IP Intelligence Briefing: 178.104.2.38
Date: 2026-06-07
---
**1. Core Profile**
- Risk Score: Low Risk (0/100)
- Ownership: Hetzner Online GmbH (AS24940)
- Geolocation: Nuremberg, Bavaria, Germany (51.17°N, 10.45°E)
- Network Role: Cloud Hosting (Hetzner)
- Services:
- HTTP (port 80), HTTPS (port 443), SSH (port 22)
- Nginx server with banner `nginx/1.31.0`
- Valid TLS certificate for `wordpress.sd2.rs` (Let's Encrypt)
---
**2. Threat Indicators**
- No Malicious Activity: No indicators of C2, phishing, or exploitation detected.
- DNS Security:
- Valid SPF and DMARC records for `your-server.de`.
- No DNSBL listings.
- BGP Stability: Route stable with no recent changes.
---
**3. Observation History**
- Recent Activity (2026-06-07):
- Consistent DNS resolution for `static.38.2.104.178.clients.your-server.de`.
- No spikes in traffic or anomalous behavior.
- No correlation with known malicious campaigns.
---
**4. Network Relationships**
- Subnet: 178.104.2.38/24 (clean, no abuse density).
- Linked Entities:
- Cloud network `CLOUD-NBG1` (Hetzner).
- DNS hostname `static.38.2.104.178.clients.your-server.de`.
- No Suspicious Peers: No malicious or high-risk neighboring IPs.
---
**5. Recommendations**
- Monitor: Track DNS and TLS records for unexpected changes.
- Firewall: Allow standard ports (80, 443, 22) for legitimate traffic.
- Verify: Confirm ownership with Hetzner if further validation is needed.
Conclusion: This IP is a legitimate cloud-hosted server with no signs of compromise. No immediate action required, but ongoing monitoring is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Hetzner Online GmbH - Contact Role |
| ASN | AS24940 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | static.38.2.104.178.clients.your-server.de |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | static.38.2.104.178.clients.your-server.de |
๐ DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | 2/2 domains |
| DMARC | 1/2 domains |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
| Domains Checked | 2 domains |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | nginx/1.31.0 |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16 |
๐ TLS Certificate
| SANs | wordpress.sd2.rs |
| Valid From | 2026-05-16T12:40:12+00:00 |
| Valid Until | 2026-08-14T12:40:11+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha384ECDSA |
| Validity Period | 89 days |
| Serial Number | 05711E7CA419128A78D4D61ECE0C0FFBFEAC |
| Thumbprint | 07D3B1E9DCFD5F278DE6A22A6B53934B6E10457B |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 20% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 23% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-16 08:56:20 UTC |
| Last Seen | 2026-06-28 03:18:36 UTC |
| Profile Built | 2026-06-28 21:23:38 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 28 |
Full dossier details are available via our API.