54.39.136.154
IP Intelligence Briefing: 54.39.136.154
Date: 2026-06-05
---
**1. Core Profile**
- Risk Score: 35 (Low Risk)
- Ownership:
- Organization: Dmytro, Ahrefs Pte Ltd (OVH network)
- ASN: 16276 (OVH)
- Geolocation: Canada (QC, Beauharnois)
- Threat Indicators: No malicious activity detected (no blacklists, campaigns, or spam).
- Network Role: CloudCompute hosting (OVH infrastructure).
- DNS:
- PTR hostname: `proxy-ca002-san154.ahrefs.net`
- Linked domain: `ahrefs.net` (legitimate SEO tool).
- Services: No open ports or TLS certificates detected.
---
**2. Observation History**
- Recent Activity (2026-06-05):
- Subnet abuse density: 0.51 (high abuse classification).
- Operator score: Moderate (0.5652).
- Stability: BGP route stable with no recent changes.
- Longevity: Owned for ~9,241 days (over 25 years). No persistent threat indicators.
---
**3. Relationships**
- Network Connections:
- Same network: OVH-CUST-281059681 (54.39.136.0/24).
- Subnet abuse density: High (126 threat siblings in 247 total IPs).
- Domain Links:
- Hosted domain: `ahrefs.net` (legitimate, no email authentication records).
---
**4. Neighborhood Analysis**
- Subnet: 54.39.136.0/24
- Risk Distribution:
- High Risk: 0 IPs
- Medium Risk: 86 IPs
- Low Risk: 14 IPs
- Notable Neighbors:
- 126 IPs flagged as threat siblings (abuse density: 51%).
- Siblings include both active and dormant IPs, suggesting potential network-wide risks.
---
**5. Recommendations**
- Monitor Subnet: High abuse density in the 54.39.136.0/24 subnet warrants closer scrutiny.
- Block High-Risk Neighbors: Consider blocking IPs with elevated risk scores in the same subnet.
- Verify Ahrefs Usage: Confirm legitimacy of `ahrefs.net` and ensure no spoofing or misconfiguration.
- Check BGP Stability: Confirm OVHβs BGP routes are secure (no route leaks or hijacks).
Conclusion: This IP is part of a legitimate hosting providerβs network but resides in a subnet with elevated abuse risks. While the IP itself shows no malicious activity, the broader network context suggests proactive monitoring is advisable.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059681 |
| CIDR Block | 54.39.136.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | β |
π DNS Intelligence
| PTR | proxy-ca002-san154.ahrefs.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca002-san154.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 4 |
| routing | 24% | 3 | 4 |
| services | 12% | 2 | 2 |
| ownership | 27% | 3 | 4 |
| reputation | 28% | 1 | 3 |
| geolocation | 37% | 2 | 3 |
| Overall | 25% | 13 | 20 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-09 17:41:41 UTC |
| Last Seen | 2026-06-27 16:28:09 UTC |
| Profile Built | 2026-06-28 10:33:18 UTC |
| Data Freshness | Live |
| Signal Types | 27 |
| Total Observations | 33 |
Full dossier details are available via our API.