IPMediumSignal 98/100
105.27.192.246
Location
South AfricaCape Town, Western Cape
ASN
AS37100
Seacom Assignments
First Seen
Dec 22, 2023
Last Seen
Mar 18, 2026
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
98%
Signal Score
98 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountrySouth Africa
South AfricaRegionCape Town, Western Cape
ASNAS37100
OrganizationSeacom Assignments
Feed Intelligence Summary
10 reports98% confidence
10
Source reports
98%
Confidence score
Category tags
abuseactive scanningadbhoney honeypotafricaattackbotnetbrute forcecode executioncommand and controlcommand executioncommunication protocolcowrie attackscowrie honeypotcowrie interactionscredential accesscredential harvestingcredential stuffingdata exfiltrationdata exfiltration attemptsdatabase securitydecoy systemdefense evasiondionaea honeypotdistributed attackselasticpot honeypotelasticsearch monitoringexploitation attemptexploitation attemptsftphttp scannerhttpsindicatorinitial accessinjection attackslateral movementmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware deployment attemptsmalware detectionnetworknetwork intrusion attemptsnetwork probingnetwork scanningnetwork securityphishingphishing attackphishing trapprocess injectionprotocol exploitationreconnaissanceremote accessremote servicesresearchedresource hijackingscannerscanning activitysentrypeer botnetsftp access attemptsftp attackshell access attemptssip brute forcesocial engineeringsoftware exploitationsouth africaspamssh attackssh monitoringt1021t1021.001t1021.002t1021.004t1027t1040t1041t1046t1055t1059t1059.003t1059.004t1059.005t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1133t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1555t1563t1565t1566t1566.001t1566.002t1566.003t1566.004t1583t1595t1595.001t1595.002t1595.003tannertelecommunicationstelnet threatthreat actorthreat intelligencetpotcevoipvoip attackweb spamweb trafficza
Activity Timeline
Mar 18Mar 18
Threat Activity Heatmap
· Peak: 2026-03-18LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
98
SIGNAL
Signal Score
98%
Confidence
10
Reports
First seenDec 22, 2023
Last seenMar 18, 2026
GeolocationZA
CountrySouth Africa
LocationCape Town, Western Cape
ASNAS37100
OrgSeacom Assignments
Coords-33.9140, 18.4129
VirusTotal
Not checked
WHOIS
- description
- 2025-05-10T17:21:31.363Z Honeypot : Heralding : Source: 105.27.192.246 : Username/Password: adMiN/mynoob Port: 1080 Message: 2025-05-10 17:21:31.363647,7049f47b-2461-43f6-ad4e-c0d2fedb55d5,66040cf2-4ce0-47c9-b5e6-a6fea05f20dd,105.27.192.246,54886,99.18.26.21,1080,socks5,adMiN,mynoob,
- raw
- inetnum: 105.27.192.0 - 105.27.193.255 netname: SEACOM-ASSIGNMENTS-CUSTOMERS descr: Assignment made to SEACOM Customer Point-to-Point links in Capetown, South Africa. descr: In case of abuse, please contact [email protected] country: ZA admin-c: SM15-AFRINIC admin-c: MT991-AFRINIC tech-c: SM15-AFRINIC tech-c: MT991-AFRINIC status: ASSIGNED PA mnt-by: SEACOM-MNT source: AFRINIC # Filtered parent: 105.16.0.0 - 105.31.255.255 person: Mark Tinka address: SEACOM address: Building 7 address: Design Quarter District address: Leslie Avenue, Magaliessig address: Johannesburg address: South Africa phone: tel:+27-11-461-6355 nic-hdl: MT991-AFRINIC mnt-by: GENERATED-HLLKII2FRH52MY2ABVODWAI9DRJDT1LJ-MNT source: AFRINIC # Filtered person: Simon Mayoye nic-hdl: SM15-AFRINIC address: Citadel Building address: Nairobi address: Nairobi address: Kenya phone: tel:+254-20-4212000 mnt-by: GENERATED-F072ANKSUXRSPIJORTV2AZAHKGHI21YT-MNT source: AFRINIC # Filtered route: 105.16.0.0/12 descr: SEACOM Limited Networks - 105.16.0.0/12 descr: In case of abuse, please contact [email protected] origin: AS37100 mnt-by: SEACOM-MNT source: AFRINIC # Filtered
- references
- https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 years ago · Last seen 2 months ago
Appeared in 10 threat reports