45.154.138.102
IP Intelligence Briefing: 45.154.138.102
Date: 2026-06-08
---
**1. Core Profile**
- Risk Score: Low Risk (0/100)
- Ownership: Registered to "VPN Consumer Marseille, France" (ARIN).
- Geolocation: Marseille, Provence-Alpes-Côte d'Azur, France (43.3°N, 5.39°E).
- Network Role: Firewalled / No Services (no open ports or TLS certificates detected).
- Threat Indicators: No active threats, spam, or malicious campaigns.
---
**2. Observation History**
- Recent Activity:
- Observed in a South African network (ZA) with 19 pulse detections (e.g., "malware," "exploit kits").
- Listed in 8 threat feeds (high-severity categories).
- Stable network ownership (no recent ownership changes).
- Trend: No persistent malicious behavior detected.
---
**3. Network Relationships**
- Subnet: 45.154.138.0/24 (Marseille, France).
- Key Associations:
- Linked to AS206092 ("security firewall ltd").
- DNS queries timed out for multiple hosts (potential misconfiguration or spoofing).
- Neighbors:
- 46 IPs in subnet (45.154.138.0/24).
- 1 medium-risk neighbor (riskScore=25), others are low-risk.
- Abuse Density: 0% (no malicious activity in subnet).
---
**4. Security Recommendations**
- Monitor DNS Health: Investigate recurring DNS resolution failures (timed-out queries).
- Subnet Surveillance: Track the medium-risk neighbor (45.154.138.28) for potential lateral movement.
- Network Segmentation: Ensure firewalled segments (e.g., 45.154.138.0/24) are isolated from critical assets.
- Threat Feeds: Continuously monitor for updates in South African networks (ZA) linked to this IP.
---
Conclusion:
The IP is low risk but shows indirect ties to a network with mixed threat indicators. DNS anomalies and a single medium-risk neighbor warrant further investigation. Use network segmentation and DNS health checks to mitigate potential exposure.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | VPN Consumer Marseille, France |
| ASN | AS206092 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 2 |
| routing | 25% | 1 | 1 |
| services | 19% | 1 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 19% | 1 | 2 |
| geolocation | 27% | 2 | 2 |
| Overall | 25% | 9 | 12 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-17 09:11:06 UTC |
| Last Seen | 2026-06-08 06:41:37 UTC |
| Profile Built | 2026-06-08 07:14:46 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 21 |
Full dossier details are available via our API.