185.182.186.79

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 185.182.186.79

*Generated via IPDebrief analysis*

---

Key Findings

1. Ownership & Geolocation

- Provider: Contabo (cloud hosting service).

- Registration: ASN 51167, registered to Johannes Selg (Germany).

- Geolocation: Located in Munich, Germany (51.17°N, 10.45°E). A secondary signal suggests France (Lauterbourg), but this may indicate misconfiguration or false positive.

2. Threat Indicators

- No malicious activity detected: No indicators of spam, attacks, or known malicious campaigns.

- DNS Associations: Linked to `vmi2862295.contaboserver.net` (likely a cloud VM).

3. Network Role

- Cloud Compute: Identified as a firewalled cloud server (no open ports or services detected).

- Subnet: Part of `185.182.186.0/23`, with no neighboring IPs flagged for abuse.

4. Risk Profile

- Moderate Risk (Score: 50): Low immediate threat, but monitoring is advised due to hosting provider context.

- No DNSBL Listings: Not listed in major blacklists.

---

Actionable Insights

Monitor for Anomalies: Track DNS resolution and geolocation consistency, as conflicting signals may indicate misconfigurations.
Verify Hosting Context: Confirm Contabo’s compliance practices, as cloud providers may host both legitimate and malicious infrastructure.
Check Related Hostnames: Investigate `vmi2862295.contaboserver.net` for additional context or potential ties to other IPs.

---

Recommendations

Do Not Block: No evidence of active threats.
Log & Analyze: Correlate with internal logs for unusual traffic patterns.
Validate Geolocation: Cross-check with internal geolocation tools to resolve conflicting signals.

Note: This IP appears to be a standard cloud server with no direct malicious indicators. Further investigation should focus on contextual anomalies rather than immediate blocking.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇩🇪 Germany
Region	25
City	Milan
Timezone	Europe/Berlin
Latitude	51.17
Longitude	10.45

🏢 Ownership & Registration

Organization	Johannes Selg
ASN	AS51167
Network Name	TT-20220320
CIDR Block	185.182.186.0/23
RIR	RIPE
Country	DE
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	vmi2862295.contaboserver.net
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`vmi3401087.contaboserver.net`

🔐 DNS Hygiene

Hygiene Score	40% (Fair)
SPF	Not configured
DMARC	Not configured
FCrDNS	Verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
443	https	tcp	—
22	ssh	tcp	SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16
Closed Ports	25, 3389, 8080, 8443 (3 open / 7 scanned)

Server	—
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16

🔐 TLS Certificate

A self-signed certificate was detected. This is common for development servers, internal services, or IoT devices.

⚠️

CN=TRAEFIK DEFAULT CERT

Issued by CN=TRAEFIK DEFAULT CERT

Self-signed: Yes

SANs	3f0c9ccb80457c4caecc19e9da6ac08c.2dd301a9f161c2c3a1b7559903ec951e.traefik.default
Valid From	2026-06-29T00:47:23+00:00
Valid Until	2027-06-29T00:47:23+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_128_GCM_SHA256
Signature Algorithm	sha256RSA
Validity Period	365 days
Serial Number	00E36244781BAAC626CF64ABEBAEBC039B
Thumbprint	CACC6725CDE46024879A503B55CFD56EBC4CBA88

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	27%	2	3
routing	24%	2	3
services	8%	1	1
ownership	35%	3	5
reputation	22%	1	3
geolocation	27%	2	3
Overall	24%	11	18

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-28 00:16:14 UTC
Last Seen	2026-06-29 04:55:30 UTC
Profile Built	2026-06-29 05:31:22 UTC
Data Freshness	Live
Signal Types	26
Total Observations	29

🔍 26 signal types · 29 observations collected

This report is generated from 26+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

185.182.186.79📋 Copy

**Key Findings**

**Actionable Insights**

**Recommendations**