51.38.129.194

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 51.38.129.194

## Executive Summary

IP 51.38.129.194 is a low-risk residential VPS endpoint hosted by OVH in Poland. The address presents minimal threat characteristics with a risk score of 25/100 and no known malicious activity. Infrastructure is stable with standard web services and proper TLS configuration.

## Infrastructure Profile

Organization: OVH Sp. z o.o. (ASN 16276)
Location: Poland (Europe/Warsaw timezone)
Network Classification: Cloud Compute / Hosting Provider
CIDR Block: 51.38.0.0/16
Geolocation Accuracy: 600km radius, geo consensus confirmed

## Service & DNS Analysis

Open Ports: TCP/80 (HTTP), TCP/443 (HTTPS), TCP/22 (SSH)
Reverse DNS: vps-3d5253c6.vps.ovh.net
TLS Certificate: Let's Encrypt issued for p4u.transparo.io
Web Server: nginx/1.26.3 (Ubuntu)
HTTP Status: 303 (Redirect)
Security Headers: HSTS enabled, HTTP/2 supported, X-Frame-Options: SAMEORIGIN

## Threat Intelligence Assessment

Risk Score: 25/100 (Low Risk)
Malicious Activity: None detected
Tor Exit Node: No
Known Attacker: No
Spam Source: No
Blacklist Status: Not listed on major feeds (0 blacklists)
Campaign Correlation: None identified

## Neighborhood Analysis

The /24 subnet (51.38.129.0/24) shows low abuse density with 1 threat sibling identified. Overall neighborhood classification is "mostly_clean" with inherited risk score of 2. No adjacent high-risk infrastructure detected.

## Historical Observations

Analysis of 24 historical observations reveals:

Threat Persistence: 0 days (not persistently malicious)
Ownership Stability: No ownership changes recorded
Recent Activity: Last observed 2026-06-20
Signal Consistency: Stable infrastructure with consistent nginx fingerprint
DNS Resolution: Consistent PTR records to OVH VPS infrastructure

## Related Entities

DNS Associations: vps-3d5253c6.vps.ovh.net (multiple records)
Network Affiliation: VPS-WAW (Warsaw data center)
Total Relationships: 39 identified associations

## Security Recommendations

Based on the low-risk profile, no immediate blocking actions are required. The IP represents legitimate cloud infrastructure:

1. Allow Traffic: Standard web/SSH traffic permitted

2. Monitor: Standard log monitoring recommended

3. Threat Level: Low - no firewall rules required

## Conclusion

IP 51.38.129.194 operates as a legitimate OVH cloud VPS with standard web hosting configuration. No malicious indicators present. The address can be considered safe for normal network traffic with standard operational monitoring.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇵🇱 Poland
Region	—
City	—
Timezone	Europe/Warsaw
Latitude	48.86
Longitude	2.34

🏢 Ownership & Registration

Organization	OVH Sp. z o. o.
ASN	AS16276
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	vps-3d5253c6.vps.ovh.net
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`vps-3d5253c6.vps.ovh.net`

🔐 DNS Hygiene

Hygiene Score	80% (Excellent)
SPF	1/2 domains
DMARC	1/2 domains
FCrDNS	Verified
DNSSEC	Valid
CAA	Not configured
Domains Checked	2 domains

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
443	https	tcp	—
22	ssh	tcp	SSH-2.0-OpenSSH_9.9p1 Ubuntu-3ubuntu3.1
Closed Ports	25, 3389, 8080, 8443 (3 open / 7 scanned)

Server	nginx/1.26.3 (Ubuntu)
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_9.9p1 Ubuntu-3ubuntu3.1

🔐 TLS Certificate

🔒

CN=p4u.transparo.io

Issued by CN=E8, O=Let's Encrypt, C=US

Self-signed: No

SANs	p4u.transparo.io
Valid From	2026-05-13T11:15:53+00:00
Valid Until	2026-08-11T11:15:52+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_256_GCM_SHA384
Signature Algorithm	sha384ECDSA
Validity Period	89 days
Serial Number	0641B40466FA7E22129052E764B95E2C8AC9
Thumbprint	C030822A1B0E4127C9A5ECA98280BBCBF5234C5D

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	31%	2	4
routing	13%	1	1
services	26%	2	3
ownership	20%	2	3
reputation	28%	1	3
geolocation	39%	2	3
Overall	26%	10	17

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-19 03:36:39 UTC
Last Seen	2026-06-28 08:32:27 UTC
Profile Built	2026-06-29 02:36:19 UTC
Data Freshness	Live
Signal Types	23
Total Observations	28

🔍 23 signal types · 28 observations collected

This report is generated from 23+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

51.38.129.194📋 Copy