198.244.183.200
IP Intelligence Briefing: 198.244.183.200
Date: 2026-06-08
---
**1. Profile Summary**
- Risk Score: 40 (Moderate Risk)
- Ownership: Registered to Ahrefs Pte Ltd Dmytro (AS16276, OVH)
- Geolocation: London, England, UK (ARIN-registered)
- Network Role: CloudCompute infrastructure (OVH-hosted)
- Threat Indicators: No active malware, phishing, or spam sources detected.
---
**2. Observation History**
- Latest Scan (2026-06-08):
- Open ports scanned but no active services (HTTP/TLS/SSH).
- Subnet analysis shows high abuse density (0.5781) in 198.244.183.0/24.
- DNS PTR record points to proxy-uk004-san200.ahrefs.net (likely a proxy server).
- Historical Trends:
- 22 observations over 30 days, with no persistent malicious activity.
- Subnet abuse density increased slightly, suggesting potential risk in the broader network.
---
**3. Relationships**
- Network Connections:
- Linked to OVH_282347340 (AS16276) and other OVH subnets.
- DNS records tied to ahrefs.net (proxy service).
- Threat Context:
- No direct ties to known malicious campaigns or blacklists.
---
**4. Neighborhood Analysis**
- Subnet: 198.244.183.0/24
- Abuse Density: 57.81% (high risk)
- Neighbor Risk:
- 100 IPs in subnet; 148 are flagged as threats (moderate risk scores).
- Key Neighbors:
- 198.244.183.0β3 (risk scores 40β50), 198.244.183.4β6 (same).
- Recommendation: Monitor traffic patterns; isolate high-risk neighbors if possible.
---
**5. Actionable Insights**
- SOC Guidance:
- Block/monitor: High-risk neighbors in the 198.244.183.0/24 subnet.
- Investigate: Unusual outbound traffic from this IP, given the subnetβs abuse density.
- Verify: Ensure no unauthorized use of the Ahrefs proxy service.
- Firewall Rules:
- Consider restricting access to this subnet if it hosts sensitive assets.
---
Conclusion: This IP is part of a moderately risky OVH-hosted network with high abuse density in its subnet. While no direct threats are detected, the broader network environment warrants closer monitoring.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Ahrefs Pte Ltd Dmytro |
| ASN | AS16276 |
| Network Name | β |
| CIDR Block | 198.244.128.0/17 |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | proxy-uk004-san200.ahrefs.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-uk004-san200.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 4 |
| routing | 27% | 2 | 3 |
| services | 24% | 2 | 3 |
| ownership | 35% | 3 | 6 |
| reputation | 28% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 29% | 12 | 22 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-17 03:08:16 UTC |
| Last Seen | 2026-06-28 04:24:20 UTC |
| Profile Built | 2026-06-28 22:29:28 UTC |
| Data Freshness | Live |
| Signal Types | 26 |
| Total Observations | 33 |
Full dossier details are available via our API.