102.64.35.47
IP Intelligence Briefing: 102.64.35.47
Date: 2026-06-09
**Overview**
- Risk Profile: Moderate Risk (Risk Score: 55)
- Ownership: Registered to Jacobus De Beer (ASN: 327991, RIR: AFRINIC) in South Africa (ZA).
- Geolocation: Vanderbijlpark, Gauteng, South Africa (Latitude: -26.7, Longitude: 27.82).
- Network Role: Unknown infrastructure type; no cloud, CDN, or residential flags.
**Threat Indicators**
- No direct malicious activity detected (no known attackers, spam, or Tor exit nodes).
- DNS: Resolves to `ms-35-47.megasurf.co.za` with valid SPF/DMArc records.
- Services: No open ports or TLS certificates detected.
**Network Context**
- Subnet: 102.64.35.0/24 with 53 total neighbors (abuse density: 18.9%).
- High-Risk Neighbors: 10 IPs with risk scores β₯65, including:
- 102.64.35.12 (Risk: 80), 102.64.35.7 (Risk: 65), and 102.64.35.3 (Risk: 55).
- Subnet Abuse: 18.9% of neighbors flagged for abuse, suggesting potential lateral movement or shared infrastructure risks.
**Observation History**
- Recent Activity (2026-06-09):
- DNSSEC validation confirmed.
- No significant changes in geolocation or threat signals.
- Long-Term Trends: No persistent malicious behavior (threat observation count: 0).
**Relationships**
- DNS Associations: Linked to `megasurf.co.za` (hostname: ms-35-47.megasurf.co.za).
- Network Connections: Same subnet (102.64.35.0/24).
**Recommendations**
1. Monitor Subnet: Track high-risk neighbors (e.g., 102.64.35.12) for anomalous activity.
2. Verify DNS: Confirm `megasurf.co.za` legitimacy via WHOIS and domain reputation checks.
3. Firewall Rules: Consider blocking high-risk neighbors if connectivity to 102.64.35.47 is unnecessary.
4. Geolocation Validation: Cross-check IP location with internal threat intelligence for South African network anomalies.
Conclusion: The IP itself shows no direct malicious indicators but resides in a subnet with notable abuse density. Further investigation into neighboring IPs and DNS relationships is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Jacobus De Beer |
| ASN | AS327991 |
| Network Name | 102.64.35.0 - 102.64.35.255 |
| CIDR Block | 102.64.35.0/24 |
| RIR | AFRINIC |
| Country | ZA |
| Abuse Contact | β |
π DNS Intelligence
| PTR | ms-35-47.megasurf.co.za |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ms-35-47.megasurf.co.za |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 21% | 2 | 2 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 12% | 6 | 6 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-20 22:11:10 UTC |
| Last Seen | 2026-06-16 12:25:24 UTC |
| Profile Built | 2026-06-09 05:58:49 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 20 |
Full dossier details are available via our API.