## INTELLIGENCE BRIEFING: 175.107.217.213/32
Classification: Moderate Risk | Risk Score: 50/100
Report Date: Current | Classification: Active Threat Assessment
---
EXECUTIVE SUMMARY
IP address 175.107.217.213 is registered to the CYBERNET network infrastructure (ASN 9541, organization: Amjad Qasmi) located in Karachi, Pakistan. The address exhibits moderate risk characteristics with evidence of DNSBL listings and network-level threat associations. Current service analysis indicates the address is firewalled with no active services exposed.
---
OWNERSHIP & NETWORK ATTRIBUTES
- ASN: 9541 (CYBERNET)
- Organization: Amjad Qasmi
- CIDR Block: 175.107.216.0/22
- Geolocation: Karachi, Sindh, Pakistan (PK)
- Registration: APNIC RIR
- BGP Prefix: 175.107.217.0/24
---
THREAT INDICATORS
- Blacklist Status: Listed on DNSBL (1 of 8 total lists)
- Abuse Confidence: Moderate risk profile
- Tor Exit Node: No
- Known Attacker: No confirmed association
- Spam Source: No confirmed spam activity
- Campaign Likelihood: None detected
---
NETWORK BEHAVIOR & SERVICES
- Service Status: Firewalled / No Services
- Open Ports: None detected
- DNS Resolution: No forward resolution or PTR records
- Email Infrastructure: No SPF/DMARC records configured
- Control Plane: Route stability: False; DNSSEC: Valid
---
NEIGHBORHOOD ANALYSIS
- Subnet: 175.107.217.0/24
- Abuse Density: 1 (elevated)
- Classification: Mostly clean with inherited risk
- Threat Siblings: 1 identified within /24
- Active Siblings: 1 currently active
---
OBSERVATION HISTORY
Total Observations: 19 signals tracked
Recent Activity:
- 2026-06-22: Listed on 8 blacklist sources (2 active listings, max severity: HIGH)
- 2026-06-17: Operator score recorded at 0.1304 (minimal)
- 2026-06-02: Subnet-level analysis indicated abuse density of 1
Threat Persistence: Low (single threat observation recorded)
---
RELATIONSHIP GRAPH
- Network Associations: 19 relationships mapped to CYBERNET network infrastructure
- Entity Types: Network infrastructure links only
- Organizational Links: No certificate or domain associations detected
---
RECOMMENDED ACTIONS
1. Monitoring: Maintain elevated monitoring for this IP due to recent blacklist activity (2026-06-22)
2. Blocking Consideration: Evaluate blocking at perimeter if traffic patterns indicate malicious intent
3. Traffic Analysis: Monitor for outbound connections from internal systems to this address
4. Triage: No immediate action required if traffic is verified legitimate; flag for review if unexpected
---
ANALYST NOTES
The IP demonstrates moderate risk primarily driven by DNSBL listings and elevated neighborhood abuse density. No direct evidence of active attack or malware distribution. Network appears to be a residential or hosting provider environment (CYBERNET). Correlate with additional threat intelligence sources before implementing blocking rules.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Amjad Qasmi |
| ASN | AS9541 |
| Network Name | CYBERNET |
| CIDR Block | 175.107.216.0/22 |
| RIR | APNIC |
| Country | PK |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 33% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 24% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 22% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:03:55 UTC |
| Last Seen | 2026-06-24 01:22:31 UTC |
| Profile Built | 2026-06-22 21:43:06 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 20 |
Full dossier details are available via our API.