|
Help.. Where is this ip from? 209.151.166.20
Someone with that IP 209.151.166.20 apparently used my correct gmail password to try to login to my gmail..
Gmail blocked it and sent me emails/text saying someone tried to login from unknown location.. Question is, who has that IP? and what do I do.. Nobody in the world knows my email password and it's very very complicated... |
|
|
So if you would try to log in from vacation spot you would get your account locked? Some advanced feature? Just curious because I have been logging into mine from many different IPs.
|
whois says its in usa, some provider, there are contacts, abuse and so, tell them someone used their service to hack your email, maybe they can help you track him down or i dont think you have much more chances :) btw, wasnt it you, loging from mobile phone? :) have luck :)
|
No it wasnt me.. Im not even in the united States, plus I was sleeping when this happened..
Whats freaking me out is they typed in the CORRECT password.. I dont know how to solve the problem.. Even if i change my password, someone still has my gmail password.. |
Looks like Juicy D Links is looking into hooking up with male contacts in your list.
|
man, how you know they have been in? and they cannot be in, when the access is blocked! and you have the pass only at gmail, unique? if yes, then it must be santa looking for gifts inspiration ... :2 cents:
|
Quote:
Someone recently used your password to try to sign in to your Google Account - [email protected]. We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please review the details of the sign-in attempt: Tuesday, December 9, 2014 1:05:07 AM UTC IP Address: 209.151.166.20 Location: United States If you do not recognize this sign-in attempt, someone else might be trying to access your account. You should sign in to your account and reset your password immediately. |
Quote:
|
It was me.
|
Hard to believe you don't know how to drill down on an IP.
|
Quote:
if i try from another country using my same laptop it lets me in.. otherwise it will ask you for recover questions.. |
but you are the best :(
|
Quote:
Is there any further information you can get for me? |
Quote:
|
Check your systems to see if there's a keylogger malware anywhere.
|
sounds like a real who dunnit
|
Quote:
"We prevented the sign-in attempt in case this was a hijacker trying to access your account." - Google Search but looks like good for you :winkwink: |
Gmail "suspicious sign-in prevented" message - is it legit? - Web Applications Stack Exchange
Quote:
|
Where else did you use the password associated with the account?
Have you used this password for an external account associated with the email? Do you have a password list on a server or your pc/mobile device? Has your PC been compromised by something not picked up by your security software? |
Quote:
|
You've been hacked :)
|
|
do u use vps ?
-sign out the other sessions -change the alternative email and other info -for extra level of safety/ security layer add your cellphone to recover the account if anything happened make sure he is not in your account u can see who signed in. contact gmail cs fuck him! |
you sure its not an email scam and that this email has been sent from a legit gmail (google) adress
, check the senders adress twice before you clickthu any link within an email that you receive those exploiters are getting very creative lately |
Quote:
|
It's a corporate, static IP and usually when I see those related to a signup attempt it is a proxy server, and most likely fraud.
The owner of that IP address is "GalaxyVisions" in Brooklyn, a hosting company so most likely someone has a VPN set up on their server so they can hack and/or spam without revealing their real location. Previously a domain called "dvdmagnet.com" was set up on that IP but changed in Sept 2013 when it appears the domain was parked. Maybe the previous owner of that domain still has control of the server, but who knows really. Possibly someone has a squid server running there to leverage the IP's for black hat stuff or potentially its just an exploit and the owner of the box has no idea his shit is being used to hack. |
Use 2step verification, when you log from unsecure device, you get sms with pin code, confirm it and then you can get into gmail
