62.171.176.65

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING

Target: 62.171.176.65/32

Date: 2026-06-21

Classification: Low Risk / Defensive

---

## EXECUTIVE SUMMARY

IP address 62.171.176.65 is a Contabo cloud-hosted virtual machine with a low-risk reputation score of 25. The asset hosts legitimate web infrastructure for divadentclinics.com with standard nginx/1.24.0 configuration. No active threat indicators, blacklist listings, or malicious activity observed.

---

## OWNERSHIP & INFRASTRUCTURE

Attribute	Value
ASN	AS51167 (Contabo GmbH)
Organization	Johannes Selg / CONTABO
CIDR Block	62.171.160.0/19
Location	Nuremberg, Germany (DE)
Infrastructure Type	Cloud Compute / VPS
DNS Hostname	vmi3025165.contaboserver.net

---

## NETWORK CLASSIFICATION

Provider: Contabo (Cloud hosting provider)
Connection Type: Cloud infrastructure
Service Role: Web Server
TLS Certificate: Let's Encrypt (divadentclinics.com, www.divadentclinics.com)
Open Ports: 80/tcp, 443/tcp, 8080/tcp
HTTP Status: 301 (Permanent Redirect)
Security Headers: HTTP/2 enabled; HSTS not present; CSP absent

---

## THREAT ASSESSMENT

Indicator	Status
Risk Score	25 (Low)
Abuse Confidence Score	Not applicable
Blacklist Count	0
Known Campaigns	None
Is Known Attacker	False
Is Spam Source	False
Is Tor Exit Node	False
Threat Persistence	0 days

---

## OBSERVATION HISTORY

Total Observations: 23
Recent Classification: Cloud compute infrastructure (Contabo)
HTTP Fingerprint: nginx/1.24.0 (Ubuntu)
Temporal Stability: No ownership changes observed
Threat Indicators: No active threat signals in recent history

---

## NETWORK NEIGHBORHOOD

Subnet: 62.171.176.65/24
Abuse Density: 0 (Clean)
Classification: Clean
Total Siblings: 2 (1 active)
Threat Siblings: 0
Neighbor IP: 62.171.176.27 (Risk Score: 25, Authority Score: 60)

---

## RELATIONSHIP ANALYSIS

Primary Association: CONTABO network (multiple relationships)
DNS Associations: vmi3025165.contaboserver.net
External Correlations: None detected
Network Stability: Stable with no route changes

---

## SECURITY RECOMMENDATIONS

Based on current risk profile (25/100), no immediate blocking or mitigation actions required. The IP represents legitimate cloud hosting infrastructure with no malicious indicators.

Standard Operating Procedures:

Monitor for behavioral changes consistent with Compromised Host indicators
Treat as trusted infrastructure if receiving legitimate traffic
No firewall rules recommended at this time

---

## CONCLUSION

IP 62.171.176.65 operates as a standard web server within Contabo's cloud infrastructure. The asset shows no evidence of malicious activity, with clean neighborhood classification and standard web hosting characteristics. SOC teams may treat this IP as low-risk and routine infrastructure requiring no special handling unless additional threat intelligence emerges.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇩🇪 Germany
Region	BY
City	Nuremberg
Timezone	Europe/Berlin
Latitude	51.17
Longitude	10.45

🏢 Ownership & Registration

Organization	Johannes Selg
ASN	AS51167
Network Name	CONTABO
CIDR Block	62.171.160.0/19
RIR	RIPE
Country	DE
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	vmi3025165.contaboserver.net
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`vmi3025165.contaboserver.net`

🔐 DNS Hygiene

Hygiene Score	40% (Fair)
SPF	0/2 domains
DMARC	0/2 domains
FCrDNS	Verified
DNSSEC	Valid
CAA	Not configured
Domains Checked	2 domains

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Tier 3 — Basic operator with some routing infrastructure

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
443	https	tcp	—
8080	http-alt	tcp	—
Closed Ports	22, 25, 3389, 8443 (3 open / 7 scanned)

Server	nginx/1.24.0 (Ubuntu)
HTTP Title	—

🔐 TLS Certificate

🔒

CN=divadentclinics.com

Issued by CN=E7, O=Let's Encrypt, C=US

Self-signed: No

SANs	divadentclinics.comwww.divadentclinics.com
Valid From	2026-05-17T11:05:10+00:00
Valid Until	2026-08-15T11:05:09+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_256_GCM_SHA384
Signature Algorithm	sha384ECDSA
Validity Period	89 days
Serial Number	05B0A7953F8F73597F07CB81B742A956A91E
Thumbprint	37E42D77CC1D40E55012A98592CD393D25C3FACC

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	27%	2	4
routing	13%	1	1
services	27%	2	3
ownership	27%	2	3
reputation	22%	1	3
geolocation	33%	2	4
Overall	25%	10	18

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-30 10:59:43 UTC
Last Seen	2026-06-29 07:48:03 UTC
Profile Built	2026-06-29 07:56:44 UTC
Data Freshness	Live
Signal Types	24
Total Observations	26

🔍 24 signal types · 26 observations collected

This report is generated from 24+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

62.171.176.65📋 Copy