JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 201.138.189.215

201.138.189.215 was found in our database!

This IP was reported 659 times. Confidence of Abuse is 100%: ?

100%

ISP	Gestión de direccionamiento UniNet
Usage Type	Fixed Line ISP
ASN	AS8151
Hostname(s)	215-189-138-201.prod-infinitum.com.mx
Domain Name	uninet.net.mx
Country	🇲🇽 Mexico
City	Puebla, Puebla

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 201.138.189.215

Whois 201.138.189.215

IP Abuse Reports for 201.138.189.215:

This IP address has been reported a total of 659 times from 374 distinct sources. 201.138.189.215 was first reported on May 28th 2026, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 bigscoots.com	2026-05-30 14:40:14 (4 days ago)	201.138.189.215 (MX/Mexico/215-189-138-201.prod-infinitum.com.mx), 5 distributed sshd attacks on acc ... show more 201.138.189.215 (MX/Mexico/215-189-138-201.prod-infinitum.com.mx), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: May 30 08:46:25 17538 sshd[5574]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.144.95.137 user=root May 30 09:40:06 17538 sshd[3525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.138.189.215 user=root May 30 08:55:43 17538 sshd[10572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.38.88.6 user=root May 30 08:55:45 17538 sshd[10572]: Failed password for root from 209.38.88.6 port 60742 ssh2 May 30 08:40:12 17538 sshd[2177]: Failed password for root from 102.210.149.236 port 1092 ssh2 IP Addresses Blocked: 168.144.95.137 (IN/India/-) show less	Brute-Force SSH
🇩🇪 ipcop.net	2026-05-30 14:13:41 (4 days ago)	2026-05-30T16:07:15.498746+02:00 gw-de37-01.guestgw.net sshd[3640764]: Invalid user test-user from 2 ... show more 2026-05-30T16:07:15.498746+02:00 gw-de37-01.guestgw.net sshd[3640764]: Invalid user test-user from 201.138.189.215 port 38952 2026-05-30T16:07:15.710191+02:00 gw-de37-01.guestgw.net sshd[3640764]: Disconnected from invalid user test-user 201.138.189.215 port 38952 [preauth] 2026-05-30T16:12:11.348518+02:00 gw-de37-01.guestgw.net sshd[3642254]: Invalid user posiflex from 201.138.189.215 port 35358 2026-05-30T16:12:11.538126+02:00 gw-de37-01.guestgw.net sshd[3642254]: Disconnected from invalid user posiflex 201.138.189.215 port 35358 [preauth] 2026-05-30T16:13:40.092765+02:00 gw-de37-01.guestgw.net sshd[3642650]: Invalid user trade from 201.138.189.215 port 48780 show less	Brute-Force
🇺🇸 theunixguy	2026-05-30 14:05:56 (4 days ago)		Brute-Force SSH
🇫🇮 bittiguru.fi	2026-05-30 13:55:07 (4 days ago)	2026-05-30T16:53:43.808995+03:00 gc1 sshd[1550036]: pam_unix(sshd:auth): authentication failure; log ... show more 2026-05-30T16:53:43.808995+03:00 gc1 sshd[1550036]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.138.189.215 2026-05-30T16:53:45.852459+03:00 gc1 sshd[1550036]: Failed password for invalid user sammy from 201.138.189.215 port 58120 ssh2 2026-05-30T16:55:07.121136+03:00 gc1 sshd[1550113]: Invalid user michael from 201.138.189.215 port 58778 ... show less	Brute-Force SSH
Anonymous	2026-05-30 13:37:49 (4 days ago)	2026-05-30T15:37:39.283146 prodWEB sshd[58229]: Connection from 201.138.189.215 port 47470 on 46.105 ... show more 2026-05-30T15:37:39.283146 prodWEB sshd[58229]: Connection from 201.138.189.215 port 47470 on 46.105.46.67 port 22 rdomain "" 2026-05-30T15:37:40.145941 prodWEB sshd[58229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.138.189.215 user=root 2026-05-30T15:37:42.655595 prodWEB sshd[58229]: Failed password for root from 201.138.189.215 port 47470 ssh2 ... show less	Brute-Force SSH
🇫🇮 bittiguru.fi	2026-05-30 13:37:27 (4 days ago)	2026-05-30T16:33:29.175324+03:00 gc1 sshd[1549495]: Failed password for invalid user steam from 201. ... show more 2026-05-30T16:33:29.175324+03:00 gc1 sshd[1549495]: Failed password for invalid user steam from 201.138.189.215 port 38040 ssh2 2026-05-30T16:37:24.582429+03:00 gc1 sshd[1549610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.138.189.215 user=root 2026-05-30T16:37:26.560425+03:00 gc1 sshd[1549610]: Failed password for root from 201.138.189.215 port 55010 ssh2 ... show less	Brute-Force SSH
