54.39.136.5
IP Intelligence Briefing: 54.39.136.5
Date: 2026-06-18
---
**Core Profile**
- Risk Score: 40 (Moderate Risk)
- Ownership: Owned by OVH (AS16276), registered to Dmytro, Ahrefs Pte Ltd.
- Geolocation: Canada (QC, Beauharnois).
- Network Role: Hosting provider (OVH infrastructure).
- DNS: Resolves to `proxy-ca002-san5.ahrefs.net` (ahrefs.net).
- Threat Indicators: No direct malicious activity detected.
---
**Observation History**
- Recent Activity (June 18, 2026):
- DNS resolution confirmed for `ahrefs.net` (CAA records, DNSSEC valid).
- Operator score: 0.2174 (Minimal risk label).
- Subnet Trends:
- Subnet 54.39.136.0/24 shows high abuse density (0.5041), with 124 threat siblings.
- IP has no persistent malicious activity, but subnet environment is risky.
---
**Relationships**
- Linked Entities:
- Subnet: OVH-CUST-281059681 (54.39.136.0/24).
- Domain: ahrefs.net (DNS, CAA, and DNSSEC records).
- Network Context:
- Part of OVH's cloud infrastructure, classified as "Firewalled / No Services."
---
**Neighborhood Analysis**
- Subnet: 54.39.136.0/24 (246 total IPs, 116 active).
- Risk Distribution:
- 99 medium-risk IPs, 1 low-risk IP.
- Subnet classified as high_abuse with inherited risk score of 20.
- Neighbor Example:
- IP 54.39.136.0 (riskScore: 40, authorityScore: 50).
---
**Actionable Insights**
1. Monitor Subnet: The 54.39.136.0/24 subnet has a high abuse density. Investigate if the IP is part of a larger compromised network.
2. Check DNS Activity: Ahrefs.net is linked to the IP. Verify if the domain is associated with any known campaigns or phishing activities.
3. Network Segmentation: Given the subnetβs risk profile, consider isolating or restricting traffic from this subnet.
4. Baseline for Anomalies: The IP shows no direct threats, but its environment is risky. Track changes in subnet behavior or DNS activity.
Recommendation: No immediate action required for the IP itself, but monitor the subnet and correlate with other threats in the network.
---
*Generated by IPDebrief. All data sourced from IP intelligence feeds and network analysis.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059681 |
| CIDR Block | 54.39.136.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | β |
π DNS Intelligence
| PTR | proxy-ca002-san5.ahrefs.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca002-san5.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 30% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 21% | 2 | 2 |
| ownership | 19% | 2 | 2 |
| reputation | 31% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 24% | 10 | 14 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:28 UTC |
| Last Seen | 2026-06-27 08:15:07 UTC |
| Profile Built | 2026-06-28 02:21:32 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 26 |
Full dossier details are available via our API.