Cyber Defense Search Engine

IP
87.138.98.41

Network
87.136.0.0/13

Domain(s)
t-ipconnect.de

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
p578a6229.dip0.t-ipconnect.de

ASN
AS3320

Organization
Deutsche Telekom AG

Protocol
sip

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
5f62075afd3cf431b498e700bcbafe12

SIP/2.0 200 OK\x0d
Via: SIP/2.0/UDP nm;branch=foo;rport=54567;received=<srcip>\x0d
To: <sip:nm2@nm2>;tag=2eab725c\x0d
From: <sip:nm@nm>;tag=root\x0d
Call-ID: 50000\x0d
CSeq: 42 OPTIONS\x0d
Accept: application/sdp\x0d
Accept-Language: en\x0d
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\x0d
Supported: replaces, timer\x0d
Allow-Events: message-summary, dialog, call-info, line-seize\x0d
Content-Length: 0\x0d
\x0d

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T02:21:56.000Z",
   "app" : {
      "length" : 429
   },
   "asn" : "AS3320",
   "city" : "Berlin",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "SIP/2.0 200 OK\\x0d\nVia: SIP/2.0/UDP nm;branch=foo;rport=54567;received=<srcip>\\x0d\nTo: <sip:nm2@nm2>;tag=2eab725c\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nCall-ID: 50000\\x0d\nCSeq: 42 OPTIONS\\x0d\nAccept: application/sdp\\x0d\nAccept-Language: en\\x0d\nAllow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\\x0d\nSupported: replaces, timer\\x0d\nAllow-Events: message-summary, dialog, call-info, line-seize\\x0d\nContent-Length: 0\\x0d\n\\x0d\n",
   "datamd5" : "5f62075afd3cf431b498e700bcbafe12",
   "datammh3" : 624886725,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "t-ipconnect.de"
   ],
   "host" : [
      "p578a6229"
   ],
   "hostname" : [
      "p578a6229.dip0.t-ipconnect.de"
   ],
   "ip" : "87.138.98.41",
   "ipv6" : "false",
   "latitude" : "52.5289",
   "location" : "52.5289,13.2666",
   "longitude" : "13.2666",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Deutsche Telekom AG",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5060,
   "protocol" : "sip",
   "reverse" : [
      "p578a6229.dip0.t-ipconnect.de"
   ],
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "subdomains" : [
      "dip0.t-ipconnect.de"
   ],
   "subnet" : "87.136.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "de"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
50.93.88.247

Network
50.93.64.0/19

Domain(s)
telus.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
d50-93-88-247.abhsia.telus.net

ASN
AS16509

Organization
AMAZON-02

Protocol
sip

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
b3c72a90f1bd1b8da5ccbdcd0a51bfef

SIP/2.0 200 OK\x0d
Via: SIP/2.0/UDP nm;branch=foo;rport=37003;received=<srcip>\x0d
From: <sip:nm@nm>;tag=root\x0d
To: <sip:nm2@nm2>;tag=a6a1c5f60faecf035a1ae5b6e96e979a-1e840000\x0d
Call-ID: 50000\x0d
CSeq: 42 OPTIONS\x0d
X-KEY: c1bcac69d23d142138d2d59b437c4e0f\x0d
Server: Wildix GW 20231220.1~31a63958\x0d
Content-Length: 0\x0d
\x0d

