# IP INTELLIGENCE BRIEFING
Subject: 217.154.47.221/32
Classification: LOW RISK
Generated: 2026-06-25
---
## EXECUTIVE SUMMARY
The IP address 217.154.47.221 is a cloud-hosted web server infrastructure asset operated by IONOS SE (AS8560) with geolocation anchored to Worcester, England. Current risk assessment indicates LOW RISK (Score: 25/100) with no active threat indicators or known malicious activity. The asset exhibits standard web server characteristics with HTTPS termination and SSH access enabled.
---
## OWNERSHIP & INFRASTRUCTURE
| Attribute | Value |
|---|---|
| **ASN** | AS8560 (IONOS SE) |
| **Organization** | IONOS SE |
| **Geolocation** | Worcester, England, GB |
| **CIDR Block** | 217.154.47.0/24 |
| **BGP Origin** | 217.154.47.0/24 via AS34549โAS8560 |
| **Network Type** | Cloud Infrastructure (gb-wtr-ionos-cloud-bhx1) |
| **Registration** | RIR: RIPE |
---
## NETWORK SERVICES & FINGERPRINT
- Open Ports: 22 (SSH), 443 (HTTPS)
- Reverse DNS: ip217.154.47-221.pbiaas.com (forward-confirmed)
- TLS Certificate: None observed
- Email Authentication: SPF and DMARC records configured
- Control Plane: Route stability flagged as FALSE; 0 route changes in 30 days
---
## THREAT ASSESSMENT
Current Status
- Risk Score: 25/100 (Low Risk)
- Abuse Confidence: Not applicable
- Known Attacker: FALSE
- Tor Exit Node: FALSE
- Blacklist Count: 0
- Threat Feeds: None detected
- Campaign Correlation: None
Historical Signals (31 observations)
- Recent activity observed: 2026-06-25
- One proxy/VPN signal detected (confidence 0.85)
- No persistent malicious behavior observed
- Threat observation count: 1 (non-persistent)
---
## NEIGHBORHOOD ANALYSIS
Subnet: 217.154.47.0/24
Classification: mostly_clean
Abuse Density: 1/100 (minimal)
Total Siblings: 1 active
Threat Siblings: 1
Inherited Risk: 2/100
The immediate /24 neighborhood demonstrates minimal abuse density, consistent with cloud hosting infrastructure patterns.
---
## RELATIONSHIP GRAPH
Total Relationships: 122
Primary Associations:
- Same Network (gb-wtr-ionos-cloud-bhx1) โ 117+ duplicate references
- No significant organizational or certificate correlations detected
---
## SECURITY ACTIONS RECOMMENDED
Current Risk Level: Low (25/100)
Recommendations: None required at this time. Standard defensive measures apply:
- Monitor for service behavior changes
- Verify SSH access policies align with organizational security standards
- Maintain baseline logging for HTTPS traffic patterns
---
## INTELLIGENCE CONCLUSION
IP 217.154.47.221 represents a benign cloud infrastructure asset with established web server functionality. The low risk score (25), absence of threat indicators, and clean neighborhood profile support continued monitoring without immediate defensive action. The single proxy-related historical signal requires contextual evaluation but does not elevate current threat posture.
Analyst Notes: Asset appears to be part of IONOS SE cloud hosting infrastructure. No evidence of command-and-control activity, spam source behavior, or known attack patterns. Standard SOC monitoring protocols apply.
---
*Intelligence produced by IPDebrief® Security Intelligence Platform*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | AS8560-MNT |
| ASN | AS8560 |
| Network Name | โ |
| CIDR Block | 217.154.47.0/24 |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | ip217.154.47-221.pbiaas.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | ip217.154.47-221.pbiaas.com |
๐ DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Web Server |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 443 | https | tcp | โ |
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 22% | 2 | 4 |
| routing | 15% | 2 | 2 |
| services | 28% | 2 | 4 |
| ownership | 24% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 27% | 2 | 3 |
| Overall | 23% | 11 | 19 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:05:38 UTC |
| Last Seen | 2026-06-25 01:03:28 UTC |
| Profile Built | 2026-06-25 01:10:10 UTC |
| Data Freshness | Live |
| Signal Types | 28 |
| Total Observations | 28 |
Full dossier details are available via our API.