144.126.159.116

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

## IP Intelligence Briefing: 144.126.159.116/32

Classification: Low Risk - Cloud Infrastructure Asset

Date: Current Analysis Cycle

Provider: Contabo Inc. (AS40021)

---

Executive Summary

IP 144.126.159.116 is a low-risk cloud compute resource hosted on Contabo infrastructure. The asset shows no active threat indicators, minimal abuse history, and standard residential hosting characteristics. Current risk assessment score: 25/100.

Infrastructure Profile

Organization: Contabo Inc. (CONTA-48)
ASN: AS40021
CIDR Block: 144.126.128.0/19
Geolocation: United States (Missouri, St. Louis)
Infrastructure Type: Cloud Compute
DNS Resolved: vmi2738012.contaboserver.net

Threat Assessment

Current Risk Level: Low (Score: 25/100)

Threat Indicators:

No active threat indicators detected
Not a Tor exit node
Not identified as known attacker
Not listed as spam source
Blacklist count: 0

Control Plane:

DNSSEC: Valid
Route Stability: Unstable
DNSBL Listings: 1/8 total lists
RPKI State: Not evaluated

Service Exposure

Network Services: None detected

No open ports identified
No TLS certificates observed
No HTTP banners or web services detected
Classification: Firewalled/No Services

Historical Analysis

Observation Count: 18 historical signals tracked

Temporal Trends:

2026-06-16: Recent proxy classification observed (risk: 66) via proxycheck-io
2026-06-11: Subnet classification showed "clean" status with zero abuse density
Threat persistence: Not persistent
Ownership changes: None recorded

Neighborhood Analysis

Subnet: 144.126.159.116/24

Abuse Density: 0
Threat Siblings: 0
Active Siblings: 0
Classification: Clean

Geolocation Validation

Distance from expected location: 7,115.6 km
Minimum possible RTT: 142.3ms
Observed RTT: 50-54.4ms (anomaly detected)
GeoValidation: Plausibility flag raised due to RTT discrepancy

Related Entities

DNS Associations: vmi2738012.contaboserver.net

Network Associations: CONTA-48 (Contabo Inc.)

Correlated IPs: 0 correlated IPs in threat campaigns

Security Actions

Recommended Actions: None

No firewall rules or blocking recommendations generated
Asset exhibits standard cloud hosting behavior
Monitoring recommended but no immediate remediation required

Intelligence Assessment

The IP address represents a legitimate cloud hosting asset with no malicious activity observed. The recent proxy classification (2026-06-16) warrants awareness but does not indicate malicious intent given the overall low-risk profile and clean neighborhood analysis. The RTT/geolocation anomaly may indicate routing irregularities or measurement error but does not alter the threat assessment.

Recommendation: Continue standard monitoring. No immediate blocking or remediation actions required.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇺🇸 United States
Region	MO
City	St Louis (Downtown)
Timezone	—
Latitude	38.64
Longitude	-90.20

🏢 Ownership & Registration

Organization	Contabo Inc.
ASN	AS40021
Network Name	CONTA-48
CIDR Block	144.126.128.0/19
RIR	ARIN
Country	United States
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	vmi2738012.contaboserver.net
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`vmi2738012.contaboserver.net`

🔐 DNS Hygiene

Hygiene Score	40% (Fair)
SPF	Not configured
DMARC	Not configured
FCrDNS	Verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Tier 3 — Basic operator with some routing infrastructure

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	27%	2	3
routing	13%	1	1
services	13%	1	1
ownership	27%	2	3
reputation	22%	1	3
geolocation	27%	2	3
Overall	22%	9	14

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Mostly Consistent (80%) — 1 contradiction(s)
Attribution	Moderate (55%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

⚠ Claimed geolocation contradicts RTT physics measurement

📅 Observation Timeline 🔄 Live

First Seen	2026-05-28 06:15:47 UTC
Last Seen	2026-06-29 05:05:17 UTC
Profile Built	2026-06-29 05:08:41 UTC
Data Freshness	Live
Signal Types	20
Total Observations	20

🔍 20 signal types · 20 observations collected

This report is generated from 20+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

144.126.159.116📋 Copy