JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.213.160.28

103.213.160.28 was found in our database!

This IP was reported 53 times. Confidence of Abuse is 43%: ?

43%

ISP	Beijing WangJu Interworking Information Technology Co. LTD
Usage Type	Fixed Line ISP
ASN	AS63647
Domain Name	wjhtedu.com
Country	🇨🇳 China
City	Beijing, Beijing

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.213.160.28

Whois 103.213.160.28

IP Abuse Reports for 103.213.160.28:

This IP address has been reported a total of 53 times from 27 distinct sources. 103.213.160.28 was first reported on September 5th 2025, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 sthoyer.de	2026-06-20 07:29:34 (8 hours ago)	Jun 20 09:29:33 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f ... show more Jun 20 09:29:33 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=103.213.160.28 DST=173.212.223.67 LEN=52 TOS=0x00 PREC=0x00 TTL=103 ID=21769 DF PROTO=TCP SPT=6577 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 RAP	2026-06-19 02:33:38 (1 day ago)	2026-06-19 02:33:38 UTC Unauthorized activity to TCP port 445. SMB	Port Scan
Anonymous	2026-06-18 17:09:53 (1 day ago)	Unauthorized access (tcp/445/smb)	Port Scan
🇫🇷 TheHoneyPotter	2026-06-13 08:37:30 (1 week ago)	Honeypot [fc-honeypot]: SMB traffic on port 445 Reported by: https://github.com/sefinek/T-Pot-To-Abu ... show more Honeypot [fc-honeypot]: SMB traffic on port 445 Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking
🇦🇹 urnilxfgbez	2026-06-12 22:45:00 (1 week ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
Anonymous	2026-06-09 07:28:02 (1 week ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-25 00:15:20 (3 weeks ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-05-21 00:30:10 (4 weeks ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇬🇧 PeravixGroup	2026-04-27 23:19:31 (1 month ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇨🇭 cybsecaoccol	2026-04-22 14:14:32 (1 month ago)	unauthorized connection or malicious port scan attempted on tcp port 445 - sch	Port Scan Hacking
🇫🇷 geeek	2026-04-16 08:47:11 (2 months ago)	Port scanning: 445 TCP Blocked	Port Scan
🇹🇷 rtbh.com.tr	2026-04-10 08:12:23 (2 months ago)	list.rtbh.com.tr report: tcp/445	Brute-Force
🇹🇷 rtbh.com.tr	2026-04-07 20:12:22 (2 months ago)	list.rtbh.com.tr report: tcp/445	Brute-Force
🇺🇸 drewf.ink	2026-03-19 11:02:02 (3 months ago)	[11:02] Triggered SMB honeypot on port 445. Type: NetBIOS + SMB1. Dialect(s): LANMAN1.0, LM1.2X002, ... show more [11:02] Triggered SMB honeypot on port 445. Type: NetBIOS + SMB1. Dialect(s): LANMAN1.0, LM1.2X002, NT LANMAN 1.0, NT LM 0.12 show less	Hacking Exploited Host
🇫🇷 sthoyer.de	2026-03-18 09:13:02 (3 months ago)	Mar 18 10:13:01 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f ... show more Mar 18 10:13:01 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=103.213.160.28 DST=173.212.223.67 LEN=52 TOS=0x04 PREC=0x00 TTL=101 ID=11928 DF PROTO=TCP SPT=51425 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 ... show less	Port Scan

Showing 1 to 15 of 53 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 194.88.98.113

🇳🇱 85.11.167.7

🇺🇸 43.153.64.216

🇺🇸 34.11.33.223

🇺🇸 162.216.150.128

🇺🇸 162.216.149.246

🇧🇷 138.185.145.78

🇺🇸 47.251.82.209

🇦🇺 46.203.218.101

🇬🇧 35.203.211.173

🇺🇸 34.139.50.229

🇳🇱 160.119.76.58

🇴🇲 145.14.128.40

🇨🇳 123.56.67.74

🇨🇳 113.249.113.193

🇸🇪 90.230.168.26

🇺🇸 54.70.53.60

🇲🇽 158.23.88.242

🇲🇾 121.122.119.170

🇮🇳 111.235.68.106