84.46.247.185
## IP INTELLIGENCE BRIEFING
Target IP: 84.46.247.185/32
Date: Current
Analyst Classification: Cloud Hosting Infrastructure
EXECUTIVE SUMMARY
IP 84.46.247.185 is a low-risk Contabo cloud computing host located in Kaunas, Lithuania. The address operates as a web server with standard services and shows minimal threat indicators. No active malicious campaigns or persistent threat behavior detected.
OWNERSHIP & INFRASTRUCTURE
| Attribute | Value |
|---|---|
| ASN | 51167 (LRTC-MNT) |
| Provider | Contabo |
| Infrastructure Type | CloudCompute |
| Network Classification | Cloud Hosting |
| RIR | RIPE |
| CIDR Block | 84.46.247.0/24 |
The IP is provisioned within Contabo's cloud infrastructure, a major European hosting provider. The subnet (84.46.247.0/24) demonstrates clean abuse density with no neighboring IPs flagged for suspicious activity.
GEOLOCATION
| Attribute | Value |
|---|---|
| Country | Lithuania (LT) |
| Region | Kaunas |
| Coordinates | 54.9038°N, 23.8924°E |
| Geo Consensus | Valid (1 source) |
| Network Origin | AS51167 |
Geolocation data is consistent and plausible with minimum RTT of 115ms from probe locations.
NETWORK SERVICES
| Port | Protocol | Service | Banner |
|---|---|---|---|
| 22 | TCP | SSH | SSH-2.0-OpenSSH_9.9 |
| 80 | TCP | HTTP | - |
| 443 | TCP | HTTPS | - |
Open services indicate a typical web server configuration with SSH access enabled. TLS certificate issued by Let's Encrypt (R11) for domain infrasecur.co.mz with wildcard coverage.
DNS ANALYSIS
| Attribute | Value |
|---|---|
| PTR Hostname | vmd193327.contaboserver.net |
| Forward Resolution | Confirmed |
| Hosted Domains | infrasecur.co.mz |
| SPF Record | Absent |
| DMARC Record | Absent |
| DNSSEC | Valid |
DNS configuration shows basic setup with missing email authentication records (SPF/DMARC).
THREAT INDICATORS
| Indicator | Status |
|---|---|
| Risk Score | 25 (Low) |
| Blacklist Count | 1 |
| Is Tor Exit | No |
| Is Known Attacker | No |
| Is Spam Source | No |
| Active Campaigns | None |
| Threat Feeds | None |
The IP shows one DNSBL listing (severity: high in historical data). No active threat feed matches or known campaign associations. Historical signals indicate the IP was observed in threat-related contexts but current reputation remains low.
OBSERVATION HISTORY
22 total observations recorded. Recent activity (2026-06-15) shows:
- Network classification signals (Cloud hosting, provider: Contabo)
- Geolocation signals (Kaunas, LT)
- One high-severity blacklist listing signal
- Operator score: 0.2609 (Basic)
Threat persistence duration: 0 days. IP is not classified as persistently malicious.
RELATIONSHIPS
49 relationships identified:
- 4+ DNS associations to vmd193327.contaboserver.net
- Network association: LRTC_INETNUM_RENT
- No organization or certificate-level relationships beyond the domain
SECURITY ACTIONS
No specific firewall rules or blocking recommendations generated. Standard monitoring recommended for SSH and HTTPS services.
INTELLIGENCE CONCLUSION
IP 84.46.247.185 represents standard cloud hosting infrastructure with low threat risk. The single blacklist listing warrants monitoring but does not indicate active malicious use. The Contabo hosting environment and clean neighborhood profile support benign operational classification. Continue passive monitoring; no immediate blocking or investigation required.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | LRTC-MNT |
| ASN | AS51167 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | vmd193327.contaboserver.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | vmd193327.contaboserver.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | 0/2 domains |
| DMARC | 0/2 domains |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
| Domains Checked | 2 domains |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | Apache |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_9.9 |
๐ TLS Certificate
CN=infrasecur.co.mz was found on this IP. This may indicate a previously hosted website, a decommissioned service, or stale infrastructure.| SANs | *.infrasecur.co.mzinfrasecur.co.mz |
| Valid From | 2025-07-23T03:24:57+00:00 |
| Valid Until | 2025-10-21T03:24:56+00:00 (expired) |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha256RSA |
| Validity Period | 89 days |
| Serial Number | 053D36A8C351959760D7FE17069A470B6702 |
| Thumbprint | 31E7A74FF633626511A6C2EA4194035C6820DB91 |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 30% | 2 | 3 |
| ownership | 20% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 15% | 2 | 2 |
| Overall | 23% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-15 20:48:35 UTC |
| Last Seen | 2026-06-28 02:58:46 UTC |
| Profile Built | 2026-06-28 21:04:03 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 26 |
Full dossier details are available via our API.