51.195.183.48
IP Intelligence Briefing: 51.195.183.48
Date: 2026-06-14
---
**1. Core Profile**
- Risk Score: 40 (Moderate Risk)
- Ownership:
- Organization: Ahrefs Pte Ltd Dmytro
- ASN: 16276 (OVH)
- Geolocation: London, England, GB (ARIN-regulated)
- Network Role:
- Provider: OVH (cloud hosting infrastructure)
- Services: No open ports; TLS/HTTP not detected.
- Classification: Firewalled / No Services.
---
**2. Threat & Abuse Indicators**
- Threat Signals:
- No malicious indicators (no blacklists, spam, or campaigns).
- Subnet abuse density: 0.5859 (high_abuse classification).
- Neighbor Risk:
- /24 subnet (51.195.183.0/24) has 142 active IPs, with 150 threat-sibling IPs.
- Inherited Risk: 23 (moderate).
- DNS:
- PTR hostname: `proxy-uk003-san48.ahrefs.net` (linked to Ahrefs).
- No email authentication records (SPF/DKIM).
---
**3. Behavioral & Network Context**
- Observation History:
- Last 30 days: 28 signals (DNS, network classification, operator scores).
- Stable routing (BGP route stability: true).
- Relationships:
- Linked to OVH network (ASN 16276) and 35+ sibling IPs.
- Subnet classification: high_abuse (likely due to neighboring IPs).
- Routing:
- Route origin: AS16276 (OVH).
- AS Path: `57866 16276`.
---
**4. Actionable Recommendations**
- Monitoring:
- Track subnet abuse trends (high_abuse classification).
- Monitor DNS activity for unexpected domains.
- Firewall Rules:
- No immediate blocking recommended (no malicious indicators).
- Example rule (iptables):
```bash
iptables -A INPUT -s 51.195.183.48 -j DROP
```
- Context:
- IP is part of Ahrefs' infrastructure (proxy service).
- Subnet contains mixed-risk IPs; isolate if unusual traffic detected.
---
Conclusion:
The IP is associated with a legitimate hosting provider (OVH) and appears to be part of Ahrefs' infrastructure. While no direct malicious activity is detected, its subnet has a high abuse density. SOC teams should monitor for anomalies in traffic patterns or DNS behavior while maintaining network segmentation.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Ahrefs Pte Ltd Dmytro |
| ASN | AS16276 |
| Network Name | โ |
| CIDR Block | 51.195.0.0/16 |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | proxy-uk003-san48.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-uk003-san48.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 4 |
| routing | 20% | 2 | 3 |
| services | 24% | 2 | 3 |
| ownership | 22% | 3 | 4 |
| reputation | 26% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 24% | 12 | 20 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:04:25 UTC |
| Last Seen | 2026-06-27 06:35:51 UTC |
| Profile Built | 2026-06-28 00:42:19 UTC |
| Data Freshness | Live |
| Signal Types | 26 |
| Total Observations | 33 |
Full dossier details are available via our API.