198.244.183.82
# IP Intelligence Briefing: 198.244.183.82/32
Classification: Cloud Infrastructure / Low Risk | Generated: 2026-06-28
---
## Executive Summary
IP 198.244.183.82 is a low-risk (25/100) cloud compute address operated by OVH SAS in London, GB. Currently shows no active threat indicators but exhibits historical volatility in subnet abuse patterns. No immediate blocking recommended; monitor for behavioral changes.
---
## Ownership & Infrastructure
- Organization: Ahrefs Pte Ltd Dmytro (ASN 16276)
- ISP/Provider: OVH
- Infrastructure Type: CloudCompute (Hosting Provider)
- Registration: ARIN registry
- DNS Resolution: proxy-uk004-san82.ahrefs.net (Forward confirmed: No)
---
## Threat Assessment
- Risk Score: 25/100 (Low Risk)
- Abuse Confidence: Not applicable
- Known Attacker: No
- Tor Exit Node: No
- Spam Source: No
- Blacklist Count: 0
- DNSBL Listed: 1 of 8 threat lists
Threat Indicators: None detected. No active campaigns, known attacker signatures, or spam indicators.
---
## Network Context
- Subnet: 198.244.183.0/24
- Subnet Classification: Mixed
- Abuse Density: 0.4062 (Moderate)
- Total Siblings: 256 IPs
- Active Siblings: 213
- Threat Siblings: 104
Neighbor Risk Distribution: 77 low-risk, 23 medium-risk, 0 high-risk neighbors. The /24 subnet shows moderate abuse concentration with 40.6% abuse density.
---
## Temporal Analysis
Observation History (22 signals tracked):
- June 20, 2026: Subnet previously classified as "high_abuse" with 0.793 abuse density and 203 threat siblings (vs. current 104)
- Geolocation Inconsistency: Signals showed conflicting country data (GB vs. FR) with low confidence (0.28), indicating multi-signal inference
- Operator Score: 0.2174 (Minimal)
- Route Stability: Not stable (0 route changes in 30 days)
Persistence Metrics: 0 threat persistence days, 0 ownership changes. IP not persistently malicious.
---
## Technical Services
- Open Ports: None detected
- TLS Certificate: None
- HTTP Banner: None
- Service Purpose: Firewalled / No Services
- DNSSEC: Valid
- CAA Records: Present
---
## Recommended Actions
Current Status: No immediate firewall rules or blocking actions required. Risk profile remains low with no active threat indicators.
Monitoring Recommendations:
1. Track subnet abuse density trends (198.244.183.0/24)
2. Monitor for changes in geolocation signals
3. Watch for emergence of threat siblings in neighborhood
4. Review DNSBL listings periodically
---
## Intelligence Narrative
This IP address belongs to OVH cloud infrastructure in London, associated with Ahrefs operations. While current threat indicators are absent, historical data reveals the /24 subnet experienced elevated abuse activity in early June 2026. The subnet now shows mixed classification with 104 threat siblings among 256 total IPs. The address itself is firewalled with no services exposed, reducing its utility as an attack vector. SOC teams should treat as low-risk but maintain awareness of neighborhood-level activity. No immediate blocking action warranted; continue passive monitoring for behavioral changes.
---
Sources: IPDebrief Intelligence Platform | Data compiled from 22 historical signals, 47 relationship records, and 100 neighbor IP profiles.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Ahrefs Pte Ltd Dmytro |
| ASN | AS16276 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | proxy-uk004-san82.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-uk004-san82.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 31% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 31% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 23% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-21 14:56:56 UTC |
| Last Seen | 2026-06-28 13:57:54 UTC |
| Profile Built | 2026-06-29 08:03:49 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 25 |
Full dossier details are available via our API.