142.44.225.149
IP Intelligence Briefing: 142.44.225.149
*Generated via IPDebrief Analysis*
---
**Key Risk Profile**
- Risk Score: Moderate (50/100)
- Ownership: Owned by OVH (ASN 16276), registered to "Dmytro, Ahrefs Pte Ltd" under ARIN.
- Geolocation: Listed as Canada (CA) but associated with Singapore via DNS (proxy-ca017-san149.ahrefs.net). Discrepancy noted.
- Network Role: CloudCompute infrastructure (OVH-hosted, no residential/mobile indicators).
- Threat Indicators: No direct malicious activity detected (no blacklists, spam, or campaigns).
---
**Observation History**
- Recent Activity:
- Listed in 8 threat feeds (1 high-severity, 7 medium) as of 2026-06-09.
- Subnet abuse density (142.44.225.0/24): 47.6% (mixed classification, 119 threat siblings).
- BGP validity: Valid ROA (RPKI state: valid).
- Stability: No recent route changes; stable network configuration.
---
**Relationships & DNS**
- DNS Associations:
- Resolves to `proxy-ca017-san149.ahrefs.net` (likely Ahrefs infrastructure).
- No email authentication records (SPF/DMArC).
- Network Links:
- Part of OVH network (OVH-CUST-281059696).
- Subnet includes 250 IPs (145 active, 119 flagged as threat siblings).
---
**Neighborhood Risk**
- Subnet: 142.44.225.0/24
- Abuse Density: 47.6% (moderate risk).
- Neighbor Analysis:
- 81% of sibling IPs classified as medium risk.
- No direct malicious indicators on the IP itself.
---
**Recommendations**
1. Monitor Subnet: Track activity in 142.44.225.0/24 for abnormal traffic patterns.
2. Verify Geolocation: Investigate the Singaporean DNS association (proxy-ca017-san149.ahrefs.net) for potential misconfiguration or spoofing.
3. Cloud Provider Context: Confirm OVH-hosted infrastructure alignment with Ahrefs' legitimate operations.
4. Threat Feed Correlation: Cross-reference with internal IOC lists for the 8 threat feeds noted.
---
Note: No immediate action required for the IP itself, but contextual monitoring of its subnet and DNS ecosystem is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059696 |
| CIDR Block | 142.44.225.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca017-san149.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca017-san149.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 31% | 2 | 4 |
| routing | 24% | 3 | 4 |
| services | 12% | 2 | 2 |
| ownership | 26% | 3 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 26% | 13 | 19 |
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-22 03:08:25 UTC |
| Last Seen | 2026-06-28 16:57:43 UTC |
| Profile Built | 2026-06-29 11:05:30 UTC |
| Data Freshness | Live |
| Signal Types | 26 |
| Total Observations | 30 |
Full dossier details are available via our API.