🇳🇱 vanadrighem.eu	2026-05-30 13:25:13 (4 days ago)	2026-05-30T15:25:08.463830+02:00 jantje sshd[28775]: pam_unix(sshd:auth): authentication failure; lo ... show more 2026-05-30T15:25:08.463830+02:00 jantje sshd[28775]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.138.189.215 2026-05-30T15:25:10.733770+02:00 jantje sshd[28775]: Failed password for invalid user steam from 201.138.189.215 port 40344 ssh2 2026-05-30T15:25:12.004115+02:00 jantje sshd[28775]: Disconnected from invalid user steam 201.138.189.215 port 40344 [preauth] ... show less	Brute-Force SSH
🇵🇱 Nevex	2026-05-30 13:02:23 (4 days ago)	Failed 5 attempts using usernames: ceshi, fivem, dmdba, spring and root2	Brute-Force SSH
🇺🇸 bigwavedave	2026-05-30 12:58:07 (4 days ago)	ssh	Brute-Force SSH
Anonymous	2026-05-30 12:32:41 (4 days ago)	2026-05-30T12:19:22.133974+00:00 de-fsn1-it1 sshd[1971396]: Invalid user ubuntu from 201.138.189.215 ... show more 2026-05-30T12:19:22.133974+00:00 de-fsn1-it1 sshd[1971396]: Invalid user ubuntu from 201.138.189.215 port 47242 2026-05-30T12:26:54.098821+00:00 de-fsn1-it1 sshd[1972079]: Invalid user admin from 201.138.189.215 port 43400 2026-05-30T12:32:40.459080+00:00 de-fsn1-it1 sshd[1972189]: Invalid user abc from 201.138.189.215 port 39336 ... show less	Brute-Force SSH
🇪🇸 h3st4k3r	2026-05-30 11:56:26 (4 days ago)	Malicious activity detected from this IP during SSH attempts. VPN: No, Datacenter: No, Organization: ... show more Malicious activity detected from this IP during SSH attempts. VPN: No, Datacenter: No, Organization: AS8151 UNINET, Region: Puebla, Log: 2026-05-30T13:56:24.989886 02:00 Administracion sshd[1834457]: Disconnected from invalid user sdbadmin 201.138.189.215 port 51896 [preauth], Abuse Score: 100, Total Reports: 209 show less	SSH
🇫🇷 TuxCLOUD	2026-05-30 10:45:27 (4 days ago)	May 30 12:44:00 s1-4-gra7 sshd[2621918]: Invalid user app from 201.138.189.215 port 42082 May 30 12: ... show more May 30 12:44:00 s1-4-gra7 sshd[2621918]: Invalid user app from 201.138.189.215 port 42082 May 30 12:45:27 s1-4-gra7 sshd[2622065]: Invalid user tfj from 201.138.189.215 port 41498 show less	Brute-Force SSH
🇫🇮 vereinshosting	2026-05-30 10:44:41 (4 days ago)	Invalid user bill from 201.138.189.215 port 40276	Brute-Force SSH
🇺🇸 4ensic	2026-05-30 10:08:49 (4 days ago)	2026-05-30T05:06:55.322806-05:00 drpxkvfh.colocrossing.cloud sshd[134044]: Invalid user ubuntu from ... show more 2026-05-30T05:06:55.322806-05:00 drpxkvfh.colocrossing.cloud sshd[134044]: Invalid user ubuntu from 201.138.189.215 port 50494 2026-05-30T05:06:55.329942-05:00 drpxkvfh.colocrossing.cloud sshd[134044]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.138.189.215 2026-05-30T05:06:57.234024-05:00 drpxkvfh.colocrossing.cloud sshd[134044]: Failed password for invalid user ubuntu from 201.138.189.215 port 50494 ssh2 2026-05-30T05:08:46.322418-05:00 drpxkvfh.colocrossing.cloud sshd[134062]: Invalid user user1 from 201.138.189.215 port 44392 2026-05-30T05:08:46.331444-05:00 drpxkvfh.colocrossing.cloud sshd[134062]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.138.189.215 2026-05-30T05:08:48.140175-05:00 drpxkvfh.colocrossing.cloud sshd[134062]: Failed password for invalid user user1 from 201.138.189.215 port 44392 ssh2 ... show less	Brute-Force SSH
🇭🇺 kranem	2026-05-30 10:08:39 (4 days ago)	2026-05-30T12:01:01.782152+02:00 RYZEN-1 sshd[2448986]: Disconnected from authenticating user root 2 ... show more 2026-05-30T12:01:01.782152+02:00 RYZEN-1 sshd[2448986]: Disconnected from authenticating user root 201.138.189.215 port 38076 [preauth] 2026-05-30T12:04:58.531815+02:00 RYZEN-1 sshd[2496043]: Disconnected from authenticating user root 201.138.189.215 port 55346 [preauth] 2026-05-30T12:06:48.336997+02:00 RYZEN-1 sshd[2517896]: Invalid user ubuntu from 201.138.189.215 port 39182 2026-05-30T12:06:48.506679+02:00 RYZEN-1 sshd[2517896]: Disconnected from invalid user ubuntu 201.138.189.215 port 39182 [preauth] 2026-05-30T12:08:39.199685+02:00 RYZEN-1 sshd[2539695]: Invalid user user1 from 201.138.189.215 port 56868 ... show less	Brute-Force SSH

Showing 436 to 450 of 659 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 198.178.235.41

🇳🇱 176.65.139.231

🇺🇸 162.216.149.94

🇺🇸 104.236.83.40

🇧🇷 170.80.65.140

🇨🇳 117.149.196.167

🇧🇬 91.191.209.98

🇬🇧 81.19.219.216

🇺🇸 74.7.242.43

🇫🇷 51.159.149.103

🇩🇪 47.245.138.182

🇳🇱 45.148.10.152

🇬🇧 31.14.254.55

🇬🇧 31.14.254.4

🇰🇷 175.118.127.138

🇰🇷 119.192.210.110

🇳🇱 45.148.10.141

🇺🇸 13.68.133.98

🇦🇷 190.3.61.18

🇭🇰 185.239.84.249