51.254.140.126

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 51.254.140.126/32

## Executive Summary

IP 51.254.140.126 is a low-risk cloud infrastructure endpoint associated with OVH SAS hosting in France. The asset supports a staging environment (atmanity.com) with standard web services and no active threat indicators. Risk score: 30 (Low).

## Infrastructure Profile

Organization: OVH SAS (ASN 16276)
Location: France (FR)
Infrastructure Type: Cloud Compute / Hosting
BGP Prefix: 51.254.0.0/15
Network Role: Web Server

## Service Exposure

Port	Protocol	Service	Notes
80	TCP	HTTP	Standard web
443	TCP	HTTPS	TLS 1.3
22	TCP	SSH	OpenSSH 10.0p2 Debian
8080	TCP	HTTP-ALT	Application port

TLS Certificate: Let's Encrypt (staging.atmanity.com), automated tier
Server: nginx
Application: PHP 8.1.34 detected

## DNS Analysis

PTR Record: mail.atmanity.com
Forward Resolution: Confirmed
Domain: atmanity.com (staging environment)
Email Authentication: SPF and DMARC records present
Certificate Count: 12 associated certificates

## Threat Assessment

Risk Score: 30 (Low)
Known Threat Indicators: None
Blacklist Count: 0
Tor Exit Node: No
Known Attacker: No
Spam Source: No
DNSBL Listings: 1 (single entry)

## Historical Observations (24 Signals)

Recent monitoring (June 2026) indicates consistent cloud hosting infrastructure with:

Stable nginx/HTTPS configuration
TLS 1.3 with strong cipher suites (TLS_AES_256_GCM_SHA384)
Minor inconsistency in cloud detection flag (one observation showed is_cloud:false)
Persistent association with OVH provider

## Network Context

/24 Subnet Analysis: No neighboring IPs detected
Subnet Abuse Density: 0
Risk Distribution: None (0 high, 0 medium, 0 low)
Relationships: Primarily DNS associations with mail.atmanity.com and network association FR-OVH-20150522

## Security Actions

No immediate defensive actions required. The IP exhibits characteristics of legitimate cloud hosting infrastructure with proper security controls (SPF, DMARC, TLS 1.3).

## Recommendations

Monitor for changes in DNSBL listing status
Verify staging environment status if atmanity.com is not expected traffic
Standard logging on ports 22 and 8080 recommended

Assessment: Legitimate hosting endpoint with low risk profile. No indicators of malicious activity detected.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇫🇷 France
Region	—
City	—
Timezone	Europe/Paris
Latitude	48.86
Longitude	2.34

🏢 Ownership & Registration

Organization	OVH SAS
ASN	AS16276
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	mail.atmanity.com
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`mail.atmanity.com`

🔐 DNS Hygiene

Hygiene Score	80% (Excellent)
SPF	Present
DMARC	Present
FCrDNS	Verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
443	https	tcp	—
22	ssh	tcp	SSH-2.0-OpenSSH_10.0p2 Debian-7+deb13u4
8080	http-alt	tcp	—
Closed Ports	25, 3389, 8443 (4 open / 7 scanned)

Server	nginx
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_10.0p2 Debian-7+deb13u4

🔐 TLS Certificate

🔒

CN=staging.atmanity.com

Issued by CN=E8, O=Let's Encrypt, C=US

Self-signed: No

SANs	staging.atmanity.com
Valid From	2026-04-29T03:36:03+00:00
Valid Until	2026-07-28T03:36:02+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_256_GCM_SHA384
Signature Algorithm	sha384ECDSA
Validity Period	89 days
Serial Number	05856D53B0BA4F452F70AFB12338D62ACE9F
Thumbprint	75075A938FF147B3E45EECEE9D9580F251A3F1AE

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	31%	2	4
routing	13%	1	1
services	30%	2	3
ownership	24%	2	3
reputation	30%	1	3
geolocation	35%	2	3
Overall	27%	10	17

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-19 09:37:56 UTC
Last Seen	2026-06-28 08:54:54 UTC
Profile Built	2026-06-29 08:59:55 UTC
Data Freshness	Live
Signal Types	24
Total Observations	29

🔍 24 signal types · 29 observations collected

This report is generated from 24+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

51.254.140.126📋 Copy