|
2 Step Verification ftw!
I use an app on my phone called Authy that updates my auth codes every few minutes and keeps them within easy reach. |
change your pass
|
Quote:
|
barry@deathstar9:~$ dig 209.151.166.20
; <<>> DiG 9.9.5-3-Ubuntu <<>> 209.151.166.20 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62123 ;; flags: qr aa rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;209.151.166.20. IN A ;; ANSWER SECTION: 209.151.166.20. 0 IN A 209.151.166.20 ;; Query time: 1 msec ;; SERVER: 127.0.1.1#53(127.0.1.1) ;; WHEN: Tue Dec 09 17:24:05 EST 2014 ;; MSG SIZE rcvd: 48 barry@deathstar9:~$ whois 209.151.166.20 # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/whois_tou.html # # If you see inaccuracies in the results, please report at # ARIN - American Registry for Internet Numbers # # # The following results may also be obtained via: # http://whois.arin.net/rest/nets;q=20...se&ext=netref2 # NetRange: 209.151.160.0 - 209.151.175.255 CIDR: 209.151.160.0/20 NetName: GALAX-NETBLK-14 NetHandle: NET-209-151-160-0-1 Parent: NET209 (NET-209-0-0-0-0) NetType: Direct Allocation OriginAS: AS31797 Organization: Galaxyvisions Inc (GALAX-6) RegDate: 2009-04-20 Updated: 2012-02-24 Ref: http://whois.arin.net/rest/net/NET-209-151-160-0-1 OrgName: Galaxyvisions Inc OrgId: GALAX-6 Address: 882 3rd avenue 8th floor City: Brooklyn StateProv: NY PostalCode: 11232 Country: US RegDate: 2003-12-15 Updated: 2009-04-17 Ref: http://whois.arin.net/rest/org/GALAX-6 ReferralServer: rwhois://rwhois.galaxyvisions.com:4321 OrgTechHandle: GALAX1-ARIN OrgTechName: Galaxyvisions NOC OrgTechPhone: +1-201-227-2072 OrgTechEmail: [email protected] OrgTechRef: http://whois.arin.net/rest/poc/GALAX1-ARIN OrgAbuseHandle: GALAX2-ARIN OrgAbuseName: Galaxyvisions Abuse OrgAbusePhone: +1-201-227-2072 OrgAbuseEmail: [email protected] OrgAbuseRef: http://whois.arin.net/rest/poc/GALAX2-ARIN RAbuseHandle: GALAX2-ARIN RAbuseName: Galaxyvisions Abuse RAbusePhone: +1-201-227-2072 RAbuseEmail: [email protected] RAbuseRef: http://whois.arin.net/rest/poc/GALAX2-ARIN RTechHandle: GALAX1-ARIN RTechName: Galaxyvisions NOC RTechPhone: +1-201-227-2072 RTechEmail: [email protected] RTechRef: http://whois.arin.net/rest/poc/GALAX1-ARIN # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/whois_tou.html # # If you see inaccuracies in the results, please report at # ARIN - American Registry for Internet Numbers # Found a referral to rwhois.galaxyvisions.com:4321. %rwhois V-1.5:003eff:00 rwhois.galaxyvisions.com (by Network Solutions, Inc. V-1.5.9.5) network:Class-Name:network network:ID:GALAX-NETBLK-4 209.151.160.0/20 network:Auth-Area:209.151.160.0/20 network:Network-Name:barry_kunst-209.151.166.16 network:IP-Network:209.151.166.16/28 network:IP-Network-Block:209.151.166.16-209.151.166.31 network:Organization;I:barry_kunst network:Tech-Contact;I:[email protected] network:Admin-Contact;I:[email protected] network:Created:20141108 network:Updated:20141108 network:Updated-By:[email protected] network:Class-Name:network network:ID:GALAX-NETBLK-4.209.151.160.0/20 network:Auth-Area:209.151.160.0/20 network:Network-Name:GALAX-NETBLK-4 network:IP-Network:209.151.160.0/20 network:IP-Network-Block:209.151.160.0 - 209.104.175.255 network:Organization;I:Galaxyvisions Inc network:Tech-Contact;I:GALAX1-ARIN network:Admin-Contact;I:GALAX1-ARIN network:Created:20090503 network:Updated:20090503 network:Updated-By:[email protected] %ok barry@deathstar9:~$ |
| All times are GMT -7. The time now is 10:40 AM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc