15.204.249.142

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING: 15.204.249.142/32

Classification: LOW RISK – Routine Monitoring Recommended

Report Date: 2026-06-21

Analysis Platform: IPDebrief Threat Intelligence

---

## EXECUTIVE SUMMARY

IP 15.204.249.142 is a low-risk residential cloud VPS hosted on OVH US infrastructure. The IP exhibits minimal threat indicators, no active malicious behavior, and no associations with known attack campaigns. One neighboring IP in the /24 subnet has been flagged as a threat, warranting neighborhood-level awareness but not immediate action against this specific address.

---

## INFRASTRUCTURE PROFILE

Attribute	Value
IP Address	15.204.249.142
Risk Score	25/100 (Low)
ASN	16276 (OVH US LLC)
Organization	OVH US LLC
Network Block	15.204.248.0/23
Geolocation	Reston, Virginia, US
Infrastructure Type	Cloud Compute (VPS Hosting)
Service Purpose	Firewalled / No Services
DNS PTR Hostname	vps-42eb3e88.vps.ovh.us

---

## THREAT ASSESSMENT

Current Risk Indicators

Blacklist Count: 0
Known Attacker: No
Spam Source: No
Tor Exit Node: No
DNSBL Listings: 1 of 8 lists
Campaign Associations: None detected
Persistently Malicious: No

Network Context

Subnet Classification: mostly_clean
Abuse Density: Low (1/256)
Threat Siblings in /24: 1 IP flagged
Active Siblings: 1

---

## OBSERVATION HISTORY

Analysis of 20 signal observations reveals:

Recent classification consistently shows "mostly_clean" status
Ownership stability confirmed with 0 changes detected
No evidence of persistent malicious activity
Geolocation signals indicate US-based infrastructure
Operator score: 0.2609 (Basic classification)

---

## RELATIONSHIP ANALYSIS

32 relationships identified:

DNS Associations: vps-42eb3e88.vps.ovh.us
Network Relationships: VPS-US-EAST-VA-2 subnet
No cross-organizational links detected
No certificate associations found

---

## RECOMMENDED ACTIONS

Risk Level	Action
Current: Low	No immediate blocking recommended
Monitoring:	Track neighborhood IP 15.204.249.x for threat activity
Threshold:	Flag if risk score exceeds 50 or new blacklist entries appear

No specific firewall rules generated due to low risk profile. Standard logging and monitoring recommended.

---

## ANALYST NOTES

This IP represents a legitimate cloud hosting customer with no current malicious indicators. The single threat sibling in the neighborhood suggests OVH's customer base includes mixed-risk entities, which is typical for shared infrastructure providers. SOC teams should maintain awareness of neighborhood threats while treating this specific IP as low-priority.

---

Generated by: IPDebrief Intelligence Platform

Confidentiality: Internal Use Only

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇺🇸 United States
Region	VA
City	Reston
Timezone	—
Latitude	38.97
Longitude	-77.34

🏢 Ownership & Registration

Organization	OVH US LLC
ASN	AS16276
Network Name	VPS-US-EAST-VA-2
CIDR Block	15.204.248.0/23
RIR	ARIN
Country	United States
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	vps-42eb3e88.vps.ovh.us
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`vps-42eb3e88.vps.ovh.us`

🔐 DNS Hygiene

Hygiene Score	80% (Excellent)
SPF	Present
DMARC	Present
FCrDNS	Verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Tier 3 — Basic operator with some routing infrastructure

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	38%	2	5
routing	13%	1	1
services	19%	2	2
ownership	27%	2	3
reputation	22%	1	3
geolocation	19%	2	2
Overall	23%	10	16

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Mostly Consistent (80%) — 1 contradiction(s)
Attribution	Moderate (55%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

⚠ Claimed geolocation contradicts RTT physics measurement

📅 Observation Timeline 🔄 Live

First Seen	2026-05-30 10:58:05 UTC
Last Seen	2026-06-29 07:29:31 UTC
Profile Built	2026-06-29 07:34:35 UTC
Data Freshness	Live
Signal Types	21
Total Observations	22

🔍 21 signal types · 22 observations collected

This report is generated from 21+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

15.204.249.142📋 Copy