INTELLIGENCE BRIEFING: 46.225.223.141
Classification: Low Risk / Cloud Infrastructure Asset
Analysis Date: Current
Risk Score: 25/100
---
OWNERSHIP & INFRASTRUCTURE
IP 46.225.223.141 is assigned to AS24940 (Hetzner Online GmbH), operating within the CLOUD-NBG1 subnet (46.225.208.0/20). The asset is provisioned as cloud compute infrastructure in Nuremberg, Bavaria, Germany (coordinates: 51.17°N, 10.45°E). The IP resolves via DNS to your-server.de with associated PTR hostname static.141.223.225.46.clients.your-server.de. Email authentication records (SPF, DMARC) are configured.
---
NETWORK SERVICES
Active services include HTTP (port 80) and HTTPS (port 443). TLS certificate issued by TRAEFIK DEFAULT CERT (not self-signed). HTTP/2 protocol supported. Server returns 503 (Service Unavailable) status code.
---
THREAT INDICATORS
- Blacklist count: 0
- Known campaigns: None
- Tor exit node: No
- Known attacker: No
- Spam source: No
- Abuse confidence score: Not available
Anomaly Detection:
Control plane analysis indicates the BGP route (46.224.0.0/15) is unstable. DNSBL listing count: 1 of 8 total lists.
---
OBSERVATION HISTORY (23 signals)
Historical data reveals geolocation signal inconsistencies:
- 2026-06-21: Country DE (confidence: 0.52)
- 2026-06-16: Country IR detected via Alienvault OTX (confidence: 0.85) with threat pulse associations
One historical observation (2026-06-16) flagged the IP with threat indicators from Alienvault OTX (7 pulse names), though current profile shows no active threat indicators. The IP is not classified as persistently malicious.
---
NEIGHBORHOOD ANALYSIS (46.225.223.0/24)
Subnet abuse density: 0
Classification: Clean
Total siblings: 1
Active siblings: 1
Threat siblings: 0
---
NETWORK RELATIONSHIPS
21 relationships identified:
- Multiple Same Network associations to CLOUD-NBG1 subnet
- DNS associations to your-server.de infrastructure
---
RECOMMENDED ACTIONS
No specific firewall rules or remediation actions generated. The IP presents as a standard cloud hosting asset with historical but not currently active threat indicators.
INTEL NOTE: While the IP currently registers as low-risk (25/100) with no active threat indicators, the historical detection of Iranian geolocation signals and Alienvault OTX threat associations warrants continued monitoring. The route instability and DNSBL listing suggest potential infrastructure volatility. Recommend inclusion in monitoring queues for anomaly detection on traffic patterns from this subnet.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Hetzner Online GmbH - Contact Role |
| ASN | AS24940 |
| Network Name | CLOUD-NBG1 |
| CIDR Block | 46.225.208.0/20 |
| RIR | RIPE |
| Country | DE |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | static.141.223.225.46.clients.your-server.de |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | static.141.223.225.46.clients.your-server.de |
๐ DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | 1/2 domains |
| DMARC | 1/2 domains |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
| Domains Checked | 2 domains |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| Closed Ports | 22, 25, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | b5f4d7c7697e80bc41f12b9ae225f12f.15d9dc040f5c977d17b5477acc63d507.traefik.default |
| Valid From | 2026-06-06T08:23:07+00:00 |
| Valid Until | 2027-06-06T08:23:07+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_128_GCM_SHA256 |
| Signature Algorithm | sha256RSA |
| Validity Period | 365 days |
| Serial Number | 7EB2877ACDB0C10D7A01650DE24DBFCC |
| Thumbprint | 3FF0092B3BD0042F275C5721D6D09FD486E94B7A |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 32% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 30% | 2 | 3 |
| ownership | 27% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 27% | 2 | 2 |
| Overall | 24% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-06-04 12:42:28 UTC |
| Last Seen | 2026-06-21 11:33:17 UTC |
| Profile Built | 2026-06-21 11:42:27 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 26 |
Full dossier details are available via our API.