142.44.228.187📋 Copy

## IP Intelligence Briefing: 142.44.228.187/32

Executive Summary

IP 142.44.228.187 is a low-risk (score: 25) cloud infrastructure endpoint operating within an OVH-hosted Ahrefs customer subnet. The IP exhibits firewalled behavior with no open services and maintains DNS registration under ahrefs.net, a legitimate SEO analytics provider. While the individual IP presents minimal threat indicators, the parent subnet demonstrates mixed classification with elevated abuse density.

Ownership and Network Classification

• ASN: 16276 (OVH SAS)
• Organization: Dmytro, Ahrefs Pte Ltd
• Network: OVH-CUST-281059695 (142.44.228.0/24)
• Infrastructure Type: Cloud Compute
• Classification: Hosting environment with no active services
• Provider Score: 0.0 | Authority Score: 0.0 | Risk Score**: 25

Geolocation Analysis

• Primary Location: Canada (CA)
• Secondary Location: Singapore (data discrepancy noted)
• Geolocation Confidence: Low (RTT violation detected: 28ms observed vs. 112ms minimum for 5,598km distance)
• Accuracy Radius: 3,000 km
• Consensus: GeoConsensus true across 1 source

DNS and Hostname Resolution

• PTR Hostname: proxy-ca016-san187.ahrefs.net
• Domain: ahrefs.net
• Forward Resolution: Confirmed (1 hostname)
• SSL/TLS: No certificates detected
• Email Authentication: SPF and DMARC records absent

Service and Port Status

• Open Ports: None detected
• HTTP Services: No active services
• TLS Certificates: None
• Banner Grab: No services responding
• Status: Firewalled / No Services

Threat Indicators

• Known Attacker: No
• Spam Source: No
• Tor Exit Node: No
• Vulnerability Scanner: No
• Blacklist Count: 0
• DNSBL Listings: 1 of 8 total lists
• Known Campaigns: None detected
• Abuse Confidence Score: Not applicable

Subnet Neighborhood Assessment (142.44.228.0/24)

• Total Subnet Size: 256 IPs
• Active Siblings: 228
• Threat Siblings: 112
• Abuse Density: 0.4375 (43.75%)
• Classification: Mixed
• Inherited Risk Score: 17
• Risk Distribution: 0 High (0%), 63 Medium (63%), 37 Low (37%)
• Inherited Risk Factor: Moderate elevation from subnet activity

Control Plane Data

• BGP Prefix: 142.44.128.0/17
• RPKI State: Not evaluated
• Route Stability: False (route changes observed)
• DNSSEC: Valid
• CAA Records: Present
• Operator Score: 0.2174 (Minimal)

Historical Signal Timeline

• Observation Count: 20 signals
• Latest Observation: 2026-06-26 02:12:57 UTC
• Threat Persistence: 0 days
• Ownership Changes: 0
• Signal Types: DNS resolution, geolocation, neighborhood density, operator scoring, comprehensive dimension analysis

Relationship Graph

• Total Relationships: 58
• Primary Association: Same Network (OVH-CUST-281059695)
• Network Affiliation: Consistent OVH customer block references

Recommended Actions

• No immediate blocking required: Low risk individual IP score
• Monitor subnet activity: Parent subnet shows 43.75% abuse density
• Review DNSBL listing: Investigate which specific blacklist requires attention
• Consider egress filtering: No services detected; outbound traffic may warrant monitoring
• Geolocation verification: Investigate Canada/Singapore discrepancy for potential spoofing

Intelligence Assessment

This endpoint represents legitimate cloud infrastructure associated with Ahrefs, a major SEO analytics platform. The absence of open services and low risk score indicate normal hosting behavior. However, the elevated abuse density within the parent subnet warrants ongoing monitoring. The IP should be treated as low-risk but included in baseline network traffic analysis, particularly for outbound communication patterns.

---

*Report generated via IPDebrief Intelligence Platform*

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.