116.203.156.114

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

## IP Intelligence Briefing: 116.203.156.114/32

Classification: Hosting Infrastructure IP

Risk Level: Low Risk (Score: 15)

Reporting Period: Current Profile with Historical Context

---

Executive Summary

Target 116.203.156.114 is a Hetzner-hosted infrastructure IP located in Nuremberg, Germany. The IP operates within a mostly clean subnet (abuse density: 0) but shows limited DNSBL listings. Historical data indicates intermittent reputation fluctuations with recent listing activity in June 2026.

---

Technical Profile

Network Assignment:

Organization: Hetzner Online GmbH (ASN: 24940)
Country/Region: Germany, Bavaria, Nuremberg
Geolocation Confidence: Plausible (400km accuracy radius)
Network Classification: Hosting infrastructure with firewalled/no services

DNS Configuration:

PTR Record: static.114.156.203.116.clients.your-server.de
Domain: your-server.de
Forward Resolution: Confirmed (1 record)
Email Authentication: SPF record present
CAA Records: Active (2 issuers)

Control Plane:

BGP Prefix: 116.203.0.0/16
Route Stability: Unstable (route changes detected)
DNSSEC: Valid
DNSBL Status: Listed on 1 of 8 reputation feeds (max severity: high)

---

Threat Assessment

Current Indicators:

No active threat campaigns identified
Not classified as Tor exit node, proxy, or known attacker
No open ports detected (service banner: firewalled)
TLS certificate: Not present
HTTP service: Not active

Historical Activity (24 observations):

Recent Listings: 2 blacklist entries observed 2026-06-28 (max severity: high)
Earlier Activity: 1 listing entry 2026-06-20 (max severity: medium)
Threat Persistence: 1 observation recorded
Operator Score: 0.3478 (Basic classification)

---

Network Context

Subnet Analysis (116.203.156.0/24):

Abuse Density: 0 (mostly clean)
Total Siblings: 2 active IPs
Threat Siblings: 2
Inherited Risk Score: 5

Related Neighbor:

116.203.156.226: Risk Score 40, Authority Score 60
Classification: Medium risk neighbor within same /24

Relationship Graph: 38 associated relationships identified

DNS associations to your-server.de hostnames
Network association: CLOUD-NBG1 (Hetzner datacenter)

---

Recommended Actions

Immediate:

Monitor DNSBL listing status for your-server.de domain
Evaluate traffic patterns from this IP against known malicious activity

Defensive Posture:

No immediate blocking recommended based on current risk profile
Implement monitoring for anomalous behavior patterns
Track subnet-level activity changes for 116.203.156.0/24

Contextual Notes:

IP serves legitimate hosting infrastructure
Limited threat indicators despite DNSBL presence
Neighbor IP (116.203.156.226) shows elevated risk and warrants separate assessment

---

Analyst Notes: The combination of Hetzner hosting infrastructure with minimal open services and low overall risk score suggests this IP is part of legitimate cloud operations. The DNSBL listing warrants monitoring but does not indicate active compromise. Subnet context shows mixed risk distribution with one medium-risk neighbor.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇩🇪 Germany
Region	Bavaria
City	Nuremberg
Timezone	Europe/Berlin
Latitude	51.17
Longitude	10.45

🏢 Ownership & Registration

Organization	Hetzner Online GmbH - Contact Role
ASN	AS24940
Network Name	—
CIDR Block	—
RIR	APNIC
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	static.114.156.203.116.clients.your-server.de
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`static.114.156.203.116.clients.your-server.de`

🔐 DNS Hygiene

Hygiene Score	100% (Excellent)
SPF	Present
DMARC	Present
FCrDNS	Verified
DNSSEC	Valid
CAA	Present

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	31%	2	4
routing	13%	1	1
services	15%	2	2
ownership	24%	2	3
reputation	26%	1	3
geolocation	33%	2	3
Overall	24%	10	16

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-16 20:59:14 UTC
Last Seen	2026-06-28 03:48:01 UTC
Profile Built	2026-06-28 21:52:38 UTC
Data Freshness	Live
Signal Types	23
Total Observations	26

🔍 23 signal types · 26 observations collected

This report is generated from 23+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

116.203.156.114📋 Copy