178.105.221.132
IP Intelligence Briefing: 178.105.221.132
Date: 2026-06-16
---
**1. Risk Profile**
- Overall Risk: Low (Risk Score: 25)
- Threat Indicators:
- 1 high-severity listing in 8 threat intelligence sources (confidence: 85%).
- DNSBL listing (moderate confidence).
- Network Role: Cloud compute instance (Hetzner Online GmbH, Germany).
- Geolocation: Berlin, Germany (DE).
---
**2. Network & Hosting Context**
- Provider: Hetzner Online GmbH (ASN 24940).
- Hosting Type: Firewalled / No Services (no open ports detected).
- DNS:
- PTR hostname: `static.132.221.105.178.clients.your-server.de`.
- Email security: SPF and DMARC records detected.
- BGP:
- Prefix: `178.104.0.0/15` (Hetznerβs ASN).
- Route stability: Unstable (0 route changes in 30 days).
---
**3. Observation History**
- Recent Activity (Last 30 Days):
- 12 observations, including:
- DNSSEC validation and CAA records.
- High-severity threat listing (likely false positive, low confidence).
- DNSBL listing (moderate confidence).
- No persistent malicious activity or campaign correlations.
---
**4. Relationships & Neighbors**
- Linked Entities:
- DNS hostname: `your-server.de` (SPF/DMARC configured).
- Subnet Neighbors:
- No active neighbors in the `/24` subnet (0 siblings).
- Subnet abuse density: 0%.
---
**5. Recommendations**
- Monitor: Track the high-severity threat listing (verify source credibility).
- Verify: Investigate the DNSBL listing to confirm legitimacy.
- Secure: Ensure the cloud instanceβs firewall rules are restrictive, given no services are exposed.
- Audit: Review DNS configurations and email security policies for potential misconfigurations.
Conclusion: This IP is associated with a low-risk cloud-hosted server in Germany. While minor threat indicators exist, no active malicious activity is detected. Continuous monitoring is advised.
---
*Generated by IPDebrief Threat Intelligence Platform.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Hetzner Online GmbH - Contact Role |
| ASN | AS24940 |
| Network Name | CLOUD-FSN1 |
| CIDR Block | 178.105.208.0/20 |
| RIR | RIPE |
| Country | DE |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | static.132.221.105.178.clients.your-server.de |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | static.132.221.105.178.clients.your-server.de |
π DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Multi-Service Host |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 443, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | nginx/1.28.3 (Ubuntu) |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_10.2p1 Ubuntu-2ubuntu3.2 |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 3 |
| routing | 17% | 1 | 1 |
| services | 35% | 2 | 3 |
| ownership | 35% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 17% | 1 | 1 |
| Overall | 26% | 9 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-07 19:58:31 UTC |
| Last Seen | 2026-06-21 14:09:43 UTC |
| Profile Built | 2026-06-21 14:15:12 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 25 |
Full dossier details are available via our API.