JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 68.235.52.99

68.235.52.99 was found in our database!

This IP was reported 1,040 times. Confidence of Abuse is 100%: ?

100%

ISP	tzulo, inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS11878
Hostname(s)	static-68-235-52-99.cust.tzulo.com
Domain Name	tzulo.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 68.235.52.99

Whois 68.235.52.99

IP Abuse Reports for 68.235.52.99:

This IP address has been reported a total of 1,040 times from 166 distinct sources. 68.235.52.99 was first reported on April 4th 2026, and the most recent report was 10 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇰🇷 2048	2026-05-31 01:09:31 (4 days ago)	2026-05-31T10:09:30.216483+09:00 no3 sshd[2152431]: Disconnected from authenticating user root 68.23 ... show more 2026-05-31T10:09:30.216483+09:00 no3 sshd[2152431]: Disconnected from authenticating user root 68.235.52.99 port 29078 [preauth] ... show less	Brute-Force SSH
🇺🇸 aboschke	2026-05-31 01:00:21 (4 days ago)	SSH brute force attempt. Tried invalid user: unknown	Brute-Force SSH
🇺🇸 ShadowWhisperer	2026-05-31 00:55:09 (4 days ago)	SSH fingerprint.	Port Scan
🇧🇷 W8C Dev	2026-05-31 00:35:58 (4 days ago)	May 30 21:35:57 vmori-manager-1 sshd[219120]: Disconnected from authenticating user root 68.235.52.9 ... show more May 30 21:35:57 vmori-manager-1 sshd[219120]: Disconnected from authenticating user root 68.235.52.99 port 47580 [preauth] ... show less	Brute-Force SSH
🇺🇸 Szymekk	2026-05-30 23:57:44 (4 days ago)	Fail2Ban: SSH brute force attempt [srv05]	Brute-Force SSH
🇺🇸 NetGuard	2026-05-30 23:29:39 (4 days ago)	#honeypot #netguard247 #cowrie #sshtelnetprobe Captured by NetGuard 24/7 T-Pot honeypot (netguard24- ... show more #honeypot #netguard247 #cowrie #sshtelnetprobe Captured by NetGuard 24/7 T-Pot honeypot (netguard24-7.com). Timestamp: 2026-05-30T23:29:39.452+00:00 Attacker IP: 68.235.52.99 \| Port: N/A \| Country: United States Honeypot: cowrie \| Attack: ssh_telnet_probe Source: NetGuard 24/7 (netguard24-7.com) \| PhantomGrid Defense show less	Brute-Force SSH
🇨🇳 pengpeng	2026-05-30 22:54:42 (4 days ago)	monitor: on VM-0-7-ubuntu \| port: 22 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter	Port Scan SSH
🇰🇷 2048	2026-05-30 22:03:46 (4 days ago)	2026-05-31T07:03:45.536583+09:00 no2 sshd[2174407]: Disconnected from authenticating user root 68.23 ... show more 2026-05-31T07:03:45.536583+09:00 no2 sshd[2174407]: Disconnected from authenticating user root 68.235.52.99 port 3094 [preauth] ... show less	Brute-Force SSH
🇨🇭 TOCE	2026-05-30 20:50:06 (4 days ago)	5 hits seen on 2026-05-30, ports 22 (SSH) on a honeypot from www.toce.ch	SSH
🇱🇻 alliance	2026-05-30 19:22:32 (4 days ago)	May 30 22:22:31 *** sshd[2490025]: User root from 68.235.52.99 not allowed because not listed in A ... show more May 30 22:22:31 *** sshd[2490025]: User root from 68.235.52.99 not allowed because not listed in AllowUsers show less	Brute-Force SSH
🇩🇪 _ArminS_	2026-05-30 18:55:01 (4 days ago)	Bad SSHAUTH 2026.05.30 20:55:01 blocked until 2026.06.02 20:55:01 by HoneyPot DE_State of Berlin01	SSH Brute-Force Hacking
🇦🇹 Pingger Shikkoken	2026-05-30 18:02:26 (4 days ago)	2026-05-30T18:02:26+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT= MAC=b6:ab:74:e6 ... show more 2026-05-30T18:02:26+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT= MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=68.235.52.99 DST=152.53.50.28 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=16024 DF PROTO=TCP SPT=58084 DPT=22 WINDOW=42340 RES=0x00 SYN URGP=0 2026-05-30T18:02:26+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT= MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=68.235.52.99 DST=152.53.50.28 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=16025 DF PROTO=TCP SPT=58084 DPT=22 WINDOW=42340 RES=0x00 SYN URGP=0 2026-05-30T18:02:26+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT= MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=68.235.52.99 DST=152.53.50.28 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=16026 DF PROTO=TCP SPT=58084 DPT=22 WINDOW=42340 RES=0x00 SYN URGP=0 ... show less	Hacking Brute-Force SSH
🇩🇪 shukolza	2026-05-30 17:28:30 (4 days ago)	2026-05-30T20:28:24.467133+03:00 shukolza-pc sshd-session[6002]: User root from 68.235.52.99 not all ... show more 2026-05-30T20:28:24.467133+03:00 shukolza-pc sshd-session[6002]: User root from 68.235.52.99 not allowed because not listed in AllowUsers ... show less	Brute-Force SSH
🇳🇴 thorn5011	2026-05-30 16:44:57 (4 days ago)	Cowrie Honeypot: 2 unauthorised SSH/Telnet login attempts between 2026-05-30T16:44:57Z and 2026-05-3 ... show more Cowrie Honeypot: 2 unauthorised SSH/Telnet login attempts between 2026-05-30T16:44:57Z and 2026-05-30T16:44:57Z show less	Brute-Force SSH
🇺🇸 FurrIX vIX	2026-05-30 16:23:03 (4 days ago)	[FurrIX NOC, Automated, PHY TWO]: Bonked into empty SSH door. Whatcha looking for in there, eh?!	Brute-Force SSH

Showing 121 to 135 of 1040 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.199.182.108

🇧🇷 177.55.157.59

🇮🇩 140.213.6.237

🇷🇺 89.113.137.1

🇨🇳 1.24.16.216

🇺🇸 162.240.211.126

🇳🇱 160.211.64.100

🇹🇯 109.75.50.17

🇯🇲 72.27.199.212

🇧🇾 46.216.198.132

🇧🇪 34.78.106.127

🇺🇸 216.25.89.119

🇨🇳 202.46.62.97

🇺🇸 199.127.60.187

🇨🇷 190.113.115.154

🇲🇽 186.96.145.241

🇺🇸 172.212.224.40

🇺🇸 161.35.122.5

🇰🇪 154.159.237.162

🇫🇮 147.185.133.135