IP Intelligence Briefing: 195.179.228.8
*Generated via IPDebrief tools*
---
**1. Profile Summary**
- Risk Score: 25 (Low Risk)
- Owner: Johannes Selg (ASN 51167, Contabo)
- Geolocation: Germany (DE), Sessa Aurunca, 51.17°N, 10.45°E
- Network Role: Web server (HTTP/HTTPS/SSH), hosted domains: `syzwn.my`, `emmett1.my`
- Threat Indicators: No malicious indicators, no blacklisted domains, no Tor/VPN/CDN associations
---
**2. Key Observations**
- DNS Configuration:
- Valid SPF records for `syzwn.my` and `emmett1.my`
- Partial DMARC configuration for `syzwn.my` (quarantine policy)
- No email spoofing risks detected
- Services:
- Open ports: 80 (HTTP), 443 (HTTPS), 22 (SSH)
- TLS certificate: Valid (Letβs Encrypt), SANs: `emmett1.my`
- Server banner: `lighttpd/1.4.82`
- Network Behavior:
- Stable infrastructure (Contabo provider)
- No recent route changes or abuse reports
---
**3. Temporal Trends**
- Observation History:
- Consistent DNS records since 2026-06-10
- No spikes in threat signals or anomalous activity
- Low operational risk (0 threat persistence days)
---
**4. Relationships & Neighborhood**
- Related Entities:
- Linked to `mail.syzwn.my` (DNS association)
- Same network: `TT-20240404` (likely a subnet identifier)
- Subnet Analysis:
- `/24` subnet (`195.179.228.0/24`)
- Abuse density: 0% (clean subnet)
- No malicious neighbors detected
---
**5. Security Recommendations**
- Firewall Actions: No immediate blocking recommended due to low risk.
- Monitoring:
- Track DNS records for `syzwn.my` and `emmett1.my` for configuration changes.
- Monitor SSH access logs for unauthorized attempts.
- Validation: Confirm ownership via RDAP (abuse contact available).
---
Conclusion: This IP hosts legitimate web services with proper DNS security configurations. No evidence of malicious activity detected. Continue standard monitoring for anomalies.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Johannes Selg |
| ASN | AS51167 |
| Network Name | β |
| CIDR Block | β |
| RIR | RIPE |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | mail.syzwn.my |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | mail.syzwn.my |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | 2/2 domains |
| DMARC | 1/2 domains |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
| Domains Checked | 2 domains |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | lighttpd/1.4.82 |
| HTTP Title | β |
| SSH Version | SSH-2.0-dropbear_2025.89 ?(????po???? ?fsntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com,m |
π TLS Certificate
| SANs | emmett1.my |
| Valid From | 2026-04-01T13:45:13+00:00 |
| Valid Until | 2026-06-30T13:45:12+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha384ECDSA |
| Validity Period | 89 days |
| Serial Number | 053878AC8EC75A77897A84FEB29C1F6F806A |
| Thumbprint | C525FDC7F811283236922A91E36BBFFD676F7608 |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 27% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 34% | 2 | 3 |
| Overall | 25% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-24 18:40:36 UTC |
| Last Seen | 2026-06-29 00:26:44 UTC |
| Profile Built | 2026-06-29 06:29:43 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 26 |
Full dossier details are available via our API.