156.252.21.99 - IPInfo

Basic Info

City: Johannesburg

Region: Gauteng

Country: South Africa

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 156.252.21.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48378
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;156.252.21.99.			IN	A

;; AUTHORITY SECTION:
.			412	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100801 1800 900 604800 86400

;; Query time: 88 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 09 03:27:20 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 99.21.252.156.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 99.21.252.156.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
190.39.133.193	attackspambots	Unauthorized connection attempt from IP address 190.39.133.193 on Port 445(SMB)	2020-04-01 06:26:28
111.229.110.107	attackbotsspam	SSH Invalid Login	2020-04-01 06:27:47
111.204.164.82	attackspam	Brute force SMTP login attempted. ...	2020-04-01 06:49:43
111.223.73.20	attackspam	Brute force SMTP login attempted. ...	2020-04-01 06:33:33
173.252.127.41	attackbotsspam	[Wed Apr 01 04:30:35.810336 2020] [:error] [pid 20361:tid 140247698454272] [client 173.252.127.41:42494] [client 173.252.127.41] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/image-loader-worker-v1.js"] [unique_id "XoO2e7FPZ-2JTpeNU@LYuQAAAAE"] ...	2020-04-01 06:54:38
49.232.152.3	attack	Apr 1 00:33:27 * sshd[19812]: Failed password for root from 49.232.152.3 port 36116 ssh2	2020-04-01 06:56:01
111.202.66.163	attack	Brute force SMTP login attempted. ...	2020-04-01 06:53:03
111.229.144.67	attack	Brute force SMTP login attempted. ...	2020-04-01 06:22:02
173.252.127.33	attackbotsspam	[Wed Apr 01 04:31:00.084444 2020] [:error] [pid 20361:tid 140247715239680] [client 173.252.127.33:34662] [client 173.252.127.33] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/favicon-16-16.png"] [unique_id "XoO2kbFPZ-2JTpeNU@LZEgAAAAE"] ...	2020-04-01 06:25:26
111.224.167.177	attackspambots	Brute force SMTP login attempted. ...	2020-04-01 06:32:11
185.118.50.218	attackspam	Mar 31 15:53:24 server1 sshd\[14936\]: Failed password for invalid user mariama from 185.118.50.218 port 43778 ssh2 Mar 31 15:57:54 server1 sshd\[16628\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.118.50.218 user=root Mar 31 15:57:56 server1 sshd\[16628\]: Failed password for root from 185.118.50.218 port 58498 ssh2 Mar 31 16:02:26 server1 sshd\[17957\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.118.50.218 user=root Mar 31 16:02:28 server1 sshd\[17957\]: Failed password for root from 185.118.50.218 port 45002 ssh2 ...	2020-04-01 06:34:21
116.255.174.165	attackbots	Mar 31 04:52:50 saengerschafter sshd[18474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.255.174.165 user=r.r Mar 31 04:52:52 saengerschafter sshd[18474]: Failed password for r.r from 116.255.174.165 port 45105 ssh2 Mar 31 04:52:53 saengerschafter sshd[18474]: Received disconnect from 116.255.174.165: 11: Bye Bye [preauth] Mar 31 05:02:13 saengerschafter sshd[19359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.255.174.165 user=r.r Mar 31 05:02:15 saengerschafter sshd[19359]: Failed password for r.r from 116.255.174.165 port 34714 ssh2 Mar 31 05:02:15 saengerschafter sshd[19359]: Received disconnect from 116.255.174.165: 11: Bye Bye [preauth] Mar 31 05:05:30 saengerschafter sshd[19737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.255.174.165 user=r.r Mar 31 05:05:32 saengerschafter sshd[19737]: Failed password for r.r from 116........ -------------------------------	2020-04-01 06:36:32
111.229.158.180	attackbots	Brute-force attempt banned	2020-04-01 06:18:32
94.198.110.205	attackbotsspam	Invalid user tmt from 94.198.110.205 port 42984	2020-04-01 06:16:32
78.217.177.232	attackspambots	SASL PLAIN auth failed: ruser=...	2020-04-01 06:21:06

Recently Reported IPs

108.51.210.65	156.199.89.162	84.208.237.148	211.95.85.73
59.95.23.137	45.173.99.190	94.122.243.40	95.235.142.71
82.44.97.134	143.255.53.176	87.170.164.144	90.75.144.86
32.57.174.251	121.106.211.74	213.193.11.166	66.123.95.118
109.129.78.127	142.219.156.161	203.49.224.94	158.145.220.211