← Back to feed

Subnet 64.89.163.0/24

SUBNET Active high
Why this campaign was detected
30 IPs from the same /24 subnet (64.89.163.0/24) were observed attacking our sensors within the same time window. All belong to Netiface America, Inc. (AS401626). Concentrated activity from adjacent IPs is a strong indicator of a single operator or coordinated botnet.
Primary ASN
AS401626 · Netiface America, Inc.
Subnet
64.89.163.0/24
Country
🇬🇧 GB
Cloud Provider
Member Count
30 IPs
Below average
Total Events
3910
Below average by volume
Started / Ended
2026-03-30 03:43 — ongoing
Attack Types
mysql:bruteforce
MITRE ATT&CK Techniques
Reconnaissance
Credential Access
Member Actors
IP Address Behavior Confidence Flags Events Agents Attack Types Hostname Last Seen
64.89.163.178 mysql_bruter 59% DROP1x OSINT 56 3 mysql:bruteforce 2026-07-17 17:17 evidence →
64.89.163.139 mysql_bruter 59% DROP1x OSINT 43 3 mysql:bruteforce 2026-07-17 18:21 evidence →
64.89.163.164 mysql_bruter 58% DROP 576 3 mysql:bruteforce 2026-07-17 22:11 evidence →
64.89.163.152 mysql_bruter 58% DROP 358 3 mysql:bruteforce 2026-07-17 22:24 evidence →
64.89.163.90 mysql_bruter 58% DROP1x OSINT 55 3 mysql:bruteforce 2026-07-17 01:26 evidence →
64.89.163.179 mysql_bruter 57% DROP1x OSINT 30 3 mysql:bruteforce 2026-07-17 04:26 evidence →
64.89.163.93 mysql_bruter 55% DROP1x OSINT 35 3 mysql:bruteforce 2026-07-15 23:34 evidence →
64.89.163.89 mysql_bruter 55% DROP1x OSINT 43 3 mysql:bruteforce 2026-07-15 15:17 evidence →
64.89.163.94 mysql_bruter 54% DROP 41 3 mysql:bruteforce 2026-07-17 18:45 evidence →
64.89.163.79 mysql_bruter 54% DROP 71 3 mysql:bruteforce 2026-07-17 06:33 evidence →
64.89.163.91 mysql_bruter 53% DROP 58 3 mysql:bruteforce 2026-07-17 06:32 evidence →
64.89.163.144 mysql_bruter 53% DROP 382 3 mysql:bruteforce 2026-07-15 10:41 evidence →
64.89.163.167 mysql_bruter 53% DROP1x OSINT 54 3 mysql:bruteforce 2026-07-14 16:03 evidence →
64.89.163.163 mysql_bruter 53% DROP 488 3 mysql:bruteforce 2026-07-15 03:55 evidence →
64.89.163.170 mysql_bruter 52% DROP 34 3 mysql:bruteforce 2026-07-17 01:12 evidence →
64.89.163.169 mysql_bruter 52% DROP 448 3 mysql:bruteforce 2026-07-14 14:54 evidence →
64.89.163.145 mysql_bruter 51% DROP1x OSINT 29 3 mysql:bruteforce 2026-07-14 07:25 evidence →
64.89.163.168 mysql_bruter 51% DROP 484 3 mysql:bruteforce 2026-07-13 19:39 evidence →
64.89.163.138 mysql_bruter 50% DROP1x OSINT 39 3 mysql:bruteforce 2026-07-13 10:37 evidence →
64.89.163.176 mysql_bruter 50% DROP 47 3 mysql:bruteforce 2026-07-15 14:16 evidence →
64.89.163.146 mysql_bruter 50% DROP1x OSINT 37 3 mysql:bruteforce 2026-07-13 05:07 evidence →
64.89.163.142 mysql_bruter 49% DROP1x OSINT 26 3 mysql:bruteforce 2026-07-13 07:43 evidence →
64.89.163.78 mysql_bruter 49% DROP 86 3 mysql:bruteforce 2026-07-14 16:57 evidence →
64.89.163.92 mysql_bruter 49% DROP1x OSINT 16 3 mysql:bruteforce 2026-07-13 11:37 evidence →
64.89.163.166 mysql_bruter 48% DROP 55 3 mysql:bruteforce 2026-07-14 15:13 evidence →
64.89.163.158 mysql_bruter 48% DROP 91 3 mysql:bruteforce 2026-07-14 03:20 evidence →
64.89.163.141 mysql_bruter 45% DROP 37 3 mysql:bruteforce 2026-07-13 08:53 evidence →
64.89.163.165 mysql_bruter 44% DROP 122 3 mysql:bruteforce 2026-07-11 11:19 evidence →
64.89.163.80 mysql_bruter 43% DROP 39 3 mysql:bruteforce 2026-07-11 20:59 evidence →
64.89.163.97 mysql_bruter 42% DROP 30 3 mysql:bruteforce 2026-07-11 15:31 evidence →
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds