116.203.158.218
IP Intelligence Briefing: 116.203.158.218
*Generated via IPDebrief Analysis*
---
**1. Core Profile**
- Risk Rating: Moderate (Risk Score: 55/100)
- Ownership: Hetzner Online GmbH (ASN 24940, Germany)
- Geolocation: Nuremberg, Bavaria, Germany (Coordinates: 51.17°N, 10.45°E)
- Network Role: Cloud compute host (Hetzner infrastructure, no CDN/VPN/Tor)
- Threat Indicators: No active malware, phishing, or exploit campaigns detected.
---
**2. Observed Activity**
- Latest Signal (2026-06-05): Geolocation confirmed to Nuremberg, Germany (MaxMind database).
- Historical Trends: Single observation from May 31, 2026, showing no malicious banners, certificates, or campaigns.
- Control Plane:
- BGP prefix: `116.203.0.0/16` (Hetzner AS 24940).
- DNSSEC and CAA records validated.
- No DNSBL listings detected.
---
**3. Network Relationships**
- DNS Associations:
- Linked to `static.218.158.203.116.clients.your-server.de` (hostname).
- Multiple DNS records suggest potential misconfiguration or single-server setup.
- Subnet Context:
- Subnet `116.203.158.218/24` shows no abuse density.
- No neighboring IPs identified (0 neighbors).
---
**4. Security Actions**
- Recommended Mitigations:
- Monitor DNS records for unexpected changes (e.g., `your-server.de`).
- Ensure SSH access (port 22) is restricted to authorized IPs.
- Verify cloud instance compliance with Hetzner security policies.
- Firewall Rules:
- Allow traffic on port 22 (SSH) only from trusted sources.
- Block unsolicited traffic to reduce attack surface.
---
**5. Analyst Notes**
- The IP is hosted on Hetznerβs cloud infrastructure, likely a virtual machine.
- No active threats detected, but DNS configuration warrants closer inspection.
- Zero neighboring IPs in the subnet suggest isolated deployment, reducing lateral movement risk.
- Low-confidence historical signals indicate limited observation data; further monitoring advised.
End of Briefing
*Generated by IPDebrief β Cybersecurity Threat Intelligence Platform*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Hetzner Online GmbH - Contact Role |
| ASN | AS24940 |
| Network Name | β |
| CIDR Block | 116.203.0.0/16 |
| RIR | APNIC |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | static.218.158.203.116.clients.your-server.de |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | static.218.158.203.116.clients.your-server.de |
π DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16 |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 33% | 2 | 3 |
| services | 12% | 2 | 2 |
| ownership | 35% | 3 | 6 |
| reputation | 24% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 25% | 12 | 20 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-13 00:02:38 UTC |
| Last Seen | 2026-06-27 22:16:44 UTC |
| Profile Built | 2026-06-28 16:21:16 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 30 |
Full dossier details are available via our API.