154.117.199.5

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP INTELLIGENCE BRIEFING

Target IP: 154.117.199.5/32

Executive Summary: Low-risk, passive infrastructure IP with no active services. Associated with Viettel Burundi SA (ASN 327799). No active threat indicators detected, but subnet-level abuse density requires monitoring.

---

Ownership & Geolocation

Organization: Vo Trung Thanh / Viettel Burundi SA
ASN: 327799 (Afrinic, allocated 2015-04-23)
CIDR Block: 154.117.196.0 - 154.117.199.255 (154.117.199.5/32)
Location: Bujumbura, Bujumbura Mairie Province, Burundi (BI)
Coordinates: -3.5° latitude, 30° longitude

Risk Assessment

Overall Risk Score: 25 (Low Risk)
Abuse Confidence Score: Not applicable (no active threat activity)
Provider/Authority Scores: 0 (neutral)
Risk Classification: Low Risk

Network State & Services

Open Ports: None detected
Service Status: Firewalled / No Services
TLS Certificates: None
DNS Resolution: No PTR hostnames, no forward resolution
Hosted Domains: 0
Email Auth: No SPF/DMARC records

Threat Indicators

Known Attacker: No
Tor Exit Node: No
Spam Source: No
Blacklist Count: 0
Threat Feeds: None
Campaign Correlation: No matches

Control Plane & Routing

Route Stability: False (route changes detected)
BGP Prefix: 154.117.192.0/18
DNSSEC: Valid
DNSBL Status: Listed on 1 of 8 total lists
RPKI State: Not evaluated

Neighborhood Analysis (154.117.199.0/24)

Abuse Density: 0.5 (moderate)
Classification: Mostly Clean
Total Siblings: 2
Active Siblings: 0
Threat Siblings: 1
Neighbor Risk: 154.117.199.56 identified with risk score 65 (medium-high)

Relationship Graph

Network Associations: 15 relationships to same network (154.117.196.0 - 154.117.199.255)
No Hostname/Organization/Certificate Links: No external entity associations detected

Historical Observation (16 records)

ASN Consistency: 327799 (Viettel Burundi SA) - stable
Geolocation: Consistent Burundi (BI)
Subnet Abuse Density: 0.5 (observed 2026-06-17)
Threat Persistence: 0 days (not persistently malicious)

---

SOC Analyst Recommendations

1. Block/Filter Decision: LOW PRIORITY - No immediate threat. IP is passive with no services.

2. Monitoring: Monitor subnet 154.117.199.0/24 due to elevated neighbor risk (154.117.199.56, score 65).

3. Firewall Rules: No specific blocking required at this time. Consider passive monitoring for outbound connections from this IP.

4. Threat Hunting: No active indicators. Focus investigation on related IP 154.117.199.56 which shows elevated risk.

---

Classification: LOW RISK / PASSIVE INFRASTRUCTURE

Last Updated: Analysis based on IPDebrief intelligence data

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🌐 BI
Region	Bujumbura Mairie Province
City	Bujumbura
Timezone	—
Latitude	-3.50
Longitude	30.00

🏢 Ownership & Registration

Organization	Vo Trung Thanh
ASN	AS327799
Network Name	154.117.196.0 - 154.117.199.255
CIDR Block	154.117.196.0/22
RIR	AFRINIC
Country	BI
Abuse Contact	—

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Unknown
Service Purpose	Firewalled / No Services
Network Tier	Unknown — Insufficient routing data to classify

No specific classification

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	29%	2	3
routing	17%	1	1
services	8%	1	1
ownership	21%	2	2
reputation	28%	1	3
geolocation	13%	1	1
Overall	19%	8	11

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-07 23:03:47 UTC
Last Seen	2026-06-22 18:03:08 UTC
Profile Built	2026-06-22 18:12:53 UTC
Data Freshness	Live
Signal Types	15
Total Observations	21

🔍 15 signal types · 21 observations collected

This report is generated from 15+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

154.117.199.5📋 Copy