IP Intelligence Briefing: 37.221.134.113
Last Updated: 2026-06-18
---
**1. Core Profile**
- Risk Score: 55 (Moderate Risk)
- Ownership:
- ASN: 62384 (Radio Service Ltd., UA)
- Geolocation: Ukraine (Lviv), RIPE Registry
- Network Role: Firewalled / No Services
- Threat Indicators:
- No known malicious listings, blacklists, or campaigns.
- No open ports, TLS certs, or HTTP services detected.
- BGP prefix: 37.221.128.0/20 (RadioService-AS).
---
**2. Observation History**
- Recent Activity (2026-06-18):
- Listed on 8 threat intelligence sources (medium/high severity).
- BGP prefix validated via Team-Cymru DNS (ASN 62384).
- Subnet abuse density: 0.5 (mixed classification).
- Long-Term Trends:
- No persistent malicious activity detected.
- Stable ownership (no recent ASN changes).
---
**3. Network Relationships**
- Linked Entities:
- Same Network: Multiple IPs under RADIOSERVICE-201712 (same ASN).
- Subnet: 37.221.134.0/24 (16 sibling IPs).
- Risk Distribution: 13 medium-risk neighbors, 3 low-risk.
---
**4. Subnet Analysis**
- Abuse Density: 0.5 (mixed risk).
- Notable Neighbors:
- 37.221.134.108: Risk score 70 (high risk).
- 37.221.134.119: Risk score 55 (moderate).
- 37.221.134.222: Risk score 40 (low).
- Active Siblings: 5 IPs with open services or threats.
---
**5. Recommendations**
- Monitor Subnet: Focus on high-risk neighbors (e.g., 37.221.134.108).
- Verify Ownership: Confirm Radio Service Ltd. is a legitimate entity.
- Check for Enumeration: No open services detected, but dormant hosts may be probed.
- DNS/Email: No DNS records or email auth data available.
---
Summary:
The IP 37.221.134.113 is part of a moderately risky subnet with mixed threat activity. While the IP itself shows no direct malicious indicators, its neighbors include high-risk hosts. SOC teams should prioritize monitoring the subnet for lateral movement or unusual activity.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Radio Service Ltd. |
| ASN | AS62384 |
| Network Name | β |
| CIDR Block | β |
| RIR | RIPE |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 40% | 2 | 5 |
| routing | 17% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 24% | 1 | 3 |
| geolocation | 37% | 2 | 3 |
| Overall | 27% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:17 UTC |
| Last Seen | 2026-06-23 11:13:46 UTC |
| Profile Built | 2026-06-23 11:32:53 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 28 |
Full dossier details are available via our API.