130.185.119.61
# IP INTELLIGENCE BRIEFING
Target: 130.185.119.61/32
Classification: Cloud Infrastructure / Low Risk
Date: Current Assessment
Analyst: IPDebrief SOC Intelligence
---
## EXECUTIVE SUMMARY
IP address 130.185.119.61 is a Contabo cloud compute instance with low-risk characteristics. The asset operates within a moderately active subnet (130.185.119.0/24) with 0.5 abuse density. No active threat indicators detected, though one neighboring IP (130.185.119.80) shows elevated risk characteristics.
---
## TECHNICAL PROFILE
Ownership & Infrastructure
- Provider: Contabo (ASN 51167, ARIN)
- Infrastructure Type: CloudCompute / Cloud Hosting
- Registration: Johannes Selg
- Network: 130.185.119.0/24 (BGP prefix 130.185.119.0/24)
Geolocation
- Primary: Germany (DE)
- Secondary: United States (New York, NY)
- Consensus: Inconsistent (geoConsensus: false)
- Accuracy Radius: 400km
DNS Resolution
- PTR Hostname: vmi3017684.contaboserver.net
- Forward Confirmation: True
- Domain: contaboserver.net
- Forward Hostnames: vmi3017684.contaboserver.net
---
## RISK ASSESSMENT
Current Risk Score: 25/100 (Low Risk)
Risk Breakdown:
- Provider Score: 0
- Authority Score: 0
- Stability Score: 0
- Stability Label: N/A
Threat Indicators:
- Blacklist Count: 0
- Tor Exit Node: No
- Known Attacker: No
- Spam Source: No
- Active Threats: None
Control Plane:
- Route Stability: False
- Operator Score: 0.2609 (Basic)
- DNSBL Listed: 1 of 8 total lists
- Route Changes (30d): 0
---
## OBSERVATION HISTORY
Monitoring Period: 20 observations tracked
- Latest Signal (2026-06-19): Minimal operator score (0.15), confidence 0.60
- Previous Signal (2026-06-14): Basic operator score (0.3), confidence 0.60
- Threat Persistence: 0 days
- Ownership Changes: 0
Temporal Analysis: No persistent malicious behavior detected. IP shows minimal risk progression over observation window.
---
## NETWORK RELATIONSHIPS
Identified Relationships (36 total):
- DNS Associations: vmi3017684.contaboserver.net
- Network Associations: TT-2021122203 (multiple entries)
Key Associations:
- Hostname resolution consistently maps to Contabo VMI infrastructure
- Network-level relationships indicate shared infrastructure with 35+ related entities
---
## NEIGHBORHOOD ANALYSIS
Subnet: 130.185.119.0/24
Abuse Density: 0.5 (Moderate)
Classification: mostly_clean
Sibling Analysis:
- Total Siblings: 2
- Active Siblings: 0
- Threat Siblings: 1
- Neighbor Risk Distribution: 1 low-risk, 0 medium-risk, 0 high-risk
Notable Neighbor: 130.185.119.80
- Risk Score: 25
- Authority Score: 60
- Status: Requires monitoring
---
## SERVICES & PORTS
Open Ports: None detected
Service Purpose: Firewalled / No Services
HTTP/HTTPS: No active services detected
TLS Certificate: None
Banner Grab: None
---
## RECOMMENDED ACTIONS
Current Risk Level: Low (Score: 25)
Security Recommendations:
- No immediate blocking required due to low risk profile
- Monitor neighborhood IP 130.185.119.80 for potential correlation
- Standard cloud compute monitoring procedures apply
- No specific firewall rules generated (low risk threshold)
Firewall Rules: Not recommended at current risk level
---
## INTELLIGENCE CONCLUSIONS
1. Risk Profile: Low-risk cloud infrastructure asset with no active threat indicators
2. Infrastructure: Standard Contabo VMI with proper DNS resolution
3. Threat Context: Subnet shows moderate abuse density (0.5) but target IP remains clean
4. Correlation: One neighboring IP (130.185.119.80) warrants continued monitoring
5. Actionability: No immediate blocking or mitigation actions required
Final Assessment: Routine cloud compute instance. Maintain standard monitoring. No escalation required.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Johannes Selg |
| ASN | AS51167 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | vmi3017684.contaboserver.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | vmi3401031.contaboserver.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 28% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 23% | 2 | 2 |
| Overall | 23% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-14 23:34:40 UTC |
| Last Seen | 2026-06-28 01:37:20 UTC |
| Profile Built | 2026-06-29 01:46:05 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 26 |
Full dossier details are available via our API.