142.44.228.169
IP Intelligence Briefing: 142.44.228.169
Date: 2026-06-17
---
**1. Core Profile**
- Risk Score: Moderate (40/100)
- Ownership: Registered to Ahrefs Pte Ltd (OVH, ASN 16276).
- Geolocation: Canada (QC), inferred via ARIN records.
- Network Role: Cloud hosting infrastructure (OVH).
- Threat Indicators: No malicious activity detected (no blacklists, campaigns, or known attackers).
---
**2. Historical Observations**
- Abuse Density: Subnet abuse density increased from 0.60 to 0.69 over 4 days.
- Stability: No recent changes in routing or ownership.
- Trend: No escalation in risk scores or threat signals.
---
**3. Relationships & Network Context**
- Linked Entities:
- Subnet: 142.44.228.0/24 (OVH-CUST-281059695).
- DNS: Resolves to proxy-ca016-san169.ahrefs.net (Ahrefs).
- Neighbor Analysis:
- Subnet contains 256 IPs, with 176 classified as high-risk (abuse density: 68.75%).
- 142.44.228.169 is a high-risk IP within the subnet.
---
**4. Threat & Risk Assessment**
- No Direct Threat: No malicious indicators (e.g., C2s, malware, phishing).
- Indirect Risk: Subnet has high abuse density (69%) and 176 high-risk neighbors.
- Mitigation: Monitor subnet for lateral movement or compromised hosts.
---
**5. Recommended Actions**
1. Block Subnet: Consider blocking 142.44.228.0/24 to mitigate indirect risks.
2. Monitor DNS: Track proxy-ca016-san169.ahrefs.net for anomalous behavior.
3. Subnet Analysis: Investigate high-risk neighbors for potential compromise.
4. Geolocation Verification: Confirm Canadian origin via additional geolocation sources.
---
Conclusion:
The IP is a legitimate cloud-hosting IP associated with Ahrefs, but its subnet exhibits high abuse density. While the IP itself is not malicious, the network context warrants closer monitoring to prevent potential lateral threats.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059695 |
| CIDR Block | 142.44.228.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca016-san169.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca016-san169.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 4 |
| routing | 20% | 2 | 3 |
| services | 12% | 2 | 2 |
| ownership | 22% | 3 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 34% | 2 | 3 |
| Overall | 24% | 12 | 18 |
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:03:43 UTC |
| Last Seen | 2026-06-26 23:08:09 UTC |
| Profile Built | 2026-06-27 19:20:49 UTC |
| Data Freshness | Live |
| Signal Types | 26 |
| Total Observations | 33 |
Full dossier details are available via our API.