94.72.99.248
# IP Intelligence Briefing: 94.72.99.248/32
## Executive Summary
IP 94.72.99.248 presents a LOW RISK threat profile with a risk score of 25. The address is associated with Contabo cloud infrastructure in Germany and exhibits no active threat indicators. No blocking actions are recommended at this time.
## Technical Profile
Risk Score: 25 (Low)
Provider: Contabo (ASN 51167)
Organization: Johannes Selg
Geolocation: Germany (DE), Swidnik (51.17°N, 10.45°E)
Infrastructure Type: CloudCompute / Hosting
Network Role: Firewalled / No Services
DNS Resolution: vmi3269433.contaboserver.net
Open Ports: None detected
## Threat Indicators
- Tor Exit Node: No
- Known Attacker: No
- Spam Source: No
- Blacklist Count: 0
- DNSBL Listed: 1 of 8 total lists
- Active Threats: None observed
- Campaign Likelihood: None
## Network Context
Subnet: 94.72.99.0/24
Abuse Density: 0 (Low)
Classification: Mostly Clean
Neighbor Analysis: 3 sibling IPs identified, all with low-risk scores (25) and authority scores (50-60). No high or medium-risk neighbors detected.
## Historical Observations
Analysis of 25 historical observations indicates stable infrastructure classification. The IP consistently resolved to Contabo cloud hosting without significant changes in infrastructure type or geographic location. One threat observation was recorded in the history, but no persistent malicious activity was confirmed.
## Relationships
- DNS Associations: vmi3269433.contaboserver.net (multiple records)
- Network Relationships: TT-20240214 (same network)
- Total Relationships: 54
## Recommended Actions
No immediate blocking or firewall rules are recommended based on current risk profile. The IP operates in a firewalled state with no open services. Monitor for any changes in network role or threat indicators.
---
Classification: LOW RISK
Last Updated: Current analysis period
Analyst Notes: Standard monitoring recommended. No immediate defensive action required.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Johannes Selg |
| ASN | AS51167 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | vmi3269433.contaboserver.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | vmi3269433.contaboserver.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | nginx/1.28.0 |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 22% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 20% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 23% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-20 17:49:15 UTC |
| Last Seen | 2026-06-28 12:30:57 UTC |
| Profile Built | 2026-06-29 06:36:41 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 27 |
Full dossier details are available via our API.