51.195.215.176
IP Intelligence Briefing: 51.195.215.176
*Generated from IPDebrief analysis*
---
**Key Risk Indicators**
- Risk Score: Moderate (50/100)
- Subnet Abuse Density: 60.55% (high_abuse classification)
- Network Role: Cloud compute instance (OVH) with no open services
- Ownership: Ahrefs Pte Ltd (legitimate entity)
---
**Threat Observations**
- No Direct Malicious Indicators: No malware, phishing, or exploit activity detected.
- Subnet Risk: 155/256 sibling IPs in the 51.195.215.176/24 subnet are flagged as abusive.
- DNS Association: Linked to `proxy-uk009-san176.ahrefs.net` (Ahrefs domain).
---
**Geolocation & Network Context**
- Location: London, England (GB)
- ISP: OVH (cloud provider)
- Infrastructure: Firewalled cloud instance with no exposed services.
---
**Actionable Insights**
1. Subnet Monitoring: The 51.195.215.176/24 subnet has a high abuse density. Investigate anomalous traffic patterns or compromised sibling IPs.
2. DNS Verification: Confirm legitimacy of `proxy-uk009-san176.ahrefs.net` to ensure no DNS hijacking or spoofing.
3. Network Segmentation: Consider isolating the subnet or implementing egress filtering due to elevated risk.
4. Provider Collaboration: Work with OVH to identify potential misconfigurations or compromised cloud instances.
---
**Observation History**
- Recent Activity: No changes in risk profile since 2026-06-08.
- Consistency: Stable geolocation and network role, but subnet abuse density remains high.
---
Recommendation: Treat the subnet as a high-risk network. Monitor for lateral movement or data exfiltration attempts. Use firewall rules to restrict access to trusted sources.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Ahrefs Pte Ltd Dmytro |
| ASN | AS16276 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | proxy-uk009-san176.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-uk009-san176.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 33% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 31% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 23% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-18 03:23:24 UTC |
| Last Seen | 2026-06-28 06:36:27 UTC |
| Profile Built | 2026-06-29 00:40:51 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 25 |
Full dossier details are available via our API.