164.68.113.117
IP Intelligence Briefing: 164.68.113.117
Date: 2026-06-09
---
**1. Risk Profile**
- Risk Score: 25 (Low Risk)
- Provider Score: 0
- Authority Score: 0
- Stability Score: 0
- Threat Indicators: None detected (no malware, spam, or known attacker associations).
---
**2. Ownership & Geolocation**
- Owner: Johannes Selg (ASN 51167, Contabo).
- Location: Nuremberg, Germany (BY region).
- Network Role: CloudCompute instance hosted by Contabo (multi-service host).
- ISP: Contabo (Cloud provider).
---
**3. Network & Services**
- Open Ports:
- SSH (port 22) with banner: `SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16`
- HTTP-alt (port 8080) with no banner.
- DNS:
- PTR hostname: `vmi3218038.contaboserver.net`
- No email authentication (SPF/DKIM/MX) detected.
- TLS/HTTP: No SSL/TLS certificate or HTTP title found.
---
**4. Threat & Historical Observations**
- Historical Data (30d):
- Consistent classification as a CloudCompute instance.
- No spikes in risk or suspicious activity.
- BGP Stability: Route stable (no recent changes).
- Threat Feeds: No malicious listings (DNSBL, spam, etc.).
---
**5. Relationships & Neighbors**
- DNS Associations: Multiple references to `vmi3218038.contaboserver.net` (Contabo-hosted).
- Subnet Neighbors (164.68.113.0/24):
- 2 IPs with low risk (abuse density: 0%).
- No malicious activity detected in neighbors.
---
**6. Recommendations**
- No Immediate Action Required: IP is low-risk and associated with a legitimate cloud provider.
- Monitoring: Track for unexpected port activity or DNS changes.
- Firewall: No blocking rules needed unless additional context arises.
Conclusion: 164.68.113.117 is a benign cloud server with no signs of malicious use. Maintain current security posture and monitor for anomalies.
---
*Generated by IPDebrief Threat Intelligence Platform*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Johannes Selg |
| ASN | AS51167 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | vmi3218038.contaboserver.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | vmi3218038.contaboserver.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Multi-Service Host |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| 8080 | http-alt | tcp | โ |
| Closed Ports | 25, 80, 443, 3389, 8443 (2 open / 7 scanned) | ||
| Server | Jetty(12.1.8) |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 31% | 1 | 3 |
| geolocation | 39% | 2 | 3 |
| Overall | 25% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-22 09:11:43 UTC |
| Last Seen | 2026-06-28 18:17:00 UTC |
| Profile Built | 2026-06-29 06:21:37 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 25 |
Full dossier details are available via our API.