1.235.192.130
IP Intelligence Briefing: 1.235.192.130
Date: 2026-06-17
---
**1. Core Profile**
- Risk Score: 80 (High Risk)
- Ownership:
- ASN: 9318 (IP Manager)
- Network: broadNnet-KR (APNIC)
- Region: Seoul, South Korea
- Geolocation:
- Country: South Korea (KR)
- Coordinates: 35.91°N, 127.77°E (Seocho-gu)
- Accuracy: ±250 km
- Network Role:
- Web server (HTTPS/SSH services)
- Subnet: 1.235.192.130/24 (abuse density: 66.67%)
---
**2. Threat Indicators**
- No direct malicious indicators (no known campaigns, spam, or Tor links).
- DNSBL Listings: 5/8 total lists (moderate risk).
- BGP:
- Origin ASN: 9318 (IP Manager)
- Prefix: 1.232.0.0/13
- Route Stability: Unstable (route changes detected).
- TLS:
- Self-signed certificate (issuer: vpn1000_BCCF4FEB036D).
---
**3. Observation History**
- First Seen: 2026-06-10 (HTTPS scan).
- Recent Activity (2026-06-17):
- Multi-signal geolocation inference (confidence: 52%).
- ICMP validation failed (potential firewall blocking).
- DNSBL listings (5/8) suggest potential abuse.
---
**4. Network Relationships**
- Subnet: 1.235.192.130/24 (mostly clean, 2/3 siblings flagged).
- Neighbors:
- 1.235.192.131: High risk (80/100).
- 1.235.192.214: Medium risk (65/100).
- Shared Network: broadNnet-KR (APNIC) with moderate abuse density.
---
**5. Recommended Actions**
- Block/monitor: High-risk IP (score 80) and subnet due to DNSBL listings and unstable BGP.
- Investigate: SSH (port 22) and HTTPS (port 443) services for suspicious activity.
- Validate: ICMP and DNSSEC to confirm geolocation accuracy.
SOC Note: This IP is linked to a South Korean ISP and shows mixed threat signals. Prioritize monitoring and consider blocking based on risk thresholds.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IP Manager |
| ASN | AS9318 |
| Network Name | broadNnet-KR |
| CIDR Block | 1.234.0.0/15 |
| RIR | APNIC |
| Country | KR |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 36% | 2 | 4 |
| routing | 31% | 3 | 3 |
| services | 26% | 2 | 3 |
| ownership | 27% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 32% | 2 | 3 |
| Overall | 30% | 12 | 19 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (65%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:03:23 UTC |
| Last Seen | 2026-06-22 05:15:12 UTC |
| Profile Built | 2026-06-22 05:25:08 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 25 |
Full dossier details are available via our API.