161.97.118.225
IP Intelligence Briefing: 161.97.118.225
Date: 2026-06-16
---
**1. Core Profile**
- Risk Score: 0 (Low Risk)
- Provider: Contabo (CloudCompute / Hosting)
- Geolocation: France (Paris), Grand Est region
- Network Role: Cloud-hosted infrastructure (no open services detected)
- Ownership: Unregistered ASN (51167) and organization details are missing from records.
---
**2. Threat Observations**
- Historical Activity (Last 30 Days):
- 12 signals recorded, including DNS records, domain listings, and BGP prefix data.
- No confirmed malicious indicators (no spam, phishing, or attack campaigns).
- One high-confidence observation (0.85) referenced domain "contaboserver.net," but no malicious activity confirmed.
- Threat Indicators: Zero abuse confidence scores, no blacklisted domains, or known attacker associations.
---
**3. Network Relationships**
- Connected Entities: No relationships or linked subnets detected.
- Subnet Context:
- Subnet: 161.97.118.0/23
- Abuse density: 0%
- Single neighbor: 161.97.118.193 (risk score 25/100, authority score 60/100).
---
**4. Behavioral Analysis**
- Services: No open ports, TLS certificates, or HTTP banners detected.
- DNS: No PTR records or email authentication (SPF/DKIM) configured.
- BGP: Registered with RIPE NCC (ASN 51167, Contabo GmbH).
---
**5. Recommendations**
- Monitoring: Track neighbor IP 161.97.118.193 for potential lateral movement or shared infrastructure risks.
- Firewall: No immediate blocking required; the IP shows no malicious behavior.
- Investigation: Verify ownership details (missing ASN/org) and confirm DNS activity for "contaboserver.net."
---
Conclusion: 161.97.118.225 is a low-risk Contabo cloud instance with no confirmed malicious activity. Focus on subnet neighbors and verify ownership data for completeness.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Johannes Selg |
| ASN | AS51167 |
| Network Name | CONTABO |
| CIDR Block | 161.97.64.0/18 |
| RIR | ARIN |
| Country | DE |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | vmi2851893.contaboserver.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | vmi2851893.contaboserver.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 40% | 2 | 3 |
| routing | 17% | 1 | 1 |
| services | 17% | 1 | 1 |
| ownership | 35% | 2 | 3 |
| reputation | 32% | 1 | 3 |
| geolocation | 17% | 1 | 1 |
| Overall | 26% | 8 | 12 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-06-10 02:36:49 UTC |
| Last Seen | 2026-06-21 16:57:48 UTC |
| Profile Built | 2026-06-21 17:49:18 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 22 |
Full dossier details are available via our API.