15.235.96.244
## Intelligence Briefing: IP 15.235.96.244/32
Classification: Moderate Risk โ Cloud Infrastructure Node
Risk Score: 40/100
Date: 2026-06-26
---
Executive Summary
IP 15.235.96.244 is a cloud compute endpoint associated with OVH hosting infrastructure and the Ahrefs network (asn:16276). The IP shows no active threat indicators but operates within a high-abuse density subnet (15.235.96.0/24). Geolocation data exhibits significant inconsistency requiring validation.
---
Infrastructure Profile
| Attribute | Value |
|---|---|
| **Provider** | OVH (ASN 16276) |
| **Organization** | Dmytro, Ahrefs Pte Ltd |
| **Network Block** | 15.235.96.0/24 (OVH-CUST-281059694) |
| **Infrastructure Type** | Cloud Compute |
| **Hosting Status** | Active |
| **Services** | Firewalled/No Open Ports |
DNS Resolution: proxy-ca015-san244.ahrefs.net โ ahrefs.net
Network Role: No open ports detected; passive infrastructure node
---
Threat Indicators
- Blacklist Status: 0 blacklists (0/8 total DNSBL lists)
- Known Attacker: No
- Spam Source: No
- Tor Exit Node: No
- Known Campaigns: None detected
- Campaign Likelihood: None
DNSBL Exposure: 1 of 8 blacklist lists (minimal exposure)
---
Geolocation Validation โ โ ๏ธ DATA DISCREPANCY
| Parameter | Reported | Flag |
|---|---|---|
| **Country** | CA (Canada) | โ ๏ธ |
| **City** | Singapore | โ ๏ธ |
| **RTT Latency** | 27ms | โ ๏ธ |
| **Minimum Possible RTT** | 121.6ms | โ ๏ธ |
Assessment: Significant geolocation inconsistency detected. The 27ms latency contradicts the 6,082km distance to Singapore. This indicates unreliable geolocation data; actual location likely differs from reported values.
---
Neighborhood Analysis (15.235.96.0/24)
| Metric | Value |
|---|---|
| **Total Siblings** | 256 |
| **Active Siblings** | 213 |
| **Threat Siblings** | 161 |
| **Abuse Density** | 0.6289 (High) |
| **Risk Classification** | High Abuse |
Context: The /24 subnet exhibits elevated abuse density with 62.89% abuse rate. The target IP's risk score of 40 aligns with neighborhood inheritance patterns.
---
Historical Observation
- Total Observations: 25
- Recent Activity: 2026-06-22, 2026-06-26
- Signal Confidence: Low (0.20โ0.80 range)
- Threat Persistence: 0 days
- Ownership Changes: 0
---
Relationship Graph
- Total Relationships: 55
- Primary Connections: Same network (OVH-CUST-281059694)
- Associated Entities: Network infrastructure nodes
---
Recommended Actions
1. Monitoring: Maintain passive monitoring; no immediate threat indicators
2. Geolocation Validation: Cross-reference with additional sources due to data inconsistency
3. Subnet Context: Account for high-abuse neighborhood patterns in threat correlation
4. DNS Monitoring: Track proxy-ca015-san244.ahrefs.net for any service changes
---
Analyst Notes: This IP represents normal cloud infrastructure activity but requires geolocation validation. The subnet's abuse density should be factored into broader threat correlation efforts. No active malicious indicators detected at this time.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059694 |
| CIDR Block | 15.235.96.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca015-san244.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca015-san244.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 19% | 2 | 2 |
| reputation | 31% | 1 | 3 |
| geolocation | 39% | 2 | 3 |
| Overall | 24% | 10 | 15 |
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:03:46 UTC |
| Last Seen | 2026-06-27 00:14:32 UTC |
| Profile Built | 2026-06-27 14:27:03 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 29 |
Full dossier details are available via our API.