142.44.225.138
# IPDEBRIEF INTELLIGENCE BRIEFING
Subject: 142.44.225.138/32
Date: 2026-06-26
Classification: Low Risk
Prepared For: SOC Analysts
---
## EXECUTIVE SUMMARY
IP address 142.44.225.138 operates within OVH cloud infrastructure with an overall risk score of 25 (Low Risk). The IP resolves to ahrefs.net domain infrastructure and exhibits minimal threat indicators. No immediate blocking recommendations are warranted.
---
## OWNERSHIP & INFRASTRUCTURE
- ASN: 16276 (OVH)
- Organization: Dmytro, Ahrefs Pte Ltd
- Network: OVH-CUST-281059696
- CIDR Block: 142.44.225.0/24
- Infrastructure Type: Cloud Compute
- Geolocation: Canada (QC), Singapore (inconsistent reporting)
- Registration: ARIN
Note: Geolocation data shows inconsistency between Canada registration and Singapore coordinate reporting. RTT analysis (5597.9km distance) indicates potential reporting anomalies.
---
## THREAT ASSESSMENT
| Metric | Status |
|---|---|
| Risk Score | 25 (Low) |
| Abuse Confidence | Not applicable |
| Known Attacker | No |
| Spam Source | No |
| Tor Exit Node | No |
| Blacklist Count | 0 |
| DNSBL Listed | 1/8 lists |
| Threat Indicators | None |
| Known Campaigns | None |
Temporal Analysis: The IP shows persistent ownership with 0 ownership changes and minimal threat persistence (0 days). No correlated IPs or certificate matches observed.
---
## NETWORK ENVIRONMENT
Subnet Analysis (142.44.225.0/24):
- Abuse Density: 0.3984 (moderate)
- Classification: Mixed
- Active Siblings: 224/256
- Threat Siblings: 102
- Inherited Risk: 15
Neighbor Risk Distribution:
- High Risk: 0 IPs
- Medium Risk: 53 IPs
- Low Risk: 47 IPs
The subnet shows mixed activity with no high-risk neighbors detected. This IP operates in a generally low-to-moderate risk environment.
---
## DNS & SERVICE ANALYSIS
- PTR Hostname: proxy-ca017-san138.ahrefs.net
- Domain: ahrefs.net
- Forward Resolution: Confirmed
- Open Ports: None detected
- Services: None exposed
- SSL/TLS: No certificates present
- HTTP Headers: Not applicable (no services)
Email Authentication: No SPF or DMARC records configured for ahrefs.net.
---
## OBSERVATION HISTORY
Total Observations: 22 signals
- Most Recent: 2026-06-26 14:44:04 UTC
- Subnet Abuse Density: 0.3984 (consistent)
- Classification: Mixed (persistent)
- Inherited Risk: 15 (stable)
No significant escalation or de-escalation of threat signals observed. The IP maintains stable operational characteristics.
---
## RELATIONSHIP GRAPH
Total Relationships: 76
- Primary association: Same Network (OVH-CUST-281059696) - 76 occurrences
- No cross-network or organizational relationships detected
- No certificate or hostname correlations beyond ahrefs.net
---
## RECOMMENDED ACTIONS
Current Risk Level: Low (25)
Actionable Recommendations: None
Suggested Firewall Rules: Not required
Monitoring Priority: Low
The IP does not meet thresholds for immediate blocking or defensive action. However, monitoring is recommended due to:
1. DNSBL listing on 1 of 8 threat feeds
2. Mixed subnet classification
3. Inconsistent geolocation reporting
---
## INTELLIGENCE CONCLUSIONS
IP 142.44.225.138 represents legitimate cloud infrastructure hosted by OVH for Ahrefs domain services. The low risk score, absence of threat indicators, and stable operational history support continued monitoring without escalation. No immediate defensive actions are required.
Analyst Notes: Geolocation inconsistencies warrant periodic revalidation. Monitor for changes in DNSBL status or subnet classification.
---
*Intelligence generated by IPDebrief® Network Intelligence Platform*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059696 |
| CIDR Block | 142.44.225.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca017-san138.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca017-san138.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 20% | 2 | 3 |
| ownership | 12% | 2 | 2 |
| reputation | 28% | 1 | 3 |
| geolocation | 31% | 2 | 3 |
| Overall | 21% | 10 | 16 |
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-12 03:42:46 UTC |
| Last Seen | 2026-06-27 20:46:54 UTC |
| Profile Built | 2026-06-28 14:52:29 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 27 |
Full dossier details are available via our API.