15.235.96.29
IP Intelligence Dossier
Your IP: 216.73.216.123
๐ค Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.
IP Intelligence Briefing: 15.235.96.29
Date: 2026-06-09
---
**1. Risk Profile**
- Overall Risk: Low Risk (Risk Score: 25)
- Ownership: Owned by Ahrefs Pte Ltd (OVH ASN 16276).
- Geolocation: Registered to Singapore (CA), but geo-validation flags it as implausible due to inconsistent RTT (27ms vs. expected 121.6ms for 6,082km).
- Network Role: Cloud infrastructure (OVH-hosted, no residential/mobile indicators).
---
**2. Threat Indicators**
- No Active Threats: No malware, phishing, or malicious activity detected.
- DNS: Resolves to `proxy-ca015-san29.ahrefs.net` (no known malicious domains).
- Services: No open ports or TLS services detected.
- Blacklists: Not listed in DNSBLs (1/8 lists checked).
---
**3. Network Relationships**
- Subnet: Part of `15.235.96.0/24` (OVH network).
- Neighbors:
- Subnet contains 248 IPs, with 118 active and 89 flagged as low-risk.
- Abuse density: 35.9% (mixed risk profile).
- Associations: Linked to OVH-CUST-281059694 network and `proxy-ca015-san29.ahrefs.net` hostname.
---
**4. Observation History**
- Recent Activity:
- Last scan: June 1, 2026 (no active services found).
- DNSSEC and CAA records validated; no TLS/HTTP anomalies.
- Trends: No persistent threats or ownership changes detected.
---
**5. Recommendations**
- Monitor Geolocation Discrepancy: Investigate the implausible geo-validation (6,082km vs. 27ms RTT).
- Check DNS Hostname: Monitor `proxy-ca015-san29.ahrefs.net` for suspicious behavior.
- Subnet Review: Given the 35.9% abuse density, review neighboring IPs for potential risks.
---
Conclusion: This IP is a legitimate cloud server owned by Ahrefs, with no current malicious indicators. The geo-validation discrepancy warrants further investigation, but no immediate action is required.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059694 |
| CIDR Block | 15.235.96.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca015-san29.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca015-san29.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
No certificate
Issued by โ
N/A
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 36% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 19% | 2 | 2 |
| reputation | 31% | 1 | 3 |
| geolocation | 39% | 2 | 3 |
| Overall | 25% | 10 | 15 |
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
โ Claimed geolocation contradicts RTT physics measurement
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-21 20:59:21 UTC |
| Last Seen | 2026-06-28 15:29:00 UTC |
| Profile Built | 2026-06-29 09:35:03 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 24 |
๐ 21 signal types ยท 24 observations collected
This report is generated from 21+ independent intelligence signals including
ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds,
behavioral fingerprinting, and more.
Full dossier details are available via our API.
Full dossier details are available via our API.
โน๏ธ About This Report
All data shown is publicly available network metadata โ IP addresses do not reliably identify individuals.
Assessments are probabilistic and should not be used as sole basis for access control decisions.
To report an issue or request data review, contact admin@ipdebrief.com.