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T02:21:55.000Z",
   "app" : {
      "length" : 305
   },
   "asn" : "AS16509",
   "city" : "Milan",
   "country" : "IT",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "SIP/2.0 200 OK\\x0d\nVia: SIP/2.0/UDP nm;branch=foo;rport=37003;received=<srcip>\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nTo: <sip:nm2@nm2>;tag=a6a1c5f60faecf035a1ae5b6e96e979a-1e840000\\x0d\nCall-ID: 50000\\x0d\nCSeq: 42 OPTIONS\\x0d\nX-KEY: c1bcac69d23d142138d2d59b437c4e0f\\x0d\nServer: Wildix GW 20231220.1~31a63958\\x0d\nContent-Length: 0\\x0d\n\\x0d\n",
   "datamd5" : "b3c72a90f1bd1b8da5ccbdcd0a51bfef",
   "datammh3" : 976513165,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "telus.net"
   ],
   "geolocus" : {
      "asn" : "AS852",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "CA",
      "countryname" : "Canada",
      "domain" : [
         "telus.com",
         "telus.net"
      ],
      "isineu" : "false",
      "latitude" : "56.130366",
      "location" : "56.130366,-106.346771",
      "longitude" : "-106.346771",
      "netname" : "TELUS-FIBRE-CLGRAB21",
      "organization" : "TELUS Communications Inc.",
      "subnet" : "50.93.0.0/17"
   },
   "host" : [
      "d50-93-88-247"
   ],
   "hostname" : [
      "d50-93-88-247.abhsia.telus.net"
   ],
   "ip" : "50.93.88.247",
   "ipv6" : "false",
   "latitude" : "45.4722",
   "location" : "45.4722,9.1922",
   "longitude" : "9.1922",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5060,
   "protocol" : "sip",
   "reverse" : [
      "d50-93-88-247.abhsia.telus.net"
   ],
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "subdomains" : [
      "abhsia.telus.net"
   ],
   "subnet" : "50.93.64.0/19",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
139.59.146.148

Network
139.59.128.0/18

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

ASN
AS14061

Organization
DIGITALOCEAN-ASN

Protocol
sip

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
e4a0c76278ca91cb1081169d1dbae0ef

SIP/2.0 200 OK\x0d
Via: SIP/2.0/UDP nm;branch=foo;rport=37175;received=<srcip>\x0d
To: <sip:nm2@nm2>;tag=b551c639\x0d
From: <sip:nm@nm>;tag=root\x0d
Call-ID: 50000\x0d
CSeq: 42 OPTIONS\x0d
Accept: application/sdp\x0d
Accept-Language: en\x0d
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\x0d
Supported: replaces, timer\x0d
Allow-Events: message-summary, dialog, call-info, line-seize\x0d
Content-Length: 0\x0d
\x0d

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T02:21:55.000Z",
   "app" : {
      "length" : 429
   },
   "asn" : "AS14061",
   "city" : "Frankfurt am Main",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "SIP/2.0 200 OK\\x0d\nVia: SIP/2.0/UDP nm;branch=foo;rport=37175;received=<srcip>\\x0d\nTo: <sip:nm2@nm2>;tag=b551c639\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nCall-ID: 50000\\x0d\nCSeq: 42 OPTIONS\\x0d\nAccept: application/sdp\\x0d\nAccept-Language: en\\x0d\nAllow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\\x0d\nSupported: replaces, timer\\x0d\nAllow-Events: message-summary, dialog, call-info, line-seize\\x0d\nContent-Length: 0\\x0d\n\\x0d\n",
   "datamd5" : "e4a0c76278ca91cb1081169d1dbae0ef",
   "datammh3" : 1694989216,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS14061",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "DE",
      "countryname" : "Germany",
      "domain" : [
         "digitalocean.com"
      ],
      "isineu" : "true",
      "latitude" : "51.165691",
      "location" : "51.165691,10.451526",
      "longitude" : "10.451526",
      "netname" : "DIGITALOCEAN-AP",
      "organization" : "DigitalOcean, LLC",
      "subnet" : "139.59.128.0/19"
   },
   "ip" : "139.59.146.148",
   "ipv6" : "false",
   "latitude" : "50.1184",
   "location" : "50.1184,8.6827",
   "longitude" : "8.6827",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "DIGITALOCEAN-ASN",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5060,
   "protocol" : "sip",
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "subnet" : "139.59.128.0/18",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
18.135.24.8

Network
18.132.0.0/14

Domain(s)
amazonaws.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
ec2-18-135-24-8.eu-west-2.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
sip

