IPDebrief

188.40.199.50

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 188.40.199.50

Date: 2026-06-11

---

**1. Risk Profile**

---

**2. Observation History (Last 30 Days)**

- Listed in 8 threat feeds (confidence: 85%), but no specific malicious campaigns or malware families linked.

- No DNS-based attacks or scanning observed.

- BGP route stability: Unstable (route changes detected).

- DNSSEC and CAA records validated, but operator score is low (0.3478).

---

**3. Relationships & Network Context**

- Resolves to `static.50.199.40.188.clients.your-server.de` (owned by "your-server.de").

- SPF and DMARC records present but unverified.

- Subnet: `188.40.199.50/24` (no active neighbors detected).

- Subnet abuse density: 0% (clean).

---

**4. Actionable Insights**

- Track the IP for new threat listings or DNS changes, as it has a history of being flagged (even if confidence is low).

- Verify the ownership of `your-server.de` for potential phishing or spoofing risks.

- Ensure cloud server security configurations are up to date, given the moderate risk score.

- Consider blocking the IP in WAFs or firewalls if it’s part of a larger network with higher risk.

---

Conclusion:

188.40.199.50 is a cloud-hosted server with no current malicious activity detected. While it has a moderate risk score, the lack of active threats and clean subnet suggest it is likely a legitimate host. SOC teams should monitor for changes in threat listings or DNS behavior.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡©πŸ‡ͺ Germany
RegionSaxony
CityFalkenstein
TimezoneEurope/Berlin
Latitude51.17
Longitude10.45

🏒 Ownership & Registration

OrganizationHetzner Online GmbH - Contact Role
ASNAS24940
Network NameALI-ESMAEILNEJAD
CIDR Block188.40.199.32/27
RIRRIPE
CountryDE
Abuse ContactAvailable via RDAP

🌐 DNS Intelligence

PTRstatic.50.199.40.188.clients.your-server.de
Forward ConfirmedYes β€” FCrDNS verified
Forward Hostnamesstatic.50.199.40.188.clients.your-server.de

πŸ” DNS Hygiene

Hygiene Score100% (Excellent)
SPF2/2 domains
DMARC2/2 domains
FCrDNSVerified
DNSSECValid
CAAPresent
Domains Checked2 domains

☁️ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeWeb Server
Network TierTier 3 β€” Basic operator with some routing infrastructure
CloudHosting

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
80httptcpβ€”
443httpstcpβ€”
Closed Ports22, 25, 3389, 8080, 8443 (2 open / 7 scanned)
ServerApache
HTTP Titleβ€”

πŸ” TLS Certificate

A self-signed certificate was detected. This is common for development servers, internal services, or IoT devices.
⚠️
CN=amlakbeheshti.com
Issued by CN=amlakbeheshti.com
Self-signed: Yes
SANsamlakbeheshti.comwww.amlakbeheshti.commail.amlakbeheshti.comcpanel.amlakbeheshti.comwebmail.amlakbeheshti.comwebdisk.amlakbeheshti.comcpcontacts.amlakbeheshti.comcpcalendars.amlakbeheshti.comautodiscover.amlakbeheshti.com
Valid From2025-12-05T09:58:47+00:00
Valid Until2026-12-05T09:58:47+00:00
TLS ProtocolTls13
Cipher SuiteTLS_AES_256_GCM_SHA384
Signature Algorithmsha256RSA
Validity Period365 days
Serial Number011C43EE3A
Thumbprint6179F1CE2F57812D5A9D9B9BBB6DC1B5B06CCEE7

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
27%
24
routing
13%
11
services
27%
23
ownership
27%
23
reputation
22%
13
geolocation
24%
23
Overall23%1017
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (70%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-28 12:25:13 UTC
Last Seen2026-06-29 05:23:56 UTC
Profile Built2026-06-29 05:31:22 UTC
Data FreshnessLive
Signal Types24
Total Observations26
πŸ” 24 signal types Β· 26 observations collected
This report is generated from 24+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.