JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 170.155.2.13

170.155.2.13 was found in our database!

This IP was reported 81 times. Confidence of Abuse is 100%: ?

100%

ISP	Gobernacion de la Provincia de Buenos Aires
Usage Type	Commercial
ASN	AS27967
Hostname(s)	host-170-155-2-13.gba.gov.ar
Domain Name	gba.gob.ar
Country	🇦🇷 Argentina
City	La Plata, Buenos Aires

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 170.155.2.13

Whois 170.155.2.13

IP Abuse Reports for 170.155.2.13:

This IP address has been reported a total of 81 times from 54 distinct sources. 170.155.2.13 was first reported on June 6th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 Gem	2026-06-13 05:59:38 (3 days ago)	Unauthorized web scan.	Web App Attack
🇳🇱 oisecnet	2026-06-09 21:02:10 (1 week ago)	Automated report: Unauthorized vulnerability scanning detected on 2026-06-09. 1 requests from this I ... show more Automated report: Unauthorized vulnerability scanning detected on 2026-06-09. 1 requests from this IP. show less	Brute-Force Web App Attack SSH
🇺🇸 RAP	2026-06-09 14:14:42 (1 week ago)	2026-06-09 14:14:42 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇮🇩 hermawan	2026-06-09 13:18:50 (1 week ago)	06/09/2026-20:18:50.455982 [Drop] [] [1:912799:5] Suricata ET SCAN Possible / [] [Classificati ... show more 06/09/2026-20:18:50.455982 [Drop] [] [1:912799:5] Suricata ET SCAN Possible / [] [Classification: Attempted Administrator Privilege Gain] [Priority: 3] {TCP} 170.155.2.13:41648 -> 103.166.156.58:80 ... show less	Email Spam Hacking
🇦🇺 Telemetry2U.com	2026-06-09 11:37:46 (1 week ago)	Unauthorized connection attempt to port 8080	Hacking
🇳🇵 radheykrishna.com.np	2026-06-09 11:20:27 (1 week ago)	Jun 9 17:05:26 kernel: [4493845.816766] [UFW BLOCK] IN=ens160 OUT= SRC=170.155.2.13 LEN=44 TOS=0x00 ... show more Jun 9 17:05:26 kernel: [4493845.816766] [UFW BLOCK] IN=ens160 OUT= SRC=170.155.2.13 LEN=44 TOS=0x00 PREC=0x00 TTL=37 ID=33274 PROTO=TCP SPT=31062 DPT=8080 WINDOW=51357 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-09 09:31:35 (1 week ago)	Honeypot hit: Empty payload (likely service probe); 52869 [2] TCP	Port Scan
🇫🇮 habs	2026-06-09 05:42:50 (1 week ago)	170.155.2.13 - - [09/Jun/2026:08:42:49 +0300] "POST /cgi-bin/ViewLog.asp HTTP/1.1" 301 162 "-" "r00t ... show more 170.155.2.13 - - [09/Jun/2026:08:42:49 +0300] "POST /cgi-bin/ViewLog.asp HTTP/1.1" 301 162 "-" "r00ts3c-owned-you" ... show less	Web App Attack
🇫🇷 Version Net	2026-06-09 03:56:42 (1 week ago)	IPS Detection: TrueOnline.ZyXEL.P660HN.V1.Unauthenticated.Command.Injection	Hacking
🇺🇸 RAP	2026-06-09 01:28:46 (1 week ago)	2026-06-09 01:28:46 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇺🇸 Cyber Crusader	2026-06-09 01:03:23 (1 week ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇬🇧 andypiper	2026-06-09 01:01:11 (1 week ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇱🇹 NotACaptcha	2026-06-09 00:28:53 (1 week ago)	webserver:80 [09/Jun/2026] "&remoteSubmit=Save" 400 392 webserver:80 [09/Jun/2026] "POST /cgi-bin/ ... show more webserver:80 [09/Jun/2026] "&remoteSubmit=Save" 400 392 webserver:80 [09/Jun/2026] "POST /cgi-bin/ViewLog.asp HTTP/1.1" 403 400 "-" "r00ts3c-owned-you" show less	Web App Attack
🇳🇴 Bots.go.to.hell	2026-06-09 00:14:59 (1 week ago)	This IP was detected by CrowdSec triggering custom/ip-honeypot	Web App Attack Bad Web Bot
🇩🇪 dispaisyenterprises	2026-06-08 23:52:51 (1 week ago)	Honeypot [fra-de-honeypot]: HTTP/1.0 request on 8081 POST /HNAP1/ POST Data: <?xml version="1.0" en ... show more Honeypot [fra-de-honeypot]: HTTP/1.0 request on 8081 POST /HNAP1/ POST Data: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope>; 8081 [2] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot

Showing 1 to 15 of 81 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 168.144.187.247

🇦🇺 168.138.31.63

🇨🇳 121.227.152.171

🇹🇭 118.27.152.100

🇺🇸 66.132.186.165

🇩🇪 8.209.127.86

🇰🇷 220.118.173.234

🇧🇪 198.235.24.232

🇺🇸 184.105.247.227

🇩🇪 165.227.159.46

🇮🇳 152.59.33.210

🇮🇳 123.253.162.254

🇺🇸 67.43.243.158

🇺🇸 52.167.144.161

🇨🇴 190.67.106.221

🇳🇱 185.224.128.16

🇧🇩 182.48.80.240

🇮🇳 159.65.153.146

🇨🇳 123.128.33.43

🇨🇦 104.255.152.19