135.181.213.219
IP Intelligence Briefing: 135.181.213.219
*Generated via IPDebrief Analysis*
---
**1. Core Profile**
- Risk Score: Moderate (50/100)
- Ownership: Hetzner Online GmbH (AS24940)
- Geolocation: Helsinki, Finland (FI)
- Network Role: CloudCompute host (Hetzner infrastructure)
- Threat Indicators: No malicious activity detected (no indicators, spam, or abuse reports).
---
**2. Network & Services**
- Open Ports: SSH (port 22, OpenSSH 10.0p2)
- DNS:
- PTR hostname: `linux15.r00tbase.de`
- Domain: `r00tbase.de` (SPF/DMARC configured)
- SSL/TLS: No active certificates detected.
- Subnet: 135.181.213.219/24 (no neighboring IPs listed).
---
**3. Observation History**
- Latest Risk Signal (June 14, 2026):
- Basic risk score: 0.3 (operator score: 0.26).
- DNSSEC and CAA validation active.
- Historical Trends:
- Stable risk profile over 30 days (no spikes or anomalies).
- Limited data sources (1โ2 signals) impacting confidence.
---
**4. Relationships & Context**
- Linked Entities:
- Hetzner network (AS24940)
- Domain: `r00tbase.de` (no malicious email reputation).
- Threat Correlation:
- No known campaigns, DNSBL listings, or malicious banners.
---
**5. Neighborhood Analysis**
- Subnet (135.181.213.219/24):
- No active neighbors reported.
- Subnet abuse density: 0% (clean).
---
**6. Recommendations**
- Monitoring: Track SSH activity and ensure strong key authentication.
- Domain Security: Verify `r00tbase.de` for phishing or spoofing risks.
- Network Segmentation: Isolate cloud hosts to limit lateral movement risks.
- Threat Hunting: Cross-check with internal threat feeds for unknown indicators.
---
Conclusion: This IP represents a legitimate Hetzner cloud server with no active malicious activity. While risk scores are low, basic security hygiene (SSH hardening, domain validation) is advised. No immediate action required, but ongoing monitoring is recommended.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Hetzner Online GmbH - Contact Role |
| ASN | AS24940 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | linux15.r00tbase.de |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | linux15.r00tbase.de |
๐ DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_10.0p2 Ubuntu-5ubuntu5.4 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 31% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 30% | 2 | 3 |
| ownership | 20% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 26% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-13 19:03:45 UTC |
| Last Seen | 2026-06-27 23:36:46 UTC |
| Profile Built | 2026-06-28 17:42:49 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 27 |
Full dossier details are available via our API.