IOC Radar
IPMediumSignal 69/100

51.195.244.219

Location
United KingdomUnited Kingdom
London, ENG
ASN
AS16276
Ahrefs Pte Ltd Dmytro
First Seen
May 2, 2025
Last Seen
May 27, 2026
May 2
First Seen
408d ago
May 27
Last Seen
18d ago
13
Reports
source reports
69%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
69%
Signal Score
69 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

10 techniques

Network Information

CountryGBUnited Kingdom
RegionLondon, ENG
ASNAS16276
OrganizationAhrefs Pte Ltd Dmytro

Feed Intelligence Summary

13 reports69% confidence
13
Source reports
69%
Confidence score
Category tags
active scanactive scanningahrefs-benignaptbad web botbeningbening scannerblocklist_allbotnet activitybrute forcebrute force attackbrute force attackerbrute-forcecredential accesscredential stuffingddosdenial of serviceeuropeexploitation activitygbhackingidentity & access exploitationindicatornetworkpassword attacksreconnaissanceresearchedscannerspamssh attackt1110.001t1110.002t1110.003t1110.004t1190t1203t1499.001t1595.001t1595.002t1595.003threat actortor nodeunited kingdomverified-benignwebweb app attackweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
May 27May 27

Threat Activity Heatmap

· Peak: 2026-05-27
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address 51.195.244.219, is critically significant due to its high threat score of 68.66 and its widespread listing across numerous reputable threat intelligence feeds, including AbuseIPDB, Blocklist.de, and Public Attackers. This indicates a high probability of malicious activity and poses a substantial risk to organizational security. If left unaddressed, connections to or from this IP address could lead to severe consequences, such as unauthorized ac…

Threat ScoreMedium Risk
69
SIGNAL
Signal Score
69%
Confidence
13
Reports
First seenMay 2, 2025
Last seenMay 27, 2026
GeolocationGB
CountryUnited Kingdom
LocationLondon, ENG
ASNAS16276
OrgAhrefs Pte Ltd Dmytro
Coords51.5095, -0.0955

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected performing web attacks against Cloudflare honeypot edge
raw
inetnum: 51.195.244.0 - 51.195.244.255 netname: OVH_282347336 country: GB descr: Failover Ips org: ORG-APLD1-RIPE admin-c: OTC14-RIPE tech-c: OTC14-RIPE status: LEGACY mnt-by: OVH-MNT created: 2023-07-24T10:01:50Z last-modified: 2023-07-24T10:01:50Z source: RIPE organisation: ORG-APLD1-RIPE org-name: Ahrefs Pte Ltd Dmytro org-type: OTHER address: 16 RAFFLES QUAY #33-03 address: 048581 Singapore address: SG phone: +65.85915924 mnt-ref: OVH-MNT mnt-by: OVH-MNT created: 2014-08-29T12:26:04Z last-modified: 2017-10-30T16:31:11Z source: RIPE # Filtered role: OVH UK Technical Contact address: OVH Ltd address: New London House, 6 London Street address: EC3R 7LP, LONDON address: UK admin-c: OK217-RIPE tech-c: GM84-RIPE nic-hdl: OTC14-RIPE abuse-mailbox: [email protected] mnt-by: OVH-MNT created: 2009-09-16T16:09:57Z last-modified: 2017-01-17T09:52:03Z source: RIPE # Filtered route: 51.195.0.0/16 origin: AS16276 mnt-by: OVH-MNT created: 2019-12-19T14:43:37Z last-modified: 2019-12-19T14:43:37Z source: RIPE
references
https://jamesbrine.com.au/cfglobal-web-ip-list-2026-04-15/, https://jamesbrine.com.au

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 18 days ago
Appeared in 13 threat reports