JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 131.221.65.245

131.221.65.245 was found in our database!

This IP was reported 52 times. Confidence of Abuse is 54%: ?

54%

ISP	LEVEL SEVEN SRL
Usage Type	Fixed Line ISP
ASN	AS265798
Domain Name	arlab.com.ar
Country	🇦🇷 Argentina
City	San Miguel de Tucuman, Tucuman

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 131.221.65.245

Whois 131.221.65.245

IP Abuse Reports for 131.221.65.245:

This IP address has been reported a total of 52 times from 39 distinct sources. 131.221.65.245 was first reported on January 24th 2025, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 kosada.com	2026-06-29 14:26:15 (16 hours ago)	Web bot: denial-of-service flood	DDoS Attack Bad Web Bot
🇦🇺 MAGIC	2026-06-27 05:02:04 (3 days ago)	VM5 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇬🇧 anycast_ac	2026-06-24 08:15:31 (5 days ago)	[WebProtection] L4/L7 attack source · L4-443-CC-DROP · 5 hits/window	Port Scan
🇮🇩 hermawan	2026-06-22 20:40:02 (1 week ago)	[Tue Jun 23 03:40:01.725862 2026] [security2:error] [pid 1038747:tid 140214243665600] [client 131.22 ... show more [Tue Jun 23 03:40:01.725862 2026] [security2:error] [pid 1038747:tid 140214243665600] [client 131.221.65.245:49356] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php/e-buletin-untuk-kota-dan-kabupaten-di-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/e-buletin-untuk-kota-dan-kabupaten-di-provinsi-jawa-timur"] [unique_id "ajmdoWE83rgQrKjQ3KLz0gAAQgQ"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[1038752] [Ttt0pd0MGHk] [ajmdoWE83rgQrKjQ3KLz0gAAQgQ] keep_alive=[1] [2026-06-23 03:40:01.725870] [R:ajmdoWE83rgQrKjQ3KLz0gAAQgQ] UA:'Mozilla/5.0 (Linux; Android 11; SM-S9 ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-08 15:41:13 (3 weeks ago)	[Mon Jun 08 22:41:09.120826 2026] [security2:error] [pid 1200396:tid 140661798893248] [client 131.22 ... show more [Mon Jun 08 22:41:09.120826 2026] [security2:error] [pid 1200396:tid 140661798893248] [client 131.221.65.245:42936] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.baidu.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.baidu.go.id found within REQUEST_HEADERS:Referer: http://www.baidu.go.id/ request_line = GET /index.php/profil/alamat-kantor/list-all-categories/555556811-mengakses-halaman-web-https-karangploso-jatim-bmkg-go-id-secara-offline-dan-menginstallnya-di-hp-android-atau-di-komputer HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/alamat-kantor/list-all-categories/555556811-mengakses-halaman-web-https-karangploso-jatim-bmkg-go-id-secara-offline-dan-menginstallnya-di-hp-android-atau-di-komputer"] [unique_id "aibilUcfUgJ6fAiTGFYtZgADQhc"], referer http://www.baidu.go.i ... show less	Email Spam Hacking
Anonymous	2026-06-07 19:58:44 (3 weeks ago)	6x Postfix SASL LOGIN authentication failed	Brute-Force
