198.244.183.102
IP Intelligence Briefing: 198.244.183.102
Date: 2026-06-09
---
**1. Core Profile**
- Reputation: Moderate Risk (Risk Score: 50)
- Ownership:
- ISP: OVH (ASN 16276)
- Organization: Ahrefs Pte Ltd Dmytro
- Geolocation: London, England, GB (plausible via DNS resolution).
- Network Role: Hosting provider (firewalled, no public services).
- Threat Indicators: No direct malicious activity (no abuse confidence, no blacklists).
---
**2. Observation History**
- Risk Trends: Stable over 30 days; no persistent threats.
- Subnet Abuse: High abuse density (0.63) in the 198.244.183.0/24 subnet.
- Key Findings:
- 162 out of 256 IPs in the subnet are flagged as threats.
- DNSSEC and CAA records are valid, but the IP is listed in 2 DNSBLs.
- No geo-validation anomalies (RTT or distance metrics).
---
**3. Relationships**
- DNS Associations:
- Linked to proxy-uk004-san102.ahrefs.net (Ahrefsβ proxy hostname).
- Network Context:
- Part of OVHβs infrastructure (ASN 16276).
- No direct ties to known malicious campaigns or domains.
---
**4. Neighborhood Analysis**
- Subnet: 198.244.183.0/24
- Abuse Density: 63.28% (high-risk classification).
- Neighbor Risk:
- 126 active IPs in subnet; 162 are flagged as threats.
- Inherited risk score: 25 (moderate).
- Actionable Insight: The IP resides in a subnet with significant abuse activity, suggesting potential lateral movement or shared infrastructure risks.
---
**5. Recommendations**
- Monitor Subnet: Track traffic from 198.244.183.0/24 for unusual patterns (e.g., outbound scans, DNS anomalies).
- Validate DNS: Confirm legitimacy of proxy-uk004-san102.ahrefs.net and check for domain spoofing.
- Restrict Access: Consider firewall rules to block traffic from high-risk neighbors if this IP is critical.
- Investigate Subnet: Collaborate with OVH to assess potential compromises in the shared subnet.
---
Conclusion: While the IP itself is not malicious, its association with a high-abuse subnet and hosting infrastructure warrants closer scrutiny. Prioritize monitoring the subnet and validating DNS relationships to mitigate potential risks.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Ahrefs Pte Ltd Dmytro |
| ASN | AS16276 |
| Network Name | β |
| CIDR Block | 198.244.128.0/17 |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | proxy-uk004-san102.ahrefs.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-uk004-san102.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 39% | 2 | 3 |
| routing | 33% | 2 | 3 |
| services | 8% | 1 | 1 |
| ownership | 37% | 3 | 6 |
| reputation | 31% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 29% | 11 | 19 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-19 23:49:33 UTC |
| Last Seen | 2026-06-28 10:29:39 UTC |
| Profile Built | 2026-06-29 04:34:01 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 30 |
Full dossier details are available via our API.