185.194.216.197
IP Intelligence Briefing: 185.194.216.197
Date: 2026-06-16
---
**1. IP Profile**
- Risk Score: 25 (Low Risk)
- Provider: Contabo (Cloud Hosting)
- Geolocation:
- Country: France (FR) | City: Paris
- Coordinates: Latitude: 48.8588, Longitude: 2.3200 (approximate)
- Network Role:
- CloudCompute infrastructure (Contabo)
- No open ports or services detected
- BGP prefix: 185.194.216.0/23 (Contabo ASN: 51167)
- Threat Indicators:
- No malicious activity, spam, or known attacker associations
- DNSBL Listing: 1/8 DNSBL lists (low severity)
---
**2. Observation History**
- Recent Signals:
- Geolocation Conflict: One observation linked to Germany (DE) via Cymru-country data.
- DNSBL Listing: 1/8 DNSBL lists (likely benign, but requires verification).
- DNS Resolution: Resolves to vmi3318013.contaboserver.net (Contabo-hosted).
- Trend: No significant changes in risk or activity over time.
---
**3. Relationships**
- DNS Associations:
- Hostname: `vmi3318013.contaboserver.net` (Contabo cloud instance).
- Network Links:
- BGP peer: AS51167 (Contabo GmbH, Germany).
- No linked certificates or hostnames.
---
**4. Neighborhood Analysis**
- Subnet: 185.194.216.0/23
- Neighbor Data:
- 0 active IPs in subnet (no siblings detected).
- Subnet abuse density: 0% (low risk).
---
**5. Recommendations**
- Monitor: DNSBL listings and verify if the entry is false positive.
- Verify: Cross-check geolocation discrepancies (France vs. Germany).
- Baseline: No immediate action required due to low risk profile.
- Context: Likely a legitimate cloud instance (Contabo) with no active threats.
Conclusion: This IP is associated with a cloud hosting provider and shows no signs of malicious activity. The DNSBL listing and geolocation conflict warrant further investigation, but the overall risk remains low. SOC teams should prioritize monitoring for unexpected changes in behavior.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Johannes Selg |
| ASN | AS51167 |
| Network Name | TT-2021111001 |
| CIDR Block | 185.194.216.0/23 |
| RIR | RIPE |
| Country | DE |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | vmi3318013.contaboserver.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | vmi3318013.contaboserver.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 40% | 2 | 3 |
| routing | 17% | 1 | 1 |
| services | 17% | 1 | 1 |
| ownership | 35% | 2 | 3 |
| reputation | 32% | 1 | 3 |
| geolocation | 17% | 1 | 1 |
| Overall | 26% | 8 | 12 |
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Moderate (55%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-06-08 01:59:33 UTC |
| Last Seen | 2026-06-21 14:26:08 UTC |
| Profile Built | 2026-06-21 14:31:50 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 22 |
Full dossier details are available via our API.