102.64.42.4
IP Intelligence Briefing: 102.64.42.4
Date: 2026-06-13
---
**1. Core Profile**
- Risk Score: 40 (Moderate Risk)
- Geolocation:
- Country: South Africa (ZA)
- City: Vanderbijlpark (Region: GP)
- Coordinates: Latitude -26.7, Longitude 27.82
- Ownership:
- ISP: Jacobus De Beer (African Network Information Center)
- Subnet: 102.64.42.0/24
- Threat Indicators:
- No direct malicious activity detected (no spam, known attackers, or blacklist entries).
- DNS Association: Linked to `ms-42-4.megasurf.co.za` (confirmed PTR record).
---
**2. Network Behavior**
- Services:
- No open ports or TLS services detected.
- Firewalled host with no active services (HTTP/HTTPS, SMTP, etc.).
- Routing:
- BGP prefix: `102.64.32.0/20` (AS327991).
- Route stability: Unstable (recent route changes).
- DNS Security:
- DNSSEC validated.
- SPF/DKIM records present for `megasurf.co.za`.
---
**3. Temporal Observations**
- Historical Signals (Last 30 Days):
- Consistent geolocation in Vanderbijlpark, South Africa.
- No significant changes in risk scores or threat indicators.
- Minor DNS resolution activity (12 observations).
---
**4. Neighborhood Analysis**
- Subnet: `102.64.42.0/24` (47 total IPs).
- Risk Distribution:
- High Risk: 2 IPs (e.g., `102.64.42.83`, `102.64.42.199`).
- Medium Risk: 35 IPs.
- Low Risk: 6 IPs.
- Abuse Density: 4.3% (low overall risk in the subnet).
---
**5. Actionable Insights**
- Monitor Neighbors: Focus on high-risk neighbors (e.g., `102.64.42.83`, `102.64.42.199`) for potential lateral movement or network compromise.
- Verify DNS Host: Investigate `ms-42-4.megasurf.co.za` for any historical malicious activity or domain reputation.
- Subnet Segmentation: Consider isolating this subnet if sensitive traffic is observed.
- Threat Context: No direct threats detected, but the subnetβs low abuse density suggests it is likely residential or business use.
---
Recommendation: No immediate mitigation required, but ongoing monitoring of the subnet and associated DNS hosts is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Jacobus De Beer |
| ASN | AS327991 |
| Network Name | 102.64.42.0 - 102.64.42.255 |
| CIDR Block | 102.64.42.0/24 |
| RIR | AFRINIC |
| Country | ZA |
| Abuse Contact | β |
π DNS Intelligence
| PTR | ms-42-4.megasurf.co.za |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ms-42-4.megasurf.co.za |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 1 | 1 |
| routing | 25% | 1 | 1 |
| services | 25% | 1 | 1 |
| ownership | 0% | 0 | 0 |
| reputation | 0% | 0 | 0 |
| geolocation | 0% | 0 | 0 |
| Overall | 12% | 3 | 3 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-05 19:22:34 UTC |
| Last Seen | 2026-06-13 06:09:18 UTC |
| Profile Built | 2026-06-13 06:48:11 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 19 |
Full dossier details are available via our API.