94.23.188.214

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING: 94.23.188.214/32

## EXECUTIVE SUMMARY

IP address 94.23.188.214/32 is classified as MODERATE RISK (risk score: 50) with cloud/hosting infrastructure characteristics. The IP is associated with OVH cloud infrastructure in France (Roubaix, Hauts-de-France) and resolves to Ahrefs proxy infrastructure. No active threat indicators or campaign correlations were observed.

## OWNERSHIP & INFRASTRUCTURE

ASN: 16276 (OVH)
Organization: Ahrefs Pte Ltd Dmytro
Geolocation: France (FR), Roubaix, Hauts-de-France
Infrastructure Type: Cloud Compute (OVH hosting provider)
Network Role: Firewalled / No Services Detected
Registration: RIR RIPE Network

## DNS & HOSTNAME ASSOCIATIONS

PTR Hostnames: proxy-fr008-san214.ahrefs.net
Forward Resolution: proxy-fr008-san214.ahrefs.net
Domain: ahrefs.net
HTTP Services: None detected (firewalled)

## THREAT INDICATORS & REPUTATION

Risk Score: 50 (Moderate)
Abuse Confidence Score: Not available
Known Attacker: No
Tor Exit Node: No
Spam Source: No
Blacklist Count: 0
DNSBL Listings: 2 of 8 total lists
Threat Persistence: 0 days (transient activity)
Is Persistently Malicious: No

## NEIGHBORHOOD ANALYSIS (94.23.188.0/24)

Total Sibling IPs: 32
Active Siblings: 13
Threat Siblings: 28
Abuse Density: 0.875 (High Abuse Classification)
Subnet Risk: Inherited risk score of 35
Risk Distribution: 20 medium-risk, 11 low-risk, 0 high-risk neighbors

Multiple sibling IPs within the /24 subnet share similar risk profiles (risk score 50), indicating potential shared infrastructure or abuse patterns.

## OBSERVATION HISTORY

Total Observations: 19 signals recorded
Recent Activity: June 2026 observations
Geolocation Signals: 190.23 km coordinate inference (France)
Network Classification: High abuse subnet classification observed
Threat Indicators: No persistent malicious behavior detected

## NETWORK CLASSIFICATION

Provider: OVH
Connection Type: Cloud-based
Infrastructure: Hosting/Cloud provider
Connection Status: No active services (firewalled)

## RECOMMENDED ACTIONS

Based on the moderate risk classification and cloud infrastructure context:

Allow: No immediate blocking required given legitimate Ahrefs association
Monitor: Watch for unusual traffic patterns from this IP range
Block: Consider blocking if traffic patterns indicate abuse or if threat indicators emerge
Firewall Rules: No specific iptables/nftables rules recommended at this time

## ANALYST NOTES

This IP represents legitimate Ahrefs proxy infrastructure hosted on OVH cloud. While the subnet shows elevated abuse density (0.875), this specific IP has no active threat indicators. Monitor for changes in DNS associations or emergence of threat indicators. The high number of threat-sibling IPs (28) within the /24 suggests the infrastructure may be shared with other entities or used for multiple purposes.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇫🇷 France
Region	Hauts-de-France
City	Roubaix
Timezone	Europe/Paris
Latitude	48.86
Longitude	2.34

🏢 Ownership & Registration

Organization	Ahrefs Pte Ltd Dmytro
ASN	AS16276
Network Name	—
CIDR Block	—
RIR	RIPE
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	proxy-fr008-san214.ahrefs.net
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)
Forward Hostnames	`proxy-fr008-san214.ahrefs.net`

🔐 DNS Hygiene

Hygiene Score	40% (Fair)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Present

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	39%	2	3
routing	13%	1	1
services	8%	1	1
ownership	24%	2	3
reputation	31%	1	3
geolocation	25%	2	2
Overall	23%	9	13

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-18 15:27:44 UTC
Last Seen	2026-06-28 07:45:34 UTC
Profile Built	2026-06-29 01:49:31 UTC
Data Freshness	Live
Signal Types	19
Total Observations	24

🔍 19 signal types · 24 observations collected

This report is generated from 19+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

94.23.188.214📋 Copy