46.224.84.215
# IP Intelligence Briefing: 46.224.84.215/32
Classification: High Risk (Score: 70/100)
Date of Analysis: 2026-06-16
Status: Requires Monitoring
---
## EXECUTIVE SUMMARY
IP address 46.224.84.215 is hosted by Hetzner Online GmbH (AS24940) within the CLOUD-NBG1 cloud infrastructure block (46.224.80.0/20). Despite a moderate-high risk score of 70/100, the IP shows no active threat indicators, known malicious campaigns, or blacklist presence. The address resolves to a Your-Server DNS hostname (static.215.84.224.46.clients.your-server.de) and operates as firewalled cloud infrastructure with no open services detected.
---
## OWNERSHIP & GEOLOCATION
Organization: Hetzner Online GmbH - Contact Role
ASN: 24940 (Hetzner)
CIDR Block: 46.224.80.0/20
Geolocation: Gunzenhausen, Bavaria, Germany (DE)
Coordinates: 51.17°N, 10.45°E
Infrastructure Type: CloudCompute, Hosting Enabled
Network Classification: Cloud provider infrastructure
---
## THREAT INDICATORS
| Indicator | Status |
|---|---|
| Risk Score | 70/100 (High Risk) |
| Known Attacker | No |
| Tor Exit Node | No |
| Spam Source | No |
| Blacklist Count | 0 |
| DNSBL Listed | 4/8 lists |
| Active Services | None (Firewalled) |
| Open Ports | 0 |
| Known Campaigns | None |
Notable: DNSBL presence indicates 4 of 8 threat feeds have listed this IP, suggesting prior activity or reputation issues.
---
## OBSERVATION HISTORY (19 Signals)
Recent observation activity recorded on 2026-06-16 includes:
- Banner/Port Scans: Multiple scanning attempts detected with varying confidence levels (0.30-0.70)
- Ownership Verification: Stable ownership with 0 changes recorded
- Subnet Classification: Consistently classified as "clean" with 0 abuse density
- Geolocation: Inferred location at German coordinates with 400km accuracy radius
- Persistent Activity: No persistent malicious behavior observed (threat_persistence_days: 0)
Temporal Analysis: No ownership changes, no threat observation count, and no persistently malicious classification.
---
## NETWORK RELATIONSHIPS
Total Relationships: 10
Primary Associations:
- Network: CLOUD-NBG1 (Same Network)
- Hostname: static.215.84.224.46.clients.your-server.de (DNS Association)
No External Associations: No links to external organizations, certificates, or correlated malicious IPs detected.
---
## SUBNET ANALYSIS
Subnet: 46.224.84.215/24
Abuse Density: 0
Classification: Clean
Sibling IPs: 0
Threat Siblings: 0
Risk Distribution: High: 0, Medium: 0, Low: 0
The immediate /24 neighborhood shows no threat presence, suggesting the risk score may be derived from historical activity rather than current subnet-wide behavior.
---
## RECOMMENDED ACTIONS
Primary Recommendation: Increase logging verbosity and review recent activity from this IP.
Firewall Rules (Recommended):
| Platform | Rule |
|---|---|
| iptables | `iptables -A INPUT -s 46.224.84.215 -j DROP` |
| nftables | `nft add rule inet filter input ip saddr 46.224.84.215 drop` |
| nginx | `deny 46.224.84.215;` |
| pfSense | `46.224.84.215/32` |
| Cloudflare WAF | Block with filter expression `ip.src eq 46.224.84.215` |
| AWS WAF | Add `46.224.84.215/32` to whitelist/denylist |
Rationale: The elevated risk score (70/100) combined with DNSBL listings and scanning activity warrants defensive blocking and enhanced monitoring despite the absence of confirmed malicious indicators.
---
## INTELLIGENCE ASSESSMENT
This IP presents a moderate-high risk profile driven by DNSBL listings and scanning activity rather than confirmed malicious behavior. The Hetzner cloud infrastructure designation and clean subnet classification suggest legitimate hosting, though the risk score indicates prior problematic activity. SOC teams should implement blocking controls while maintaining logs for correlation with other threat intelligence feeds. The absence of open services and persistent malicious activity reduces immediate threat severity, but the risk score warrants continued observation.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Hetzner Online GmbH - Contact Role |
| ASN | AS24940 |
| Network Name | CLOUD-NBG1 |
| CIDR Block | 46.224.80.0/20 |
| RIR | RIPE |
| Country | DE |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | static.215.84.224.46.clients.your-server.de |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | static.215.84.224.46.clients.your-server.de |
๐ DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 38% | 2 | 4 |
| routing | 17% | 1 | 1 |
| services | 24% | 2 | 2 |
| ownership | 35% | 2 | 3 |
| reputation | 32% | 1 | 3 |
| geolocation | 17% | 1 | 1 |
| Overall | 27% | 9 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-06-09 20:27:40 UTC |
| Last Seen | 2026-06-21 16:51:19 UTC |
| Profile Built | 2026-06-21 16:59:02 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 22 |
Full dossier details are available via our API.