142.44.228.35
IP Intelligence Briefing: 142.44.228.35
Date: 2026-06-09
**Core Profile**
- Reputation: Moderate Risk (Risk Score: 50)
- Provider: OVH (ASN: 16276)
- Organization: Dmytro, Ahrefs Pte Ltd
- Geolocation:
- Country: Canada (CA)
- City: Singapore (geolocation coordinates suggest Southeast Asia)
- Accuracy Radius: 3,000 km
- Network Role: Hosting Provider (OVH-CUST-281059695)
**Threat Indicators**
- No Active Threats: No malware indicators, spam sources, or known attacker associations.
- DNS Associations: Linked to `proxy-ca016-san35.ahrefs.net` (Ahrefs infrastructure).
- BGP Data:
- Origin ASN: 16276 (OVH)
- BGP Prefix: `142.44.128.0/17`
- Route Stability: Unstable (route changes detected in 30 days).
**Observation History**
- Recent Activity (2026-06-09):
- Geolocation signal from Canada (CA) with coordinates matching Singapore (potential spoofing or misconfiguration).
- Network classification as "CloudCompute" (OVH hosting).
- 2 DNSBL listings (low-severity abuse confidence).
- Historical Trends: No persistent malicious activity detected.
**Network Relationships**
- Connected Entities:
- Subnet: `142.44.228.0/24` (OVH-CUST-281059695)
- DNS: `proxy-ca016-san35.ahrefs.net` (Ahrefs proxy service)
- Neighbor Subnet Analysis:
- Abuse Density: 0.48 (mixed risk profile).
- High-Risk Neighbors: 119 IPs (19% of subnet).
- Active Siblings: 123 IPs (50% of subnet).
**Recommendations**
1. Monitor Geolocation Discrepancy: Investigate the conflicting geolocation data (Canada vs. Singapore) for potential spoofing or misconfigured DNS records.
2. Review Hosting Configuration: Ensure OVH-hosted services (e.g., Ahrefs proxies) are secured against misconfigurations or vulnerabilities.
3. Track Subnet Activity: Monitor the `142.44.228.0/24` subnet for emerging threats, given the high-risk neighbor density.
4. Verify DNSSEC/CAA: Confirm DNSSEC and CAA records for `ahrefs.net` to prevent DNS hijacking.
Note: The IP is associated with Ahrefs, a legitimate SEO tool provider, but its hosting infrastructure requires vigilance due to the subnetβs mixed risk profile.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059695 |
| CIDR Block | 142.44.228.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | β |
π DNS Intelligence
| PTR | proxy-ca016-san35.ahrefs.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca016-san35.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 36% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 19% | 2 | 2 |
| reputation | 31% | 1 | 3 |
| geolocation | 39% | 2 | 3 |
| Overall | 25% | 10 | 15 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-21 20:59:12 UTC |
| Last Seen | 2026-06-28 15:08:30 UTC |
| Profile Built | 2026-06-29 03:12:46 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 25 |
Full dossier details are available via our API.