51.195.244.74

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

## Intelligence Briefing: 51.195.244.74/32

Executive Summary

IP 51.195.244.74 is a moderate-risk cloud infrastructure endpoint operated by OVH in London, UK. The IP resolves to a proxy hostname (proxy-uk000-san74.ahrefs.net) associated with the ahrefs.net domain. While no active threat indicators or malicious campaigns are associated with this address, the parent subnet (51.195.244.0/24) exhibits high abuse density characteristics that warrant contextual monitoring.

Technical Profile

IP Address: 51.195.244.74
Organization: Ahrefs Pte Ltd Dmytro
ASN: 16276 (OVH)
Location: London, England, GB
Infrastructure Type: CloudCompute/Hosting
Risk Score: 40 (Moderate Risk)
Status: Firewalled / No Services (no open ports detected)

Network Classification

DNS Resolution: proxy-uk000-san74.ahrefs.net
Domain: ahrefs.net
IP Purpose: Hosting/Cloud Infrastructure
Network Role: Provider infrastructure with hosting capabilities

Threat Indicators

Active Threats: None detected
Blacklist Status: Not on major blacklists (0 blacklist counts)
Known Campaigns: None associated
Is Tor Exit: No
Is Known Attacker: No
Is Spam Source: No
DNSBL Listed: 1 of 8 total lists

Neighborhood Analysis

The parent subnet (51.195.244.0/24) demonstrates elevated activity patterns:

Abuse Density: 0.8242 (High)
Subnet Classification: High Abuse
Inherited Risk Score: 32
Subnet Size: 256 total IPs
Active Siblings: 226
Threat Siblings: 211

Risk distribution across the subnet: 70 medium-risk IPs, 30 low-risk IPs. No high-risk IPs observed in the sampled neighborhood.

Observation History

IPDebrief recorded 22 signal observations for this address, with the most recent activity dated June 2026. Historical signals include:

Routing and geolocation validation (confirmed plausible)
DNS resolution verification (ahrefs.net)
Subnet abuse density assessments (consistently classified as high_abuse)
Network performance metrics (average RTT: 92.8ms, minimum possible: 9.5ms)

Geographic Validation

Claimed Location: London, GB
Distance from Claimed Location: 473.7km
Geographic Plausibility: Confirmed
Minimum Possible RTT: 9.5ms
Observed RTT Range: 91-95ms

Relationship Graph

46 relationships identified, primarily "Same Network" associations to OVH infrastructure network OVH_282347336.

Recommended Actions

Monitoring: Contextual monitoring recommended due to high-abuse subnet classification
Block Decision: No immediate block recommended; address is not actively malicious
Investigation Priority: Low to Medium
Context: This IP appears to be legitimate hosting infrastructure. However, SOC teams should monitor for any changes in behavior or service patterns, as the parent subnet shows elevated abuse characteristics.

SOC Guidance

This IP is not currently flagged for malicious activity. The moderate risk score (40) reflects the high-abuse density environment of the parent subnet rather than intrinsic malicious behavior at this address. Legitimate traffic to/from this IP should not be automatically blocked. Focus monitoring efforts on:

1. Any unexpected service activity (ports opening, protocol changes)

2. Traffic patterns inconsistent with hosting/cloud infrastructure

3. Correlation with other flagged IPs in the 51.195.0.0/16 range

No immediate action required. Maintain contextual awareness of subnet-level activity patterns.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇬🇧 United Kingdom
Region	ENG
City	London
Timezone	Europe/London
Latitude	51.51
Longitude	-0.13

🏢 Ownership & Registration

Organization	Ahrefs Pte Ltd Dmytro
ASN	AS16276
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	proxy-uk000-san74.ahrefs.net
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)
Forward Hostnames	`proxy-uk000-san74.ahrefs.net`

🔐 DNS Hygiene

Hygiene Score	40% (Fair)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Present

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	33%	2	3
routing	13%	1	1
services	21%	2	2
ownership	24%	2	3
reputation	31%	1	3
geolocation	31%	2	3
Overall	26%	10	15

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-18 03:23:25 UTC
Last Seen	2026-06-28 06:41:10 UTC
Profile Built	2026-06-29 06:46:07 UTC
Data Freshness	Live
Signal Types	22
Total Observations	28

🔍 22 signal types · 28 observations collected

This report is generated from 22+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

51.195.244.74📋 Copy