37.60.226.253
# IP Intelligence Briefing: 37.60.226.253/32
## Executive Summary
IP address 37.60.226.253 is a cloud hosting endpoint operated by Contabo (ASN 51167) with a low-risk profile. The IP is registered to Johannes Selg and geolocated to Lauterbourg, Grand Est, Germany. Current threat indicators show no active malicious behavior, with zero blacklist listings and no known attack campaigns associated.
## Profile Data
Risk Assessment:
- Risk Score: 25/100 (Low Risk)
- Reputation: Low Risk
- Authority Score: 0
- Provider Score: 0
- Stability Score: 0
Ownership & Registration:
- Organization: Johannes Selg
- ASN: 51167
- RIR: RIPE
- Abuse Contact: Available via RDAP
Geolocation:
- Country: Germany (DE)
- Region: Grand Est
- City: Lauterbourg
- Coordinates: 51.17°N, 10.45°E
- Accuracy Radius: 400km
- Geo Consensus: Confirmed
Network Infrastructure:
- Infrastructure Type: CloudCompute
- Hosting Provider: Contabo
- Connection Type: Cloud/Hosting
- Is Cloud: Yes
- Is Hosting: Yes
- CIDR Block: 37.60.224.0/20
DNS Analysis:
- PTR Hostname: vmi3274785.contaboserver.net
- Forward Resolution: Confirmed (1 hostname)
- Email Authentication: No SPF/DMARC records
- Domain: contaboserver.net
Services:
- Open Ports: None detected
- TLS Certificate: None
- HTTP Title: None
- Server Banner: None
- Service Purpose: Firewalled / No Services
## Threat Indicators
Malicious Activity:
- Threat Indicators: None detected
- Known Attacker: No
- Spam Source: No
- Tor Exit Node: No
- Blacklist Count: 0
- Known Campaigns: None
- Pulsedive Risk: Not applicable
Control Plane:
- BGP Prefix: 37.60.224.0/20
- Route Stability: Unstable (route changes in last 30 days)
- RPKI State: Not available
- DNSSEC Valid: Yes
- DNSBL Listed: 1 out of 8 total lists
## Observation History
Total Observations: 22 signals
Recent Activity:
- 2026-06-27: Hostname resolution (vmi3274785.contaboserver.net)
- 2026-06-19: Subnet classification "mostly_clean" with abuse density 1
- 2026-06-14: Provider identification (Contabo)
Temporal Analysis:
- Ownership Changes: 0
- Threat Persistence Days: 0
- Is Persistently Malicious: No
- Threat Observation Count: 1
## Relationship Graph
Total Relationships: 58
Key Connections:
- 58 relationships detected, primarily "Same Network" type relationships
- Network identifier TT-20240125 appears in multiple relationship entries
## Neighborhood Analysis (37.60.226.0/24)
Subnet Metrics:
- Subnet: 37.60.226.0/24
- Abuse Density: 0
- Classification: Mostly Clean
- Inherited Risk: 5
Sibling IPs:
- Total Siblings: 2
- Active Siblings: 2
- Threat Siblings: 2
Neighbor Details:
- 37.60.226.219: Risk Score 25, Authority Score 60
## Recommended Actions
Security Recommendations:
- No specific firewall rules or blocking actions recommended at this time
- The IP presents low-risk characteristics with no active threat indicators
SOC Guidance:
- Monitor for service activation (currently no open ports)
- Review for any changes in hostname resolution
- Track for any emergence of blacklist listings
- Consider neighborhood monitoring for subnet 37.60.226.0/24
---
*Report generated from IPDebrief intelligence platform data. All information is based on observed signals and should be correlated with other threat intelligence sources before operational action.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Johannes Selg |
| ASN | AS51167 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | vmi3274785.contaboserver.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | vmi3274785.contaboserver.net |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 21% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-13 06:38:24 UTC |
| Last Seen | 2026-06-27 22:53:18 UTC |
| Profile Built | 2026-06-28 16:58:15 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 24 |
Full dossier details are available via our API.