198.244.168.208
IP Intelligence Briefing: 198.244.168.208
Date: June 14, 2026
---
**1. Core Profile**
- Reputation: Moderate Risk (Risk Score: 40)
- Ownership:
- ASN: 16276
- Organization: Ahrefs Pte Ltd (Singapore)
- Geolocation: London, England, UK (geo-plausible with 750km accuracy)
- Network Role:
- Cloud compute infrastructure (OVH provider)
- Hosting services (no open ports, no TLS certificate)
- Threat Indicators:
- No malicious indicators (no blacklists, spam, or known attacker activity)
- Linked to domain `ahrefs.net` (PTR hostname: `proxy-uk001-san208.ahrefs.net`)
---
**2. Observation History**
- Recent Activity (Last 30 Days):
- Single observation on June 14, 2026:
- Resolved to `ahrefs.net` (CAA records present)
- Geolocation inferred with 473.7km distance from London
- BGP route stability confirmed (no recent changes)
---
**3. Network Relationships**
- Subnet: `198.244.168.208/24`
- Key Relationships:
- Part of OVH network segment `OVH_282347337`
- Linked to 82+ network entities (same network classification)
- Subnet Risk:
- Abuse Density: 63.67% (high-risk classification)
- Inherited Risk: 25% (due to subnet-level abuse)
- Active Siblings: 151 IPs in the /24 range
---
**4. Threat Context**
- No Direct Malicious Indicators:
- No DNS-based attacks, spam, or campaign ties
- No Tor exit node orVPN/proxy activity
- Subnet-Level Risks:
- High abuse density in the `198.244.168.0/24` subnet
- 163 of 256 IPs in the subnet have threat associations
---
**5. Recommendations**
- Monitor Subnet:
- Investigate the `198.244.168.0/24` subnet for lateral movement or cluster-based threats.
- Verify Hosting Context:
- Confirm Ahrefsβ use of this IP for legitimate cloud infrastructure.
- Check Domain Security:
- Validate `ahrefs.net` for DNSSEC, CAA, and SPF/DKIM configurations.
- Firewall Rules:
- Consider allowing traffic to this IP if itβs part of a trusted cloud environment.
---
Note: The IP is part of a high-abuse subnet but lacks direct malicious signals. Further analysis of the subnet and associated domain is recommended.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Ahrefs Pte Ltd Dmytro |
| ASN | AS16276 |
| Network Name | β |
| CIDR Block | 198.244.128.0/17 |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | proxy-uk001-san208.ahrefs.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-uk001-san208.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 40% | 2 | 5 |
| routing | 22% | 3 | 4 |
| services | 12% | 2 | 2 |
| ownership | 24% | 3 | 4 |
| reputation | 28% | 1 | 3 |
| geolocation | 32% | 2 | 3 |
| Overall | 26% | 13 | 21 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (65%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:06 UTC |
| Last Seen | 2026-06-27 02:36:12 UTC |
| Profile Built | 2026-06-27 20:42:35 UTC |
| Data Freshness | Live |
| Signal Types | 30 |
| Total Observations | 36 |
Full dossier details are available via our API.