← Back to feed
Subnet 64.89.163.0/24
SUBNET Active highWhy this campaign was detected
30 IPs from the same /24 subnet (64.89.163.0/24) were observed attacking our sensors within the same time window. All belong to Netiface America, Inc. (AS401626). Concentrated activity from adjacent IPs is a strong indicator of a single operator or coordinated botnet.
Primary ASN
AS401626 · Netiface America, Inc.
Subnet
64.89.163.0/24
Country
🇬🇧 GB
Cloud Provider
—
Member Count
30 IPs
Below average
Total Events
3910
Below average by volume
Started / Ended
2026-03-30 03:43 — ongoing
Attack Types
MITRE ATT&CK Techniques
Member Actors
| IP Address | Behavior | Confidence | Flags | Events | Agents | Attack Types | Hostname | Last Seen | |
|---|---|---|---|---|---|---|---|---|---|
| 64.89.163.178 | mysql_bruter | 59% | DROP1x OSINT | 56 | 3 | mysql:bruteforce | — | 2026-07-17 17:17 | evidence → |
| 64.89.163.139 | mysql_bruter | 59% | DROP1x OSINT | 43 | 3 | mysql:bruteforce | — | 2026-07-17 18:21 | evidence → |
| 64.89.163.164 | mysql_bruter | 58% | DROP | 576 | 3 | mysql:bruteforce | — | 2026-07-17 22:11 | evidence → |
| 64.89.163.152 | mysql_bruter | 58% | DROP | 358 | 3 | mysql:bruteforce | — | 2026-07-17 22:24 | evidence → |
| 64.89.163.90 | mysql_bruter | 58% | DROP1x OSINT | 55 | 3 | mysql:bruteforce | — | 2026-07-17 01:26 | evidence → |
| 64.89.163.179 | mysql_bruter | 57% | DROP1x OSINT | 30 | 3 | mysql:bruteforce | — | 2026-07-17 04:26 | evidence → |
| 64.89.163.93 | mysql_bruter | 55% | DROP1x OSINT | 35 | 3 | mysql:bruteforce | — | 2026-07-15 23:34 | evidence → |
| 64.89.163.89 | mysql_bruter | 55% | DROP1x OSINT | 43 | 3 | mysql:bruteforce | — | 2026-07-15 15:17 | evidence → |
| 64.89.163.94 | mysql_bruter | 54% | DROP | 41 | 3 | mysql:bruteforce | — | 2026-07-17 18:45 | evidence → |
| 64.89.163.79 | mysql_bruter | 54% | DROP | 71 | 3 | mysql:bruteforce | — | 2026-07-17 06:33 | evidence → |
| 64.89.163.91 | mysql_bruter | 53% | DROP | 58 | 3 | mysql:bruteforce | — | 2026-07-17 06:32 | evidence → |
| 64.89.163.144 | mysql_bruter | 53% | DROP | 382 | 3 | mysql:bruteforce | — | 2026-07-15 10:41 | evidence → |
| 64.89.163.167 | mysql_bruter | 53% | DROP1x OSINT | 54 | 3 | mysql:bruteforce | — | 2026-07-14 16:03 | evidence → |
| 64.89.163.163 | mysql_bruter | 53% | DROP | 488 | 3 | mysql:bruteforce | — | 2026-07-15 03:55 | evidence → |
| 64.89.163.170 | mysql_bruter | 52% | DROP | 34 | 3 | mysql:bruteforce | — | 2026-07-17 01:12 | evidence → |
| 64.89.163.169 | mysql_bruter | 52% | DROP | 448 | 3 | mysql:bruteforce | — | 2026-07-14 14:54 | evidence → |
| 64.89.163.145 | mysql_bruter | 51% | DROP1x OSINT | 29 | 3 | mysql:bruteforce | — | 2026-07-14 07:25 | evidence → |
| 64.89.163.168 | mysql_bruter | 51% | DROP | 484 | 3 | mysql:bruteforce | — | 2026-07-13 19:39 | evidence → |
| 64.89.163.138 | mysql_bruter | 50% | DROP1x OSINT | 39 | 3 | mysql:bruteforce | — | 2026-07-13 10:37 | evidence → |
| 64.89.163.176 | mysql_bruter | 50% | DROP | 47 | 3 | mysql:bruteforce | — | 2026-07-15 14:16 | evidence → |
| 64.89.163.146 | mysql_bruter | 50% | DROP1x OSINT | 37 | 3 | mysql:bruteforce | — | 2026-07-13 05:07 | evidence → |
| 64.89.163.142 | mysql_bruter | 49% | DROP1x OSINT | 26 | 3 | mysql:bruteforce | — | 2026-07-13 07:43 | evidence → |
| 64.89.163.78 | mysql_bruter | 49% | DROP | 86 | 3 | mysql:bruteforce | — | 2026-07-14 16:57 | evidence → |
| 64.89.163.92 | mysql_bruter | 49% | DROP1x OSINT | 16 | 3 | mysql:bruteforce | — | 2026-07-13 11:37 | evidence → |
| 64.89.163.166 | mysql_bruter | 48% | DROP | 55 | 3 | mysql:bruteforce | — | 2026-07-14 15:13 | evidence → |
| 64.89.163.158 | mysql_bruter | 48% | DROP | 91 | 3 | mysql:bruteforce | — | 2026-07-14 03:20 | evidence → |
| 64.89.163.141 | mysql_bruter | 45% | DROP | 37 | 3 | mysql:bruteforce | — | 2026-07-13 08:53 | evidence → |
| 64.89.163.165 | mysql_bruter | 44% | DROP | 122 | 3 | mysql:bruteforce | — | 2026-07-11 11:19 | evidence → |
| 64.89.163.80 | mysql_bruter | 43% | DROP | 39 | 3 | mysql:bruteforce | — | 2026-07-11 20:59 | evidence → |
| 64.89.163.97 | mysql_bruter | 42% | DROP | 30 | 3 | mysql:bruteforce | — | 2026-07-11 15:31 | evidence → |
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds