207.180.249.54
## INTELLIGENCE BRIEFING: IP Address 207.180.249.54/32
Classification: Cloud Infrastructure / Low Risk
Date: 2026-06-22
Analyst: IPDebrief Intelligence Team
---
EXECUTIVE SUMMARY
IP address 207.180.249.54 is assigned to CONTABO (AS51167) under the organization Johannes Selg. The IP resolves to vmi3269209.contaboserver.net and operates within a cloud compute infrastructure environment. Current risk assessment indicates low threat activity with a risk score of 25. No active service ports were detected, and the IP is classified as a firewalled cloud host with no publicly accessible services.
---
OWNERSHIP & GEOGRAPHY
- Organization: Johannes Selg (CONTABO)
- AS Number: AS51167
- CIDR Block: 207.180.224.0/19
- Primary Location: Paris, Grand Est, France (Europe/Paris timezone)
- RIR: ARIN
- Registration: Via RDAP abuse contact
Geolocation data shows some inconsistency across sources, with historical observations indicating Nuremberg, Germany. Multiple geo sources (2) contributed to the consensus location.
---
NETWORK CLASSIFICATION
- Infrastructure Type: Cloud Compute (Hosting)
- DNS Resolution: vmi3269209.contaboserver.net
- Service Status: Firewalled / No Services Detected
- Reverse DNS: Forward confirmed
- TLS/HTTPS: No certificates detected
- Email Authentication: No SPF or DMARC records configured
---
THREAT INDICATORS
Current threat assessment shows no active indicators. Blacklist status indicates one active listing from eight total lists with high severity rating. No Tor exit node activity, known attacker signatures, or spam source classifications were observed.
Historical Threat Activity:
- 16 signal observations recorded
- Blacklist listings detected with high severity in recent history
- No persistent malicious behavior patterns identified
- Threat persistence days: 0
---
NEIGHBORHOOD ANALYSIS
The /24 subnet (207.180.249.0/24) contains minimal activity:
- Total Neighbors: 1 (207.180.249.211)
- Abuse Density: 0%
- Neighbor Risk Score: 0
- Classification: Low Risk
No significant threat siblings were identified in the immediate neighborhood.
---
RELATIONSHIP GRAPH
Four relationships were identified:
- DNS Associations: vmi3269209.contaboserver.net (appears twice)
- Network Associations: CONTABO network (appears twice)
No certificate or organizational relationships beyond DNS and network-level associations were detected.
---
CONTROL PLANE DATA
- BGP Prefix: 207.180.248.0/23
- Origin ASN: AS51167
- Route Stability: Not stable (route changes observed in 30-day window)
- RPKI State: Not validated
- DNSSEC: Valid
- DNSBL Listings: 1 active listing out of 8 total
- Traceroute: 30 hops, 21 timed out hops, first hop 0.2ms, last hop 112.7ms
---
OBSERVATION HISTORY
Recent activity (2026-06-22) indicates:
- ASN attribution: AS51167 contabo gmbh
- Geolocation variance: Paris, France vs. Nuremberg, Germany
- Blacklist activity: 8 total lists with 1 currently active at high severity
- DNSSEC validation confirmed
- No ownership changes observed
- Average ownership duration: Not established
---
RECOMMENDATIONS
Based on the low risk profile and firewalled status:
1. Monitoring: Continue passive monitoring; no immediate blocking required
2. Allowlisting: Consider allowlisting for expected cloud infrastructure traffic
3. Threat Detection: Monitor for any service activation on previously closed ports
4. Geolocation Verification: Investigate location discrepancy between Paris and Nuremberg sources
---
END BRIEFING
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Johannes Selg |
| ASN | AS51167 |
| Network Name | CONTABO |
| CIDR Block | 207.180.224.0/19 |
| RIR | ARIN |
| Country | DE |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | vmi3269209.contaboserver.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | vmi3269209.contaboserver.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 0% | 0 | 0 |
| routing | 0% | 0 | 0 |
| services | 0% | 0 | 0 |
| ownership | 25% | 1 | 2 |
| reputation | 0% | 0 | 0 |
| geolocation | 0% | 0 | 0 |
| Overall | 4% | 1 | 2 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-06-20 05:51:25 UTC |
| Last Seen | 2026-06-22 03:46:48 UTC |
| Profile Built | 2026-06-22 03:54:24 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 19 |
Full dossier details are available via our API.