Cyber Defense Search Engine

IP
82.12.165.155

Network
82.8.0.0/13

Domain(s)
virginm.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
cpc105314-live28-2-0-cust410.17-2.cable.virginm.net

ASN
AS5089

Organization
Virgin Media

Protocol
sip

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
f428b1fc85b6714ec066a35da14f14bc

SIP/2.0 200 OK\x0d
Supported: 100rel,timer\x0d
From: <sip:nm@nm>;tag=root\x0d
To: <sip:nm2@nm2>;tag=81F8324631353641D9180900\x0d
Call-ID: 50000\x0d
CSeq: 42 OPTIONS\x0d
Server: NEC SL2100/2.1\x0d
Via: SIP/2.0/UDP nm;branch=foo;rport=35355;received=<srcip>\x0d
Content-Length: 0\x0d
\x0d

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T04:41:04.000Z",
   "app" : {
      "length" : 257
   },
   "asn" : "AS5089",
   "city" : "Liverpool",
   "country" : "GB",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "SIP/2.0 200 OK\\x0d\nSupported: 100rel,timer\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nTo: <sip:nm2@nm2>;tag=81F8324631353641D9180900\\x0d\nCall-ID: 50000\\x0d\nCSeq: 42 OPTIONS\\x0d\nServer: NEC SL2100/2.1\\x0d\nVia: SIP/2.0/UDP nm;branch=foo;rport=35355;received=<srcip>\\x0d\nContent-Length: 0\\x0d\n\\x0d\n",
   "datamd5" : "f428b1fc85b6714ec066a35da14f14bc",
   "datammh3" : 737912452,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "virginm.net"
   ],
   "geolocus" : {
      "asn" : "AS5089",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "GB",
      "countryname" : "United Kingdom",
      "domain" : [
         "virginm.net",
         "virginmedia.com"
      ],
      "isineu" : "false",
      "latitude" : "55.378051",
      "location" : "55.378051,-3.435973",
      "longitude" : "-3.435973",
      "netname" : "UK-NTLI-20030131",
      "organization" : "Virgin Media Limited",
      "subnet" : "82.0.0.0/11"
   },
   "host" : [
      "cpc105314-live28-2-0-cust410"
   ],
   "hostname" : [
      "cpc105314-live28-2-0-cust410.17-2.cable.virginm.net"
   ],
   "ip" : "82.12.165.155",
   "ipv6" : "false",
   "latitude" : "53.4516",
   "location" : "53.4516,-2.9147",
   "longitude" : "-2.9147",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Virgin Media",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5060,
   "protocol" : "sip",
   "reverse" : [
      "cpc105314-live28-2-0-cust410.17-2.cable.virginm.net"
   ],
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "subdomains" : [
      "17-2.cable.virginm.net",
      "cable.virginm.net"
   ],
   "subnet" : "82.8.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
71.251.216.156

Network
71.251.192.0/19

Domain(s)
verizon.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
static-71-251-216-156.nwrknj.fios.verizon.net

ASN
AS701

Organization
UUNET

Protocol
sip

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
01242f4a1ffb90082fd124a532f27970

SIP/2.0 401 Unauthorized\x0d
Via: SIP/2.0/UDP nm;branch=foo;received=<srcip>;rport=37965\x0d
From: <sip:nm@nm>;tag=root\x0d
To: <sip:nm2@nm2>;tag=as3a508136\x0d
Call-ID: 50000\x0d
CSeq: 42 OPTIONS\x0d
Server: Asterisk PBX\x0d
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE\x0d
Supported: replaces, timer\x0d
WWW-Authenticate: Digest algorithm=MD5, realm="asterisk", nonce="117707f0"\x0d
Content-Length: 0\x0d
\x0d

