JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 201.138.189.215

201.138.189.215 was found in our database!

This IP was reported 658 times. Confidence of Abuse is 100%: ?

100%

ISP	Gestión de direccionamiento UniNet
Usage Type	Fixed Line ISP
ASN	AS8151
Hostname(s)	215-189-138-201.prod-infinitum.com.mx
Domain Name	uninet.net.mx
Country	🇲🇽 Mexico
City	Puebla, Puebla

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 201.138.189.215

Whois 201.138.189.215

IP Abuse Reports for 201.138.189.215:

This IP address has been reported a total of 658 times from 374 distinct sources. 201.138.189.215 was first reported on May 28th 2026, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 atlantika	2026-06-03 03:17:32 (1 day ago)	2026-06-03T05:12:00.465214+02:00 [server] sshd-session[162629]: Invalid user elsearch from 201.138.1 ... show more 2026-06-03T05:12:00.465214+02:00 [server] sshd-session[162629]: Invalid user elsearch from 201.138.189.215 port 44138 2026-06-03T05:15:47.898601+02:00 [server] sshd-session[163344]: Invalid user steam from 201.138.189.215 port 35180 2026-06-03T05:17:31.477044+02:00 [server] sshd-session[163654]: Invalid user oracle from 201.138.189.215 port 51298 ... show less	Hacking Brute-Force SSH
🇩🇪 int8	2026-06-03 03:14:16 (1 day ago)	2026-06-03T03:12:18.131469+00:00 squid sshd-session[2024318]: Invalid user elsearch from 201.138.189 ... show more 2026-06-03T03:12:18.131469+00:00 squid sshd-session[2024318]: Invalid user elsearch from 201.138.189.215 port 34200 2026-06-03T03:12:18.137714+00:00 squid sshd-session[2024318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.138.189.215 2026-06-03T03:12:20.222296+00:00 squid sshd-session[2024318]: Failed password for invalid user elsearch from 201.138.189.215 port 34200 ssh2 2026-06-03T03:14:13.809861+00:00 squid sshd-session[2025109]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.138.189.215 user=root 2026-06-03T03:14:16.117311+00:00 squid sshd-session[2025109]: Failed password for root from 201.138.189.215 port 47724 ssh2 ... show less	Brute-Force SSH
🇩🇪 nicosqc	2026-06-03 02:43:29 (1 day ago)	Invalid user grid from 201.138.189.215 port 37476	Brute-Force SSH
🇦🇺 Ticketebo Pty. Ltd.	2026-06-03 02:24:35 (1 day ago)	Jun 3 12:08:07 mags sshd-session[2637290]: Invalid user e5 from 201.138.189.215 port 41018 Jun 3 1 ... show more Jun 3 12:08:07 mags sshd-session[2637290]: Invalid user e5 from 201.138.189.215 port 41018 Jun 3 12:13:17 mags sshd-session[2638707]: Invalid user gmail from 201.138.189.215 port 46940 Jun 3 12:15:35 mags sshd-session[2639565]: Invalid user hpc from 201.138.189.215 port 45512 Jun 3 12:17:51 mags sshd-session[2639625]: Invalid user counseling from 201.138.189.215 port 55936 Jun 3 12:20:08 mags sshd-session[2640453]: Invalid user sitedefender from 201.138.189.215 port 54818 Jun 3 12:22:21 mags sshd-session[2640496]: Invalid user cds from 201.138.189.215 port 55706 Jun 3 12:24:34 mags sshd-session[2640565]: Invalid user nm from 201.138.189.215 port 49468 ... show less	Brute-Force
🇩🇪 ipcop.net	2026-06-03 02:15:18 (1 day ago)	2026-06-03T04:06:20.992149+02:00 sso-host-01.sso.srvfarm.net sshd-session[13533]: Invalid user e5 fr ... show more 2026-06-03T04:06:20.992149+02:00 sso-host-01.sso.srvfarm.net sshd-session[13533]: Invalid user e5 from 201.138.189.215 port 59192 2026-06-03T04:06:21.253334+02:00 sso-host-01.sso.srvfarm.net sshd-session[13533]: Disconnected from invalid user e5 201.138.189.215 port 59192 [preauth] 2026-06-03T04:12:59.122022+02:00 sso-host-01.sso.srvfarm.net sshd-session[13833]: Invalid user gmail from 201.138.189.215 port 37872 2026-06-03T04:12:59.311680+02:00 sso-host-01.sso.srvfarm.net sshd-session[13833]: Disconnected from invalid user gmail 201.138.189.215 port 37872 [preauth] 2026-06-03T04:15:16.602306+02:00 sso-host-01.sso.srvfarm.net sshd-session[13951]: Invalid user hpc from 201.138.189.215 port 52536 show less	Brute-Force
