198.244.242.200
IP Intelligence Briefing: 198.244.242.200
Date: June 15, 2026
---
**1. Core Profile**
- Risk Score: 40 (Moderate Risk)
- Ownership: Ahrefs Pte Ltd (ASN 16276)
- Geolocation: London, England, UK (GeoPlausible: Yes)
- Network Role: CloudCompute (OVH infrastructure)
- Threat Indicators: No malicious indicators, no blacklists, no known campaigns.
---
**2. Observation History**
- Recent Activity (June 15):
- Multi-signal geolocation inference (confidence: 28%) placing the IP in London, UK.
- Subnet abuse density: 0.6055 (High Abuse, inherited risk: 24).
- Historical Trends:
- Subnet (198.244.242.0/24) shows 155 threat siblings and 193 active IPs, with 98% medium-risk and 2% low-risk neighbors.
- No persistent malicious activity detected.
---
**3. Relationships**
- Network Affiliation:
- Part of OVH network (AS16276) with high abuse density.
- DNS Associations:
- Linked to `proxy-uk007-san200.ahrefs.net` (likely legitimate Ahrefs infrastructure).
- No Malicious Connections:
- No subnets, organizations, or certificates flagged as malicious.
---
**4. Subnet Analysis**
- Subnet: 198.244.242.0/24
- Abuse Density: 60.55% (High Risk)
- Neighbor Risk Distribution:
- 98% Medium Risk
- 2% Low Risk
- Actionable Insight: The subnet is heavily associated with risky activity, suggesting potential for lateral movement or compromised hosts.
---
**5. Recommendations**
1. Monitor Subnet Activity:
- Given the high abuse density, consider blocking or closely monitoring traffic from this subnet.
2. Verify Cloud Compute Security:
- Confirm OVHโs security posture for this cloud instance. Compromised VMs in shared infrastructure may pose risks.
3. Investigate DNS Hostname:
- Validate `proxy-uk007-san200.ahrefs.net` for legitimacy, as it is tied to the IP.
---
Conclusion:
The IP is part of a high-risk subnet with no direct malicious indicators but warrants scrutiny due to the surrounding network environment. SOC teams should prioritize monitoring and securing cloud resources in this subnet.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Ahrefs Pte Ltd Dmytro |
| ASN | AS16276 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | proxy-uk007-san200.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-uk007-san200.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 31% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 31% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 25% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-22 09:12:38 UTC |
| Last Seen | 2026-06-28 18:36:47 UTC |
| Profile Built | 2026-06-29 06:40:15 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 25 |
Full dossier details are available via our API.