IP Intelligence Briefing: 178.104.96.53
Date: 2026-06-12
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Provider: Hetzner Online GmbH (AS24940)
- Geolocation: Southampton, England (51.17°N, 10.45°E)
- Network Role: Cloud compute infrastructure (firewalled, no open services)
- Ownership: Registered to Hetzner Online GmbH under "CLOUD-NBG1" network.
---
**2. Threat & Abuse Indicators**
- Threat Feeds:
- Listed in 8 DNSBLs (1 high-severity listing).
- Alienvault-OTX observed threats (3 pulses, including "nested data omitted").
- DNS Security:
- Valid DNSSEC, SPF, and DMARC records.
- CAA records present (2 issuers).
- No Malicious Activity:
- No known attacker, spam, or Tor exit node associations.
---
**3. Observation History (Last 30 Days)**
- Consistent Network Attributes:
- BGP prefix 178.104.0.0/15 (Hetzner AS24940) remains stable.
- DNS records (PTR: `static.53.96.104.178.clients.your-server.de`) unchanged.
- Threat Correlation:
- Single high-severity DNSBL listing (no persistent threats).
- No observed port scanning or service changes.
---
**4. Network Relationships**
- Subnet: Part of CLOUD-NBG1 network (AS24940).
- DNS Hostname: Associated with `your-server.de` (valid domain).
- No Anomalies:
- No connections to known malicious subnets or organizations.
---
**5. Subnet Neighborhood**
- /24 Subnet: 178.104.96.0/24.
- Neighbor Count: 0 (no active siblings or abuse density).
- Implication: Isolated host; no peer risk propagation detected.
---
**6. Recommended Actions**
- Monitor: Track DNSBL listings and threat feed correlations.
- Verify: Confirm `your-server.de` domain legitimacy via WHOIS and TLS certificate checks.
- Firewall: Allow traffic based on cloud infrastructure rules; no immediate blocking required.
---
Conclusion:
178.104.96.53 is a low-risk cloud server managed by Hetzner Online GmbH. While it shows no direct malicious activity, its DNSBL listings and threat feed associations warrant closer monitoring. No immediate defensive action is required, but ongoing observation is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Hetzner Online GmbH - Contact Role |
| ASN | AS24940 |
| Network Name | CLOUD-NBG1 |
| CIDR Block | 178.104.96.0/20 |
| RIR | RIPE |
| Country | DE |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | static.53.96.104.178.clients.your-server.de |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | static.53.96.104.178.clients.your-server.de |
๐ DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | 2/2 domains |
| DMARC | 2/2 domains |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
| Domains Checked | 2 domains |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | nginx/1.24.0 (Ubuntu) |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16 |
๐ TLS Certificate
| SANs | registry.250labs.africa |
| Valid From | 2026-05-24T21:47:10+00:00 |
| Valid Until | 2026-08-22T21:47:09+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha384ECDSA |
| Validity Period | 89 days |
| Serial Number | 05FEABB4DFC921F3EFDAEDC4B8CFDBAE9DC0 |
| Thumbprint | 14EB8A4AE13996E93BF9962C6FFB800E289D6D41 |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 32% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 30% | 2 | 3 |
| ownership | 27% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 30% | 2 | 3 |
| Overall | 25% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-06-02 18:12:45 UTC |
| Last Seen | 2026-06-21 09:02:42 UTC |
| Profile Built | 2026-06-21 09:10:29 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 27 |
Full dossier details are available via our API.