# IP Intelligence Briefing: 49.13.63.175/32
Classification: Low Risk โ Hosting Infrastructure
Report Date: Current analysis cycle
Analysis Authority: IPDebrief Intelligence Platform
---
## Executive Summary
IP 49.13.63.175 is classified as Low Risk (Score: 25/100). The address belongs to Hetzner Online GmbH (ASN 24940), a Tier-1 European hosting provider with infrastructure located in Falkenstein, Saxony, Germany. The IP operates as a standard web server hosting multiple domains through the your-server.de network. While the IP presents a generally benign profile, it exhibits one DNSBL listing and demonstrates moderate operator-level risk characteristics.
---
## Technical Profile
Ownership & Network:
- ASN: 24940 (Hetzner Online GmbH)
- Country: Germany (DE)
- Region: Saxony
- City: Falkenstein
- RIR: APNIC
- BGP Prefix: 49.13.0.0/16
- Route Stability: Stable (no changes in last 30 days)
- DNSSEC: Valid
Network Role:
- Infrastructure Type: Hosting Provider
- Connection Type: Cloud Computing
- Service Purpose: Web Server
- Not a proxy, CDN, or VPN
DNS Configuration:
- PTR Record: static.175.63.13.49.clients.your-server.de
- Forward Resolution: Confirmed
- SPF: Configured
- DMARC: Configured
- Hosted Domains: amreolog.duckdns.org, amreoplausible.duckdns.org, amreowww.duckdns.org, auto.eticadigitale.org, bitwarden.eticadigitale.org, and 5 additional domains
Active Services:
- Port 80/TCP: HTTP (nginx)
- Port 443/TCP: HTTPS (nginx)
- TLS Certificate: Let's Encrypt (issued to amreolog.duckdns.org)
- HTTP Status: 502 (Bad Gateway)
---
## Threat Indicators
Risk Assessment:
- Overall Risk Score: 25/100 (Low)
- Abuse Confidence: Not available
- Blacklist Count: 1 DNSBL listing
- Pulsedive Risk: Not available
- Known Campaigns: None identified
Threat Feeds:
- No active threat indicators
- No known attacker status
- No spam source designation
- No Tor exit node activity
---
## Observation History
Signal Count: 29 historical observations
Recent Activity (June 2026):
- Infrastructure classification: Cloud/Hosting (confidence: 90%)
- ASN attribution: AS24940 Hetzner Online GmbH (confidence: 80%)
- Geographic inference: Falkenstein, Germany (confidence: 52%, ±400km accuracy)
- HTTP response: 502 status code with nginx server fingerprint
- Operator Score: 0.5217 (Moderate)
- Threat Persistence: No persistent malicious behavior observed
Temporal Analysis:
- Ownership changes: 0
- Threat observation count: 1
- Persistence classification: Not persistently malicious
---
## Network Relationships
DNS Associations:
- Primary hostname: static.175.63.13.49.clients.your-server.de
Network Topology:
- Same Network: CLOUD-FSN1 (multiple associations)
- Total Relationships: 65
- Relationship Types: DNS associations, network infrastructure links
---
## Neighborhood Analysis
Subnet: 49.13.63.175/24
- Abuse Density: 1/255 (low)
- Classification: Mostly Clean
- Total Siblings: 1
- Active Siblings: 1
- Threat Siblings: 1
The /24 subnet demonstrates minimal abuse activity, with the target IP representing typical hosting infrastructure rather than malicious activity.
---
## Recommended Actions
Risk-Based Recommendations:
- No immediate blocking required based on current risk profile
- Monitor for DNSBL listing changes
- Standard logging and monitoring recommended for security baseline
Firewall Rules:
- No specific blocking rules generated
- Consider rate-limiting if traffic patterns appear anomalous
SOC Analyst Notes:
- IP is legitimate hosting infrastructure with valid credentials and proper DNS configuration
- The single DNSBL listing warrants periodic review but does not indicate active abuse
- Standard connection logging recommended for compliance and forensics
- No immediate threat action required
---
Disclaimer: This intelligence briefing is based on automated analysis from the IPDebrief platform. All conclusions are derived from observable data and should be correlated with additional threat intelligence sources before operational decisions.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Hetzner Online GmbH - Contact Role |
| ASN | AS24940 |
| Network Name | โ |
| CIDR Block | 49.13.0.0/16 |
| RIR | APNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | static.175.63.13.49.clients.your-server.de |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | static.175.63.13.49.clients.your-server.de |
๐ DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | 1/3 domains |
| DMARC | 1/3 domains |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
| Domains Checked | 3 domains |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| Closed Ports | 22, 25, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | nginx |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | amreolog.duckdns.orgamreoplausible.duckdns.orgamreowww.duckdns.orgauto.eticadigitale.orgbitwarden.eticadigitale.orgcollabora.eticadigitale.orgeticadigitale.orglink.eticadigitale.orglista.eticadigitale.orgmanuale.eticadigitale.org |
| Valid From | 2026-05-26T06:12:01+00:00 |
| Valid Until | 2026-08-24T06:12:00+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha384ECDSA |
| Validity Period | 89 days |
| Serial Number | 06BFA270019FF1C6689E0AF1127851CB6E29 |
| Thumbprint | 078A31ADD31FB9948380CE2105C3D56BA6BF4AF5 |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 4 |
| routing | 27% | 2 | 3 |
| services | 29% | 2 | 4 |
| ownership | 22% | 3 | 4 |
| reputation | 28% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 27% | 12 | 21 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-16 21:01:14 UTC |
| Last Seen | 2026-06-28 04:00:39 UTC |
| Profile Built | 2026-06-28 22:06:28 UTC |
| Data Freshness | Live |
| Signal Types | 28 |
| Total Observations | 35 |
Full dossier details are available via our API.