148.113.130.187
IP Intelligence Briefing: 148.113.130.187
*Generated via IPDebrief Tools*
---
**1. Core Profile**
- Reputation: Moderate Risk (Risk Score: 50)
- Ownership:
- ASN: 16276 (OVH)
- Organization: Dmytro, Ahrefs Pte Ltd
- Network: 148.113.130.0/24 (OVH-CUST-281059688)
- Geolocation:
- Country: Canada (CA)
- City: Singapore
- ASN: 16276 (OVH)
- Network Role:
- Cloud Compute: Hosted by OVH (OVH-CUST-281059688)
- Subnet Abuse Density: 34.92% (mixed classification)
---
**2. Threat Indicators**
- Malicious Activity: None detected.
- No indicators in threat feeds, blacklists, or campaigns.
- No Tor exit node, spam source, or known attacker associations.
- DNS:
- PTR hostname: `proxy-ca009-san187.ahrefs.net`
- DNSSEC valid, CAA records present.
- Services:
- No open ports or TLS certificates detected.
---
**3. Observation History**
- Last 365 Days:
- 18 observations (13 unique signal types).
- Key Trends:
- DNS resolution (100% confidence) and subnet analysis (75% confidence).
- No persistent malicious activity (threat persistence days: 0).
- DNSBL listings (2/8 total lists, low severity).
---
**4. Network Relationships**
- Subnet: 148.113.130.0/24
- Neighbors:
- Total Siblings: 252 IPs (127 active, 88 high-risk).
- Risk Distribution: 19 medium-risk, 81 low-risk, 0 high-risk.
- Shared Network:
- Same ASN (16276) and organization (OVH).
---
**5. Recommendations**
- Monitoring:
- Track subnet activity due to mixed abuse density (34.92%).
- Monitor DNS resolution for `proxy-ca009-san187.ahrefs.net` for anomalies.
- Firewall:
- Allow traffic to the subnet (148.113.130.0/24) if legitimate.
- Block high-risk neighbors (88 IPs) if not already restricted.
- Investigation:
- Validate geolocation discrepancy (Singapore vs. Canada).
- Confirm Ahrefs' infrastructure usage of this subnet.
---
Conclusion: This IP is part of a cloud-hosted network (OVH) associated with Ahrefs. While no direct malicious activity is observed, the subnet contains a mix of risks. SOC teams should monitor for anomalies in DNS behavior and subnet traffic, ensuring alignment with legitimate cloud operations.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059688 |
| CIDR Block | 148.113.130.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca009-san187.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca009-san187.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 33% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 19% | 2 | 2 |
| reputation | 31% | 1 | 3 |
| geolocation | 32% | 2 | 3 |
| Overall | 24% | 10 | 15 |
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:03:45 UTC |
| Last Seen | 2026-06-26 23:49:04 UTC |
| Profile Built | 2026-06-27 14:03:15 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 27 |
Full dossier details are available via our API.