37.107.48.113
IP Intelligence Briefing: 37.107.48.113
*Generated via IPDebrief tools: Profile, History, Relationships, Neighbors*
---
**Risk Assessment**
- Risk Score: 40 (Moderate Risk)
- Threat Indicators: No malicious indicators, spam, or known attacker associations.
- Network Role: Mobile (LTE/5G) IP associated with Saudi Telecom Company (STC).
- Geolocation:
- Reported Location: Marseille, France (via geolocation signals).
- Network Origin: Saudi Arabia (BGP prefix 37.107.48.0/20, registered to SAUDINET-STC).
- Conflict Note: Geolocation appears inconsistent with network provider (STC, Saudi Arabia).
---
**Ownership & Network Context**
- Registrar: SAUDINET-STC (Saudi Telecom Company JSC, SA).
- ASN: 25019 (STC_DSL_IP).
- Subnet: 37.107.48.0/20 (part of STC's allocated IP range).
- Abuse Density: 0% (no malicious neighbors in subnet).
---
**Observation History**
- Recent Signals:
- Geolocation: Inferred as Saudi Arabia (confidence: 52%) with ~800km accuracy.
- DNSBL Listings: Listed in 2/8 DNSBLs (high-severity lists).
- BGP Data: Valid DNSSEC, no route instability detected.
- Temporal Trends: No persistent malicious activity or ownership changes.
---
**Relationships**
- Linked Entities:
- Subnet: STC_DSL_IP (same network).
- Organization: SAUDINET-STC (Saudi Telecom Company).
- No Correlated IPs or Campaigns: No linked malicious domains, certificates, or hosting records.
---
**Neighborhood Analysis**
- Subnet: 37.107.48.113/24.
- Neighbor Count: 0 (no sibling IPs identified).
- Abuse Density: Low risk within subnet.
---
**Actionable Insights**
1. Geolocation Discrepancy: Monitor for inconsistencies between network origin (Saudi Arabia) and geolocation (France). Potential spoofing or misconfigured routing.
2. DNSBL Listings: Investigate 2 DNSBL entries (high-severity lists) to confirm legitimacy. False positives are possible but should be validated.
3. Mobile IP Context: Given STC's LTE/5G association, this IP may belong to a Saudi mobile user. Ensure itβs not part of a compromised device.
4. No Active Threats: No open ports, malicious domains, or TLS certificates detected. Low risk for immediate action.
---
*End of Briefing*
*Generated by IPDebrief β Threat Intelligence for SOC Analysts*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | SAUDINET-STC |
| ASN | AS25019 |
| Network Name | STC_DSL_IP |
| CIDR Block | 37.107.0.0/17 |
| RIR | RIPE |
| Country | SA |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 0% | 0 | 0 |
| routing | 0% | 0 | 0 |
| services | 0% | 0 | 0 |
| ownership | 27% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 6% | 3 | 4 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-04 00:32:25 UTC |
| Last Seen | 2026-06-12 23:49:22 UTC |
| Profile Built | 2026-06-13 00:10:34 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 19 |
Full dossier details are available via our API.