51.195.36.4

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING: 51.195.36.4/32

Classification: Cloud Compute Host | Risk Score: 30/100 (Low Risk)

---

## EXECUTIVE SUMMARY

Target IP 51.195.36.4 is a cloud computing host operated by OVH GmbH (AS16276) located in Germany (DE). The IP resolves to hostname info1.b.nobukado.ninja and presents a low-risk profile with a score of 30. Infrastructure is classified as a Single-Service Host with SSH services accessible on port 22.

---

## OWNERSHIP & INFRASTRUCTURE

Attribute	Value
Organization	OVH GmbH
ASN	16276
Network	51.195.36.0/26 (OVH-DEDICATED-FO)
Country	Germany (DE)
Infrastructure Type	CloudCompute
Hosting Provider	Yes

Technical Classification: The IP is hosted on OVH's dedicated cloud infrastructure. Control plane data indicates route instability with an operator score of 0.2609 (Basic). DNSSEC validation is enabled.

---

## NETWORK SERVICES & DNS

Open Ports:

Port 22/TCP (SSH) - Banner: SSH-2.0-OpenSSH_10.0p2 Debian

DNS Configuration:

PTR Hostname: info1.b.nobukado.ninja
Domain: nobukado.ninja
SPF: Configured (v=spf1 with multiple include records)
DMARC: Configured (p=reject policy with adkim/s/aspf/s alignment)
TXT Record Count: 1

---

## THREAT INDICATORS & REPUTATION

Indicator	Status
Reputation	Low Risk
Blacklist Count	2 of 8 DNSBL lists
Tor Exit Node	No
Known Attacker	No
Spam Source	No
Abuse Confidence Score	Not Available

Threat Feeds: No active threat feed matches. No known campaigns correlated.

---

## OBSERVATION HISTORY (20 Observations)

Recent temporal analysis reveals:

1. DNSBL Listings: Two DNSBL listings detected (medium severity maximum)

2. ASN Reputation: Alienvault OTX reports has_threats: true with pulse_count: 3

3. Geolocation Signals: Consistent DE/France geolocation data with 0.25 confidence

4. Routing Signals: BGP prefix 51.195.0.0/16 with AS16276

5. Email Authentication: SPF and DMARC records consistently observed

---

## NETWORK RELATIONSHIPS

27 Total Relationships:

DNS Associations: Multiple associations to info1.b.nobukado.ninja
Network Associations: Multiple associations to OVH-DEDICATED-FO subnet

Related Hostname: info1.b.nobukado.ninja (primary DNS association)

---

## NEIGHBORHOOD ANALYSIS

Subnet: 51.195.36.4/24

Abuse Density: 0
Neighbor Count: 0
Risk Distribution: No high/medium risk neighbors detected
Classification: Mostly clean
Active Siblings: 1

---

## SECURITY ACTIONS & RECOMMENDATIONS

Current Risk Profile: Low Risk (Score 30)

Recommended Actions:

No specific blocking actions recommended based on current risk assessment
Monitor DNSBL listing persistence
Verify SSH service necessity on this cloud host
Review SPF/DMARC configuration for potential email reputation impact

---

## INTELLIGENCE CONTEXT

The IP operates within OVH's cloud infrastructure with legitimate hosting designation. While DNSBL listings (2/8) suggest some reputation challenges, the overall risk score remains low. The hostname nobukado.ninja demonstrates proper email authentication configuration (SPF and DMARC reject policy). SSH access is open, which may require validation against organizational security policies for cloud-hosted infrastructure.

Conclusion: This IP represents a legitimate cloud hosting resource with minor reputation concerns. No immediate blocking required. Monitor DNSBL status and validate SSH necessity against security baselines.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇩🇪 Germany
Region	St. Johanner Str.
City	Deutschland
Timezone	Europe/Berlin
Latitude	51.17
Longitude	10.45

🏢 Ownership & Registration

Organization	OVH GmbH
ASN	AS16276
Network Name	OVH-DEDICATED-FO
CIDR Block	51.195.36.0/26
RIR	ARIN
Country	DE
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	info1.b.nobukado.ninja
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`info1.b.nobukado.ninja`

🔐 DNS Hygiene

Hygiene Score	80% (Excellent)
SPF	Present
DMARC	Present
FCrDNS	Verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Single-Service Host
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
22	ssh	tcp	SSH-2.0-OpenSSH_10.0p2 Debian-7+deb13u4
Closed Ports	25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned)

Server	—
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_10.0p2 Debian-7+deb13u4

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	42%	2	5
routing	8%	1	1
services	15%	2	2
ownership	27%	2	3
reputation	26%	1	3
geolocation	39%	2	3
Overall	26%	10	17

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-25 18:48:21 UTC
Last Seen	2026-06-29 02:09:51 UTC
Profile Built	2026-06-29 08:13:08 UTC
Data Freshness	Live
Signal Types	22
Total Observations	25

🔍 22 signal types · 25 observations collected

This report is generated from 22+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

51.195.36.4📋 Copy