51.195.244.212

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 51.195.244.212

*Generated via IPDebrief Threat Intelligence Platform*

---

1. Risk Assessment

Risk Score: 40 (Moderate Risk)
Provider Score: 0 (No provider-specific risk)
Authority Score: 0 (No authoritative threat indicators)
Stability: Unstable (route changes detected in last 30 days)

---

2. Ownership & Geolocation

Organization: Ahrefs Pte Ltd (Dmytro)
ASN: AS16276 (OVH)
Location: London, England, UK (Geo-located with 750km accuracy radius)
Network Role: Cloud compute instance (OVH hosting)

---

3. Threat Indicators

No direct malicious activity: No malware, phishing, or exploit indicators.
DNS Associations: Resolves to `proxy-uk000-san212.ahrefs.net` (likely a proxy service).
Subnet Abuse: Subnet `51.195.244.212/24` has 52.57% abuse density, with 133 threat-similar IPs.

---

4. Historical Observations (Last 30 Days)

Stable reputation: No significant changes in risk or threat signals.
Key data points:

- DNS resolution to `ahrefs.net` (valid, no abuse confidence).

- Network classification as "high_abuse" subnet.

- No recent scans or open ports detected.

---

5. Network Relationships

Same Network: Linked to 253 IPs in `51.195.244.212/24`, 148 active.
Critical Associations:

- OVH_282347336: Shared network with 100+ IPs (OVH infrastructure).

- proxy-uk000-san212.ahrefs.net: DNS hostname tied to the IP.

---

6. Neighborhood Analysis

Subnet Risk: 52.57% abuse density, 21 inherited risk points.
Neighbor IPs: 100 total, with 98 medium-risk and 2 low-risk siblings.
Notable: No high-risk neighbors directly linked.

---

7. Recommended Actions

Monitor Subnet: Given high abuse density, investigate shared infrastructure risks.
Verify DNS: Ensure `proxy-uk000-san212.ahrefs.net` is legitimate (no DNSBL listings).
Firewall Rules:

- Block via `iptables`: `iptables -A INPUT -s 51.195.244.212 -j DROP`

- AWS WAF: Add `51.195.244.212/32` to a new rule with description "IPDebrief risk 40".

---

Conclusion: This IP is part of a high-abuse subnet linked to OVH hosting and Ahrefs. While no direct threats are detected, the subnet's context warrants closer monitoring for potential misconfigurations or shared hosting risks.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇬🇧 United Kingdom
Region	ENG
City	London
Timezone	Europe/London
Latitude	51.51
Longitude	-0.13

🏢 Ownership & Registration

Organization	Ahrefs Pte Ltd Dmytro
ASN	AS16276
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	proxy-uk000-san212.ahrefs.net
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)
Forward Hostnames	`proxy-uk000-san212.ahrefs.net`

🔐 DNS Hygiene

Hygiene Score	40% (Fair)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Present

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	29%	2	4
routing	13%	1	1
services	15%	2	2
ownership	20%	2	3
reputation	28%	1	3
geolocation	25%	2	2
Overall	22%	10	15

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-20 05:45:05 UTC
Last Seen	2026-06-28 11:21:39 UTC
Profile Built	2026-06-29 05:25:45 UTC
Data Freshness	Live
Signal Types	21
Total Observations	26

🔍 21 signal types · 26 observations collected

This report is generated from 21+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

51.195.244.212📋 Copy

**1. Risk Assessment**

**2. Ownership & Geolocation**

**3. Threat Indicators**

**4. Historical Observations (Last 30 Days)**

**5. Network Relationships**

**6. Neighborhood Analysis**

**7. Recommended Actions**