197.243.0.62
IP Intelligence Briefing: 197.243.0.62
Date: 2026-06-18
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Ownership: Registered to Faycal Ndangiza (AS37228) in Rwanda (Kigali).
- Geolocation: Kigali, Rwanda (latitude -1.94, longitude 30.06).
- Network Role: Single-service host (HTTP on port 80).
- Threat Indicators: No malicious activity detected (no malware, phishing, or exploit indicators).
---
**2. Historical Observations**
- Recent Activity (2026-06-02):
- Passive scanning detected HTTP service on port 80.
- DNSSEC and CAA records validated, but low-confidence signals (confidence: 0.25β0.85).
- No persistent malicious behavior or campaign correlation.
- Trend: Stable risk profile; no significant changes in signals over 30 days.
---
**3. Network Relationships**
- Linked Entities:
- Subnet: 197.243.0.0/20 (Rwanda, Kigali).
- No direct links to known malicious organizations, domains, or certificates.
- Control Plane:
- BGP path: `37100 37619 37228` (AS37228).
- DNSSEC valid, CAA records present, and no DNSBL listings.
---
**4. Subnet Neighborhood**
- Subnet: 197.243.0.0/24
- Abuse Density: 1 (low risk; "mostly_clean" classification).
- Neighbors: No active or malicious sibling IPs identified.
---
**5. Recommended Actions**
- Monitoring: Track subnet for unusual activity (e.g., new services, DNS changes).
- Firewall: No immediate blocking required; low-risk host with no malicious indicators.
- Context: Verify if the HTTP service (port 80) is legitimate, given the ownerβs registration in Rwanda.
---
Summary: 197.243.0.62 is a low-risk, single-service host in Rwanda with no malicious indicators. While its subnet has minimal abuse density, ongoing monitoring is advised to ensure no emerging threats. No actionable security measures required at this time.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Faycal Ndangiza |
| ASN | AS37228 |
| Network Name | 197.243.0.0 - 197.243.15.255 |
| CIDR Block | 197.243.0.0/20 |
| RIR | AFRINIC |
| Country | RW |
| Abuse Contact | β |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Single-Service Host |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| Closed Ports | 22, 25, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 4 |
| routing | 35% | 2 | 3 |
| services | 26% | 2 | 4 |
| ownership | 26% | 3 | 3 |
| reputation | 21% | 1 | 3 |
| geolocation | 13% | 1 | 1 |
| Overall | 25% | 11 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:06 UTC |
| Last Seen | 2026-06-23 03:56:52 UTC |
| Profile Built | 2026-06-23 04:19:25 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 33 |
Full dossier details are available via our API.