142.44.228.19
IP Intelligence Briefing: 142.44.228.19
*Generated using IPDebrief tools: profile, history, relationships, and neighbors analysis*
---
**1. Risk Profile**
- Risk Score: 25 (Low Risk)
- Provider/Authority Scores: 0/0
- Network Role: Cloud compute instance (OVH) with no active services or open ports.
- Threat Indicators: No malicious activity detected (no indicators, blacklists, or campaigns).
---
**2. Geolocation & Ownership**
- Country: Canada (CA) via geolocation, but DNS records point to Singapore.
- Organization: Dmytro, Ahrefs Pte Ltd (OVH customer).
- Subnet: 142.44.228.0/24 (OVH-CUST-281059695).
- Abuse Density: 46.56% (moderate risk). 115/247 IPs in subnet are flagged as threats.
---
**3. Observation History**
- Recent Activity:
- DNS resolution for `proxy-ca016-san19.ahrefs.net` (Ahrefs.net).
- Geolocation data from Canada (56.13°N, -106.35°W) with inconsistent RTT (29ms vs. 5598km distance).
- Operator score: "Minimal" (0.2174).
- Trend: No persistent malicious activity.
---
**4. Relationships & Connections**
- DNS Associations:
- Linked to `proxy-ca016-san19.ahrefs.net` (Ahrefs.net).
- Network:
- Same subnet as 115 high-risk IPs.
- Subnet classification: "Mixed" (60% abuse density).
---
**5. Neighborhood Analysis**
- Subnet: 142.44.228.0/24 (247 IPs).
- Risk Distribution:
- 51 IPs: Medium risk (40β60 score).
- 48 IPs: Low risk (25β40 score).
- 115 IPs: High risk (60+ score).
- Abuse Density: 53.54% (high-risk subnet).
---
**6. Actionable Recommendations**
1. Monitor Subnet: The 142.44.228.0/24 subnet has a high abuse density. Investigate potential lateral movement or compromised hosts.
2. Verify Geolocation: The IPβs geolocation (Canada) conflicts with DNS records (Singapore). Validate if spoofing or misconfigured DNS is occurring.
3. Block High-Risk Neighbors: Consider blocking IPs in the subnet with high risk scores (e.g., 142.44.228.1, 142.44.228.3) if they are not authorized.
4. Check Ahrefs.net: The DNS association with Ahrefs.net is normal, but confirm if the cloud provider has known security issues.
---
Note: The IP itself is low risk, but its subnetβs high abuse density warrants further investigation.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059695 |
| CIDR Block | 142.44.228.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | β |
π DNS Intelligence
| PTR | proxy-ca016-san19.ahrefs.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca016-san19.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 33% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 19% | 2 | 2 |
| reputation | 31% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 23% | 10 | 15 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-17 15:11:53 UTC |
| Last Seen | 2026-06-28 05:06:21 UTC |
| Profile Built | 2026-06-28 23:11:53 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 24 |
Full dossier details are available via our API.