142.44.225.140
# IP INTELLIGENCE BRIEFING
Target: 142.44.225.140/32
Classification: Moderate Risk - Infrastructure Cloud IP
Generated: June 2026
---
## EXECUTIVE SUMMARY
IP 142.44.225.140 is a cloud infrastructure endpoint hosted on OVH (AS16276), associated with the ahrefs.net domain namespace. The IP presents a moderate risk profile (score: 40) with no active threat indicators. While the subnet exhibits elevated abuse density (0.5415), this specific IP shows no direct malicious activity. The IP is classified as cloud hosting infrastructure with no exposed services.
---
## OWNERSHIP & GEOLOCATION
- Organization: Dmytro, Ahrefs Pte Ltd
- ASN: 16276 (OVH SAS)
- Network: OVH-CUST-281059696
- CIDR Block: 142.44.225.0/24
- Reported Country: CA (Canada) / Region: QC
- Reported City: Singapore
- Geolocation Confidence: Plausible but flagged (RTT violation: 5598 km distance with 30ms RTT indicates data inconsistency)
---
## NETWORK CLASSIFICATION
- Infrastructure Type: CloudCompute / Hosting
- Provider: OVH
- Cloud: Yes
- CDN: No
- Proxy/VPN/Tor: No
- Mobile/Residential: No
- Bogon: No
---
## THREAT ASSESSMENT
- Risk Score: 40 (Moderate)
- Abuse Confidence: Not applicable
- Known Attacker: No
- Spam Source: No
- Tor Exit Node: No
- Blacklist Count: 0
- Threat Feeds: None
- Known Campaigns: None
- DNSBL Listed: 1 of 8 lists
---
## DNS & REVERSE LOOKUP
- PTR Record: proxy-ca017-san140.ahrefs.net
- Forward Domain: ahrefs.net
- Forward Resolution Confirmed: No
- Email Auth (SPF/DMARC): Not configured
- TXT Records: 0
---
## SERVICES
- Open Ports: None detected
- TLS Certificate: None
- HTTP Title: None
- Server Banner: None
---
## NEIGHBORHOOD ANALYSIS
Subnet: 142.44.225.0/24
- Abuse Density: 0.5415 (High Abuse Classification)
- Total Siblings: 253 IPs
- Active Siblings: 164
- Threat Siblings: 137
- Inherited Risk: 21
Risk Distribution in Subnet:
- High Risk: 0
- Medium Risk: 97
- Low Risk: 3
---
## OBSERVATION HISTORY (25 Signals)
Recent observations from June 2026 confirm:
- Geolocation Signals: Multiple CA-based geolocation signals with varying confidence (0.18-0.90)
- DNS Signals: ahrefs.net domain resolution confirmed (confidence: 0.80)
- Infrastructure Signals: OVH cloud hosting classification with consistent provider identification (confidence: 0.85-0.90)
- Network Signals: ASN AS16276 with Quebec region attribution (confidence: 0.50)
---
## RELATIONSHIPS (44 Total)
- Same Network: Multiple OVH-CUST-281059696 network associations
- Associated Domains: ahrefs.net namespace
- BGP Prefix: 142.44.128.0/17
---
## SECURITY RECOMMENDATIONS
Firewall Rules (Ready for Deployment)
```bash
# iptables
iptables -A INPUT -s 142.44.225.140 -j DROP
# nftables
nft add rule inet filter input ip saddr 142.44.225.140 drop
# nginx
deny 142.44.225.140;
# pfSense
142.44.225.140/32
# Cloudflare WAF
{"description":"Block 142.44.225.140 โ IPDebrief risk score 40","action":"block","filter":{"expression":"ip.src eq 142.44.225.140"}}
# AWS WAF
{"Addresses":["142.44.225.140/32"],"Description":"IPDebrief risk 40"}
```
Strategic Recommendations
1. Block at Perimeter: The IP shows moderate risk with no exposed services. Blocking is recommended for defense-in-depth.
2. Monitor Subnet: The /24 subnet has 137 threat siblings. Monitor for correlated activity.
3. No Immediate Escalation: No active threats, known campaigns, or blacklist hits detected.
4. Review ahrefs.net Association: Validate if legitimate business traffic is expected from this domain namespace.
---
## ANALYST NOTES
This IP is part of OVH's cloud infrastructure hosting the ahrefs.net namespace. While the subnet shows elevated abuse density, this specific IP has no direct threat indicators. The moderate risk score (40) reflects the hosting environment's potential for abuse rather than confirmed malicious activity. No immediate threat response required, but standard blocking rules are recommended for perimeter defense.
---
Status: Intelligence Complete
Action Required: Optional blocking (no active threats)
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059696 |
| CIDR Block | 142.44.225.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca017-san140.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca017-san140.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 20% | 2 | 3 |
| ownership | 15% | 2 | 2 |
| reputation | 28% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 23% | 10 | 16 |
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-13 19:03:50 UTC |
| Last Seen | 2026-06-27 23:38:48 UTC |
| Profile Built | 2026-06-28 17:45:07 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 25 |
Full dossier details are available via our API.