JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 128.241.229.52

128.241.229.52 was found in our database!

This IP was reported 33 times. Confidence of Abuse is 100%: ?

100%

ISP	NTT America, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS213802
Domain Name	ntt.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 128.241.229.52

Whois 128.241.229.52

IP Abuse Reports for 128.241.229.52:

This IP address has been reported a total of 33 times from 24 distinct sources. 128.241.229.52 was first reported on June 16th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 ByeByte API	2026-06-17 15:53:35 (1 hour ago)	byebyte.space auth: TCP packet to port 52869 (high-risk service) at 2026-06-17T15:53:35Z. Source por ... show more byebyte.space auth: TCP packet to port 52869 (high-risk service) at 2026-06-17T15:53:35Z. Source port 49883. TCP flags: SYN. Packet: 40B, TTL 51, window 7932, IP id 44408. Single packet, dropped at firewall. p0f: 13 hops. show less	Port Scan
🇫🇷 Duggy_Tuxy🧱	2026-06-17 15:35:20 (1 hour ago)	[HP02-SRV02-FR] Blocked by SysWarden Firewall (Telnet IoT Attack)	Port Scan Brute-Force IoT Targeted
🇺🇸 RAP	2026-06-17 14:11:53 (2 hours ago)	2026-06-17 14:11:53 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇫🇷 thecocasio	2026-06-17 14:11:19 (2 hours ago)	PortSentry honeypot: unsolicited TCP connection to closed decoy port 23 (Telnet) on a host running n ... show more PortSentry honeypot: unsolicited TCP connection to closed decoy port 23 (Telnet) on a host running no such service. Automated port-scan detection at 2026-06-17T14:11:19Z. show less	Port Scan
🇫🇷 hghosting	2026-06-17 14:09:42 (2 hours ago)	CrowdSec auto-report: crowdsecurity/suricata-major-severity — 1 events	Brute-Force SSH
🇺🇸 xmission.com	2026-06-17 13:41:20 (3 hours ago)	Blocked by UFW (TCP on 23) Source port: 54438 TTL: 57 Packet length: 40 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 23) Source port: 54438 TTL: 57 Packet length: 40 TOS: 0x00 This report (for 128.241.229.52) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Hacking Brute-Force
🇺🇸 xmission.com	2026-06-17 13:21:56 (3 hours ago)	Blocked by UFW (TCP on 23) Source port: 50534 TTL: 56 Packet length: 40 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 23) Source port: 50534 TTL: 56 Packet length: 40 TOS: 0x00 This report (for 128.241.229.52) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Hacking Brute-Force
🇳🇱 VMHeaven.io	2026-06-17 13:16:03 (3 hours ago)	Blocked by UFW [52869/tcp] Source port: 49883 TTL: 51 Packet length: 40	Port Scan
🇩🇪 Admins@FBN	2026-06-17 12:28:42 (4 hours ago)	FW-PortScan: Traffic Blocked srcport=6970 dstport=23	Port Scan
🇺🇸 MPL	2026-06-17 12:20:48 (4 hours ago)	tcp/80	Port Scan
🇫🇷 GoodOldTOS	2026-06-17 09:28:25 (7 hours ago)	Connection to Telnet honeypot	Hacking
🇳🇱 ByeByte API	2026-06-17 08:23:36 (8 hours ago)	byebyte.space auth: TCP packet to port 52869 (high-risk service) at 2026-06-17T08:23:36Z. Source por ... show more byebyte.space auth: TCP packet to port 52869 (high-risk service) at 2026-06-17T08:23:36Z. Source port 49883. TCP flags: SYN. Packet: 40B, TTL 51, window 7932, IP id 27604. Single packet, dropped at firewall. p0f: 13 hops. show less	Port Scan
🇩🇪 guldkage	2026-06-17 08:20:03 (8 hours ago)	Unauthorized connection attempt detected from IP address 128.241.229.52 to port 23 (ger-02) [TELNET]	Exploited Host
🇺🇸 MPL	2026-06-17 08:19:41 (8 hours ago)	tcp/23	Port Scan
🇬🇧 essinghigh	2026-06-17 07:55:13 (9 hours ago)	IPS Detection: 128.241.229.52 -> DPT: 23	Port Scan

Showing 1 to 15 of 33 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.13.26.42

🇨🇳 139.227.161.248

🇺🇸 74.249.177.110

🇸🇬 2a09:bac5:55fa:18d2::279:11

🇺🇸 212.192.28.11

🇳🇱 45.148.10.151

🇩🇪 45.135.194.15

🇭🇰 199.45.154.188

🇺🇸 142.248.80.164

🇷🇺 95.215.108.47

🇳🇱 64.89.162.167

🇮🇳 4.247.141.61

🇷🇴 2.57.122.177

🇺🇸 205.210.31.25

🇧🇦 185.65.107.14

🇳🇱 176.65.139.85

🇧🇷 45.205.1.5

🇸🇨 45.194.67.146

🇺🇸 20.64.105.194

🇷🇴 2.57.122.238