51.68.107.141

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 51.68.107.141

Classification: Moderate Risk / Hosting Infrastructure

Date: 2026-06-26

Analyst: IPDebrief Intelligence Unit

---

## Executive Summary

IP 51.68.107.141 is a moderate-risk (score: 50/100) hosting infrastructure address operated by OVH SAS (ASN: 16276) in France. The IP resolves to a web server associated with the domain mj12bot.com and exhibits mixed-risk characteristics within its /24 subnet neighborhood. No active threat indicators or known malicious activity detected at this IP, though neighborhood analysis indicates elevated abuse density (0.5).

---

## Network Profile

Attribute	Value
IP Address	51.68.107.141/32
Organization	OVH SAS
ASN	16276
Country	France (FR)
Risk Score	50 (Moderate)
Network Role	Cloud Hosting Infrastructure
Service Type	Multi-Service Host

---

## Technical Observations

DNS & Hostnames:

Reverse DNS: crawl-zeka2a.mj12bot.com
Forward resolution: mj12bot.com
No SPF or DMARC records configured

Open Services:

TCP/80 (HTTP) - Apache/2.4.62
TCP/22 (SSH) - OpenSSH_8.7

Web Fingerprint:

Server: Apache/2.4.62 (Rocky Linux)
HTTP/1.1 only
No HSTS or CSP headers
TTFB: 186ms

Control Plane:

BGP Prefix: 51.68.0.0/16
Route stability: False (route changes in last 30 days)
DNSBL Listed: 2 of 8 total lists

---

## Neighborhood Analysis (/24: 51.68.107.0/24)

Total Siblings: 16
Active Siblings: 8
Threat Siblings: 8
Abuse Density: 0.5 (Moderate)
Classification: Mixed

Neighbor Risk Distribution:

Medium Risk: 8 IPs (scores 25-50)
Low Risk: 7 IPs
High Risk: 0 IPs

Notable neighbor risk scores include 51.68.107.137, 51.68.107.139, 51.68.107.144, 51.68.107.150, 51.68.107.151, 51.68.107.157, 51.68.107.159, and 51.68.107.161 (all scoring 50).

---

## Observation History (24 Signals)

Recent observations (June 2026) confirm:

Cloud infrastructure classification (OVH)
Hosting provider designation
Apache web server persistence
Subnet classification: Mixed with 50% abuse density
No ownership changes detected

---

## Threat Intelligence Assessment

Current Risk Indicators:

No known attacker reputation
No spam source designation
No Tor exit node association
Zero blacklist entries
No known malicious campaigns

Risk Factors:

Moderate neighborhood abuse density (0.5)
Half of /24 neighbors flagged as threats
Route instability in BGP prefix
No email authentication (SPF/DMARC)

Mitigating Factors:

No direct threat indicators on this IP
Established hosting provider infrastructure
No evidence of malicious activity in recent history

---

## Recommendations

For SOC/Defense Teams:

1. Monitor the mj12bot.com domain and associated infrastructure for potential abuse

2. Block outbound connections to 51.68.107.141 if inbound threats observed

3. Correlate with neighbor IPs 51.68.107.137, 51.68.107.139, 51.68.107.144, 51.68.107.150, 51.68.107.151, 51.68.107.157, 51.68.107.159, and 51.68.107.161

4. Implement rate limiting on SSH (port 22) and HTTP (port 80) services if receiving traffic

5. Track BGP route changes for the 51.68.0.0/16 prefix

Priority Level: MEDIUM

Action Required: Monitoring recommended

Threat Status: No active malicious activity detected

---

*Report generated via IPDebrief Intelligence Platform*

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇫🇷 France
Region	—
City	—
Timezone	Europe/Paris
Latitude	48.86
Longitude	2.34

🏢 Ownership & Registration

Organization	OVH SAS
ASN	AS16276
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	crawl-zeka2a.mj12bot.com
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`crawl-zeka2a.mj12bot.com`

🔐 DNS Hygiene

Hygiene Score	40% (Fair)
SPF	Not configured
DMARC	Not configured
FCrDNS	Verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Multi-Service Host
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
22	ssh	tcp	SSH-2.0-OpenSSH_8.7
Closed Ports	25, 443, 3389, 8080, 8443 (2 open / 7 scanned)

Server	Apache/2.4.62 (Rocky Linux)
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_8.7

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	35%	2	4
routing	13%	1	1
services	28%	2	3
ownership	24%	2	3
reputation	28%	1	3
geolocation	39%	2	3
Overall	28%	10	17

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-07 23:04:26 UTC
Last Seen	2026-06-27 07:12:21 UTC
Profile Built	2026-06-28 01:18:45 UTC
Data Freshness	Live
Signal Types	23
Total Observations	28

🔍 23 signal types · 28 observations collected

This report is generated from 23+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

51.68.107.141📋 Copy