148.113.128.4
IP Intelligence Briefing: 148.113.128.4
Date: 2026-06-06
---
**1. Risk Profile**
- Overall Risk Score: 25 (Low Risk)
- Provider Score: 0
- Authority Score: 0
- Stability Score: 0
- Threat Indicators: No malicious activity detected (no known attackers, spam, or Tor exit nodes).
---
**2. Ownership & Geolocation**
- ASN: 16276 (OVH)
- Organization: Ahrefs Pte Ltd (OVH-CUST-281059693)
- Geolocation: Singapore (CA), with null coordinates.
- Network Role: Cloud compute infrastructure (OVH-hosted, no residential/mobile traffic).
---
**3. Threat Observations**
- Historical Signals (30-Day Window):
- Minimal risk detected (0.2174 operator score).
- DNSSEC and CAA records validated.
- Subnet abuse density: 0.2851 (moderate risk in sibling IPs).
- No active threats or campaign correlations.
---
**4. Network Relationships**
- Linked Entities:
- Same network: OVH-CUST-281059693 (148.113.128.0/24).
- DNS associations: `proxy-ca014-san4.ahrefs.net` (likely ahrefs.net infrastructure).
- No connections to known malicious organizations or domains.
---
**5. Subnet Analysis**
- Subnet: 148.113.128.0/24
- Abuse Density: 28.51% (mixed classification).
- Neighbor Risk:
- 23 IPs flagged as medium risk (authority score 50).
- 77 IPs low risk.
- No high-risk siblings.
---
**6. Security Actions**
- Recommended Mitigations:
- Monitor subnet for unusual traffic (moderate abuse density).
- Validate DNSSEC and CAA records for associated domains.
- No immediate firewall rules required due to low risk.
---
**7. Summary**
The IP 148.113.128.4 is part of a legitimate cloud infrastructure hosted by OVH, associated with Ahrefs Pte Ltd. While no direct threats are detected, the subnet exhibits moderate abuse density, warranting closer monitoring. No actionable security measures are required at this time, but ongoing observation is advised.
SOC Analyst Note: Investigate neighbor IPs with medium risk scores for potential lateral movement or shared infrastructure risks.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059693 |
| CIDR Block | 148.113.128.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca014-san4.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca014-san4.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 4 |
| routing | 27% | 2 | 3 |
| services | 12% | 2 | 2 |
| ownership | 30% | 3 | 3 |
| reputation | 31% | 1 | 3 |
| geolocation | 39% | 2 | 3 |
| Overall | 27% | 12 | 18 |
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-13 12:11:52 UTC |
| Last Seen | 2026-06-27 23:04:27 UTC |
| Profile Built | 2026-06-28 17:10:49 UTC |
| Data Freshness | Live |
| Signal Types | 26 |
| Total Observations | 30 |
Full dossier details are available via our API.