9.ap-southeast-2.compute.amazonaws.com
      ASN
      AS16509
      Organization
      AMAZON-02
      Protocol
      sip
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      eff48e7972379818017d111f25c8f5a7 
    • SIP/2.0 200 OK\x0d
Via: SIP/2.0/UDP nm;branch=foo;rport=36405;received=<srcip>\x0d
To: <sip:nm2@nm2>;tag=02661420\x0d
From: <sip:nm@nm>;tag=root\x0d
Call-ID: 50000\x0d
CSeq: 42 OPTIONS\x0d
Accept: application/sdp\x0d
Accept-Language: en\x0d
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\x0d
Supported: replaces, timer\x0d
Allow-Events: message-summary, dialog, call-info, line-seize\x0d
Content-Length: 0\x0d
\x0d

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-10-11T10:06:53.000Z",
   "app" : {
      "length" : 429
   },
   "asn" : "AS16509",
   "city" : "Sydney",
   "country" : "AU",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "SIP/2.0 200 OK\\x0d\nVia: SIP/2.0/UDP nm;branch=foo;rport=36405;received=<srcip>\\x0d\nTo: <sip:nm2@nm2>;tag=02661420\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nCall-ID: 50000\\x0d\nCSeq: 42 OPTIONS\\x0d\nAccept: application/sdp\\x0d\nAccept-Language: en\\x0d\nAllow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\\x0d\nSupported: replaces, timer\\x0d\nAllow-Events: message-summary, dialog, call-info, line-seize\\x0d\nContent-Length: 0\\x0d\n\\x0d\n",
   "datamd5" : "eff48e7972379818017d111f25c8f5a7",
   "datammh3" : 2063383110,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "OC",
      "continentname" : "Oceania",
      "country" : "AU",
      "countryname" : "Australia",
      "domain" : [
         "amazon.com",
         "amazonaws.com"
      ],
      "isineu" : "false",
      "latitude" : "-25.274398",
      "location" : "-25.274398,133.775136",
      "longitude" : "133.775136",
      "netname" : "AMAZO-SYD",
      "organization" : "Amazon Corporate Services Pty Ltd",
      "subnet" : "13.210.0.0/15"
   },
   "host" : [
      "ec2-13-211-211-9"
   ],
   "hostname" : [
      "ec2-13-211-211-9.ap-southeast-2.compute.amazonaws.com"
   ],
   "ip" : "13.211.211.9",
   "ipv6" : "false",
   "latitude" : "-33.8715",
   "location" : "-33.8715,151.2006",
   "longitude" : "151.2006",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5060,
   "protocol" : "sip",
   "reverse" : [
      "ec2-13-211-211-9.ap-southeast-2.compute.amazonaws.com"
   ],
   "seen_date" : "2024-10-11",
   "source" : "datascan",
   "subdomains" : [
      "ap-southeast-2.compute.amazonaws.com",
      "compute.amazonaws.com"
   ],
   "subnet" : "13.208.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

  • 13.211.211.9:5060 (udp/sip) - last seen on 2024-10-06 at 13:48:20 UTC

    • IP
      13.211.211.9
      Network
      13.208.0.0/13
      Domain(s)
      amazonaws.com
      Device

      <enterprise field>: device.class

      Reverse DNS
      ec2-13-211-211-9.ap-southeast-2.compute.amazonaws.com
      ASN
      AS16509
      Organization
      AMAZON-02
      Protocol
      sip
      Source
      udpscan

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      4bf58ceed9fffeae11d6238fa3b065f5 
    • SIP/2.0 200 OK\x0d
Via: SIP/2.0/UDP nm;branch=foo;rport=61928;received=<srcip>\x0d
To: <sip:nm2@nm2>;tag=e9c91f6a\x0d
From: <sip:nm@nm>;tag=root\x0d
Call-ID: 50000\x0d
CSeq: 42 OPTIONS\x0d
Accept: application/sdp\x0d
Accept-Language: en\x0d
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\x0d
Supported: replaces, timer\x0d
Allow-Events: message-summary, dialog, call-info, line-seize\x0d
Content-Length: 0\x0d
\x0d

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-10-06T13:48:20.000Z",
   "app" : {
      "length" : "429"
   },
   "asn" : "AS16509",
   "city" : "Sydney",
   "country" : "AU",
   "data" : "SIP/2.0 200 OK\\x0d\nVia: SIP/2.0/UDP nm;branch=foo;rport=61928;received=<srcip>\\x0d\nTo: <sip:nm2@nm2>;tag=e9c91f6a\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nCall-ID: 50000\\x0d\nCSeq: 42 OPTIONS\\x0d\nAccept: application/sdp\\x0d\nAccept-Language: en\\x0d\nAllow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\\x0d\nSupported: replaces, timer\\x0d\nAllow-Events: message-summary, dialog, call-info, line-seize\\x0d\nContent-Length: 0\\x0d\n\\x0d\n",
   "datamd5" : "4bf58ceed9fffeae11d6238fa3b065f5",
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "OC",
      "continentname" : "Oceania",
      "country" : "AU",
      "countryname" : "Australia",
      "isineu" : "false",
      "latitude" : "-25.274398",
      "location" : "-25.274398,133.775136",
      "longitude" : "133.775136",
      "netname" : "AMAZO-SYD",
      "organization" : "Amazon Corporate Services Pty Ltd",
      "subnet" : "13.210.0.0/15"
   },
   "host" : [
      "ec2-13-211-211-9"
   ],
   "hostname" : [
      "ec2-13-211-211-9.ap-southeast-2.compute.amazonaws.com"
   ],
   "ip" : "13.211.211.9",
   "ipv6" : "false",
   "latitude" : "-33.8715",
   "location" : "-33.8715,151.2006",
   "longitude" : "151.2006",
   "organization" : "AMAZON-02",
   "port" : "5060",
   "protocol" : "sip",
   "reverse" : [
      "ec2-13-211-211-9.ap-southeast-2.compute.amazonaws.com"
   ],
   "seen_date" : "2024-10-06",
   "source" : "udpscan",
   "subdomains" : [
      "ap-southeast-2.compute.amazonaws.com",
      "compute.amazonaws.com"
   ],
   "subnet" : "13.208.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "udp"
}