102.210.43.94
Threat Intelligence Briefing for IP 102.210.43.94
Overview
- Risk Profile: Low risk (score: 25). No malicious indicators, no known campaigns, and no spam/source activity.
- Ownership: Registered to Kenneth Koech (ASN 329387, Kenya). Assigned to ORG-SNL13-AFRINIC (African Network Information Centre).
- Geolocation: Located in Kenya (coordinates 1°N, 38°E). No mobile carrier or residential/mobile flags.
Threat Indicators
- DNSBL Listings: Observed in 8 DNSBLs (low confidence, 0.30). One entry labeled "high severity," but no confirmed malicious activity.
- Network Behavior: Firewalled with no open ports/services. No TLS certificates, HTTP banners, or domain associations.
- BGP/Network: Part of the 102.210.43.0/24 subnet. BGP route stability flagged as unstable.
Observation History
- Recent Activity: DNSSEC validation confirmed (2026-06-12). No scans, scans, or enumeration strikes detected.
- Risk Trends: No persistent threats or ownership changes. Threat observation count remains zero.
Relationships
- Network Affiliation: Linked to ORG-SNL13-AFRINIC (same network). No other entities (domains, organizations, or subnets) connected.
Network Context
- Subnet Analysis: No neighboring IPs in the /24 subnet. Subnet abuse density is zero.
- Provider: Skylink Networks LTD (KENYA) manages the ASN. No CDN, cloud, or infrastructure flags.
Recommendations
1. Monitor DNSBL Listings: Track the IPβs DNSBL status for potential changes in risk profile.
2. Validate Ownership: Confirm Kenneth Koechβs association with the IP and check for linked assets.
3. Check Subnet Isolation: Since no neighbors exist, isolate the subnet for further analysis if suspicious activity emerges.
4. Maintain Baseline: No immediate action required due to low risk, but retain monitoring for anomalies.
Conclusion
The IP exhibits no active malicious behavior. While DNSBL listings suggest potential scrutiny, the low risk score and lack of confirmed threats indicate it is not a priority for immediate mitigation. SOC teams should maintain passive monitoring and verify organizational context.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Kenneth Koech |
| ASN | AS329387 |
| Network Name | ORG-SNL13-AFRINIC |
| CIDR Block | 102.210.40.0/22 |
| RIR | AFRINIC |
| Country | KE |
| Abuse Contact | β |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 0% | 0 | 0 |
| routing | 0% | 0 | 0 |
| services | 0% | 0 | 0 |
| ownership | 19% | 2 | 2 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 5% | 3 | 3 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-04 00:30:48 UTC |
| Last Seen | 2026-06-12 23:02:20 UTC |
| Profile Built | 2026-06-12 23:08:06 UTC |
| Data Freshness | Live |
| Signal Types | 12 |
| Total Observations | 12 |
Full dossier details are available via our API.