196.0.10.54
IP Intelligence Briefing: 196.0.10.54/32
Date: 2026-06-06
---
**1. Core Profile**
- Risk Score: Moderate (55/100)
- Ownership: Registered to Kevin Mugaya Francis (UGanda) under ORG-UTL1-AFRINIC (Afrinic).
- Geolocation: Kampala, Central Region, Uganda (0.32°N, 32.57°E).
- Network Role: Firewalled / No Services (no open ports, no TLS/HTTP activity).
- BGP Prefix: 196.0.0.0/16 (Uganda-Telecom).
---
**2. Threat Indicators**
- No direct malicious activity: No indicators of spam, attacks, or blacklisted status.
- Subnet Risk:
- /24 Subnet (196.0.10.0/24): Moderate abuse density (10% high-risk neighbors).
- High-risk neighbor: 196.0.10.126 (risk score 70).
- Low-risk neighbors: 196.0.10.114 (30), 196.0.10.254 (55).
---
**3. Observation History**
- Latest Activity (2026-06-06):
- BGP record confirmed (ASN 21491, Uganda-Telecom).
- Geolocation data consistent (Kampala, Uganda).
- Historical Trends:
- No persistent threats or ownership changes detected.
- Minimal DNS activity (no PTR records, no domain associations).
---
**4. Relationships**
- Linked Networks:
- ORG-UTL1-AFRINIC (same network).
- No external connections: No DNS, certificates, or services linked.
---
**5. Recommendations**
- Monitor Subnet: The /24 subnet contains one high-risk neighbor (196.0.10.126). Investigate potential lateral movement or shared infrastructure risks.
- Verify Ownership: Confirm legitimacy of Kevin Mugaya Francis (UGanda) and check for historical abuse reports.
- Network Segmentation: Ensure firewalled isolation to prevent potential subnet-wide exposure.
Note: No immediate action required for 196.0.10.54 itself, but vigilance is advised due to the subnetβs mixed risk profile.
---
Source: IPDebrief Threat Intelligence Platform
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Kevin Mugaya Francis |
| ASN | AS21491 |
| Network Name | ORG-UTL1-AFRINIC |
| CIDR Block | 196.0.0.0/16 |
| RIR | AFRINIC |
| Country | UG |
| Abuse Contact | β |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Web Server |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | lighttpd/1.4.39 |
| HTTP Title | β |
| SSH Version | SSH-2.0-dropbear <8?N???Q?J[K?h[??curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-gro |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 24% | 2 | 3 |
| ownership | 19% | 2 | 2 |
| reputation | 22% | 1 | 3 |
| geolocation | 13% | 1 | 1 |
| Overall | 20% | 9 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-11 15:04:48 UTC |
| Last Seen | 2026-06-26 10:33:57 UTC |
| Profile Built | 2026-06-26 10:43:24 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 18 |
Full dossier details are available via our API.