80.134.28.127 - IPInfo

Basic Info

City: Bergneustadt

Region: North Rhine-Westphalia

Country: Germany

Internet Service Provider: Deutsche Telekom AG

Hostname: unknown

Organization: Deutsche Telekom AG

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	\[2019-08-07 21:41:45\] NOTICE\[32542\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '80.134.28.127:5060' \(callid: 5C45BBA28991ADD7@80.134.28.127\) - Failed to authenticate \[2019-08-07 21:41:45\] SECURITY\[1715\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2019-08-07T21:41:45.517+0200",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="sip219222",SessionID="5C45BBA28991ADD7@80.134.28.127",LocalAddress="IPV4/UDP/188.40.118.248/5060",RemoteAddress="IPV4/UDP/80.134.28.127/5060",Challenge="1565205105/a0ae79e729103e7fa4110ef39512777c",Response="cc28d240e22551882b3da0981bb98f9d",ExpectedResponse="" \[2019-08-07 21:41:45\] NOTICE\[26038\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '80.134.28.127:5060' \(callid: 5C45BBA28991ADD7@80.134.28.127\) - Failed to authenticate \[2019-08-07 21:41:45\] SECURITY\[1715\] res_security_log.c: SecurityE	2019-08-08 04:23:36

Type

Details

Datetime

attackspambots

\[2019-08-07 21:41:45\] NOTICE\[32542\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '80.134.28.127:5060' \(callid: 5C45BBA28991ADD7@80.134.28.127\) - Failed to authenticate
\[2019-08-07 21:41:45\] SECURITY\[1715\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2019-08-07T21:41:45.517+0200",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="sip219222",SessionID="5C45BBA28991ADD7@80.134.28.127",LocalAddress="IPV4/UDP/188.40.118.248/5060",RemoteAddress="IPV4/UDP/80.134.28.127/5060",Challenge="1565205105/a0ae79e729103e7fa4110ef39512777c",Response="cc28d240e22551882b3da0981bb98f9d",ExpectedResponse=""
\[2019-08-07 21:41:45\] NOTICE\[26038\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '80.134.28.127:5060' \(callid: 5C45BBA28991ADD7@80.134.28.127\) - Failed to authenticate
\[2019-08-07 21:41:45\] SECURITY\[1715\] res_security_log.c: SecurityE

2019-08-08 04:23:36

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.134.28.127
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18445
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.134.28.127.			IN	A

;; AUTHORITY SECTION:
.			2673	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080701 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 08 04:23:31 CST 2019
;; MSG SIZE  rcvd: 117

Host info

127.28.134.80.in-addr.arpa domain name pointer p50861C7F.dip0.t-ipconnect.de.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
127.28.134.80.in-addr.arpa	name = p50861C7F.dip0.t-ipconnect.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.224.105.65	attackspam	IMAP brute force ...	2019-07-06 08:38:38
183.157.188.52	attackspam	Unauthorized access to SSH at 5/Jul/2019:23:34:10 +0000.	2019-07-06 08:50:15
77.40.33.252	attack	2019-07-06 03:57:56 fixed_login authenticator failed for \(localhost.localdomain\) \[77.40.33.252\]: 535 Incorrect authentication data \(set_id=service@thepuddles.net.nz\) 2019-07-06 04:59:25 fixed_login authenticator failed for \(localhost.localdomain\) \[77.40.33.252\]: 535 Incorrect authentication data \(set_id=sales@thepuddles.net.nz\) 2019-07-06 05:53:52 fixed_login authenticator failed for \(localhost.localdomain\) \[77.40.33.252\]: 535 Incorrect authentication data \(set_id=reply@thepuddles.net.nz\) ...	2019-07-06 08:55:29
199.33.126.90	attack	Unauthorised access (Jul 5) SRC=199.33.126.90 LEN=40 TOS=0x08 PREC=0x20 TTL=234 ID=59582 TCP DPT=445 WINDOW=1024 SYN	2019-07-06 08:57:00
14.63.167.192	attackspam	Jul 5 19:53:27 bouncer sshd\[17002\]: Invalid user travis from 14.63.167.192 port 56652 Jul 5 19:53:27 bouncer sshd\[17002\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.63.167.192 Jul 5 19:53:29 bouncer sshd\[17002\]: Failed password for invalid user travis from 14.63.167.192 port 56652 ssh2 ...	2019-07-06 09:05:04
177.10.193.106	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 18:17:49,046 INFO [amun_request_handler] PortScan Detected on Port: 445 (177.10.193.106)	2019-07-06 08:44:42
108.2.205.10	attackbots	(imapd) Failed IMAP login from 108.2.205.10 (US/United States/static-108-2-205-10.phlapa.east.verizon.net): 1 in the last 3600 secs	2019-07-06 09:11:45
103.118.76.54	attackspam	Mail sent to address hacked/leaked from atari.st	2019-07-06 09:12:24
178.71.3.25	attack	Jul 5 13:54:03 localhost kernel: [13593436.601111] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=178.71.3.25 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=22455 DF PROTO=TCP SPT=60180 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 Jul 5 13:54:03 localhost kernel: [13593436.601145] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=178.71.3.25 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=22455 DF PROTO=TCP SPT=60180 DPT=445 SEQ=793054932 ACK=0 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020404EC0103030201010402) Jul 5 13:54:06 localhost kernel: [13593439.602224] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=178.71.3.25 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=22798 DF PROTO=TCP SPT=60180 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 Jul 5 13:54:06 localhost kernel: [13593439.602252] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=178.71.3.25 DST=	2019-07-06 08:52:07
77.247.110.212	attackspam	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-07-06 08:48:47
104.206.128.54	attack	05.07.2019 23:33:36 Connection to port 3389 blocked by firewall	2019-07-06 09:03:38
167.86.79.60	attackbots	Jul 5 23:15:58 giegler sshd[22632]: Invalid user testuser from 167.86.79.60 port 43664	2019-07-06 08:54:25
185.53.88.63	attackspambots	Port Scan detected from 185.53.88.63 (NL/Netherlands/-). 4 hits in the last 70 seconds	2019-07-06 08:36:12
180.182.47.132	attackbotsspam	Invalid user server from 180.182.47.132 port 58909	2019-07-06 08:57:15
41.33.11.77	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 16:30:20,871 INFO [shellcode_manager] (41.33.11.77) no match, writing hexdump (fe56093c12fad4c5a27da7427aabc011 :2412281) - MS17010 (EternalBlue)	2019-07-06 09:03:19

Recently Reported IPs

183.12.129.228	77.40.61.94	176.150.187.110	220.181.108.179
113.107.105.58	39.111.31.4	145.251.22.28	143.217.55.153
65.188.185.1	140.176.150.231	85.254.39.235	198.251.82.92
179.242.199.232	205.145.155.44	113.1.26.175	219.247.135.178
59.18.198.89	58.175.112.165	209.141.52.141	141.24.194.4