54.38.147.66
IP Intelligence Briefing: 54.38.147.66
Date: 2026-06-15
---
**1. Risk Profile**
- Overall Risk: Moderate (Risk Score: 40)
- Provider: OVH (ASN: 16276)
- Ownership: Ahrefs Pte Ltd (Dmytro)
- Geolocation: London, England, UK (GeoPlausible: False)
- Network Role: CloudCompute (OVH) | Hosting | No Public Services
---
**2. Threat Indicators**
- Malicious Activity: No detected threats, abuse confidence score null, no blacklisted entries.
- DNS:
- PTR hostname: `proxy-uk005-san66.ahrefs.net`
- No email authentication records (SPF/DKIM/DMArc).
- Services: No open ports or TLS certificates detected.
---
**3. Observation History**
- Recent Activity (2026-06-15):
- Geo-verification: 500 km from claimed location (London), RTT ~98ms.
- Operator risk: Minimal (0.2174 score).
- No persistent malicious behavior or network anomalies.
---
**4. Network Relationships**
- Linked Entities:
- OVH Network (ASN 16276): Same infrastructure provider.
- DNS Hostname: `proxy-uk005-san66.ahrefs.net` (Ahrefs subdomain).
- Subnet: `54.38.147.66/24`
- Abuse Density: 0.5039 (high_abuse classification).
- Neighbor Risk: 77% medium-risk IPs, 23% low-risk.
---
**5. Recommendations**
- Monitoring: Track subnet `54.38.147.0/24` for emerging risks.
- Firewall: No immediate action required for this IP, but consider rate-limiting DNS queries to `proxy-uk005-san66.ahrefs.net`.
- Verification: Confirm geolocation discrepancies (London vs. claimed coordinates).
---
Conclusion:
The IP is part of a legitimate cloud infrastructure owned by Ahrefs, with no direct malicious indicators. However, its subnet shows moderate abuse density, warranting continued monitoring. No urgent remediation is required.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Ahrefs Pte Ltd Dmytro |
| ASN | AS16276 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | proxy-uk005-san66.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-uk005-san66.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 36% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 31% | 1 | 3 |
| geolocation | 39% | 2 | 3 |
| Overall | 26% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-21 14:58:04 UTC |
| Last Seen | 2026-06-28 14:33:02 UTC |
| Profile Built | 2026-06-29 08:37:36 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 26 |
Full dossier details are available via our API.