197.245.54.173
IP Intelligence Briefing: 197.245.54.173
Date: 2026-06-13
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Geolocation:
- Reported: Miami, US (Region: US-FL)
- Actual Registration: South Africa (afrinic RIR, VoxDSL ISP)
- Conflict: Geolocation inconsistency (Miami vs. South Africa).
- Ownership:
- ISP: VoxDSL (co.za domain)
- ASN: Unassigned (ASN null)
- Subnet: 197.245.0.0/18 (RIR: afrinic)
- Threat Indicators:
- No malicious activity detected (zero threat indicators).
- Not listed in DNSBLs or blacklists.
---
**2. Network Behavior**
- Firewalled: No open ports or services detected.
- DNS Configuration:
- PTR Record: `dsl-197-245-54-173.voxdsl.co.za` (South African ISP).
- Email Security: SPF and DMARC records present, but no CAA records.
- Routing:
- BGP Origin ASN: 11845 (route stability: unstable).
- RPKI State: Not validated.
---
**3. Observation History**
- Latest Activity (2026-06-13):
- Registered with afrinic in South Africa (city: Waverley, Gauteng).
- DNSSEC validation successful, but DNSBL listing detected (1/8 lists).
- Historical Trends:
- No persistent threats or ownership changes.
- Low signal consistency (confidence: 0.12).
---
**4. Relationships & Neighborhood**
- DNS Associations:
- Linked to `dsl-197-245-54-173.voxdsl.co.za` (no further subdomains).
- Subnet Abuse:
- No siblings or active neighbors in 197.245.54.0/24 subnet.
- Subnet abuse density: 0%.
---
**5. Recommendations**
- Monitor Geolocation Discrepancy: Investigate potential spoofing or misconfigured DNS records.
- Enhance Email Security: Add CAA records to mitigate email spoofing risks.
- Verify Routing Stability: Check BGP route stability and RPKI validation for upstream providers.
- No Immediate Action Required: Low-risk profile with no active threats.
Final Assessment:
The IP appears to be a residential/business endpoint with no malicious activity detected. The geolocation inconsistency and DNS misconfigurations warrant further investigation but do not indicate active compromise.
Tools Used: IPDebrief Profile, History, Relationships, Neighbors, Actions.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | NOC Hostmaster |
| ASN | AS11845 |
| Network Name | 197.245.0.0 - 197.245.63.255 |
| CIDR Block | 197.245.0.0/18 |
| RIR | AFRINIC |
| Country | ZA |
| Abuse Contact | β |
π DNS Intelligence
| PTR | dsl-197-245-54-173.voxdsl.co.za |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | dsl-197-245-54-173.voxdsl.co.za |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 1 | 1 |
| routing | 25% | 1 | 1 |
| services | 25% | 1 | 1 |
| ownership | 0% | 0 | 0 |
| reputation | 0% | 0 | 0 |
| geolocation | 0% | 0 | 0 |
| Overall | 12% | 3 | 3 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-06 13:35:47 UTC |
| Last Seen | 2026-06-13 13:40:30 UTC |
| Profile Built | 2026-06-13 13:49:08 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 17 |
Full dossier details are available via our API.