185.205.244.119

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

INTELLIGENCE BRIEFING: 185.205.244.119/32

Classification: LOW RISK — Cloud Infrastructure Asset

Date of Analysis: 2026-06-19

Risk Score: 25/100

---

1. OVERVIEW & OWNERSHIP

The IP address 185.205.244.119 is registered to Contabo (ASN: 51167) under the organization "Johannes Selg." The infrastructure is classified as cloud compute with a RIR registry of RIPE. The IP operates within the 185.205.244.0/24 CIDR block with a BGP prefix origin at ASN 51167.

2. GEOLOCATION

Country: Germany (DE)
Region: Grand Est
City: Lauterbourg
Coordinates: 51.17°N, 10.45°E
Timezone: Europe/Berlin
Geolocation Consensus: True (single geo source)

3. NETWORK INFRASTRUCTURE

DNS PTR: vmi3153534.contaboserver.net
Forward Resolution: vmi3153534.contaboserver.net (confirmed)
Open Ports: TCP/80 (HTTP), TCP/443 (HTTPS)
TLS Certificate: Issued by TRAEFIK DEFAULT CERT (non-self-signed)
HTTP/2 Support: Enabled
Default Status Code: 404 (Not Found)

4. THREAT INDICATORS

Abuse Confidence Score: Not applicable (low risk profile)
Known Attacker: False
Spam Source: False
Tor Exit Node: False
Known Campaigns: None detected
DNSBL Listings: 1 out of 8 total lists
Blacklist Count: 0
Threat Feeds: Empty

5. TEMPORAL ANALYSIS

Observation Count: 28 historical signals
Threat Observation Count: 1
Persistence Status: Not persistently malicious
Ownership Changes: 0 (stable registration)
Recent Activity: Signals observed on 2026-06-19

6. NETWORK NEIGHBORHOOD

Subnet: 185.205.244.119/24
Abuse Density: 0 (mostly clean classification)
Total Siblings: 3
Active Siblings: 2
Threat Siblings: 3
Neighbor Risk Scores: 25/100 (185.205.244.22), 25/100 (185.205.244.131)
Inherited Risk: 7/100

7. RELATIONSHIP GRAPH

Total Relationships: 82
Network Associations: TT-20220302 (Same Network)
DNS Associations: vmi3153534.contaboserver.net
Organization Link: Johannes Selg

8. SECURITY ACTIONS & RECOMMENDATIONS

No specific firewall or blocking actions are recommended. The IP presents a low-risk profile with no actionable threats requiring immediate remediation.

---

INTELLIGENCE SUMMARY

IP 185.205.244.119 is a low-risk Contabo cloud server located in Lauterbourg, Germany. The asset operates as a web server with HTTP/2 support and Traefik reverse proxy configuration. Key indicators include a single DNSBL listing, a 404 default response status, and a self-signed TLS certificate. The IP is not associated with known malicious campaigns or persistent threat activity. Neighborhood analysis reveals an abuse density of 0, indicating the broader subnet maintains a clean security posture. No blocking or filtering actions are warranted at this time; continued monitoring is sufficient.

---

Generated by IPDebrief Intelligence Platform

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇩🇪 Germany
Region	Grand Est
City	Lauterbourg
Timezone	Europe/Berlin
Latitude	51.17
Longitude	10.45

🏢 Ownership & Registration

Organization	Johannes Selg
ASN	AS51167
Network Name	—
CIDR Block	—
RIR	RIPE
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	vmi3153534.contaboserver.net
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`vmi3153534.contaboserver.net`

🔐 DNS Hygiene

Hygiene Score	40% (Fair)
SPF	0/2 domains
DMARC	0/2 domains
FCrDNS	Verified
DNSSEC	Valid
CAA	Not configured
Domains Checked	2 domains

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
443	https	tcp	—
Closed Ports	22, 25, 3389, 8080, 8443 (2 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

A self-signed certificate was detected. This is common for development servers, internal services, or IoT devices.

⚠️

CN=TRAEFIK DEFAULT CERT

Issued by CN=TRAEFIK DEFAULT CERT

Self-signed: Yes

SANs	ffc3fbffbb421d4bad388f813767619f.6bf5d9fd354bcabde035764c57f945e8.traefik.default
Valid From	2026-06-12T03:03:44+00:00
Valid Until	2027-06-12T03:03:44+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_128_GCM_SHA256
Signature Algorithm	sha256RSA
Validity Period	365 days
Serial Number	1DAF6AC8C1F97BE09814D9984C4B872B
Thumbprint	C23B29E4AE3F78DBF00A1D8C8887F70DDBEE3FB4

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	32%	2	4
routing	13%	1	1
services	28%	2	3
ownership	20%	2	3
reputation	27%	1	3
geolocation	37%	2	3
Overall	26%	10	17

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-08 17:17:48 UTC
Last Seen	2026-06-27 13:41:57 UTC
Profile Built	2026-06-28 07:46:33 UTC
Data Freshness	Live
Signal Types	25
Total Observations	32

🔍 25 signal types · 32 observations collected

This report is generated from 25+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

185.205.244.119📋 Copy

**1. OVERVIEW & OWNERSHIP**

**2. GEOLOCATION**

**3. NETWORK INFRASTRUCTURE**

**4. THREAT INDICATORS**

**5. TEMPORAL ANALYSIS**

**6. NETWORK NEIGHBORHOOD**

**7. RELATIONSHIP GRAPH**

**8. SECURITY ACTIONS & RECOMMENDATIONS**

**INTELLIGENCE SUMMARY**