51.222.168.40
IP Intelligence Briefing: 51.222.168.40
*Generated via IPDebrief tools: Profile, History, Relationships, Neighbors, Actions*
---
**Core Profile**
- Risk Score: 40 (Moderate Risk)
- Ownership: Owned by OVH (ASN 16276), registered to Dmytro, Ahrefs Pte Ltd.
- Geolocation:
- Country: Canada (CA)
- City: Singapore (discrepancy noted; RTT suggests proximity to Singapore, but geolocation plausibility is flagged as false).
- Network Role: CloudCompute (OVH infrastructure), no services or DNS activity detected.
- Threat Indicators: No malicious indicators, spam, or known attacker associations.
---
**Observation History**
- Recent Activity:
- Observed June 10β13, 2026, with consistent "Minimal" risk scores (0.25β0.60).
- Geolocation anomalies: RTT (27ms) inconsistent with 5598km distance, suggesting potential spoofing or proxy.
- Subnet abuse density: 58.98% (high risk), with 151/256 siblings flagged as threats.
---
**Relationships & Dependencies**
- DNS Associations: Linked to proxy-ca018-san40.ahrefs.net (Ahrefs domain).
- Network Context:
- Subnet 51.222.168.40/24 has 207 active IPs, 151 flagged as threats.
- High abuse density (0.5898) suggests potential lateral movement or botnet activity in the subnet.
---
**Recommended Actions**
- Firewall Rules:
- Block IP via:
- `iptables -A INPUT -s 51.222.168.40 -j DROP`
- AWS WAF: `{"Addresses":["51.222.168.40/32"], "Description":"IPDebrief risk 40"}`
- Monitoring:
- Investigate subnet 51.222.168.40/24 for correlated threats due to high abuse density.
- Verify geolocation anomalies; consider proxy or spoofing risks.
---
**Summary**
The IP is part of a high-risk subnet (51.222.168.40/24) associated with Ahrefs. While no direct malicious indicators are present, the subnetβs abuse density and geolocation inconsistencies warrant close monitoring. Block the IP to mitigate potential lateral movement risks and validate the geolocation data for spoofing possibilities.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059697 |
| CIDR Block | 51.222.168.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | β |
π DNS Intelligence
| PTR | proxy-ca018-san40.ahrefs.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca018-san40.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 19% | 2 | 2 |
| reputation | 26% | 1 | 3 |
| geolocation | 33% | 2 | 4 |
| Overall | 23% | 9 | 15 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-10 02:14:13 UTC |
| Last Seen | 2026-06-21 16:54:27 UTC |
| Profile Built | 2026-06-21 17:40:06 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 21 |
Full dossier details are available via our API.