IOC Radar
IPMediumSignal 80/100

64.89.160.132

Location
LuxembourgLuxembourg
Schieren, MS
ASN
AS205759
Ghosty Networks LLC
First Seen
Apr 12, 2026
Last Seen
May 12, 2026
Apr 12
First Seen
65d ago
May 12
Last Seen
35d ago
15
Reports
source reports
80%
Confidence
medium
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
80%
Signal Score
80 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

9 techniques

Network Information

CountryLULuxembourg
RegionSchieren, MS
ASNAS205759
OrganizationGhosty Networks LLC

Feed Intelligence Summary

15 reports80% confidence
15
Source reports
80%
Confidence score
Category tags
abuseactive scanactive scanningafricaapacheapache attackeraptasiaaustraliaauto-blockedbad reputationbad web botbelgiumblocklistbotnet activitybrazilbrute forcebrute force attackerbrute-forcebruteforcebulgariacanadachinacowrieddosddos attackdenial of servicedenmarkdigital oceandionaeaencryptioneuropeeurope/asiaexploitation activityexploited hostfattfrancegermanyhackinghong kongicelandindiainjection activityirelandisraelitalyjapankorea, republic ofliechtensteinlithuanialuluxembourgmexicomixed-ip-domainmorocconetherlandsnetworknorth americanorwayoceaniap0fphishingpolandportscanproxyransomwarereconnaissanceresearchedromaniarussiarussian federationscannerscannerssensor-taggedservice scansingaporesocradar honeypotsouth americaspainspamsql injectionsshssl-enrichmentswedent1071.001t1105t1190t1203t1499.001t1573.002t1595.001t1595.002t1595.003tannertargeting databasethreat actorthreat-inteltpotunited arab emiratesunited kingdomunited statesuzbekistanvenezuela, bolivarian republic ofvultrwebweb app attackweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
May 12May 12

Threat Activity Heatmap

· Peak: 2026-05-12
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
80
SIGNAL
Signal Score
80%
Confidence
15
Reports
First seenApr 12, 2026
Last seenMay 12, 2026
GeolocationLU
CountryLuxembourg
LocationSchieren, MS
ASNAS205759
OrgGhosty Networks LLC
Coords34.7509, -88.9240

VirusTotal

Not checked

WHOIS

description
AbuseIPDB 100% | LU | Ghosty Networks LLC
raw
Netiface America, Inc. NETIFACE-NA1 (NET-64-89-160-0-1) 64.89.160.0 - 64.89.163.255 Ghosty Networks LLC GHOSTY-NETWORKS-LU (NET-64-89-160-0-2) 64.89.160.0 - 64.89.161.255
references
https://analytics.dugganusa.com/api/v1/stix-feed/v2, https://www.abuseipdb.com

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 1 month ago
Appeared in 15 threat reports