51.89.129.32
IP Intelligence Briefing: 51.89.129.32
Date: 2026-06-08
---
**1. Core Profile**
- Risk Score: 40 (Moderate Risk)
- Ownership: Owned by Ahrefs Pte Ltd Dmytro (ASN 16276, OVH provider).
- Geolocation: London, England, UK (inferred via DNS and network signals).
- Network Role: Cloud compute infrastructure (OVH), no open services detected.
- Threat Indicators: No direct malicious signals (no malware, phishing, or spam associations).
---
**2. Observation History**
- Latest Activity: 2026-06-08 (DNS resolution for `ahrefs.net`, cloud infrastructure classification).
- Trends: No significant changes in risk scores or network behavior over time.
---
**3. Relationships**
- Network Links:
- Same subnet (`51.89.129.32/24`) with 137 active IPs, 131 flagged as risky.
- DNS associations with proxy-uk008-san32.ahrefs.net (likely legitimate Ahrefs infrastructure).
- Operator Risk: Minimal (operator score 0.2174).
---
**4. Neighborhood Analysis**
- Subnet Abuse Density: 51.17% (high abuse classification).
- Neighbor Risk: Mixed, with 80% of sibling IPs rated medium/high risk.
- Notable Neighbors:
- IPs with risk scores ranging from 40โ50 (likely cloud/infrastructure).
- Subnet includes both legitimate and suspicious activity.
---
**5. Threat Context**
- No Direct Malicious Activity: No indicators of phishing, malware, or spam.
- Subnet Risk: High abuse density suggests potential for lateral movement or shared infrastructure risks.
- Cloud Provider: OVH-hosted, likely legitimate but requires monitoring for anomalous behavior.
---
**6. Recommendations**
1. Monitor Subnet: Investigate high-risk neighbors in `51.89.129.0/24` for potential compromise.
2. Verify DNS: Confirm `proxy-uk008-san32.ahrefs.net` is legitimate and not used for command-and-control.
3. Network Segmentation: Ensure cloud instances are isolated to limit lateral movement.
4. Threat Feeds: Cross-reference with DNSBLs (1 list match detected).
---
Conclusion: This IP is part of a legitimate cloud infrastructure (Ahrefs) but resides in a subnet with high abuse density. While no direct threats are detected, the environment warrants closer scrutiny for potential indirect risks.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Ahrefs Pte Ltd Dmytro |
| ASN | AS16276 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | proxy-uk008-san32.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-uk008-san32.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 33% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 21% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 31% | 1 | 3 |
| geolocation | 39% | 2 | 3 |
| Overall | 27% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-18 03:23:26 UTC |
| Last Seen | 2026-06-28 06:44:22 UTC |
| Profile Built | 2026-06-29 00:48:56 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 25 |
Full dossier details are available via our API.