161.97.154.151
IP Intelligence Briefing: 161.97.154.151/32
Date: 2026-06-16
---
**1. Risk Assessment**
- Risk Score: 25 (Low Risk)
- Threat Indicators: No malicious activity, spam, or known attacker associations detected.
- DNSBL Listings: Listed in 1 of 8 DNSBLs (low severity).
---
**2. Ownership & Geolocation**
- Registrar: Contabo (AS51167)
- Organization: Johannes Selg
- Geolocation:
- Country: France (FR)
- Region: Grand Est
- City: Paris
- Network Role: Cloud compute instance (hosted by Contabo).
---
**3. Network & Service Analysis**
- Cloud Hosting: Confirmed as a cloud server (Contabo).
- DNS:
- PTR hostname: `vmi3343459.contaboserver.net`
- No SPF/DKIM records detected.
- Open Ports: No services or open ports identified.
- TLS/SSL: No certificate data available.
---
**4. Observation History (30-Day Trend)**
- Stability: No significant changes in risk signals.
- Key Observations:
- Consistent network ownership (Johannes Selg/Contabo).
- DNS records resolved without anomalies.
- Minimal DNSBL activity (1 listing out of 8).
---
**5. Relationships & Neighborhood**
- Linked Entities:
- Subnet: `161.97.128.0/19` (Contabo network).
- Hostname: `vmi3343459.contaboserver.net`.
- Subnet Analysis:
- No neighboring IPs found (likely due to /32 subnet).
- Subnet abuse density: 0% (low risk).
---
**6. Recommended Actions**
1. Monitor DNSBL Listings: Investigate the single DNSBL listing to confirm legitimacy.
2. Verify Cloud Configuration: Ensure Contabo instance adheres to security best practices.
3. Continuous Monitoring: Track DNS and network changes due to cloud-hosted nature.
---
Source: IPDebrief Threat Intelligence Platform
Note: No immediate mitigation required; low-risk but warrant periodic review.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Johannes Selg |
| ASN | AS51167 |
| Network Name | CONTABO |
| CIDR Block | 161.97.128.0/19 |
| RIR | ARIN |
| Country | DE |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | vmi3343459.contaboserver.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | vmi3343459.contaboserver.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | Apache/2.4.52 (Ubuntu) |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15 |
๐ TLS Certificate
| SANs | api.motocaz.ma |
| Valid From | 2026-04-25T07:56:59+00:00 |
| Valid Until | 2026-07-24T07:56:58+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha256RSA |
| Validity Period | 89 days |
| Serial Number | 065117FBE447BA73622619DBDBAD8B4C44E2 |
| Thumbprint | F4E097F4B4BB036D1E2DEA005749BD3755712D48 |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 3 |
| routing | 17% | 1 | 1 |
| services | 35% | 2 | 3 |
| ownership | 35% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 17% | 1 | 1 |
| Overall | 26% | 9 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-06-09 14:17:37 UTC |
| Last Seen | 2026-06-21 16:14:33 UTC |
| Profile Built | 2026-06-21 16:22:03 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 26 |
Full dossier details are available via our API.