51.161.65.123
IP Intelligence Briefing: 51.161.65.123
Date: 2026-06-18
---
**1. Core Profile**
- Risk Score: 40 (Moderate Risk)
- Ownership:
- AS: AS16276 (OVH)
- Organization: Dmytro, Ahrefs Pte Ltd (OVH-CUST-281059690)
- Geolocation: Montreal, Quebec, Canada (latitude 56.13, longitude -106.35)
- Network Role: CloudCompute (OVH infrastructure, hosting services)
- Threat Indicators: No known malicious activity, no blacklist entries, no Tor/VPN/proxy associations.
---
**2. Observation History**
- Latest Activity: June 18, 2026 (minimal risk signals).
- Subnet Abuse:
- 51.161.65.0/24 has 0.5898 abuse density (high_abuse classification).
- 151 threat siblings (malicious IPs in the same subnet).
- Geolocation Discrepancy:
- RTT (24ms) inconsistent with 6,082km distance, suggesting potential spoofing or proxy use.
---
**3. Network Relationships**
- Connected Entities:
- Linked to OVH-CUST-281059690 (same network).
- DNS: PTR hostname `proxy-ca011-san123.ahrefs.net` (Ahrefs domain).
- Services: No open ports, no TLS certificates, no HTTP services detected.
---
**4. Neighborhood Analysis**
- Subnet: 51.161.65.0/24 (256 IPs).
- Risk Distribution:
- 98 IPs: Medium risk (score 40โ50).
- 2 IPs: Low risk.
- Abuse Density: 58.98% of siblings are flagged as abusive.
---
**5. Recommendations**
1. Monitor Subnet: High abuse density in 51.161.65.0/24 warrants closer scrutiny of traffic patterns.
2. Verify Geolocation: Investigate the RTT anomaly to rule out spoofing or proxy activity.
3. Check Ahrefs Infrastructure: Confirm if the associated Ahrefs domain is under active threat campaigns.
4. Network Segmentation: Consider isolating high-risk siblings in the subnet to mitigate potential lateral movement.
---
Source: IPDebrief Threat Intelligence Platform
Note: This IP is associated with a legitimate cloud provider (OVH), but its subnet exhibits elevated abuse risk. Further investigation is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059690 |
| CIDR Block | 51.161.65.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca011-san123.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca011-san123.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 36% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 19% | 2 | 2 |
| reputation | 31% | 1 | 3 |
| geolocation | 39% | 2 | 3 |
| Overall | 25% | 10 | 15 |
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:04:25 UTC |
| Last Seen | 2026-06-27 06:22:15 UTC |
| Profile Built | 2026-06-28 00:26:23 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 28 |
Full dossier details are available via our API.