JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.213.160.20

103.213.160.20 was found in our database!

This IP was reported 101 times. Confidence of Abuse is 42%: ?

42%

ISP	Beijing WangJu Interworking Information Technology Co. LTD
Usage Type	Fixed Line ISP
ASN	AS63647
Domain Name	wjhtedu.com
Country	🇨🇳 China
City	Beijing, Beijing

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.213.160.20

Whois 103.213.160.20

IP Abuse Reports for 103.213.160.20:

This IP address has been reported a total of 101 times from 37 distinct sources. 103.213.160.20 was first reported on July 31st 2025, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 nfsec.pl	2026-06-16 22:30:17 (5 days ago)	Detected: TCP scan on port: 445 with flags: SYN	Port Scan
Anonymous	2026-06-10 16:49:53 (1 week ago)	2026-06-10 16:49:53 warning[1229180]: host unknown[103.213.160.20]: unauthorized smb acces ... show more 2026-06-10 16:49:53 warning[1229180]: host unknown[103.213.160.20]: unauthorized smb access attempted: tcp/445 show less	Port Scan Brute-Force
🇬🇧 PeravixGroup	2026-06-09 16:37:05 (1 week ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 HoneyPot-FrPri	2026-06-08 05:47:52 (2 weeks ago)	1780897672 - 06/08/2026 07:47:52 Host: 103.213.160.20/103.213.160.20 Port: 139 TCP Blocked ...	Port Scan
🇦🇹 urnilxfgbez	2026-06-07 22:45:00 (2 weeks ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇱🇹 NotACaptcha	2026-06-03 06:23:04 (2 weeks ago)	Unauthorised access (Jun 3 09:23) SRC=103.213.160.20 LEN=52 TTL=98 ID=10385 DF TCP DPT=445 WINDOW=8 ... show more Unauthorised access (Jun 3 09:23) SRC=103.213.160.20 LEN=52 TTL=98 ID=10385 DF TCP DPT=445 WINDOW=8192 SYN show less	Port Scan
🇬🇧 PeravixGroup	2026-06-03 03:45:30 (2 weeks ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 Cyber Crusader	2026-05-31 20:49:40 (3 weeks ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇬🇧 PeravixGroup	2026-05-31 10:05:55 (3 weeks ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-30 08:15:29 (3 weeks ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-24 13:40:15 (4 weeks ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-22 01:45:36 (1 month ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇫🇷 sthoyer.de	2026-05-21 00:35:52 (1 month ago)	May 21 02:35:50 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f ... show more May 21 02:35:50 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=103.213.160.20 DST=173.212.223.67 LEN=52 TOS=0x04 PREC=0x00 TTL=103 ID=15818 DF PROTO=TCP SPT=50770 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇫🇷 geeek	2026-05-18 07:28:44 (1 month ago)	Port scanning: 445 TCP Blocked	Port Scan
🇦🇹 urnilxfgbez	2026-05-15 22:45:00 (1 month ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan

Showing 1 to 15 of 101 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.223.235.2

🇧🇷 177.121.222.20

🇨🇦 172.71.120.145

🇫🇷 85.69.240.210

🇺🇸 216.25.89.125

🇺🇸 195.184.76.130

🇧🇷 192.141.107.148

🇺🇸 184.105.139.108

🇺🇸 147.185.132.32

🇩🇪 141.76.94.18

🇳🇱 104.23.172.85

🇺🇸 102.129.234.40

🇺🇸 66.132.172.131

🇧🇷 45.164.251.106

🇨🇳 36.135.93.37

🇺🇸 207.7.91.167

🇳🇱 185.223.235.39

🇺🇸 178.156.168.23

🇩🇪 167.94.145.28

🇮🇩 103.99.214.16