142.44.225.208
# IP Intelligence Briefing: 142.44.225.208/32
## Executive Summary
IP address 142.44.225.208 is a cloud compute infrastructure address operated by OVH for Ahrefs Pte Ltd. The IP exhibits moderate risk (score: 40) and is classified as part of a high-abuse density subnet. No active threat indicators or malicious activity were detected during current analysis.
---
## Network Classification
- Organization: Ahrefs Pte Ltd (Dmytro)
- ASN: 16276 (OVH SAS)
- Infrastructure Type: Cloud Compute
- CIDR Block: 142.44.225.0/24
- BGP Prefix: 142.44.128.0/17
- Network Role: Hosting provider infrastructure with cloud characteristics
---
## Geographic Analysis
- Reported Location: Singapore (country code: CA)
- Region: QC
- Geolocation Consensus: Inconsistent data reported across multiple sources
- Geolocation Accuracy: Low confidence (3000 km accuracy radius)
- Note: Geolocation discrepancies warrant monitoring for potential spoofing or misconfiguration
---
## DNS and Reputation Analysis
- PTR Hostname: proxy-ca017-san208.ahrefs.net
- Domain: ahrefs.net
- DNS Resolution: Forward resolution confirmed (1 hostname)
- Email Authentication: No SPF or DMARC records detected
- DNSBL Status: Listed on 1 of 8 tested DNS blocklists
- Threat Indicators: None detected
- Known Attacker: No
- Spam Source: No
- Tor Exit Node: No
---
## Neighborhood Analysis (142.44.225.0/24)
- Abuse Density: 0.7266 (high abuse classification)
- Total Siblings: 256 IPs
- Active Siblings: 223
- Threat Siblings: 186
- Inherited Risk: 29
- Neighbor Risk Distribution: 0 high-risk, 17 medium-risk, 83 low-risk
- Assessment: The /24 subnet shows elevated abuse characteristics with significant threat sibling concentration
---
## Service and Port Analysis
- Open Ports: None detected
- HTTP/HTTPS Services: No active services
- TLS Certificate: None
- Banner Grab: No banner data available
- Infrastructure State: Firewalled / No services exposed
---
## Historical Observation Timeline (Recent 20 Signals)
- Latest Observation: 2026-06-28 23:58:54 UTC
- Observation Types:
- DNS resolution to ahrefs.net (confidence: 0.80)
- Cloud infrastructure classification as OVH (confidence: 0.90)
- Subnet abuse classification as "high_abuse" (confidence: 0.75)
- Ownership stability: 0 changes, not persistently malicious
- BGP prefix stability: false (route changes detected)
- Threat Persistence: Single observation, no persistent malicious behavior
---
## Risk Assessment
| Metric | Value | Assessment |
|---|---|---|
| Overall Risk Score | 40 | Moderate |
| Provider Score | 0 | Neutral |
| Authority Score | 0 | Neutral |
| Abuse Confidence | N/A | Not applicable |
| DNSBL Listings | 1/8 | Minor |
| Route Stability | False | Route changes observed |
| Operator Score | 0.2174 | Minimal |
---
## Recommended Actions
No immediate blocking or firewall actions recommended. The IP is classified as legitimate cloud hosting infrastructure for Ahrefs. However, the following considerations apply:
1. Monitor Route Stability: BGP prefix 142.44.128.0/17 shows route instability
2. Monitor DNSBL Listings: Review current blacklist status for potential false positives
3. Subnet Context: Consider the high abuse density of the /24 subnet when evaluating traffic patterns
4. Geolocation Verification: Investigate Singapore/Canada location discrepancy if traffic patterns warrant
---
## Conclusion
IP 142.44.225.208 is a cloud-hosted infrastructure address associated with Ahrefs Pte Ltd via OVH. While the subnet exhibits elevated abuse characteristics (186 threat siblings), this specific IP shows no active malicious indicators. The address should be treated as legitimate cloud infrastructure but monitored within the context of its high-abuse subnet environment.
Classification: Moderate Risk - Legitimate Cloud Infrastructure with Elevated Neighborhood Risk
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059696 |
| CIDR Block | 142.44.225.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca017-san208.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca017-san208.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 34% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 19% | 2 | 2 |
| reputation | 32% | 1 | 3 |
| geolocation | 26% | 2 | 2 |
| Overall | 22% | 9 | 12 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-24 12:33:37 UTC |
| Last Seen | 2026-06-28 23:59:03 UTC |
| Profile Built | 2026-06-29 06:00:58 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 20 |
Full dossier details are available via our API.