54.39.136.183
IP Intelligence Briefing: 54.39.136.183
Date: 2026-06-14
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Ownership: Owned by OVH (AS16276) under Dmytro, Ahrefs Pte Ltd.
- Geolocation: Canada (QC, Beauharnois), inferred with low accuracy (3000 km radius).
- Network Role: CloudCompute infrastructure (OVH-hosted, no residential/mobile traffic).
- Threat Indicators: No malicious activity, no known campaigns, or blacklisted listings.
---
**2. Observation History**
- Recent Activity:
- Single observation (low confidence) indicating potential geolocation in Canada.
- RTT anomalies (27ms vs. expected 112.6ms for 5629km distance), suggesting possible misattribution or synthetic data.
- Trend: No persistent malicious behavior detected.
---
**3. Relationships**
- Network Affiliation: Linked to OVH-CUST-281059681 (same /24 subnet).
- Services:
- DNS: Resolves to `proxy-ca002-san183.ahrefs.net` (owned by Ahrefs).
- TLS/HTTP: No open ports or active services detected.
- Security Posture: No malware signatures, phishing indicators, or exploit attempts.
---
**4. Subnet Analysis**
- Subnet: 54.39.136.0/24
- Risk Density: 46.75% abuse rate (115/246 IPs flagged).
- Neighbor Activity:
- 100 active IPs in subnet (2 medium-risk, 98 low-risk).
- 115 IPs flagged for abuse (potential lateral movement or compromised hosts).
---
**5. Actionable Insights**
- No Immediate Threat: The IP itself is low-risk, but the subnet shows moderate abuse density.
- Monitor Subnet: Watch for unusual activity in 54.39.136.0/24, especially given the 46.75% abuse rate.
- Verify Geolocation: Investigate RTT discrepancies to rule out spoofing or synthetic data.
- No Blocking Required: No malicious indicators justify firewall rules or blocking actions.
---
Conclusion: 54.39.136.183 is a legitimate OVH-hosted cloud instance with no direct malicious activity. However, its subnetβs elevated abuse density warrants closer monitoring for potentialε ³θ risks.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059681 |
| CIDR Block | 54.39.136.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | β |
π DNS Intelligence
| PTR | proxy-ca002-san183.ahrefs.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca002-san183.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 31% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 15% | 2 | 2 |
| reputation | 28% | 1 | 3 |
| geolocation | 32% | 2 | 3 |
| Overall | 22% | 10 | 15 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:28 UTC |
| Last Seen | 2026-06-27 08:09:15 UTC |
| Profile Built | 2026-06-28 02:15:49 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 26 |
Full dossier details are available via our API.