IP Intelligence Briefing: 38.242.232.20
Date: June 13, 2026
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Provider: Cogent Communications (ASN 51167)
- Geolocation: US (Grand Est region, Lauterbourg), inferred with 2500km accuracy.
- Network Role: Cloud compute instance (Contabo), no services detected (open ports, TLS, or HTTP).
- Threat Indicators: No malicious activity detected; no blacklist entries or campaigns linked.
---
**2. Observation History**
- Recent Activity:
- Scanned for services (ports, TLS, HTTP) with no active services found.
- Subnet abuse density: 0 (clean).
- DNS resolution confirmed for `vmi2797815.contaboserver.net` (Contabo VM).
- Temporal Trends: No persistent threats or ownership changes detected.
---
**3. Relationships**
- Network Associations:
- Same ASN (Cogent Communications) and subnet (`38.242.232.20/24`).
- Linked to Contabo-hosted VM `vmi2797815.contaboserver.net`.
- Threat Context: No direct ties to malicious campaigns or known attackers.
---
**4. Neighborhood Analysis**
- Subnet: `38.242.232.20/24` (256 IPs).
- Neighbor Risk:
- 1 active sibling IP (`38.242.232.186`) with a 40 risk score (low-moderate risk).
- Subnet abuse density: 0 (clean).
---
**5. Actionable Insights**
- Monitor: The Contabo VM (`vmi2797815.contaboserver.net`) for unexpected service activation or traffic patterns.
- Subnet Watch: While the subnet is clean, the single higher-risk neighbor (`38.242.232.186`) warrants closer scrutiny.
- Contextualize: The IPβs cloud compute role suggests it may be a virtual server; verify if itβs a legitimate asset or a potential target.
Conclusion: No immediate threat detected. Focus on ensuring the Contabo VMβs compliance and monitor the subnet for anomalies.
---
*Generated by IPDebrief Threat Intelligence Platform*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Cogent Communications, LLC |
| ASN | AS51167 |
| Network Name | COGENT-A |
| CIDR Block | 38.0.0.0/8 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | vmi2797815.contaboserver.net |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | vmi2797815.contaboserver.net |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | 1/2 domains |
| DMARC | 1/2 domains |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
| Domains Checked | 2 domains |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Web Server |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| Closed Ports | 22, 25, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | nginx/1.24.0 (Ubuntu) |
| HTTP Title | β |
π TLS Certificate
| SANs | app.magpropertyhub.com |
| Valid From | 2026-05-07T18:08:59+00:00 |
| Valid Until | 2026-08-05T18:08:58+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha384ECDSA |
| Validity Period | 89 days |
| Serial Number | 057CE59C892D0FDAA794075F5534DAB195B0 |
| Thumbprint | 90F8E44969625E9C9C533BD81E38E482891ADEBE |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 43% | 2 | 5 |
| routing | 13% | 1 | 1 |
| services | 32% | 2 | 3 |
| ownership | 30% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 29% | 10 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-04 06:36:04 UTC |
| Last Seen | 2026-06-21 11:19:55 UTC |
| Profile Built | 2026-06-21 11:27:14 UTC |
| Data Freshness | Live |
| Signal Types | 25 |
| Total Observations | 28 |
Full dossier details are available via our API.