51.195.215.160
# IPDEBRIEF INTELLIGENCE BRIEFING
Target: 51.195.215.160/32
Classification: Cloud Hosting Infrastructure
Risk Level: Low (Score: 25/100)
Date: 2026-06-25
---
## EXECUTIVE SUMMARY
IP 51.195.215.160 is a low-risk cloud hosting address assigned to Ahrefs Pte Ltd (OVH Infrastructure). The IP serves legitimate infrastructure purposes with no active malicious indicators. However, the parent subnet (51.195.215.0/24) exhibits mixed classification with elevated neighbor activity. SOC analysts should monitor neighborhood context but maintain standard monitoring practices.
---
## OWNERSHIP & INFRASTRUCTURE
- Organization: Ahrefs Pte Ltd Dmytro
- ASN: 16276 (OVH SAS)
- Network: OVH_282347345
- Geolocation: London, England, GB
- Infrastructure Type: CloudCompute (Hosting Provider)
- Classification: Cloud Environment
- Service Status: Firewalled / No Open Ports Detected
- DNS PTR: proxy-uk009-san160.ahrefs.net
---
## THREAT ASSESSMENT
| Category | Status | Details |
|---|---|---|
| Overall Risk | Low | Score: 25/100 |
| Known Attacker | No | No threat feeds matched |
| Spam Source | No | Not flagged as spam |
| Tor Exit Node | No | Not a Tor exit |
| Proxy/VPN | No | Not detected |
| Blacklist Count | 0 | No blacklist entries |
| DNSBL Listed | 1/8 | Minimal operator score (0.2174) |
| Reputation Sources | None | No threat intelligence matches |
---
## NEIGHBORHOOD ANALYSIS
Subnet: 51.195.215.0/24
Total Siblings: 256
Active Siblings: 240
Threat Siblings: 113 (44%)
Abuse Density: 0.4414 (Moderate)
Classification: Mixed
Risk Distribution in Subnet:
- High Risk: 0 IPs
- Medium Risk: 74 IPs (29%)
- Low Risk: 26 IPs (10%)
Context: The target IP shares a subnet with 113 known threat addresses. While the target itself is clean, the neighborhood context suggests this subnet hosts both legitimate and malicious infrastructure. This is common for large hosting providers.
---
## OBSERVATION HISTORY
Signals Observed: 20
Temporal Pattern: Consistent over monitoring period
Ownership Changes: 0 (Stable)
Threat Persistence: 0 days
Last Observed: 2026-06-25 06:55:54 UTC
Recent observations indicate:
- Subnet classification: Mixed (abuse density 0.4414)
- Provider classification: OVH Cloud (hosting enabled)
- Geolocation: GB (confidence 0.28)
- Operator score: Minimal (0.087)
No degradation in risk profile observed. Signals remain stable.
---
## RELATIONSHIP GRAPH
Total Relationships: 70
Primary Association: Same Network (OVH_282347345) - 65+ relationships
The IP is primarily linked to its parent network infrastructure. No correlations to known malicious campaigns, certificates, or organizations beyond the hosting provider.
---
## SECURITY ACTIONS
Recommended Actions: None
Firewall Rules: Not required
Rationale: The IP presents a low-risk profile with no active threat indicators. Standard network policies apply. No blocking or filtering recommendations based on current data.
---
## ANALYST NOTES
1. Legitimate Infrastructure: The IP is associated with Ahrefs (SEO analytics platform) and operates as cloud hosting infrastructure.
2. Neighborhood Risk: While the target is clean, 44% of its /24 subnet has been flagged as threats. Monitor for any behavior changes.
3. No Services: Open port scan returned no active services, suggesting this is a backend or infrastructure IP.
4. Stability: Ownership and network classification have remained stable with no recent changes.
---
END OF BRIEFING
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Ahrefs Pte Ltd Dmytro |
| ASN | AS16276 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | proxy-uk009-san160.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-uk009-san160.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 28% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 24% | 2 | 3 |
| reputation | 27% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 20% | 9 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-08 11:10:40 UTC |
| Last Seen | 2026-06-27 13:19:41 UTC |
| Profile Built | 2026-06-28 13:25:39 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 28 |
Full dossier details are available via our API.