168.100.149.204
IP Intelligence Briefing: 168.100.149.204
*Generated via IPDebrief Analysis*
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Ownership: Ahrefs Pte Ltd (ASN 140577, ARIN-regulated)
- Geolocation: Ashburn, VA, US (39.05°N, -77.49°E)
- Network Role: Firewalled / No Services (no open ports or TLS certs)
- Threat Indicators: No malware, phishing, or exploit activity detected.
---
**2. Observational History**
- Recent Activity:
- DNS resolution for `proxy-us004-san4.ahrefs.net` (confirmed).
- BGP prefix `168.100.144.0/20` associated with Ahrefs.
- DNSSEC and CAA records validated (no spoofing detected).
- Stability: No recent network changes or route instability.
---
**3. Relationship Graph**
- Key Associations:
- Directly linked to Ahrefs' `AHREFS-US` network (same /20 subnet).
- DNS ties to `proxy-us004-san4.ahrefs.net` (likely a proxy server).
- No connections to known malicious entities, C2 servers, or botnets.
---
**4. Neighborhood Analysis**
- Subnet: `168.100.149.204/24`
- Neighbor Risk:
- 79% low risk, 20% medium risk, 1% high risk.
- No abuse density detected in the subnet.
- Notable Neighbors:
- `168.100.149.2` (medium risk, likely benign).
- `168.100.149.0` (low risk, Ahrefs infrastructure).
---
**5. Threat Assessment**
- Likelihood of Malicious Use:
- Low: IP is part of a legitimate company's infrastructure.
- No historical exploitation, spam, or phishing signals.
- SOC Action:
- Monitor for unexpected traffic patterns or deviations from normal usage.
- No immediate mitigation required; focus on network segmentation if sensitive data is involved.
---
Conclusion:
168.100.149.204 is a benign IP associated with Ahrefs' proxy services. No evidence of compromise or malicious activity. Continue monitoring for anomalies but no urgent action needed.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Ahrefs Pte Ltd administrator |
| ASN | AS140577 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | proxy-us004-san4.ahrefs.net |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | proxy-us004-san4.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 13% | 1 | 1 |
| geolocation | 13% | 1 | 1 |
| Overall | 16% | 7 | 8 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-16 02:54:33 UTC |
| Last Seen | 2026-06-07 18:49:26 UTC |
| Profile Built | 2026-06-07 18:57:53 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 17 |
Full dossier details are available via our API.