5.189.189.33

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP INTELLIGENCE BRIEFING

Target IP: 5.189.189.33/32

---

EXECUTIVE SUMMARY

IP 5.189.189.33 is a low-risk Contabo hosting server located in Germany, associated with the zyneventures.com domain. The IP presents minimal threat indicators and shows stable operational characteristics over the observation period.

---

INFRASTRUCTURE PROFILE

Network Classification:

Provider: Contabo (ASN: 51167, RIR: RIPE)
Organization: Johannes Selg
Infrastructure Type: Cloud Computing / Web Hosting
Network Role: Web Server (nginx/1.24.0 on Ubuntu)

Geolocation:

Country: Germany (DE)
Region/City: Grand Est, Lauterbourg
Coordinates: 51.17°N, 10.45°E
Timezone: Europe/Berlin
RTT: 106-111ms (5 probes)
Geo Validation: Plausible (400km accuracy radius)

DNS Resolution:

PTR Hostname: vmi3102423.contaboserver.net
Forward Resolution: Forward confirmed to same hostname
Domain: contaboserver.net
HTTP Status: 404 Not Found

---

THREAT ASSESSMENT

Risk Score: 25 (Low Risk)

Provider Score: 0
Authority Score: 0
Abuse Confidence Score: Not applicable

Threat Indicators:

Blacklist Count: 0
Known Campaigns: None
Tor Exit Node: False
Known Attacker: False
Spam Source: False

Control Plane:

BGP Prefix: 5.189.176.0/20
Route Stability: Unstable (route changes in 30d: 0)
DNSBL Listed: 1 of 8 total lists
Operator Score: 0.2609 (Basic)

---

NEIGHBORHOOD ANALYSIS

Subnet: 5.189.189.33/24

Abuse Density: 1 (Low)
Classification: Mostly Clean
Total Siblings: 2
Active Siblings: 2
Threat Siblings: 2 (Historical)

Neighbor IP Risk Distribution:

High Risk: 0
Medium Risk: 0
Low Risk: 1

Notable Neighbor: 5.189.189.216 (Risk Score: 0)

---

OBSERVATION HISTORY

Total Observations: 25 signals over monitoring period

Key Historical Signals:

June 2026: Multiple observations confirming cloud/hosting infrastructure, HTTPS configuration, and DNS records
HTTP Fingerprint: nginx/1.24.0 (Ubuntu), HTTP/1.1 only
TLS Certificate: Let's Encrypt (CN=al-v2.zyneventures.com)
DNS Records: SPF and DMARC configured for zyneventures.com domain
Subnet Classification: Consistently "mostly_clean" with low inherited risk (5)

Temporal Analysis:

Ownership Changes: 0
Threat Persistence: 0 days
Persistent Malicious Activity: False

---

RELATED ENTITIES

DNS Associations:

vmi3102423.contaboserver.net (multiple associations)

Network Associations:

CONTABO (same network)

---

SECURITY RECOMMENDATIONS

Risk Score: 25 (Low Risk)

Recommended Actions: None required at this time

Monitoring Considerations:

IP shows standard web server behavior with no malicious indicators
Historical data indicates consistent low-risk classification
No firewall rules required based on current risk profile

Actionable Intelligence: This IP represents a legitimate Contabo hosting instance with no current threat indicators. Standard monitoring practices apply. No blocking or firewall rules recommended.

---

Report Generated: Based on full profile, history, relationships, and neighborhood analysis

Risk Classification: Low Risk

Confidence Level: High

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇩🇪 Germany
Region	Grand Est
City	Lauterbourg
Timezone	Europe/Berlin
Latitude	51.17
Longitude	10.45

🏢 Ownership & Registration

Organization	Johannes Selg
ASN	AS51167
Network Name	—
CIDR Block	—
RIR	RIPE
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	vmi3102423.contaboserver.net
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`vmi3102423.contaboserver.net`

🔐 DNS Hygiene

Hygiene Score	80% (Excellent)
SPF	1/2 domains
DMARC	1/2 domains
FCrDNS	Verified
DNSSEC	Valid
CAA	Not configured
Domains Checked	2 domains

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
443	https	tcp	—
Closed Ports	22, 25, 80, 3389, 8080, 8443 (1 open / 7 scanned)

Server	nginx/1.24.0 (Ubuntu)
HTTP Title	—

🔐 TLS Certificate

🔒

CN=al-v2.zyneventures.com

Issued by CN=YE2, O=Let's Encrypt, C=US

Self-signed: No

SANs	al-v2.zyneventures.com
Valid From	2026-06-08T03:43:11+00:00
Valid Until	2026-09-06T03:43:10+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_256_GCM_SHA384
Signature Algorithm	sha384ECDSA
Validity Period	89 days
Serial Number	053F8A81956A01BB15812097EBF214D693B2
Thumbprint	6D4ED97BA1DEDAF5789EF3C94AB5C519DD4CE3DE

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	29%	2	4
routing	13%	1	1
services	30%	2	3
ownership	24%	2	3
reputation	26%	1	3
geolocation	33%	2	3
Overall	26%	10	17

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-17 09:11:16 UTC
Last Seen	2026-06-28 04:57:37 UTC
Profile Built	2026-06-28 23:03:39 UTC
Data Freshness	Live
Signal Types	25
Total Observations	29

🔍 25 signal types · 29 observations collected

This report is generated from 25+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

5.189.189.33📋 Copy

**EXECUTIVE SUMMARY**

**INFRASTRUCTURE PROFILE**

**THREAT ASSESSMENT**

**NEIGHBORHOOD ANALYSIS**

**OBSERVATION HISTORY**

**RELATED ENTITIES**

**SECURITY RECOMMENDATIONS**