204.168.218.69

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IPDEBRIEF INTELLIGENCE BRIEFING

Target: 204.168.218.69/32

Classification: Low Risk - Cloud Infrastructure

---

EXECUTIVE SUMMARY

IP 204.168.218.69 is a Hetzner Online GmbH cloud hosting resource located in Helsinki, Finland. Current risk score is 25 (Low Risk). The IP is currently firewalled with no active services, but historical threat signals indicate potential abuse associations. Recommend monitoring but no immediate blocking action.

---

OWNERSHIP & INFRASTRUCTURE

Provider: Hetzner Online GmbH (AS24940)
Network Name: CLOUD-HEL1
BGP Prefix: 204.168.128.0/17
Infrastructure Type: CloudCompute / Cloud Hosting
Location: Helsinki, Uusimaa, Finland (FI)
Network Classification: Firewalled / No Services

---

THREAT INDICATORS

Risk Score: 25 (Low Risk)
Blacklist Status: Listed on 1 of 8 DNSBLs
Known Attacker: No
Tor Exit Node: No
Spam Source: No
Known Campaigns: None identified

Historical Threat Signals:

22 total observations recorded
June 2020: Signal showing ASN AS15435 (delta fiber nederland b.v.) with threat indicators (18 pulse associations)
Recent observations (June 2026): Low confidence signals (0.18-0.60) with "Basic" and "Minimal" operator scores
Threat persistence: Not persistently malicious

---

NETWORK BEHAVIOR

Services: No open ports detected
DNS Resolution: static.69.218.168.204.clients.your-server.de (your-server.de)
PTR Record: Forward confirmed
Email Auth: SPF and DMARC records present
Route Stability: Not route stable (route changes detected in 30-day window)

---

SUBNET ANALYSIS

Subnet: 204.168.218.69/24
Abuse Density: 0 (clean)
Threat Siblings: 1 identified
Active Neighbors: 0
Classification: Mostly clean

---

RELATIONSHIP MAPPING

DNS Associations: Multiple entries to static.69.218.168.204.clients.your-server.de
Network Relationships: Associated with CLOUD-HEL1 network
Total Relationships: 42 (primarily DNS and network associations)

---

RECOMMENDED ACTIONS

1. Monitor: Track for changes in threat indicators and service activation

2. Firewall Rules: No immediate blocking recommended; allow traffic with logging

3. Correlation: Investigate the 1 threat sibling IP in the /24 subnet

4. Context: IP is cloud-hosted with firewalled services; typical for hosting environment

---

INTELLIGENCE CONFIDENCE: MEDIUM

*Data sufficiency is adequate for operational decision-making. Historical threat signals warrant continued monitoring despite current low-risk classification.*

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇫🇮 Finland
Region	Uusimaa
City	Helsinki
Timezone	Europe/Helsinki
Latitude	51.30
Longitude	9.49

🏢 Ownership & Registration

Organization	Hetzner Online GmbH - Contact Role
ASN	AS24940
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	static.69.218.168.204.clients.your-server.de
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`static.69.218.168.204.clients.your-server.de`

🔐 DNS Hygiene

Hygiene Score	100% (Excellent)
SPF	Present
DMARC	Present
FCrDNS	Verified
DNSSEC	Valid
CAA	Present

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Single-Service Host
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
22	ssh	tcp	SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16
Closed Ports	25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned)

Server	—
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	30%	2	3
routing	13%	1	1
services	21%	2	2
ownership	20%	2	3
reputation	28%	1	3
geolocation	33%	2	3
Overall	24%	10	15

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-21 14:57:07 UTC
Last Seen	2026-06-28 14:04:44 UTC
Profile Built	2026-06-29 02:07:54 UTC
Data Freshness	Live
Signal Types	22
Total Observations	25

🔍 22 signal types · 25 observations collected

This report is generated from 22+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

204.168.218.69📋 Copy