54.39.0.83

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 54.39.0.83/32

## Executive Summary

54.39.0.83 is a moderate-risk (40/100) IP address assigned to OVH-CUST-281059683, a cloud compute infrastructure instance. The IP resolves to ahrefs.net and is geolocated to Beauharnois, Quebec, Canada (ASN 16276). While the individual IP shows no direct threat indicators, it resides within a subnet classified as high_abuse with 69.9% abuse density. No recommended blocking actions are currently warranted, but contextual subnet risk should be considered.

## Ownership and Infrastructure

Attribute	Value
Organization	Dmytro, Ahrefs Pte Ltd
ASN	16276 (OVH)
CIDR Block	54.39.0.0/24
Infrastructure Type	CloudCompute
Classification	Hosting (firewalled/no services)

The IP resolves to hostnames: proxy-ca004-san83.ahrefs.net, indicating association with the Ahrefs SEO analytics service. DNSSEC is valid.

## Geographic Context

Attribute	Value
Country	Canada (CA)
Region	Quebec (QC)
City	Beauharnois
Geo Sources	2

## Threat Assessment

Individual IP Risk: 40/100 (Moderate Risk)

Abuse Confidence Score: Not available
Blacklist Count: 0
Known Attacker: No
Spam Source: No
Tor Exit Node: No
Campaign Matches: 0
Threat Persistence: None observed
Threat Observation Count: 0

Control Plane Signals:

Operator Score: 0.2174 (Minimal)
Route Stability: False
DNSSEC Valid: Yes
DNSBL Listed: 1 of 8 lists

## Neighborhood Analysis

The /24 subnet (54.39.0.0/24) shows elevated abuse characteristics:

Metric	Value
Total Siblings	256
Active Siblings	220
Threat Siblings	179
Abuse Density	0.6992 (High)
Inherited Risk	27/100

Risk Distribution in Subnet:

High: 0
Medium: 100
Low: 0

Neighbor IPs show consistent risk scores (~40), indicating systematic provisioning patterns rather than isolated incidents.

## Historical Signal Timeline

21 observations recorded with the following key signals:

1. 2026-06-23 17:49:44 — DNS resolution to ahrefs.net (confidence: 0.80)

2. 2026-06-23 17:49:27 — Operator score: Minimal (confidence: 0.30)

3. 2026-06-19 06:03:10 — Operator score: Minimal (confidence: 0.60)

4. 2026-06-18 13:58:36 — Subnet abuse density: high_abuse (confidence: 0.75)

No escalation in threat signals observed. IP maintains consistent benign resolution patterns.

## Relationship Graph

58 relationships identified, primarily:

Same Network: OVH-CUST-281059683 (multiple entries)
No unique hostname, organization, or certificate relationships beyond network-level associations

## Security Recommendations

Current Status: No active blocking required

Firewall Rules (if contextual subnet risk warrants action):

```

iptables -A INPUT -s 54.39.0.83 -j DROP

nft add rule inet filter input ip saddr 54.39.0.83 drop

nginx deny 54.39.0.83;

```

Assessment: This IP is part of a high-density OVH hosting subnet but shows no individual threat indicators. The hostname resolution to ahrefs.net suggests legitimate service usage. Monitor for behavioral changes if lateral movement or abuse patterns emerge from the subnet.

---

*Report generated: IPDebrief Intelligence Analysis Platform*

*Data Timestamp: Current*

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇨🇦 Canada
Region	QC
City	Beauharnois
Timezone	—
Latitude	45.32
Longitude	-73.87

🏢 Ownership & Registration

Organization	Dmytro, Ahrefs Pte Ltd
ASN	AS16276
Network Name	OVH-CUST-281059683
CIDR Block	54.39.0.0/24
RIR	ARIN
Country	Singapore
Abuse Contact	—

🌐 DNS Intelligence

PTR	proxy-ca004-san83.ahrefs.net
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)
Forward Hostnames	`proxy-ca004-san83.ahrefs.net`

🔐 DNS Hygiene

Hygiene Score	40% (Fair)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Present

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	30%	2	3
routing	13%	1	1
services	12%	2	2
ownership	15%	2	2
reputation	22%	1	2
geolocation	32%	2	3
Overall	21%	10	13

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Mostly Consistent (80%) — 1 contradiction(s)
Attribution	Low (35%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

⚠ Claimed geolocation contradicts RTT physics measurement

📅 Observation Timeline 🔄 Live

First Seen	2026-05-07 23:04:28 UTC
Last Seen	2026-06-27 08:06:14 UTC
Profile Built	2026-06-28 02:11:12 UTC
Data Freshness	Live
Signal Types	21
Total Observations	27

🔍 21 signal types · 27 observations collected

This report is generated from 21+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

54.39.0.83📋 Copy