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T04:41:04.000Z",
   "app" : {
      "length" : 422
   },
   "asn" : "AS701",
   "city" : "Ridgewood",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "SIP/2.0 401 Unauthorized\\x0d\nVia: SIP/2.0/UDP nm;branch=foo;received=<srcip>;rport=37965\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nTo: <sip:nm2@nm2>;tag=as3a508136\\x0d\nCall-ID: 50000\\x0d\nCSeq: 42 OPTIONS\\x0d\nServer: Asterisk PBX\\x0d\nAllow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE\\x0d\nSupported: replaces, timer\\x0d\nWWW-Authenticate: Digest algorithm=MD5, realm=\"asterisk\", nonce=\"117707f0\"\\x0d\nContent-Length: 0\\x0d\n\\x0d\n",
   "datamd5" : "01242f4a1ffb90082fd124a532f27970",
   "datammh3" : 1869895487,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "verizon.net"
   ],
   "geolocus" : {
      "asn" : "AS701",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "verizon-gni.net",
         "verizon.com",
         "verizon.net",
         "verizonbusiness.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "VIS-BLOCK",
      "organization" : "Verizon Business",
      "subnet" : "71.251.192.0/19"
   },
   "host" : [
      "static-71-251-216-156"
   ],
   "hostname" : [
      "static-71-251-216-156.nwrknj.fios.verizon.net"
   ],
   "ip" : "71.251.216.156",
   "ipv6" : "false",
   "latitude" : "40.9864",
   "location" : "40.9864,-74.1112",
   "longitude" : "-74.1112",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "UUNET",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5060,
   "protocol" : "sip",
   "reverse" : [
      "static-71-251-216-156.nwrknj.fios.verizon.net"
   ],
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "subdomains" : [
      "fios.verizon.net",
      "nwrknj.fios.verizon.net"
   ],
   "subnet" : "71.251.192.0/19",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
12.175.69.106

Network
12.175.64.0/19

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

ASN
AS7018

Organization
ATT-INTERNET4

Protocol
sip

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
6f5243aaf858f612777d721120fe092d

SIP/2.0 200 OK\x0d
Via: SIP/2.0/UDP nm;branch=foo;rport=34199;received=10.100.100.1\x0d
To: <sip:nm2@nm2>;tag=10dca109\x0d
From: <sip:nm@nm>;tag=root\x0d
Call-ID: 50000\x0d
CSeq: 42 OPTIONS\x0d
Accept: application/sdp\x0d
Accept-Language: en\x0d
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\x0d
Supported: replaces, timer\x0d
Allow-Events: message-summary, dialog, call-info, line-seize\x0d
Content-Length: 0\x0d
\x0d

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T04:41:03.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "10.100.100.1"
         ]
      },
      "length" : 434
   },
   "asn" : "AS7018",
   "city" : "Valley Center",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "SIP/2.0 200 OK\\x0d\nVia: SIP/2.0/UDP nm;branch=foo;rport=34199;received=10.100.100.1\\x0d\nTo: <sip:nm2@nm2>;tag=10dca109\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nCall-ID: 50000\\x0d\nCSeq: 42 OPTIONS\\x0d\nAccept: application/sdp\\x0d\nAccept-Language: en\\x0d\nAllow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\\x0d\nSupported: replaces, timer\\x0d\nAllow-Events: message-summary, dialog, call-info, line-seize\\x0d\nContent-Length: 0\\x0d\n\\x0d\n",
   "datamd5" : "6f5243aaf858f612777d721120fe092d",
   "datammh3" : 1862809160,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS7018",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "att.com",
         "att.net",
         "onwardcom.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "ACC-KUNI94-64-0",
      "organization" : "ACC-KUNI SDP LLC",
      "subnet" : "12.175.64.0/19"
   },
   "ip" : "12.175.69.106",
   "ipv6" : "false",
   "latitude" : "33.2184",
   "location" : "33.2184,-117.0342",
   "longitude" : "-117.0342",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ATT-INTERNET4",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5060,
   "protocol" : "sip",
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "subnet" : "12.175.64.0/19",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
209.195.4.234

Network
209.195.0.0/18

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

ASN
AS6597

Organization
COLOBLOX

Protocol
sip

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
5be8a6c2d99e07d44938806786a7c49b

SIP/2.0 200 OK\x0d
Via: SIP/2.0/UDP nm;branch=foo;rport=39407;received=<srcip>\x0d
To: <sip:nm2@nm2>;tag=c4da191e\x0d
From: <sip:nm@nm>;tag=root\x0d
Call-ID: 50000\x0d
CSeq: 42 OPTIONS\x0d
Accept: application/sdp\x0d
Accept-Language: en\x0d
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\x0d
Supported: replaces, timer\x0d
Allow-Events: message-summary, dialog, call-info, line-seize\x0d
Content-Length: 0\x0d
\x0d

