135.181.108.239
IP Intelligence Briefing: 135.181.108.239
Date: 2026-06-13
---
**1. IP Profile**
- Risk Score: Moderate (55/100)
- Ownership:
- ASN: 24940
- Organization: Hetzner Online GmbH
- Country: Finland (FI)
- Region: Helsinki (18)
- Network Role:
- Hosting Provider: Hetzner Online GmbH
- Services: HTTP (80), HTTPS (443), SSH (22)
- Server Banner: Caddy
- TLS/SSL: No certificate data retrieved
- Geolocation:
- City: Helsinki, Finland
- Accuracy Radius: ~750 km
- Timezone: Europe/Helsinki
---
**2. Threat & Security Indicators**
- Threat Status:
- No known malicious indicators (no blacklists, spam, or campaign associations).
- DNSSEC Valid: Yes
- CAA Records: Present
- DNSBL Listings: 3 out of 8 lists
- Control Plane:
- BGP Prefix: 135.181.0.0/16
- Route Stability: Unstable (route changes detected in 30 days)
- RPKI State: Not reported
- Infrastructure Type: Cloud Hosting
---
**3. Observation History**
- Recent Activity (June 2026):
- Connection Failures: 2 instances (HTTPS) with low confidence.
- Geo-Validation: Consistent Helsinki, Finland location (RTT ~123ms).
- Network Role: Confirmed as cloud hosting (not residential/mobile).
- Persistence: No persistent malicious activity detected.
---
**4. Relationships & Neighbors**
- DNS Associations:
- PTR Hostname: `static.239.108.181.135.clients.your-server.de`
- Domain: `your-server.de` (SPF/DMARC records present).
- Network Neighbors:
- Subnet: 135.181.108.0/24
- Abuse Density: 1 (low risk)
- Neighbors: No active IPs detected in subnet (may be isolated or restricted).
---
**5. Recommendations**
- Monitoring:
- Track DNSBL listings and TLS certificate updates.
- Monitor for unexpected port activity (e.g., non-standard SSH ports).
- Firewall:
- Allow standard ports (80, 443, 22) for legitimate web/SSH traffic.
- Block non-standard ports unless confirmed as required.
- Context:
- Hetzner is a reputable hosting provider; no immediate red flags.
- Ensure DNSSEC and CAA records are enforced to mitigate misconfigurations.
---
End of Briefing
*Generated by IPDebrief for SOC operational use.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Hetzner Online GmbH - Contact Role |
| ASN | AS24940 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | static.239.108.181.135.clients.your-server.de |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | static.239.108.181.135.clients.your-server.de |
๐ DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | Caddy |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 22% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 25% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 23% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:03:39 UTC |
| Last Seen | 2026-06-26 22:22:08 UTC |
| Profile Built | 2026-06-27 18:35:59 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 31 |
Full dossier details are available via our API.