154.127.83.254
IP Intelligence Briefing: 154.127.83.254
Date: 2026-06-07
---
**1. IP Profile**
- Risk Score: 70 (High Risk)
- Ownership:
- ASN: 37385 (Nasser SANDA)
- Geolocation: Niamey, Niger (16°N, 8°E)
- Network: 154.127.83.0/24 (afrinic registered)
- Threat Indicators:
- No direct malware campaigns or spam sources detected.
- DNSBL Listings: 4 out of 8 DNSBLs flag the IP (likely false positives, no actionable threats confirmed).
- Network Role:
- Firewalled / No Services (no open ports, no TLS/HTTP services detected).
- BGP prefix: 154.127.80.0/22 (AS37385).
---
**2. Observation History**
- Recent Activity (2026-06-07):
- Detected as part of a Nigerian network with potential threat signals (pulse_count=9, unresolved threat names).
- No persistent malicious activity (threat_observation_count=0).
- Historical Context (2026-05-30):
- Network classification stable (no CDN/VPN/residential indicators).
- No service banners or TLS certificates detected.
---
**3. Relationships**
- Linked Entities:
- Subnet: 154.127.83.0/24 (Nasser SANDA).
- No direct connections to known malicious domains, organizations, or certificates.
---
**4. Neighborhood Analysis**
- Subnet: 154.127.83.0/24
- Abuse Density: 0% (clean subnet).
- Neighbors: No active IPs or threats detected in the subnet.
---
**5. Recommendations**
- Monitor: The IPโs recent threat signals (despite no confirmed malicious activity) warrant closer scrutiny.
- Block: Consider blocking the subnet (154.127.83.0/24) if traffic from this range is observed, given the high-risk profile.
- Verify: Cross-check DNSBL listings with upstream providers to confirm false positives.
Conclusion: The IP is flagged as high risk but shows no confirmed malicious activity. Its subnet appears clean, but the unclear threat signals suggest further investigation is warranted.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Nasser SANDA |
| ASN | AS37385 |
| Network Name | 154.127.83.0 - 154.127.83.255 |
| CIDR Block | 154.127.83.0/24 |
| RIR | AFRINIC |
| Country | NE |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 33% | 2 | 3 |
| routing | 22% | 1 | 1 |
| services | 19% | 2 | 2 |
| ownership | 19% | 2 | 2 |
| reputation | 18% | 1 | 2 |
| geolocation | 13% | 1 | 1 |
| Overall | 21% | 9 | 11 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-14 19:28:08 UTC |
| Last Seen | 2026-06-09 14:17:34 UTC |
| Profile Built | 2026-06-07 07:44:04 UTC |
| Data Freshness | Live |
| Signal Types | 15 |
| Total Observations | 17 |
Full dossier details are available via our API.