178.105.106.135
IP Intelligence Briefing: 178.105.106.135
Date: 2026-06-08
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Provider: Hetzner Online GmbH (cloud hosting)
- Geolocation: Germany (Saxony, Falkenstein)
- Network Role: CloudCompute instance (hosted by Hetzner, no open services detected)
- Ownership: ASN 24940, registered to Hetzner Online GmbH.
---
**2. Threat & Abuse Indicators**
- Malicious Activity: No indicators of spam, attacks, or known threats.
- DNS Associations: Linked to `static.135.106.105.178.clients.your-server.de` (likely a static IP for a server).
- Subnet Abuse: Subnet `178.105.106.135/24` has 0.5 abuse density (mostly clean, but 2 of 4 sibling IPs show moderate risk).
---
**3. Observation History**
- Recent Activity: No significant changes in risk signals over the past 30 days.
- Stability: Stable network configuration (no route changes).
- Geolocation Validity: Plausibility score: False (potential discrepancy in geolocation data).
---
**4. Relationships & Context**
- Connected Entities:
- DNS: `your-server.de` (SPF/DKIM email validation enabled).
- Network: Subnet `CLOUD-FSN1` (Hetzner cloud infrastructure).
- No Campaign Links: No correlations to known malicious campaigns or certificates.
---
**5. Neighborhood Analysis**
- Subnet Neighbors:
- 3 total IPs; 2 show low risk (25), 1 shows moderate risk (50).
- Recommendation: Monitor neighbors with higher risk scores for potential lateral movement or shared infrastructure risks.
---
**6. Security Actions**
- No Immediate Mitigation Required: Low-risk IP with no active threats.
- Best Practices:
- Continuously monitor for unexpected service changes or DNS anomalies.
- Verify geolocation consistency, as the IPโs location appears inconsistent with its network provider.
---
Summary:
178.105.106.135 is a legitimate Hetzner cloud server with no current malicious activity. While the subnet shows minor abuse density, the IP itself is low risk. SOC teams should focus on monitoring neighbors and ensuring the IP is not repurposed for unauthorized use. No firewall rules or blocking actions are recommended at this time.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Hetzner Online GmbH - Contact Role |
| ASN | AS24940 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | static.135.106.105.178.clients.your-server.de |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | static.135.106.105.178.clients.your-server.de |
๐ DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | Caddy |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 31% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 35% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 28% | 1 | 4 |
| geolocation | 33% | 2 | 3 |
| Overall | 27% | 10 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-18 15:25:50 UTC |
| Last Seen | 2026-06-28 07:30:13 UTC |
| Profile Built | 2026-06-29 01:35:48 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 29 |
Full dossier details are available via our API.