49.13.63.175

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 49.13.63.175/32

Classification: Low Risk – Hosting Infrastructure

Report Date: Current analysis cycle

Analysis Authority: IPDebrief Intelligence Platform

---

## Executive Summary

IP 49.13.63.175 is classified as Low Risk (Score: 25/100). The address belongs to Hetzner Online GmbH (ASN 24940), a Tier-1 European hosting provider with infrastructure located in Falkenstein, Saxony, Germany. The IP operates as a standard web server hosting multiple domains through the your-server.de network. While the IP presents a generally benign profile, it exhibits one DNSBL listing and demonstrates moderate operator-level risk characteristics.

---

## Technical Profile

Ownership & Network:

ASN: 24940 (Hetzner Online GmbH)
Country: Germany (DE)
Region: Saxony
City: Falkenstein
RIR: APNIC
BGP Prefix: 49.13.0.0/16
Route Stability: Stable (no changes in last 30 days)
DNSSEC: Valid

Network Role:

Infrastructure Type: Hosting Provider
Connection Type: Cloud Computing
Service Purpose: Web Server
Not a proxy, CDN, or VPN

DNS Configuration:

PTR Record: static.175.63.13.49.clients.your-server.de
Forward Resolution: Confirmed
SPF: Configured
DMARC: Configured
Hosted Domains: amreolog.duckdns.org, amreoplausible.duckdns.org, amreowww.duckdns.org, auto.eticadigitale.org, bitwarden.eticadigitale.org, and 5 additional domains

Active Services:

Port 80/TCP: HTTP (nginx)
Port 443/TCP: HTTPS (nginx)
TLS Certificate: Let's Encrypt (issued to amreolog.duckdns.org)
HTTP Status: 502 (Bad Gateway)

---

## Threat Indicators

Risk Assessment:

Overall Risk Score: 25/100 (Low)
Abuse Confidence: Not available
Blacklist Count: 1 DNSBL listing
Pulsedive Risk: Not available
Known Campaigns: None identified

Threat Feeds:

No active threat indicators
No known attacker status
No spam source designation
No Tor exit node activity

---

## Observation History

Signal Count: 29 historical observations

Recent Activity (June 2026):

Infrastructure classification: Cloud/Hosting (confidence: 90%)
ASN attribution: AS24940 Hetzner Online GmbH (confidence: 80%)
Geographic inference: Falkenstein, Germany (confidence: 52%, ±400km accuracy)
HTTP response: 502 status code with nginx server fingerprint
Operator Score: 0.5217 (Moderate)
Threat Persistence: No persistent malicious behavior observed

Temporal Analysis:

Ownership changes: 0
Threat observation count: 1
Persistence classification: Not persistently malicious

---

## Network Relationships

DNS Associations:

Primary hostname: static.175.63.13.49.clients.your-server.de

Network Topology:

Same Network: CLOUD-FSN1 (multiple associations)
Total Relationships: 65
Relationship Types: DNS associations, network infrastructure links

---

## Neighborhood Analysis

Subnet: 49.13.63.175/24

Abuse Density: 1/255 (low)
Classification: Mostly Clean
Total Siblings: 1
Active Siblings: 1
Threat Siblings: 1

The /24 subnet demonstrates minimal abuse activity, with the target IP representing typical hosting infrastructure rather than malicious activity.

---

## Recommended Actions

Risk-Based Recommendations:

No immediate blocking required based on current risk profile
Monitor for DNSBL listing changes
Standard logging and monitoring recommended for security baseline

Firewall Rules:

No specific blocking rules generated
Consider rate-limiting if traffic patterns appear anomalous

SOC Analyst Notes:

IP is legitimate hosting infrastructure with valid credentials and proper DNS configuration
The single DNSBL listing warrants periodic review but does not indicate active abuse
Standard connection logging recommended for compliance and forensics
No immediate threat action required

---

Disclaimer: This intelligence briefing is based on automated analysis from the IPDebrief platform. All conclusions are derived from observable data and should be correlated with additional threat intelligence sources before operational decisions.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇩🇪 Germany
Region	Saxony
City	Falkenstein
Timezone	Europe/Berlin
Latitude	51.17
Longitude	10.45

🏢 Ownership & Registration

Organization	Hetzner Online GmbH - Contact Role
ASN	AS24940
Network Name	—
CIDR Block	49.13.0.0/16
RIR	APNIC
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	static.175.63.13.49.clients.your-server.de
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`static.175.63.13.49.clients.your-server.de`

🔐 DNS Hygiene

Hygiene Score	100% (Excellent)
SPF	1/3 domains
DMARC	1/3 domains
FCrDNS	Verified
DNSSEC	Valid
CAA	Present
Domains Checked	3 domains

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Tier 3 — Basic operator with some routing infrastructure

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
443	https	tcp	—
Closed Ports	22, 25, 3389, 8080, 8443 (2 open / 7 scanned)

Server	nginx
HTTP Title	—

🔐 TLS Certificate

🔒

CN=amreolog.duckdns.org

Issued by CN=E7, O=Let's Encrypt, C=US

Self-signed: No

SANs	amreolog.duckdns.orgamreoplausible.duckdns.orgamreowww.duckdns.orgauto.eticadigitale.orgbitwarden.eticadigitale.orgcollabora.eticadigitale.orgeticadigitale.orglink.eticadigitale.orglista.eticadigitale.orgmanuale.eticadigitale.org
Valid From	2026-05-26T06:12:01+00:00
Valid Until	2026-08-24T06:12:00+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_256_GCM_SHA384
Signature Algorithm	sha384ECDSA
Validity Period	89 days
Serial Number	06BFA270019FF1C6689E0AF1127851CB6E29
Thumbprint	078A31ADD31FB9948380CE2105C3D56BA6BF4AF5

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	26%	2	4
routing	27%	2	3
services	29%	2	4
ownership	22%	3	4
reputation	28%	1	3
geolocation	33%	2	3
Overall	27%	12	21

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-16 21:01:14 UTC
Last Seen	2026-06-28 04:00:39 UTC
Profile Built	2026-06-28 22:06:28 UTC
Data Freshness	Live
Signal Types	28
Total Observations	35

🔍 28 signal types · 35 observations collected

This report is generated from 28+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

49.13.63.175📋 Copy