54.39.136.60
Threat Intelligence Briefing for IP 54.39.136.60/32
*Generated via IPDebrief tools: Profile, History, Relationships, Neighbors*
---
**1. IP Profile**
- Risk Assessment:
- Overall Risk: Low (Risk Score: 0, Provider/Authority Scores: 0).
- Geolocation: Confirmed as *New York, NY, US* (latitude: 40.7128, longitude: -74.0060). Secondary data suggests Canada (Beauharnois, Quebec), but this is inconsistent and likely outdated.
- Network Role: Cloud compute infrastructure (OVH provider), hosted in a firewalled environment with no open services detected.
- Ownership: No ASN, organization, or registration details available.
- Threat Indicators:
- No malicious activity detected (no blacklists, spam, or campaign associations).
- No TLS certificates, open ports, or DNS records linked to the IP.
---
**2. Observation History**
- Temporal Trends:
- Last 30 days: No persistent threats or ownership changes.
- Geolocation data shows sporadic updates (e.g., "Beauharnois, Canada"), but no confirmed malicious behavior.
- BGP route stability: Unstable (route changes detected).
---
**3. Relationships**
- Linked Entities:
- No relationships to subnets, hostnames, organizations, or certificates were found.
- No correlations to known campaigns or threat feeds.
---
**4. Neighborhood Analysis**
- Subnet: 54.39.136.0/24.
- Risk Distribution:
- Low-risk neighbors: 17 IPs (risk scores: 0โ40).
- Medium-risk neighbors: 83 IPs (risk scores: 40โ50).
- Abuse Density: Low (0% abuse classification).
- Notable Neighbors:
- 54.39.136.0โ4 (risk scores: 40โ50), but no malicious activity observed.
---
**5. Recommendations**
- Monitoring: Track geolocation inconsistencies and BGP route stability.
- Firewall Actions:
- Allow traffic based on cloud infrastructure patterns (OVH provider).
- Monitor for unexpected service openings or DNS changes.
- Investigation: Verify ownership details, as missing data could indicate misconfigured infrastructure or potential spoofing.
Conclusion: This IP appears to be a legitimate cloud-hosted server with no current malicious indicators. However, geolocation discrepancies and unstable routing warrant further scrutiny.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059681 |
| CIDR Block | 54.39.136.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca002-san60.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca002-san60.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 21% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 19% | 2 | 2 |
| reputation | 17% | 1 | 2 |
| geolocation | 30% | 2 | 3 |
| Overall | 19% | 9 | 11 |
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-06-06 01:24:35 UTC |
| Last Seen | 2026-06-21 12:50:15 UTC |
| Profile Built | 2026-06-21 13:07:35 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 21 |
Full dossier details are available via our API.