51.195.244.205

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING: 51.195.244.205/32

Date: 2026-06-14

Classification: Moderate Risk / Cloud Infrastructure

Risk Score: 40/100

---

## EXECUTIVE SUMMARY

IP address 51.195.244.205 is a cloud computing resource operated by OVH (ASN 16276) within the United Kingdom. The IP is associated with the Ahrefs.net domain and is classified as hosting infrastructure. While the individual IP shows moderate risk (score 40), it resides within a high-abuse density subnet (51.195.244.0/24) with a 0.7137 abuse density score. The IP is currently firewalled with no services exposed.

---

## OWNERSHIP & INFRASTRUCTURE

Attribute	Value
Provider	OVH (ASN 16276)
Organization	Ahrefs Pte Ltd Dmytro
Geolocation	London, England, GB
Infrastructure Type	CloudCompute (Hosting)
DNS Hostname	proxy-uk000-san205.ahrefs.net
Domain	ahrefs.net
Registration	ARIN

---

## THREAT ASSESSMENT

Risk Indicators

Risk Score: 40 (Moderate Risk)
Abuse Confidence Score: Not available
Blacklist Count: 0
DNSBL Listed: 1 of 8 lists
Tor Exit Node: No
Known Attacker: No
Spam Source: No

Network Classification

Cloud Provider: Yes (OVH)
Hosting: Yes
CDN: No
VPN/Proxy: No
Mobile: No
Anycast: No
Bogon: No

Service Status

Open Ports: None detected
TLS Certificate: None detected
HTTP Title: None detected
Status: Firewalled / No Services

---

## SUBNET ANALYSIS (51.195.244.0/24)

Metric	Value
Abuse Density	0.7137 (HIGH ABUSE)
Inherited Risk	28
Total Siblings	255
Active Siblings	198
Threat Siblings	182
Risk Distribution	100 Medium Risk

Observation: The /24 subnet exhibits high abuse density with approximately 71% of IPs classified as potential threats. This contextual information should be considered when assessing traffic from this CIDR block.

---

## OBSERVATION HISTORY

Recent monitoring shows consistent infrastructure classification:

Last Observed: 2026-06-14 11:56 UTC
Operator Score: 0.2174 (Minimal)
Geolocation Consensus: GB (55.38°N, -3.44°W)
Subnet Classification: High Abuse (inherited risk: 28)
Infrastructure: CloudCompute (OVH)

No significant risk escalation patterns detected in the observation window.

---

## NETWORK RELATIONSHIPS

Total Relationships Identified: 58
Primary Association: OVH_282347336 (Same Network)
Correlated Entities: Multiple network-level relationships to OVH infrastructure

---

## RECOMMENDED ACTIONS

Firewall/IPS Rules

No specific firewall rules are recommended at this time. The IP is currently firewalled with no services exposed.

Monitoring Recommendations

1. Monitor Subnet Activity: Consider broader monitoring of 51.195.244.0/24 given the 0.7137 abuse density

2. DNS Query Monitoring: Track DNS queries to ahrefs.net for this IP's associated domains

3. Traffic Pattern Analysis: Monitor for any service discovery attempts (ports opening, banners)

Contextual Notes

IP is associated with Ahrefs, a legitimate SEO analytics company
Hosting infrastructure typically used for web services and analytics
Moderate risk score within high-abuse subnet context
No immediate threat indicators at the individual IP level

---

END OF BRIEFING

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇬🇧 United Kingdom
Region	ENG
City	London
Timezone	Europe/London
Latitude	51.51
Longitude	-0.13

🏢 Ownership & Registration

Organization	Ahrefs Pte Ltd Dmytro
ASN	AS16276
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	proxy-uk000-san205.ahrefs.net
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)
Forward Hostnames	`proxy-uk000-san205.ahrefs.net`

🔐 DNS Hygiene

Hygiene Score	40% (Fair)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Present

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	32%	2	4
routing	13%	1	1
services	24%	2	3
ownership	20%	2	3
reputation	28%	1	3
geolocation	23%	2	2
Overall	23%	10	16

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-08 17:18:08 UTC
Last Seen	2026-06-27 13:59:25 UTC
Profile Built	2026-06-28 08:04:44 UTC
Data Freshness	Live
Signal Types	21
Total Observations	28

🔍 21 signal types · 28 observations collected

This report is generated from 21+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

51.195.244.205📋 Copy