54.39.210.157
IP Intelligence Briefing: 54.39.210.157
*Generated via IPDebrief tools (June 5, 2026)*
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Ownership: Owned by Dmytro, Ahrefs Pte Ltd (OVH ASN 16276).
- Geolocation: Canada (QC, Beauharnois).
- Network Role: CloudCompute infrastructure (OVH-hosted, no services exposed).
- Threat Indicators: No malicious activity detected (no indicators, blacklists, or campaigns).
---
**2. Historical Observations**
- Recent Activity:
- DNS resolution for `ahrefs.net` (ownerβs domain).
- Operator score: Minimal (low risk in network operations).
- Stability: No recent route changes; network stable.
- Trend: No persistent malicious behavior; first observed on June 5, 2026.
---
**3. Relationships & Network Context**
- Linked Entities:
- Subnet: 54.39.210.0/24 (OVH-CUST-281059686).
- Associated with OVH (cloud provider) and ahrefs.net (domain owner).
- Subnet Risk:
- Abuse Density: 58.66% (high abuse classification).
- Threat Siblings: 149 IPs in subnet flagged as risky.
- Active Siblings: 143 IPs (100% of subnet active).
---
**4. Neighborhood Analysis**
- Subnet Overview:
- Total IPs: 254; Active IPs: 143; Risk Distribution: 94 medium-risk, 5 low-risk.
- Abuse Density: 0.5866 (high abuse classification).
- Neighbor IPs:
- Most IPs in the subnet have moderate risk scores (40β50).
- No direct threats detected for this IP, but subnet-wide risks suggest monitoring.
---
**5. Recommendations**
- Monitor Subnet: Given the high abuse density, investigate suspicious activity within 54.39.210.0/24.
- Verify Ownership: Confirm Ahrefsβ use of this IP; no evidence of spoofing or misuse.
- Blocklist Siblings: Consider blocking high-risk IPs in the subnet if access is restricted.
---
Conclusion: This IP is a legitimate OVH-hosted cloud instance, but its subnet exhibits elevated risk. SOC teams should prioritize monitoring the subnet for potential lateral movement or abuse. No immediate action required for this IP, but subnet-level vigilance is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059686 |
| CIDR Block | 54.39.210.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | β |
π DNS Intelligence
| PTR | proxy-ca007-san157.ahrefs.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca007-san157.ahrefs.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 30% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 12% | 2 | 2 |
| reputation | 28% | 1 | 3 |
| geolocation | 23% | 2 | 2 |
| Overall | 20% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-10 16:14:41 UTC |
| Last Seen | 2026-06-27 18:08:51 UTC |
| Profile Built | 2026-06-28 12:14:54 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 25 |
Full dossier details are available via our API.