IP Intelligence Briefing: 102.129.50.167
*Generated using IPDebrief tools*
---
**1. IP Profile**
- Risk Score: Moderate (40/100)
- Ownership:
- ASN: 327991
- Organization: Jacobus De Beer (South Africa)
- Subnet: 102.129.50.0/24
- Geolocation:
- Country: South Africa (ZA)
- Region: Gauteng
- City: Vanderbijlpark
- Threat Indicators:
- No known malicious activity, spam, or attacker associations.
- No DNSBL listings or campaign correlations.
- Network Role:
- Firewalled with no open ports or services detected.
- Likely infrastructure or private network (no public-facing services).
---
**2. Observation History**
- Recent Signals (Last 30 Days):
- DNSSEC Validation: Confirmed valid for `102.129.50.167.in-addr.arpa`.
- BGP Prefix: `102.129.48.0/21` assigned to Megasurf Wireless (South Africa).
- DNSPTR: No reverse DNS records found.
- Abuse Confidence: No reported abuse (score: 0).
- Trend: Stable with no significant changes in risk signals.
---
**3. Network Relationships**
- Linked Entities:
- Same subnet: `102.129.50.0/24` (Jacobus De Beer).
- No connections to other organizations, domains, or certificates.
- Subnet Context:
- Abuse Density: 9.1% (2 high-risk neighbors in 22 total).
- High-Risk Neighbors:
- `102.129.50.208` (risk: 80)
- `102.129.50.210` (risk: 80)
- Low-Risk Neighbors: Most IPs in the subnet have minimal risk.
---
**4. Actionable Insights**
- SOC Recommendations:
- Monitor Subnet: The subnet contains high-risk neighbors; investigate potential lateral movement or shared infrastructure risks.
- Verify DNS: Ensure no spoofing or misconfigured DNS entries in the `102.129.50.0/24` range.
- Check for Anomalies: Monitor traffic patterns between 102.129.50.167 and high-risk neighbors.
- Firewall Rules:
- Consider blocking traffic to/from high-risk neighbors (`102.129.50.208`, `102.129.50.210`) if not required.
---
Conclusion:
The IP `102.129.50.167` itself appears benign, but its subnet contains notable high-risk neighbors. SOC teams should prioritize monitoring the broader network for potential compromises or malicious activity originating from the subnet. No immediate action is required for the IP itself, but contextual awareness of the subnet's risk profile is critical.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Jacobus De Beer |
| ASN | AS327991 |
| Network Name | 102.129.50.0 - 102.129.50.255 |
| CIDR Block | 102.129.50.0/24 |
| RIR | AFRINIC |
| Country | ZA |
| Abuse Contact | β |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Web Server |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 443 | https | tcp | β |
| 8443 | https-alt | tcp | β |
| Closed Ports | 22, 25, 80, 3389, 8080 (2 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 0% | 0 | 0 |
| routing | 0% | 0 | 0 |
| services | 0% | 0 | 0 |
| ownership | 19% | 2 | 2 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 5% | 3 | 3 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-29 05:54:03 UTC |
| Last Seen | 2026-06-11 19:11:56 UTC |
| Profile Built | 2026-06-11 19:29:37 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 17 |
Full dossier details are available via our API.