196.29.33.74 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Zimbabwe

Internet Service Provider: Utande Internet Services (PVT) Ltd

Hostname: unknown

Organization: UTANDE

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized connection attempt from IP address 196.29.33.74 on Port 445(SMB)	2019-10-16 12:19:18
attack	445/tcp 445/tcp 445/tcp [2019-08-20/09-02]3pkt	2019-09-02 11:40:58
attackspam	Honeypot attack, port: 445, PTR: www.equity.co.zw.	2019-08-07 01:49:39

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 196.29.33.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26249
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;196.29.33.74.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040600 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 06 15:39:10 +08 2019
;; MSG SIZE  rcvd: 116

Host info

74.33.29.196.in-addr.arpa has no PTR record

Nslookup info:

;; Truncated, retrying in TCP mode.
Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
74.33.29.196.in-addr.arpa	name = group7.natfood.co.zw.
74.33.29.196.in-addr.arpa	name = marketing.natfood.co.zw.
74.33.29.196.in-addr.arpa	name = ntop.natfood.co.zw.
74.33.29.196.in-addr.arpa	name = utande.natfood.co.zw.
74.33.29.196.in-addr.arpa	name = obback.natfood.co.zw.
74.33.29.196.in-addr.arpa	name = mail.gain.co.zw.
74.33.29.196.in-addr.arpa	name = gtm.natfood.co.zw.
74.33.29.196.in-addr.arpa	name = intranet.natfood.co.zw.
74.33.29.196.in-addr.arpa	name = gainzimvoucher.natfood.co.zw.
74.33.29.196.in-addr.arpa	name = cacti.natfood.co.zw.
74.33.29.196.in-addr.arpa	name = flow7.natfood.co.zw.
74.33.29.196.in-addr.arpa	name = natfoodsfw.natfood.co.zw.
74.33.29.196.in-addr.arpa	name = nflbiserver.natfood.co.zw.
74.33.29.196.in-addr.arpa	name = mail.natfood.co.zw.
74.33.29.196.in-addr.arpa	name = sarg-live.natfood.co.zw.
74.33.29.196.in-addr.arpa	name = crm.natfood.co.zw.
74.33.29.196.in-addr.arpa	name = natfood.co.zw.
74.33.29.196.in-addr.arpa	name = www.equity.co.zw.
74.33.29.196.in-addr.arpa	name = sarg.natfood.co.zw.
74.33.29.196.in-addr.arpa	name = nationalfoods-ce.utande.co.zw.
74.33.29.196.in-addr.arpa	name = oblive.natfood.co.zw.
74.33.29.196.in-addr.arpa	name = analytics.natfood.co.zw.
74.33.29.196.in-addr.arpa	name = webmail.natfood.co.zw.
74.33.29.196.in-addr.arpa	name = obtest.natfood.co.zw.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
178.128.117.55	attackspambots	Dec 6 05:50:50 mail sshd[18170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.117.55 Dec 6 05:50:52 mail sshd[18170]: Failed password for invalid user admin from 178.128.117.55 port 56950 ssh2 Dec 6 05:57:34 mail sshd[20419]: Failed password for root from 178.128.117.55 port 38620 ssh2	2019-12-06 13:12:09
122.55.90.45	attackbots	fail2ban	2019-12-06 13:25:12
93.97.217.81	attackspambots	Dec 5 21:31:12 ws19vmsma01 sshd[148968]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.97.217.81 Dec 5 21:31:14 ws19vmsma01 sshd[148968]: Failed password for invalid user ubuntu from 93.97.217.81 port 53323 ssh2 ...	2019-12-06 10:10:36
103.55.91.51	attackspam	SSH Brute-Force attacks	2019-12-06 13:07:01
122.224.129.237	attack	Malicious brute force vulnerability hacking attacks	2019-12-06 13:03:45
79.111.15.23	attackbotsspam	Unauthorised access (Dec 6) SRC=79.111.15.23 LEN=52 TTL=118 ID=2296 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-06 13:15:45
