188.245.54.112

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 188.245.54.112

Date: 2026-06-16

Classification: Moderate Risk

Analyst: IPDebrief Intelligence Team

## Executive Summary

IP 188.245.54.112 is a Hetzner Online GmbH cloud compute endpoint classified as Moderate Risk (Risk Score: 40/100). The IP is provisioned within the DE-HETZNER-20110117 CIDR block (188.245.0.0/16) and resolves to a static hostname associated with your-server.de. Current threat indicators indicate no active malicious activity, though the IP has been flagged on 2 DNS blacklists.

## Ownership & Infrastructure

ASN: 24940 (Hetzner Online GmbH)
Organization: Hetzner Online GmbH - Contact Role
Network: DE-HETZNER-20110117 /16
RIR: RIPE
Geolocation: Gunzenhausen, Saxony, Germany (DE)
Infrastructure Type: CloudCompute / Hosting
Provider: Hetzner

The IP is classified as cloud-hosted infrastructure with firewalled/no services currently exposed. No open ports detected.

## DNS & Resolution

PTR Record: static.112.54.245.188.clients.your-server.de
Forward Resolution: Confirmed to static.112.54.245.188.clients.your-server.de
Domain: your-server.de
Email Authentication: SPF configured (yes), DMARC configured (yes)
DNSSEC: Valid

## Threat Indicators

Abuse Confidence Score: Not applicable
Tor Exit Node: No
Known Attacker: No
Spam Source: No
Blacklist Count: 0 (current profile)
DNSBL Listed: 2 of 8 total lists
Threat Observation Count: 1
Persistently Malicious: No

## Network Context

The IP resides in subnet 188.245.54.112/24 with an abuse density rating of 1 (mostly clean classification). One threat sibling observed within the subnet. No active sibling connections detected. The subnet inherits a risk score of 2.

## Observations History

18 historical observations recorded. Recent activity from 2026-06-16 shows:

Abuse density: 1
Classification: mostly_clean
Inherited risk: 2
No ownership changes detected
No persistent malicious behavior observed

## Network Classification Flags

Cloud: Yes
CDN: No
VPN: No
Proxy: No
Tor: No
Hosting: Yes
Mobile: No
Residential: No
Bogon: No
Anycast: No

## Recommended Actions

Based on current risk profile (Moderate Risk, Score: 40), the following firewall rules are recommended:

```bash

# Allow established traffic

iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT

# Block high-risk port scans from this subnet

iptables -A INPUT -s 188.245.0.0/16 -p tcp --tcp-flags ALL ALL -j DROP

# Allow DNS traffic if needed

iptables -A INPUT -p udp --dport 53 -j ACCEPT

# Log and drop suspicious connection attempts

iptables -A INPUT -p tcp --dport 22 -j LOG --log-prefix "SSH_ATTEMPT: "

iptables -A INPUT -p tcp --dport 22 -j DROP

```

## Intelligence Assessment

This IP represents standard cloud infrastructure from a legitimate German hosting provider. The moderate risk score correlates with the 2 DNSBL listings and historical threat observation count. No immediate threat indicators suggest active malicious use. The IP should be monitored but does not require immediate blocking unless it exhibits suspicious behavioral patterns.

---

*Intel generated by IPDebrief Intelligence Platform*

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇩🇪 Germany
Region	Saxony
City	D-91710 Gunzenhausen
Timezone	Europe/Berlin
Latitude	51.17
Longitude	10.45

🏢 Ownership & Registration

Organization	Hetzner Online GmbH - Contact Role
ASN	AS24940
Network Name	DE-HETZNER-20110117
CIDR Block	188.245.0.0/16
RIR	RIPE
Country	DE
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	static.112.54.245.188.clients.your-server.de
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`static.112.54.245.188.clients.your-server.de`

🔐 DNS Hygiene

Hygiene Score	100% (Excellent)
SPF	Present
DMARC	Present
FCrDNS	Verified
DNSSEC	Valid
CAA	Present

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Tier 3 — Basic operator with some routing infrastructure

Hosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	32%	2	3
routing	13%	1	1
services	13%	1	1
ownership	30%	2	3
reputation	28%	1	3
geolocation	13%	1	1
Overall	21%	8	12

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-06-06 01:23:56 UTC
Last Seen	2026-06-21 12:45:31 UTC
Profile Built	2026-06-21 12:48:31 UTC
Data Freshness	Live
Signal Types	19
Total Observations	21

🔍 19 signal types · 21 observations collected

This report is generated from 19+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

188.245.54.112📋 Copy