168.100.149.217
IP Intelligence Briefing: 168.100.149.217
*Generated via IPDebrief tools (profile, history, relationships, neighbors, actions)*
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Geolocation: Boston, MA, US (plausible, geocross-checked).
- Network Role: Firewalled / No Services (no open ports, TLS/HTTP services not detected).
- Ownership: Unattributed (no ASN/org name, potential residential or private network).
- Threat Indicators: No malicious activity detected (no blacklists, campaigns, or DNS anomalies).
---
**2. Observation History**
- Abuse Density: 0.3956 (moderate risk in subnet).
- Key Trends:
- Subnet classification: "Mixed" (89 threat siblings, 78 active IPs).
- Recent DNS resolution to `proxy-us004-san17.ahrefs.net` (legitimate domain, no abuse flags).
- No persistent threats or campaign correlations.
---
**3. Relationships**
- DNS: Linked to `ahrefs.net` (proxy hostname, no spam/campaign ties).
- Network: Subnet `168.100.149.0/24` contains 225 IPs (15 high-risk, 82 low-risk siblings).
---
**4. Neighborhood Analysis**
- Subnet Risk: 39.56% abuse density (moderate).
- Neighbor Risk Scores:
- 15 IPs flagged as high/medium risk (e.g., 168.100.149.0, 168.100.149.2).
- 82 IPs with low risk (e.g., 168.100.149.4).
- Recommendation: Monitor subnet for lateral movement or compromised hosts.
---
**5. Actions**
- Firewall Rules: No high-priority rules recommended (low risk, no threats detected).
- SOC Guidance:
- Validate DNS resolution to `ahrefs.net` for legitimacy.
- Monitor subnet for unusual traffic spikes or new high-risk neighbors.
- Consider isolating if subnet abuse density increases.
---
Conclusion: 168.100.149.217 is a low-risk IP with no direct malicious indicators. However, its subnet exhibits moderate abuse, warranting continued monitoring. No immediate action required, but contextualize within broader network activity.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Ahrefs Pte Ltd administrator |
| ASN | AS140577 |
| Network Name | AHREFS-US |
| CIDR Block | 168.100.144.0/20 |
| RIR | ARIN |
| Country | US |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | proxy-us004-san17.ahrefs.net |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | proxy-us004-san17.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 1 | 1 |
| routing | 25% | 1 | 1 |
| services | 25% | 1 | 1 |
| ownership | 0% | 0 | 0 |
| reputation | 0% | 0 | 0 |
| geolocation | 0% | 0 | 0 |
| Overall | 12% | 3 | 3 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-05 19:23:17 UTC |
| Last Seen | 2026-06-13 06:54:31 UTC |
| Profile Built | 2026-06-13 07:08:31 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 20 |
Full dossier details are available via our API.