168.100.149.35
IP Intelligence Briefing: 168.100.149.35
*Generated via IPDebrief tools: Profile, History, Relationships, & Neighborhood Analysis*
---
**1. Risk Profile**
- Reputation: Low Risk (Risk Score: 25/100)
- Ownership: Owned by Ahrefs Pte Ltd (ASN: 140577, ARIN-regulated).
- Geolocation: Ashburn, VA, US (latitude/longitude unspecified).
- Threat Indicators: No malicious activity detected (no indicators, blacklists, or campaigns).
- Network Role: Firewalled / No Services (openPorts: empty, TLS/HTTP: inactive).
---
**2. Observation History**
- Recent Activity:
- DNSSEC and CAA records confirmed (valid, no anomalies).
- Subnet abuse density: 0.2772 (moderate risk in the 168.100.149.0/24 network).
- No persistent threats or malicious campaigns linked.
- Stability: Stable routing (no recent route changes).
---
**3. Relationships**
- DNS Associations:
- Linked to `proxy-us000-san35.ahrefs.net` (Ahrefs hostname).
- No email auth (SPF/DKIM/D MARC) detected.
- Network Context:
- Subnet: 168.100.149.0/24 (classified as "mixed" with 56 threat siblings).
- Same network as AHREFS-US (likely Ahrefs infrastructure).
---
**4. Neighborhood Analysis**
- Subnet Summary:
- Total IPs: 202 (29 active, 56 flagged as threats).
- Abuse Density: 13.3% (moderate risk).
- High-Risk Neighbors: 0 (all neighbors have low/medium risk).
- Notable IPs:
- `168.100.149.0`, `168.100.149.2`, `168.100.149.3` (same risk profile).
---
**5. Actionable Insights**
- SOC Recommendations:
- Monitor the 168.100.149.0/24 subnet for unusual activity (moderate abuse density).
- Block IPs with high risk scores in the subnet if they exhibit suspicious behavior (e.g., port scanning, DNS anomalies).
- Verify if Ahrefs infrastructure is legitimate (no known malicious campaigns linked).
- No Immediate Threat: The IP itself is low-risk, but its subnet has a moderate risk profile.
---
Conclusion: 168.100.149.35 is part of Ahrefs' infrastructure with no direct malicious activity. However, the subnet contains a mix of legitimate and potentially risky IPs. SOC teams should monitor the subnet for lateral movement or compromised hosts.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Ahrefs Pte Ltd administrator |
| ASN | AS140577 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | proxy-us000-san35.ahrefs.net |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | proxy-us000-san35.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 20% | 1 | 2 |
| geolocation | 19% | 2 | 2 |
| Overall | 19% | 9 | 11 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Moderate (55%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:52 UTC |
| Last Seen | 2026-06-22 20:23:44 UTC |
| Profile Built | 2026-06-22 20:24:44 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 20 |
Full dossier details are available via our API.