102.64.41.175
IP Intelligence Briefing: 102.64.41.175
Date: 2026-06-09
---
**1. Core Profile**
- Risk Score: 80 (High Risk)
- Ownership:
- ASN: 327991
- Organization: Jacobus De Beer (Megasurf Wireless Internet CC)
- Location: Vanderbijlpark, Gauteng, South Africa (ZA)
- Threat Indicators:
- Flagged in 8 threat feeds (2 high-severity listings).
- No direct malicious activity (no malware, phishing, or exploit indicators).
- Network Role:
- Subnet: 102.64.41.0/24
- Services: No open ports or TLS certificates detected.
- DNS: Linked to `ms-41-175.megasurf.co.za` with SPF/DMArc records.
---
**2. Observation History**
- Recent Activity (Last 30 Days):
- 14 observations showing persistent risk signals:
- Threat Feed Listings: 8 total lists (2 high-severity).
- BGP Anomalies: ASN 327991 (Megasurf) routes show low operator score (0.26).
- DNSSEC Validity: Confirmed.
- Stability: IP is not route-stable (BGP route changes detected).
---
**3. Network Relationships**
- DNS Associations:
- Resolves to `ms-41-175.megasurf.co.za` (multiple DNS records).
- Subnet Relationships:
- Part of 102.64.41.0/24 (48 IPs total).
- High-risk neighbors: 6 IPs (risk scores β₯ 60).
- Abuse Density: 12.5% (moderate risk within subnet).
---
**4. Behavioral & Technical Context**
- Geolocation: Valid South African IP (Vanderbijlpark).
- Email Reputation: No SPF/DMArc violations detected.
- Routing:
- BGP Prefix: 102.64.40.0/21 (Megasurf Wireless).
- Route Stability: IP shows route instability (low operator score).
- DNSBL Listings: Listed in 4/8 DNSBLs (moderate abuse risk).
---
**5. Recommendations**
- Monitor Closely: High risk score and multiple threat feed listings warrant continuous monitoring.
- Check Subnet: Investigate high-risk neighbors in 102.64.41.0/24 for potential lateral movement.
- Verify DNS: Confirm DNSSEC and SPF/DMArc validity for `ms-41-175.megasurf.co.za`.
- Network Stability: Track BGP route changes for ASN 327991 (Megasurf).
- Firewall Rules: Consider blocking based on threat feed indicators or subnet abuse density.
Next Steps: Correlate with internal logs for anomalous traffic patterns and validate DNS associations.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Jacobus De Beer |
| ASN | AS327991 |
| Network Name | 102.64.41.0 - 102.64.41.255 |
| CIDR Block | 102.64.41.0/24 |
| RIR | AFRINIC |
| Country | ZA |
| Abuse Contact | β |
π DNS Intelligence
| PTR | ms-41-175.megasurf.co.za |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ms-41-175.megasurf.co.za |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 21% | 2 | 2 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 12% | 6 | 6 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-22 03:07:43 UTC |
| Last Seen | 2026-06-09 16:27:48 UTC |
| Profile Built | 2026-06-09 16:35:02 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 20 |
Full dossier details are available via our API.