51.161.65.207
IP Intelligence Briefing: 51.161.65.207
Date: 2026-06-05
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Provider: OVH (AS16276)
- Organization: Dmytro, Ahrefs Pte Ltd (OVH-CUST-281059690)
- Geolocation: Montreal, Quebec, Canada (CA)
- Network Role: CloudCompute (OVH infrastructure)
- Subnet: 51.161.65.0/24 (abuse density: 45.97%)
---
**2. Threat Indicators**
- Malicious Activity: No direct indicators (no malware, spam, or known attackers).
- Subnet Risk: Mixed classification; 90% of neighbors exhibit medium risk.
- Historical Observations:
- Detected as part of OVH network with threat signals (2 pulses).
- Geolocation consistency with Montreal, Canada.
---
**3. Relationships & Network Context**
- Linked Entities:
- Subnet: 51.161.65.0/24 (248 IPs, 114 flagged as threats).
- Organization: Ahrefs Pte Ltd (OVH customer).
- DNS: Resolves to `proxy-ca011-san207.ahrefs.net` (no email auth records).
- Services: No open ports or TLS certificates detected.
---
**4. Neighborhood Analysis**
- Subnet Abuse Density: 45.97% (medium risk).
- Active Neighbors: 161 IPs (114 flagged as threats).
- Key Neighbors:
- 51.161.65.0 (risk score 40),
- 51.161.65.4 (risk score 50).
---
**5. Recommended Actions**
- Monitoring: Track for unusual traffic patterns due to subnet risk.
- Firewall Rules (Example):
- `iptables -A INPUT -s 51.161.65.207 -j DROP`
- Cloudflare/AWS WAF rule: Block IP with description "IPDebrief risk 50".
- Contextual Analysis: Cross-reference with Ahrefs' network for potential benign activity.
---
Conclusion:
The IP is part of a cloud-hosted network with moderate risk, linked to Ahrefs. While no direct malicious activity is observed, the subnet's high abuse density warrants closer monitoring. No immediate blocking is required, but vigilance is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059690 |
| CIDR Block | 51.161.65.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca011-san207.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca011-san207.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 30% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 19% | 2 | 2 |
| reputation | 28% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 20% | 9 | 12 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-08 11:10:40 UTC |
| Last Seen | 2026-06-27 13:18:50 UTC |
| Profile Built | 2026-06-28 07:24:45 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 25 |
Full dossier details are available via our API.