37.5.245.188
IP Intelligence Briefing: 37.5.245.188
Date: 2026-06-06
---
**1. Risk Profile**
- Overall Risk Score: 25 (Low Risk)
- Provider Score: 0 (No malicious provider indicators)
- Authority Score: 0 (No authoritative malicious activity)
- Stability: Unstable (route changes detected in 30 days)
- Threat Indicators: No known malicious activity, blacklists, or campaigns.
---
**2. Ownership & Geolocation**
- Registered Owner: Kabel Deutschland RIPE (AS3209)
- Location: Berlin, Germany (51.17°N, 10.45°E)
- Mobile Carrier: Vodafone (LTE/5G)
- Network: Part of `KABEL-DEUTSCHLAND-CUSTOMER-SERVICES-27` subnet (37.5.0.0/16).
---
**3. Network Behavior**
- Services: No open ports, TLS certificates, or HTTP services detected.
- DNS:
- PTR hostname: `ip2505f5bc.dynamic.kabel-deutschland.de`
- No SPF/DMArc records; no email-related authentication.
- Mobile: LTE/5G service; no residential or CDN infrastructure.
---
**4. Temporal Observations**
- First Seen: 2026-05-29
- Observation History:
- Single observation with low confidence (0.21).
- No persistent malicious activity or threat persistence.
- Subnet Abuse Density: 0.5 (mostly clean, but 1 threat sibling in /24).
---
**5. Relationships & Neighbors**
- Linked Entities:
- DNS associations with `ip2505f5bc.dynamic.kabel-deutschland.de` (repeated).
- Same network (`KABEL-DEUTSCHLAND-CUSTOMER-SERVICES-27`).
- Neighboring IPs:
- Subnet: `37.5.245.188/24`
- 1 high-risk neighbor (`37.5.245.186`, risk score 0).
- Subnet abuse density: 0.5 (mixed risk).
---
**6. Threat Context**
- No Malicious Signatures: Not listed in blacklists, Tor exit nodes, or spam sources.
- Subnet Risk: While the IP itself is low risk, the subnet contains 1 threat sibling.
- Recommendation: Monitor for unusual activity, especially given the subnetβs mixed risk profile. No immediate mitigation required.
---
Summary: 37.5.245.188 is a legitimate mobile IP from Vodafone, part of Kabel Deutschlandβs network. No malicious activity detected, but the subnet has a low abuse density with one high-risk neighbor. SOC teams should monitor for behavioral changes.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Kabel Deutschland RIPE |
| ASN | AS3209 |
| Network Name | KABEL-DEUTSCHLAND-CUSTOMER-SERVICES-27 |
| CIDR Block | 37.5.0.0/16 |
| RIR | RIPE |
| Country | DE |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | ip2505f5bc.dynamic.kabel-deutschland.de |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ip2505f5bc.dynamic.kabel-deutschland.de |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 20% | 9 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-13 00:04:14 UTC |
| Last Seen | 2026-06-06 17:04:58 UTC |
| Profile Built | 2026-06-06 17:06:47 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 18 |
Full dossier details are available via our API.