195.201.110.138
# IPDEBRIEF INTELLIGENCE BRIEFING
Target: 195.201.110.138/32
Classification: Defensive Security Intelligence
Date: 2026-06-21
Risk Level: Low Risk (Score: 25/100)
---
## EXECUTIVE SUMMARY
IP 195.201.110.138 is a cloud infrastructure endpoint hosted by Hetzner Online GmbH (AS24940) in Falkenstein, Saxony, Germany. The IP exhibits low-risk characteristics with no active threat indicators, no open services, and stable network routing. The address is associated with the domain hydroservicebudel.com and functions as a mail server within Hetzner's FSN1 data center infrastructure.
---
## INFRASTRUCTURE PROFILE
| Attribute | Value |
|---|---|
| **Organization** | Hetzner Online GmbH |
| **AS Number** | 24940 |
| **Network** | HETZNER-fsn1-dc4 (195.201.110.128/26) |
| **Geolocation** | Falkenstein, Saxony, DE |
| **Infrastructure Type** | CloudCompute / Hosting |
| **Risk Score** | 25 (Low Risk) |
| **Reputation** | Low Risk |
---
## THREAT INDICATORS
- Known Campaigns: None detected
- Blacklist Count: 0
- Pulsedive Risk: Not applicable
- Tor Exit Node: No
- Known Attacker: No
- Spam Source: No
- Abuse Confidence Score: N/A
---
## NETWORK BEHAVIOR
- Open Ports/Services: None detected (firewalled/no services)
- DNS Association: mail.hydroservicebudel.com
- Email Auth: SPF and DMARC records present
- Control Plane: Routing stable (isRouteStable: true)
- BGP Origin: 195.201.0.0/16 (AS6939, AS24940)
- Route Stability: Confirmed with zero changes in 30 days
---
## OBSERVATION HISTORY
Analysis of 25 historical observations indicates consistent infrastructure characteristics:
- Infrastructure Classification: CloudCompute (consistent across observations)
- Network Abuse Density: 1 (minimal)
- Classification: "mostly_clean"
- Threat Persistence: Zero days; no persistent malicious activity observed
- Observation Count: 1 threat observation recorded
---
## RELATIONSHIP GRAPH
- DNS Associations: mail.hydroservicebudel.com (30 relationship entries)
- Network Affiliations: HETZNER-fsn1-dc4 (30 relationship entries)
- External Organizations: None detected
- Certificates: None associated
---
## NEIGHBORHOOD ANALYSIS (195.201.110.0/24)
- Total Siblings: 1
- Active Siblings: 1
- Threat Siblings: 1
- Abuse Density: 1 (low)
- Classification: "mostly_clean"
- Risk Distribution: No high or medium-risk neighbors detected
---
## SECURITY ACTIONS
| Category | Recommendation |
|---|---|
| **Firewall Rules** | No specific rules required (low-risk profile) |
| **Monitoring Priority** | Standard monitoring |
| **Threat Hunting** | No immediate indicators requiring investigation |
---
## ANALYSIS NOTES
The target IP demonstrates characteristics typical of legitimate cloud hosting infrastructure. The absence of open services, combined with proper email authentication (SPF/DMARC) and stable routing, supports classification as low-risk. The single threat sibling in the /24 subnet warrants awareness but does not indicate direct compromise of this endpoint.
Recommended Actions:
1. Monitor for service enumeration attempts (no services currently open)
2. Maintain standard email reputation monitoring for mail.hydroservicebudel.com
3. No immediate blocking or mitigation required
---
Report Generated: IPDebrief Intelligence Platform
Data Sources: Multi-signal aggregation including geolocation, DNS, control plane, and threat feeds
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Hetzner Online GmbH - Contact Role |
| ASN | AS24940 |
| Network Name | HETZNER-fsn1-dc4 |
| CIDR Block | 195.201.110.128/26 |
| RIR | RIPE |
| Country | DE |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | mail.hydroservicebudel.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | mail.hydroservicebudel.com |
๐ DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 443 | https | tcp | โ |
| Closed Ports | 22, 25, 80, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | admin.hydroservicebudel.comhydroservicebudel.commail.hydroservicebudel.com |
| Valid From | 2026-05-28T15:24:19+00:00 |
| Valid Until | 2026-08-26T15:24:18+00:00 |
| TLS Protocol | Tls12 |
| Cipher Suite | TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 |
| Signature Algorithm | sha384ECDSA |
| Validity Period | 89 days |
| Serial Number | 0603CB481274A9A1D815E1D465584A300F78 |
| Thumbprint | 9AFD79C8AA195A1402ACE3C5E49A220A9DD0F18C |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 31% | 2 | 3 |
| services | 15% | 2 | 2 |
| ownership | 40% | 3 | 6 |
| reputation | 22% | 1 | 3 |
| geolocation | 38% | 2 | 4 |
| Overall | 29% | 12 | 22 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-28 00:16:22 UTC |
| Last Seen | 2026-06-29 04:56:33 UTC |
| Profile Built | 2026-06-29 05:31:22 UTC |
| Data Freshness | Live |
| Signal Types | 26 |
| Total Observations | 29 |
Full dossier details are available via our API.