77.42.114.119
# Intelligence Briefing: 77.42.114.119/32
## Executive Summary
IP 77.42.114.119 operates within Hetzner Online GmbH infrastructure (AS24940) in Helsinki, Finland. The address presents low-risk characteristics with a risk score of 25 and minimal threat indicators. No known attacker, spam source, or Tor exit node behavior detected.
## Ownership and Infrastructure
- Provider: Hetzner Online GmbH
- ASN: 24940 (DE-HETZNER-20061204)
- CIDR Block: 77.42.0.0/17
- RIR: Ripe
- Infrastructure Type: Cloud compute hosting environment
- Network Role: Web server with hosting services
## Geolocation
- Country: Finland (FI)
- Region: Uusimaa
- City: Helsinki
- Timezone: Europe/Helsinki
- GeoConsensus: Validated across multiple sources
## Network Services and Fingerprinting
- Open Ports: 80/tcp (HTTP), 443/tcp (HTTPS), 22/tcp (SSH)
- SSH Banner: OpenSSH_9.2p1 Debian-2+deb12u10
- Web Server: Apache
- TLS Certificate: Let's Encrypt (R12, US), issued for pbx.firefli.net
- HTTP Redirect: 302 response observed
- DNS PTR: static.119.114.42.77.clients.your-server.de
## Threat Intelligence Indicators
- Risk Score: 25 (Low Risk)
- Abuse Confidence: Not applicable
- Blacklist Count: 0
- Known Campaigns: None detected
- DNSBL Status: Listed on 1 of 8 monitored lists
- Campaign Likelihood: None
- Threat Feeds: No correlations
## DNS and Email Security
- SPF Records: Configured (v=spf1 include:_spf.google.com a:mx.firefli.net ~all for firefli.net; v=spf1 mx -all for your-server.de)
- DMARC: Present on your-server.de (p=none policy)
- CAA Records: Active (2 issuers)
- DNSSEC: Valid
## Historical Observations
Analysis of 26 observations indicates stable infrastructure with:
- Persistent SPF/DMARC configurations across your-server.de and firefli.net domains
- Consistent Apache server fingerprinting
- HTTP 302 redirects maintained
- No escalation in threat signals over time
- Risk persistence: 0 days (not persistently malicious)
## Neighborhood Assessment
- Subnet: 77.42.114.0.0/24
- Abuse Density: 1 (minimal)
- Classification: Mostly clean
- Threat Siblings: 1
- Active Siblings: 1
## Relationships
- DNS Associations: Multiple PTR records to static.119.114.42.77.clients.your-server.de
- Network Relationships: Associated with DE-HETZNER-20061204 network block
- No External Entity Links: No certificates, organizations, or related IP correlations beyond network scope
## Assessment and Recommendations
The IP address demonstrates characteristics of a legitimate cloud hosting environment with standard security configurations in place. The low risk score, absence of threat indicators, and minimal neighborhood abuse density support classification as low-risk infrastructure.
Recommended Actions: Monitor for any changes in DNS configurations or threat indicator emergence. Current posture does not warrant immediate blocking or restrictive firewall rules.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Hetzner Online GmbH - Contact Role |
| ASN | AS24940 |
| Network Name | DE-HETZNER-20061204 |
| CIDR Block | 77.42.0.0/17 |
| RIR | RIPE |
| Country | FI |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | static.119.114.42.77.clients.your-server.de |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | static.119.114.42.77.clients.your-server.de |
๐ DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | 2/2 domains |
| DMARC | 1/2 domains |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
| Domains Checked | 2 domains |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | Apache |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u10 |
๐ TLS Certificate
| SANs | pbx.firefli.net |
| Valid From | 2026-05-25T22:59:00+00:00 |
| Valid Until | 2026-08-23T22:58:59+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha256RSA |
| Validity Period | 89 days |
| Serial Number | 06A57044F3114C957F995B329B81EF73318D |
| Thumbprint | D54B74E34EC123E2F7E7C1FF4D6635EFEA961FF4 |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 30% | 2 | 3 |
| ownership | 27% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 25% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-25 18:48:35 UTC |
| Last Seen | 2026-06-29 02:14:38 UTC |
| Profile Built | 2026-06-29 08:17:49 UTC |
| Data Freshness | Live |
| Signal Types | 25 |
| Total Observations | 27 |
Full dossier details are available via our API.