112.162.18.150
IP Intelligence Briefing: 112.162.18.150
Date: 2026-06-17
---
**Key Risk Indicators**
- Risk Score: 80 (High Risk)
- Provider: IP Manager (ASN 4766)
- Geolocation: Busan, South Korea (KR)
- Mobile Carrier: KT Corporation (LTE/5G)
- Threat Status: No direct indicators (no malware, spam, or known attacker associations).
---
**Network & Subnet Analysis**
- Subnet: 112.162.18.150/24
- Abuse Density: 1 (mostly clean, but low density may indicate sparse monitoring).
- Neighbors: No active neighbors reported (possible data limitations or isolated IP).
- Network Role: Mobile IP (not residential or cloud).
---
**Threat Observations**
- DNS Activity:
- DNS resolution errors to internal IPs (e.g., 192.168.2.108).
- Inferred location via multi-signal inference (KR, Busan).
- Network Signals:
- No open ports or services detected.
- DNSSEC valid, but 5/8 DNSBL lists indicate potential spam/routing risks.
- Historical Trends:
- No persistent malicious activity (threat persistence days: 0).
- Recent DNS and geolocation signals (June 2026).
---
**Relationships & Context**
- Linked Networks: Multiple associations with "KORNET-KR" (South Korean network).
- Ownership:
- Registered under IP Manager (APNIC).
- No abuse contact details available via RDAP.
- Control Plane:
- BGP prefix: 112.160.0.0/13.
- Route stability: Unstable (route changes in last 30 days).
---
**Recommended Actions**
1. Monitor DNS Resolution: Investigate internal DNS errors (e.g., 192.168.2.108) for misconfigurations or spoofing.
2. Check Subnet Activity: Verify if the /24 subnet (112.162.18.0/24) has other IPs with similar risk profiles.
3. Block/Restrict Access: Consider firewall rules to block this IP if itβs part of a larger network with abuse risks.
4. Validate Provider: Confirm IP Managerβs compliance practices, as the ASN has no abuse reports.
---
Conclusion:
The IP is flagged as high-risk due to its mobile carrier, DNS anomalies, and DNSBL listings. While no direct threats are detected, its association with a potentially unstable network and sparse neighbor data warrant further investigation. SOC teams should monitor for unexpected behavior and validate network configurations.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | IP Manager |
| ASN | AS4766 |
| Network Name | β |
| CIDR Block | β |
| RIR | APNIC |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 24% | 2 | 3 |
| ownership | 20% | 2 | 3 |
| reputation | 21% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 21% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:31 UTC |
| Last Seen | 2026-06-22 09:21:37 UTC |
| Profile Built | 2026-06-22 09:26:25 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 24 |
Full dossier details are available via our API.