148.113.130.229
IP Intelligence Briefing: 148.113.130.229
Date: 2026-06-04
**Risk Profile**
- Overall Risk: Low (25/100)
- Provider Score: 0 (OVH, Ahrefs Pte Ltd)
- Authority Score: 0
- Stability: Unstable (route changes detected)
**Ownership & Geolocation**
- ASN: 16276 (OVH)
- Organization: Dmytro, Ahrefs Pte Ltd
- Geolocation:
- Country: Canada (CA)
- City: Singapore
- GeoValidation: Violation (RTT 27ms inconsistent with 6082km distance)
- Accuracy: 3000km radius
**Threat Indicators**
- No malicious activity detected: No indicators, blacklist entries, or campaigns.
- DNS:
- Resolves to `proxy-ca009-san229.ahrefs.net` (likely internal/legitimate).
- No email authentication (SPF/DKIM) or domain hosting.
- Network Role: Cloud compute infrastructure (OVH-hosted, no residential/reseller flags).
**Observation History**
- Recent Signals:
- Minimal risk (0.25 score) with mixed subnet classification.
- DNSSEC valid, CAA records present, and no DNSBL listings.
- Stability concerns: route instability over 30 days.
**Relationships**
- Linked Entities:
- Hostname: `proxy-ca009-san229.ahrefs.net` (likely internal Ahrefs infrastructure).
- Subnet: `148.113.130.0/24` (mixed risk, 30.56% abuse density).
- ASN: 16276 (OVH) with no known malicious activity.
**Neighborhood Analysis**
- Subnet: `148.113.130.0/24` (252 IPs, 127 active).
- Risk Distribution:
- 78 low-risk, 21 medium-risk, 0 high-risk IPs.
- Inherited Risk: 12 (moderate).
- Abuse Density: 0.3056 (moderate, not critical).
**Actionable Insights**
1. Monitor Subnet: The subnet has a moderate abuse density; investigate medium-risk neighbors for anomalies.
2. Verify DNS: Confirm legitimacy of `proxy-ca009-san229.ahrefs.net` as part of Ahrefs infrastructure.
3. Check Stability: Route instability may indicate misconfiguration or network churn.
4. Geolocation Discrepancy: Investigate potential CDN/proxy use due to RTT inconsistency.
Conclusion: This IP is part of a low-risk cloud infrastructure with no malicious indicators. However, the subnetβs moderate abuse density and geolocation anomalies warrant ongoing monitoring. No immediate mitigation required, but contextualize within broader network activity.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059688 |
| CIDR Block | 148.113.130.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | β |
π DNS Intelligence
| PTR | proxy-ca009-san229.ahrefs.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca009-san229.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 39% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 15% | 2 | 2 |
| reputation | 22% | 1 | 2 |
| geolocation | 33% | 2 | 3 |
| Overall | 23% | 10 | 13 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-21 20:59:18 UTC |
| Last Seen | 2026-06-28 15:20:47 UTC |
| Profile Built | 2026-06-29 03:25:15 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 23 |
Full dossier details are available via our API.