204.168.227.105
## IP Intelligence Briefing: 204.168.227.105/32
Classification: LOW RISK โ Cloud Hosting Infrastructure
Date: Current assessment period
Analyst: IPDebrief Intelligence Team
Executive Summary
The target IP address 204.168.227.105 belongs to Hetzner Online GmbH (ASN 24940), a German cloud hosting provider. The IP maintains a low overall risk score of 25 and demonstrates consistent operational stability across all observation periods. No active threat indicators were detected during the assessment window.
Technical Profile
Ownership & Infrastructure
- Organization: Hetzner Online GmbH - Contact Role
- ASN: 24940 (Hetzner Online GmbH)
- RIR: ARIN
- Infrastructure Type: Cloud Compute / Hosting
- Network Role: Provider/Host
Geolocation
- Country: Finland (FI)
- GeoPlausible: Yes
- Distance from reference: 235km
- Geolocation validation: ICMP blocked during probe phase; location data deemed plausible based on routing and operator data
DNS Resolution
- PTR Record: static.105.227.168.204.clients.your-server.de
- Forward Resolution: Confirmed
- Hosted Domain: your-server.de
- Email Authentication: SPF and DMARC records present
Network Services
- Open Ports: None detected
- Active Services: None observed
- TLS Certificate: Not detected
- HTTP Banner: Not detected
Risk Assessment
Overall Risk Score: 25 (Low Risk)
Operator Score: 0.087 (Minimal)
Abuse Confidence: Not applicable
Threat Indicators: None detected
Blacklist Status: 0 entries
The IP address demonstrated no evidence of malicious activity across all monitored threat feeds. No association with known campaigns, attacker infrastructure, or spam sources was identified.
Threat Indicators Matrix:
- Is Tor Exit Node: No
- Is Known Attacker: No
- Is Spam Source: No
- Is Proxy: No
- Is VPN: No
Temporal Analysis
The IP address has been observed 22 times across the monitoring period. Historical data indicates:
- Risk profile has remained stable
- No significant ownership changes detected
- Threat observation count: 1 (non-malicious)
- Is persistently malicious: No
- Operator score remained consistent at 0.087 across observations
Network Relationships
Connected Entities:
- 49 relationships identified
- Associated network: CLOUD-HEL1 (Hetzner cloud infrastructure)
- DNS associations: Multiple reverse DNS entries mapping to your-server.de hosting
Campaign Analysis:
- Campaign likelihood: None
- Certificate matches: 0
- Correlated IPs: 0
- Banner matches: 0
Neighborhood Analysis
Subnet: 204.168.227.105/24
- Abuse Density: 0 (Clean)
- Classification: Mostly Clean
- Total Siblings: 1
- Active Siblings: 1
- Threat Siblings: 1
The immediate /24 subnet shows minimal abuse activity and maintains a clean classification. No concerning patterns detected in neighboring addresses.
Recommended Actions
Security Posture: Monitor
- No immediate blocking recommended based on current risk profile
- Standard logging and monitoring advised for cloud hosting environments
- Consider rate limiting based on service requirements
Firewall Configuration:
No specific firewall rules were generated by the automated assessment system. The IP maintains a low-risk profile suitable for standard allow-listing with standard traffic monitoring.
Conclusion
IP address 204.168.227.105 represents legitimate cloud hosting infrastructure operated by Hetzner Online GmbH. The address shows no indicators of malicious activity and maintains consistent low-risk characteristics throughout the observation period. No action is required beyond standard monitoring practices for cloud hosting environments.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Hetzner Online GmbH - Contact Role |
| ASN | AS24940 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | static.105.227.168.204.clients.your-server.de |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | static.105.227.168.204.clients.your-server.de |
๐ DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 28% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 17% | 2 | 3 |
| reputation | 24% | 1 | 3 |
| geolocation | 35% | 2 | 3 |
| Overall | 22% | 10 | 16 |
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Moderate (55%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-12 09:40:59 UTC |
| Last Seen | 2026-06-27 21:16:20 UTC |
| Profile Built | 2026-06-28 21:22:28 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 27 |
Full dossier details are available via our API.