62.238.21.193
# IP INTELLIGENCE BRIEFING: 62.238.21.193/32
Classification: LOW RISK HOSTING INFRASTRUCTURE
Report Date: 2026-06-20
Prepared For: SOC Operations Team
---
## EXECUTIVE SUMMARY
IP address 62.238.21.193 is a low-risk (Risk Score: 25) Hetzner-hosted infrastructure endpoint located in Finland. The IP operates as a multi-service hosting node with standard SSH and web services. No active threat indicators or known attack campaigns were observed.
---
## NETWORK OWNERSHIP & GEOLOCATION
| Attribute | Value |
|---|---|
| **ISP/Provider** | Hetzner Online GmbH (AS24940) |
| **Organization** | Hetzner Online GmbH - Contact Role |
| **Country** | Finland (FI) |
| **City/Region** | Helsinki, ZE |
| **Timezone** | Europe/Helsinki |
| **Network Role** | Multi-Service Host / Cloud Computing |
| **RIR** | RIPE |
DNS Resolution:
- PTR Record: `static.193.21.238.62.clients.your-server.de`
- Domain: `your-server.de`
- Forward Resolution: Confirmed (1 hostname)
---
## SERVICE PROFILE
Open Ports:
- Port 22/TCP: SSH (OpenSSH 8.9p1 Ubuntu-3ubuntu0.15)
- Port 8080/TCP: HTTP-alt
- Port 8443/TCP: HTTPS-alt
TLS Configuration:
- Protocol: TLS 1.3
- Cipher Suite: TLS_AES_128_GCM_SHA256
- Certificate Issuer: CN=g-agent (valid, not self-signed)
---
## THREAT ASSESSMENT
| Indicator | Status |
|---|---|
| **Risk Score** | 25 (Low) |
| **Known Attacker** | No |
| **Tor Exit Node** | No |
| **Spam Source** | No |
| **Blacklist Count** | 0 |
| **Active Threat Feeds** | None |
| **Known Campaigns** | None |
| **DNSBL Listings** | 1 of 8 lists (minor) |
---
## NEIGHBORHOOD ANALYSIS (62.238.21.0/24)
| Metric | Value |
|---|---|
| **Subnet Classification** | Mostly Clean |
| **Abuse Density** | 0.6667 (moderate) |
| **Total Siblings** | 3 |
| **Active Siblings** | 1 |
| **Threat Siblings** | 2 |
Neighbor Risk Profiles:
- 62.238.21.125: Risk Score 25, Authority Score 60
- 62.238.21.150: Risk Score 25, Authority Score 60
---
## OBSERVATION HISTORY
Total Observations: 20 signals tracked
Recent Activity:
- 2026-06-20 07:58:45: TLS certificate scan (confidence: 0.90)
- 2026-06-20 07:46:17: DNS/CAA records verified for your-server.de (confidence: 0.80)
- 2026-06-20 07:27:42: Geolocation inference - Finland (confidence: 0.28)
- 2026-06-20 07:25:16: Network role confirmed - Hetzner Cloud/Hosting (confidence: 0.90)
- 2026-06-20 07:24:40: Additional geolocation signal from NL (AlienVault OTX)
Temporal Analysis: No persistent malicious activity detected. Ownership stable with zero changes observed.
---
## RELATIONSHIP GRAPH
Total Relationships: 36 associations
Key Associations:
- DNS: `static.193.21.238.62.clients.your-server.de` (multiple entries)
- Network: CLOUD-HEL1
- Multiple hostname and network-level associations
---
## OPERATIONAL RECOMMENDATIONS
Current Risk Level: LOW
Action Required: None recommended
Rationale: The IP addresses a legitimate Hetzner hosting infrastructure endpoint with standard services. Risk score of 25 falls within normal operational parameters. No active threats, campaigns, or abuse indicators were detected in recent observation windows.
Monitoring Parameters:
- Maintain standard baseline monitoring
- Watch for any deviation in service ports or TLS configuration
- Monitor neighborhood subnet (62.238.21.0/24) for correlated activity
---
Report Generated: IPDebrief Intelligence Platform
Data Currency: Real-time as of 2026-06-20
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Hetzner Online GmbH - Contact Role |
| ASN | AS24940 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | static.193.21.238.62.clients.your-server.de |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | static.193.21.238.62.clients.your-server.de |
๐ DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Multi-Service Host |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| 8080 | http-alt | tcp | โ |
| 8443 | https-alt | tcp | โ |
| Closed Ports | 25, 80, 443, 3389 (3 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15 |
๐ TLS Certificate
| SANs | None |
| Valid From | 2026-06-17T12:05:42+00:00 |
| Valid Until | 2036-06-14T12:05:42+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_128_GCM_SHA256 |
| Signature Algorithm | sha256RSA |
| Validity Period | 3650 days |
| Serial Number | 26ED72E5CA6588C95018105E56A867940AC0C50F |
| Thumbprint | 2FD703F4857F4B5F9B15A8790A5770353B374F04 |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 30% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 31% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 23% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-19 15:39:24 UTC |
| Last Seen | 2026-06-28 09:32:12 UTC |
| Profile Built | 2026-06-29 03:37:49 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 24 |
Full dossier details are available via our API.