IOC Radar
IPMediumSignal 36/100

45.249.8.86

Location
PakistanPakistan
Karachi, Islamabad
ASN
AS135407
Trans World Enterprise Services (Private) Limited
First Seen
Jan 29, 2025
Last Seen
Apr 7, 2026
Jan 29
First Seen
497d ago
Apr 7
Last Seen
64d ago
10
Reports
source reports
36%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
36%
Signal Score
36 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

44 techniques

Network Information

CountryPKPakistan
RegionKarachi, Islamabad
ASNAS135407
OrganizationTrans World Enterprise Services (Private) Limited

Feed Intelligence Summary

10 reports36% confidence
10
Source reports
36%
Confidence score
Category tags
abuseaccessactive scanactive scanningasiaattackbad reputationbotnetbotnet activitybrute forcebrute force attackbrute force attemptscentoscisco devicecommand and controlcompromised credentialsconnectcowriecowrie honeypotcowrie honeypot datacredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredecoy systemdevice managementdistributed attacksdrive-by compromiseemailenergyenterprise networkingexploitexploitation activityexploitation attemptsfailedfileftpgithubgroupshackinghoneytrap honeypotidentity & access exploitationindicatorinformation technologyinitial accessinjection activitylamplamp attacklateral movementlogin attemptmailoney attackmailoney honeypotmalicious activitymalicious payloadmalicious softwaremalwaremysqlnetworknetwork infrastructurenetwork intrusion attemptsnetwork probingnetwork scanningnetwork securitynetwork service scanningnginxopensshpassword attacksphishingphishing attackphishing trappkprocess injectionprotocol exploitationpythonransomwarereconnaissanceremote service exploitationremote service interactionremote servicesresearchedresource developmentscannerscanning activityscriptself-signedserverservice scansftpsftp attacksftp exploit attemptslugsmtpsocial engineeringsshssh attackssh monitoringsurface webt1005t1018t1021t1021.004t1040t1041t1046t1047t1053.005t1055t1059t1059.004t1068t1071.001t1078t1078.001t1078.002t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1195.002t1203t1486t1496t1499.001t1499.002t1499.003t1550t1550.002t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003telnet threatthreat actorthreat detectiontor nodetpotceubuntuunauthorized accessunauthorized access attemptuploadvalid accountsvulnerabilityvulnerability scanweb server attackszabbix

Activity Timeline

1 total obs
Apr 7Apr 7

Threat Activity Heatmap

· Peak: 2026-04-07
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
36
SIGNAL
Signal Score
36%
Confidence
10
Reports
First seenJan 29, 2025
Last seenApr 7, 2026
GeolocationPK
CountryPakistan
LocationKarachi, Islamabad
ASNAS135407
OrgTrans World Enterprise Services (Private) Limited
Coords24.8591, 66.9983

VirusTotal

Not checked

WHOIS

description
2025-05-11T17:46:38.050Z Honeypot : Cowrie : Source: 45.249.8.86 Data: Connection lost after 0.5 seconds
raw
inetnum: 45.249.8.0 - 45.249.11.255 netname: TES-PL-PK descr: Trans World Enterprise Services (Private) Limited descr: 14, Street # 26, F-6/2, Islamabad, Pakistan country: PK org: ORG-TWES1-AP admin-c: TWES1-AP tech-c: TWES1-AP abuse-c: AT1036-AP status: ALLOCATED PORTABLE remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-TES-PL-PK mnt-routes: MAINT-TES-PL-PK mnt-irt: IRT-TES-PL-PK last-modified: 2020-06-02T13:05:55Z source: APNIC irt: IRT-TES-PL-PK address: 14, Street e-mail: [email protected] abuse-mailbox: [email protected] admin-c: TWES1-AP tech-c: TWES1-AP auth: # Filtered remarks: [email protected] was validated on 2025-12-12 remarks: [email protected] was validated on 2026-01-28 mnt-by: MAINT-TES-PL-PK last-modified: 2026-01-28T04:55:19Z source: APNIC organisation: ORG-TWES1-AP org-name: Trans World Enterprise Services (Private) Limited org-type: LIR country: PK address: Retalia Building, Plot # 24, G6 Markaz phone: +92-51-2871623 fax-no: +92-51-2871625 e-mail: [email protected] mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2023-09-05T02:16:55Z source: APNIC role: ABUSE TESPLPK country: ZZ address: 14, Street phone: +000000000 e-mail: [email protected] admin-c: TWES1-AP tech-c: TWES1-AP nic-hdl: AT1036-AP remarks: Generated from irt object IRT-TES-PL-PK remarks: [email protected] was validated on 2025-12-12 remarks: [email protected] was validated on 2026-01-28 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2026-01-28T04:55:30Z source: APNIC role: Trans World Enterprise Services Private Limited address: 14, Street # 26, F-6/2, Islamabad, Pakistan, Islamabad 44000 country: PK phone: +92-51-2871623 fax-no: +92-51-2871623 e-mail: [email protected] admin-c: TWES1-AP tech-c: TWES1-AP nic-hdl: TWES1-AP mnt-by: MAINT-TES-PL-PK last-modified: 2018-10-16T12:57:46Z source: APNIC route: 45.249.8.0/24 descr: TES-IP-Pool origin: AS135407 mnt-by: MAINT-TES-PL-PK country: PK last-modified: 2017-06-07T06:15:47Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 10 threat reports