IPDebrief

135.181.130.83

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING: 135.181.130.83

Classification: LOW RISK INFRASTRUCTURE

Date of Analysis: Current

Risk Score: 25/100

---

## EXECUTIVE SUMMARY

IP 135.181.130.83 is a cloud-based web server hosted by Hetzner Online GmbH (ASN 24940) in Helsinki, Finland. The IP demonstrates a low-risk profile with minimal threat indicators. The address serves as a web hosting endpoint with standard HTTP/HTTPS services and maintains stable routing characteristics. No malicious activity patterns were observed across 32 historical observations.

---

## INFRASTRUCTURE PROFILE

Provider: Hetzner Online GmbH

ASN: 24940 (RIPE NCC)

Location: Helsinki, Finland (FI)

Network Block: 135.181.0.0/16

CIDR Classification: Cloud Compute / Web Server

Infrastructure Type: Cloud Hosting (Confirmed)

Open Services:

DNS Resolution:

TLS Certificate: CN=micuk.uk (Multi-SAN configuration including mail.micuk.uk, cpanel.micuk.uk, webmail.micuk.uk)

---

## THREAT ASSESSMENT

Risk Score: 25/100 (Low Risk)

Reputation: Low Risk

Abuse Confidence Score: Not applicable

Threat Indicators: None detected

Blacklist Status: Listed on 1 of 8 DNSBL lists

Known Campaigns: None

Campaign Likelihood: None

Is Tor Exit Node: False

Is Known Attacker: False

Is Spam Source: False

Control Plane Metrics:

---

## NEIGHBORHOOD ANALYSIS

Subnet: 135.181.130.83/24

Abuse Density: 0 (Low)

Classification: Mostly Clean

Risk Distribution: No high/medium risk siblings identified

Inherited Risk: 2/100

The /24 subnet demonstrates clean security posture with no adjacent IPs exhibiting elevated risk characteristics.

---

## RELATIONSHIP GRAPH

Total Relationships: 65

Primary Associations:

---

## OBSERVATION HISTORY (32 SIGNALS)

Temporal Coverage: June 14โ€“19, 2026

Key Observations:

Risk Trend: Stable. No escalation patterns observed across observation window.

---

## SECURITY RECOMMENDATIONS

Action Level: MONITOR

Firewall Rules: Not required at this time

Recommended Actions:

1. No immediate blocking actions warranted based on current risk profile

2. Continue standard traffic monitoring for cloud hosting services

3. Review DNSBL listing origin if traffic blocking is observed

Note: IPDebrief analysis indicates no actionable firewall rules based on current threat profile. Standard organizational firewall policies should apply.

---

## CONCLUSION

IP 135.181.130.83 represents low-risk cloud infrastructure operating within Hetzner's Helsinki datacenter. The address maintains stable routing, valid BGP announcements, and standard web server functionality. No evidence of malicious activity, campaign involvement, or elevated threat behavior was detected. SOC teams may treat this IP as legitimate cloud infrastructure requiring standard monitoring protocols.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ซ๐Ÿ‡ฎ Finland
RegionUusimaa
CityHelsinki
TimezoneEurope/Helsinki
Latitude60.17
Longitude24.93

๐Ÿข Ownership & Registration

OrganizationHetzner Online GmbH - Contact Role
ASNAS24940
Network Nameโ€”
CIDR Block135.181.0.0/16
RIRARIN
Countryโ€”
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTRstatic.83.130.181.135.clients.your-server.de
Forward ConfirmedYes โ€” FCrDNS verified
Forward Hostnamescphost.parsrad.com

๐Ÿ” DNS Hygiene

Hygiene Score40% (Fair)
SPF0/2 domains
DMARC0/2 domains
FCrDNSVerified
DNSSECValid
CAANot configured
Domains Checked2 domains

โ˜๏ธ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeWeb Server
Network TierTier 3 โ€” Basic operator with some routing infrastructure
CloudHosting

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
80httptcpโ€”
443httpstcpโ€”
Closed Ports22, 25, 3389, 8080, 8443 (2 open / 7 scanned)
ServerApache
HTTP Titleโ€”

๐Ÿ” TLS Certificate

A self-signed certificate was detected. This is common for development servers, internal services, or IoT devices.
โš ๏ธ
CN=micuk.uk
Issued by CN=micuk.uk
Self-signed: Yes
SANsmicuk.ukwww.micuk.ukmail.micuk.ukcpanel.micuk.ukwebmail.micuk.ukwebdisk.micuk.ukcpcontacts.micuk.ukcpcalendars.micuk.ukautodiscover.micuk.uk
Valid From2026-06-04T12:30:42+00:00
Valid Until2027-06-04T12:30:42+00:00
TLS ProtocolTls13
Cipher SuiteTLS_AES_256_GCM_SHA384
Signature Algorithmsha256RSA
Validity Period365 days
Serial Number016C9F91B1
Thumbprint05B5BB6743B162871065FC74BDE34108B128B3CE

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
25%
24
routing
22%
34
services
29%
24
ownership
27%
34
reputation
26%
13
geolocation
25%
22
Overall25%1321
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionHigh (85%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-05-13 06:37:03 UTC
Last Seen2026-06-27 22:31:15 UTC
Profile Built2026-06-28 16:36:10 UTC
Data FreshnessLive
Signal Types28
Total Observations33
๐Ÿ” 28 signal types ยท 33 observations collected
This report is generated from 28+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.