← Back to feed

AS8151 UNINET

ASN Active medium
Why this campaign was detected
7 IPs from the same network (UNINET, AS8151) were active during overlapping time periods. Temporal correlation across a shared autonomous system suggests infrastructure controlled by the same entity.
Primary ASN
AS8151 · UNINET
Subnet
Country
🇲🇽 MX
Cloud Provider
Member Count
7 IPs
Below average
Total Events
3942
Below average by volume
Started / Ended
2026-02-18 08:37 — ongoing
Attack Types
ssh:bruteforce
MITRE ATT&CK Techniques
Reconnaissance
Initial Access
Credential Access
Discovery
Command and Control
Member Actors
IP Address Behavior Confidence Flags Events Agents Attack Types Hostname Last Seen
187.174.238.116 credential_harvester 77% 1x OSINT 1098 3 ssh:bruteforce customer-187-174-238-116.uninet-ide.com.mx 2026-07-14 05:09 evidence →
189.190.244.176 credential_harvester 74% 1307 3 ssh:bruteforce 2026-07-14 20:27 evidence →
187.154.144.166 credential_harvester 59% 1x OSINT 1202 2 ssh:bruteforce 2026-07-12 08:14 evidence →
201.102.196.44 opportunistic_bruter 44% 110 2 ssh:bruteforce 2026-07-15 16:06 evidence →
187.134.71.148 opportunistic_bruter 43% 80 2 ssh:bruteforce 2026-07-15 13:12 evidence →
187.217.36.136 opportunistic_bruter 43% 135 2 ssh:bruteforce 2026-07-14 21:50 evidence →
187.202.188.95 opportunistic_bruter 27% 10 1 ssh:bruteforce 2026-07-13 15:42 evidence →
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds