178.214.77.71
IP Intelligence Briefing: 178.214.77.71
Date: 2026-06-11
---
**1. Core Profile**
- Risk Score: 65 (Moderate Risk)
- Ownership:
- ASN: AS51336
- Organization: Hassan Saada (GEMZO)
- Registrar: RIPE NCC
- Geolocation: Marseille, France (latitude 32, longitude 35.25)
- Threat Indicators:
- No direct malicious activity detected.
- DNSBL listings (3/8) suggest potential abuse, but no confirmed spam/campaigns.
- Network Role:
- Firewalled / No Services
- No open ports, no TLS/HTTP services, no banners.
- BGP prefix: 178.214.64.0/20 (GEMZO)
---
**2. Observation History**
- Key Trends:
- Recent (2026-06-11) geolocation data flagged the IP as in Palestine (PS) with high pulse counts (39) and threat indicators.
- Conflicting geolocation records (France vs. Palestine) may indicate misconfigured DNS or spoofing.
- DNSSEC validation is active, but 3/8 DNSBL lists flag the IP.
- No persistent malicious behavior detected over 30 days.
---
**3. Relationships**
- DNS Associations:
- Linked to `ns8.gemzo.net` (same network, GEMZO).
- Network Connections:
- Part of GEMZO network (AS51336).
- No ties to Tor, CDN, or cloud infrastructure.
---
**4. Neighborhood Analysis**
- Subnet: 178.214.77.71/24
- Neighbor Risk:
- 178.214.77.7: Risk Score 0 (low risk).
- Subnet abuse density: 0% (no suspicious activity in immediate vicinity).
---
**5. Recommendations**
- Monitor Geolocation Discrepancies: Investigate conflicting location data (France vs. Palestine) for potential spoofing or misconfigured DNS.
- Check DNSBL Listings: Review 3/8 DNSBL entries to determine if the IP is associated with spam or abuse.
- Validate DNSSEC: Ensure DNSSEC is properly configured to prevent spoofing.
- Watch for Subnet Changes: No immediate threats in the neighborhood, but monitor for new risky IPs in the 178.214.64.0/20 subnet.
Next Steps: Correlate with internal logs for signs of DNS hijacking or geo-redirect attempts.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | hassan saada |
| ASN | AS51336 |
| Network Name | GEMZO |
| CIDR Block | 178.214.64.0/19 |
| RIR | RIPE |
| Country | PS |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | ns8.gemzo.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | ns8.gemzo.net |
๐ DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 19% | 1 | 2 |
| Overall | 14% | 6 | 8 |
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Moderate (55%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-27 13:17:00 UTC |
| Last Seen | 2026-06-19 11:33:35 UTC |
| Profile Built | 2026-06-11 10:06:42 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 22 |
Full dossier details are available via our API.