51.195.215.141
IP Intelligence Briefing: 51.195.215.141
Date: 2026-06-08
---
**1. Risk Profile**
- Overall Risk Score: 25 (Low Risk)
- Provider Risk: 0 (OVH, legitimate cloud provider)
- Authority Score: 0 (No malicious attribution)
- Stability: Minimal (no service ports open, stable routing)
---
**2. Ownership & Geolocation**
- Organization: Ahrefs Pte Ltd (Dmytro)
- Country: United Kingdom (GB)
- Region: London, England
- ASN: 16276 (OVH)
- Network Role: CloudCompute (Hosting, OVH infrastructure)
---
**3. Threat Indicators**
- No Malicious Activity: No indicators of spam, attacks, or blacklists.
- No Campaign Associations: No linked malicious campaigns or threat feeds.
- DNS Associations: Linked to `proxy-uk009-san141.ahrefs.net` (likely legitimate infrastructure).
---
**4. Network Behavior**
- Subnet: 51.195.215.141/24
- Subnet Abuse Density: 49.41% (Moderate risk; 126/255 IPs flagged as threats).
- Neighbors:
- 57 IPs with medium risk (25β50 score), 43 low risk (<25).
- 126 neighbors flagged as threats (e.g., phishing, C2, or botnets).
---
**5. Historical Observations (Last 30 Days)**
- Consistent Classification: Always labeled as "CloudCompute" with minimal risk.
- No Trend Changes: Risk score and network role unchanged over time.
---
**6. Recommended Actions**
1. Monitor Subnet: The /24 subnet has a moderate abuse density (49.41%). Investigate high-risk neighbors for potential lateral movement or compromised hosts.
2. Verify DNS Usage: Confirm that `proxy-uk009-san141.ahrefs.net` is part of Ahrefs' legitimate infrastructure.
3. Check for Anomalies: Ensure no unexpected traffic patterns or service ports are opened on the IP.
4. Review Route Stability: The IPβs BGP route has shown instability (routeChanges30d: 0, isRouteStable: false). Monitor for routing hijacks.
---
Conclusion:
The IP is associated with a legitimate cloud provider (OVH) and is part of Ahrefs' infrastructure. While no direct malicious activity is observed, the subnetβs moderate abuse density suggests the need for closer scrutiny. SOC teams should prioritize monitoring the subnet and validating DNS relationships to ensure no indirect compromise.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Ahrefs Pte Ltd Dmytro |
| ASN | AS16276 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | proxy-uk009-san141.ahrefs.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-uk009-san141.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 31% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 22% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-18 03:23:24 UTC |
| Last Seen | 2026-06-28 06:35:56 UTC |
| Profile Built | 2026-06-29 00:40:51 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 25 |
Full dossier details are available via our API.