51.75.194.44
## INTELLIGENCE BRIEFING: IP 51.75.194.44
Classification: Low Risk Cloud Infrastructure
Date: 2026-06-19
Analyst: IPDebrief Intelligence Team
---
EXECUTIVE SUMMARY
IP 51.75.194.44 operates as an OVH cloud VPS with a low-risk reputation profile. The asset demonstrates consistent historical behavior with no malicious activity indicators. While the broader /24 subnet shows moderate abuse density (0.5), this specific IP maintains clean signal characteristics.
---
OWNERSHIP & INFRASTRUCTURE
- Organization: OVH SAS (ASN: 16276)
- Infrastructure Type: CloudCompute / Hosting
- CIDR Block: 51.75.0.0/16
- Hostname: vps-f2aa2485.vps.ovh.net
- Geolocation: France (FR) - Europe/Paris timezone
---
RISK ASSESSMENT
- Overall Risk Score: 25/100 (Low Risk)
- Provider Score: 0
- Authority Score: 0
- Abuse Confidence: Not applicable (clean)
- Blacklist Count: 0
- DNSBL Status: Listed on 1 of 8 DNSBL feeds
Key Findings:
- No Tor exit node activity detected
- No known attacker attribution
- No spam source indicators
- No active threat campaigns identified
---
NETWORK BEHAVIOR
- Open Ports: None detected
- TLS Certificates: None present
- HTTP Services: None operational
- Service Classification: Firewalled / No Services
- Connection Type: Cloud infrastructure (no mobile/residential indicators)
Fingerprint Analysis:
- No HTTP headers detected (HSTS, CSP, permissions policies absent)
- No HTTP/2 support
- No favicon or content hash signatures
---
OBSERVATION HISTORY
Total Signals Observed: 24
Recent Activity Timeline:
- 2026-06-19: Basic classification signal (confidence: 0.60)
- 2026-06-19: Full profile signal with 6-dimension coverage (confidence: 0.24)
- 2026-06-14: Subnet abuse density analysis (0.5 density, mostly_clean classification)
- 2026-06-14: Geographic inference - France (500km accuracy radius)
- 2026-06-14: Network classification - OVH hosting infrastructure
Temporal Analysis:
- No ownership changes recorded
- Single threat observation event
- Not persistently malicious
---
RELATIONSHIP GRAPH
Total Relationships: 51
Key Associations:
- DNS Hostnames: vps-f2aa2485.vps.ovh.net (multiple associations)
- Network Infrastructure: VPS-GRA6 (multiple references)
- Control Plane: Origin ASN 16276, BGP prefix 51.75.0.0/16
Network Stability:
- Route changes in 30 days: 0
- RPKI state: Not assessed
- DNSSEC: Valid
- Route stability: False
---
NEIGHBORHOOD ANALYSIS
Subnet: 51.75.194.44/24
Abuse Density: 0.5 (50% - Moderate)
Subnet Classification: mostly_clean
Sibling IP Analysis:
| IP Address | Risk Score | Authority Score | Classification |
|---|---|---|---|
| 51.75.194.10 | 25 | 60 | Low Risk |
Assessment: Only 1 active sibling in subnet. Both IPs maintain low-risk scores, indicating relatively clean neighborhood despite 50% abuse density metric.
---
CONTROL PLANE DATA
- Operator Score: 0.2609 (Basic)
- Delegation Age: Not applicable
- RRRP Registry: ARIN
- DNSSEC Valid: Yes
- CAA Records: Present
- DNSBL Lists: 8 total, 1 listing active
---
ACTIONABLE INTELLIGENCE
SOC Analyst Recommendations:
1. Monitor Status: Maintain standard monitoring - no immediate threat action required
2. Firewall Policy: Default allow with logging recommended; no blocking required
3. Threat Hunting: No active campaigns detected; correlate only if suspicious traffic observed
4. Geolocation Validation: ICMP validation blocked - unable to validate France location claim
Risk Context:
- Cloud hosting infrastructure with no services exposed
- Consistent historical profile with minimal threat indicators
- Single DNSBL listing appears benign (likely OVH's own infrastructure)
- Neighbor IP (51.75.194.10) shares similar risk profile
---
END OF BRIEFING
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | OVH SAS |
| ASN | AS16276 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | vps-f2aa2485.vps.ovh.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | vps-f2aa2485.vps.ovh.net |
๐ DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | 2/2 domains |
| DMARC | 1/2 domains |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
| Domains Checked | 2 domains |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | Apache/2.4.52 (Ubuntu) |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15 |
๐ TLS Certificate
| SANs | citybill.elite-us.site |
| Valid From | 2026-05-29T14:55:35+00:00 |
| Valid Until | 2026-08-27T14:55:34+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha256RSA |
| Validity Period | 89 days |
| Serial Number | 06B9B8423608C17D913E31DAF4F5E5CE3732 |
| Thumbprint | 0DB4F5AB9DFF6D953E239E9D2AEBF89C64C28FCB |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 30% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 33% | 2 | 4 |
| ownership | 17% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 26% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-13 06:38:43 UTC |
| Last Seen | 2026-06-27 22:56:24 UTC |
| Profile Built | 2026-06-28 17:02:49 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 27 |
Full dossier details are available via our API.