142.44.228.212
IP Intelligence Briefing: 142.44.228.212
Date: 2026-06-10
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Ownership: Owned by OVH (ASN 16276), registered to Ahrefs Pte Ltd.
- Geolocation: Listed as Canada (CA) but associated with Singapore via DNS (proxy-ca016-san212.ahrefs.net).
- Network Role: Cloud compute instance (OVH infrastructure), no active services detected.
- Threat Indicators: No malicious activity, no blacklisted domains, no known campaigns.
---
**2. Observation History**
- Recent Activity:
- Detected in June 2026 with minimal risk signals (confidence: 0.60).
- Subnet abuse density: 0.4779 (moderate risk in the 142.44.228.0/24 network).
- No persistent malicious behavior or repeated threats.
---
**3. Network Relationships**
- DNS Associations: Linked to proxy-ca016-san212.ahrefs.net (Ahrefs domain).
- Subnet Context:
- 142.44.228.0/24 subnet contains 249 IPs, with 119 flagged as high-risk.
- 123 active IPs in the subnet; 119 show threat activity.
- Routing: BGP prefix 142.44.128.0/17 (OVH network), stable but low operator score (0.2174).
---
**4. Neighborhood Analysis**
- Subnet Abuse: 47.79% of neighbors are flagged as abusive (medium/high risk).
- Neighbor Risks:
- 70 IPs with medium risk (score: 25โ40).
- 29 IPs with low risk.
- Recommendation: Monitor the subnet for lateral movement or compromised hosts.
---
**5. Actionable Intelligence**
- Firewall Rules (Sample):
```bash
iptables -A INPUT -s 142.44.228.212 -j DROP
nft add rule inet filter input ip saddr 142.44.228.212 drop
```
- Cloud WAF Rules:
- Cloudflare: Block IP with rule `ip.src eq 142.44.228.212`.
- AWS WAF: Add `142.44.228.212/32` to a custom IP set.
- Next Steps:
- Verify geolocation discrepancy (Canada vs. Singapore).
- Investigate Ahrefs domain for potential phishing or C2 activity.
- Monitor subnet for additional risky IPs.
---
Conclusion:
This IP is part of a mixed-risk subnet with no direct malicious indicators but should be blocked unless required for operations. Prioritize monitoring the associated Ahrefs domain and subnet for broader threats.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059695 |
| CIDR Block | 142.44.228.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca016-san212.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca016-san212.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 33% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 15% | 2 | 2 |
| reputation | 22% | 1 | 2 |
| geolocation | 25% | 2 | 2 |
| Overall | 21% | 10 | 12 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-23 12:21:55 UTC |
| Last Seen | 2026-06-28 20:55:12 UTC |
| Profile Built | 2026-06-29 08:59:55 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 22 |
Full dossier details are available via our API.