102.129.60.102
IP Intelligence Briefing: 102.129.60.102
Date: 2026-06-10
---
**1. Risk Profile**
- Reputation: Moderate Risk (Risk Score: 55/100)
- Threat Indicators: No active malware campaigns, spam, or known attacker associations.
- Ownership: Registered to Jacobus De Beer (ASN: 327991, RIR: AFRINIC).
- Geolocation: South Africa (Gauteng, Vanderbijlpark), Latitude: -26.7, Longitude: 27.82.
---
**2. Network & DNS**
- Subnet: 102.129.60.0/24 (abuse density: 5.1%).
- DNS Associations:
- `ms-60-102.megasurf.co.za` (confirmed PTR record).
- SPF and DMARC records present, but no email authentication validation.
- Network Role: Firewalled / No Services (no open ports, no TLS/HTTP services).
---
**3. Threat Observations**
- Historical Signals:
- 3/8 DNSBL listings (moderate risk).
- 14 total observations (last 30 days) with mixed confidence (0.13β0.85).
- No persistent malicious activity or campaign correlations.
- Neighbor Risk: 3 high-risk neighbors, 31 medium-risk, 13 low-risk in subnet.
---
**4. Relationships**
- Linked Entities:
- Same subnet (`102.129.60.0/24`).
- DNS hostname `ms-60-102.megasurf.co.za`.
- No direct connections to known C2 servers, CDN nodes, or Tor relays.
---
**5. Security Actions**
- Recommended Mitigations:
- Monitor: Increase logging verbosity for traffic from this IP.
- Block: Implement firewall rules to drop traffic from `102.129.60.102/32`.
- Firewall Rules:
- `iptables`: `iptables -A INPUT -s 102.129.60.102 -j DROP`
- Cloudflare/WAF: Block IP with rule `ip.src eq 102.129.60.102`.
---
**6. Analysis & Recommendations**
- Context: The IP has no direct threat indicators but is linked to a subnet with moderate abuse density. DNSBL listings suggest potential spam or abuse risks.
- Next Steps:
- Validate DNS records and check for unregistered subdomains.
- Monitor neighboring IPs (e.g., `102.129.60.24`, risk score 55).
- Review network traffic for anomalies, given the moderate risk score.
Note: No immediate remediation required, but continuous monitoring is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Jacobus De Beer |
| ASN | AS327991 |
| Network Name | 102.129.60.0 - 102.129.60.255 |
| CIDR Block | 102.129.60.0/24 |
| RIR | AFRINIC |
| Country | ZA |
| Abuse Contact | β |
π DNS Intelligence
| PTR | ms-60-102.megasurf.co.za |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ms-60-102.megasurf.co.za |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 21% | 2 | 2 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 12% | 6 | 6 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-25 18:46:42 UTC |
| Last Seen | 2026-06-10 23:15:25 UTC |
| Profile Built | 2026-06-10 23:32:18 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 23 |
Full dossier details are available via our API.