142.44.225.236
IP Intelligence Briefing: 142.44.225.236
Date: 2026-06-13
---
**1. Core Profile**
- Risk Score: Moderate (40/100)
- Ownership: Registered to Ahrefs Pte Ltd (OVH, ASN 16276).
- Geolocation: Listed as Canada (QC, Montreal), but DNS records point to Singapore (conflict noted).
- Network Role: CloudCompute infrastructure (OVH-hosted, no residential/mobile attributes).
- Threat Indicators: No malicious activity detected (no blacklists, campaigns, or DNS abuse).
---
**2. Observation History**
- Recent Activity (2026-06-13):
- Confirmed as a cloud server (OVH provider), no Tor/VPN/Proxy attributes.
- DNS resolution linked to proxy-ca017-san236.ahrefs.net (ahrefs.net domain).
- Subnet 142.44.225.0/24 shows high abuse density (0.5139), with 129 threat-siblings.
---
**3. Relationships & Network Context**
- Linked Entities:
- Subnet 142.44.225.0/24 (OVH-CUST-281059696).
- DNS: ahrefs.net (CAA records present, DNSSEC valid).
- Neighborhood Risk:
- Subnet abuse density: High (51.39% abuse rate).
- 129 of 251 sibling IPs flagged as high/medium risk.
- Notable neighbors:
- 142.44.225.0/24 (40/50 risk score).
- 142.44.225.1โ4 (50/50 risk scores).
---
**4. Threat & Security Context**
- No Direct Threats:
- No malware, phishing, or spam indicators.
- No DNSBL listings or campaign correlations.
- Subnet Risks:
- High abuse density suggests potential for lateral movement or shared infrastructure risks.
- Monitor for unusual outbound traffic or DNS queries.
---
**5. Recommendations**
- SOC Actions:
- Monitor 142.44.225.0/24 subnet for suspicious activity (e.g., C2 communication, data exfiltration).
- Validate geolocation discrepancies (Canada vs. Singapore).
- Ensure DNSSEC and CAA records are enforced for ahrefs.net.
- Firewall Rules:
- Consider restrictive rules for 142.44.225.236 if it hosts sensitive services.
---
Conclusion: This IP is owned by a legitimate entity but resides in a high-risk subnet. While no direct threats are detected, the network's abuse density warrants closer monitoring.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059696 |
| CIDR Block | 142.44.225.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca017-san236.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca017-san236.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 23% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 15% | 2 | 2 |
| reputation | 27% | 1 | 3 |
| geolocation | 35% | 2 | 3 |
| Overall | 21% | 10 | 15 |
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:03:43 UTC |
| Last Seen | 2026-06-26 23:00:25 UTC |
| Profile Built | 2026-06-27 19:15:01 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 30 |
Full dossier details are available via our API.