178.104.96.53

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 178.104.96.53

Date: 2026-06-12

---

1. Core Profile

Risk Score: 25 (Low Risk)
Provider: Hetzner Online GmbH (AS24940)
Geolocation: Southampton, England (51.17°N, 10.45°E)
Network Role: Cloud compute infrastructure (firewalled, no open services)
Ownership: Registered to Hetzner Online GmbH under "CLOUD-NBG1" network.

---

2. Threat & Abuse Indicators

Threat Feeds:

- Listed in 8 DNSBLs (1 high-severity listing).

- Alienvault-OTX observed threats (3 pulses, including "nested data omitted").

DNS Security:

- Valid DNSSEC, SPF, and DMARC records.

- CAA records present (2 issuers).

No Malicious Activity:

- No known attacker, spam, or Tor exit node associations.

---

3. Observation History (Last 30 Days)

Consistent Network Attributes:

- BGP prefix 178.104.0.0/15 (Hetzner AS24940) remains stable.

- DNS records (PTR: `static.53.96.104.178.clients.your-server.de`) unchanged.

Threat Correlation:

- Single high-severity DNSBL listing (no persistent threats).

- No observed port scanning or service changes.

---

4. Network Relationships

Subnet: Part of CLOUD-NBG1 network (AS24940).
DNS Hostname: Associated with `your-server.de` (valid domain).
No Anomalies:

- No connections to known malicious subnets or organizations.

---

5. Subnet Neighborhood

/24 Subnet: 178.104.96.0/24.
Neighbor Count: 0 (no active siblings or abuse density).
Implication: Isolated host; no peer risk propagation detected.

---

6. Recommended Actions

Monitor: Track DNSBL listings and threat feed correlations.
Verify: Confirm `your-server.de` domain legitimacy via WHOIS and TLS certificate checks.
Firewall: Allow traffic based on cloud infrastructure rules; no immediate blocking required.

---

Conclusion:

178.104.96.53 is a low-risk cloud server managed by Hetzner Online GmbH. While it shows no direct malicious activity, its DNSBL listings and threat feed associations warrant closer monitoring. No immediate defensive action is required, but ongoing observation is advised.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇩🇪 Germany
Region	ENG
City	Southampton
Timezone	Europe/Berlin
Latitude	51.17
Longitude	10.45

🏢 Ownership & Registration

Organization	Hetzner Online GmbH - Contact Role
ASN	AS24940
Network Name	CLOUD-NBG1
CIDR Block	178.104.96.0/20
RIR	RIPE
Country	DE
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	static.53.96.104.178.clients.your-server.de
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`static.53.96.104.178.clients.your-server.de`

🔐 DNS Hygiene

Hygiene Score	100% (Excellent)
SPF	2/2 domains
DMARC	2/2 domains
FCrDNS	Verified
DNSSEC	Valid
CAA	Present
Domains Checked	2 domains

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Tier 3 — Basic operator with some routing infrastructure

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
443	https	tcp	—
22	ssh	tcp	SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16
Closed Ports	25, 3389, 8080, 8443 (3 open / 7 scanned)

Server	nginx/1.24.0 (Ubuntu)
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16

🔐 TLS Certificate

🔒

CN=registry.250labs.africa

Issued by CN=E8, O=Let's Encrypt, C=US

Self-signed: No

SANs	registry.250labs.africa
Valid From	2026-05-24T21:47:10+00:00
Valid Until	2026-08-22T21:47:09+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_256_GCM_SHA384
Signature Algorithm	sha384ECDSA
Validity Period	89 days
Serial Number	05FEABB4DFC921F3EFDAEDC4B8CFDBAE9DC0
Thumbprint	14EB8A4AE13996E93BF9962C6FFB800E289D6D41

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	32%	2	3
routing	13%	1	1
services	30%	2	3
ownership	27%	2	3
reputation	17%	1	2
geolocation	30%	2	3
Overall	25%	10	15

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-06-02 18:12:45 UTC
Last Seen	2026-06-21 09:02:42 UTC
Profile Built	2026-06-21 09:10:29 UTC
Data Freshness	Live
Signal Types	24
Total Observations	27

🔍 24 signal types · 27 observations collected

This report is generated from 24+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

178.104.96.53📋 Copy

**1. Core Profile**

**2. Threat & Abuse Indicators**

**3. Observation History (Last 30 Days)**

**4. Network Relationships**

**5. Subnet Neighborhood**

**6. Recommended Actions**