194.163.190.128
IP Intelligence Briefing: 194.163.190.128
Date: 2026-06-11
---
**1. Core Profile**
- Risk Score: Moderate (50/100)
- Provider: Contabo (ASN 51167)
- Geolocation:
- Country: France (FR) per DNS lookup, but geolocation data shows Germany (DE).
- City: Lauterbourg, Grand Est region.
- Coordinates: ~51.17°N, 10.45°E.
- Network Role: Cloud compute instance (Hosting / No Services).
- Ownership: Registered to Johannes Selg (Contabo GmbH).
---
**2. Threat Indicators**
- No Active Threats: No malware, spam, or known attacker associations.
- DNSBL Listings (8/8):
- High-severity listings (e.g., Spamhaus, Spamcop) detected in June 2026.
- Last observed in June 2026 with 17 pulse alerts from AlienVault OTX.
- Behavioral Flags:
- No open ports, TLS, or HTTP services detected.
- DNS records resolve to `vmd195751.contaboserver.net` (hosted by Contabo).
---
**3. Observation History**
- Recent Activity (2026-06-11):
- Moderate risk score (50) with 8 DNSBL listings (high severity).
- Geolocation inferred via multi-signal inference (400km accuracy).
- Historical Data (2026-06-01):
- Associated with Düsseldorf, Germany (NW region), with 17 threat pulses.
- DNSBL listings persisted, but no active malicious behavior.
---
**4. Network Relationships**
- DNS Associations:
- Linked to `vmd195751.contaboserver.net` (Contabo-hosted).
- Subnet: Part of `194.163.160.0/19` (Contabo network).
- No Neighboring IPs: Subnet `194.163.190.128/24` has no active or risky sibling IPs.
---
**5. Recommendations**
1. Monitor DNSBL Listings: Investigate why this IP is listed in 8 DNSBLs despite no active threats.
2. Verify Geolocation Discrepancy: Confirm actual location (FR vs. DE) to avoid misattribution.
3. Check Contabo Hosting: Review Contaboβs security practices for shared hosting vulnerabilities.
4. Monitor for New Threats: Track changes in DNS records or network behavior.
---
Note: This IP appears to be a legitimate cloud server with no confirmed malicious activity. However, its DNSBL history suggests potential misuse. Further investigation into its hosting environment and network behavior is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Johannes Selg |
| ASN | AS51167 |
| Network Name | CONTABO |
| CIDR Block | 194.163.160.0/19 |
| RIR | RIPE |
| Country | DE |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | vmd195751.contaboserver.net |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | vmd195751.contaboserver.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 32% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 22% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 29% | 1 | 4 |
| geolocation | 33% | 2 | 3 |
| Overall | 25% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-27 01:07:20 UTC |
| Last Seen | 2026-06-29 03:41:13 UTC |
| Profile Built | 2026-06-29 09:45:12 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 24 |
Full dossier details are available via our API.