194.163.139.99
IP Intelligence Briefing: 194.163.139.99
Date: 2026-06-16
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Provider: Contabo (Cloud Hosting)
- Geolocation: Lauterbourg, Grand Est, Germany (51.17°N, 10.45°E)
- Network Role: CloudCompute instance (no open services, firewalled)
- Ownership: Unregistered ASN/Organization (potential misconfigured or private IP)
---
**2. Threat Indicators**
- DNSBL Listing: 1/8 DNS blacklists (low severity, likely false positives).
- No Malicious Activity: No known campaigns, spam, or exploit indicators.
- Stability: Stable network route (BGP prefix: 194.163.128.0/18).
---
**3. Historical Observations**
- Recent Signals (30-day window):
- DNS resolution to `vmi659485.contaboserver.net`.
- Geolocation consistency (Germany).
- Minor DNSSEC validation and BGP route stability.
- Trend: No significant changes in risk profile.
---
**4. Network Relationships**
- DNS Associations:
- Resolves to `vmi659485.contaboserver.net` (Contabo subdomain).
- BGP Neighbors:
- Subnet: `194.163.139.0/24` (abuse density: 0%).
- Neighboring IP `194.163.139.224` (risk score: 30, moderate risk).
---
**5. Actionable Insights**
- Monitor: The Contabo subdomain (`vmi659485.contaboserver.net`) for unexpected activity.
- Investigate: Verify DNSBL listing (potential false positive or misconfigured host).
- Network Segmentation: Isolate cloud instances in subnets with higher-risk neighbors (e.g., `194.163.139.224`).
- Firewall: Consider allowing traffic only to trusted subnets to mitigate potential lateral movement.
---
Conclusion: This IP is a low-risk cloud compute instance with no immediate threats. However, the DNSBL listing and neighboring IPs warrant closer monitoring. SOC teams should ensure proper access controls and validate DNS configurations for associated hosts.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Johannes Selg |
| ASN | AS51167 |
| Network Name | CONTABO |
| CIDR Block | 194.163.128.0/19 |
| RIR | RIPE |
| Country | DE |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | vmi659485.contaboserver.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | vmi659485.contaboserver.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 2 |
| routing | 17% | 1 | 1 |
| services | 17% | 1 | 1 |
| ownership | 35% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 35% | 2 | 3 |
| Overall | 24% | 9 | 12 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-06-11 09:03:09 UTC |
| Last Seen | 2026-06-21 18:37:49 UTC |
| Profile Built | 2026-06-21 18:43:39 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 22 |
Full dossier details are available via our API.