IP Intelligence Briefing: 51.195.183.118
Date: 2026-06-14
---
**1. Risk Profile**
- Risk Score: 40 (Moderate Risk)
- Provider Score: 0
- Authority Score: 0
- Stability Score: 0
- Threat Indicators: None detected (no malware, spam, or known attacker associations).
---
**2. Ownership & Geolocation**
- Organization: Ahrefs Pte Ltd (ASN 16276, OVH provider).
- Geolocation: London, England, UK.
- Network Role: CloudCompute infrastructure (OVH-hosted, no CDN/VPN/Tor).
- Hosting Status: Active hosting services.
---
**3. Observation History**
- Recent Activity (2026-06-14):
- Cloud server with no open ports detected.
- DNSSEC and CAA records validated.
- Subnet abuse density: High (0.5859), with 150 threat siblings in the 51.195.183.0/24 subnet.
- No TLS/HTTP services or banners observed.
---
**4. Network Relationships**
- Linked Entities:
- Subnet: 51.195.183.0/24 (OVH network, high abuse classification).
- No direct connections to known malicious domains or organizations.
---
**5. Subnet Analysis**
- Subnet: 51.195.183.0/24
- Neighbor Risk:
- 100 IPs in subnet; 98 medium-risk, 2 low-risk.
- Abuse Density: 0.5859 (high abuse).
- Inherited Risk: 23 (substantial risk from neighboring IPs).
---
**6. Recommendations**
- Monitor Subnet: The 51.195.183.0/24 subnet has a high abuse density. Investigate neighboring IPs for potential threats.
- Verify Hosting: Confirm Ahrefsβ cloud infrastructure compliance, as the subnet contains both benign and risky IPs.
- Check for Anomalies: No active services detected, but continuous monitoring is advised due to the subnetβs risk profile.
---
Conclusion: While the IP itself shows no direct malicious activity, its location in a high-abuse subnet warrants closer scrutiny. SOC teams should prioritize monitoring related IPs and ensuring network segmentation to mitigate potential lateral movement risks.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Ahrefs Pte Ltd Dmytro |
| ASN | AS16276 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | proxy-uk003-san118.ahrefs.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-uk003-san118.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 32% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 24% | 2 | 3 |
| ownership | 20% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 35% | 2 | 3 |
| Overall | 25% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-09 11:34:08 UTC |
| Last Seen | 2026-06-27 15:40:04 UTC |
| Profile Built | 2026-06-28 09:46:24 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 30 |
Full dossier details are available via our API.