51.161.37.159
IP Intelligence Briefing: 51.161.37.159
*Generated via IPDebrief Threat Intelligence Platform*
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Provider: OVH (ASN 16276)
- Organization: Ahrefs Pte Ltd (hosting/cloud services)
- Geolocation:
- Country: Canada (CA)
- City: Singapore (geolocation discrepancy noted)
- Latitude: 56.13, Longitude: -106.35 (approximate)
- Network Role: Cloud Compute (OVH infrastructure)
---
**2. Threat Indicators**
- Malicious Activity: None detected (no indicators, blacklists, or campaigns).
- DNS: Linked to `proxy-ca005-san159.ahrefs.net` (Ahrefs infrastructure).
- Subnet: `51.161.37.0/24` with abuse density of 40.48% (moderate risk).
- Historical Observations:
- Stable network classification (no recent changes).
- No persistent malicious behavior (threat persistence: 0 days).
---
**3. Network Relationships**
- Subnet: `51.161.37.0/24` (252 total IPs, 120 active; 102 flagged as threats).
- DNS Associations:
- `proxy-ca005-san159.ahrefs.net` (Ahrefsβ proxy service).
- BGP:
- Origin ASN: 16276 (OVH).
- Route stability: Unstable (route changes detected in 30 days).
---
**4. Neighborhood Analysis**
- Subnet Risk: Mixed (40.48% abuse density).
- Neighbor IPs:
- 100 total IPs in subnet.
- 50 low-risk, 50 medium-risk (no high-risk IPs).
- Inherited Risk: 16 (moderate).
---
**5. Recommendations**
- Monitor Subnet: Track changes in `51.161.37.0/24` due to moderate abuse density.
- Verify Geolocation: Investigate discrepancy between "Canada" and "Singapore" metadata.
- Check DNS: Ensure no unauthorized subdomains or misconfigurations in Ahrefsβ infrastructure.
- Firewall Rules: No immediate action required for this IP, but consider blocking high-risk neighbors in the subnet.
---
Conclusion:
51.161.37.159 is a low-risk cloud compute instance operated by Ahrefs under OVH. While no malicious activity is detected, its subnet exhibits moderate abuse density. SOC teams should prioritize monitoring the subnet for emerging threats and validate geolocation anomalies.
*Data sourced from IPDebriefβs real-time intelligence platform.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059684 |
| CIDR Block | 51.161.37.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | β |
π DNS Intelligence
| PTR | proxy-ca005-san159.ahrefs.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca005-san159.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 36% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 21% | 2 | 2 |
| ownership | 19% | 2 | 2 |
| reputation | 31% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 24% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-21 14:57:54 UTC |
| Last Seen | 2026-06-28 14:11:52 UTC |
| Profile Built | 2026-06-29 02:16:57 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 22 |
Full dossier details are available via our API.