119.194.14.3	attackbots	Dec 5 18:59:51 web1 sshd\[25434\]: Invalid user pi from 119.194.14.3 Dec 5 18:59:51 web1 sshd\[25434\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.194.14.3 Dec 5 18:59:51 web1 sshd\[25436\]: Invalid user pi from 119.194.14.3 Dec 5 18:59:51 web1 sshd\[25436\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.194.14.3 Dec 5 18:59:53 web1 sshd\[25434\]: Failed password for invalid user pi from 119.194.14.3 port 43754 ssh2 Dec 5 18:59:53 web1 sshd\[25436\]: Failed password for invalid user pi from 119.194.14.3 port 43760 ssh2	2019-12-06 13:06:07
190.135.166.156	attackbots	Automatic report - Port Scan Attack	2019-12-06 10:12:56
80.211.205.227	attackspam	Lines containing failures of 80.211.205.227 Dec 4 06:36:33 shared05 sshd[370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.205.227 user=r.r Dec 4 06:36:35 shared05 sshd[370]: Failed password for r.r from 80.211.205.227 port 57186 ssh2 Dec 4 06:36:35 shared05 sshd[370]: Received disconnect from 80.211.205.227 port 57186:11: Bye Bye [preauth] Dec 4 06:36:35 shared05 sshd[370]: Disconnected from authenticating user r.r 80.211.205.227 port 57186 [preauth] Dec 4 06:55:53 shared05 sshd[7540]: Invalid user admin from 80.211.205.227 port 40748 Dec 4 06:55:53 shared05 sshd[7540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.205.227 Dec 4 06:55:55 shared05 sshd[7540]: Failed password for invalid user admin from 80.211.205.227 port 40748 ssh2 Dec 4 06:55:55 shared05 sshd[7540]: Received disconnect from 80.211.205.227 port 40748:11: Bye Bye [preauth] Dec 4 06:55:55 shared05........ ------------------------------	2019-12-06 10:11:19
60.163.129.227	attack	Dec 5 18:51:21 php1 sshd\[31379\]: Invalid user loki from 60.163.129.227 Dec 5 18:51:21 php1 sshd\[31379\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.163.129.227 Dec 5 18:51:23 php1 sshd\[31379\]: Failed password for invalid user loki from 60.163.129.227 port 33574 ssh2 Dec 5 18:59:31 php1 sshd\[32450\]: Invalid user vozdecky from 60.163.129.227 Dec 5 18:59:31 php1 sshd\[32450\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.163.129.227	2019-12-06 13:25:42
202.131.152.2	attackspam	Dec 6 05:11:52 zeus sshd[3179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.131.152.2 Dec 6 05:11:55 zeus sshd[3179]: Failed password for invalid user exotic from 202.131.152.2 port 57157 ssh2 Dec 6 05:18:06 zeus sshd[3367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.131.152.2 Dec 6 05:18:09 zeus sshd[3367]: Failed password for invalid user platano from 202.131.152.2 port 33355 ssh2	2019-12-06 13:24:10
208.109.53.185	attackbots	Automatic report - XMLRPC Attack	2019-12-06 13:23:18
187.16.43.242	attack	postfix	2019-12-06 13:26:05
165.227.80.35	attack	Automatic report - XMLRPC Attack	2019-12-06 13:14:17
92.207.180.50	attackspambots	Dec 5 18:54:19 wbs sshd\[16474\]: Invalid user jachmann from 92.207.180.50 Dec 5 18:54:19 wbs sshd\[16474\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.207.180.50 Dec 5 18:54:21 wbs sshd\[16474\]: Failed password for invalid user jachmann from 92.207.180.50 port 48375 ssh2 Dec 5 18:59:51 wbs sshd\[16958\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.207.180.50 user=root Dec 5 18:59:53 wbs sshd\[16958\]: Failed password for root from 92.207.180.50 port 53227 ssh2	2019-12-06 13:06:46

Recently Reported IPs

58.187.54.192	94.176.76.56	68.183.124.53	201.243.88.206
190.109.68.222	178.128.166.154	122.180.174.26	192.99.69.234
123.108.35.186	73.247.46.95	14.162.147.202	125.27.127.97
113.168.202.222	113.167.255.50	94.191.103.139	59.36.173.179
54.37.233.163	45.236.213.74	103.86.186.138	125.209.72.164