5.39.1.226
IP Intelligence Briefing: 5.39.1.226
*Generated via IPDebrief Analysis*
---
**1. Core Profile**
- Risk Score: 40 (Moderate Risk)
- Ownership: Owned by Ahrefs Pte Ltd Dmytro (ASN 16276, OVH provider).
- Geolocation: Registered to France (FR), inferred via multi-signal geolocation with 500km accuracy radius.
- Network Role: Cloud compute infrastructure (OVH), no residential/mobile/mobile carrier association.
- Threat Indicators: No malicious activity detected; no indicators in threat feeds, DNSBLs, or campaigns.
---
**2. Observation History**
- Recent Activity (June 14โ18, 2026):
- Minimal risk score (0.2174) with low confidence (0.2256).
- Subnet abuse density: High (0.8438), indicating risky sibling IPs in the 5.39.1.0/24 range.
- No persistent malicious behavior; threat observation count: 1.
---
**3. Network Relationships**
- Connected Entities:
- Linked to OVH network 282114230 (same ASN/organization).
- Resolves to proxy-fr005-san226.ahrefs.net (DNS PTR).
- No direct ties to known malicious organizations or domains.
---
**4. Neighborhood Analysis**
- Subnet: 5.39.1.0/24 (32 IPs).
- Risk Distribution:
- 31 IPs in subnet, with 27 flagged as high-risk (65+ score).
- Notable high-risk neighbors:
- 5.39.1.224 (40), 5.39.1.225 (50), 5.39.1.240 (65), 5.39.1.255 (40).
- Abuse Density: 84.38% of subnet IPs show abuse risk.
---
**5. Actionable Insights**
- Monitor Subnet: High abuse density in the 5.39.1.0/24 subnet warrants closer scrutiny.
- Validate Ahrefs Activity: Confirm legitimacy of Ahrefs infrastructure, as the IP resolves to a proxy hostname.
- Block High-Risk Neighbors: Consider blocking IPs with scores โฅ65 (e.g., 5.39.1.240) if they are not part of the expected network.
- Check for Enumeration: No open ports/services detected, but subnet-wide risks suggest potential lateral movement risks.
---
Summary: This IP is part of a high-risk subnet linked to a legitimate cloud provider. While the IP itself shows no direct malicious activity, the surrounding network environment warrants further investigation.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Ahrefs Pte Ltd Dmytro |
| ASN | AS16276 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | proxy-fr005-san226.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-fr005-san226.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 30% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 24% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 21% | 9 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:04:24 UTC |
| Last Seen | 2026-06-27 05:54:14 UTC |
| Profile Built | 2026-06-28 06:00:39 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 25 |
Full dossier details are available via our API.