198.244.242.66

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING

Target: 198.244.242.66/32

Classification: LOW RISK

Date: 2026-06-26

## Executive Summary

IP 198.244.242.66 is a low-risk residential cloud infrastructure endpoint associated with Ahrefs Pte Ltd, a legitimate SEO analytics provider. No active threat indicators, blacklisting, or malicious behavior observed. The IP resolves to a firewalled hosting environment with no open services.

## Technical Profile

Risk Assessment:

Overall Risk Score: 25/100
Reputation: Low Risk
Provider Score: 0/100
Authority Score: 0/100

Ownership & Registration:

Organization: Ahrefs Pte Ltd Dmytro
ASN: 16276 (OVH)
Country: United Kingdom (GB)
City: London, England
RIR: ARIN
Registration: Available via RDAP

Network Classification:

Infrastructure: Cloud Compute / Hosting
Network Type: Firewalled / No Services
Cloud Provider: OVH
Is CDN: No
Is VPN/Proxy/Tor: No
Bogon: No
Residential: No

DNS Resolution:

PTR Hostname: proxy-uk007-san66.ahrefs.net
Forward Resolution: ahrefs.net
Forward Confirmed: No
Email Auth (SPF/DMARC): Not configured

## Threat Indicators

Active Threat Signals: None

Known Attacker: No
Spam Source: No
Tor Exit Node: No
Blacklist Count: 0
Known Campaigns: None
Threat Feeds: Clean

Behavioral Analysis:

Honeypot Hits: 0
Threat Observation Count: 1
Persistent Malicious: No
Threat Persistence Days: 0

## Historical Observations (21 Total)

Recent monitoring shows stable infrastructure classification with consistent cloud hosting signals. Geolocation inference indicates London, UK with varying confidence levels (0.22-0.90). Network classification consistently reports OVH cloud infrastructure with hosting designation. No escalation in threat signals observed across the observation window.

## Network Relationships

Relationship Count: 54
Primary Relationship: Same Network (OVH_282347343)
No organizational, hostname, or certificate relationships beyond network-level associations
BGP Prefix: 198.244.128.0/17
Route Stability: Not stable

## Subnet Analysis (198.244.242.0/24)

Abuse Density: 0.3242 (Moderate)
Classification: Mixed
Total Siblings: 256
Active Siblings: 229
Threat Siblings: 83
Risk Distribution: 0 High, 76 Medium, 24 Low

The subnet exhibits mixed usage patterns with a notable presence of threat-sibling IPs (83/256). This indicates the broader address space hosts various services, some with security concerns.

## Recommended Security Actions

Current Risk Profile: Low (25/100)

Recommendations: No specific blocking or filtering required at this time.

Context: The IP belongs to Ahrefs infrastructure and presents no immediate threat. Standard enterprise filtering policies apply. Consider monitoring the broader /24 subnet for emerging threat patterns given the 83 threat siblings observed.

## Conclusion

IP 198.244.242.66 is a legitimate cloud infrastructure endpoint with low risk characteristics. No immediate defensive action required. SOC analysts should maintain standard monitoring protocols and observe the broader subnet for emerging threat indicators.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇬🇧 United Kingdom
Region	England
City	London
Timezone	Europe/London
Latitude	51.51
Longitude	-0.13

🏢 Ownership & Registration

Organization	Ahrefs Pte Ltd Dmytro
ASN	AS16276
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	proxy-uk007-san66.ahrefs.net
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)
Forward Hostnames	`proxy-uk007-san66.ahrefs.net`

🔐 DNS Hygiene

Hygiene Score	40% (Fair)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Present

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	28%	2	4
routing	13%	1	1
services	12%	2	2
ownership	24%	2	3
reputation	30%	1	3
geolocation	31%	2	3
Overall	23%	10	16

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-11 21:44:06 UTC
Last Seen	2026-06-27 20:25:11 UTC
Profile Built	2026-06-28 14:30:28 UTC
Data Freshness	Live
Signal Types	22
Total Observations	27

🔍 22 signal types · 27 observations collected

This report is generated from 22+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

198.244.242.66📋 Copy