185.247.137.104
IP Intelligence Briefing: 185.247.137.104
Date: 2026-06-06
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Ownership:
- ASN: 211298
- Organization: Driftnet Hostmaster (UK-based)
- Geolocation: Registered to Manchester, England (GB).
- Threat Indicators:
- No malicious activity detected (no indicators, blacklists, or campaigns).
- DNS: Resolves to `r4-104-68.monitoring.internet-measurement.com` (benign domain).
- Services: No open ports or TLS certificates detected.
---
**2. Network & Subnet Analysis**
- Subnet: 185.247.137.0/24
- Neighbor Risk:
- Abuse Density: 0.36 (mixed risk environment).
- High-Risk Neighbors: 63 IPs (36% of subnet).
- Active IPs: 43 (25% of subnet).
- Network Role:
- Classified as firewalled / no services.
- No CDN, VPN, Tor, or mobile carrier flags.
---
**3. Observation History**
- Latest Activity: 2026-06-06 (signal type: Basic).
- Trend:
- No persistent malicious behavior (threat persistence days: 0).
- Recent DNSSEC validation and route stability checks passed.
- Geolocation Validation:
- ICMP blocked, preventing full verification.
- Proxied through Manchester, GB (473.7 km from probe).
---
**4. Relationships & Dependencies**
- Linked Entities:
- Same Network: UK-DRIFTNET-20180301 (Driftnet Hostmaster).
- DNS Associations: `r4-104-68.monitoring.internet-measurement.com`.
- Certificates & Services:
- No TLS certificates or HTTP services detected.
---
**5. Recommendations**
- Monitor Subnet: High-risk neighbors (63 IPs) in the 185.247.137.0/24 subnet warrant closer scrutiny.
- Verify DNS: Investigate `internet-measurement.com` for benign vs. adversarial intent.
- Geolocation Discrepancy: Confirm IP location accuracy due to ICMP blocking.
- Firewall Rules: Consider blocking high-risk neighbors (e.g., 185.247.137.4, 185.247.137.6) to mitigate lateral exposure.
Conclusion: The IP itself is not malicious, but its subnet contains a mix of risks. Focus on monitoring network behavior and validating DNS associations for potential indirect threats.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Driftnet Hostmaster |
| ASN | AS211298 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | r4-104-68.monitoring.internet-measurement.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | r4-104-68.monitoring.internet-measurement.com |
๐ DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Single-Service Host |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| Closed Ports | 22, 25, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 33% | 2 | 4 |
| reputation | 22% | 1 | 3 |
| geolocation | 27% | 2 | 3 |
| Overall | 22% | 9 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-13 12:12:24 UTC |
| Last Seen | 2026-06-06 20:35:56 UTC |
| Profile Built | 2026-06-06 21:06:18 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 21 |
Full dossier details are available via our API.