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T04:41:03.000Z",
   "app" : {
      "length" : 429
   },
   "asn" : "AS6597",
   "city" : "Marietta",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "SIP/2.0 200 OK\\x0d\nVia: SIP/2.0/UDP nm;branch=foo;rport=39407;received=<srcip>\\x0d\nTo: <sip:nm2@nm2>;tag=c4da191e\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nCall-ID: 50000\\x0d\nCSeq: 42 OPTIONS\\x0d\nAccept: application/sdp\\x0d\nAccept-Language: en\\x0d\nAllow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\\x0d\nSupported: replaces, timer\\x0d\nAllow-Events: message-summary, dialog, call-info, line-seize\\x0d\nContent-Length: 0\\x0d\n\\x0d\n",
   "datamd5" : "5be8a6c2d99e07d44938806786a7c49b",
   "datammh3" : 128463475,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS6597",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "coloblox.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "COLOBLOX-209-195",
      "organization" : "Coloblox Data Centers Inc",
      "subnet" : "209.195.0.0/18"
   },
   "ip" : "209.195.4.234",
   "ipv6" : "false",
   "latitude" : "33.9721",
   "location" : "33.9721,-84.4406",
   "longitude" : "-84.4406",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "COLOBLOX",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5060,
   "protocol" : "sip",
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "subnet" : "209.195.0.0/18",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
128.136.134.12

Network
128.136.128.0/21

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

ASN
AS13649

Organization
ASN-FLEXENTIAL

Protocol
sip

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
601bd7b02b74c63211b77601d6e43b80

SIP/2.0 401 Unauthorized\x0d
Via: SIP/2.0/UDP nm;rport=34925;received=<srcip>;branch=foo\x0d
Call-ID: 50000\x0d
From: <sip:nm@nm>;tag=root\x0d
To: <sip:nm2@nm2>;tag=foo\x0d
CSeq: 42 OPTIONS\x0d
WWW-Authenticate: Digest realm="asterisk",nonce="1730436053/ed03ac2773d10f0db554494a5b778ac4",opaque="4c005e1029619261",algorithm=MD5,qop="auth"\x0d
Server: FPBX-16.0.40.11(18.20.2)\x0d
Content-Length:  0\x0d
\x0d

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T04:41:03.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "16.0.40.11"
         ]
      },
      "length" : 378
   },
   "asn" : "AS13649",
   "city" : "Louisville",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "SIP/2.0 401 Unauthorized\\x0d\nVia: SIP/2.0/UDP nm;rport=34925;received=<srcip>;branch=foo\\x0d\nCall-ID: 50000\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nTo: <sip:nm2@nm2>;tag=foo\\x0d\nCSeq: 42 OPTIONS\\x0d\nWWW-Authenticate: Digest realm=\"asterisk\",nonce=\"1730436053/ed03ac2773d10f0db554494a5b778ac4\",opaque=\"4c005e1029619261\",algorithm=MD5,qop=\"auth\"\\x0d\nServer: FPBX-16.0.40.11(18.20.2)\\x0d\nContent-Length:  0\\x0d\n\\x0d\n",
   "datamd5" : "601bd7b02b74c63211b77601d6e43b80",
   "datammh3" : 2074034584,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS13649",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "flexential.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "PEAK10-NETBLK-19",
      "organization" : "Flexential Corp.",
      "subnet" : "128.136.128.0/19"
   },
   "ip" : "128.136.134.12",
   "ipv6" : "false",
   "latitude" : "38.2507",
   "location" : "38.2507,-85.7472",
   "longitude" : "-85.7472",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ASN-FLEXENTIAL",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5060,
   "protocol" : "sip",
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "subnet" : "128.136.128.0/21",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
51.116.124.209

Network
51.116.0.0/16

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

ASN
AS8075

Organization
MICROSOFT-CORP-MSN-AS-BLOCK

Protocol
sip

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
346bfe07c51892149d3bfde7c05cf62b

