IP Intelligence Briefing: 78.47.81.216
*Generated via IPDebrief tools: Profile, History, Relationships, Neighbors*
---
**Key Findings**
1. Risk Profile:
- Overall Risk: Low (Risk Score: 25).
- Ownership: Owned by Hetzner Online GmbH (cloud hosting provider).
- Geolocation: Germany (Bavaria), registered to a commercial cloud infrastructure.
- Network Role: CloudCompute instance (firewalled, no public services).
2. Threat Observations:
- Single Threat Signal: One high-severity listing in DNS-based threat feeds (confidence: 85%).
- Subnet Risk: Part of a /24 subnet (78.47.81.216/24) with abuse density 1 (low risk).
- Neighbor Analysis: No active neighbors detected; subnet appears isolated.
3. Relationships:
- DNS Associations: Linked to `mail.stablepayme.com` (SPF/DMARC configured).
- Network Group: Part of Hetznerβs `CLOUD-NBG1` subnet (shared infrastructure).
4. Historical Trends:
- Stability: No ownership or threat persistence detected.
- Activity: Single observation of potential malicious activity (2026-06-01).
---
**Actionable Intelligence**
- Monitor Subnet: Track 78.47.81.216/24 for increased threat signals or lateral movement.
- Verify Email Security: Investigate `mail.stablepayme.com` for phishing or spoofing risks.
- No Immediate Mitigation Needed: Low risk score and no active threats justify no blocking at this time.
Recommendation: Continue monitoring for changes in threat indicators or network behavior.
---
*Generated by IPDebrief. All data sourced from public threat intelligence feeds and network telemetry.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Hetzner Online GmbH - Contact Role |
| ASN | AS24940 |
| Network Name | CLOUD-NBG1 |
| CIDR Block | 78.47.81.208/28 |
| RIR | RIPE |
| Country | DE |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | mail.stablepayme.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | mail.stablepayme.com |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| 8080 | http-alt | tcp | β |
| Closed Ports | 22, 25, 3389, 8443 (3 open / 7 scanned) | ||
| Server | nginx/1.24.0 (Ubuntu) |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | 2025-11-09T00:05:00+00:00 |
| Valid Until | 2035-11-07T00:05:00+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha256RSA |
| Validity Period | 3650 days |
| Serial Number | 67FFEFFACB33FB39C047CE4932108635AD5F9154 |
| Thumbprint | 625C14E9FAE7557D74826D0540D840B8E4118C8A |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 24% | 2 | 3 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 21% | 10 | 16 |
| Data Coherence | Mixed Signals (68%) β 2 contradiction(s) |
| Attribution | Moderate (55%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
β TLS certificate claims US but primary geo says DE
π Observation Timeline π Live
| First Seen | 2026-05-27 13:18:07 UTC |
| Last Seen | 2026-06-29 04:30:34 UTC |
| Profile Built | 2026-06-29 04:38:30 UTC |
| Data Freshness | Live |
| Signal Types | 25 |
| Total Observations | 25 |
Full dossier details are available via our API.