51.222.168.76
IP Intelligence Briefing: 51.222.168.76
*Generated via IPDebrief Analysis*
---
**1. Reputation & Risk**
- Risk Score: 40 (Moderate Risk)
- Ownership: Registered to Dmytro, Ahrefs Pte Ltd (OVH ASN 16276).
- Geolocation:
- Country: Canada (CA)
- City: Singapore (geoplusibility: false, RTT discrepancy detected).
- Threat Indicators: No malicious activity detected. Not listed in blacklists, Tor, or known attacker databases.
---
**2. Network Context**
- Subnet: 51.222.168.0/24
- Abuse Density: 53.2% (high abuse classification).
- Neighbor Risk: 93 neighbors classified as medium/high risk; 133 threat siblings.
- Provider: OVH CloudCompute (hosting infrastructure).
---
**3. Activity & Observations**
- DNS:
- Resolves to `proxy-ca018-san76.ahrefs.net` (Ahrefs subdomain).
- No email auth records (SPF/DKIM/DMArC).
- Services: No open ports or TLS certificates detected.
- History:
- First observed June 3, 2026 (subnet abuse classification).
- Last observed June 14, 2026 (DNS resolution).
---
**4. Control Plane & BGP**
- BGP Prefix: `51.222.0.0/16` (OVH route).
- Route Stability: Unstable (route changes detected in 30 days).
- DNSSEC: Valid; CAA records present.
---
**5. Recommendations**
- Monitor Subnet: High abuse density in 51.222.168.0/24 warrants closer scrutiny.
- Geolocation Discrepancy: Investigate Singapore-Canada geolocation mismatch (RTT inconsistency).
- Network Segmentation: Consider isolating this subnet if it hosts sensitive assets.
- Threat Correlation: Cross-reference with Ahrefs' network for potentialε ³θ (though no direct malicious links found).
---
Conclusion: The IP is associated with a legitimate cloud provider but resides in a subnet with elevated abuse activity. While no direct threats are detected, the subnetβs risk profile suggests potential for compromise. SOC teams should prioritize monitoring and consider blocking the subnet if further suspicious activity is observed.
*Data sourced from IPDebrief intelligence tools (profile, history, relationships, and neighborhood analysis).*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059697 |
| CIDR Block | 51.222.168.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | β |
π DNS Intelligence
| PTR | proxy-ca018-san76.ahrefs.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca018-san76.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 32% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 15% | 2 | 2 |
| reputation | 28% | 1 | 3 |
| geolocation | 32% | 2 | 3 |
| Overall | 23% | 10 | 15 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:26 UTC |
| Last Seen | 2026-06-27 06:59:28 UTC |
| Profile Built | 2026-06-28 07:07:47 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 30 |
Full dossier details are available via our API.