Identicon of IP address 131.255.49.173

131.255.49.173

IP Risk Score: 85 / 100

This IP is considered potentially malicious and poses a serious security threat. Activity from this IP is consistent with active and malicious behavior. This assessment is backed by strong and consistent detection signals. The IP represents a severe and confirmed security risk. Immediate blocking or mitigation is strongly recommended.

Protect your system
What is this IP address?
IP Address: 131.255.49.173
Country: Brazil flag Brazil (BR)
Region Name: São Paulo (SP)
City: Araras
ISP: Neolink Telecomunicações LTDA
Organization: Neolink Telecomunicações LTDA
Threat level: 85 / 100
Conf. level: 100 / 100
Properties
ASN: AS262777
AS Name: Neolink Telecomunicações LTDA
Timezone: America/Sao_Paulo
Reverse DNS: 173.49.255.131.customer.neolink.com.br
Status: Critical

Observed Client Profile
  • OS: Windows (100%)
  • Device Type: Desktop (100%)
  • Browser Family: Chrome (100%)
  • Rendering Engine: Gecko (100%)
Behavioral Indicators

The IP exhibits suspicious behavior with a botnet detection signal and lacks JavaScript support, indicating potential automated activity. The user-agent appears to be spoofed, as it does not align with the observed behavior.

The supernet (131.255.0.0/16), which this IP belongs to, exhibits suspicious behavior characterized by repetitive, low-interaction visits with a mix of identical user agents across multiple IPs. The presence of DNS mismatches and low-value traffic suggests potential automation or scraping activity, raising concerns about coordinated stealth operations.

🕸️
Botnet Node
JavaScript Support
⚠️ No
User-Agent Samples
  • Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
Integrate IPIntel into your system

IP Location

Region: São Paulo, Brazil

City: Araras

Local time: 2026-06-25 17:39:27


Subnet
131.255.49.0/24
Supernet
131.255.0.0/16