IOC Radar
IPMediumSignal 65/100

202.163.119.84

Location
PakistanPakistan
Lahore, Sindh
ASN
AS9541
Cyber (Pvt) Ltd.
First Seen
Sep 25, 2025
Last Seen
May 30, 2026
Sep 25
First Seen
261d ago
May 30
Last Seen
14d ago
24
Reports
source reports
65%
Confidence
medium
Found in 24 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
65%
Signal Score
65 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

46 techniques

Network Information

CountryPKPakistan
RegionLahore, Sindh
ASNAS9541
OrganizationCyber (Pvt) Ltd.

IP Category

VPN
VPN exit node

Feed Intelligence Summary

24 reports65% confidence
24
Source reports
65%
Confidence score
Category tags
abuseaccess controlaccount compromiseactive scanactive scanningapacheapache attackeraptasiaattackattacker-ipaustraliaauthenticationauthentication attacksautomated attackautomated attacksbad reputationbad web botblocklist_allbotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute force authenticationbrute-forcebrute_forcebruteforcec2civil servicescloud infrastructurecloud infrastructure attackcloud servicescode executioncode injectioncommand & controlcommand and controlcommand executioncompromised credentialscompromised systemcowrie honeypotcredential accesscredential stuffingdata exfiltrationdata store exposuredatabase securityddosddos attackdecoy systemdenial of servicedetected botnet activitydigital oceandistributed attackseuropeexploitexploitation activityexploitation attemptexploited hostfinlandfranceftp brute forceftp brute-forcegermanygovernment technologyhackinghoneynet connecthoneytrap honeypothttp brute forceidentity & access exploitationindicatorinformation technologyinitial_accessinjection activityinjection attacksit infrastructurekill-chain exploitationkill-chain reconnaissancelamplateral movementlogin attemptlow-riskmalicious activitymalicious ip addressesmalicious sftp activitymalicious softwaremalicious ssh activitymalwarenetworknetwork enumerationnetwork intrusionnetwork probingnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisnetwork_intrusionnorth americaoceaniaopen port detectionosintpassword attackpassword attacksping of deathpkpolandprocess injectionprotocol exploitationpublic administrationpublic infrastructurepublic policyransomwarereconnaissanceregulatory agenciesremote accessremote servicesresearchedresource hijackingscannerscannersscanning activityscripting attackssecurity operationssecurity policyservice enumerationservice scansftp attacksmb brute forcesmtp brute forcesocradar honeypotsoftware developmentspamsshssh attackssh monitoringt1021t1021.001t1021.002t1021.003t1021.004t1021.005t1021.006t1040t1041t1046t1055t1059t1059.001t1059.003t1059.004t1059.005t1059.007t1068t1071t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1497t1499.001t1499.002t1499.003t1563t1565t1566t1589t1590t1592t1595t1595.001t1595.002t1595.003tcp scantelnet threatthreat actorthreat detectionthreat intelligencethreat intelligence feedthreat preventionthreat_activitytor nodetpotudp scanunauthorized access attemptunauthorized access attemptsunited kingdomunited statesvoidtrapvpnvpn ipvulnerability scanvulnerability-exploitationweb app attackweb application attackweb attackweb exploitationweb spam

Activity Timeline

1 total obs
May 30May 30

Threat Activity Heatmap

· Peak: 2026-05-30
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
65
SIGNAL
Signal Score
65%
Confidence
24
Reports
First seenSep 25, 2025
Last seenMay 30, 2026
GeolocationPK
CountryPakistan
LocationLahore, Sindh
ASNAS9541
OrgCyber (Pvt) Ltd.
Coords24.8544, 67.0258
VPN

VirusTotal

Not checked

WHOIS

description
Host bruteforcing SSH
raw
inetnum: 202.163.96.0 - 202.163.127.255 netname: CYBERNET descr: Cyber Internet Services (Pvt) Ltd. descr: A-904, 9TH Floor, Lakson Square descr: Building # 3, Sarwar Shaheed Road. descr: Karachi-74200. Pakistan. country: PK org: ORG-CISP3-AP admin-c: AQ84-AP tech-c: AQ84-AP abuse-c: AC1727-AP status: ALLOCATED PORTABLE mnt-by: APNIC-HM mnt-lower: MAINT-PK-CYBERNET mnt-routes: MAINT-PK-CYBERNET mnt-irt: IRT-CYBERNET-PK last-modified: 2020-06-10T13:04:09Z source: APNIC irt: IRT-CYBERNET-PK address: A904, 9th Floor,Lakson Bldg 3,Sarwar Shaheed Rd,Karachi-74200 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: AQ84-AP tech-c: AQ84-AP auth: # Filtered remarks: [email protected] was validated on 2025-04-24 mnt-by: MAINT-PK-AQ last-modified: 2025-09-04T01:01:10Z source: APNIC organisation: ORG-CISP3-AP org-name: Cyber Internet Services (Private) Limited org-type: LIR country: PK address: A - 904 9th Floor Lakson Square Building No. 3 address: No. 3, Sarwar Shaheed Road Karachi-74200 Pakistan phone: +92-21-38400654 fax-no: +92-213-5680842 e-mail: [email protected] mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2023-09-05T02:14:44Z source: APNIC role: ABUSE CYBERNETPK country: ZZ address: A904, 9th Floor,Lakson Bldg 3,Sarwar Shaheed Rd,Karachi-74200 phone: +000000000 e-mail: [email protected] admin-c: AQ84-AP tech-c: AQ84-AP nic-hdl: AC1727-AP remarks: Generated from irt object IRT-CYBERNET-PK remarks: [email protected] was validated on 2025-04-24 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-04-24T11:46:47Z source: APNIC person: Amjad Qasmi address: A904, 9th Floor,Lakson Bldg 3,Sarwar Shaheed Rd,Karachi-74200 country: PK phone: +92-021-38400654 e-mail: [email protected] nic-hdl: AQ84-AP abuse-mailbox: [email protected] mnt-by: MAINT-PK-AQ last-modified: 2021-08-31T07:15:27Z source: APNIC route: 202.163.119.0/24 origin: AS24440 descr: Cyber Internet Services Pakistan A - 904 9th Floor Lakson Square Building No. 3 No. 3, Sarwar Shaheed Road Karachi-74200 Pakistan mnt-by: MAINT-PK-CYBERNET last-modified: 2016-10-18T11:40:27Z source: APNIC route: 202.163.119.0/24 origin: AS9541 descr: Cyber Internet Services Pakistan A - 904 9th Floor Lakson Square Building No. 3 No. 3, Sarwar Shaheed Road Karachi-74200 Pakistan mnt-by: MAINT-PK-CYBERNET last-modified: 2018-05-03T07:17:27Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 8 months ago · Last seen 14 days ago
Appeared in 24 threat reports