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
2fe01f05aef01500d14af2cd6e858548

SIP/2.0 200 OK\x0d
Via: SIP/2.0/UDP nm;branch=foo;rport=39915;received=<srcip>\x0d
From: <sip:nm@nm>;tag=root\x0d
To: <sip:nm2@nm2>;tag=a6a1c5f60faecf035a1ae5b6e96e979a-1e840000\x0d
Call-ID: 50000\x0d
CSeq: 42 OPTIONS\x0d
X-KEY: d1894b3da917180d1cf2e23795233364\x0d
Server: Wildix GW 20240911.1~b639c7e3\x0d
Content-Length: 0\x0d
\x0d

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T02:21:55.000Z",
   "app" : {
      "length" : 305
   },
   "asn" : "AS16509",
   "city" : "London",
   "country" : "GB",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "SIP/2.0 200 OK\\x0d\nVia: SIP/2.0/UDP nm;branch=foo;rport=39915;received=<srcip>\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nTo: <sip:nm2@nm2>;tag=a6a1c5f60faecf035a1ae5b6e96e979a-1e840000\\x0d\nCall-ID: 50000\\x0d\nCSeq: 42 OPTIONS\\x0d\nX-KEY: d1894b3da917180d1cf2e23795233364\\x0d\nServer: Wildix GW 20240911.1~b639c7e3\\x0d\nContent-Length: 0\\x0d\n\\x0d\n",
   "datamd5" : "2fe01f05aef01500d14af2cd6e858548",
   "datammh3" : -928859066,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "GB",
      "countryname" : "United Kingdom",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "55.378051",
      "location" : "55.378051,-3.435973",
      "longitude" : "-3.435973",
      "netname" : "AMAZON-LHR",
      "organization" : "Amazon Data Services UK",
      "subnet" : "18.132.0.0/14"
   },
   "host" : [
      "ec2-18-135-24-8"
   ],
   "hostname" : [
      "ec2-18-135-24-8.eu-west-2.compute.amazonaws.com"
   ],
   "ip" : "18.135.24.8",
   "ipv6" : "false",
   "latitude" : "51.5088",
   "location" : "51.5088,-0.0930",
   "longitude" : "-0.0930",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5060,
   "protocol" : "sip",
   "reverse" : [
      "ec2-18-135-24-8.eu-west-2.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "subdomains" : [
      "compute.amazonaws.com",
      "eu-west-2.compute.amazonaws.com"
   ],
   "subnet" : "18.132.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
50.93.56.202

Network
50.93.0.0/18

Domain(s)
telus.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
d50-93-56-202.abhsia.telus.net

ASN
AS16509

Organization
AMAZON-02

Protocol
sip

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
b418557be418dbf915ee6061a5759c95

SIP/2.0 200 OK\x0d
Via: SIP/2.0/UDP nm;branch=foo;rport=48927;received=<srcip>\x0d
From: <sip:nm@nm>;tag=root\x0d
To: <sip:nm2@nm2>;tag=a6a1c5f60faecf035a1ae5b6e96e979a-1e840000\x0d
Call-ID: 50000\x0d
CSeq: 42 OPTIONS\x0d
X-KEY: 848c53955184fa0b1aff1f3a8c78725b\x0d
Server: Wildix GW 20240911.1~b639c7e3\x0d
Content-Length: 0\x0d
\x0d

