142.44.225.66
IP Intelligence Briefing: 142.44.225.66
Date: 2026-06-10
---
**1. Core Profile**
- Risk Score: Moderate (40/100)
- Provider: OVH (ASN 16276)
- Organization: Dmytro, Ahrefs Pte Ltd
- Geolocation:
- Country: Canada (CA)
- City: Singapore (discrepancy noted; may indicate spoofing or misconfiguration)
- Network Role: CloudCompute (OVH-hosted, no active services detected)
---
**2. Threat & Abuse Indicators**
- No direct malicious indicators (no malware, phishing, or spam signals).
- Subnet Abuse Density: High (0.5859), with 150 threat siblings in the 142.44.225.0/24 subnet.
- DNS Associations: Linked to `proxy-ca017-san66.ahrefs.net` (normal for Ahrefs infrastructure).
---
**3. Temporal Observations**
- Recent Activity:
- Stable network classification (OVH, cloud-hosted).
- Geolocation data consistent across 16 observations (no abrupt changes).
- No persistent threats detected in 30-day history.
---
**4. Network Relationships**
- Key Links:
- Same subnet (`OVH-CUST-281059696`).
- DNS ties to `ahrefs.net` (legitimate domain, no abuse signals).
- Operator Score: Minimal (0.2174), suggesting low risk of provider-level compromise.
---
**5. Neighborhood Analysis**
- Subnet: 142.44.225.0/24
- Risk Distribution:
- High Risk: 0 IPs
- Medium Risk: 96 IPs
- Low Risk: 4 IPs
- Abuse Density: 58.59% (high risk of lateral movement or shared infrastructure compromise).
---
**6. Recommendations**
1. Monitor Subnet Activity:
- The high abuse density in the subnet suggests potential for lateral movement.
- Investigate neighbors with medium/high risk scores for unusual traffic patterns.
2. Verify Geolocation:
- Discrepancy between Canada (country) and Singapore (city) may indicate spoofing.
3. DNS & Network Security:
- Ensure DNSSEC and CAA records are properly configured for `ahrefs.net`.
4. Firewall Rules:
- Consider blocking the subnet (`142.44.225.0/24`) if further threats are observed.
---
Conclusion:
While 142.44.225.66 itself shows no direct malicious activity, its subnet exhibits high abuse density. SOC teams should prioritize monitoring this subnet for signs of compromise or anomalous behavior, especially given the association with Ahrefs and OVH infrastructure.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059696 |
| CIDR Block | 142.44.225.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca017-san66.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca017-san66.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 33% | 2 | 3 |
| routing | 8% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 19% | 2 | 2 |
| reputation | 31% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 20% | 9 | 12 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-25 06:41:05 UTC |
| Last Seen | 2026-06-29 01:10:41 UTC |
| Profile Built | 2026-06-29 07:12:25 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 20 |
Full dossier details are available via our API.