🇮🇩 hermawan	2026-06-07 14:57:43 (3 weeks ago)	[Sun Jun 07 21:57:38.762074 2026] [security2:error] [pid 104682:tid 140410121868992] [client 131.221 ... show more [Sun Jun 07 21:57:38.762074 2026] [security2:error] [pid 104682:tid 140410121868992] [client 131.221.65.245:55406] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bing.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bing.go.id found within REQUEST_HEADERS:Referer: https://www.bing.go.id/ request_line = GET /index.php/informasi-iklim/infografis-iklim/infografis-klimat-story/555561495-infografis-waspada-cuaca-ekstrem-di-masa-pancaroba HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/infografis-iklim/infografis-klimat-story/555561495-infografis-waspada-cuaca-ekstrem-di-masa-pancaroba"] [unique_id "aiWG4nlBBS5kk2LKDZyMJgAA0gI"], referer https://www.bing.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[104685] [x0ZUHasvD9w] [aiWG4nlBBS5kk2LKDZyMJgAA0gI] ... show less	Email Spam Hacking
🇨🇿 lp	2026-05-31 06:20:30 (4 weeks ago)	Email account brute force: 2 attempts were recorded from 131.221.65.245 2026-05-31T06:57:20+02:00 wa ... show more Email account brute force: 2 attempts were recorded from 131.221.65.245 2026-05-31T06:57:20+02:00 warning: unknown[131.221.65.245]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-05-31T06:57:21+02:00 warning: unknown[131.221.65.245]: SASL LOGIN authentication failed: authentication failure, [email protected] show less	Brute-Force
🇵🇱 bmino.pl	2026-05-31 01:45:42 (4 weeks ago)	Autoban IP(2): 131.221.65.245 - Hostname: Level Seven SRL - City: San Miguel de Tucumán - Region: Tu ... show more Autoban IP(2): 131.221.65.245 - Hostname: Level Seven SRL - City: San Miguel de Tucumán - Region: Tucuman - Country: Argentina - Location: - Organization: Level Seven SRL - failed attempts. show less	Brute-Force
🇮🇹 Inartis	2026-05-30 04:36:56 (1 month ago)	2026-05-30T06:36:54.898124mail1.inartis.it postfix/smtpd[3406577]: warning: unknown[131.221.65.245]: ... show more 2026-05-30T06:36:54.898124mail1.inartis.it postfix/smtpd[3406577]: warning: unknown[131.221.65.245]: SASL PLAIN authentication failed: authentication failure, [email protected] ... show less	Port Scan Brute-Force
🇩🇪 SMARTNET	2026-05-27 06:03:53 (1 month ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 5b730afc-5cec-4742-843f-18085cc64e5c	DDoS Attack
Anonymous	2026-05-27 01:21:20 (1 month ago)	Malicious activity detected	Hacking Web App Attack
🇫🇷 Sklurk	2026-05-26 02:12:48 (1 month ago)	Web App Attack	Web App Attack
🇩🇪 justaw	2026-05-19 01:23:57 (1 month ago)	Fail2Ban: postfix-sasl, 3 failures. SMTP AUTH brute force	Email Spam Brute-Force
Anonymous	2026-05-18 23:55:55 (1 month ago)	2026-05-19 01:55:50.502 [1298253] no host name found for IP address 131.221.65.245 2026-05-19 01:55: ... show more 2026-05-19 01:55:50.502 [1298253] no host name found for IP address 131.221.65.245 2026-05-19 01:55:50.584 [1298252] no host name found for IP address 131.221.65.245 2026-05-19 01:55:53.326 [1298253] dovecot_cram_md5 authenticator failed for (Q171B58071) [131.221.65.245]:61588 I=[217.197.86.168]:465 Ci=1298253: 535 Incorrect authentication data ... show less	Email Spam

Showing 1 to 15 of 52 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.253.251.117

🇺🇸 155.103.69.36

🇺🇦 104.28.156.60

🇺🇸 44.92.52.215

🇸🇬 212.73.148.35

🇺🇸 192.178.113.18

🇺🇸 151.240.57.48

🇬🇧 89.37.172.135

🇱🇹 81.30.98.144

🇺🇸 44.65.165.7

🇸🇬 43.153.211.167

🇮🇳 202.179.83.90

🇩🇪 194.187.176.91

🇻🇳 171.244.142.205

🇨🇦 148.113.128.158

🇬🇧 118.193.65.234

🇳🇱 91.92.40.10

🇱🇹 81.30.98.158

🇧🇷 45.7.26.123

🇺🇸 44.126.39.44