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T02:21:55.000Z",
   "app" : {
      "length" : 305
   },
   "asn" : "AS16509",
   "city" : "Milan",
   "country" : "IT",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "SIP/2.0 200 OK\\x0d\nVia: SIP/2.0/UDP nm;branch=foo;rport=48927;received=<srcip>\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nTo: <sip:nm2@nm2>;tag=a6a1c5f60faecf035a1ae5b6e96e979a-1e840000\\x0d\nCall-ID: 50000\\x0d\nCSeq: 42 OPTIONS\\x0d\nX-KEY: 848c53955184fa0b1aff1f3a8c78725b\\x0d\nServer: Wildix GW 20240911.1~b639c7e3\\x0d\nContent-Length: 0\\x0d\n\\x0d\n",
   "datamd5" : "b418557be418dbf915ee6061a5759c95",
   "datammh3" : 798622003,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "telus.net"
   ],
   "geolocus" : {
      "asn" : "AS852",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "CA",
      "countryname" : "Canada",
      "domain" : [
         "telus.com",
         "telus.net"
      ],
      "isineu" : "false",
      "latitude" : "56.130366",
      "location" : "56.130366,-106.346771",
      "longitude" : "-106.346771",
      "netname" : "TELUS-FIBRE-CLGRAB21",
      "organization" : "TELUS Communications Inc.",
      "subnet" : "50.93.0.0/17"
   },
   "host" : [
      "d50-93-56-202"
   ],
   "hostname" : [
      "d50-93-56-202.abhsia.telus.net"
   ],
   "ip" : "50.93.56.202",
   "ipv6" : "false",
   "latitude" : "45.4722",
   "location" : "45.4722,9.1922",
   "longitude" : "9.1922",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5060,
   "protocol" : "sip",
   "reverse" : [
      "d50-93-56-202.abhsia.telus.net"
   ],
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "subdomains" : [
      "abhsia.telus.net"
   ],
   "subnet" : "50.93.0.0/18",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
54.79.193.140

Network
54.64.0.0/12

Domain(s)
amazonaws.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
ec2-54-79-193-140.ap-southeast-2.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
sip

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
7f0dd39a409764742ceb596d25b188c5

SIP/2.0 200 OK\x0d
Via: SIP/2.0/UDP nm;branch=foo;rport=58297;received=<srcip>\x0d
To: <sip:nm2@nm2>;tag=8bef0562\x0d
From: <sip:nm@nm>;tag=root\x0d
Call-ID: 50000\x0d
CSeq: 42 OPTIONS\x0d
Accept: application/sdp\x0d
Accept-Language: en\x0d
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\x0d
Supported: replaces, timer\x0d
Allow-Events: message-summary, dialog, call-info, line-seize\x0d
Content-Length: 0\x0d
\x0d

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T02:21:52.000Z",
   "app" : {
      "length" : 429
   },
   "asn" : "AS16509",
   "city" : "Sydney",
   "country" : "AU",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "SIP/2.0 200 OK\\x0d\nVia: SIP/2.0/UDP nm;branch=foo;rport=58297;received=<srcip>\\x0d\nTo: <sip:nm2@nm2>;tag=8bef0562\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nCall-ID: 50000\\x0d\nCSeq: 42 OPTIONS\\x0d\nAccept: application/sdp\\x0d\nAccept-Language: en\\x0d\nAllow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\\x0d\nSupported: replaces, timer\\x0d\nAllow-Events: message-summary, dialog, call-info, line-seize\\x0d\nContent-Length: 0\\x0d\n\\x0d\n",
   "datamd5" : "7f0dd39a409764742ceb596d25b188c5",
   "datammh3" : -740746614,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "OC",
      "continentname" : "Oceania",
      "country" : "AU",
      "countryname" : "Australia",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "-25.274398",
      "location" : "-25.274398,133.775136",
      "longitude" : "133.775136",
      "netname" : "AMAZO-ZSYD8",
      "organization" : "Amazon Corporate Services Pty Ltd",
      "subnet" : "54.79.0.0/16"
   },
   "host" : [
      "ec2-54-79-193-140"
   ],
   "hostname" : [
      "ec2-54-79-193-140.ap-southeast-2.compute.amazonaws.com"
   ],
   "ip" : "54.79.193.140",
   "ipv6" : "false",
   "latitude" : "-33.8715",
   "location" : "-33.8715,151.2006",
   "longitude" : "151.2006",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5060,
   "protocol" : "sip",
   "reverse" : [
      "ec2-54-79-193-140.ap-southeast-2.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "subdomains" : [
      "ap-southeast-2.compute.amazonaws.com",
      "compute.amazonaws.com"
   ],
   "subnet" : "54.64.0.0/12",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
172.86.251.11

