JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 128.121.248.40

128.121.248.40 was found in our database!

This IP was reported 48 times. Confidence of Abuse is 100%: ?

100%

ISP	NTT America, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS203020
Domain Name	ntt.com
Country	🇺🇸 United States of America
City	Floris, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 128.121.248.40

Whois 128.121.248.40

IP Abuse Reports for 128.121.248.40:

This IP address has been reported a total of 48 times from 42 distinct sources. 128.121.248.40 was first reported on June 7th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 geot	2026-06-09 10:32:54 (1 day ago)	HEAD /application.properties HTTP/1.1 HEAD /configuration.php HTTP/1.1	Web App Attack
🇳🇱 JCB	2026-06-09 07:51:00 (1 day ago)	128.121.248.40 - - [08/Jun/2026:15:13:31 +0300] "HEAD /config/database.php HTTP/1.1" 404 - "-" "Mozi ... show more 128.121.248.40 - - [08/Jun/2026:15:13:31 +0300] "HEAD /config/database.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; WhiteWebSecurity/1.0; +https://whitewebsecurity.com; [email protected])" ... show less	Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-09 00:08:24 (1 day ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-08 22:00:19 (1 day ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-07. show less	Web App Attack SSH Hacking
🇩🇪 FeG Deutschland	2026-06-08 15:04:55 (2 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇵🇱 dzpk	2026-06-08 14:28:37 (2 days ago)	[08/Jun/2026:16:28:02 +0200] 178092888270.796468 128.121.248.40 39925 HOST 80 [08/Jun/2026:16:28:21 ... show more [08/Jun/2026:16:28:02 +0200] 178092888270.796468 128.121.248.40 39925 HOST 80 [08/Jun/2026:16:28:21 +0200] 178092890173.291126 128.121.248.40 36387 HOST 80 [08/Jun/2026:16:28:37 +0200] 178092891727.214525 128.121.248.40 37047 HOST 443 show less	Web App Attack
🇪🇸 el-brujo	2026-06-08 12:35:39 (2 days ago)	Cloudflare WAF: Request Path: /.ssh/id_ed25519 Request Query: Host: foro.elhacker.net userAgent: Mo ... show more Cloudflare WAF: Request Path: /.ssh/id_ed25519 Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (compatible; WhiteWebSecurity/1.0; +https://whitewebsecurity.com; [email protected]) Action: block Source: firewallManaged ASN Description: HostRoyale Technologies Pvt Ltd Country: US Method: HEAD Timestamp: 2026-06-08T12:35:39Z ruleId: c2a2f414a67c409f90cccb6c5bba0215. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇫🇷 Donovan	2026-06-08 12:18:42 (2 days ago)	Web scan/exploit blocked by fail2ban on commitshift.fr - jail: npm-scan - 1 attempt(s)	Web App Attack
🇫🇷 bazter.pro	2026-06-08 12:06:53 (2 days ago)	Auto-Ban [2026-06-08 15:06:41]: CRITICAL: .env attack; DC: NTT America, Inc. [Paths: 4] \| Details: E ... show more Auto-Ban [2026-06-08 15:06:41]: CRITICAL: .env attack; DC: NTT America, Inc. [Paths: 4] \| Details: Exploit trap paths: /.env.old \| Sensitive files/paths: /.configuration.php.swp, /.env.old \| 404 errors (4): /kubernetes.yml, /.env.old, /.configuration.php.swp, /serviceAccountKey.json show less	Web App Attack Hacking
🇫🇷 masterguru	2026-06-08 11:46:36 (2 days ago)	Restricted File Access Attempt. Matched phrase "credentials.json" at REQUEST_FILENAME. (930130-193)	Hacking Web App Attack
🇫🇮 as211431.net	2026-06-08 10:55:42 (2 days ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (HEAD meth ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (HEAD method) Endpoint: /.env.production UA: Mozilla/5.0 (compatible; WhiteWebSecurity/1.0; +https://whitewebsecurity.com; [email protected]) This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇫🇷 vtchost.com	2026-06-08 10:49:50 (2 days ago)	vtchost.com:80 128.121.248.40 - - [08/Jun/2026:12:49:49 +0200] "HEAD /.env.old HTTP/1.1" 418 150 "-" ... show more vtchost.com:80 128.121.248.40 - - [08/Jun/2026:12:49:49 +0200] "HEAD /.env.old HTTP/1.1" 418 150 "-" "Mozilla/5.0 (compatible; WhiteWebSecurity/1.0; +https://whitewebsecurity.com; [email protected])" ... show less	Web App Attack
🇫🇷 omartin	2026-06-08 10:49:09 (2 days ago)	Critical Vulnerability Scan detected	Hacking Brute-Force Exploited Host Web App Attack
🇫🇷 sthoyer.de	2026-06-08 10:34:38 (2 days ago)	128.121.248.40 - - [08/Jun/2026:12:27:20 +0200] "HEAD /connection.php.swp HTTP/1.1" 302 - "-" "Mozil ... show more 128.121.248.40 - - [08/Jun/2026:12:27:20 +0200] "HEAD /connection.php.swp HTTP/1.1" 302 - "-" "Mozilla/5.0 (compatible; WhiteWebSecurity/1.0; +https://whitewebsecurity.com; [email protected])" 128.121.248.40 - - [08/Jun/2026:12:32:22 +0200] "HEAD /terraform.tfvars.swp HTTP/1.1" 302 - "-" "Mozilla/5.0 (compatible; WhiteWebSecurity/1.0; +https://whitewebsecurity.com; [email protected])" 128.121.248.40 - - [08/Jun/2026:12:34:36 +0200] "HEAD /META-INF/persistence.xml HTTP/1.1" 302 - "-" "Mozilla/5.0 (compatible; WhiteWebSecurity/1.0; +https://whitewebsecurity.com; [email protected])" ... show less	Web App Attack
🇫🇷 IRISIO	2026-06-08 10:32:46 (2 days ago)	scans/SQL injection/spam posts : 7 queries	Web App Attack SQL Injection

Showing 1 to 15 of 48 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 186.96.145.241

🇳🇱 178.16.53.72

🇺🇸 91.230.168.92

🇫🇷 51.159.164.141

🇱🇹 45.227.254.170

🇮🇷 5.237.100.116

🇺🇸 209.74.93.184

🇸🇬 178.128.28.24

🇪🇬 102.189.34.169

🇨🇳 101.96.234.229

🇳🇱 45.156.87.216

🇳🇱 45.148.10.157

🇺🇸 40.124.175.26

🇺🇸 20.106.32.128

🇩🇪 213.209.159.238

🇨🇳 210.14.142.89

🇺🇸 184.104.198.209

🇫🇷 163.172.149.158

🇨🇳 113.237.184.251

🇰🇷 110.46.206.67