IPMediumSignal 72/100
59.103.119.153
Location
PakistanShekhupura, SD
ASN
AS9541
Cyber Pvt Ltd
First Seen
Apr 15, 2026
Last Seen
May 29, 2026
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
72%
Signal Score
72 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryPakistan
PakistanRegionShekhupura, SD
ASNAS9541
OrganizationCyber Pvt Ltd
Feed Intelligence Summary
7 reports72% confidence
7
Source reports
72%
Confidence score
Category tags
abuseactive scanactive scanningasiabad reputationbad web botbotnet activitybrute forcebrute force attackbrute force attackerbrute-forcebruteforcecredential accesscredential stuffingexploitation activityexploited hosthackingidentity & access exploitationindicatoriot securityiot targetednetworkpassword attackspkportscanreconnaissanceresearchedscannerscannersservice scanssht1110.001t1110.002t1110.003t1110.004t1595.001t1595.002t1595.003telnetvultrweb app attack
Activity Timeline
May 29May 29
Threat Activity Heatmap
· Peak: 2026-05-29LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
72
SIGNAL
Signal Score
72%
Confidence
7
Reports
First seenApr 15, 2026
Last seenMay 29, 2026
GeolocationPK
CountryPakistan
LocationShekhupura, SD
ASNAS9541
OrgCyber Pvt Ltd
Coords24.9207, 67.0657
VirusTotal
Not checked
WHOIS
- description
- IPv4 hosts detected attempting to brute force TELNET on Vultr Tokyo (Japan) honeypot
- raw
- inetnum: 59.103.96.0 - 59.103.127.0 netname: CYBERNET-PK descr: Cyber Internet Services Pvt Ltd country: PK admin-c: MA527-AP tech-c: MA527-AP abuse-c: AC1727-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-PK-PTCLBB mnt-lower: MAINT-PK-CYBERNET mnt-routes: MAINT-PK-CYBERNET mnt-irt: IRT-CYBERNET-PK last-modified: 2021-01-27T13:12:51Z source: APNIC irt: IRT-CYBERNET-PK address: A904, 9th Floor,Lakson Bldg 3,Sarwar Shaheed Rd,Karachi-74200 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: AQ84-AP tech-c: AQ84-AP auth: # Filtered remarks: [email protected] was validated on 2026-01-14 mnt-by: MAINT-PK-AQ last-modified: 2026-01-14T06:53:33Z source: APNIC role: ABUSE CYBERNETPK country: ZZ address: A904, 9th Floor,Lakson Bldg 3,Sarwar Shaheed Rd,Karachi-74200 phone: +000000000 e-mail: [email protected] admin-c: AQ84-AP tech-c: AQ84-AP nic-hdl: AC1727-AP remarks: Generated from irt object IRT-CYBERNET-PK remarks: [email protected] was validated on 2026-01-14 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2026-01-14T06:54:03Z source: APNIC person: Munir Ahmed address: SM TAC H-9/1, Islamabad address: Islamabad, Pakistan country: PK phone: +92-51-4865412 e-mail: [email protected] e-mail: [email protected] nic-hdl: MA527-AP mnt-by: MAINT-PTCLBB-PK last-modified: 2020-08-26T13:56:32Z source: APNIC route: 59.103.119.0/24 origin: AS17557 descr: Pakistan Telecommuication company limited CDDT Building, H-9/1, Training Block Pakistan Telecommunication Company Limited GM, Multimedia & Broadband mnt-by: MAINT-PK-PTCLBB last-modified: 2020-04-27T05:24:09Z source: APNIC route: 59.103.119.0/24 origin: AS45595 descr: Pakistan Telecommuication company limited CDDT Building, H-9/1, Training Block Pakistan Telecommunication Company Limited GM, Multimedia & Broadband mnt-by: MAINT-PK-PTCLBB last-modified: 2020-04-22T04:03:44Z source: APNIC route: 59.103.119.0/24 descr: Cyber Internet Services Pakistan country: PK origin: AS9541 mnt-by: MAINT-PK-PTCLBB last-modified: 2021-08-25T11:24:42Z source: APNIC
- references
- https://jamesbrine.com.au/vultrtokyo-portscan-bruteforce-ip-list-2026-04-16/, https://jamesbrine.com.au, https://jamesbrine.com.au/vultrtokyo-telnet-bruteforce-ip-list-2026-04-16/
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 months ago · Last seen 16 days ago
Appeared in 7 threat reports