54.39.89.130
IP Intelligence Briefing: 54.39.89.130
Date: 2026-06-16
---
**1. Core Profile**
- Risk Score: 40 (Moderate Risk)
- Provider: OVH (ASN 16276)
- Organization: Dmytro, Ahrefs Pte Ltd (OVH-CUST-281059691)
- Geolocation: Canada (QC), Beauharnois (3000m accuracy radius)
- Network Role: Cloud compute infrastructure (OVH Hosting)
- Threat Indicators: No malicious activity detected (no blacklists, campaigns, or spam sources).
---
**2. Observations & History**
- Recent Activity (Last 30 Days):
- Minimal risk signals (0.25 raw score) with limited DNSSEC and CAA validation.
- No open ports or TLS services detected.
- Geolocation consistency confirmed (no spoofing detected).
- Historical Trends:
- Stable ownership (OVH) with no recent changes.
- No persistent threat observations (0 threat persistence days).
---
**3. Relationships & DNS**
- Linked Hostnames:
- `proxy-ca012-san130.ahrefs.net` (Ahrefs Pte Ltd).
- DNS Validation:
- No SPF/DKIM records detected.
- DNSSEC and CAA records present but unverified.
- Network Affiliation:
- Part of OVH's `54.39.89.0/24` subnet.
---
**4. Subnet & Neighborhood**
- Subnet: `54.39.89.0/24` (OVH-owned).
- Abuse Density: 60.94% (moderate risk).
- Neighbor Analysis:
- 104 active IPs in subnet.
- 156 IPs flagged as high-risk (abuse density: 60.94%).
- No direct correlation to malicious activity for this IP.
---
**5. Recommendations**
- Monitoring:
- Track subnet activity due to moderate abuse density.
- Monitor DNS associations with `proxy-ca012-san130.ahrefs.net` for anomalies.
- Mitigation:
- No immediate blocking required, but consider rate-limiting or network segmentation for high-risk neighbors.
- Ensure DNSSEC and CAA records are validated for the linked hostname.
---
Conclusion:
This IP is associated with a legitimate cloud hosting provider (OVH) and shows no direct malicious activity. However, its subnet has a moderate abuse density, warranting closer monitoring. No immediate action is required unless contextual anomalies emerge.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059691 |
| CIDR Block | 54.39.89.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca012-san130.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca012-san130.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 31% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 19% | 2 | 2 |
| ownership | 21% | 2 | 2 |
| reputation | 28% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 22% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-06-01 23:54:55 UTC |
| Last Seen | 2026-06-26 18:11:28 UTC |
| Profile Built | 2026-06-21 08:12:50 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 24 |
Full dossier details are available via our API.