51.210.243.91
## IP INTELLIGENCE BRIEFING: 51.210.243.91
Classification: Low Risk Cloud Compute Instance
Date of Assessment: Current
Analyst: IPDebrief Intelligence Team
---
EXECUTIVE SUMMARY
IP 51.210.243.91 is a low-risk (score: 25) cloud compute VPS hosted within OVH SAS infrastructure in France. The IP exhibits minimal threat indicators, with no active blacklisting or known campaign associations. Historical signals indicate stable operational characteristics consistent with legitimate cloud hosting services.
---
OWNERSHIP & INFRASTRUCTURE
| Attribute | Value |
|---|---|
| **Organization** | OVH SAS (ASN 16276) |
| **Network** | 51.210.0.0/16 (BGPPrefix) |
| **Location** | France (FR) |
| **Infrastructure Type** | CloudCompute / Hosting |
| **DNS Record** | vps-204029ff.vps.ovh.net |
| **Network Role** | Single-Service Host |
The IP resolves to a standard OVH VPS hostname, confirming it is a virtual private server within the provider's datacenter infrastructure.
---
THREAT ASSESSMENT
Current Risk Profile:
- Overall Risk Score: 25/100 (Low Risk)
- Abuse Confidence Score: Not available
- Blacklist Count: 0 active
- Known Campaigns: None
- Tor Exit Node: No
- Known Attacker: No
Control Plane Indicators:
- Listed on 1 DNSBL out of 8 total checks (dnsblListedCount: 1)
- Operator Score: 0.2609 (Basic)
- Route Stability: False (routing changes detected)
- RPKI State: Not available
- DNSSEC Valid: Yes
---
NETWORK SERVICES
Open Ports Identified:
- Port 22/tcp: SSH (OpenSSH_10.0p2 Debian)
HTTP/TLS Services: None detected
- No TLS certificate presented
- No HTTP title or server banner available
- Connection type: Not determined
---
OBSERVATION HISTORY
Historical Signal Count: 22 observations
Key Historical Signals:
1. June 27, 2026: Cloud infrastructure classification (OVH), no proxy/TOR/VPN indicators
2. June 19, 2026: Subnet abuse density reported as 1, classification "mostly_clean"
3. June 19, 2026: Operator score 0.2609, Basic classification
4. June 19, 2026: 13 total observations across threat, routing, services, ownership, reputation, and geolocation dimensions
Temporal Analysis:
- Threat persistence: 0 days
- Ownership changes: 0
- Is persistently malicious: No
- Threat observation count: 1
---
RELATIONSHIP ANALYSIS
48 Relationship Entities Identified:
DNS Associations:
- vps-204029ff.vps.ovh.net (primary hostname)
Network Relationships:
- VPS-SBG6 (multiple entries indicating same network segment)
Additional Correlations:
- Same network: VPS-SBG6 (recurring identifier)
- No certificate matches or campaign correlations detected
---
NEIGHBORHOOD ANALYSIS
Subnet: 51.210.243.91/24
- Abuse Density: 0 (neighborhood data) / 1 (profile data)
- Classification: mostly_clean
- Total Siblings: 1
- Active Siblings: 1
- Threat Siblings: 1
- Risk Distribution: No high/medium/low neighbors identified
---
GEOLOCATION VALIDATION
| Metric | Value |
|---|---|
| **Country** | France |
| **Country Code** | FR |
| **Accuracy Radius** | 500 km |
| **Minimum RTT** | 102.6 ms |
| **Average RTT** | 102.6 ms |
| **Probe Count** | 5 |
| **Geo Consensus** | True |
| **Geo Plausible** | True |
---
RECOMMENDED ACTIONS
Firewall/Security Recommendations:
- No specific blocking actions recommended based on current risk profile
- Standard monitoring for SSH port activity on port 22
- Consider rate limiting for SSH connections due to hosting nature
SOC Analyst Notes:
- This IP represents legitimate cloud infrastructure with minimal threat indicators
- Single DNSBL listing warrants periodic monitoring but does not indicate active abuse
- No evidence of malicious activity, command and control, or spam distribution
- Recommended classification: MONITOR (low priority)
---
CONCLUSION
IP 51.210.243.91 is a standard OVH cloud VPS with a low-risk profile. The IP shows no active threat indicators, no known malicious associations, and operates within expected parameters for cloud hosting infrastructure. The single DNSBL listing and non-stable routing warrant routine monitoring but do not justify blocking.
Priority: LOW
Status: ACTIVE MONITORING
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | OVH SAS |
| ASN | AS16276 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | vps-204029ff.vps.ovh.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | vps-204029ff.vps.ovh.net |
๐ DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_10.0p2 Debian-7~bpo12+1 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 23% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-13 12:13:34 UTC |
| Last Seen | 2026-06-27 23:27:02 UTC |
| Profile Built | 2026-06-28 17:32:30 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 26 |
Full dossier details are available via our API.