IPDebrief

38.242.232.186

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# INTELLIGENCE BRIEFING: 38.242.232.186/32

Classification: Moderate Risk (Score: 40)

Date: 2026-06-26

Prepared By: IPDebrief Intelligence Team

---

## EXECUTIVE SUMMARY

IP address 38.242.232.186 is a cloud compute infrastructure endpoint operated by Contabo via Cogent Communications (ASN: 51167). The asset presents moderate risk due to its hosting infrastructure classification and presence within a subnet with elevated abuse density. No active threat indicators were detected, but the IP is listed on 2 of 8 DNSBL feeds with a moderate operator risk score (0.1304).

---

## OWNERSHIP & INFRASTRUCTURE PROFILE

AttributeValue
**Organization**Cogent Communications, LLC
**ASN**51167
**Network Block**38.242.224.0/19
**Geolocation**US (Grand Est, Lauterbourg)
**Infrastructure Type**Cloud Compute / Hosting
**Provider**Contabo
**Network Classification**Firewalled / No Services

The IP resolves to hostname `vmi3096119.contaboserver.net` and has a reverse DNS entry pointing to `ip-186-232-242-38.static.contabo.net`. No active services or open ports were detected during probing.

---

## THREAT ASSESSMENT

Current Risk Profile:

Control Plane Indicators:

No correlation with known threat campaigns or malicious infrastructure fingerprints.

---

## NEIGHBORHOOD ANALYSIS

Subnet: 38.242.232.186/24

MetricValue
Abuse Density0.5 (Moderate)
Subnet ClassificationMostly Clean
Total Siblings2
Active Siblings2
Threat Siblings1

Notable Neighbor:

The subnet exhibits moderate abuse density with one identified threat sibling, suggesting potential correlation with neighboring infrastructure.

---

## OBSERVATION HISTORY

Total Observations: 24 signals recorded

Recent Activity (June 2026):

The IP demonstrates stable ownership patterns with no escalation in threat signals over the observation period.

---

## RELATED ENTITIES

DNS Associations:

Network Relationships:

---

## RECOMMENDED ACTIONS

Firewall Rules:

```bash

# iptables

iptables -A INPUT -s 38.242.232.186 -j DROP

# nftables

nft add rule inet filter input ip saddr 38.242.232.186 drop

# Nginx

deny 38.242.232.186;

# pfSense

38.242.232.186/32

# Cloudflare WAF

{"description":"Block 38.242.232.186 β€” IPDebrief risk score 40","action":"block","filter":{"expression":"ip.src eq 38.242.232.186"}}

# AWS WAF

{"Addresses":["38.242.232.186/32"],"Description":"IPDebrief risk 40"}

```

Assessment: While no active threat indicators were detected, the moderate risk score (40) combined with the subnet's elevated abuse density (0.5) warrants monitoring or blocking depending on organizational risk tolerance. The firewall rules above are probabilistic and should be combined with additional threat signals before implementing.

---

END OF BRIEFING

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡ΊπŸ‡Έ United States
RegionGrand Est
CityLauterbourg
Timezoneβ€”
Latitude48.97
Longitude8.19

🏒 Ownership & Registration

OrganizationCogent Communications, LLC
ASNAS51167
Network Nameβ€”
CIDR Blockβ€”
RIRARIN
Countryβ€”
Abuse ContactAvailable via RDAP

🌐 DNS Intelligence

PTRvmi3096119.contaboserver.net
Forward ConfirmedNo β€” PTR hostname does not resolve back to this IP (weak signal)
Forward Hostnamesip-186-232-242-38.static.contabo.net

πŸ” DNS Hygiene

Hygiene Score40% (Fair)
SPFPresent
DMARCNot configured
FCrDNSNot verified
DNSSECValid
CAANot configured

☁️ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeFirewalled / No Services
Network TierHosting β€” Infrastructure provider without advanced routing
CloudHosting

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Closed Ports22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)
Serverβ€”
HTTP Titleβ€”

πŸ” TLS Certificate

πŸ”’
No certificate
Issued by β€”
N/A
SANsNone
Valid Fromβ€”
Valid Untilβ€”

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
42%
25
routing
13%
11
services
24%
23
ownership
24%
23
reputation
26%
13
geolocation
26%
22
Overall26%1017
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (50%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-24 12:34:59 UTC
Last Seen2026-06-29 00:13:09 UTC
Profile Built2026-06-29 06:15:53 UTC
Data FreshnessLive
Signal Types21
Total Observations24
πŸ” 21 signal types Β· 24 observations collected
This report is generated from 21+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.