JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 134.168.249.198

134.168.249.198 was found in our database!

This IP was reported 134 times. Confidence of Abuse is 100%: ?

100%

ISP	Qianyun International Technology Co., Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS135377
Domain Name	benynet.cn
Country	🇲🇽 Mexico
City	Mexico City, Mexico City

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 134.168.249.198

Whois 134.168.249.198

IP Abuse Reports for 134.168.249.198:

This IP address has been reported a total of 134 times from 84 distinct sources. 134.168.249.198 was first reported on June 6th 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 AdrianT	2026-06-24 09:43:25 (4 days ago)	SSH brute force	Brute-Force SSH
🇧🇷 helix	2026-06-23 11:19:22 (5 days ago)	Automated report: SSH brute force detected. This IP exceeded the allowed number of failed login atte ... show more Automated report: SSH brute force detected. This IP exceeded the allowed number of failed login attempts (3 attempts). show less	Brute-Force SSH
🇸🇬 sh97	2026-06-10 01:05:18 (2 weeks ago)	rooted: SSH Brute Force from 134.168.249.198 at 2026-06-10 06:35:18 IST	Brute-Force SSH
🇩🇪 ZIME	2026-06-09 02:30:47 (2 weeks ago)	UFW BLOCK Report: Total attempts: 6 Top ports and details: - Port 22 (6x): SSH Brute-Force (e. ... show more UFW BLOCK Report: Total attempts: 6 Top ports and details: - Port 22 (6x): SSH Brute-Force (e.g., CVE-2024-6387 regreSSHion, botnets like Mirai, Mozi) Source IP: 134.168.249.198 \| this report is autogenerated by ZIME Cloud show less	Brute-Force SSH
🇧🇷 ItsClairton	2026-06-09 02:21:24 (2 weeks ago)	Jun 8 23:13:58 proxy-03 sshd[1415097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 ... show more Jun 8 23:13:58 proxy-03 sshd[1415097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.168.249.198 user=root Jun 8 23:14:00 proxy-03 sshd[1415097]: Failed password for root from 134.168.249.198 port 33268 ssh2 Jun 8 23:21:21 proxy-03 sshd[1437967]: Invalid user dell from 134.168.249.198 port 33370 Jun 8 23:21:21 proxy-03 sshd[1437967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.168.249.198 Jun 8 23:21:23 proxy-03 sshd[1437967]: Failed password for invalid user dell from 134.168.249.198 port 33370 ssh2 ... show less	Brute-Force SSH
🇩🇪 ZIME	2026-06-09 02:00:10 (2 weeks ago)	UFW BLOCK Report: Total attempts: 8 Top ports and details: - Port 22 (8x): SSH Brute-Force (e. ... show more UFW BLOCK Report: Total attempts: 8 Top ports and details: - Port 22 (8x): SSH Brute-Force (e.g., CVE-2024-6387 regreSSHion, botnets like Mirai, Mozi) Source IP: 134.168.249.198 \| this report is autogenerated by ZIME Cloud show less	Brute-Force SSH
🇩🇪 ipcop.net	2026-06-09 01:47:54 (2 weeks ago)	2026-06-09T03:40:37.157625+02:00 router01.dreibaeumen.de sshd[3806132]: Connection closed by 134.168 ... show more 2026-06-09T03:40:37.157625+02:00 router01.dreibaeumen.de sshd[3806132]: Connection closed by 134.168.249.198 port 55508 [preauth] 2026-06-09T03:44:09.489925+02:00 router01.dreibaeumen.de sshd[3810366]: Invalid user parisa from 134.168.249.198 port 56538 2026-06-09T03:44:09.646155+02:00 router01.dreibaeumen.de sshd[3810366]: Disconnected from invalid user parisa 134.168.249.198 port 56538 [preauth] 2026-06-09T03:47:53.318800+02:00 router01.dreibaeumen.de sshd[3810847]: Invalid user vncuser from 134.168.249.198 port 37328 2026-06-09T03:47:53.474996+02:00 router01.dreibaeumen.de sshd[3810847]: Disconnected from invalid user vncuser 134.168.249.198 port 37328 [preauth] show less	Brute-Force
