213.199.54.107

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IPDEBRIEF INTELLIGENCE BRIEFING

Target: 213.199.54.107/32

Classification: Cloud Infrastructure - Low Risk

Date Generated: 2026-06-15

---

## EXECUTIVE SUMMARY

IP 213.199.54.107 is a low-risk virtual machine instance hosted on Contabo cloud infrastructure. The IP shows no active malicious indicators, no open services, and no threat intelligence associations. Classification indicates stable, benign network behavior typical of cloud compute environments.

---

## RISK PROFILE

Metric	Value
Overall Risk Score	25/100 (Low Risk)
Provider Score	0/100
Authority Score	0/100
Abuse Confidence	Not applicable
Blacklist Count	0

---

## OWNERSHIP & INFRASTRUCTURE

Organization: Johannes Selg
ASN: 51167
Provider: Contabo
Infrastructure Type: CloudCompute
Country: Germany (DE)
Location: Lauterbourg, Grand Est
Registration RIR: RIPE

---

## NETWORK CHARACTERISTICS

PTR Record: vmi3301104.contaboserver.net
DNS Forward Resolution: Forward confirmed (1 hostname)
Services: No open ports detected (firewalled)
TLS/HTTP: No services exposed
Network Role: Cloud-hosted virtual infrastructure

---

## THREAT INTELLIGENCE

Known Attacker: No
Tor Exit Node: No
Spam Source: No
Threat Feeds: None detected
Campaign Associations: None
DNS Blacklist Status: Not listed on major feeds

---

## GEOLOCATION VALIDATION

GeoConsensus: Validated
Accuracy Radius: 400km
ICMP Validation: Unable to validate (blocked)
Minimum Possible RTT: 8ms

---

## OBSERVATION HISTORY

Total Observations: 20
Ownership Changes: 0
Threat Persistence: 0 days
Persistently Malicious: False
Recent Activity: Single threat observation on 2026-06-15
Temporal Stability: High (no ownership or threat persistence indicators)

---

## NETWORK RELATIONSHIPS

DNS Associations: vmi3301104.contaboserver.net (multiple entries)
Network Associations: TT-20240306 (same network)
Total Relationships: 30
Certificate Associations: None

---

## SUBNET ANALYSIS (213.199.54.0/24)

Abuse Density: Low
Subnet Classification: Mostly clean
Total Siblings: 1
Active Siblings: 0
Threat Siblings: 1 (historical)

---

## ACTIONABLE RECOMMENDATIONS

Based on risk profile and threat intelligence, the following actions are recommended:

1. Allow Traffic: No blocking required; risk score indicates benign activity

2. Monitoring: Standard traffic monitoring sufficient

3. Firewall Rules: No specific rules needed (no open services)

4. Threat Hunting: Not recommended; no malicious indicators present

5. Reputation: Maintain positive reputation; no abuse history detected

---

## CONCLUSION

IP 213.199.54.107 represents cloud infrastructure with low risk characteristics. The IP is associated with Contabo's cloud hosting services and shows no malicious behavior patterns. SOC teams may treat this IP as benign with standard monitoring practices. No immediate defensive actions are warranted.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇩🇪 Germany
Region	Grand Est
City	Lauterbourg
Timezone	Europe/Berlin
Latitude	51.17
Longitude	10.45

🏢 Ownership & Registration

Organization	Johannes Selg
ASN	AS51167
Network Name	—
CIDR Block	—
RIR	RIPE
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	vmi3301104.contaboserver.net
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`vmi3301104.contaboserver.net`

🔐 DNS Hygiene

Hygiene Score	40% (Fair)
SPF	Not configured
DMARC	Not configured
FCrDNS	Verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	36%	2	4
routing	13%	1	1
services	15%	2	2
ownership	24%	2	3
reputation	31%	1	3
geolocation	33%	2	3
Overall	25%	10	16

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-18 15:26:25 UTC
Last Seen	2026-06-28 07:32:54 UTC
Profile Built	2026-06-29 01:38:04 UTC
Data Freshness	Live
Signal Types	22
Total Observations	25

🔍 22 signal types · 25 observations collected

This report is generated from 22+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

213.199.54.107📋 Copy