Network
172.86.250.0/23

Domain(s)
secureuc.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
core1-atl.secureuc.net

ASN
AS394334

Organization
NETLINKVOICE-JAN1

Protocol
sip

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ce89f685f5450a46c0b8683bf1439081

SIP/2.0 403 Forbidden\x0d
Via: SIP/2.0/UDP nm;branch=foo;received=<srcip>;rport=53285\x0d
To: <sip:nm2@nm2>;tag=LMTdjkbfOhzYj9c562D3AB\x0d
From: <sip:nm@nm>;tag=root\x0d
Call-ID: 50000\x0d
CSeq: 42 OPTIONS\x0d
Content-Length: 0\x0d
\x0d

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T02:21:52.000Z",
   "app" : {
      "length" : 213
   },
   "asn" : "AS394334",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "SIP/2.0 403 Forbidden\\x0d\nVia: SIP/2.0/UDP nm;branch=foo;received=<srcip>;rport=53285\\x0d\nTo: <sip:nm2@nm2>;tag=LMTdjkbfOhzYj9c562D3AB\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nCall-ID: 50000\\x0d\nCSeq: 42 OPTIONS\\x0d\nContent-Length: 0\\x0d\n\\x0d\n",
   "datamd5" : "ce89f685f5450a46c0b8683bf1439081",
   "datammh3" : -280172701,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "secureuc.net"
   ],
   "geolocus" : {
      "asn" : "AS394334",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "netlinkvoice.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "NETLINKVOICE-N1",
      "organization" : "Netlink Voice",
      "subnet" : "172.86.250.0/23"
   },
   "host" : [
      "core1-atl"
   ],
   "hostname" : [
      "core1-atl.secureuc.net"
   ],
   "ip" : "172.86.251.11",
   "ipv6" : "false",
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "NETLINKVOICE-JAN1",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5060,
   "protocol" : "sip",
   "reverse" : [
      "core1-atl.secureuc.net"
   ],
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "subnet" : "172.86.250.0/23",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
178.13.24.11

Network
178.0.0.0/12

Domain(s)
arcor-ip.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
business-178-013-024-011.static.arcor-ip.net

ASN
AS3209

Organization
Vodafone GmbH

Protocol
sip

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
7893f2a492ff2459fa0d03499901395c

SIP/2.0 200 OK\x0d
Via: SIP/2.0/UDP nm;branch=foo;rport=47123;received=<srcip>\x0d
Contact: <sip:192.168.2.40:5060;transport=tcp>\x0d
To: <sip:nm2@nm2>;tag=a30d332c\x0d
From: <sip:nm@nm>;tag=root\x0d
Call-ID: 50000\x0d
CSeq: 42 OPTIONS\x0d
Accept: application/sdp, multipart/mixed, application/csta+xml\x0d
Accept-Language: en\x0d
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, UPDATE, NOTIFY, REFER, PRACK, INFO, MESSAGE\x0d
Supported: timer\x0d
User-Agent: Auerswald COMpact 4000/8.4G000\x0d
Content-Length: 0\x0d
\x0d

