189.222.193.89 Threat Intelligence and Host Information

Jun 19, 2024 ipinfopage

General

IP Address

189.222.193.89

IPv4 Address

Location

🇲🇽 Ensenada, Mexico

Network

AS8151

Uninet S.A. de C.V.

Threat Score

32/100

Medium Risk

cowriessh

Attack Intelligence

MITRE ATT&CK Techniques

T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110.004 - Credential Stuffing, T1110 - Brute Force

Open Ports Detected

554

Geographic Location

Country

Mexico

City

Ensenada

Region

Baja California

Coordinates

31.8153, -116.6060

Network Information

ASN

AS8151

Organization

Uninet S.A. de C.V.

Network

AS8151 Uninet S.A. de C.V.

WHOIS Information

inetnum

189.222.0.0/16

status

reallocated

aut-num

N/A

owner

Telefonos del Noroeste, S.A. de C.V.

ownerid

MX-TNSC1-LACNIC

responsible

Guillermo Martinez Moreno

address

22000 - Tijuana - BC

country

phone

+52 6646332264

owner-c

LEZ7

tech-c

LRG

abuse-c

LRG

inetrev

189.222.0.0/16

nserver

NSGDL2.UNINET.NET.MX

nsstat

20240628 AA

nslastaa

20240628

created

20021209

changed

20230113

inetnum-up

189.222.0.0/15

nic-hdl

LRG

person

Jefatura de Datos

e-mail

rodolfo.nevarez@telnor.com

Attack Logs

Date	Target Location	Protocol	Link
2024-06-14	Perth, Australia	MULTIPLE	View Log

Country: Mexico
Network: AS8151 uninet s.a. de c.v.
Noticed: 1 times
Protocols Attacked: ssh
Passive DNS Results: 189.222.193.89.dsl.dyn.telnor.net

Malware Detected on Host

Count: 1 071ffb3d8d639c6bd998360203e489597119afb2c268ccf0219b962bc6f1a0c4

Disclaimer

This page contains threat intelligence information for the IPv4 address 189.222.193.89 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.