This IP address has been reported a total of
81
times from
55 distinct
sources.
138.121.202.90 was first reported on
, and the most recent report was
.
Old Reports:
The most recent abuse report for this IP address is from
. It is possible that this IP is no longer involved in abusive activities.
Honeypot favala.es: 1 intentos de login SSH por fuerza bruta; 1 intentos de túnel (proxy) a terceros ...
show moreHoneypot favala.es: 1 intentos de login SSH por fuerza bruta; 1 intentos de túnel (proxy) a terceros en 24h. Reporte automático.
show less
Brute-Force
SSH
Anonymous
SSH Brute Force (3 attempts). Evidence: sshd:auth): authentication failure; logname= uid=0 euid=0 tt ...
show moreSSH Brute Force (3 attempts). Evidence: sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.202.90;sshd-session[39029]: Failed password for invalid user pos from 138.121.202.90 port 58561 ssh2
show less
2026-07-10T00:20:07.581659mail.dondessert.com sshd[351144]: Invalid user setup from 138.121.202.90 p ...
show more2026-07-10T00:20:07.581659mail.dondessert.com sshd[351144]: Invalid user setup from 138.121.202.90 port 53008
2026-07-10T00:20:09.398643mail.dondessert.com sshd[351144]: Failed password for invalid user setup from 138.121.202.90 port 53008 ssh2
...
show less
Honeypot favala.es: 1 intentos de login SSH por fuerza bruta; 1 intentos de túnel (proxy) a terceros ...
show moreHoneypot favala.es: 1 intentos de login SSH por fuerza bruta; 1 intentos de túnel (proxy) a terceros en 24h. Reporte automático.
show less
2026-07-09T11:19:41.933879+00:00 singularity sshd[464652]: pam_unix(sshd:auth): authentication failu ...
show more2026-07-09T11:19:41.933879+00:00 singularity sshd[464652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.202.90
2026-07-09T11:19:43.820552+00:00 singularity sshd[464652]: Failed password for invalid user guest from 138.121.202.90 port 64975 ssh2
2026-07-09T11:19:45.306205+00:00 singularity sshd[464652]: Connection closed by invalid user guest 138.121.202.90 port 64975 [preauth]
...
show less
Jul 8 21:10:49 mail sshd\[19113\]: Invalid user centos from 138.121.202.90
Jul 8 21:10:49 mail ssh ...
show moreJul 8 21:10:49 mail sshd\[19113\]: Invalid user centos from 138.121.202.90
Jul 8 21:10:49 mail sshd\[19113\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.202.90
Jul 8 21:10:51 mail sshd\[19113\]: Failed password for invalid user centos from 138.121.202.90 port 62779 ssh2
show less
2026-07-08T16:51:07.815Z, an unauthorized access attempt was detected on port 22 (SSH) from source I ...
show more2026-07-08T16:51:07.815Z, an unauthorized access attempt was detected on port 22 (SSH) from source IP address 138.121.202.90.
show less
Honeypot favala.es: 1 intentos de login SSH por fuerza bruta; 1 intentos de túnel (proxy) a terceros ...
show moreHoneypot favala.es: 1 intentos de login SSH por fuerza bruta; 1 intentos de túnel (proxy) a terceros en 24h. Reporte automático.
show less
Jul 8 07:48:41 mail sshd-session[1017928]: Invalid user admin from 138.121.202.90 port 55317
Jul 8 ...
show moreJul 8 07:48:41 mail sshd-session[1017928]: Invalid user admin from 138.121.202.90 port 55317
Jul 8 07:48:45 mail sshd-session[1017928]: error: PAM: User not known to the underlying authentication module for illegal user admin from 138.121.202.90
Jul 8 07:48:45 mail sshd-session[1017928]: Failed keyboard-interactive/pam for invalid user admin from 138.121.202.90 port 55317 ssh2
...
show less
2026-07-08T04:50:46.397575+02:00 netmaker sshd[176401]: pam_unix(sshd:auth): authentication failure; ...
show more2026-07-08T04:50:46.397575+02:00 netmaker sshd[176401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.202.90
2026-07-08T04:50:48.810452+02:00 netmaker sshd[176401]: Failed password for invalid user admin from 138.121.202.90 port 50092 ssh2
2026-07-08T04:50:50.693869+02:00 netmaker sshd[176401]: Connection closed by invalid user admin 138.121.202.90 port 50092 [preauth]
...
show less
Brute-Force
SSH
Showing 1 to
15
of 81 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown 🚩