142.44.228.203
# IP INTELLIGENCE BRIEFING
Target: 142.44.228.203/32
Date: 2026-06-26
Classification: Low Risk - Cloud Infrastructure
---
## EXECUTIVE SUMMARY
IP 142.44.228.203 is a low-risk cloud host (risk score: 25) associated with Ahrefs.net infrastructure. The address resolves to a proxy hostname (proxy-ca016-san203.ahrefs.net) and operates on OVH cloud infrastructure in Beauharnois, Quebec. No active threat indicators detected.
---
## TECHNICAL PROFILE
Ownership & Infrastructure
- ASN: 16276 (OVH SAS)
- Organization: Dmytro, Ahrefs Pte Ltd
- Network Block: 142.44.228.0/24 (OVH-CUST-281059695)
- Infrastructure Type: CloudCompute / Hosting
- Provider Score: 0 | Authority Score:** 0
Geolocation
- Country: Canada (CA)
- Region: Quebec (QC)
- City: Beauharnois
- RTT Anomaly: Geographic distance reported as 5,597 km with 31ms RTT, indicating potential routing anomaly or measurement discrepancy
DNS Resolution
- PTR Hostname: proxy-ca016-san203.ahrefs.net
- Forward Resolves: proxy-ca016-san203.ahrefs.net (ahrefs.net)
- Forward Confirmation: No
- Email Authentication: SPF/DMARC records absent
Services & Ports
- Open Ports: None detected
- HTTP Services: No active HTTP title/banner
- TLS Certificate: None
- Status: Firewalled / No Services
---
## THREAT ASSESSMENT
Risk Score: 25 (Low Risk)
Reputation: Low Risk
Abuse Confidence Score: Not applicable
Threat Indicators
- Known Attacker: No
- Spam Source: No
- Tor Exit Node: No
- Blacklist Count: 0
- DNSBL Listings: 1 of 8 total lists
- Known Campaigns: None detected
Temporal Analysis
- Threat Persistence: 0 days
- Observation Count: 28 signals
- Persistently Malicious: No
---
## SUBNET ANALYSIS (142.44.228.0/24)
Abuse Density: 0.4414 (moderate)
Classification: Mixed
Total Siblings: 256
Active Siblings: 228
Threat Siblings: 113
Risk Distribution:
- High Risk: 0
- Medium Risk: 63
- Low Risk: 37
Neighbor Sample (100 IPs analyzed):
- Average risk scores: 40 across sampled neighbors
- No high-risk concentration detected in immediate neighborhood
---
## RELATIONSHIP GRAPH
Total Relationships: 69
Primary Relationship Type: Same Network (OVH-CUST-281059695)
Associated Hostnames: proxy-ca016-san203.ahrefs.net
Associated Domains: ahrefs.net
---
## OBSERVATION HISTORY
Total Observations: 28
Recent Signals:
- 2026-06-26T19:23:21Z: Subnet classification (abuse_density: 0.4414, mixed)
- 2026-06-26T19:16:28Z: Route operator score (0.087, minimal)
- 2026-06-26T19:15:30Z: DNS CAA records present (ahrefs.net)
- 2026-06-22T15:50:52Z: Network role confirmation (OVH cloud, hosting)
Trend: Stable low-risk profile with no escalation patterns
---
## SECURITY ACTIONS
Recommendations: None (low-risk profile)
Firewall Rules: No blocking required based on current risk assessment
Monitoring: Continue standard monitoring. No immediate action required.
---
## SOC ANALYST NOTES
Key Findings:
1. Legitimate Ahrefs.net cloud infrastructure (SEO analytics platform)
2. No malicious indicators or known threat associations
3. DNSBL listing present but low-risk context
4. Geographic RTT anomaly warrants monitoring but likely measurement artifact
5. Subnet shows mixed classification with 44% abuse densityβstandard for shared cloud hosting
Action: Allow traffic. No blocking required. Monitor for behavioral changes that deviate from expected Ahrefs proxy patterns.
---
*Intelligence generated by IPDebrief | Copyright © 2026 Jason Alberino*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059695 |
| CIDR Block | 142.44.228.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | β |
π DNS Intelligence
| PTR | proxy-ca016-san203.ahrefs.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca016-san203.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 28% | 2 | 4 |
| routing | 20% | 2 | 3 |
| services | 12% | 2 | 2 |
| ownership | 22% | 3 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 35% | 2 | 3 |
| Overall | 24% | 12 | 18 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:43 UTC |
| Last Seen | 2026-06-26 23:09:19 UTC |
| Profile Built | 2026-06-27 19:23:10 UTC |
| Data Freshness | Live |
| Signal Types | 26 |
| Total Observations | 34 |
Full dossier details are available via our API.