198.244.168.185
IP Intelligence Briefing: 198.244.168.185
Date: 2026-06-15
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Ownership: Registered to Ahrefs Pte Ltd (ASN 16276, OVH).
- Geolocation: London, England, UK (750km accuracy radius).
- Network Role: CloudCompute infrastructure (OVH), no services open.
- Threat Indicators: No malicious activity detected; not listed in blacklists.
---
**2. Observation History**
- Threat Feed Listings:
- 2 entries in 8 threat feeds (confidence: 85%).
- Alienvault-OTX flagged ASN 16276 (OVH) with 3 pulse detections.
- Geolocation Inference:
- Confirmed UK location (latitude 55.38, longitude -3.44) with 750km accuracy.
- Operator Score: Minimal risk (0.2174).
---
**3. Network Relationships**
- Linked Entities:
- Same network: OVH_282347337 (AS16276).
- DNS association: proxy-uk001-san185.ahrefs.net (Ahrefs infrastructure).
- Subnet Context:
- Subnet: 198.244.168.0/24 (256 IPs).
- Abuse density: 48.83% (moderate).
- 125/256 IPs flagged as threats; 121 active.
---
**4. Actionable Insights**
- SOC Recommendations:
- Monitor subnet for unusual traffic patterns due to mixed risk profile.
- Verify DNS associations (proxy-uk001-san185.ahrefs.net) for potential infrastructure mapping.
- Validate geolocation consistency with network behavior (e.g., RTT, routing paths).
- Firewall Rules:
- Allow traffic from OVH ASN 16276 (low risk).
- Block unknown subnets in the 198.244.168.0/24 range if suspicious activity is detected.
---
Conclusion:
The IP is part of Ahrefs' OVH-hosted infrastructure with no direct malicious indicators. However, its subnet exhibits moderate abuse density, warranting continued monitoring for anomalies. No immediate mitigation required, but maintain visibility into network relationships and geolocation consistency.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Ahrefs Pte Ltd Dmytro |
| ASN | AS16276 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | proxy-uk001-san185.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-uk001-san185.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 31% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 23% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-22 09:12:26 UTC |
| Last Seen | 2026-06-28 18:22:22 UTC |
| Profile Built | 2026-06-29 06:26:15 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 24 |
Full dossier details are available via our API.