SIP/2.0 200 OK\x0d
Via: SIP/2.0/UDP nm;branch=foo;rport=36007;received=<srcip>\x0d
To: <sip:nm2@nm2>;tag=5af23457\x0d
From: <sip:nm@nm>;tag=root\x0d
Call-ID: 50000\x0d
CSeq: 42 OPTIONS\x0d
Accept: application/sdp\x0d
Accept-Language: en\x0d
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\x0d
Supported: replaces, timer\x0d
Allow-Events: message-summary, dialog, call-info, line-seize\x0d
Content-Length: 0\x0d
\x0d

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T04:41:03.000Z",
   "app" : {
      "length" : 429
   },
   "asn" : "AS8075",
   "city" : "Frankfurt am Main",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "SIP/2.0 200 OK\\x0d\nVia: SIP/2.0/UDP nm;branch=foo;rport=36007;received=<srcip>\\x0d\nTo: <sip:nm2@nm2>;tag=5af23457\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nCall-ID: 50000\\x0d\nCSeq: 42 OPTIONS\\x0d\nAccept: application/sdp\\x0d\nAccept-Language: en\\x0d\nAllow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\\x0d\nSupported: replaces, timer\\x0d\nAllow-Events: message-summary, dialog, call-info, line-seize\\x0d\nContent-Length: 0\\x0d\n\\x0d\n",
   "datamd5" : "346bfe07c51892149d3bfde7c05cf62b",
   "datammh3" : -1341292265,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS8075",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "GB",
      "countryname" : "United Kingdom",
      "domain" : [
         "microsoft.com"
      ],
      "isineu" : "false",
      "latitude" : "55.378051",
      "location" : "55.378051,-3.435973",
      "longitude" : "-3.435973",
      "netname" : "MICROSOFT",
      "organization" : "Microsoft Limited",
      "subnet" : "51.116.0.0/16"
   },
   "ip" : "51.116.124.209",
   "ipv6" : "false",
   "latitude" : "50.1187",
   "location" : "50.1187,8.6842",
   "longitude" : "8.6842",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MICROSOFT-CORP-MSN-AS-BLOCK",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5060,
   "protocol" : "sip",
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "subnet" : "51.116.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
83.150.63.98

Network
83.150.0.0/18

Domain(s)
plan-net.swiss

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
srvt37.iway.plan-net.swiss

ASN
AS8758

Organization
Iway AG

Protocol
sip

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
4ba7c17cd8718598e96a57cdc50eac08

SIP/2.0 200 OK\x0d
Via: SIP/2.0/UDP nm;branch=foo;received=<srcip>;rport=50077\x0d
From: <sip:nm@nm>;tag=root\x0d
To: <sip:nm2@nm2>;tag=as7b338836\x0d
Call-ID: 50000\x0d
CSeq: 42 OPTIONS\x0d
Server: STARFACE PBX\x0d
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE\x0d
Supported: replaces, timer\x0d
Contact: <sip:<ip>:5060;transport=TCP>\x0d
Accept: application/sdp\x0d
Content-Length: 0\x0d
\x0d

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T04:41:02.000Z",
   "app" : {
      "length" : 401
   },
   "asn" : "AS8758",
   "city" : "Bern",
   "country" : "CH",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "SIP/2.0 200 OK\\x0d\nVia: SIP/2.0/UDP nm;branch=foo;received=<srcip>;rport=50077\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nTo: <sip:nm2@nm2>;tag=as7b338836\\x0d\nCall-ID: 50000\\x0d\nCSeq: 42 OPTIONS\\x0d\nServer: STARFACE PBX\\x0d\nAllow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE\\x0d\nSupported: replaces, timer\\x0d\nContact: <sip:<ip>:5060;transport=TCP>\\x0d\nAccept: application/sdp\\x0d\nContent-Length: 0\\x0d\n\\x0d\n",
   "datamd5" : "4ba7c17cd8718598e96a57cdc50eac08",
   "datammh3" : 748156068,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "plan-net.swiss"
   ],
   "host" : [
      "srvt37"
   ],
   "hostname" : [
      "srvt37.iway.plan-net.swiss"
   ],
   "ip" : "83.150.63.98",
   "ipv6" : "false",
   "latitude" : "46.9698",
   "location" : "46.9698,7.4584",
   "longitude" : "7.4584",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Iway AG",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5060,
   "protocol" : "sip",
   "reverse" : [
      "srvt37.iway.plan-net.swiss"
   ],
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "subdomains" : [
      "iway.plan-net.swiss"
   ],
   "subnet" : "83.150.0.0/18",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "swiss"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
170.39.121.241

