38.242.232.20
IP Intelligence Dossier
Your IP: 216.73.216.123
π€ Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.
IP Intelligence Briefing: 38.242.232.20
Date: June 13, 2026
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Provider: Cogent Communications (ASN 51167)
- Geolocation: US (Grand Est region, Lauterbourg), inferred with 2500km accuracy.
- Network Role: Cloud compute instance (Contabo), no services detected (open ports, TLS, or HTTP).
- Threat Indicators: No malicious activity detected; no blacklist entries or campaigns linked.
---
**2. Observation History**
- Recent Activity:
- Scanned for services (ports, TLS, HTTP) with no active services found.
- Subnet abuse density: 0 (clean).
- DNS resolution confirmed for `vmi2797815.contaboserver.net` (Contabo VM).
- Temporal Trends: No persistent threats or ownership changes detected.
---
**3. Relationships**
- Network Associations:
- Same ASN (Cogent Communications) and subnet (`38.242.232.20/24`).
- Linked to Contabo-hosted VM `vmi2797815.contaboserver.net`.
- Threat Context: No direct ties to malicious campaigns or known attackers.
---
**4. Neighborhood Analysis**
- Subnet: `38.242.232.20/24` (256 IPs).
- Neighbor Risk:
- 1 active sibling IP (`38.242.232.186`) with a 40 risk score (low-moderate risk).
- Subnet abuse density: 0 (clean).
---
**5. Actionable Insights**
- Monitor: The Contabo VM (`vmi2797815.contaboserver.net`) for unexpected service activation or traffic patterns.
- Subnet Watch: While the subnet is clean, the single higher-risk neighbor (`38.242.232.186`) warrants closer scrutiny.
- Contextualize: The IPβs cloud compute role suggests it may be a virtual server; verify if itβs a legitimate asset or a potential target.
Conclusion: No immediate threat detected. Focus on ensuring the Contabo VMβs compliance and monitor the subnet for anomalies.
---
*Generated by IPDebrief Threat Intelligence Platform*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Cogent Communications, LLC |
| ASN | AS51167 |
| Network Name | COGENT-A |
| CIDR Block | 38.0.0.0/8 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | vmi2797815.contaboserver.net |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | vmi2797815.contaboserver.net |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | 1/2 domains |
| DMARC | 1/2 domains |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
| Domains Checked | 2 domains |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Web Server |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| Closed Ports | 22, 25, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | nginx/1.24.0 (Ubuntu) |
| HTTP Title | β |
π TLS Certificate
CN=app.magpropertyhub.com
Issued by CN=E8, O=Let's Encrypt, C=US
Self-signed: No
| SANs | app.magpropertyhub.com |
| Valid From | 2026-05-07T18:08:59+00:00 |
| Valid Until | 2026-08-05T18:08:58+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha384ECDSA |
| Validity Period | 89 days |
| Serial Number | 057CE59C892D0FDAA794075F5534DAB195B0 |
| Thumbprint | 90F8E44969625E9C9C533BD81E38E482891ADEBE |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 43% | 2 | 5 |
| routing | 13% | 1 | 1 |
| services | 32% | 2 | 3 |
| ownership | 30% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 29% | 10 | 18 |
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-04 06:36:04 UTC |
| Last Seen | 2026-06-21 11:19:55 UTC |
| Profile Built | 2026-06-21 11:27:14 UTC |
| Data Freshness | Live |
| Signal Types | 25 |
| Total Observations | 28 |
π 25 signal types Β· 28 observations collected
This report is generated from 25+ independent intelligence signals including
ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds,
behavioral fingerprinting, and more.
Full dossier details are available via our API.
Full dossier details are available via our API.
βΉοΈ About This Report
All data shown is publicly available network metadata β IP addresses do not reliably identify individuals.
Assessments are probabilistic and should not be used as sole basis for access control decisions.
To report an issue or request data review, contact admin@ipdebrief.com.