46.225.223.141

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

INTELLIGENCE BRIEFING: 46.225.223.141

Classification: Low Risk / Cloud Infrastructure Asset

Analysis Date: Current

Risk Score: 25/100

---

OWNERSHIP & INFRASTRUCTURE

IP 46.225.223.141 is assigned to AS24940 (Hetzner Online GmbH), operating within the CLOUD-NBG1 subnet (46.225.208.0/20). The asset is provisioned as cloud compute infrastructure in Nuremberg, Bavaria, Germany (coordinates: 51.17°N, 10.45°E). The IP resolves via DNS to your-server.de with associated PTR hostname static.141.223.225.46.clients.your-server.de. Email authentication records (SPF, DMARC) are configured.

---

NETWORK SERVICES

Active services include HTTP (port 80) and HTTPS (port 443). TLS certificate issued by TRAEFIK DEFAULT CERT (not self-signed). HTTP/2 protocol supported. Server returns 503 (Service Unavailable) status code.

---

THREAT INDICATORS

Blacklist count: 0
Known campaigns: None
Tor exit node: No
Known attacker: No
Spam source: No
Abuse confidence score: Not available

Anomaly Detection:

Control plane analysis indicates the BGP route (46.224.0.0/15) is unstable. DNSBL listing count: 1 of 8 total lists.

---

OBSERVATION HISTORY (23 signals)

Historical data reveals geolocation signal inconsistencies:

2026-06-21: Country DE (confidence: 0.52)
2026-06-16: Country IR detected via Alienvault OTX (confidence: 0.85) with threat pulse associations

One historical observation (2026-06-16) flagged the IP with threat indicators from Alienvault OTX (7 pulse names), though current profile shows no active threat indicators. The IP is not classified as persistently malicious.

---

NEIGHBORHOOD ANALYSIS (46.225.223.0/24)

Subnet abuse density: 0

Classification: Clean

Total siblings: 1

Active siblings: 1

Threat siblings: 0

---

NETWORK RELATIONSHIPS

21 relationships identified:

Multiple Same Network associations to CLOUD-NBG1 subnet
DNS associations to your-server.de infrastructure

---

RECOMMENDED ACTIONS

No specific firewall rules or remediation actions generated. The IP presents as a standard cloud hosting asset with historical but not currently active threat indicators.

INTEL NOTE: While the IP currently registers as low-risk (25/100) with no active threat indicators, the historical detection of Iranian geolocation signals and Alienvault OTX threat associations warrants continued monitoring. The route instability and DNSBL listing suggest potential infrastructure volatility. Recommend inclusion in monitoring queues for anomaly detection on traffic patterns from this subnet.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇩🇪 Germany
Region	Bavaria
City	Nuremberg
Timezone	Europe/Berlin
Latitude	51.17
Longitude	10.45

🏢 Ownership & Registration

Organization	Hetzner Online GmbH - Contact Role
ASN	AS24940
Network Name	CLOUD-NBG1
CIDR Block	46.225.208.0/20
RIR	RIPE
Country	DE
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	static.141.223.225.46.clients.your-server.de
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`static.141.223.225.46.clients.your-server.de`

🔐 DNS Hygiene

Hygiene Score	100% (Excellent)
SPF	1/2 domains
DMARC	1/2 domains
FCrDNS	Verified
DNSSEC	Valid
CAA	Present
Domains Checked	2 domains

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Tier 3 — Basic operator with some routing infrastructure

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
443	https	tcp	—
Closed Ports	22, 25, 3389, 8080, 8443 (2 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

A self-signed certificate was detected. This is common for development servers, internal services, or IoT devices.

⚠️

CN=TRAEFIK DEFAULT CERT

Issued by CN=TRAEFIK DEFAULT CERT

Self-signed: Yes

SANs	b5f4d7c7697e80bc41f12b9ae225f12f.15d9dc040f5c977d17b5477acc63d507.traefik.default
Valid From	2026-06-06T08:23:07+00:00
Valid Until	2027-06-06T08:23:07+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_128_GCM_SHA256
Signature Algorithm	sha256RSA
Validity Period	365 days
Serial Number	7EB2877ACDB0C10D7A01650DE24DBFCC
Thumbprint	3FF0092B3BD0042F275C5721D6D09FD486E94B7A

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	32%	2	3
routing	13%	1	1
services	30%	2	3
ownership	27%	2	3
reputation	17%	1	2
geolocation	27%	2	2
Overall	24%	10	14

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-06-04 12:42:28 UTC
Last Seen	2026-06-21 11:33:17 UTC
Profile Built	2026-06-21 11:42:27 UTC
Data Freshness	Live
Signal Types	23
Total Observations	26

🔍 23 signal types · 26 observations collected

This report is generated from 23+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

46.225.223.141📋 Copy