198.244.240.252

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP INTELLIGENCE BRIEFING: 198.244.240.252/32

Classification: Low Risk / Cloud Infrastructure Asset

---

EXECUTIVE SUMMARY

IP 198.244.240.252 is a low-risk (score: 25/100) cloud hosting address belonging to OVH (ASN: 16276) in London, GB. The IP resolves to aresolves proxy-uk006-san252.ahrefs.net and is associated with Ahrefs Pte Ltd Dmytro. No active threat indicators detected; however, the /24 subnet shows elevated abuse density (0.4844) with 124 threat siblings among 211 active peers.

---

NETWORK IDENTIFICATION

IP Address: 198.244.240.252
ASN: 16276 (OVH SAS)
Organization: Ahrefs Pte Ltd Dmytro
Country/Region: England, GB
Geolocation: London (750km accuracy radius)
Infrastructure Type: CloudCompute / Hosting
Network Role: Firewalled / No Services Detected

---

REPUTATION & THREAT ANALYSIS

Risk Score: 25/100 (Low Risk)
Reputation: Low Risk
Blacklist Status: 0 abuse entries
Threat Indicators: None detected
Campaign Association: None
Tor/Proxy/VPN: False
Known Attacker: No

*Note: DNSBL listing detected (1/8 lists) despite null abuseConfidenceScore.*

---

DNS & SERVICE PROFILE

PTR Hostname: proxy-uk006-san252.ahrefs.net
Forward Resolution: 1 confirmed hostname
Open Ports: None detected
TLS/HTTP Services: No active services observed
Certificate Authority (CAA): Valid
DNSSEC: Valid

---

SUBNET NEIGHBORHOOD ANALYSIS

Subnet: 198.244.240.252/24
Abuse Density: 0.4844 (Mixed Classification)
Total Siblings: 256
Active Siblings: 211
Threat Siblings: 124
Inherited Risk Score: 19/100

*Risk context: The /24 subnet shows mixed classification with significant threat presence. Monitor adjacent IPs for coordinated activity.*

---

OBSERVATION HISTORY

Total Signals: 21 observations
Recent Signals (2026-06-26):

- Geolocation: GB (confidence: 0.28)

- Subnet Classification: Mixed (confidence: 0.75)

- Network Role: CloudCompute/Hosting (confidence: 0.90)

- Operator Score: Minimal (0.087)

*Temporal analysis indicates persistent benign behavior with no escalation patterns.*

---

RELATIONSHIP GRAPH

Total Relationships: 57
Primary Link: Same Network (OVH_282347342)
Correlated IPs: 0
Cert Matches: 0

---

SOC ACTION RECOMMENDATIONS

Immediate Actions:

No blocking required; risk score indicates benign cloud infrastructure
Monitor for service initiation if previously firewalled
Verify DNS resolution against expected ahrefs.net domain

Defensive Configuration:

Standard cloud infrastructure allowlist rules apply
No specific firewall rules recommended
Implement standard OVH network segmentation policies

Monitoring Priorities:

Track subnet abuse density changes (current: 0.4844)
Monitor for service/port opening on this address
Watch for DNS changes deviating from ahrefs.net pattern

Risk Assessment: Low. This IP represents legitimate cloud hosting infrastructure with no active malicious indicators. Standard operational monitoring recommended.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇬🇧 United Kingdom
Region	England
City	London
Timezone	Europe/London
Latitude	51.51
Longitude	-0.13

🏢 Ownership & Registration

Organization	Ahrefs Pte Ltd Dmytro
ASN	AS16276
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	proxy-uk006-san252.ahrefs.net
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)
Forward Hostnames	`proxy-uk006-san252.ahrefs.net`

🔐 DNS Hygiene

Hygiene Score	40% (Fair)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Present

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	28%	2	4
routing	13%	1	1
services	12%	2	2
ownership	20%	2	3
reputation	27%	1	3
geolocation	35%	2	3
Overall	23%	10	16

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-11 21:44:05 UTC
Last Seen	2026-06-27 20:23:34 UTC
Profile Built	2026-06-28 20:29:48 UTC
Data Freshness	Live
Signal Types	22
Total Observations	28

🔍 22 signal types · 28 observations collected

This report is generated from 22+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

198.244.240.252📋 Copy

**EXECUTIVE SUMMARY**

**NETWORK IDENTIFICATION**

**REPUTATION & THREAT ANALYSIS**

**DNS & SERVICE PROFILE**

**SUBNET NEIGHBORHOOD ANALYSIS**

**OBSERVATION HISTORY**

**RELATIONSHIP GRAPH**

**SOC ACTION RECOMMENDATIONS**