54.39.89.95
IP Intelligence Briefing: 54.39.89.95
*Generated via IPDebrief Analysis*
---
**1. IP Profile**
- Risk Score: 50 (Moderate Risk)
- Ownership:
- ASN: 16276 (OVH)
- Organization: Dmytro, Ahrefs Pte Ltd
- Network: OVH-CUST-281059691
- Geolocation:
- Country: Canada (QC, Beauharnois)
- Coordinates: Latitude 45.3161, Longitude -73.8736
- Network Role:
- CloudCompute Hosting (OVH infrastructure)
- No open services or TLS certificates detected
---
**2. Threat & Behavior**
- Threat Indicators:
- No active malware, phishing, or campaign associations.
- No DNS-based threats or spam sources.
- Historical Observations:
- Detected in 22 signals (June 2026), including geolocation, network routing, and DNS records.
- No persistent malicious activity or high-severity threats.
---
**3. Relationships**
- Network:
- Linked to OVH-CUST-281059691 (same subnet: 54.39.89.0/24).
- DNS:
- Resolves to `proxy-ca012-san95.ahrefs.net` (Ahrefs Pte Ltd).
- Subnet:
- Part of a /24 subnet with 100 neighbors.
---
**4. Subnet & Neighborhood**
- Subnet: 54.39.89.0/24
- Abuse Density: 17.24% (mostly clean, but 40/232 neighbors flagged as high/medium risk).
- Active Neighbors: 21 IPs (70% medium risk, 30% low risk).
- Notable:
- Subnet includes 10 IPs with potential abuse risks.
- No direct correlation to known malicious clusters.
---
**5. Recommendations**
- Monitor Subnet: Track neighbors with medium/high risk scores for potential lateral movement or shared infrastructure risks.
- Verify DNS: Confirm `proxy-ca012-san95.ahrefs.net` is legitimate (Ahrefs is a known cybersecurity company).
- Network Segmentation: Consider isolating this subnet if handling sensitive workloads.
Conclusion: 54.39.89.95 is a legitimate cloud-hosted IP with no direct threats, but its subnet exhibits moderate abuse risk. Continuous monitoring is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059691 |
| CIDR Block | 54.39.89.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca012-san95.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca012-san95.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 33% | 2 | 4 |
| routing | 20% | 2 | 3 |
| services | 21% | 2 | 2 |
| ownership | 22% | 3 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 25% | 12 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-21 21:01:09 UTC |
| Last Seen | 2026-06-28 16:51:31 UTC |
| Profile Built | 2026-06-29 04:55:41 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 26 |
Full dossier details are available via our API.