105.184.242.238
IP Intelligence Briefing: 105.184.242.238
Date: 2026-06-11
---
**1. Risk Profile**
- Risk Score: 65 (Moderate Risk)
- Threat Indicators: No direct malicious activity detected (no known attackers, spam, or campaigns).
- Geolocation:
- Country: South Africa (ZA)
- City: Emfuleni, Gauteng Region
- Coordinates: Latitude -26.63, Longitude 27.78 (inferred from DNS data).
- Network Role: Firewalled / No Services (no open ports or TLS/HTTP services detected).
- Ownership:
- ASN: 37457 (Pieter Bezuidenhout)
- ISP: Telkom SA (afrinic-registed).
---
**2. Observation History**
- Recent Activity (Last 30 Days):
- Geolocation Inference: Confirmed South Africa (ZA) with moderate accuracy (800km radius).
- DNSSEC/Caa Validity: Validated (DNSSEC and CAA records present).
- DNSBL Listings: 3 out of 8 DNSBL lists (low abuse confidence).
- Network Stability: Route stability score indicates inconsistent routing (likely residential or mobile).
---
**3. Relationships**
- Network Associations:
- Linked to 105.184.0.0/16 subnet (same provider, Pieter Bezuidenhout).
- DNS Associations:
- Hostname: `105-184-242-238.south.dsl.telkomsa.net` (Telkom SA).
- No other hostnames or domains associated.
- No Threat Correlations: No linked campaigns, certificates, or malicious entities.
---
**4. Neighborhood Analysis**
- Subnet: 105.184.242.238/24
- Neighbor Count: 0 (no active sibling IPs detected).
- Abuse Density: 0% (subnet appears clean).
---
**5. Recommendations**
- Monitor DNS Activity: Track `telkomsa.net` for suspicious subdomains or email headers.
- Check for Service Changes: Verify if the IP starts opening ports or hosting services.
- Geolocation Verification: Cross-check coordinates with historical data (discrepancies noted).
- DNSBL Monitoring: Watch for additional listings on DNSBL services.
---
Conclusion:
This IP is associated with a residential/mobile network in South Africa. While no direct threats are detected, the moderate risk score and DNSBL listings suggest cautious monitoring. No immediate action is required, but ongoing observation is advised.
Threat Level: Low-Moderate (no active exploitation detected).
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Pieter Bezuidenhout |
| ASN | AS37457 |
| Network Name | 105.184.0.0 - 105.184.255.255 |
| CIDR Block | 105.184.0.0/16 |
| RIR | AFRINIC |
| Country | ZA |
| Abuse Contact | β |
π DNS Intelligence
| PTR | 105-184-242-238.south.dsl.telkomsa.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | 105-184-242-238.south.dsl.telkomsa.net |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 1 | 2 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 19% | 2 | 2 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 13% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-27 13:16:24 UTC |
| Last Seen | 2026-06-11 09:38:33 UTC |
| Profile Built | 2026-06-11 09:46:35 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 17 |
Full dossier details are available via our API.