45.141.22.102
IP Intelligence Briefing: 45.141.22.102
Date: 2026-06-15
1. Risk Profile
- Risk Score: 25 (Low Risk)
- Provider: Contabo (ASN 51167)
- Geolocation: Lauterbourg, Germany (Frankfurt am Main registered in data). Geo validation marked *implausible* (potential spoofing or misconfiguration).
- Threat Indicators: No malicious activity detected (no indicators, blacklists, or campaigns).
2. Network Context
- Subnet: 45.141.22.0/24
- Network Role: Cloud compute instance (Contabo) with no active services or open ports.
- Abuse Density: Subnet classified as *mostly_clean* (abuse density 1/10).
- Neighbors: No neighboring IPs found in the subnet (unusual for a /24 block; possible data limitation or isolated host).
3. Historical Observations
- Latest Signal (June 15, 2026):
- Linked to *AS51167 contabo gmbh* with 6 threat pulses (unknown sources).
- Geo signal flagged as *implausible* (400km accuracy radius, but inconsistent with Frankfurt coordinates).
- Threat Persistence: No persistent malicious activity observed.
4. Relationships
- DNS Associations:
- Hostname *vmi3259112.contaboserver.net* (Contabo-managed).
- Network Links:
- Subnet *TT-2021111016* (likely a misclassified or outdated label).
5. Recommendations
- Monitor: Track geo validation anomalies and subnet activity for unexpected changes.
- Investigate: Verify DNS hostname *vmi3259112.contaboserver.net* for potential misuse.
- Check Hosting: Ensure Contabo instance is secured against unauthorized access or misconfiguration.
Conclusion:
The IP is low-risk but exhibits geolocation inconsistencies and an unusual lack of subnet neighbors. While no direct threats are detected, further monitoring is advised to validate the geo signal and ensure cloud instance integrity.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Johannes Selg |
| ASN | AS51167 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | vmi3259112.contaboserver.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | vmi3389205.contaboserver.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 36% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 26% | 2 | 2 |
| Overall | 25% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-24 12:35:03 UTC |
| Last Seen | 2026-06-29 00:13:49 UTC |
| Profile Built | 2026-06-29 06:15:53 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 25 |
Full dossier details are available via our API.