IP Intelligence Briefing: 185.185.80.174
Date: 2026-06-10
---
**1. Core Profile**
- Risk Score: Low (25/100)
- Provider: Contabo (Cloud Hosting)
- Ownership: Johannes Selg (AS: 51167)
- Geolocation: Lauterbourg, Grand Est, Germany (51.17°N, 10.45°E)
- Network Role: Web Server (Nginx/1.24.0)
- Services:
- Open ports: HTTP (80), HTTPS (443), SSH (22)
- TLS Certificate: Valid (Letβs Encrypt, CN=alumframe.astraviamo.com)
- Server Banner: `nginx/1.24.0 (Ubuntu)`
---
**2. Threat Indicators**
- No Malicious Activity:
- No indicators of spam, phishing, or known attacker activity.
- No DNSBL listings (1/8 total lists).
- No active threats in observation history (0 threat observations).
- Security Configuration:
- SPF/DKIM/DMArc records detected for `astraviamo.com`.
- DNSSEC validation enabled.
---
**3. Network Relationships**
- DNS Associations:
- Linked to `vmi2870637.contaboserver.net` (Contabo-hosted).
- Network Subnet:
- Part of `185.185.80.0/24` (Contabo infrastructure).
- No suspicious peers or abuse density detected in subnet.
---
**4. Historical Observations**
- Stability:
- No recent changes in geolocation or network role.
- Persistent as a cloud-hosted server (no mobility detected).
- TLS/HTTP:
- 302 redirect detected (potential misconfiguration or redirect chain).
- No HTTP vulnerabilities (e.g., HSTS, CSP).
---
**5. Recommendations**
- Monitor:
- Track DNS records for `vmi2870637.contaboserver.net` for unexpected changes.
- Verify `astraviamo.com` domain security policies (SPF/DKIM) for email integrity.
- Firewall:
- Allow standard ports (80, 443, 22) for legitimate web/SSH traffic.
- Block non-standard or suspicious ports if detected.
- Subnet:
- Investigate `185.185.80.0/24` for potential lateral movement or shared infrastructure risks.
---
Conclusion:
This IP is a legitimate, low-risk web server hosted by Contabo. No immediate threat indicators are present, but ongoing monitoring is advised to detect anomalies in its network behavior or associated domains.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Johannes Selg |
| ASN | AS51167 |
| Network Name | β |
| CIDR Block | β |
| RIR | RIPE |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | vmi2870637.contaboserver.net |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | vmi2870637.contaboserver.net |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | 1/2 domains |
| DMARC | 1/2 domains |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
| Domains Checked | 2 domains |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | nginx/1.24.0 (Ubuntu) |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16 |
π TLS Certificate
| SANs | alumframe.astraviamo.com |
| Valid From | 2026-06-21T16:41:59+00:00 |
| Valid Until | 2026-09-19T16:41:58+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha384ECDSA |
| Validity Period | 89 days |
| Serial Number | 05D9AE86CC5EEFBD013C10AFE6EC8085D916 |
| Thumbprint | 02E25EAA3CEC7101BF1441DC06FF47151BA45352 |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 37% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 25% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-24 06:33:00 UTC |
| Last Seen | 2026-06-28 23:43:55 UTC |
| Profile Built | 2026-06-29 05:47:15 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 23 |
Full dossier details are available via our API.