198.244.183.203
IP Intelligence Briefing: 198.244.183.203
Date: 2026-06-15
---
**1. Core Profile**
- Risk Score: 40 (Moderate Risk)
- Provider: OVH (CloudCompute Hosting)
- Organization: Ahrefs Pte Ltd (SEO tools company)
- Geolocation: London, England, GB (inferred with 750km accuracy radius).
- Network Role: Cloud-hosted infrastructure (OVH ASN 16276).
- Threat Indicators: No malicious activity detected (no blacklists, spam, or campaigns).
---
**2. Observation History**
- Recent Activity:
- Geolocation inferred via DNS and routing signals (confidence: 28%).
- Network stability flagged as "route unstable" (BGP route changes detected).
- No persistent malicious behavior observed (threat persistence days: 0).
- Trend: Moderate risk score consistent over 30 days.
---
**3. Relationships & Context**
- DNS Associations:
- Linked to `proxy-uk004-san203.ahrefs.net` (Ahrefs infrastructure).
- Network Connections:
- Same subnet (`198.244.183.203/24`) includes 256 IPs, 85 active, 130 flagged as high-risk.
- Subnet abuse density: 50.78% (high_abuse classification).
- Provider: OVH (ASN 16276) with "Basic" operator risk score.
---
**4. Neighborhood Analysis**
- Subnet Risk:
- Abuse Density: 50.78% (high_abuse classification).
- Inherited Risk: 20 (subnetwork-level risk).
- Neighbor IPs:
- 100+ IPs in subnet, with mixed risk scores (40β50).
- No direct malicious ties to 198.244.183.203.
---
**5. Recommendations**
- Monitor Subnet: The high abuse density in the subnet warrants closer scrutiny for lateral movement or shared infrastructure risks.
- Validate DNS: Confirm legitimacy of `proxy-uk004-san203.ahrefs.net` to ensure no spoofing or misconfiguration.
- Check Cloud Configuration: Verify OVH-hosted instance security (firewalls, access controls) to mitigate potential exposure.
---
Conclusion: This IP is part of Ahrefs' cloud infrastructure, with no direct malicious indicators. However, its subnetβs high abuse density suggests contextual risk. SOC teams should monitor for anomalous behavior within the subnet and validate cloud environment security.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Ahrefs Pte Ltd Dmytro |
| ASN | AS16276 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | proxy-uk004-san203.ahrefs.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-uk004-san203.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 20% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 22% | 9 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-20 05:44:19 UTC |
| Last Seen | 2026-06-28 10:56:59 UTC |
| Profile Built | 2026-06-29 05:02:59 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 26 |
Full dossier details are available via our API.