5.135.14.109
Threat Intelligence Briefing: IP 5.135.14.109/32
Overview
- Risk Profile: Moderate risk (55/100) with no direct malicious indicators.
- Ownership: Hosted by OVH Hosting LDA (AS16276) in Portugal (PT).
- Geolocation: Located in Portugal (latitude 39.4, longitude -8.22), with inferred accuracy of 450 km.
- Network Role: Identified as a cloud-hosted server (OVH Dedicated FO), not a residential or mobile IP.
Threat Indicators
- No detected malware, spam, or known attacker activity.
- DNS records point to nuboshige.com, with SPF and DMARC records but no verified email security policies.
- Zero listings in DNSBLs or threat feeds.
Network Relationships
- DNS Associations: Linked to info2.b.nuboshige.com (PTR record).
- Subnet Connections: Part of OVH-DEDICATED-FO network, suggesting shared hosting infrastructure.
Subnet Analysis
- /24 Subnet: 5.135.14.0/24, with 0 abuse density and no active neighboring IPs.
- Isolated IP with no sibling activity, potentially indicating a standalone server or misconfigured network.
Historical Observations
- Observed as a cloud-hosted server with consistent OVH provider attribution.
- No significant changes in risk scores or network behavior over time.
Recommendations
1. Monitor DNS Activity: Investigate nuboshige.com for potential phishing or spoofing campaigns.
2. Verify Hosting Compliance: Ensure OVH Dedicated FO infrastructure adheres to security best practices.
3. Check Isolation Validity: Confirm if the IPโs isolation is intentional (e.g., air-gapped server) or indicative of misconfiguration.
4. Enable Email Security: Confirm SPF/DKIM/DMArc alignment for nuboshige.com to mitigate spoofing risks.
Conclusion
The IP appears to be a low-risk, cloud-hosted server with no immediate threats. However, its isolated subnet and DNS associations warrant further scrutiny to rule out covert operations or misconfigurations.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | OVH Hosting LDA |
| ASN | AS16276 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | info2.b.nuboshige.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | info2.b.nuboshige.com |
๐ DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 34% | 2 | 3 |
| Overall | 22% | 9 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-24 18:41:26 UTC |
| Last Seen | 2026-06-29 00:37:57 UTC |
| Profile Built | 2026-06-29 06:40:14 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 22 |
Full dossier details are available via our API.