116.125.120.27
IP Intelligence Briefing: 116.125.120.27
Date: 2026-06-11
---
**1. Core Profile**
- Risk Score: 65/100 (Moderate Risk)
- Ownership:
- ASN: 9318 (IP Manager)
- Registry: APNIC (South Korea)
- CIDR: 116.120.0.0/13
- Geolocation:
- City: Chuncheon, Gangwon-do, South Korea (37.89°N, 127.74°E)
- Timezone: Asia/Seoul
- Distance Validation: ICMP blocked; geo-plausible via 8,474 km round-trip estimate.
- Threat Indicators:
- No active malware, spam, or known attacker activity.
- 3 DNSBL listings (out of 8 total) with "high" severity.
---
**2. Network Behavior**
- Firewalled/No Services: No open ports, TLS, or HTTP services detected.
- Control Plane:
- BGP Prefix: 116.125.0.0/16 (AS9318)
- Route Stability: Unstable (route changes in last 30 days).
- DNSSEC Valid: Yes.
- Subnet Neighbors:
- No active IPs in 116.125.120.0/24 subnet.
---
**3. Historical Observations**
- Recent Activity (June 11, 2026):
- DNSBL listings detected (3/8 total).
- Geo-validation failed due to ICMP blocking.
- No persistent threat or campaign correlations.
---
**4. Relationships**
- Network Affiliation:
- Linked to "broadNnet-KR" (SK Broadband Co Ltd, KR).
- No Known Relationships: No subnets, hostnames, or certificates tied to this IP.
---
**5. Recommended Actions**
- Monitor: Increase logging verbosity for this IP due to elevated risk score.
- Block: Implement firewall rules to drop traffic from 116.125.120.27.
- iptables: `iptables -A INPUT -s 116.125.120.27 -j DROP`
- Cloudflare WAF: Block IP with rule `{ "action": "block", "expression": "ip.src eq 116.125.120.27" }`
- AWS WAF: Add `116.125.120.27/32` to IP set.
---
Conclusion: This IP exhibits moderate risk due to DNSBL listings and unstable routing. While no direct threats are detected, its association with a South Korean ISP and lack of service activity warrant monitoring. Block the IP to mitigate potential risks.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IP Manager |
| ASN | AS9318 |
| Network Name | broadNnet-KR |
| CIDR Block | 116.120.0.0/13 |
| RIR | APNIC |
| Country | KR |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 2 |
| routing | 17% | 1 | 1 |
| services | 17% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 32% | 2 | 3 |
| Overall | 22% | 9 | 12 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Fresh
| First Seen | 2026-05-28 23:50:35 UTC |
| Last Seen | 2026-06-19 05:25:35 UTC |
| Profile Built | 2026-06-18 04:23:42 UTC |
| Data Freshness | Fresh |
| Signal Types | 15 |
| Total Observations | 16 |
Full dossier details are available via our API.