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T02:21:52.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "192.168.2.40"
         ]
      },
      "length" : 474
   },
   "asn" : "AS3209",
   "city" : "Dortmund",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "SIP/2.0 200 OK\\x0d\nVia: SIP/2.0/UDP nm;branch=foo;rport=47123;received=<srcip>\\x0d\nContact: <sip:192.168.2.40:5060;transport=tcp>\\x0d\nTo: <sip:nm2@nm2>;tag=a30d332c\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nCall-ID: 50000\\x0d\nCSeq: 42 OPTIONS\\x0d\nAccept: application/sdp, multipart/mixed, application/csta+xml\\x0d\nAccept-Language: en\\x0d\nAllow: INVITE, ACK, CANCEL, OPTIONS, BYE, UPDATE, NOTIFY, REFER, PRACK, INFO, MESSAGE\\x0d\nSupported: timer\\x0d\nUser-Agent: Auerswald COMpact 4000/8.4G000\\x0d\nContent-Length: 0\\x0d\n\\x0d\n",
   "datamd5" : "7893f2a492ff2459fa0d03499901395c",
   "datammh3" : -1289024339,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "arcor-ip.net"
   ],
   "host" : [
      "business-178-013-024-011"
   ],
   "hostname" : [
      "business-178-013-024-011.static.arcor-ip.net"
   ],
   "ip" : "178.13.24.11",
   "ipv6" : "false",
   "latitude" : "51.4643",
   "location" : "51.4643,7.5080",
   "longitude" : "7.5080",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Vodafone GmbH",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5060,
   "protocol" : "sip",
   "reverse" : [
      "business-178-013-024-011.static.arcor-ip.net"
   ],
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "subdomains" : [
      "static.arcor-ip.net"
   ],
   "subnet" : "178.0.0.0/12",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
80.89.211.183

Network
80.89.208.0/20

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

ASN
AS8758

Organization
Iway AG

Protocol
sip

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
9afc602f0028f60103a4937aad4cd327

SIP/2.0 401 Unauthorized\x0d
Via: SIP/2.0/UDP nm;rport=35391;received=<srcip>;branch=foo\x0d
Call-ID: 50000\x0d
From: <sip:nm@nm>;tag=root\x0d
To: <sip:nm2@nm2>;tag=foo\x0d
CSeq: 42 OPTIONS\x0d
WWW-Authenticate: Digest realm="asterisk",nonce="1730427702/578cbfaba6e0069de55a3926f935ffdb",opaque="6c62a7952029bd61",algorithm=MD5,qop="auth"\x0d
Server: wwcommunicator\x0d
Content-Length:  0\x0d
\x0d

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T02:21:52.000Z",
   "app" : {
      "length" : 368
   },
   "asn" : "AS8758",
   "city" : "Zurich",
   "country" : "CH",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "SIP/2.0 401 Unauthorized\\x0d\nVia: SIP/2.0/UDP nm;rport=35391;received=<srcip>;branch=foo\\x0d\nCall-ID: 50000\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nTo: <sip:nm2@nm2>;tag=foo\\x0d\nCSeq: 42 OPTIONS\\x0d\nWWW-Authenticate: Digest realm=\"asterisk\",nonce=\"1730427702/578cbfaba6e0069de55a3926f935ffdb\",opaque=\"6c62a7952029bd61\",algorithm=MD5,qop=\"auth\"\\x0d\nServer: wwcommunicator\\x0d\nContent-Length:  0\\x0d\n\\x0d\n",
   "datamd5" : "9afc602f0028f60103a4937aad4cd327",
   "datammh3" : -1290946897,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS8758",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "CH",
      "countryname" : "Switzerland",
      "domain" : [
         "as8758.net"
      ],
      "isineu" : "false",
      "latitude" : "46.818188",
      "location" : "46.818188,8.227512",
      "longitude" : "8.227512",
      "netname" : "AS8758-NEXPHONE-VPBX",
      "organization" : "Nexphone AG",
      "subnet" : "80.89.208.0/21"
   },
   "ip" : "80.89.211.183",
   "ipv6" : "false",
   "latitude" : "47.3952",
   "location" : "47.3952,8.4925",
   "longitude" : "8.4925",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Iway AG",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5060,
   "protocol" : "sip",
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "subnet" : "80.89.208.0/20",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
195.181.158.55

Network
195.181.128.0/19

Domain(s)
tussa.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
node55.zone158.ib195-181.cust.tussa.com

ASN
AS203424

Organization
Tussa Ikt As

Protocol
sip

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
81e4626c43d1302a59aa1488923af197

