51.195.244.226
# IP INTELLIGENCE BRIEFING: 51.195.244.226/32
Classification: Hosting Infrastructure โ Legitimate Service Provider
Risk Assessment: Moderate Risk (Score: 40)
Date: 2026-06-28
---
## EXECUTIVE SUMMARY
IP address 51.195.244.226 resolves to legitimate hosting infrastructure operated by Ahrefs Pte Ltd Dmytro on OVH Network (ASN 16276). The IP is geolocated to London, England, and is associated with the ahrefs.net domain. No active threat indicators were detected. The moderate risk score reflects hosting infrastructure characteristics rather than malicious activity. Recommended action: Allow with standard monitoring.
---
## INFRASTRUCTURE PROFILE
| Attribute | Value |
|---|---|
| **IP Address** | 51.195.244.226/32 |
| **ASN** | 16276 (OVH) |
| **Organization** | Ahrefs Pte Ltd Dmytro |
| **Geolocation** | London, England, GB |
| **Infrastructure Type** | CloudCompute (Hosting) |
| **Provider** | OVH |
| **DNS PTR** | proxy-uk000-san226.ahrefs.net |
| **Forward DNS** | proxy-uk000-san226.ahrefs.net |
---
## THREAT ASSESSMENT
Risk Score: 40 / 100 (Moderate)
Threat Indicators:
- No blacklist entries (0/8 DNSBL lists)
- Not classified as Tor exit node, VPN, proxy, or CDN
- No known campaigns or attacker attribution
- Abuse confidence score: Not elevated
- No known malicious campaigns correlated
Network Role:
- Classification: Hosting infrastructure
- Connection type: Cloud-based
- Service status: Firewalled / No open services
- Mobile: No
- Residential: No
---
## OBSERVATION HISTORY ANALYSIS
Total Observations: 27 signals tracked
Temporal Analysis:
- Recent observation (2026-06-28): Minimal operator score (0.1)
- Ownership stability: No ownership changes detected
- Threat persistence: 0 days (not persistently malicious)
- Threat observation count: 1 (minimal)
Geolocation Consensus:
- Country: GB (England)
- Location confidence: High (multi-signal inference)
- RTT data: 87ms minimum, 91.4ms average
- Geo validation: Plausible (473.7km from probe origin)
Historical Trends:
- Consistent infrastructure ownership
- Stable cloud hosting classification
- No escalation in threat signals over observation period
---
## NETWORK RELATIONSHIPS
Total Relationships: 53
Network Connections:
- Multiple associations with OVH network block OVH_282347336
- Same subnet classification across related entities
- Organization-level connections to Ahrefs domain infrastructure
Relationship Types:
- Same Network: OVH_282347336 (primary)
- Same Organization: Ahrefs Pte Ltd Dmytro
- DNS relationships: ahrefs.net domain
---
## NEIGHBORHOOD ANALYSIS
Subnet: 51.195.244.0/24
Subnet Statistics:
- Total siblings: 256
- Active siblings: 228
- Threat siblings: 218
- Abuse density: 0.8516 (High abuse classification in profile)
- Inherited risk: 34
Neighbor Risk Distribution (100 samples):
- High risk: 0%
- Medium risk: 40%
- Low risk: 60%
Notable Neighbor IPs:
- 51.195.244.0 (Risk: 25)
- 51.195.244.1 (Risk: 40)
- 51.195.244.2 (Risk: 25)
- 51.195.244.3 (Risk: 25)
- 51.195.244.4 (Risk: 40)
---
## SECURITY ACTIONS & RECOMMENDATIONS
Recommended Actions:
- No immediate blocking required
- Standard logging recommended for baseline traffic analysis
- Monitor for service changes or port openings
Firewall Rules:
- No specific iptables/nftables rules generated (no threat indicators)
- Standard egress filtering applicable
---
## INTELLIGENCE CONCLUSION
IP 51.195.244.226 is legitimate hosting infrastructure for Ahrefs, a recognized SEO analytics provider. The moderate risk score (40) is attributable to:
1. Hosting infrastructure classification
2. High-density hosting subnet environment
3. No specific threat indicators present
No evidence of malicious activity, scanning, or abuse campaigns. The IP maintains consistent ownership and cloud hosting characteristics. Traffic from this IP should be treated as legitimate service traffic with standard SOC monitoring protocols.
---
Analyst Notes: This IP represents legitimate business infrastructure. No defensive blocking recommended. Continue monitoring for service changes that may indicate infrastructure repurposing.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Ahrefs Pte Ltd Dmytro |
| ASN | AS16276 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | proxy-uk000-san226.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-uk000-san226.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 31% | 1 | 3 |
| geolocation | 39% | 2 | 3 |
| Overall | 25% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-21 14:57:57 UTC |
| Last Seen | 2026-06-28 14:20:37 UTC |
| Profile Built | 2026-06-29 08:25:58 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 27 |
Full dossier details are available via our API.