15.235.98.79
IP Intelligence Briefing: 15.235.98.79
Date: 2026-06-13
---
**1. Core Profile**
- Risk Score: 40 (Moderate Risk)
- Ownership: Registered to Ahrefs Pte Ltd (OVH ASN 16276).
- Geolocation: Singapore (CA), with inferred coordinates (56.13°N, -106.35°W).
- Network Role: Cloud compute infrastructure (OVH-hosted, no residential/mobile indicators).
- Threat Indicators: No malicious activity detected (no blacklists, spam, or campaigns).
---
**2. Observational History**
- Recent Activity:
- Subnet abuse density: 0.5391 (high_abuse classification).
- 138 of 256 neighboring IPs in the 15.235.98.0/24 subnet show risk.
- Historical signals show inconsistent geolocation and routing data.
- Trend: No persistent malicious behavior; risk scores remain stable.
---
**3. Relationships**
- Network Connections:
- Linked to OVH-CUST-281059698 (same network).
- DNS resolves to proxy-ca019-san79.ahrefs.net (Ahrefs infrastructure).
- No Known Associations: No ties to Tor, CDN, or malicious campaigns.
---
**4. Neighborhood Analysis**
- Subnet: 15.235.98.0/24.
- Risk Distribution:
- 96% of neighbors: Medium risk (score 40โ50).
- 4% low risk.
- Notable Neighbors:
- 15.235.98.0, 15.235.98.1, and 15.235.98.2 show higher risk scores.
---
**5. Recommendations**
- Monitor Subnet: Given the high abuse density in the subnet, monitor adjacent IPs for anomalous traffic.
- Verify Ahrefs Services: Confirm legitimacy of Ahrefs infrastructure to avoid false positives.
- Firewall Rules: Consider blocking high-risk neighbors (e.g., 15.235.98.0/24) if they are not part of your network.
---
Summary: 15.235.98.79 is a legitimate cloud compute IP owned by Ahrefs, with no direct malicious indicators. However, its subnet shows elevated risk, warranting closer scrutiny of neighboring IPs for potential threats.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059698 |
| CIDR Block | 15.235.98.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca019-san79.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca019-san79.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 38% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 25% | 2 | 2 |
| reputation | 36% | 1 | 3 |
| geolocation | 32% | 2 | 3 |
| Overall | 26% | 10 | 15 |
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:03:46 UTC |
| Last Seen | 2026-06-27 00:30:26 UTC |
| Profile Built | 2026-06-27 14:44:05 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 26 |
Full dossier details are available via our API.