🇩🇪 ipcop.net	2026-06-03 01:44:10 (1 day ago)	Malicious activity detected from 201.138.189.215.	Brute-Force
🇸🇬 sh97	2026-06-03 01:24:03 (1 day ago)	rooted: SSH Brute Force from 201.138.189.215 at 2026-06-03 06:54:02 IST	Brute-Force SSH
🇦🇺 marshy.com.au	2026-06-03 01:06:08 (1 day ago)	(sshd) Failed SSH login from 201.138.189.215 (MX/Mexico/215-189-138-201.prod-infinitum.com.mx): 5 in ... show more (sshd) Failed SSH login from 201.138.189.215 (MX/Mexico/215-189-138-201.prod-infinitum.com.mx): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 3 10:55:00 ded01 sshd[155001]: Invalid user grid from 201.138.189.215 port 56184 Jun 3 10:55:02 ded01 sshd[155001]: Failed password for invalid user grid from 201.138.189.215 port 56184 ssh2 Jun 3 11:03:54 ded01 sshd[162213]: Invalid user jose from 201.138.189.215 port 59710 Jun 3 11:03:56 ded01 sshd[162213]: Failed password for invalid user jose from 201.138.189.215 port 59710 ssh2 Jun 3 11:06:03 ded01 sshd[164602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.138.189.215 user=root show less	Port Scan
🇩🇪 [email protected]	2026-06-03 01:03:42 (1 day ago)	(sshd) Failed SSH login from 201.138.189.215 (MX/Mexico/215-189-138-201.prod-infinitum.com.mx)	Brute-Force SSH
🇮🇳 infolinkbroadband	2026-06-02 23:59:47 (1 day ago)	2026-06-03T05:25:46.233276+05:30 ndc-hv01 sshd[1413197]: Failed password for root from 201.138.189.2 ... show more 2026-06-03T05:25:46.233276+05:30 ndc-hv01 sshd[1413197]: Failed password for root from 201.138.189.215 port 47366 ssh2 2026-06-03T05:27:49.051190+05:30 ndc-hv01 sshd[1414406]: Invalid user admin from 201.138.189.215 port 39012 2026-06-03T05:27:49.054398+05:30 ndc-hv01 sshd[1414406]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.138.189.215 2026-06-03T05:27:51.021100+05:30 ndc-hv01 sshd[1414406]: Failed password for invalid user admin from 201.138.189.215 port 39012 ssh2 2026-06-03T05:29:46.602454+05:30 ndc-hv01 sshd[1415399]: Invalid user hostinger from 201.138.189.215 port 51262 ... show less	Brute-Force SSH
🇫🇷 Yepngo	2026-06-02 23:18:03 (1 day ago)	2026-06-03T01:18:03.078317+02:00 ns3006402 sshd[714315]: Invalid user daniel from 201.138.189.215 po ... show more 2026-06-03T01:18:03.078317+02:00 ns3006402 sshd[714315]: Invalid user daniel from 201.138.189.215 port 52298 ... show less	Brute-Force SSH
🇩🇪 LRob.fr	2026-06-02 23:00:02 (1 day ago)	SSH abuse or brute-force attack detected by Fail2Ban in ssh jail	Brute-Force SSH
🇩🇪 dispaisyenterprises	2026-06-02 22:52:40 (1 day ago)	Honeypot [fra-de-honeypot]: Brute-force attack detected on 22/SSH • Credentials: root:Qwerty123456!, ... show more Honeypot [fra-de-honeypot]: Brute-force attack detected on 22/SSH • Credentials: root:Qwerty123456!, stepan:stepan123, user:letmein, 345gs5662d34:345gs5662d34, user:3245gs5662d34, root:Qwer1234Qwer1234 • Number of login attempts: 6 • 20 command(s) were executed during the session • Client: SSH-2.0-libssh_0.9.6 Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Brute-Force SSH Hacking
🇫🇷 GV-mtb	2026-06-02 22:49:27 (1 day ago)	Fail2ban At mtb-server	Brute-Force SSH
🇪🇸 scotynau	2026-06-02 22:49:16 (1 day ago)	2026-06-02T22:47:21.028660+00:00 bastionez sshd[502904]: Invalid user stepan from 201.138.189.215 po ... show more 2026-06-02T22:47:21.028660+00:00 bastionez sshd[502904]: Invalid user stepan from 201.138.189.215 port 49462 2026-06-02T22:49:15.808262+00:00 bastionez sshd[502929]: Invalid user user from 201.138.189.215 port 33340 ... show less	Brute-Force SSH

Showing 61 to 75 of 658 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 155.4.244.107

🇩🇿 154.241.52.5

🇨🇳 14.103.46.139

🇺🇸 205.210.31.101

🇳🇱 89.38.96.216

🇳🇱 45.148.10.151

🇩🇪 4.184.246.230

🇧🇷 205.210.31.222

🇯🇵 172.104.93.159

🇺🇸 159.89.138.113

🇫🇮 147.185.133.63

🇬🇧 92.238.110.228

🇫🇷 51.68.226.87

🇺🇸 50.116.72.133

🇱🇹 45.227.254.170

🇯🇵 43.130.229.228

🇺🇸 2607:f8b0:4023:100f::120

🇰🇷 222.107.156.227

🇧🇷 205.210.31.169

🇸🇬 143.198.221.127