109.207.35.186
IP Intelligence Briefing: 109.207.35.186
Date: 2026-06-08
---
**1. Core Profile**
- Risk Score: 70 (High Risk)
- Ownership:
- ASN: 52026 (TRUF-AS, RS)
- Registrar: ARIN
- Country: Serbia (RS)
- Geolocation:
- City: www.kbcnet.rs (likely placeholder/incorrect)
- Coordinates: 44.82°N, 20.45°E
- Network Role:
- Type: Firewalled / No Services
- Subnet: 109.207.35.0/24
- BGP Prefix: 109.207.35.0/24
- Threat Indicators:
- No direct malicious activity detected.
- DNSSEC Valid: Yes
- DNSBL Listings: 4/8 total lists (low confidence).
---
**2. Observation History**
- Recent Activity (Last 30 Days):
- 4 DNS-related observations (e.g., network ownership, DNSSEC).
- 3 high-severity threat signals (e.g., malicious listings).
- No persistent malicious behavior.
- Trend: Moderate risk with intermittent high-severity alerts.
---
**3. Network Relationships**
- Linked Entities:
- Same network: TRUF-AS (109.207.35.0/24)
- No direct connections to known malicious domains or organizations.
- Subnet Abuse Density: 4.5% (low overall risk, but 2 high-risk neighbors).
---
**4. Neighborhood Analysis**
- Subnet: 109.207.35.0/24 (22 total IPs)
- Risk Distribution:
- High Risk: 1 IP (109.207.35.186)
- Medium Risk: 10 IPs
- Low Risk: 6 IPs
- Notable Neighbors:
- 109.207.35.181: Risk 70 (same provider, high risk)
- 109.207.35.200: Risk 80 (highest in subnet)
- 109.207.35.160: Risk 55 (moderate risk)
---
**5. Recommendations**
1. Monitor Subnet: Focus on high-risk neighbors (e.g., 109.207.35.181, 109.207.35.200).
2. Verify Geolocation: Investigate anomalous "www.kbcnet.rs" city field.
3. Network Segmentation: Isolate this subnet to limit potential lateral movement.
4. Threat Intelligence Feeds: Cross-check against DNSBLs for updated listings.
5. Traffic Analysis: Scrutinize traffic patterns for unexpected outbound connections.
Note: No direct malicious activity detected, but the IPโs high risk score and neighboring IPs warrant further investigation.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | AS6700-MNT |
| ASN | AS52026 |
| Network Name | TRUF |
| CIDR Block | 109.207.32.0/20 |
| RIR | ARIN |
| Country | rs |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 0% | 0 | 0 |
| ownership | 35% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 12% | 5 | 6 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Aging
| First Seen | 2026-05-19 09:36:04 UTC |
| Last Seen | 2026-06-19 11:33:11 UTC |
| Profile Built | 2026-06-17 18:46:13 UTC |
| Data Freshness | Aging |
| Signal Types | 12 |
| Total Observations | 12 |
Full dossier details are available via our API.