51.38.109.220
# IP Intelligence Briefing: 51.38.109.220/32
## Executive Summary
IP 51.38.109.220 is a low-risk (25/100) OVH cloud infrastructure endpoint hosted in the Netherlands. The address shows minimal threat activity, no open services, and no active neighborhood contamination. However, historical DNSBL listings and geolocation inconsistencies warrant monitoring.
## Profile Characteristics
- Risk Score: 25 (Low Risk)
- Ownership: OVH BV, ASN 16276, OVH-DEDICATED-FO network (51.38.109.208/28)
- Location: The Netherlands (49.38°N, 3.85°E)
- Infrastructure Type: CloudCompute/Hosting
- DNS: ip220.ip-51-38-109.eu (forward confirmed)
- Services: None detected (firewalled/no services)
## Threat Assessment
Current threat indicators show no active malicious activity. The IP is not classified as a Tor exit node, known attacker, or spam source. Blacklist count is currently 0, though control plane data indicates 1 DNSBL listing with maximum severity of "high" among 8 total lists evaluated.
## Historical Observations
19 signal observations recorded. Key findings:
- Multiple DNSBL listings detected in historical data (2026-06-16)
- Geolocation inconsistencies: some signals report France, others Netherlands
- Operator score: 0.2609 (Basic classification)
- No persistent malicious behavior observed
## Network Context
- Subnet: 51.38.109.0/24
- Abuse Density: 0% (clean)
- Threat Siblings: 0
- Active Siblings: 0
The address shows no correlation with other malicious IPs in its /24 subnet.
## Security Recommendations
Given the low risk profile and clean neighborhood, no immediate blocking is warranted. However:
- Monitor for service activity (currently firewalled)
- Track geolocation consistency
- Review DNSBL listing context if traffic is observed
## Intelligence Conclusion
This IP represents standard cloud hosting infrastructure from OVH. The absence of open services and clean subnet environment supports defensive posture maintenance without aggressive blocking. Continued observation recommended to track any service activation or reputation degradation.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | OVH BV |
| ASN | AS16276 |
| Network Name | OVH-DEDICATED-FO |
| CIDR Block | 51.38.109.208/28 |
| RIR | ARIN |
| Country | NL |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | ip220.ip-51-38-109.eu |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | ip220.ip-51-38-109.eu |
๐ DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 15% | 1 | 2 |
| geolocation | 35% | 2 | 3 |
| Overall | 22% | 9 | 12 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-06-01 05:39:22 UTC |
| Last Seen | 2026-06-21 07:20:19 UTC |
| Profile Built | 2026-06-21 07:22:15 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 22 |
Full dossier details are available via our API.