🇩🇪 ZIME	2026-06-09 01:29:33 (2 weeks ago)	UFW BLOCK Report: Total attempts: 5 Top ports and details: - Port 22 (5x): SSH Brute-Force (e. ... show more UFW BLOCK Report: Total attempts: 5 Top ports and details: - Port 22 (5x): SSH Brute-Force (e.g., CVE-2024-6387 regreSSHion, botnets like Mirai, Mozi) Source IP: 134.168.249.198 \| this report is autogenerated by ZIME Cloud show less	Brute-Force SSH
🇸🇬 sh97	2026-06-09 00:59:50 (2 weeks ago)	rooted: SSH Brute Force from 134.168.249.198 at 2026-06-09 06:29:50 IST	Brute-Force SSH
🇩🇪 ZIME	2026-06-09 00:58:59 (2 weeks ago)	UFW BLOCK Report: Total attempts: 7 Top ports and details: - Port 22 (7x): SSH Brute-Force (e. ... show more UFW BLOCK Report: Total attempts: 7 Top ports and details: - Port 22 (7x): SSH Brute-Force (e.g., CVE-2024-6387 regreSSHion, botnets like Mirai, Mozi) Source IP: 134.168.249.198 \| this report is autogenerated by ZIME Cloud show less	Brute-Force SSH
🇫🇮 Gregor Makdac	2026-06-09 00:56:38 (2 weeks ago)	Hetzner-F2B blocked SSH BF-	Brute-Force SSH
🇫🇮 Ticlem	2026-06-09 00:49:56 (2 weeks ago)	2026-06-09T02:33:55.556878+02:00 clement-turlure.fr sshd[3058485]: Failed password for invalid user ... show more 2026-06-09T02:33:55.556878+02:00 clement-turlure.fr sshd[3058485]: Failed password for invalid user admin from 134.168.249.198 port 42190 ssh2 2026-06-09T02:38:32.253363+02:00 clement-turlure.fr sshd[3061486]: Invalid user mc from 134.168.249.198 port 52178 2026-06-09T02:38:32.255303+02:00 clement-turlure.fr sshd[3061486]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.168.249.198 2026-06-09T02:38:34.558076+02:00 clement-turlure.fr sshd[3061486]: Failed password for invalid user mc from 134.168.249.198 port 52178 ssh2 2026-06-09T02:49:55.179686+02:00 clement-turlure.fr sshd[3068167]: Invalid user admin from 134.168.249.198 port 34178 ... show less	Brute-Force SSH
Anonymous	2026-06-09 00:36:48 (2 weeks ago)	2026-06-09T01:27:49.873187+01:00 mail sshd-session[3238881]: pam_unix(sshd:auth): authentication fai ... show more 2026-06-09T01:27:49.873187+01:00 mail sshd-session[3238881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.168.249.198 2026-06-09T01:27:51.541637+01:00 mail sshd-session[3238881]: Failed password for invalid user admin from 134.168.249.198 port 52196 ssh2 2026-06-09T01:36:48.191310+01:00 mail sshd-session[3243982]: Invalid user mc from 134.168.249.198 port 52322 ... show less	Brute-Force SSH
Anonymous	2026-06-09 00:33:49 (2 weeks ago)	2026-06-09T00:33:46.979866+00:00 localhost sshd[99615]: pam_unix(sshd:auth): authentication failure; ... show more 2026-06-09T00:33:46.979866+00:00 localhost sshd[99615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.168.249.198 2026-06-09T00:33:48.686856+00:00 localhost sshd[99615]: Failed password for invalid user admin from 134.168.249.198 port 42372 ssh2 ... show less	Brute-Force SSH
🇺🇸 COMPLEX	2026-06-09 00:01:09 (2 weeks ago)	Unsolicited TCP traffic \| Action: DROP \| Port 22	SSH

Showing 1 to 15 of 134 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:400c:c07::12a

🇳🇱 195.178.110.227

🇬🇧 178.62.89.9

🇩🇪 159.100.6.125

🇮🇳 117.235.89.207

🇵🇹 94.61.159.91

🇺🇸 44.191.222.233

🇻🇳 14.236.148.235

🇫🇮 193.66.151.86

🇲🇽 187.216.224.85

🇵🇰 182.186.14.38

🇳🇱 176.65.139.102

🇸🇪 171.25.158.74

🇺🇸 162.216.150.131

🇸🇬 152.42.172.176

🇹🇼 110.24.32.48

🇩🇪 88.214.25.124

🇬🇧 87.106.65.126

🇸🇨 45.194.67.28

🇭🇺 45.11.172.223