148.113.128.191
IP Intelligence Briefing: 148.113.128.191
*Generated via IPDebrief Analysis*
---
**1. Core Profile**
- Risk Score: Moderate (50/100)
- Provider: OVH (ASN 16276)
- Organization: Dmytro, Ahrefs Pte Ltd
- Geolocation: Canada (QC, Beauharnois) | GeoPlausibility: Low
- Network Role: Cloud Compute (OVH-hosted) | No open services detected
- Threat Indicators: No direct malicious activity (no malware, spam, or known attacker associations)
---
**2. Observation History**
- Recent Activity:
- 2026-06-15: Listed in 8 threat feeds (1 high-severity listing).
- 2026-06-08: Scanned for open ports (no services detected), geolocation inferred.
- Trend: No persistent threats; risk score stable.
---
**3. Network Relationships**
- DNS Associations:
- Linked to `proxy-ca014-san191.ahrefs.net` (Ahrefs infrastructure).
- Subnet: 148.113.128.0/24
- Neighboring IPs:
- 107 threat siblings (medium/high risk) | 187 active IPs in subnet.
- Abuse Density: 42.63% (moderate risk).
---
**4. Actionable Insights**
- Monitor Subnet: The /24 subnet contains a mix of benign and malicious IPs. Prioritize monitoring high-risk neighbors.
- Verify DNS: The DNS host `proxy-ca014-san191.ahrefs.net` is tied to Ahrefs, but ensure it aligns with expected traffic patterns.
- Blocklist High-Risk Neighbors: Consider blocking IPs with high risk scores in the 148.113.128.0/24 subnet.
- Confirm Necessity: Assess if this IPโs cloud compute resources are critical to operations.
---
Conclusion: This IP is part of a cloud infrastructure (OVH-hosted) associated with Ahrefs. While no direct malicious activity is detected, its subnet contains a notable number of risky neighbors. Monitor traffic patterns and consider mitigating risks within the subnet.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059693 |
| CIDR Block | 148.113.128.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca014-san191.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca014-san191.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 31% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 19% | 2 | 2 |
| reputation | 31% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 22% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-16 20:59:39 UTC |
| Last Seen | 2026-06-28 03:49:33 UTC |
| Profile Built | 2026-06-28 21:54:56 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 25 |
Full dossier details are available via our API.