← Back to Dashboard

189.216.170.220 Threat Intelligence Report

Risk Level: CRITICAL — 196 abuse reports from 2 sources

Threat Intelligence Summary

IP address 189.216.170.220 has been flagged in 196 abuse reports across 2 independent threat intelligence sources, resulting in a threat score of 84.0/100 (critical risk). The primary activity associated with this IP is rdp bruteforce, along with suspicious activity.

This IP is geolocated in Mexico (Miguel Hidalgo) and belongs to the network Cablevision, S.A. de C.V. (AS28548). Reports span from 2025-06-05 to 2025-12-20.

Assessment: With 196 abuse reports, 189.216.170.220 shows persistent malicious activity that has been flagged by multiple threat intelligence feeds. The activity pattern and multi-source corroboration indicate this is a genuine threat that warrants immediate blocking at the firewall level.

Data aggregated from 2 independent threat intelligence sources.

Geolocation

Country Mexico
City Miguel Hidalgo
Region Mexico City
ISP/ASN Cablevision, S.A. de C.V.
Timezone America/Mexico_City

Threat Status

Overall Status Critical
Threat Score 84.0%
Report Count 196
Sources 2
First Seen 2025-06-05
Last Seen 2025-12-20

Check IPs automatically with the WAYSCloud API

Free tier: 1,000 lookups/day. Get threat scores, geolocation, and abuse reports via REST API.

Explore the API →

See how we classify and verify threats →

Related Intelligence

Mexico Threat Intelligence → AS28548 Network Intelligence → See all top malicious IPs → View latest attacks →
Learn about these threats: