46.4.161.109

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING: 46.4.161.109

## Executive Summary

Target IP 46.4.161.109 is classified as Low Risk with an overall risk score of 25. The IP is hosted within Hetzner Online GmbH cloud infrastructure (ASN 24940) in Gunzenhausen, Germany. No active threat indicators, campaign associations, or persistent malicious behavior were observed. The IP shows minimal abuse exposure with one DNSBL listing out of eight total lists.

## Infrastructure Profile

IP Address: 46.4.161.109/32
Provider: Hetzner Online GmbH (HOS-1265119)
Network Range: 46.4.161.96/27
ASN: 24940
Registry: RIPE
Location: D-91710 Gunzenhausen, Saxony, Germany (51.17°N, 10.45°E)
Infrastructure Type: Cloud Computing
Timezone: Europe/Berlin

## DNS Resolution

PTR Record: server.edwin.one
Forward Resolution: server.edwin.one (unconfirmed)
Email Authentication: SPF and DMARC records present
No forward confirmation: Reverse DNS does not resolve to the queried IP

## Network Services & Ports

Open Ports: None detected
TLS Certificate: None
HTTP Services: None active
Service Classification: Firewalled / No Services
Scanner Detection: No open port enumeration strikes recorded

## Threat Indicators

Abuse Confidence Score: Not applicable
Blacklist Status: 0 explicit blacklists
DNSBL Listings: 1 out of 8 total lists (high severity)
Tor Exit Node: False
Known Attacker: False
Spam Source: False
Known Campaigns: None identified
Threat Feeds: No matches

## Temporal Analysis

Observation Count: 16 signals collected
Most Recent Observation: 2026-06-16T20:56:23 UTC
Ownership Stability: 0 ownership changes recorded
Threat Persistence: 0 days (not persistently malicious)
Route Stability: Route changes detected within 30-day period

## Neighborhood Analysis

Subnet: 46.4.161.109/24
Abuse Density: 0.0 (no sibling abuse activity)
Threat Siblings: 0
Active Siblings: 0
Total Siblings Analyzed: 0

## Related Entities

Network: HOS-1265119 (Hetzner hosting network)
Hostnames: server.edwin.one (DNS association)

## Recommended Actions

No specific firewall rules or blocking recommendations generated. The IP demonstrates low-risk characteristics appropriate for standard monitoring. Network defenders may observe the hostname "server.edwin.one" for correlation with known legitimate services.

## Intelligence Assessment

The target IP represents legitimate cloud computing infrastructure from a major German hosting provider (Hetzner). Current threat indicators, behavioral analysis, and historical signals do not suggest malicious activity. The single DNSBL listing warrants periodic review but does not indicate active exploitation. Standard defensive monitoring is sufficient; no immediate mitigation required.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇩🇪 Germany
Region	Saxony
City	D-91710 Gunzenhausen
Timezone	Europe/Berlin
Latitude	51.17
Longitude	10.45

🏢 Ownership & Registration

Organization	Hetzner Online GmbH - Contact Role
ASN	AS24940
Network Name	HOS-1265119
CIDR Block	46.4.161.96/27
RIR	RIPE
Country	DE
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	server.edwin.one
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)
Forward Hostnames	`server.edwin.one`

🔐 DNS Hygiene

Hygiene Score	80% (Excellent)
SPF	Present
DMARC	Present
FCrDNS	Not verified
DNSSEC	Valid
CAA	Present

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	17%	1	1
routing	17%	1	1
services	17%	1	1
ownership	35%	2	3
reputation	17%	1	1
geolocation	17%	1	1
Overall	20%	7	8

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-06-13 09:47:07 UTC
Last Seen	2026-06-21 20:46:55 UTC
Profile Built	2026-06-21 20:54:33 UTC
Data Freshness	Live
Signal Types	19
Total Observations	21

🔍 19 signal types · 21 observations collected

This report is generated from 19+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

46.4.161.109📋 Copy