202.8.40.89
IP Intelligence Briefing: 202.8.40.89
Date: 2026-06-09
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Owner: Ahrefs Pte Ltd (ASN 140577, APNIC)
- Geolocation: United States (VA, Ashburn), Latitude 39.05, Longitude -77.49
- Network: Subnet 202.8.40.0/23, Assigned to "AHREFS-CRAWLER-A-USA"
- Services: No open ports or TLS services detected.
---
**2. Threat Indicators**
- Malicious Activity: None detected (no indicators, blacklists, or campaigns).
- DNS: Resolves to `sardine089.ahrefs.net` (PTR confirmed).
- Security Posture:
- DNSSEC validated, CAA records present.
- No Tor, CDN, or proxy flags.
---
**3. Observation History**
- Recent Activity:
- DNS records (CAA, DNSSEC) updated within the last 24 hours.
- No spikes in threat signals or network anomalies.
- Long-Term Trends: Stable, no persistent malicious behavior.
---
**4. Network Relationships**
- Linked Entities:
- Subnet `202.8.40.0/23` (Ahrefs crawler network).
- Hostname `sardine089.ahrefs.net` (likely a crawling server).
- Subnet Context:
- Abuse Density: 0% (low-risk subnet).
- Neighbors: 100 IPs in subnet, 18 medium-risk, 82 low-risk.
---
**5. Recommendations**
- Monitoring: No immediate action required due to low risk.
- SOC Action:
- Validate DNS resolution for `sardine089.ahrefs.net` to ensure it aligns with expected Ahrefs infrastructure.
- Monitor for unexpected changes in subnet abuse density or DNS records.
---
Conclusion:
202.8.40.89 is a legitimate IP associated with Ahrefs' crawling infrastructure. No malicious activity detected. Maintain standard monitoring practices for anomalies.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Ahrefs Pte Ltd administrator |
| ASN | AS140577 |
| Network Name | AHREFS-CRAWLER-A-USA |
| CIDR Block | 202.8.40.0/23 |
| RIR | APNIC |
| Country | US |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | sardine089.ahrefs.net |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | sardine089.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 30% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 14% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-22 03:09:27 UTC |
| Last Seen | 2026-06-09 17:42:52 UTC |
| Profile Built | 2026-06-09 17:45:48 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 17 |
Full dossier details are available via our API.