102.64.41.227
IP Intelligence Briefing: 102.64.41.227
*Generated via IPDebrief tools: Profile, History, Relationships, Neighbors*
---
**1. Core Profile**
- Risk Assessment: Low risk (riskScore: 0, providerScore: 0, authorityScore: 0).
- Ownership: Registered to Jacobus De Beer (afrinic RIR), netblock 102.64.41.0/24.
- Geolocation: South Africa (ZA), Gauteng region, Vanderbijlpark city. Coordinates vary slightly between tools (-26.7° vs. -30.56°).
- Threat Indicators: No malicious activity detected (no indicators, abuse confidence, or blacklists).
- Network Role: Unknown infrastructure type; no cloud, CDN, or residential flags.
---
**2. Observation History**
- 17 observations since June 8, 2026:
- Geolocation: Multi-signal inference (confidence: 52%) placing it in South Africa.
- DNSSEC: Validated with CAA records (no DNSBL listings).
- Network Stability: Low operator score (0.2174), suggesting potential routing instability.
- No Threat Trends: No persistent malicious activity or campaign correlations.
---
**3. Relationships**
- Network: Linked to 102.64.41.0/24 subnet.
- DNS: Multiple failed DNS queries to 192.168.2.108 (likely internal/reserved IP).
- No External Hostnames: No public DNS records or email authentication data.
---
**4. Subnet Neighbors**
- /24 Subnet (102.64.41.0/24): 48 total IPs, 14% abuse density.
- High-Risk Neighbors:
- 102.64.41.16 (riskScore: 80)
- 102.64.41.6 (riskScore: 55)
- 102.64.41.32 (riskScore: 55)
- Low-Risk Majority: 34 IPs with riskScore β€ 40.
---
**5. Actionable Insights**
- Monitor Subnet: The IPβs subnet contains mixed-risk neighbors; investigate high-risk siblings for potential lateral movement.
- Verify Geolocation: Discrepancies in coordinates suggest possible misconfigured routing or data inconsistencies.
- Check Network Role: Unknown infrastructure type warrants further scrutiny to confirm legitimacy.
- DNS Health: Failed queries to 192.168.2.108 may indicate misconfigured DNS settings or internal network issues.
---
Conclusion: 102.64.41.227 appears benign with no direct threat indicators. However, its subnet contains higher-risk neighbors, and geolocation inconsistencies merit further investigation. SOC teams should monitor for unusual traffic patterns or configuration changes in this subnet.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Jacobus De Beer |
| ASN | AS327991 |
| Network Name | 102.64.41.0 - 102.64.41.255 |
| CIDR Block | 102.64.41.0/24 |
| RIR | AFRINIC |
| Country | ZA |
| Abuse Contact | β |
π DNS Intelligence
| PTR | ms-41-227.megasurf.co.za |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ms-41-227.megasurf.co.za |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 42% | 2 | 3 |
| routing | 19% | 1 | 2 |
| services | 19% | 1 | 2 |
| ownership | 21% | 2 | 2 |
| reputation | 28% | 1 | 3 |
| geolocation | 13% | 1 | 1 |
| Overall | 24% | 8 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-17 15:11:18 UTC |
| Last Seen | 2026-06-13 03:44:13 UTC |
| Profile Built | 2026-06-08 07:34:52 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 19 |
Full dossier details are available via our API.