IPDebrief

65.21.62.219

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 65.21.62.219

Date: 2026-06-12

---

**1. Core Profile**

- ISP: Hetzner Online GmbH (ASN: 24940)

- Network: CLOUD-HEL1 (arin-registrar)

- Geolocation: Finland (Helsinki), Latitude/Longitude: Unavailable

---

**2. Network & Services**

- TCP 80 (HTTP), 443 (HTTPS), 22 (SSH)

- SSH Banner: `SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16`

- Issuer: Letโ€™s Encrypt (CN=R12)

- Subject: `lesetoileskea.com` (SANs include subdomains)

- PTR Hostname: `server3.ggroupint.org`

- SPF/DKIM: Validated (SPF: true, DMARC: true)

- Apache server banner detected

- No suspicious HTTP headers or content

---

**3. Observation History (30-Day Trend)**

- DNSSEC and CAA records validated

- BGP route stability (no recent disruptions)

- No spam, phishing, or malware associations

---

**4. Relationships & Neighbors**

- Linked to `ggroupint.org` (DNS hostname)

- Same network: `CLOUD-HEL1` (Hetzner cloud infrastructure)

- 65.21.62.42 (Risk Score: 25, Authority Score: 60)

- Subnet Abuse Density: 0% (mostly clean)

---

**5. Recommendations**

Conclusion: 65.21.62.219 is a benign cloud-hosted server with no malicious indicators. Monitor for unusual behavior but no action required at this time.

---

*Generated by IPDebrief | Threat Intelligence for SOC Analysts*

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ซ๐Ÿ‡ฎ Finland
Region18
CityHelsinki
TimezoneEurope/Helsinki
Latitude60.17
Longitude24.93

๐Ÿข Ownership & Registration

OrganizationHetzner Online GmbH - Contact Role
ASNAS24940
Network NameCLOUD-HEL1
CIDR Block65.21.48.0/20
RIRARIN
CountryFI
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTRserver3.ggroupint.org
Forward ConfirmedYes โ€” FCrDNS verified
Forward Hostnamesserver3.ggroupint.org

๐Ÿ” DNS Hygiene

Hygiene Score100% (Excellent)
SPF1/2 domains
DMARC1/2 domains
FCrDNSVerified
DNSSECValid
CAAPresent
Domains Checked2 domains

โ˜๏ธ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeWeb Server
Network TierTier 3 โ€” Basic operator with some routing infrastructure
CloudHosting

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
80httptcpโ€”
443httpstcpโ€”
22sshtcp
Closed Ports25, 3389, 8080, 8443 (3 open / 7 scanned)
ServerApache
HTTP Titleโ€”
SSH VersionSSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16

๐Ÿ” TLS Certificate

An expired certificate for CN=lesetoileskea.com was found on this IP. This may indicate a previously hosted website, a decommissioned service, or stale infrastructure.
๐Ÿ”’
CN=lesetoileskea.com
Issued by CN=R12, O=Let's Encrypt, C=US
Self-signed: No
SANsadmin.lesetoileskea.comlesetoileskea.commail.lesetoileskea.comwebmail.lesetoileskea.comwww.lesetoileskea.com
Valid From2025-08-22T16:42:59+00:00
Valid Until2025-11-20T16:42:58+00:00 (expired)
TLS ProtocolTls13
Cipher SuiteTLS_AES_256_GCM_SHA384
Signature Algorithmsha256RSA
Validity Period89 days
Serial Number05653723E118F0A582FFCC873D3397832186
Thumbprint2E54F3B8FC8027AC2D1BD5429C027821EC6A08D9

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
27%
24
routing
13%
11
services
27%
23
ownership
27%
23
reputation
22%
13
geolocation
27%
23
Overall24%1017
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (70%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-05-30 23:05:04 UTC
Last Seen2026-06-29 08:10:33 UTC
Profile Built2026-06-29 08:17:49 UTC
Data FreshnessLive
Signal Types25
Total Observations26
๐Ÿ” 25 signal types ยท 26 observations collected
This report is generated from 25+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.