188.245.228.55

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 188.245.228.55

Date: 2026-06-10

---

Risk Assessment

Risk Score: 40 (Moderate Risk)
Threat Indicators: No malicious indicators, spam, or known attacker associations.
Network Stability: Stable (no recent route changes).
Abuse Density: Subnet (188.245.228.0/24) shows 0% abuse density.

---

Ownership & Geolocation

ISP: Hetzner Online GmbH (ASN 24940, CLOUD-FSN1)
Location: Falkenstein, Saxony, Germany (51.17°N, 10.45°E)
Hosting Role: CloudCompute infrastructure (likely a cloud server or reverse proxy).

---

Network & Services

Open Ports:

- HTTP (80), HTTPS (443), SSH (22).

- SSH banner: `SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16` (up-to-date).

TLS Certificate:

- Issued to `TRAEFIK DEFAULT CERT` (self-signed).

- SANs include `traefik.default` (suggests reverse proxy/load balancer).

DNS:

- PTR hostname: `static.55.228.245.188.clients.your-server.de`.

- SPF/DKIM/DNSBL: SPF and DMARC records present, no DNSBL listings.

---

DNS & Certificate Security

DNSSEC: Validated.
CAA Records: Present (no CAA violations detected).
Certificate Issues: Self-signed certificate may indicate internal use or misconfiguration.

---

Neighborhood Analysis

Subnet: 188.245.228.0/24
Neighbor IPs: 0 active IPs in subnet (likely a single host or sparse subnet).
Subnet Risk: Clean, no malicious activity observed.

---

Observation History (Last 30 Days)

Consistency: No significant changes in risk scores or network behavior.
Threat Persistence: No persistent malicious activity detected.
Geolocation: Consistent with Germany (no spoofing detected).

---

Actionable Insights

1. Certificate Review: Investigate the self-signed Traefik certificate for internal use or misconfiguration.

2. DNS Configuration: Verify SPF/DKIM alignment with email security policies.

3. Network Segmentation: Confirm if the cloud server requires strict access controls due to its public-facing ports.

4. Monitor Subnet: While currently clean, monitor 188.245.228.0/24 for unexpected activity.

Conclusion: The IP is associated with a legitimate cloud-hosted reverse proxy, showing no malicious behavior. However, the self-signed certificate and lack of CAA records warrant closer inspection for internal use or potential misconfiguration.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇩🇪 Germany
Region	Saxony
City	Falkenstein
Timezone	Europe/Berlin
Latitude	51.17
Longitude	10.45

🏢 Ownership & Registration

Organization	Hetzner Online GmbH - Contact Role
ASN	AS24940
Network Name	CLOUD-FSN1
CIDR Block	188.245.224.0/20
RIR	RIPE
Country	DE
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	static.55.228.245.188.clients.your-server.de
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`static.55.228.245.188.clients.your-server.de`

🔐 DNS Hygiene

Hygiene Score	100% (Excellent)
SPF	1/2 domains
DMARC	1/2 domains
FCrDNS	Verified
DNSSEC	Valid
CAA	Present
Domains Checked	2 domains

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
443	https	tcp	—
22	ssh	tcp	SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16
Closed Ports	25, 3389, 8080, 8443 (3 open / 7 scanned)

Server	—
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16

🔐 TLS Certificate

A self-signed certificate was detected. This is common for development servers, internal services, or IoT devices.

⚠️

CN=TRAEFIK DEFAULT CERT

Issued by CN=TRAEFIK DEFAULT CERT

Self-signed: Yes

SANs	80fd5a21320dfc41d8bc0ce732c38580.d50a13523444b5d56a575fc02e681b43.traefik.default
Valid From	2026-06-15T12:59:55+00:00
Valid Until	2027-06-15T12:59:55+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_128_GCM_SHA256
Signature Algorithm	sha256RSA
Validity Period	365 days
Serial Number	533F99D8A240C8CE1FBF6D7A8088B1F0
Thumbprint	B6EA3BB723DA6B7AC30E925770C611ED23DFBB9C

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	38%	2	5
routing	8%	1	1
services	24%	2	3
ownership	27%	2	3
reputation	22%	1	3
geolocation	33%	2	4
Overall	25%	10	19

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-25 12:42:04 UTC
Last Seen	2026-06-29 01:35:44 UTC
Profile Built	2026-06-29 01:40:20 UTC
Data Freshness	Live
Signal Types	23
Total Observations	24

🔍 23 signal types · 24 observations collected

This report is generated from 23+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

188.245.228.55📋 Copy

**Risk Assessment**

**Ownership & Geolocation**

**Network & Services**

**DNS & Certificate Security**

**Neighborhood Analysis**

**Observation History (Last 30 Days)**

**Actionable Insights**