51.195.183.126
Intelligence Briefing: IP 51.195.183.126/32
Summary:
The IP address 51.195.183.126/32 was observed during the intelligence gathering period. The following data was compiled from various sources to provide a comprehensive profile of the IP, including its observation history, relationships, and neighborhood context.
Observation History:
- The IP address was actively monitored over the defined period, with no significant changes in its usage pattern.
- Traffic analysis indicated consistent data transmission rates, typical of a stable endpoint.
Relationships:
- The IP address was associated with a single domain during the observation period. This domain was registered under a privacy service, which is a common practice for both legitimate and malicious actors to obscure their identity.
- No direct connections to known malicious infrastructure or threat actors were identified within the observation window.
Neighborhood Data:
- The IP address is part of a network block allocated to a telecommunications provider. This block hosts a diverse range of services, including web hosting, email, and VPN services.
- Nearby IP addresses within the same subnet showed varied usage patterns, including both legitimate services and some addresses with historical ties to low-level suspicious activities. However, these activities did not directly implicate the IP address in question.
Threat Intelligence Narrative:
During the observation period, IP address 51.195.183.126/32 exhibited stable network behavior without any direct links to malicious activities. Its association with a privacy-protected domain suggests a potential for concealment, warranting cautious monitoring. The IP's placement within a block allocated to a telecommunications provider indicates a legitimate use case, although the presence of nearby IPs with minor suspicious histories suggests the need for continued vigilance. SOC analysts are advised to monitor traffic patterns and domain interactions for any anomalies that could indicate a shift towards malicious activity.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Ahrefs Pte Ltd Dmytro |
| ASN | AS16276 |
| Network Name | โ |
| CIDR Block | 51.195.0.0/16 |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | proxy-uk003-san126.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-uk003-san126.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 4 |
| routing | 20% | 2 | 3 |
| services | 15% | 2 | 2 |
| ownership | 24% | 3 | 4 |
| reputation | 28% | 1 | 3 |
| geolocation | 34% | 2 | 3 |
| Overall | 25% | 12 | 19 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:04:25 UTC |
| Last Seen | 2026-06-27 06:31:39 UTC |
| Profile Built | 2026-06-28 06:42:17 UTC |
| Data Freshness | Live |
| Signal Types | 27 |
| Total Observations | 33 |
Full dossier details are available via our API.