This IP address has been reported a total of
11
times from
9 distinct
sources.
202.194.98.246 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
(sshd) Failed SSH login from 202.194.98.246 (CN/China/-): 5 in the last 3600 secs; Ports: *; Directi ...
show more(sshd) Failed SSH login from 202.194.98.246 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_SSHD; Logs: Jun 28 20:44:09 15520 sshd[22394]: Did not receive identification string from 202.194.98.246 port 54910
Jun 28 20:44:11 15520 sshd[22395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.194.98.246 user=root
Jun 28 20:44:13 15520 sshd[22395]: Failed password for root from 202.194.98.246 port 55376 ssh2
Jun 28 20:44:15 15520 sshd[22429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.194.98.246 user=root
Jun 28 20:44:17 15520 sshd[22429]: Failed password for root from 202.194.98.246 port 59830 ssh2
show less
2026-06-28T09:02:46.528242-04:00 lg sshd[679743]: Failed password for root from 202.194.98.246 port ...
show more2026-06-28T09:02:46.528242-04:00 lg sshd[679743]: Failed password for root from 202.194.98.246 port 34304 ssh2
2026-06-28T09:02:48.585518-04:00 lg sshd[679747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.194.98.246 user=root
2026-06-28T09:02:50.474493-04:00 lg sshd[679747]: Failed password for root from 202.194.98.246 port 37394 ssh2
2026-06-28T09:02:54.108433-04:00 lg sshd[679749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.194.98.246 user=root
2026-06-28T09:02:56.489171-04:00 lg sshd[679749]: Failed password for root from 202.194.98.246 port 42176 ssh2
...
show less
Verified scan activity detected by local IDS/firewall correlation. SCAN: HIGHRISK_SINGLEPORT | PORTS ...
show moreVerified scan activity detected by local IDS/firewall correlation. SCAN: HIGHRISK_SINGLEPORT | PORTS=22 | HITS=2 | IPSET=ADD | FIRST=2026-06-27 05:05:00 | LAST=2026-06-27 05:05:01. Last seen 2026-06-27 05:05:01.
show less
202.194.98.246 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Por ...
show more202.194.98.246 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 26 14:53:47 18024 sshd[26363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.10.29.234 user=root
Jun 26 14:53:49 18024 sshd[26363]: Failed password for root from 200.10.29.234 port 45326 ssh2
Jun 26 15:32:14 18024 sshd[10435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.194.98.246 user=root
Jun 26 15:32:16 18024 sshd[10435]: Failed password for root from 202.194.98.246 port 43928 ssh2
Jun 26 15:32:18 18024 sshd[10437]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.194.98.246 user=root
IP Addresses Blocked:
200.10.29.234 (CO/Colombia/static-p4-200-10-29-234.superredes.net)
show less
Brute-Force
SSH
Anonymous
2026-06-26T12:39:27.313066+02:00 outpost sshd[12966]: pam_unix(sshd:auth): authentication failure; l ...
show more2026-06-26T12:39:27.313066+02:00 outpost sshd[12966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.194.98.246 user=root
2026-06-26T12:39:29.332850+02:00 outpost sshd[12966]: Failed password for root from 202.194.98.246 port 38464 ssh2
2026-06-26T12:39:32.704903+02:00 outpost sshd[13069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.194.98.246 user=root
2026-06-26T12:39:34.745733+02:00 outpost sshd[13069]: Failed password for root from 202.194.98.246 port 44016 ssh2
...
show less
Fail2Ban automatic report:
SSH brute-force:
Jun 25 10:40:39 serw sshd[2131331]: Disconnected from 20 ...
show moreFail2Ban automatic report:
SSH brute-force:
Jun 25 10:40:39 serw sshd[2131331]: Disconnected from 202.194.98.246 port 33592 [preauth]
Jun 25 10:40:46 serw sshd[2131333]: Invalid user NL5xUDpV2xRa from 202.194.98.246 port 51704
Jun 25 10:41:18 serw sshd[2131316]: Disconnected from 202.194.98.246 port 44576 [preauth]
show less
Brute-Force
SSH
Anonymous
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
Showing 1 to
11
of 11 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