15.235.98.193
IP Intelligence Briefing: 15.235.98.193
Date: 2026-06-02
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Provider: OVH (ASN 16276)
- Organization: Dmytro, Ahrefs Pte Ltd
- Geolocation: Singapore (CA), with 3000km accuracy radius.
- Network Role: Cloud compute infrastructure (OVH-hosted, no public services).
- Threat Indicators: No malicious activity, no blacklists, no known campaigns.
---
**2. Network & Subnet Context**
- Subnet: 15.235.98.193/24
- Subnet Abuse Density: 39.13% (mixed risk, 99 threat siblings in 253 total).
- Neighbor Analysis:
- High Risk: 0 IPs
- Medium Risk: 17 IPs
- Low Risk: 83 IPs
- Abuse Density: 0.39 (moderate risk in subnet).
---
**3. Historical Observations**
- Last 30 Days:
- 19 observations (19 unique signals).
- Key Trends:
- DNS resolution to `proxy-ca019-san193.ahrefs.net` (Ahrefs domain).
- BGP route stability: 0 changes in 30 days.
- DNSSEC validity: Confirmed.
---
**4. Relationships & Dependencies**
- Linked Entities:
- Network: OVH-CUST-281059698 (same subnet).
- Domain: `ahrefs.net` (PTR hostname).
- DNS: No email auth (SPF/DKIM missing).
- Certificates/TLS: No TLS certs or HTTP services detected.
---
**5. Recommendations**
- Monitor Subnet: High-risk neighbors (17 IPs) suggest increased scrutiny.
- Verify DNS: Confirm legitimacy of `ahrefs.net` DNS resolution.
- Network Segmentation: Ensure cloud compute instances are isolated from critical assets.
- Threat Feeds: Cross-check with threat intel feeds (no current alerts).
---
Conclusion:
15.235.98.193 is a low-to-moderate risk cloud compute IP associated with Ahrefs. While no direct malicious activity is detected, its subnet contains a significant number of medium-risk IPs. SOC teams should monitor for unusual DNS activity or lateral movements within the subnet. No immediate mitigation required, but ongoing monitoring is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059698 |
| CIDR Block | 15.235.98.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca019-san193.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca019-san193.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 31% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 15% | 2 | 2 |
| reputation | 28% | 1 | 3 |
| geolocation | 35% | 2 | 3 |
| Overall | 22% | 10 | 15 |
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:03:46 UTC |
| Last Seen | 2026-06-27 00:24:15 UTC |
| Profile Built | 2026-06-27 14:37:15 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 28 |
Full dossier details are available via our API.