IP Intelligence Briefing: 194.32.120.219
Date: 2026-05-29
---
**1. Threat Profile**
- Risk Score: 40 (Moderate Risk)
- Ownership: Registered to "VPN Consumer London, United Kingdom" (ASN 42831).
- Geolocation: London, England, GB (latitude: 53.86, longitude: 0.63).
- Threat Indicators: No malicious activity detected (no indicators, blacklists, or campaigns).
- Network Role: Firewalled / No Services (no open ports, TLS, or HTTP banners).
---
**2. Observation History**
- Threat Persistence: 0 days (no persistent malicious behavior).
- Recent Activity:
- Scanned on 2026-05-29 (ports scanned but no services identified).
- Geolocation inferred via multi-signal analysis (confidence: 40%).
- Subnet abuse density: 65.38% (high abuse classification).
---
**3. Network Relationships**
- Subnet: 194.32.120.0/24.
- Neighboring IPs: 26 total IPs in subnet, 25 flagged as medium/high risk.
- Key Risks:
- Subnet abuse density: 65.38% (high abuse).
- 17 of 26 siblings are classified as threats.
- Inherited risk score: 26 (moderate).
---
**4. Actionable Insights**
- Monitor Subnet: The 194.32.120.0/24 subnet has a high abuse density, suggesting potential for malicious activity.
- Investigate Neighbors: 25 of 26 sibling IPs are medium/high risk; prioritize monitoring these.
- Verify Ownership: The ISP "VPN Consumer London" may require further scrutiny, given the subnet's risk profile.
- Network Segmentation: Consider isolating this subnet or implementing firewall rules to restrict traffic.
---
Conclusion: While the IP itself is not directly malicious, its association with a high-risk subnet (abuse density: 65.38%) warrants close monitoring. SOC teams should prioritize analyzing neighboring IPs and validate the ISP's security posture.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | VPN Consumer London, United Kingdom |
| ASN | AS42831 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 19% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 27% | 2 | 3 |
| Overall | 22% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-13 12:12:34 UTC |
| Last Seen | 2026-06-06 20:49:38 UTC |
| Profile Built | 2026-06-06 20:51:05 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 18 |
Full dossier details are available via our API.