119.192.210.110

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 119.192.210.110/32

Classification: HIGH RISK

Date: 2026-06-22

IP Address: 119.192.210.110/32

Risk Score: 80/100

---

## Executive Summary

IP 119.192.210.110 is a mobile carrier-allocated IP address from South Korea (Seoul) operating under AS4766 (IP Manager). Despite showing no active services and being firewalled, the IP registers a high risk score of 80/100, with 5 out of 8 DNSBL listings and 1 threat sibling in its /24 subnet. Recommended action: block at perimeter defenses and increase logging for forensic analysis.

---

## Technical Profile

Attribute	Value
ASN	4766 (IP Manager)
Organization	IP Manager
Country	South Korea (KR)
City	Seoul
Mobile Carrier	KT Corporation (MCC: 450, MNC: 08)
Connection Tech	LTE/5G
Network Role	Mobile, Firewalled/No Services
CIDR Block	119.192.0.0/13
BGP Prefix	119.192.0.0/13

---

## Threat Indicators

Risk Score: 80/100 (High Risk)
DNSBL Listings: 5 of 8 total lists
Operator Score: 0.1304 (Minimal)
Campaign Likelihood: None identified
Known Campaigns: None
Blacklist Count: 0 (commercial lists)
Threat Feeds: No active detections

The IP shows no open ports, no TLS certificates, and no HTTP services. The absence of active services suggests the IP is either dormant, misconfigured, or used for short-duration mobile communications.

---

## Neighborhood Analysis

Subnet: 119.192.210.110/24

Abuse Density: 1
Classification: mostly_clean
Inherited Risk: 2
Total Siblings: 1
Active Siblings: 0
Threat Siblings: 1

One threat sibling detected within the /24 subnet. The IP demonstrates route instability (isRouteStable: false).

---

## Historical Observations (16 Signals)

Recent observation timeline:

2026-06-22T11:05:48Z: Operator score 0.15, DNSSEC validated
2026-06-17T07:11:03Z: Subnet abuse density 1, inherited risk 2
2026-06-17T07:07:10Z: Geolocation confirmed: Seoul, KR (confidence 0.52)

Threat observation count: 1

Persistence days: 0

Stable ownership: No changes

---

## Relationship Graph

15 relationships identified:

All classified as "Same Network"
Network identifier: KORNET-KR (Korea)

---

## Recommended Actions

Monitoring

Increase logging verbosity for traffic from 119.192.210.110
Review recent activity logs for suspicious patterns

Firewall Rules

iptables:

```

iptables -A INPUT -s 119.192.210.110 -j DROP

```

nftables:

```

nft add rule inet filter input ip saddr 119.192.210.110 drop

```

nginx:

```

deny 119.192.210.110;

```

pfSense:

```

119.192.210.110/32

```

Cloudflare WAF:

```json

{

"description": "Block 119.192.210.110 — IPDebrief risk score 80",

"action": "block",

"filter": {"expression": "ip.src eq 119.192.210.110"}

}

```

AWS WAF:

```json

{

"Addresses": ["119.192.210.110/32"],

"Description": "IPDebrief risk 80"

}

```

---

## Analyst Notes

This IP exhibits high-risk characteristics despite lacking active service endpoints. The mobile carrier attribution (KT Corporation) and DNSBL listings suggest potential abuse for short-duration connections. The single threat sibling in the /24 subnet warrants monitoring for correlated activity. Recommend blocking at perimeter defenses and correlating with internal logs for any observed traffic.

Status: Block and Monitor

Priority: Critical

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇰🇷 South Korea
Region	11
City	Seoul
Timezone	Asia/Seoul
Latitude	35.91
Longitude	127.77

🏢 Ownership & Registration

Organization	IP Manager
ASN	AS4766
Network Name	—
CIDR Block	—
RIR	APNIC
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Mobile
Service Purpose	Firewalled / No Services
Network Tier	Unknown — Insufficient routing data to classify

Mobile

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	27%	2	3
routing	20%	1	1
services	8%	1	1
ownership	24%	2	3
reputation	25%	1	3
geolocation	31%	2	3
Overall	22%	9	14

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Fresh

First Seen	2026-05-07 23:03:34 UTC
Last Seen	2026-06-26 18:10:30 UTC
Profile Built	2026-06-24 11:00:30 UTC
Data Freshness	Fresh
Signal Types	17
Total Observations	18

🔍 17 signal types · 18 observations collected

This report is generated from 17+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

119.192.210.110📋 Copy