75.119.157.58
# IP Intelligence Briefing: 75.119.157.58/32
Classification: Low Risk (Risk Score: 25)
Date: Current as of latest observations
Analyst: IPDebrief Intelligence Division
---
## Executive Summary
IP address 75.119.157.58 is a low-risk cloud hosting endpoint operated by Contabo (ASN 51167). The IP is geolocated to Lauterbourg, Grand Est, Germany, and hosts the domain prod.agootech.com. No active threat indicators or malicious campaigns were detected. The subnet demonstrates clean abuse density with no neighboring threats identified.
---
## Network & Ownership Profile
| Attribute | Value |
|---|---|
| **IP Address** | 75.119.157.58/32 |
| **ASN** | 51167 (CONTABO) |
| **Organization** | Johannes Selg / CONTABO |
| **CIDR Block** | 75.119.144.0/20 |
| **Geolocation** | DE, Grand Est, Lauterbourg |
| **Infrastructure** | Cloud Computing / Hosting |
| **RIR** | ARIN |
The IP is classified as a cloud hosting provider with active web server functionality. No VPN, proxy, or Tor exit node characteristics present.
---
## Service & DNS Analysis
Open Ports: TCP/443 (HTTPS)
Reverse DNS: vmi3320052.contaboserver.net
Forward Resolution: contaboserver.net
TLS Certificate: Let's Encrypt (CN=prod.agootech.com)
Web Server: Apache/2.4.58 (Ubuntu)
HTTP Version: 1.1
The domain agootech.com has SPF configured (v=spf1 include:spf.titan.email ~all) but lacks DMARC policy records. DNSSEC validation is active.
---
## Threat Indicators
| Indicator | Status |
|---|---|
| **Threat Indicators** | None detected |
| **Known Attacker** | No |
| **Spam Source** | No |
| **Tor Exit Node** | No |
| **Blacklist Count** | 0 |
| **DNSBL Listed** | 1 of 8 lists |
| **Campaign Likelihood** | None |
| **Cert Matches** | 0 |
| **Correlated IPs** | 0 |
No evidence of malicious activity or threat actor attribution.
---
## Neighborhood Assessment
Subnet: 75.119.157.58/24
Abuse Density: 0 (Clean)
Total Siblings: 1
Active Siblings: 1
Threat Siblings: 0
The /24 subnet demonstrates no abuse activity. No inherited risk from neighboring IPs.
---
## Relationship Graph
Total Relationships: 28
Primary Associations:
- CONTABO network (multiple instances)
- vmi3320052.contaboserver.net (DNS associations)
Relationships are consistent with expected cloud hosting infrastructure patterns.
---
## Observation History
Total Observations: 22
Recent Activity: 2026-06-16
Key historical signals:
- HTTP fingerprinting (Apache/2.4.58, 200 status)
- DNS configuration (SPF present, DMARC absent)
- Threat listings (1 of 8 lists, high severity noted in one observation)
The IP has demonstrated stable characteristics over the observation period with no escalation of threat posture.
---
## Control Plane Data
| Attribute | Value |
|---|---|
| **BGP Prefix** | 75.119.128.0/19 |
| **Route Stable** | False |
| **RPKI State** | Not assessed |
| **DNSSEC** | Valid |
| **IRR Consistency** | Not assessed |
| **Delegation Age** | Not available |
---
## Recommended Actions
Risk Score: 25 (Low)
Recommendations: None required
Given the low risk profile and absence of active threat indicators, no immediate blocking or mitigation actions are recommended. The IP represents standard cloud hosting infrastructure.
---
## Intelligence Notes
1. The IP operates on Contabo's cloud infrastructure, a legitimate European hosting provider
2. The domain agootech.com appears to be a legitimate business endpoint
3. One DNSBL listing detected requires monitoring but does not indicate active abuse
4. No campaign correlation or certificate-based threat indicators present
5. Neighbor subnet analysis confirms clean abuse density
SOC Analyst Guidance: No action required. Monitor for changes in threat indicators or behavior escalation.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Johannes Selg |
| ASN | AS51167 |
| Network Name | CONTABO |
| CIDR Block | 75.119.144.0/20 |
| RIR | ARIN |
| Country | DE |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | vmi3320052.contaboserver.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | vmi3320052.contaboserver.net |
๐ DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | 1/2 domains |
| DMARC | 0/2 domains |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
| Domains Checked | 2 domains |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 443 | https | tcp | โ |
| Closed Ports | 22, 25, 80, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | Apache/2.4.58 (Ubuntu) |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | prod.agootech.com |
| Valid From | 2026-05-25T17:29:03+00:00 |
| Valid Until | 2026-08-23T17:29:02+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha384ECDSA |
| Validity Period | 89 days |
| Serial Number | 0551D9E2B9E979B9E138A61E1E2E91F1475F |
| Thumbprint | D598ECAC2E60E96F2D7BCBB0594E7610E74E8B85 |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 27% | 2 | 3 |
| ownership | 27% | 2 | 3 |
| reputation | 13% | 1 | 2 |
| geolocation | 31% | 2 | 3 |
| Overall | 23% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-29 05:55:52 UTC |
| Last Seen | 2026-06-29 06:17:24 UTC |
| Profile Built | 2026-06-29 06:23:56 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 24 |
Full dossier details are available via our API.