109.199.126.83
IP Intelligence Briefing: 109.199.126.83
*Generated via IPDebrief Threat Intelligence Platform*
---
**1. Core Risk Profile**
- Risk Score: 25 (Low Risk)
- Provider: Contabo (Cloud Hosting)
- Ownership: Registered to Johannes Selg (AS12345, ARIN)
- Geolocation:
- Country: Germany (DE)
- City: Lauterbourg (France) [Geolocation discrepancy noted]
- Coordinates: 51.17°N, 10.45°E
- Accuracy Radius: 400 km
---
**2. Network & Infrastructure**
- Network Role:
- CloudCompute instance (Contabo)
- Hosting provider: Contabo (AS51167)
- Subnet: 109.199.126.83/24
- Services:
- No open ports or active services detected.
- No TLS certificates or HTTP banners.
- DNS:
- PTR hostname: `vmi3325983.contaboserver.net`
- No email authentication records (SPF/DKIM/DMArC).
---
**3. Threat & Behavioral Indicators**
- Threat Activity:
- No malicious indicators (no malware, phishing, or C2 activity).
- No DNSBL listings or spam associations.
- Behavioral Observations:
- Static IP with no port scanning or dynamic behavior.
- Geolocation inconsistencies (France vs. Germany).
---
**4. Network Relationships**
- Subnet: 109.199.112.0/20 (Contabo network)
- Neighbors:
- 109.199.126.3 (low-risk, no abuse density)
- Associations:
- Linked to `vmi3325983.contaboserver.net` (Contabo VM).
---
**5. Historical Trends (Last 30 Days)**
- Stability:
- No route changes or ownership shifts.
- Geolocation data inconsistent across sources.
- Risk Trends:
- No persistent malicious activity.
---
**6. Recommendations for SOC**
- Monitoring:
- Validate geolocation anomalies (France vs. Germany).
- Monitor for unexpected service activation or port openings.
- Mitigation:
- No immediate action required.
- Consider blocking neighbor IPs if future risk emerges.
---
Note: This IP is associated with a legitimate cloud hosting provider. No actionable threats detected. Use historical data to validate geolocation accuracy.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Johannes Selg |
| ASN | AS51167 |
| Network Name | TT-20240214 |
| CIDR Block | 109.199.112.0/20 |
| RIR | ARIN |
| Country | DE |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | vmi3325983.contaboserver.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | vmi3325983.contaboserver.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 3 |
| routing | 8% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 27% | 2 | 3 |
| Overall | 20% | 9 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-26 12:50:34 UTC |
| Last Seen | 2026-06-29 02:59:27 UTC |
| Profile Built | 2026-06-29 03:18:22 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 21 |
Full dossier details are available via our API.