185.194.219.72
IP Intelligence Dossier
Your IP: 216.73.216.123
π€ Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.
IP Intelligence Briefing: 185.194.219.72
Date: June 6, 2026
---
**1. Risk Profile**
- Risk Score: 25 (Low Risk)
- Provider: Contabo (CloudCompute)
- Ownership: Registered to *Johannes Selg* (ASN 51167).
- Geolocation: Germany (DE), Lauterbourg, Grand Est region. Coordinates: 51.17°N, 10.45°E.
- Network Role: Hosting provider (Contabo) with no evidence of VPN, Tor, or residential traffic.
---
**2. Threat Indicators**
- No malicious activity detected: No indicators of spam, abuse, or known attacker campaigns.
- TLS Certificate: Valid, issued to *crm.naturalljuice.com* (Letβs Encrypt).
- Services:
- HTTP/HTTPS (port 80/443) with Nginx server banner.
- SSH (port 22) using OpenSSH 10.0p2.
- DNS: PTR hostname *ip-72-219-194-185.static.contabo.net* resolved to *contabo.net*.
---
**3. Observation History**
- Stability: No significant changes in risk signals over the past 30 days.
- Geolocation Consistency: Plausible location with RTT (Round-Trip Time) of 110ms.
- Network Activity: Static IP with no dynamic changes.
---
**4. Network Relationships**
- Subnet: 185.194.219.72/24.
- Neighbors: No active or threatening sibling IPs in the subnet.
- Shared Networks: Linked to *TT-2021101304* (same network identifier).
---
**5. Recommendations**
- Monitor: Track SSH access and TLS certificate validity, as the server is publicly accessible.
- Firewall: Allow traffic on ports 80, 443, and 22 with rate limiting to mitigate brute-force attempts.
- Verify: Confirm ownership with Contabo to ensure no unauthorized use of the IP.
---
Conclusion: This IP is a legitimate cloud server with no current threat indicators. Regular monitoring is advised to ensure compliance and security posture.
Source: IPDebrief Threat Intelligence Platform
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Johannes Selg |
| ASN | AS51167 |
| Network Name | β |
| CIDR Block | β |
| RIR | RIPE |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | ip-72-219-194-185.static.contabo.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | ip-72-219-194-185.static.contabo.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | 1/2 domains |
| DMARC | 0/2 domains |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
| Domains Checked | 2 domains |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | nginx |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_10.0p2 Debian-7+deb13u4 |
π TLS Certificate
CN=crm.naturalljuice.com
Issued by CN=E8, O=Let's Encrypt, C=US
Self-signed: No
| SANs | crm.naturalljuice.com |
| Valid From | 2026-05-12T19:57:31+00:00 |
| Valid Until | 2026-08-10T19:57:30+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha384ECDSA |
| Validity Period | 89 days |
| Serial Number | 06E7B148E87FE26BE81282252E3478C8384E |
| Thumbprint | E38E5989C8971A0DE02B3AE8A270D3592819A029 |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 26% | 2 | 3 |
| ownership | 20% | 2 | 3 |
| reputation | 18% | 1 | 2 |
| geolocation | 33% | 2 | 3 |
| Overall | 22% | 10 | 15 |
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-21 20:59:44 UTC |
| Last Seen | 2026-06-28 15:41:04 UTC |
| Profile Built | 2026-06-29 03:45:50 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 25 |
π 22 signal types Β· 25 observations collected
This report is generated from 22+ independent intelligence signals including
ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds,
behavioral fingerprinting, and more.
Full dossier details are available via our API.
Full dossier details are available via our API.
βΉοΈ About This Report
All data shown is publicly available network metadata β IP addresses do not reliably identify individuals.
Assessments are probabilistic and should not be used as sole basis for access control decisions.
To report an issue or request data review, contact admin@ipdebrief.com.