185.218.126.91
IP Intelligence Briefing: 185.218.126.91
Date: 2026-05-31
---
**Risk Profile**
- Risk Score: 25 (Low Risk)
- Provider: Contabo (Cloud Compute Hosting)
- Ownership: Registered to Johannes Selg (ASN 51167, RIPE)
- Geolocation: Lauterbourg, Grand Est, Germany (51.17°N, 10.45°E)
---
**Threat Indicators**
- Malicious Activity: No detected threats, spam, or attacker associations.
- DNS: Resolves to `vmi3044256.contaboserver.net` (no email authentication configured).
- Network Role: CloudCompute instance (no open services, no TLS certificates).
---
**Observation History**
- Last 30 Days:
- Single observation recorded (no persistent threats or ownership changes).
- Stability score: 0 (no long-term network consistency).
- Geolocation inferred with 400km accuracy radius.
---
**Network Relationships**
- Subnet: 185.218.126.0/24 (classified as "clean" with 0 abuse density).
- Associations:
- Linked to `TT-2021092906` subnet (same network).
- No other notable connections or shared threats.
---
**Neighbor Analysis**
- Subnet Neighbors: 0 active IPs identified in the 185.218.126.0/24 range.
- Abuse Density: 0% (low risk for subnet-wide compromise).
---
**Actionable Recommendations**
- Monitoring: Track changes in network behavior or service exposure (no immediate action required).
- Firewall: No recommended rules due to low risk profile.
- Domain Check: Verify `contaboserver.net` for security compliance (no SPF/DMArc configured).
---
Conclusion:
185.218.126.91 is a low-risk, cloud-hosted server with no malicious indicators. It is associated with a single domain and resides in a clean subnet. No immediate defensive action is required, but ongoing monitoring is advised for unusual activity.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Johannes Selg |
| ASN | AS51167 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | vmi3044256.contaboserver.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | vmi3044256.contaboserver.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_8.7 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 31% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 22% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-16 02:54:53 UTC |
| Last Seen | 2026-06-28 03:03:09 UTC |
| Profile Built | 2026-06-28 21:07:33 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 27 |
Full dossier details are available via our API.