Network
170.39.120.0/22

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

ASN
AS40510

Organization
SFWL

Protocol
sip

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
68821162716f5c3464dcfac3f92c9769

SIP/2.0 400 Bad Request\x0d
Via: SIP/2.0/UDP nm;branch=foo;rport\x0d
From: <sip:nm@nm>;tag=root\x0d
To: <sip:nm2@nm2>;tag=1855658073\x0d
Call-ID: 50000\x0d
CSeq: 42 OPTIONS\x0d
Content-Type: text/plain\x0d
Content-Length: 51\x0d
\x0d
Invalid header(s): top-most Via transport parameter

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T04:41:02.000Z",
   "app" : {
      "length" : 258
   },
   "asn" : "AS40510",
   "city" : "Cordele",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "SIP/2.0 400 Bad Request\\x0d\nVia: SIP/2.0/UDP nm;branch=foo;rport\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nTo: <sip:nm2@nm2>;tag=1855658073\\x0d\nCall-ID: 50000\\x0d\nCSeq: 42 OPTIONS\\x0d\nContent-Type: text/plain\\x0d\nContent-Length: 51\\x0d\n\\x0d\nInvalid header(s): top-most Via transport parameter",
   "datamd5" : "68821162716f5c3464dcfac3f92c9769",
   "datammh3" : 1558203300,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS40510",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "enfopoint.com",
         "southernfiberworx.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "SOUTHERNFIBERWORX-BLOCK-1",
      "organization" : "Southern Fiber Worx",
      "subnet" : "170.39.120.0/22"
   },
   "ip" : "170.39.121.241",
   "ipv6" : "false",
   "latitude" : "31.9587",
   "location" : "31.9587,-83.7810",
   "longitude" : "-83.7810",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "SFWL",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5060,
   "protocol" : "sip",
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "subnet" : "170.39.120.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
149.202.45.205

Alternative IP(s)
2001:41d0:401:3200:0:0:0:2468

Network
149.202.0.0/16

Domain(s)
ovh.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
vps-a918fe5a.vps.ovh.net

ASN
AS16276

Organization
OVH SAS

Protocol
sip

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
bdba071a0a4054852e2bdec8093b18a5

SIP/2.0 200 OK\x0d
Via: SIP/2.0/UDP nm;branch=foo;rport=46411;received=<srcip>\x0d
To: <sip:nm2@nm2>;tag=3bbc5a23\x0d
From: <sip:nm@nm>;tag=root\x0d
Call-ID: 50000\x0d
CSeq: 42 OPTIONS\x0d
Accept: application/sdp\x0d
Accept-Language: en\x0d
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\x0d
Supported: replaces, timer\x0d
Allow-Events: message-summary, dialog, call-info, line-seize\x0d
Content-Length: 0\x0d
\x0d

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T04:41:02.000Z",
   "alternativeip" : [
      "2001:41d0:401:3200:0:0:0:2468"
   ],
   "app" : {
      "length" : 429
   },
   "asn" : "AS16276",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "SIP/2.0 200 OK\\x0d\nVia: SIP/2.0/UDP nm;branch=foo;rport=46411;received=<srcip>\\x0d\nTo: <sip:nm2@nm2>;tag=3bbc5a23\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nCall-ID: 50000\\x0d\nCSeq: 42 OPTIONS\\x0d\nAccept: application/sdp\\x0d\nAccept-Language: en\\x0d\nAllow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\\x0d\nSupported: replaces, timer\\x0d\nAllow-Events: message-summary, dialog, call-info, line-seize\\x0d\nContent-Length: 0\\x0d\n\\x0d\n",
   "datamd5" : "bdba071a0a4054852e2bdec8093b18a5",
   "datammh3" : -51726466,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "ovh.net"
   ],
   "geolocus" : {
      "asn" : "AS16276",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "FR",
      "countryname" : "France",
      "domain" : [
         "ip-149-202-0.eu",
         "ovh.net"
      ],
      "isineu" : "true",
      "latitude" : "46.227638",
      "location" : "46.227638,2.213749",
      "longitude" : "2.213749",
      "netname" : "FR-OVH-19990426",
      "organization" : "OVH SAS",
      "subnet" : "149.202.0.0/16"
   },
   "host" : [
      "vps-a918fe5a"
   ],
   "hostname" : [
      "vps-a918fe5a.vps.ovh.net"
   ],
   "ip" : "149.202.45.205",
   "ipv6" : "false",
   "latitude" : "48.8582",
   "location" : "48.8582,2.3387",
   "longitude" : "2.3387",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "OVH SAS",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5060,
   "protocol" : "sip",
   "reverse" : [
      "vps-a918fe5a.vps.ovh.net"
   ],
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "subdomains" : [
      "vps.ovh.net"
   ],
   "subnet" : "149.202.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
185.141.110.232

