94.177.133.86
IP Intelligence Dossier
Your IP: 216.73.216.123
๐ค Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.
IP Intelligence Briefing: 94.177.133.86
Date: 2026-06-07
---
**1. Core Profile**
- Risk Score: Low (25/100)
- Ownership: Registered to Alexander Siebnich (ASN 200924, RIPE).
- Geolocation: Stuttgart, Baden-Württemberg, Germany (51.17°N, 10.45°E).
- Network Role: Web server (HTTPS on port 443).
- TLS Certificate: Self-signed, issued to *pew7loas2uhaqdfm.myfritz.net* (FritzBox domain).
- Services: No open banners, HTTP/HTTPS traffic only.
---
**2. Threat Indicators**
- No Malicious Activity: No indicators of spam, phishing, or known attacker campaigns.
- DNS Associations: Linked to *host-133-1-86.icu.de* (likely a home/small business network).
- Blacklist Status: Not listed in major DNSBLs (0/8 lists).
---
**3. Observation History (30-Day Window)**
- Activity Trends: Moderate confidence (50%) in DNS and geolocation signals.
- Domains Monitored: *fritz.nas*, *myfritz.box*, *fritzbox.internal*, *home.arpa* (home network domains).
- No Anomalies: No spikes in threat signals or abrupt changes in network behavior.
---
**4. Network Relationships**
- Same Network: Linked to DE-SIEBNICHCOM-2008-08-14 (likely the same /24 subnet).
- DNS Dependencies: Strong association with *icu.de* and FritzBox subdomains.
- No External Threats: No connections to known malicious subnets or organizations.
---
**5. Neighborhood Analysis**
- Subnet: 94.177.133.0/24 (no active/abused IPs reported).
- Neighbor Count: 0 (no sibling IPs detected in the subnet).
- Abuse Density: 0% (clean subnet).
---
**6. Recommendations**
- Monitoring: Track DNS associations and certificate updates for *myfritz.box* domains, as they may indicate home network activity.
- Firewall: No immediate action required; the IP shows no malicious intent.
- Context: Likely a residential or small business network using a FritzBox router.
Conclusion: This IP is low risk and appears to be a legitimate home/small business network with no malicious activity detected. Continue monitoring for unexpected changes in DNS or network behavior.
---
*Generated via IPDebrief intelligence tools.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Alexander Siebnich |
| ASN | AS200924 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | host-133-1-86.icu.de |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | host-133-1-86.icu.de |
๐ DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | 1/7 domains |
| DMARC | 1/7 domains |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
| Domains Checked | 7 domains |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Web Server |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 443 | https | tcp | โ |
| Closed Ports | 22, 25, 80, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
A self-signed certificate was detected. This is common for development servers, internal services, or IoT devices.
CN=pew7loas2uhaqdfm.myfritz.net
Issued by CN=pew7loas2uhaqdfm.myfritz.net
Self-signed: Yes
| SANs | pew7loas2uhaqdfm.myfritz.netfritz.boxwww.fritz.boxfritzbox.internalfritzbox.home.arpamyfritz.boxwww.myfritz.boxfritz.naswww.fritz.nas |
| Valid From | 2025-10-09T11:35:23+00:00 |
| Valid Until | 2038-01-15T11:35:23+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_128_GCM_SHA256 |
| Signature Algorithm | sha256RSA |
| Validity Period | 4481 days |
| Serial Number | 6C33EACB79717B30DC6BF40A9B43DE6E537DADE0 |
| Thumbprint | 20EBFA826F157AC0599BD742A612251CDFB7710F |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 27% | 2 | 3 |
| ownership | 27% | 2 | 3 |
| reputation | 13% | 1 | 2 |
| geolocation | 35% | 2 | 3 |
| Overall | 22% | 10 | 14 |
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-14 07:15:36 UTC |
| Last Seen | 2026-06-07 04:43:23 UTC |
| Profile Built | 2026-06-07 04:49:57 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 29 |
๐ 22 signal types ยท 29 observations collected
This report is generated from 22+ independent intelligence signals including
ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds,
behavioral fingerprinting, and more.
Full dossier details are available via our API.
Full dossier details are available via our API.
โน๏ธ About This Report
All data shown is publicly available network metadata โ IP addresses do not reliably identify individuals.
Assessments are probabilistic and should not be used as sole basis for access control decisions.
To report an issue or request data review, contact admin@ipdebrief.com.