198.244.242.64
IP Intelligence Briefing: 198.244.242.64
*Generated via IPDebrief Threat Intelligence Network*
---
**1. Core Profile**
- Risk Score: 40 (Moderate Risk)
- Ownership: Ahrefs Pte Ltd (AS16276, OVH provider)
- Geolocation: London, England, UK (inferred via DNS and routing)
- Network Role: CloudCompute infrastructure (OVH-hosted, no residential/mobile indicators)
- Threat Indicators: No malicious activity detected (no blacklists, spam, or campaigns).
---
**2. Observation History**
- Recent Activity:
- Last observed June 15, 2026 (minimal risk profile).
- Geolocation inferred with 0.28 confidence, 750km accuracy radius.
- Route stability flagged (BGP instability, 0.2174 operator score).
- Trend: No significant changes in risk or threat signals over 28 days.
---
**3. Network Relationships**
- Linked Entities:
- Subnet: 198.244.242.64/24 (OVH network 282347343).
- Shares infrastructure with 100+ IPs in the same subnet.
- Abuse Context:
- Subnet classified as high_abuse (abuse density: 0.6484).
- 147 of 256 sibling IPs flagged as threats.
---
**4. Neighborhood Analysis**
- Subnet Overview:
- 198.244.242.64/24 contains 256 IPs.
- 100 active neighbors: 96 medium-risk, 4 low-risk.
- High-risk siblings: 147 IPs with elevated threat scores.
- Key Neighbors:
- 198.244.242.0/24 (risk score: 40), 198.244.242.1/24 (risk score: 40), etc.
---
**5. Actionable Insights**
- SOC Recommendations:
- Monitor DNS: Ahrefs-related subdomains (e.g., `proxy-uk007-san64.ahrefs.net`) for unusual traffic.
- Watch Subnet: High abuse density in 198.244.242.64/24 suggests potential lateral movement or shared infrastructure risks.
- Verify Cloud Context: Confirm OVH-hosted cloud instances are authorized and isolated from critical assets.
- Mitigation:
- Apply firewall rules to block traffic from high-risk siblings in the subnet.
- Validate DNS resolution for `ahrefs.net` to ensure no spoofing or misconfigured hosts.
---
Conclusion: The IP is associated with a legitimate cloud provider (OVH/Ahrefs) but resides in a subnet with elevated abuse risk. While no direct threats are detected, the network context warrants closer monitoring for potential indirect risks.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Ahrefs Pte Ltd Dmytro |
| ASN | AS16276 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | proxy-uk007-san64.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-uk007-san64.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 21% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-20 11:46:19 UTC |
| Last Seen | 2026-06-28 11:45:48 UTC |
| Profile Built | 2026-06-29 05:50:43 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 25 |
Full dossier details are available via our API.