SIP/2.0 400 Bad Request\x0d
Via: SIP/2.0/UDP nm;branch=foo;rport\x0d
From: <sip:nm@nm>;tag=root\x0d
To: <sip:nm2@nm2>;tag=1855658073\x0d
Call-ID: 50000\x0d
CSeq: 42 OPTIONS\x0d
Server:  M5T SIP Stack/4.1.10.16\x0d
User-Agent: ZNID (S4.1.316) M5T SIP Stack/4.1.10.16\x0d
Content-Type: text/plain\x0d
Content-Length: 51\x0d
\x0d
Invalid header(s): top-most Via transport parameter

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T02:21:52.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "4.1.10.16"
         ]
      },
      "length" : 345
   },
   "asn" : "AS203424",
   "city" : "Hareid",
   "country" : "NO",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "SIP/2.0 400 Bad Request\\x0d\nVia: SIP/2.0/UDP nm;branch=foo;rport\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nTo: <sip:nm2@nm2>;tag=1855658073\\x0d\nCall-ID: 50000\\x0d\nCSeq: 42 OPTIONS\\x0d\nServer:  M5T SIP Stack/4.1.10.16\\x0d\nUser-Agent: ZNID (S4.1.316) M5T SIP Stack/4.1.10.16\\x0d\nContent-Type: text/plain\\x0d\nContent-Length: 51\\x0d\n\\x0d\nInvalid header(s): top-most Via transport parameter",
   "datamd5" : "81e4626c43d1302a59aa1488923af197",
   "datammh3" : 91607320,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "tussa.com"
   ],
   "geolocus" : {
      "asn" : "AS203424",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "NO",
      "countryname" : "Norway",
      "domain" : [
         "tussa.com",
         "tussa.no"
      ],
      "isineu" : "false",
      "latitude" : "60.472024",
      "location" : "60.472024,8.468946",
      "longitude" : "8.468946",
      "netname" : "NO-TUSSA-xDSL",
      "organization" : "TUSSA IKT AS",
      "subnet" : "195.181.144.0/20"
   },
   "host" : [
      "node55"
   ],
   "hostname" : [
      "node55.zone158.ib195-181.cust.tussa.com"
   ],
   "ip" : "195.181.158.55",
   "ipv6" : "false",
   "latitude" : "62.3706",
   "location" : "62.3706,6.0342",
   "longitude" : "6.0342",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Tussa Ikt As",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5060,
   "protocol" : "sip",
   "reverse" : [
      "node55.zone158.ib195-181.cust.tussa.com"
   ],
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "subdomains" : [
      "cust.tussa.com",
      "ib195-181.cust.tussa.com",
      "zone158.ib195-181.cust.tussa.com"
   ],
   "subnet" : "195.181.128.0/19",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

Returning 10 result(s) out of 337,978 in 0.221 second(s)

87.138.98.41:5060 (tcp/sip) - last seen on 2024-11-01 at 02:21:56 UTC

50.93.88.247:5060 (tcp/sip) - last seen on 2024-11-01 at 02:21:55 UTC

139.59.146.148:5060 (tcp/sip) - last seen on 2024-11-01 at 02:21:55 UTC

18.135.24.8:5060 (tcp/sip) - last seen on 2024-11-01 at 02:21:55 UTC

50.93.56.202:5060 (tcp/sip) - last seen on 2024-11-01 at 02:21:55 UTC

54.79.193.140:5060 (tcp/sip) - last seen on 2024-11-01 at 02:21:52 UTC

172.86.251.11:5060 (tcp/sip) - last seen on 2024-11-01 at 02:21:52 UTC

178.13.24.11:5060 (tcp/sip) - last seen on 2024-11-01 at 02:21:52 UTC

80.89.211.183:5060 (tcp/sip) - last seen on 2024-11-01 at 02:21:52 UTC

195.181.158.55:5060 (tcp/sip) - last seen on 2024-11-01 at 02:21:52 UTC