38.242.232.186
# INTELLIGENCE BRIEFING: 38.242.232.186/32
Classification: Moderate Risk (Score: 40)
Date: 2026-06-26
Prepared By: IPDebrief Intelligence Team
---
## EXECUTIVE SUMMARY
IP address 38.242.232.186 is a cloud compute infrastructure endpoint operated by Contabo via Cogent Communications (ASN: 51167). The asset presents moderate risk due to its hosting infrastructure classification and presence within a subnet with elevated abuse density. No active threat indicators were detected, but the IP is listed on 2 of 8 DNSBL feeds with a moderate operator risk score (0.1304).
---
## OWNERSHIP & INFRASTRUCTURE PROFILE
| Attribute | Value |
|---|---|
| **Organization** | Cogent Communications, LLC |
| **ASN** | 51167 |
| **Network Block** | 38.242.224.0/19 |
| **Geolocation** | US (Grand Est, Lauterbourg) |
| **Infrastructure Type** | Cloud Compute / Hosting |
| **Provider** | Contabo |
| **Network Classification** | Firewalled / No Services |
The IP resolves to hostname `vmi3096119.contaboserver.net` and has a reverse DNS entry pointing to `ip-186-232-242-38.static.contabo.net`. No active services or open ports were detected during probing.
---
## THREAT ASSESSMENT
Current Risk Profile:
- Overall Risk Score: 40/100 (Moderate)
- Abuse Confidence: Not elevated
- Blacklist Count: 0 (active)
- Tor Exit: No
- Known Attacker: No
- Spam Source: No
Control Plane Indicators:
- DNSBL Listed: 2 of 8 lists
- Route Stability: False
- Operator Risk Score: 0.1304 (Minimal)
- RPKI State: Not evaluated
No correlation with known threat campaigns or malicious infrastructure fingerprints.
---
## NEIGHBORHOOD ANALYSIS
Subnet: 38.242.232.186/24
| Metric | Value |
|---|---|
| Abuse Density | 0.5 (Moderate) |
| Subnet Classification | Mostly Clean |
| Total Siblings | 2 |
| Active Siblings | 2 |
| Threat Siblings | 1 |
Notable Neighbor:
- 38.242.232.20: Risk Score 50, Authority Score 60
The subnet exhibits moderate abuse density with one identified threat sibling, suggesting potential correlation with neighboring infrastructure.
---
## OBSERVATION HISTORY
Total Observations: 24 signals recorded
Recent Activity (June 2026):
- 2026-06-20: Network and routing signals detected (confidence: 0.60)
- 2026-06-15: Service scanning performed; ports closed; subnet classification "mostly_clean"
- Ownership stability: 0 changes recorded
- Threat persistence: 0 days; not classified as persistently malicious
The IP demonstrates stable ownership patterns with no escalation in threat signals over the observation period.
---
## RELATED ENTITIES
DNS Associations:
- vmi3096119.contaboserver.net
- ip-186-232-242-38.static.contabo.net
- contaboserver.net
Network Relationships:
- COGENT-A network association
- 43 total relationship links identified
---
## RECOMMENDED ACTIONS
Firewall Rules:
```bash
# iptables
iptables -A INPUT -s 38.242.232.186 -j DROP
# nftables
nft add rule inet filter input ip saddr 38.242.232.186 drop
# Nginx
deny 38.242.232.186;
# pfSense
38.242.232.186/32
# Cloudflare WAF
{"description":"Block 38.242.232.186 β IPDebrief risk score 40","action":"block","filter":{"expression":"ip.src eq 38.242.232.186"}}
# AWS WAF
{"Addresses":["38.242.232.186/32"],"Description":"IPDebrief risk 40"}
```
Assessment: While no active threat indicators were detected, the moderate risk score (40) combined with the subnet's elevated abuse density (0.5) warrants monitoring or blocking depending on organizational risk tolerance. The firewall rules above are probabilistic and should be combined with additional threat signals before implementing.
---
END OF BRIEFING
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Cogent Communications, LLC |
| ASN | AS51167 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | vmi3096119.contaboserver.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | ip-186-232-242-38.static.contabo.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 42% | 2 | 5 |
| routing | 13% | 1 | 1 |
| services | 24% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 26% | 2 | 2 |
| Overall | 26% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-24 12:34:59 UTC |
| Last Seen | 2026-06-29 00:13:09 UTC |
| Profile Built | 2026-06-29 06:15:53 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 24 |
Full dossier details are available via our API.