178.104.102.138
IP Intelligence Briefing: 178.104.102.138
Date: 2026-06-07
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Ownership:
- ASIN: 24940
- ISP: Hetzner Online GmbH (Germany)
- Geolocation: Nuremberg, Bavaria, Germany (51.17°N, 10.45°E)
- Network Role:
- Infrastructure: CloudCompute (Hosting)
- Provider: Hetzner Online GmbH
- Subnet: 178.104.102.138/24
- Services:
- Open Ports: SSH (port 22, OpenSSH 9.6p1)
- DNS: PTR hostname `static.138.102.104.178.clients.your-server.de`
- TLS/HTTP: No active certificates or web services detected
---
**2. Threat & Abuse Indicators**
- Threat Score: 0 (No malicious indicators)
- Abuse Density: 0 (No risky neighbors in subnet)
- Observed Threats:
- No malware, phishing, or exploit activity detected.
- No DNS-based attacks or blacklisted IPs in the subnet.
- Historical Trends:
- Stable over 30 days (no spikes in risk signals).
- Consistent geolocation and network classification.
---
**3. Relationships & Dependencies**
- DNS Associations:
- Linked to `your-server.de` (SPF/DKIM email validation enabled).
- Network Relationships:
- Part of Hetznerβs CLOUD-NBG1 network.
- No known malicious peer IPs in the subnet.
- Certificates/TLS:
- No TLS certificates or HTTPS services detected.
---
**4. Neighborhood Analysis**
- Subnet: 178.104.102.138/24
- Neighbor Count: 0 (No active IPs in subnet)
- Abuse Density: 0% (Clean subnet)
- Risk Inheritance: No inherited risk from neighbors.
---
**5. Security Recommendations**
- Firewall Rules:
- Allow SSH (port 22) for legitimate administrative access.
- Block all other ports unless explicitly required.
- Monitoring:
- Track SSH logs for unauthorized access attempts.
- Monitor for unexpected DNS changes or new services.
- Mitigation:
- No immediate action required due to low risk profile.
---
Conclusion:
178.104.102.138 is a legitimate Hetzner-hosted cloud server with no malicious activity detected. The IPβs low risk score, clean subnet, and standard SSH configuration suggest it is a benign infrastructure asset. Continue monitoring for deviations in behavior or new threats.
*Generated by IPDebrief threat intelligence platform.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Hetzner Online GmbH - Contact Role |
| ASN | AS24940 |
| Network Name | β |
| CIDR Block | β |
| RIR | RIPE |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | static.138.102.104.178.clients.your-server.de |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | static.138.102.104.178.clients.your-server.de |
π DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16 |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 24% | 1 | 3 |
| geolocation | 31% | 2 | 3 |
| Overall | 21% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-15 20:47:06 UTC |
| Last Seen | 2026-06-28 02:45:18 UTC |
| Profile Built | 2026-06-29 02:51:06 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 25 |
Full dossier details are available via our API.