198.244.242.224
IP Intelligence Briefing: 198.244.242.224
Date: 2026-06-08
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Ownership: Ahrefs Pte Ltd (OVH ASN 16276)
- Geolocation: London, England, UK (750 km accuracy radius)
- Network Role: CloudCompute (OVH provider, infrastructure type: Hosting)
- Threat Indicators: No direct malicious activity detected.
- Subnet: 198.244.242.224/24 (abuse density: 50.78%, classification: high_abuse).
---
**2. Observation History**
- Recent Activity:
- Scanned on 2026-06-08 (ports scanned, TLS/HTTP checks).
- Geolocation inferred via multi-signal analysis (latitude 55.38, longitude -3.44).
- No persistent threats or campaign correlations.
- Trend: No significant changes in risk or network behavior observed.
---
**3. Relationships**
- Network Associations:
- Linked to OVH network `OVH_282347343` (same subnet).
- DNS hostname: `proxy-uk007-san224.ahrefs.net` (Ahrefs infrastructure).
- Domain: `ahrefs.net` (CAA records present, no email auth validation).
- No External Threat Links: No malware campaigns, spam, or blacklisted activity.
---
**4. Neighborhood Analysis**
- Subnet: 198.244.242.224/24 (256 IPs).
- Risk Distribution:
- 79 IPs rated "medium" risk (avg. 40β50 score).
- 21 IPs rated "low" risk.
- 0 IPs flagged as high risk.
- Abuse Density: 50.78% (high_abuse classification).
---
**5. Recommendations**
- Monitor Subnet: The /24 subnet has a high abuse density. Investigate potential lateral movement or shared infrastructure risks.
- DNS Monitoring: Track `proxy-uk007-san224.ahrefs.net` for unusual DNS behavior.
- Network Segmentation: Ensure cloud instances (OVH) are isolated from internal networks.
- Baseline Comparison: Use historical data to detect anomalies in future scans.
Conclusion: This IP belongs to Ahrefs, a legitimate entity, but its subnet exhibits elevated abuse risk. While no direct threats are detected, the networkβs classification and neighbor activity warrant closer scrutiny for potential indirect risks.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Ahrefs Pte Ltd Dmytro |
| ASN | AS16276 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | proxy-uk007-san224.ahrefs.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-uk007-san224.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 40% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 31% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 26% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-18 03:22:29 UTC |
| Last Seen | 2026-06-28 06:23:12 UTC |
| Profile Built | 2026-06-29 00:29:13 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 26 |
Full dossier details are available via our API.