IOC Radar
IPMediumSignal 65/100

102.66.159.254

Location
South AfricaSouth Africa
Pretoria, Gauteng
ASN
AS328471
Herotel
First Seen
Jan 12, 2026
Last Seen
Apr 23, 2026
Jan 12
First Seen
151d ago
Apr 23
Last Seen
51d ago
9
Reports
source reports
65%
Confidence
medium
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
65%
Signal Score
65 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

7 techniques

Network Information

CountryZASouth Africa
RegionPretoria, Gauteng
ASNAS328471
OrganizationHerotel

Feed Intelligence Summary

9 reports65% confidence
9
Source reports
65%
Confidence score
Category tags
active scanactive scanningafricaaptbrute forcebrute force attackcredential accesscredential stuffingexploitation activityhackingidentity & access exploitationimapimap attackindicatornetworkpassword attacksreconnaissanceresearchedscannersmtpsmtp attackersouth africassh attackt1110.001t1110.002t1110.003t1110.004t1595.001t1595.002t1595.003threat actortor node

Activity Timeline

1 total obs
Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
65
SIGNAL
Signal Score
65%
Confidence
9
Reports
First seenJan 12, 2026
Last seenApr 23, 2026
GeolocationZA
CountrySouth Africa
LocationPretoria, Gauteng
ASNAS328471
OrgHerotel
Coords-25.7449, 28.1878

VirusTotal

Not checked

WHOIS

description
The following is the full list of names given to Vye32GsS2g38eKhmaKrLdDjgrnf2YBT4/FGx8SNCa4txePA
raw
inetnum: 102.66.0.0 - 102.66.255.255 netname: Hero-Telecoms descr: HERO TELECOMS (PTY) LTD country: ZA org: ORG-HP1-AFRINIC admin-c: JM97-AFRINIC tech-c: JM97-AFRINIC tech-c: DH11-Afrinic status: ALLOCATED PA mnt-by: AFRINIC-HM-MNT mnt-lower: HP1-MNT mnt-domains: HP1-MNT source: AFRINIC # Filtered parent: 102.0.0.0 - 102.255.255.255 organisation: ORG-HP1-AFRINIC org-name: HERO TELECOMS (PTY) LTD org-type: LIR country: ZA address: 98 Dorp Street address: Stellenbosch address: Capetown (7600) phone: tel:+27-82-464-0965 phone: tel:+27-83-626-3546 phone: tel:+27-21-300-0142 phone: tel:+27-21-300-0499 admin-c: JM97-AFRINIC tech-c: DH11-Afrinic tech-c: JM97-AFRINIC mnt-ref: AFRINIC-HM-MNT mnt-ref: HP1-MNT mnt-by: AFRINIC-HM-MNT source: AFRINIC # Filtered person: Derrick Harrison nic-hdl: DH11-AFRINIC address: 98 Dorp St address: Stellenbosch address: 7600 address: Cape Town 7600 address: South Africa phone: tel:+27-21-300-0142 phone: tel:+27-21-300-0499 mnt-by: Fusion-MNT mnt-by: HP1-MNT source: AFRINIC # Filtered person: Justin Marais nic-hdl: JM97-AFRINIC address: HeroTel address: 98 Dorp St address: Stellenbosch Central address: Stellenbosch 7600 address: South Africa phone: tel:+27-21-300-0142 mnt-by: GENERATED-ZIH1N4Z5QZLAQD7ULJUJP60JHS438KHQ-MNT source: AFRINIC # Filtered route: 102.66.159.0/24 descr: Herotel origin: AS328471 mnt-by: HP1-MNT source: AFRINIC # Filtered

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 months ago · Last seen 1 month ago
Appeared in 9 threat reports