198.244.168.137
IP Intelligence Briefing: 198.244.168.137
Date: 2026-06-14
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Owner: Ahrefs Pte Ltd Dmytro (OVH ASN 16276)
- Geolocation: London, England, UK (Inferred via multi-signal geolocation)
- Network Role: Cloud-hosted infrastructure (OVH provider)
- Threat Indicators: No malicious activity detected (no blacklists, spam, or known attacker associations).
---
**2. Observation History**
- First Seen: 2026-05-31
- Risk Trends: Stable low-risk profile; no significant changes in threat signals.
- Key Signals:
- CloudCompute infrastructure (OVH).
- Minimal DNSSEC and CAA validation risks.
- No observed Tor, VPN, or residential network characteristics.
---
**3. Network Relationships**
- Linked Entities:
- Subnet: 198.244.168.0/24 (OVH network).
- No direct ties to known malicious organizations or campaigns.
- Subnet Context:
- Abuse Density: 0.4375 (moderate risk).
- Active Neighbors: 106 IPs (112 flagged as risky).
- Inherited Risk: 17 (subnet-level risk).
---
**4. Neighborhood Analysis**
- Subnet Risk Distribution:
- High Risk: 0 IPs
- Medium Risk: 76 IPs
- Low Risk: 24 IPs
- Neighbor Example:
- 198.244.168.0: Risk Score 40 (medium).
- 198.244.168.1: Risk Score 25 (low).
- Abuse Density: 0 (no direct abuse reported for this IP).
---
**5. Recommendations**
- Monitor Subnet: Track the 198.244.168.0/24 subnet for emerging threats due to moderate abuse density.
- Verify Ownership: Confirm Ahrefs' infrastructure legitimacy, as the IP is associated with a legitimate hosting provider.
- No Immediate Action: No actionable security rules or firewall policies required for this IP.
---
Conclusion:
The IP 198.244.168.137 is associated with a legitimate cloud-hosted service (Ahrefs) and shows no malicious behavior. While its subnet contains some risky neighbors, the IP itself remains low risk. SOC teams should prioritize monitoring the subnet for potential lateral movements or new threats.
Tools Used: `ipdebrief_profile`, `ipdebrief_history`, `ipdebrief_relationships`, `ipdebrief_neighbors`.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Ahrefs Pte Ltd Dmytro |
| ASN | AS16276 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | proxy-uk001-san137.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-uk001-san137.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 35% | 2 | 3 |
| Overall | 22% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-10 22:17:30 UTC |
| Last Seen | 2026-06-27 18:24:10 UTC |
| Profile Built | 2026-06-28 12:28:51 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 28 |
Full dossier details are available via our API.