121.66.124.146
IP Intelligence Briefing: 121.66.124.146
*Generated via IPDebrief Analysis*
---
**Core Profile**
- Risk Score: 80 (High Risk)
- Ownership: Registered to IP Manager (ASN 3786, APNIC) in South Korea (KR).
- Geolocation: Seoul, KR (35.91°N, 127.77°E).
- Network Role: Firewalled infrastructure with no open services or public-facing ports.
- Threat Indicators: No direct malicious activity detected (no malware, phishing, or spam indicators).
---
**Observation History**
- DNSBL Listings: Detected in 4 out of 8 DNSBLs (confidence 0.85) on 2026-06-17, suggesting potential abuse.
- Network Stability: Minimal operator risk (score 0.2174) but unstable routing (route changes in last 30 days).
- Geolocation Consistency: Plausible Seoul, KR, but no recent probes to validate.
---
**Relationships & Network Context**
- Subnet: Part of 121.66.124.0/24, with 3 high-risk neighbors (80/100 score).
- Neighboring IPs:
- 121.66.124.147 (80/100)
- 121.66.124.148 (80/100)
- 121.66.124.149 (80/100)
- Abuse Density: Subnet classified as "mostly_clean" but inherits 10% risk from neighbors.
---
**Recommendations**
1. Monitor Neighbors: The high-risk neighbors (121.66.124.147β149) may indicate a compromised network segment.
2. Verify DNSBL Listings: Investigate why this IP is listed in DNSBLs, even if no active threats are detected.
3. Check for Anomalies: Confirm if the firewalled nature of the IP is intentional or a misconfiguration.
4. Geolocation Validation: Conduct active geolocation probes to verify the IPβs location in Seoul, KR.
---
Summary: While the IP itself shows no direct malicious activity, its high-risk neighbors and DNSBL listings warrant closer scrutiny. The networkβs unstable routing and inherited risk suggest potential infrastructure vulnerabilities. SOC teams should prioritize monitoring the subnet for lateral movement or correlated threats.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | IP Manager |
| ASN | AS3786 |
| Network Name | BORANET-KR |
| CIDR Block | 121.64.0.0/14 |
| RIR | APNIC |
| Country | KR |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 31% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 11% | 1 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 21% | 1 | 3 |
| geolocation | 32% | 2 | 3 |
| Overall | 22% | 9 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:36 UTC |
| Last Seen | 2026-06-26 18:10:32 UTC |
| Profile Built | 2026-06-22 12:06:40 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 21 |
Full dossier details are available via our API.