JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.104.81.3

5.104.81.3 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 100%: ?

100%

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS141995
Hostname(s)	vmi3382939.contaboserver.net
Domain Name	contabo.com
Country	🇯🇵 Japan
City	Ebara, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.104.81.3

Whois 5.104.81.3

IP Abuse Reports for 5.104.81.3:

This IP address has been reported a total of 31 times from 29 distinct sources. 5.104.81.3 was first reported on June 19th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Duggy_Tuxy🧱	2026-06-19 20:29:37 (2 days ago)	[HP02-SRV02-FR] Blocked by SysWarden Firewall (SIP/VoIP Attack)	Fraud VoIP Brute-Force Port Scan
🇩🇪 NxtGenIT	2026-06-19 19:51:30 (2 days ago)	Sentrypeer Honeypot hit, SIP Method: OPTIONS, User Agent: friendly-scanner	FTP Brute-Force
🇩🇪 iNetWorker	2026-06-19 18:41:05 (2 days ago)	firewall-block, port(s): 5060/udp	Port Scan
🇩🇪 Admins@FBN	2026-06-19 18:29:19 (2 days ago)	FW-PortScan: Traffic Blocked srcport=5192 dstport=5060	Port Scan
🇬🇧 OptimusGO	2026-06-19 17:59:26 (2 days ago)	Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Time ... show more Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Timestamp: 2026-06-19 18:59:26 UTC Log evidence: 06/19/2026-18:59:25.911745 [] [1:2008578:4] ET SCAN Sipvicious Scan [] [Classification: Attempted Information Leak] [Priority: 2] {UDP} 5.104.81.3:5172 -> 185.127.18.66:5060 06/19/2026-18:59:25.911745 [] [1:2011716:3] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [] [Classification: Attempted Information Leak] [Priority: 2] {UDP} 5.104.81.3:5172 -> 185.127.18.66:5060 show less	Port Scan Brute-Force
🇨🇭 SOC [GOLINE SA]	2026-06-19 17:59:03 (2 days ago)	IDS Alert: ET SCAN Sipvicious User-Agent Detected (friendly-scanner) === ATTACK === Signature: ET SC ... show more IDS Alert: ET SCAN Sipvicious User-Agent Detected (friendly-scanner) === ATTACK === Signature: ET SCAN Sipvicious User-Agent Detected (friendly-scanner) \| SID: 2011716 \| Severity: 2 \| Category: Attempted Information Leak === SOURCE === IP: 5.104.81.3 (IPv4) \| Port: 5225 \| Country: Japan \| ISP: TT-20230331 \| rDNS: vmi3382939.contaboserver.net === TARGET === Host: wireguard.goline.ch \| IP: 185.54.80.7 \| Port: 5060 \| Protocol: UDP \| App: failed === RESPONSE === Time: 2026-06-19 19:59:02 \| Action: Blocked show less	Port Scan
🇮🇪 RoboSOC	2026-06-19 17:51:27 (2 days ago)	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: vmi3382939.contaboserver.net.	Port Scan
🇳🇵 radheykrishna.com.np	2026-06-19 17:51:11 (2 days ago)	Jun 19 23:36:11 kernel: [5381314.670187] [UFW BLOCK] IN=ens160 OUT= SRC=5.104.81.3 LEN=435 TOS=0x00 ... show more Jun 19 23:36:11 kernel: [5381314.670187] [UFW BLOCK] IN=ens160 OUT= SRC=5.104.81.3 LEN=435 TOS=0x00 PREC=0x00 TTL=57 ID=58219 DF PROTO=UDP SPT=5149 DPT=5060 LEN=415 ... show less	Port Scan
🇫🇷 Petre 21_ip	2026-06-19 17:24:11 (2 days ago)	2026-06-19T19:24:10.877570+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c ... show more 2026-06-19T19:24:10.877570+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c0:69:11:b3:85:db:08:00 SRC=5.104.81.3 DST=155.133.26.57 LEN=430 TOS=0x00 PREC=0x00 TTL=54 ID=2083 DF PROTO=UDP SPT=5117 DPT=5060 LEN=410 ... show less	Port Scan
🇨🇦 polycoda	2026-06-19 17:05:20 (2 days ago)	📡 Port scan	Hacking Web App Attack
🇩🇪 iNetWorker	2026-06-19 16:33:47 (2 days ago)	trying to access non-authorized port	Port Scan
Anonymous	2026-06-19 15:25:56 (2 days ago)	Port Scanner	Port Scan
🇮🇩 Diskominfo Lumajang	2026-06-19 14:55:03 (2 days ago)	Security Event Detected by SOC Diskominfo Lumajang: event=alert, hits=6	Brute-Force
🇨🇭 Elysium Security	2026-06-19 14:53:24 (2 days ago)	Mass port scanning on a whole network	Port Scan
🇬🇧 Nov	2026-06-19 14:32:37 (2 days ago)	Unauthorized access attempt (udp/5060)	Port Scan

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 202.180.29.77

🇺🇸 195.184.76.59

🇭🇳 181.115.62.191

🇮🇩 139.255.254.163

🇫🇷 91.231.89.240

🇫🇷 91.231.89.84

🇫🇷 91.231.89.81

🇳🇱 89.248.168.36

🇲🇾 47.250.92.46

🇺🇸 31.220.50.227

🇺🇸 20.169.48.140

🇰🇷 221.167.21.148

🇺🇸 216.218.206.68

🇺🇸 195.184.76.167

🇺🇸 195.184.76.58

🇱🇧 178.135.14.198

🇳🇱 176.65.149.212

🇩🇪 167.94.146.64

🇷🇺 154.83.196.237

🇧🇷 138.255.110.125