54.39.89.23
IP Intelligence Briefing: 54.39.89.23/32
*Generated via IPDebrief Analysis*
---
**1. Risk Profile**
- Risk Score: 40 (Moderate Risk)
- Provider: OVH (ASN 16276)
- Organization: Dmytro, Ahrefs Pte Ltd (Hosting provider)
- Geolocation: Canada (QC, Beauharnois)
- Network Role: Hosting service (Firewalled / No Services)
- Threat Indicators: No known malicious activity, no blacklist entries, no Tor exit node.
---
**2. Subnet & Neighborhood**
- Subnet: 54.39.89.0/24
- Abuse Density: 52.99% (High Abuse Classification)
- Neighbor Risk Distribution:
- 54 IPs with Medium Risk (score 25โ40)
- 46 IPs with Low Risk (score 1โ25)
- Notable Neighbors:
- 54.39.89.2 (Risk Score 40)
- 54.39.89.3 (Risk Score 50)
- 54.39.89.4 (Risk Score 40)
- *Subnet shows elevated abuse activity, suggesting potential for associated risks.*
---
**3. Historical Observations**
- Last 30 Days:
- Subnet abuse density increased from 0.3 to 0.5299 (High Abuse).
- No persistent malicious behavior detected.
- No changes in ownership or network role.
- Trend: Rising subnet risk may indicate upstream provider (OVH) or shared hosting environment compromise.
---
**4. Relationships & Dependencies**
- Network: Linked to OVH-CUST-281059691 (Ahrefs Pte Ltd).
- Services: No open ports, no TLS/HTTP services detected.
- DNS: Resolves to `proxy-ca012-san23.ahrefs.net` (Ahrefs domain).
- Certificates: No SSL/TLS certificates detected.
---
**5. Recommendations**
1. Monitor Subnet: Elevated abuse density in 54.39.89.0/24 warrants closer scrutiny of shared hosting environment.
2. Check Ahrefs Activity: Investigate Ahrefs Pte Ltdโs network for potential misconfigurations or compromised hosts.
3. Block High-Risk Neighbors: Consider blocking IPs with scores โฅ40 in the subnet to mitigate lateral movement risks.
4. Verify DNS: Confirm DNSSEC and CAA records for `ahrefs.net` to prevent spoofing.
---
Note: No direct malicious activity detected, but the IP resides in a subnet with high abuse risk. Prioritize monitoring and segmentation.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059691 |
| CIDR Block | 54.39.89.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca012-san23.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca012-san23.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 11% | 1 | 2 |
| ownership | 15% | 2 | 2 |
| reputation | 28% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 21% | 9 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-15 20:48:20 UTC |
| Last Seen | 2026-06-28 02:58:06 UTC |
| Profile Built | 2026-06-28 21:04:03 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 24 |
Full dossier details are available via our API.