95.111.228.188
IP Intelligence Briefing: 95.111.228.188
Date: June 12, 2026
---
**1. Risk Profile**
- Risk Score: 65/100 (Moderate Risk)
- Provider: Contabo (Cloud Compute)
- Geolocation: Germany (Lauterbourg, Grand Est region), latitude 51.17, longitude 10.45.
- Network Role: Cloud-hosted virtual machine (no active services or open ports detected).
- Threat Indicators: No malicious activity, spam, or known attacker associations.
---
**2. Ownership & Infrastructure**
- ASN: 51167 (Contabo)
- Organization: Johannes Selg (Contabo customer)
- Subnet: 95.111.228.0/23 (clean, no abuse density).
- DNS: Associated with `vmi3327323.contaboserver.net` (no public domain or email auth records).
---
**3. Observation History**
- Recent Activity:
- No significant changes in risk score or network behavior.
- Geolocation and DNS data consistent over time.
- No scans, TLS certificates, or service banners detected.
---
**4. Relationships & Neighbors**
- Linked Entities:
- Subnet `95.111.228.0/23` (no active or threat-related sibling IPs).
- DNS hostname `vmi3327323.contaboserver.net` (Contabo-managed VM).
- Subnet Abuse Density: 0% (clean).
---
**5. Recommended Actions**
- Monitor: Review logs for unexpected activity due to moderate risk score.
- Block: Implement firewall rules to restrict access if the IP is not required.
- Firewall Rules:
- iptables: `iptables -A INPUT -s 95.111.228.188 -j DROP`
- Cloudflare WAF: Block IP with rule `{\"action\":\"block\",\"expression\":\"ip.src eq 95.111.228.188\"}`
---
Conclusion:
The IP is a Contabo-hosted VM in Germany with no active services or malicious indicators. While the subnet is clean, the moderate risk score warrants monitoring. Block the IP if it is not required for legitimate operations.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Johannes Selg |
| ASN | AS51167 |
| Network Name | CONTABO |
| CIDR Block | 95.111.224.0/20 |
| RIR | RIPE |
| Country | DE |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | vmi3327323.contaboserver.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | vmi3327323.contaboserver.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 39% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 34% | 2 | 3 |
| reputation | 35% | 1 | 4 |
| geolocation | 26% | 2 | 2 |
| Overall | 27% | 9 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-31 05:09:25 UTC |
| Last Seen | 2026-06-21 06:18:41 UTC |
| Profile Built | 2026-06-21 12:20:32 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 23 |
Full dossier details are available via our API.