198.27.69.223

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 198.27.69.223

Date: 2026-06-09

---

1. Core Profile

Risk Score: 25 (Low Risk)
Ownership: Hosted by OVH Hosting, Inc. (ASN 16276)
Geolocation:

- Country: Canada (CA)

- Latitude/Longitude: 56.13, -106.35

- Note: Geolocation inconsistency detected (RTT suggests ~6082km, but inferred location is only 3000km accuracy).

Network Role:

- CloudCompute (OVH infrastructure)

- No open services, TLS certs, or active ports.

Threat Indicators:

- No malicious activity, abuse reports, or known campaigns.

---

2. Observation History

18 Observations (last 30 days):

- Geolocation: 1 observation (low confidence, 0.18).

- Network Type: 1 observation (OVH CloudCompute).

- Operator Score: 0.26 (Basic).

- DNS: 1 observation (PTR hostname `ns571109.ip-198-27-69.net`).

- Threat Feeds: 1 DNSBL listing (out of 8 total).

---

3. Relationships

DNS Associations:

- Linked to `ns571109.ip-198-27-69.net` (OVH-hosted).

Network:

- Subnet `198.27.69.223/24` (OVH-ARIN-4).

- No other IPs in the subnet reported as active.

---

4. Neighborhood Analysis

Subnet: `198.27.69.223/24`
Abuse Density: 1 (low risk).
Neighbors:

- No active neighbors reported.

- Subnet classified as "mostly_clean."

---

5. Actionable Insights

Monitor Geolocation Discrepancy: The IP’s inferred location (Canada) conflicts with RTT data suggesting a longer distance. Verify if this is a spoofed geolocation or misconfigured network.
Check DNS Configuration: The PTR hostname `ns571109.ip-198-27-69.net` points to OVH infrastructure, but no domains or email auth records are associated. Ensure DNS settings are intentional.
No Immediate Threat: No malicious indicators detected. However, the low abuse density and lack of active neighbors suggest it is likely a legitimate cloud server.

---

Conclusion: 198.27.69.223 is a low-risk cloud server hosted by OVH with no malicious activity detected. Monitor for unexpected geolocation changes or network behavior. No immediate mitigation required.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇨🇦 Canada
Region	ON
City	Toronto
Timezone	—
Latitude	43.63
Longitude	-79.37

🏢 Ownership & Registration

Organization	OVH Hosting, Inc.
ASN	AS16276
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	ns571109.ip-198-27-69.net
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`ns571109.ip-198-27-69.net`

🔐 DNS Hygiene

Hygiene Score	60% (Good)
SPF	1/2 domains
DMARC	0/2 domains
FCrDNS	Verified
DNSSEC	Valid
CAA	Not configured
Domains Checked	2 domains

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
443	https	tcp	—
22	ssh	tcp	SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.13
Closed Ports	25, 3389, 8080, 8443 (3 open / 7 scanned)

Server	nginx/1.18.0
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.13

🔐 TLS Certificate

An expired certificate for CN=axepta.dev-talents.com was found on this IP. This may indicate a previously hosted website, a decommissioned service, or stale infrastructure.

🔒

CN=axepta.dev-talents.com

Issued by CN=R3, O=Let's Encrypt, C=US

Self-signed: No

SANs	axepta.dev-talents.com
Valid From	2023-11-22T12:16:27+00:00
Valid Until	2024-02-20T12:16:26+00:00 (expired)
TLS Protocol	Tls13
Cipher Suite	TLS_AES_256_GCM_SHA384
Signature Algorithm	sha256RSA
Validity Period	89 days
Serial Number	03098664A7450ABD9091CCD68C5A41C44A9F
Thumbprint	D4F7D3208523BDDC73055C0539D57902D9509AC9

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	31%	2	4
routing	13%	1	1
services	30%	2	3
ownership	24%	2	3
reputation	26%	1	3
geolocation	39%	2	3
Overall	27%	10	17

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Mostly Consistent (80%) — 1 contradiction(s)
Attribution	Moderate (55%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

⚠ Claimed geolocation contradicts RTT physics measurement

📅 Observation Timeline 🔄 Live

First Seen	2026-05-21 02:16:01 UTC
Last Seen	2026-06-28 12:59:12 UTC
Profile Built	2026-06-29 07:04:26 UTC
Data Freshness	Live
Signal Types	23
Total Observations	28

🔍 23 signal types · 28 observations collected

This report is generated from 23+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

198.27.69.223📋 Copy

**1. Core Profile**

**2. Observation History**

**3. Relationships**

**4. Neighborhood Analysis**

**5. Actionable Insights**