IntrusionLabs / threat intelligence

Sign in

← Back to feed

64.89.163.97

TAGGED SUSPICIOUS how we decide →

Threat Confidence

36%

Location

🇬🇧 GB

ASN

AS401626 · Netiface America, Inc.

Cloud Provider

—

Total Events

4

Below average by volume

Agent Count

2

First / Last Seen

2026-04-07 03:03 — 2026-04-26 01:46

Attack Types

mysql:bruteforce

MITRE ATT&CK Techniques

Reconnaissance

T1595.002

Credential Access

T1110 T1110.001

External Corroboration

Not flagged by any external feeds

Campaigns

Multi-Agent Scan SCAN Active medium

56 IPs 337937 events

2026-04-07 — ongoing · 56 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …

Multi-Agent Scan SCAN Active medium

58 IPs 336270 events

2026-04-03 — ongoing · 58 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …

Subnet 64.89.163.0/24 SUBNET Active high 🇬🇧 GB

19 IPs 188 events

mysql:bruteforce

2026-03-30 — ongoing · 19 IPs from the same /24 subnet (64.89.163.0/24) were observed attacking our sensors within the same time window. …

Multi-Agent Scan SCAN Active medium

20 IPs 3548 events

2026-03-22 — ongoing · 20 IPs independently targeted the same honeypot sensors within a 24-hour window. Hosted on GCP. Scanning the same …

Multi-Agent Scan SCAN Active medium

35 IPs 6319 events

2026-03-05 — ongoing · 35 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …

Multi-Agent Scan SCAN Active medium

38 IPs 240442 events

2026-02-28 — ongoing · 38 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …

Session Forensics

mysql_probe ×5

Sessions

5

Avg Depth Score

0.2

Commands Executed

0

Files Downloaded

0

Evidence Timeline

MySQL Probe 2283812c899a46c7 newark_01 · 2026-04-26 01:46

1 20%

Loading events...

MySQL Probe f4ed695b27503a64 w4m_singapore_01 · 2026-04-24 03:21

1 20%

Loading events...

MySQL Probe 9e97e54c8a133442 w4m_singapore_01 · 2026-04-21 17:35

1 20%

Loading events...

MySQL Probe d09d1ce1e090944d w4m_singapore_01 · 2026-04-19 08:34

1 20%

Loading events...

MySQL Probe 2196838a2564d2a9 w4m_singapore_01 · 2026-04-07 03:03

1 20%

Loading events...

Non-Session Events

Timestamp	Port	Proto	Event	Source	Location
2026-04-26 01:46:54	:3306	mysql	MySQL connection	opencanary	ewr
2026-04-24 03:21:36	:3306	mysql	MySQL connection	opencanary	sin
2026-04-21 17:35:11	:3306	mysql	MySQL connection	opencanary	sin
2026-04-19 08:34:29	:3306	mysql	MySQL connection	opencanary	sin
2026-04-07 03:03:09	:3306	mysql	MySQL connection	opencanary	sin