IPDebrief

130.185.119.61

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING

Target: 130.185.119.61/32

Classification: Cloud Infrastructure / Low Risk

Date: Current Assessment

Analyst: IPDebrief SOC Intelligence

---

## EXECUTIVE SUMMARY

IP address 130.185.119.61 is a Contabo cloud compute instance with low-risk characteristics. The asset operates within a moderately active subnet (130.185.119.0/24) with 0.5 abuse density. No active threat indicators detected, though one neighboring IP (130.185.119.80) shows elevated risk characteristics.

---

## TECHNICAL PROFILE

Ownership & Infrastructure

Geolocation

DNS Resolution

---

## RISK ASSESSMENT

Current Risk Score: 25/100 (Low Risk)

Risk Breakdown:

Threat Indicators:

Control Plane:

---

## OBSERVATION HISTORY

Monitoring Period: 20 observations tracked

Temporal Analysis: No persistent malicious behavior detected. IP shows minimal risk progression over observation window.

---

## NETWORK RELATIONSHIPS

Identified Relationships (36 total):

Key Associations:

---

## NEIGHBORHOOD ANALYSIS

Subnet: 130.185.119.0/24

Abuse Density: 0.5 (Moderate)

Classification: mostly_clean

Sibling Analysis:

Notable Neighbor: 130.185.119.80

---

## SERVICES & PORTS

Open Ports: None detected

Service Purpose: Firewalled / No Services

HTTP/HTTPS: No active services detected

TLS Certificate: None

Banner Grab: None

---

## RECOMMENDED ACTIONS

Current Risk Level: Low (Score: 25)

Security Recommendations:

Firewall Rules: Not recommended at current risk level

---

## INTELLIGENCE CONCLUSIONS

1. Risk Profile: Low-risk cloud infrastructure asset with no active threat indicators

2. Infrastructure: Standard Contabo VMI with proper DNS resolution

3. Threat Context: Subnet shows moderate abuse density (0.5) but target IP remains clean

4. Correlation: One neighboring IP (130.185.119.80) warrants continued monitoring

5. Actionability: No immediate blocking or mitigation actions required

Final Assessment: Routine cloud compute instance. Maintain standard monitoring. No escalation required.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ฉ๐Ÿ‡ช Germany
RegionNY
CityNew York
TimezoneEurope/Berlin
Latitude51.17
Longitude10.45

๐Ÿข Ownership & Registration

OrganizationJohannes Selg
ASNAS51167
Network Nameโ€”
CIDR Blockโ€”
RIRARIN
Countryโ€”
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTRvmi3017684.contaboserver.net
Forward ConfirmedYes โ€” FCrDNS verified
Forward Hostnamesvmi3401031.contaboserver.net

๐Ÿ” DNS Hygiene

Hygiene Score40% (Fair)
SPFNot configured
DMARCNot configured
FCrDNSVerified
DNSSECValid
CAANot configured

โ˜๏ธ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeFirewalled / No Services
Network TierHosting โ€” Infrastructure provider without advanced routing
CloudHosting

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Closed Ports22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)
Serverโ€”
HTTP Titleโ€”

๐Ÿ” TLS Certificate

๐Ÿ”’
No certificate
Issued by โ€”
N/A
SANsNone
Valid Fromโ€”
Valid Untilโ€”

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
25%
24
routing
13%
11
services
28%
23
ownership
24%
23
reputation
26%
13
geolocation
23%
22
Overall23%1016
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (70%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-05-14 23:34:40 UTC
Last Seen2026-06-28 01:37:20 UTC
Profile Built2026-06-29 01:46:05 UTC
Data FreshnessLive
Signal Types21
Total Observations26
๐Ÿ” 21 signal types ยท 26 observations collected
This report is generated from 21+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.