IOC Radar
IPHighVerifiedSignal 62/100

223.123.72.52

Location
PakistanPakistan
Mian Channu, Punjab
ASN
AS59257
CMPak Limited
First Seen
Feb 21, 2026
Last Seen
May 27, 2026
Feb 21
First Seen
113d ago
May 27
Last Seen
18d ago
5
Reports
source reports
62%
Confidence
high
3/91
VirusTotal
detections
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
62%
Signal Score
62 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

3 techniques

Network Information

CountryPKPakistan
RegionMian Channu, Punjab
ASNAS59257
OrganizationCMPak Limited

Feed Intelligence Summary

5 reports62% confidence
5
Source reports
62%
Confidence score
Category tags
active scanactive scanningasiabrute forcebrute-forcebruteforcechinacowriedionaeaexploitation activityexploited hostfatthackingindicatoriot securityiot targetednetworkp0fpkreconnaissanceresearchedscannersensor-taggedssht1595.001t1595.002t1595.003tannertelnettpot

Activity Timeline

1 total obs
May 27May 27

Threat Activity Heatmap

· Peak: 2026-05-27
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
62
SIGNAL
Signal Score
62%
Confidence
5
Reports
First seenFeb 21, 2026
Last seenMay 27, 2026
Verified IOC
GeolocationPK
CountryPakistan
LocationMian Channu, Punjab
ASNAS59257
OrgCMPak Limited
Coords34.7732, 113.7220

VirusTotal

3/ 91vendors flagged
3% detection rateJun 6, 2026

WHOIS

description
Observed authentication attempts via telnet against Cowrie/Heralding honeypots in Australia. Total events observed: 2. Sensors involved: Cowrie. Target ports: 23. Source country: PK. ASN(s): 59257. Organisation(s): CMPak Limited.
raw
inetnum: 223.123.64.0 - 223.123.127.255 netname: CMPak-Mobile-Fixed-Network descr: CMPak Public IPs country: PK admin-c: CLA8-AP tech-c: CLA8-AP abuse-c: AC1719-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-CMPAKLIMITED-PK mnt-irt: IRT-CMPAKLIMITED-PK last-modified: 2025-10-23T09:05:14Z source: APNIC irt: IRT-CMPAKLIMITED-PK address: Plot address: Islamabad, Pakistan e-mail: [email protected] abuse-mailbox: [email protected] admin-c: ST1251-AP tech-c: ST1251-AP auth: # Filtered remarks: [email protected] is invalid mnt-by: MAINT-CMPAKLIMITED-PK last-modified: 2026-02-25T13:10:33Z source: APNIC role: ABUSE CMPAKLIMITEDPK country: ZZ address: Plot address: Islamabad, Pakistan phone: +000000000 e-mail: [email protected] admin-c: ST1251-AP tech-c: ST1251-AP nic-hdl: AC1719-AP remarks: Generated from irt object IRT-CMPAKLIMITED-PK remarks: [email protected] is invalid abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2026-02-25T13:11:11Z source: APNIC role: CMPak Limited administrator address: Plot# 47, National Park Kuri Road, Chak Shehzad address: Islamabad, Pakistan country: PK phone: +9251111222111 fax-no: +92518350356 e-mail: [email protected] admin-c: ST1251-AP tech-c: ST1251-AP nic-hdl: CLA8-AP mnt-by: MAINT-CMPAKLIMITED-PK last-modified: 2019-07-22T07:46:07Z source: APNIC route: 223.123.72.0/24 origin: AS59257 descr: CMPak Limited Block A, Plot No. 47, Park Road, Kurri Road, Chak Shehzad mnt-by: MAINT-CMPAKLIMITED-PK last-modified: 2023-01-13T03:14:33Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 3 months ago · Last seen 18 days ago
Appeared in 5 threat reports