IOC Radar
IPMediumSignal 68/100

103.74.20.42

Location
PakistanPakistan
Karachi, Sindh
ASN
AS139879
Wizards Network (Pvt.) Ltd.
First Seen
Mar 9, 2026
Last Seen
May 30, 2026
Mar 9
First Seen
93d ago
May 30
Last Seen
11d ago
6
Reports
source reports
68%
Confidence
medium
7/91
VirusTotal
detections
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
68%
Signal Score
68 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

7 techniques

Network Information

CountryPKPakistan
RegionKarachi, Sindh
ASNAS139879
OrganizationWizards Network (Pvt.) Ltd.

Feed Intelligence Summary

6 reports68% confidence
6
Source reports
68%
Confidence score
Category tags
active scanactive scanningasiabrute forcebrute force attackbrute force attackerbrute-forcebruteforcecredential accesscredential stuffingexploitation activityexploited hosthackingidentity & access exploitationiot securityiot targetednetworkpassword attackspkportscanproxyreconnaissanceresearchedscannerscannersservice scant1110.001t1110.002t1110.003t1110.004t1595.001t1595.002t1595.003telnetvultr

Activity Timeline

1 total obs
May 30May 30

Threat Activity Heatmap

· Peak: 2026-05-30
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
68
SIGNAL
Signal Score
68%
Confidence
6
Reports
First seenMar 9, 2026
Last seenMay 30, 2026
GeolocationPK
CountryPakistan
LocationKarachi, Sindh
ASNAS139879
OrgWizards Network (Pvt.) Ltd.
Coords24.8608, 67.0104

VirusTotal

7/ 91vendors flagged
8% detection rateJun 5, 2026

WHOIS

description
IPv4 hosts detected attempting to brute force TELNET on Vultr Melbourne (Australia) honeypot
raw
inetnum: 103.74.20.0 - 103.74.21.255 netname: Wizard-Net descr: Wizard's Network (Pvt.) Ltd. country: PK admin-c: WNPL3-AP tech-c: WNPL3-AP abuse-c: AW1039-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-WN-PK mnt-irt: IRT-WN-PK last-modified: 2021-05-18T19:02:04Z source: APNIC irt: IRT-WN-PK address: Suite No. 401, 4th Floor,, Plot No. SB-25, Shaes Centre,, Gulshan-e-Iqbal, Block-13/C,, Main Univers e-mail: [email protected] abuse-mailbox: [email protected] admin-c: WNPL3-AP tech-c: WNPL3-AP auth: # Filtered remarks: [email protected] was validated on 2025-12-15 mnt-by: MAINT-WN-PK last-modified: 2025-12-15T09:27:39Z source: APNIC role: ABUSE WNPK country: ZZ address: Suite No. 401, 4th Floor,, Plot No. SB-25, Shaes Centre,, Gulshan-e-Iqbal, Block-13/C,, Main Univers phone: +000000000 e-mail: [email protected] admin-c: WNPL3-AP tech-c: WNPL3-AP nic-hdl: AW1039-AP remarks: Generated from irt object IRT-WN-PK remarks: [email protected] was validated on 2025-12-15 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-12-15T09:27:48Z source: APNIC role: Wizards Network PVT Limited administrator address: Suite No. 401, 4th Floor,, Plot No. SB-25, Shaes Centre,, Gulshan-e-Iqbal, Block-13/C,, Main Univers country: PK phone: +923323571408 fax-no: +923323571408 e-mail: [email protected] admin-c: WNPL3-AP tech-c: WNPL3-AP nic-hdl: WNPL3-AP mnt-by: MAINT-WN-PK last-modified: 2016-09-03T05:33:29Z source: APNIC route: 103.74.20.0/24 origin: AS139879 descr: Wizard's Network (PVT.) Limited. Near Pizza Blk 2 Gulshan-e-Iqbal mnt-by: MAINT-WN-PK last-modified: 2024-07-10T19:01:31Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 months ago · Last seen 11 days ago
Appeared in 6 threat reports