198.244.242.144
IP Intelligence Briefing: 198.244.242.144
*Generated via IPDebrief tools*
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Ownership: Owned by Ahrefs Pte Ltd (ASN 16276, OVH network).
- Geolocation: London, England, UK.
- Network Role: CloudCompute infrastructure (OVH provider).
- Threat Indicators: No malicious activity detected (no blacklists, spam, or campaigns).
- DNS: Resolves to `proxy-uk007-san144.ahrefs.net` (Ahrefs infrastructure).
---
**2. Observation History**
- Recent Activity (30 days):
- Subnet abuse density: 0.4375 (mixed risk classification).
- 112/256 sibling IPs in the /24 subnet flagged as threats.
- 19 observations show no persistent malicious behavior.
- Temporal Trends: No significant changes in risk or threat signals.
---
**3. Network Relationships**
- Linked Entities:
- Same network: OVH_282347343 (likely a larger OVH cloud segment).
- Subnet: 198.244.242.144/24 with 100+ IPs (70% low risk, 30% medium risk).
- Control Plane:
- BGP prefix: 198.244.128.0/17 (OVH).
- DNSSEC valid, CAA records present.
---
**4. Subnet Neighbors**
- Subnet: 198.244.242.144/24 (256 total IPs).
- Risk Distribution:
- 70% low risk, 30% medium risk (potential for emerging threats).
- 112 sibling IPs flagged as threats (abuse density: 43.75%).
- Notable Neighbors:
- IPs like `198.244.242.0` (risk 50), `198.244.242.1` (risk 25), and others.
---
**5. Actionable Insights**
- SOC Recommendations:
- Monitor the 198.244.242.144/24 subnet for unusual activity due to high neighbor risk.
- Verify Ahrefs infrastructure legitimacy (no known malicious campaigns).
- Consider blocking high-risk neighbors if they are not part of the same trusted network.
- Firewall Rules:
- Allow traffic to this IP for legitimate cloud services (no observed threats).
---
Conclusion: This IP is a legitimate cloud server operated by Ahrefs. While its subnet contains a mix of low/medium-risk IPs, no direct threats are associated with the IP itself. SOC teams should focus on monitoring the broader subnet for potential lateral movement or compromised neighbors.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Ahrefs Pte Ltd Dmytro |
| ASN | AS16276 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | proxy-uk007-san144.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-uk007-san144.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 30% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 30% | 2 | 3 |
| ownership | 20% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 26% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-16 14:58:42 UTC |
| Last Seen | 2026-06-28 03:37:36 UTC |
| Profile Built | 2026-06-28 21:42:12 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 27 |
Full dossier details are available via our API.