Network
185.141.110.0/24

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

ASN
AS42910

Organization
PremierDC Veri Merkezi Anonim Sirketi

Protocol
sip

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
29aee2aebd9240c42097acb4416675e1

SIP/2.0 200 OK\x0d
Via: SIP/2.0/UDP nm;branch=foo;rport=47759;received=<srcip>\x0d
To: <sip:nm2@nm2>;tag=c50d660d\x0d
From: <sip:nm@nm>;tag=root\x0d
Call-ID: 50000\x0d
CSeq: 42 OPTIONS\x0d
Accept: application/sdp\x0d
Accept-Language: en\x0d
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\x0d
Supported: replaces, timer\x0d
Allow-Events: message-summary, dialog, call-info, line-seize\x0d
Content-Length: 0\x0d
\x0d

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T04:41:02.000Z",
   "app" : {
      "length" : 429
   },
   "asn" : "AS42910",
   "country" : "TR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "SIP/2.0 200 OK\\x0d\nVia: SIP/2.0/UDP nm;branch=foo;rport=47759;received=<srcip>\\x0d\nTo: <sip:nm2@nm2>;tag=c50d660d\\x0d\nFrom: <sip:nm@nm>;tag=root\\x0d\nCall-ID: 50000\\x0d\nCSeq: 42 OPTIONS\\x0d\nAccept: application/sdp\\x0d\nAccept-Language: en\\x0d\nAllow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE\\x0d\nSupported: replaces, timer\\x0d\nAllow-Events: message-summary, dialog, call-info, line-seize\\x0d\nContent-Length: 0\\x0d\n\\x0d\n",
   "datamd5" : "29aee2aebd9240c42097acb4416675e1",
   "datammh3" : 1845883864,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS42910",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "TR",
      "countryname" : "Turkey",
      "domain" : [
         "avencom.com.tr"
      ],
      "isineu" : "false",
      "latitude" : "38.963745",
      "location" : "38.963745,35.243322",
      "longitude" : "35.243322",
      "netname" : "Avencom110",
      "organization" : "Avencom110",
      "subnet" : "185.141.110.0/24"
   },
   "ip" : "185.141.110.232",
   "ipv6" : "false",
   "latitude" : "41.0214",
   "location" : "41.0214,28.9948",
   "longitude" : "28.9948",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "PremierDC Veri Merkezi Anonim Sirketi",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5060,
   "protocol" : "sip",
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "subnet" : "185.141.110.0/24",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

Returning 10 result(s) out of 339,206 in 0.119 second(s)

82.12.165.155:5060 (tcp/sip) - last seen on 2024-11-01 at 04:41:04 UTC

71.251.216.156:5060 (tcp/sip) - last seen on 2024-11-01 at 04:41:04 UTC

12.175.69.106:5060 (tcp/sip) - last seen on 2024-11-01 at 04:41:03 UTC

209.195.4.234:5060 (tcp/sip) - last seen on 2024-11-01 at 04:41:03 UTC

128.136.134.12:5060 (tcp/sip) - last seen on 2024-11-01 at 04:41:03 UTC

51.116.124.209:5060 (tcp/sip) - last seen on 2024-11-01 at 04:41:03 UTC

83.150.63.98:5060 (tcp/sip) - last seen on 2024-11-01 at 04:41:02 UTC

170.39.121.241:5060 (tcp/sip) - last seen on 2024-11-01 at 04:41:02 UTC

149.202.45.205:5060 (tcp/sip) - last seen on 2024-11-01 at 04:41:02 UTC

185.141.110.232:5060 (tcp/sip) - last seen on 2024-11-01 at 04:41:02 UTC