131.72.13.1 - IPInfo

Basic Info

City: Monte Belo

Region: Minas Gerais

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
131.72.134.209	attack	Honeypot attack, port: 5555, PTR: 131-72-134-209.iperactive.com.ar.	2020-02-10 07:40:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 131.72.13.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36166
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;131.72.13.1.			IN	A

;; AUTHORITY SECTION:
.			463	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023020800 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 08 15:30:39 CST 2023
;; MSG SIZE  rcvd: 104

Host info

Host 1.13.72.131.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 1.13.72.131.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
115.226.129.164	attackspam	(CN/China/-) SMTP Bruteforcing attempts	2020-05-29 15:57:53
222.186.180.142	attackspambots	Unauthorized connection attempt detected from IP address 222.186.180.142 to port 22	2020-05-29 15:47:38
217.182.75.172	attack	217.182.75.172 - - [29/May/2020:06:01:44 +0200] "GET /wp-login.php HTTP/1.1" 200 5865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 217.182.75.172 - - [29/May/2020:06:01:46 +0200] "POST /wp-login.php HTTP/1.1" 200 6116 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 217.182.75.172 - - [29/May/2020:06:01:46 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-29 15:39:01
24.93.50.6	attack	TOOK OVER DNS SERVERS VIA OPEN PORTS IN MY ROUTER.	2020-05-29 15:46:57
188.217.243.160	attackspam	Unauthorized connection attempt detected from IP address 188.217.243.160 to port 23	2020-05-29 15:49:46
121.229.9.72	attack	May 29 06:54:17 minden010 sshd[9502]: Failed password for root from 121.229.9.72 port 58435 ssh2 May 29 06:56:53 minden010 sshd[11477]: Failed password for root from 121.229.9.72 port 47669 ssh2 ...	2020-05-29 16:19:50
74.82.47.43	attack	srv02 Mass scanning activity detected Target: 10001 ..	2020-05-29 16:15:57
104.236.228.46	attackspambots	Failed password for invalid user telecomadmin from 104.236.228.46 port 43608 ssh2	2020-05-29 16:01:02
164.52.24.164	attack	Unauthorized connection attempt detected from IP address 164.52.24.164 to port 22 [T]	2020-05-29 16:02:28
175.182.97.131	attackspam	Port Scan detected! ...	2020-05-29 16:10:35
112.85.42.181	attackspambots	2020-05-29T11:13:31.209884afi-git.jinr.ru sshd[17554]: Failed password for root from 112.85.42.181 port 43391 ssh2 2020-05-29T11:13:34.852766afi-git.jinr.ru sshd[17554]: Failed password for root from 112.85.42.181 port 43391 ssh2 2020-05-29T11:13:38.710685afi-git.jinr.ru sshd[17554]: Failed password for root from 112.85.42.181 port 43391 ssh2 2020-05-29T11:13:38.710853afi-git.jinr.ru sshd[17554]: error: maximum authentication attempts exceeded for root from 112.85.42.181 port 43391 ssh2 [preauth] 2020-05-29T11:13:38.710867afi-git.jinr.ru sshd[17554]: Disconnecting: Too many authentication failures [preauth] ...	2020-05-29 16:13:51
5.9.141.8	attackspambots	URL Probing: /index.php	2020-05-29 16:05:44
193.169.212.107	attack	SpamScore above: 10.0	2020-05-29 15:38:16
67.143.176.63	attackbotsspam	Brute forcing email accounts	2020-05-29 15:45:46
159.65.162.186	attack	[FriMay2905:50:18.4264532020][:error][pid28130:tid47112427022080][client159.65.162.186:33336][client159.65.162.186]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\$mozilla\^\\|mozilla/[45]\\\\\\\\.[1-9]\\|\^mozilla/4\\\\\\\\.0\$$"atREQUEST_HEADERS:User-Agent.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"426"][id"330131"][rev"3"][msg"Atomicorp.comWAFRules:MaliciousBotBlocked$FakeMozillaUserAgentStringDetected$"][severity"CRITICAL"][hostname"your-team.ch"][uri"/wp-xmlrpc.php"][unique_id"XtCGepPNXpu20QwqCaFa1QAAAIU"]\,referer:your-team.ch[FriMay2905:51:54.4685302020][:error][pid27804:tid47112511305472][client159.65.162.186:43458][client159.65.162.186]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\$mozilla\^\\|mozilla/[45]\\\\\\\\.[1-9]\\|\^mozilla/4\\\\\\\\.0\$$"atREQUEST_HEADERS:User-Agent.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"426"][id"330131"][rev"3"][msg"Atomicorp.comWAFRules:MaliciousBotBlo	2020-05-29 16:12:44

Recently Reported IPs

206.24.183.65	54.219.142.159	160.13.90.209	142.150.176.130
160.102.89.126	201.182.53.54	199.255.16.204	231.135.105.224
176.115.176.242	54.76.210.90	146.5.101.45	96.13.253.133
10.185.205.66	133.138.153.232	110.138.160.250	94.131.132.92
115.10.126.21	149.154.161.251	44.215.231.57	126.27.154.232