51.222.168.27
IP Intelligence Briefing: 51.222.168.27/32
*Generated via IPDebrief Analysis*
---
**1. Core Profile**
- Risk Score: 40 (Moderate Risk)
- Provider: OVH (ASN 16276)
- Organization: Ahrefs Pte Ltd (OVH-CUST-281059697)
- Geolocation:
- Country: Canada (CA)
- City: Singapore (discrepancy noted; may indicate misattribution or synthetic data)
- Latitude: 56.13, Longitude: -106.35 (approx 3,000 km accuracy radius)
- Network Role: Cloud Compute Hosting (OVH infrastructure)
- Threat Indicators: No malicious activity detected (no indicators, blacklists, or campaigns).
---
**2. Observation History**
- Recent Activity (Last 30 Days):
- High abuse density in subnet (0.668), with 171/256 siblings classified as threats.
- Geolocation signal from Canada (confidence 35%) and network routing stability flagged as unstable.
- DNSSEC valid, CAA records present, but 1/8 DNSBL lists flagged.
---
**3. Relationships**
- Linked Entities:
- Subnet: `51.222.168.0/24` (OVH-CUST-281059697)
- Hostnames: `proxy-ca018-san27.ahrefs.net` (Ahrefs Pte Ltd)
- DNS: No email auth (no SPF/DKIM records).
- Network Context:
- Part of a high-abuse subnet with 100+ neighbors, 99% medium/low risk, 1% high risk.
---
**4. Neighborhood Analysis**
- Subnet: `51.222.168.0/24`
- Abuse Density: 66.8% (high risk).
- Neighbor Risk:
- 171/256 IPs flagged as threats.
- 217 active IPs in subnet, 100+ high-risk siblings.
- Recommendation: Monitor neighboring IPs for lateral movement or botnet activity.
---
**5. Threat & Defense Implications**
- No Direct Threat: IP itself is clean, but resides in a high-risk subnet.
- Mitigation Steps:
- Block subnet `51.222.168.0/24` in firewalls (via iptables/nftables or cloud WAFs).
- Validate geolocation anomalies (Singapore vs. Canadian provider).
- Monitor DNS traffic for unusual patterns (e.g., CAA mismatches).
---
Final Assessment: While 51.222.168.27 is not malicious, its association with a high-abuse subnet warrants vigilance. Prioritize subnet-level monitoring and blocklists for mitigating potential lateral threats.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059697 |
| CIDR Block | 51.222.168.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca018-san27.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca018-san27.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 19% | 2 | 2 |
| reputation | 31% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 22% | 10 | 15 |
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:04:26 UTC |
| Last Seen | 2026-06-27 06:56:57 UTC |
| Profile Built | 2026-06-28 01:02:49 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 27 |
Full dossier details are available via our API.