102.214.44.117
IP Intelligence Briefing: 102.214.44.117
Date: 2026-06-13
---
**1. Risk Profile**
- Risk Score: 80 (High Risk)
- Provider Score: 0
- Authority Score: 0
- Stability Score: 0
- Threat Indicators: Listed in 6/8 DNSBLs (high-risk networks).
- Geolocation: Tanzania (Zanzibar), IPv4 subnet 102.214.44.0/24.
- Network Role: Firewalled / No Services; no CDN, VPN, or mobile carrier associations.
---
**2. Observation History**
- Recent Activity (30 Days):
- Consistently flagged in 6 DNSBLs (e.g., Spamhaus, Barracuda).
- No changes in geolocation or network ownership.
- Abuse Confidence Score: High (6/8 listings).
- Long-Term Trends:
- Persistent risk signals since at least 2026-06-01.
- No signs of cleanup or de-risking.
---
**3. Network Relationships**
- Linked Entities:
- Subnet 102.214.44.0/24 (AS328676, Frank Kagoma).
- No connections to known malicious domains, organizations, or certificates.
- Subnet Context:
- Abuse Density: 0% (clean).
- Neighbor Analysis: No risky sibling IPs in the subnet.
---
**4. Recommended Actions**
- Block/Rate Limit: Implement firewall rules to block traffic from 102.214.44.117 based on DNSBL listings.
- Monitor Subnet: Track 102.214.44.0/24 for emerging risks, though current abuse density is low.
- Investigate Owner: Contact Frank Kagoma (AS328676) to confirm legitimacy of the IP.
- Check Services: Verify if the IP hosts any services (no open ports or TLS certs detected).
---
Conclusion:
This IP is associated with a high-risk network in Tanzania and has a history of DNSBL listings. While the subnet is otherwise clean, the IPโs persistent risk signals warrant immediate mitigation. SOC teams should prioritize blocking this IP and monitoring its network for further activity.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Frank Kagoma |
| ASN | AS328676 |
| Network Name | 102.214.44.0 - 102.214.44.127 |
| CIDR Block | 102.214.44.0/25 |
| RIR | AFRINIC |
| Country | TZ |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Single-Service Host |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 4 |
| routing | 22% | 3 | 3 |
| services | 18% | 2 | 2 |
| ownership | 19% | 2 | 2 |
| reputation | 24% | 1 | 3 |
| geolocation | 13% | 1 | 1 |
| Overall | 22% | 11 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (65%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:03:24 UTC |
| Last Seen | 2026-06-26 18:10:10 UTC |
| Profile Built | 2026-06-22 05:54:53 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 20 |
Full dossier details are available via our API.