142.44.233.135
IP Intelligence Briefing: 142.44.233.135
Date: 2026-06-14
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Ownership: Registered to Ahrefs Pte Ltd (OVH ASN 16276).
- Geolocation:
- Country: Canada (QC, Montreal)
- Geo-Plausibility: False (RTT anomalies suggest potential spoofing or misconfigured geolocation).
- Network Role:
- Cloud Compute: Hosted by OVH, classified as a "Firewalled / No Services" infrastructure.
- Subnet: 142.44.233.0/24 (OVH-CUST-281059682).
---
**2. Threat & Abuse Analysis**
- Threat Indicators:
- No malicious activity detected (no blacklists, spam, or campaign ties).
- Subnet Abuse Density: 45.63% (mixed classification, 115 abusive siblings in 252 total).
- DNS & Hosting:
- Resolves to proxy-ca003-san135.ahrefs.net (Ahrefs domain).
- No open ports, TLS certs, or web services detected.
- DNSSEC and CAA records are valid, but geo-plausibility is questionable.
---
**3. Observation History**
- Recent Activity:
- First observed in June 2026, with DNS and network analysis signals.
- No persistent malicious behavior or ownership changes.
- Risk Trends:
- Stable low-risk profile; no upward trend in threats or abuse.
---
**4. Relationships & Network Context**
- Network Affiliation:
- Part of OVH's 142.44.128.0/17 block.
- Subnet contains 174 active IPs, 115 flagged as abusive.
- Linked Entities:
- Directly tied to ahrefs.net (SEO tooling company).
- No Tor, CDN, or proxy indicators.
---
**5. Recommendations**
- Monitoring:
- Track subnet abuse density (45.63%) for potential lateral movement orε ³θ attacks.
- Validate geolocation anomalies (RTT mismatch for 5598km distance).
- Firewall:
- Allow traffic to/from OVH ASN 16276 unless specific services are detected.
- Monitor DNS queries to ahrefs.net for unusual patterns.
Conclusion: This IP is associated with a legitimate cloud-hosted service (Ahrefs) and shows no signs of malicious activity. However, its subnet has moderate abuse density, warranting continued monitoring for potential indirect risks.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059682 |
| CIDR Block | 142.44.233.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | β |
π DNS Intelligence
| PTR | proxy-ca003-san135.ahrefs.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca003-san135.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 15% | 2 | 2 |
| reputation | 28% | 1 | 3 |
| geolocation | 31% | 2 | 3 |
| Overall | 22% | 10 | 15 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-12 03:42:46 UTC |
| Last Seen | 2026-06-27 20:47:35 UTC |
| Profile Built | 2026-06-28 14:52:29 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 24 |
Full dossier details are available via our API.