84.54.115.46
IP Intelligence Briefing: 84.54.115.46/32
*Generated via IPDebrief Threat Intelligence Platform*
---
**Risk Assessment**
- Overall Risk Score: 80/100 (High Risk)
- Ownership: Owned by Uzbektelecom JSC (AS8193, RIPE)
- Geolocation: Tashkent, Uzbekistan (41.32°N, 69.25°E)
- Network Role: Residential/Residential ISP network (UZTELECOM)
- Threat Indicators: No direct malicious activity detected; low abuse density in subnet.
---
**Key Observations**
1. Services:
- Open ports: HTTP (80), HTTPS (443)
- Server: Nginx (banner: "nginx")
- TLS Certificate: Self-signed (CN=uservsftpd)
2. History:
- Observed over 24 days with minimal signal changes.
- Recent activity shows no persistent malicious patterns.
3. Relationships:
- Linked to UZTELECOM infrastructure (AS8193).
- No direct ties to known campaigns or threat feeds.
4. Subnet Analysis:
- 84.54.115.0/24 subnet: 1 active IP (itself), 0 malicious neighbors.
- Low abuse density (1/24 IPs flagged).
---
**Recommended Actions**
1. Monitoring:
- Increase logging verbosity for traffic from this IP.
- Monitor for unexpected service changes (e.g., new ports, TLS certificates).
2. Network Controls:
- Block the IP using firewall rules:
- iptables: `iptables -A INPUT -s 84.54.115.46 -j DROP`
- Cloudflare WAF: Block IP with risk score 80.
- AWS WAF: Add `84.54.115.46/32` to a rule set.
3. Investigation:
- Validate geolocation anomalies (Tashkent IP with residential ISP).
- Cross-check with DNS and email headers for spoofing risks.
---
Note: This IP exhibits no direct malicious behavior but is associated with a high-risk ISP. Further investigation into its network context and traffic patterns is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Role of Uzbektelecom JSC |
| ASN | AS8193 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Residential |
| Service Purpose | Web Server |
| Network Tier | End-User โ Residential ISP endpoint |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| Closed Ports | 22, 25, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | nginx |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | 2019-07-01T15:58:34+00:00 |
| Valid Until | 2119-06-07T15:58:34+00:00 |
| TLS Protocol | Tls12 |
| Cipher Suite | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 |
| Signature Algorithm | sha256RSA |
| Validity Period | 36500 days |
| Serial Number | 00925F2A1D715F4C64 |
| Thumbprint | 0544A1C64AF2B1CEB875A4F7DD2A338507751754 |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 20% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 25% | 2 | 4 |
| ownership | 20% | 2 | 3 |
| reputation | 18% | 1 | 3 |
| geolocation | 13% | 1 | 1 |
| Overall | 18% | 9 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:04:37 UTC |
| Last Seen | 2026-06-26 18:11:38 UTC |
| Profile Built | 2026-06-25 14:10:25 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 23 |
Full dossier details are available via our API.