51.161.65.30
IP Intelligence Briefing: 51.161.65.30
Date: 2026-06-14
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Ownership:
- ASN: 16276 (OVH)
- Organization: Dmytro, Ahrefs Pte Ltd
- Network: 51.161.65.0/24 (OVH-CUST-281059690)
- Geolocation:
- Country: Canada (CA)
- City: Singapore
- Geo Validity: Plausible? False (RTT mismatch for distance).
- Threat Indicators:
- No malicious indicators, blacklists, or campaigns linked.
- DNS: Resolves to `proxy-ca011-san30.ahrefs.net` (Ahrefs, a legitimate SEO company).
---
**2. Network Behavior**
- Cloud Infrastructure:
- Hosted by OVH (cloud provider).
- Services: No open ports, no TLS certs, no HTTP services detected.
- Subnet Analysis:
- /24 Subnet: 51.161.65.0/24
- Abuse Density: 45.97% (moderate risk).
- Neighbors: 100 IPs in subnet; 92 low-risk, 8 medium-risk.
- Key Neighbors:
- 51.161.65.0 (risk: 40)
- 51.161.65.2 (risk: 50)
- 51.161.65.4 (risk: 50)
---
**3. Temporal Observations**
- Last 30 Days:
- Risk Trends: Stable (no spikes in threat signals).
- Geo Validation:
- RTT Anomalies: Observed 27ms RTT vs. expected 121.6ms for 6,082km distance.
- Probe Count: 5 probes (low confidence in geolocation accuracy).
- Ownership Stability: No changes in ownership.
---
**4. Relationships & Threat Context**
- Linked Entities:
- Network: OVH-CUST-281059690 (same subnet).
- DNS: Ahrefs Pte Ltd (legitimate, but DNSSEC and CAA records show mixed validation).
- Threat Correlation:
- No direct ties to known attackers, spam, or Tor networks.
- Subnet has 114 threat siblings (16.2% of neighbors).
---
**5. Actionable Insights**
- SOC Recommendations:
- Monitor Subnet: Track 51.161.65.0/24 for abnormal traffic patterns.
- Validate Geolocation: Investigate RTT discrepancies (potential spoofing or misconfigured routing).
- DNS Monitoring: Watch for DNS changes to `ahrefs.net` subdomains.
- Risk Mitigation:
- No immediate blocking required, but consider rate-limiting or monitoring for unexpected outbound traffic.
---
Summary:
This IP is associated with a legitimate cloud provider (OVH) and a SEO company (Ahrefs). While no direct malicious activity is detected, the subnet has a moderate abuse density, and geolocation anomalies warrant further investigation. Prioritize monitoring for unexpected behavior or lateral movements within the subnet.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059690 |
| CIDR Block | 51.161.65.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca011-san30.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca011-san30.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 33% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 19% | 2 | 2 |
| reputation | 31% | 1 | 3 |
| geolocation | 39% | 2 | 3 |
| Overall | 24% | 9 | 13 |
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-09 05:26:15 UTC |
| Last Seen | 2026-06-27 15:07:05 UTC |
| Profile Built | 2026-06-28 09:12:13 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 24 |
Full dossier details are available via our API.