51.161.37.116
IP Intelligence Briefing: 51.161.37.116
Date: 2026-06-10
---
**1. Risk Profile**
- Overall Risk Score: 25 (Low Risk)
- Provider Score: 0 (No provider-specific risk detected)
- Authority Score: 0 (No authoritative malicious activity)
- Stability Score: 0 (Unstable network classification)
---
**2. Ownership & Geolocation**
- Registered Owner: Dmytro, Ahrefs Pte Ltd (OVH-CUST-281059684)
- Geolocation: Montreal, Quebec, Canada (approximate, 3km accuracy radius)
- Network Type: CloudCompute (OVH infrastructure)
---
**3. Threat Indicators**
- No malicious indicators: No DNS/IP threats, spam, or blacklist entries.
- No Tor/VPN/Proxy Activity: Classified as a firewalled cloud server.
- TLS/Services: No open ports or TLS certificates detected.
---
**4. Network Relationships**
- Subnet: 51.161.37.0/24 (OVH-owned)
- Key Associations:
- DNS: `proxy-ca005-san116.ahrefs.net` (Ahrefs infrastructure)
- Network: OVH-CUST-281059684 (cloud hosting)
- Subnet Abuse Density: 42.86% (mixed risk, 108 malicious siblings in /24)
---
**5. Observation History**
- Stability: Fluctuating stability score (0β50).
- Recent Activity:
- CloudCompute classification (June 1, 2026).
- DNS records linked to Ahrefs (June 10, 2026).
- No Persistent Threats: Zero threat persistence or campaign correlations.
---
**6. Recommended Actions**
- Monitor Subnet: Track 51.161.37.0/24 for increased risk due to 42.86% abuse density.
- Verify DNS: Confirm `proxy-ca005-san116.ahrefs.net` is legitimate Ahrefs infrastructure.
- Firewall Rules:
- Allow traffic from trusted sources (no outbound restrictions observed).
- Consider blocking high-risk siblings in the subnet if access control is required.
---
Conclusion:
This IP is a low-risk cloud server operated by Ahrefs, likely used for infrastructure hosting. While no direct threats are detected, the subnet contains a significant number of potentially malicious IPs. SOC teams should prioritize monitoring the subnet for emerging risks while maintaining access to Ahrefsβ legitimate services.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059684 |
| CIDR Block | 51.161.37.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | β |
π DNS Intelligence
| PTR | proxy-ca005-san116.ahrefs.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca005-san116.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 40% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 19% | 2 | 2 |
| reputation | 32% | 1 | 3 |
| geolocation | 40% | 2 | 3 |
| Overall | 26% | 10 | 14 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-23 12:23:57 UTC |
| Last Seen | 2026-06-28 21:32:25 UTC |
| Profile Built | 2026-06-29 03:35:28 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 21 |
Full dossier details are available via our API.