186.185.242.68

Basic Info

City: unknown

Region: unknown

Country: Venezuela (Bolivarian Republic of)

Internet Service Provider: Telefonica Venezolana C.A.

Hostname: unknown

Organization: unknown

Usage Type: Mobile ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	IP address logged by my Netflix account after the individual hacked into and locked me out of my account. Individual also changed my account settings to the most expensive plan, which allows multiple people (profiles) to watch, and several profiles were added. The name on my account was changed to "Juan". The address, 186.185.242.68 was the first person to use my account on 25 March 2020. I contacted Netflix to have my account restored, so I was able to see the various IP addresses used. I will report all of them as well.	2020-03-31 20:25:16

Type

Details

Datetime

attackbots

IP address logged by my Netflix account after the individual hacked into and locked me out of my account. Individual also changed my account settings to the most expensive plan, which allows multiple people (profiles) to watch, and several profiles were added. The name on my account was changed to "Juan". The address, 186.185.242.68 was the first person to use my account on 25 March 2020. I contacted Netflix to have my account restored, so I was able to see the various IP addresses used. I will report all of them as well.

2020-03-31 20:25:16

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 186.185.242.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6349
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;186.185.242.68.			IN	A

;; AUTHORITY SECTION:
.			399	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020033100 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 31 20:25:08 CST 2020
;; MSG SIZE  rcvd: 118

Host info

68.242.185.186.in-addr.arpa domain name pointer 186-185-242-68.genericrev.telcel.net.ve.

Nslookup info:

Server:		100.100.2.138
Address:	100.100.2.138#53

Non-authoritative answer:
68.242.185.186.IN-ADDR.ARPA	name = 186-185-242-68.genericrev.telcel.net.ve.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.235.16.103	attackspam	Jan 3 05:55:01 sso sshd[25826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.16.103 Jan 3 05:55:02 sso sshd[25826]: Failed password for invalid user true from 49.235.16.103 port 52920 ssh2 ...	2020-01-03 13:11:11
85.93.52.99	attack	Jan 2 23:54:55 zeus sshd[723]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.93.52.99 Jan 2 23:54:57 zeus sshd[723]: Failed password for invalid user procesor from 85.93.52.99 port 38796 ssh2 Jan 2 23:56:38 zeus sshd[783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.93.52.99 Jan 2 23:56:39 zeus sshd[783]: Failed password for invalid user msn from 85.93.52.99 port 53994 ssh2	2020-01-03 09:23:09
186.250.48.17	attackspambots	Automatic report - Banned IP Access	2020-01-03 13:07:16
117.50.1.12	attack	$f2bV_matches	2020-01-03 09:15:54
222.186.175.181	attackspambots	Jan 2 18:56:43 wbs sshd\[3382\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.181 user=root Jan 2 18:56:45 wbs sshd\[3382\]: Failed password for root from 222.186.175.181 port 23660 ssh2 Jan 2 18:57:02 wbs sshd\[3422\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.181 user=root Jan 2 18:57:05 wbs sshd\[3422\]: Failed password for root from 222.186.175.181 port 55538 ssh2 Jan 2 18:57:24 wbs sshd\[3450\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.181 user=root	2020-01-03 13:04:53
218.92.0.138	attack	Jan 3 02:13:56 firewall sshd[31954]: Failed password for root from 218.92.0.138 port 19789 ssh2 Jan 3 02:14:10 firewall sshd[31954]: error: maximum authentication attempts exceeded for root from 218.92.0.138 port 19789 ssh2 [preauth] Jan 3 02:14:10 firewall sshd[31954]: Disconnecting: Too many authentication failures [preauth] ...	2020-01-03 13:19:39
159.65.172.240	attack	Jan 3 05:52:00 sd-53420 sshd\[17631\]: User root from 159.65.172.240 not allowed because none of user's groups are listed in AllowGroups Jan 3 05:52:01 sd-53420 sshd\[17631\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.172.240 user=root Jan 3 05:52:02 sd-53420 sshd\[17631\]: Failed password for invalid user root from 159.65.172.240 port 35956 ssh2 Jan 3 05:54:50 sd-53420 sshd\[18572\]: Invalid user zabbix from 159.65.172.240 Jan 3 05:54:50 sd-53420 sshd\[18572\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.172.240 ...	2020-01-03 13:17:16
79.226.22.105	attack	Jan 3 05:37:29 server sshd[3002]: Failed password for invalid user yarosh from 79.226.22.105 port 33106 ssh2 Jan 3 05:55:16 server sshd[4423]: User postgres from 79.226.22.105 not allowed because not listed in AllowUsers Jan 3 05:55:18 server sshd[4423]: Failed password for invalid user postgres from 79.226.22.105 port 53876 ssh2	2020-01-03 13:00:37
110.137.125.35	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 03-01-2020 04:55:09.	2020-01-03 13:05:45
178.128.148.98	attackbotsspam	Jan 3 07:50:18 itv-usvr-01 sshd[11115]: Invalid user zos from 178.128.148.98 Jan 3 07:50:18 itv-usvr-01 sshd[11115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.148.98 Jan 3 07:50:18 itv-usvr-01 sshd[11115]: Invalid user zos from 178.128.148.98 Jan 3 07:50:20 itv-usvr-01 sshd[11115]: Failed password for invalid user zos from 178.128.148.98 port 46576 ssh2	2020-01-03 09:31:01
162.241.149.130	attackspam	Brute-force attempt banned	2020-01-03 13:15:00
128.199.170.33	attack	Jan 3 01:58:44 mout sshd[18078]: Invalid user usa from 128.199.170.33 port 53342	2020-01-03 09:33:20
47.29.254.235	attackbotsspam	20/1/2@23:55:01: FAIL: Alarm-Network address from=47.29.254.235 20/1/2@23:55:01: FAIL: Alarm-Network address from=47.29.254.235 ...	2020-01-03 13:09:59
222.186.180.147	attack	$f2bV_matches	2020-01-03 13:16:01
203.172.66.222	attack	Jan 2 20:05:15 ws22vmsma01 sshd[240726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.172.66.222 Jan 2 20:05:18 ws22vmsma01 sshd[240726]: Failed password for invalid user exa from 203.172.66.222 port 54778 ssh2 ...	2020-01-03 09:14:52

Recently Reported IPs

196.75.183.3	185.220.101.139	10.254.246.147	86.124.60.57
172.105.102.15	226.179.26.30	39.45.156.232	180.249.71.140
58.152.221.237	39.66.128.26	181.221.219.199	89.20.130.2
2a01:e34:ecf2:2110:2064:eeb1:5289:5d12	185.249.90.110	103.116.58.130	5.59.141.205
140.82.61.248	121.8.164.114	91.204.115.94	124.74.137.174