IP Intelligence Briefing: 45.130.81.109
Date: 2026-06-09
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Ownership: Registered to VPN Consumer Kiev, Ukraine (ASN 206092) under ARIN.
- Geolocation: Ukraine, Kyiv City (50.46°N, 30.53°E).
- Network Role: Firewalled / No Services (no open ports, no TLS/HTTP services detected).
- Threat Indicators: No malicious activity, no known campaigns, no DNS/IP blacklists.
---
**2. Observation History (30 Days)**
- Stability: No ownership changes; consistent registration to the same provider.
- Threat Trends: No persistent malicious activity; threat observation count remains zero.
- Geolocation Consistency: Plausible Kyiv location with no anomalies.
---
**3. Relationships & Subnet Context**
- Subnet: 45.130.81.0/24 (part of "KIEV-UA-45-130-81-0").
- Neighbors (37 IPs):
- Low Risk (33 IPs): Most IPs in the subnet have risk scores of 0β25.
- Medium Risk (4 IPs): 25β50 risk scores; 2 IPs with 50 (high authority score).
- Abuse Density: 0% (no reported abuse in the subnet).
- Subnet Classification: No inherited risk detected.
---
**4. Security Recommendations**
- Firewall Rules:
- Allow traffic only if necessary, given the firewalled nature of the IP.
- Monitor subnet for anomalies, especially the 4 medium-risk neighbors.
- Monitoring:
- Track changes in the subnetβs abuse density or threat activity.
- Verify if the VPN providerβs network has any known security incidents.
---
Conclusion:
45.130.81.109 is a low-risk IP associated with a Ukrainian VPN service. While the IP itself shows no malicious indicators, the subnet contains a small number of medium-risk IPs. SOC teams should monitor the subnet for unexpected changes and ensure strict access controls due to the firewalled nature of the network. No immediate action required, but vigilance is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | VPN Consumer Kiev, Ukraine |
| ASN | AS206092 |
| Network Name | KIEV-UA-45-130-81-0 |
| CIDR Block | 45.130.81.0/24 |
| RIR | ARIN |
| Country | UA |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 35% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 15% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-20 17:48:29 UTC |
| Last Seen | 2026-06-09 05:13:34 UTC |
| Profile Built | 2026-06-09 05:23:25 UTC |
| Data Freshness | Live |
| Signal Types | 15 |
| Total Observations | 16 |
Full dossier details are available via our API.