175.212.144.221
IP Intelligence Briefing: 175.212.144.221
Date: 2026-06-09
---
**1. Core Profile**
- Risk Score: 80 (High Risk)
- Ownership:
- ASN: 4766 (KT Corporation, South Korea)
- Network: KORNET-KR (apnic registry)
- Location: Ansan-si, Gyeonggi-do, South Korea (35.91°N, 127.77°E)
- Network Role: Mobile Carrier (LTE/5G)
- Threat Indicators:
- Listed in 4 DNSBLs (high severity)
- No direct malware, phishing, or exploit indicators
- No open ports or TLS certificates detected
---
**2. Observation History**
- Recent Activity:
- Detected in 4 DNSBLs (e.g., Spamhaus, Barracuda) with high severity.
- Confirmed as part of KT Corporationβs KORNET-KR network (ASN 4766).
- Operator score: 0.13 (Minimal risk, but DNSBL listings raise concerns).
- Geolocation:
- Inferred via multi-signal analysis (2 data points).
- Accuracy radius: 250 km (moderate confidence).
---
**3. Network Relationships**
- Linked Entities:
- Repeatedly associated with KORNET-KR (KTβs mobile network).
- No other subnets, organizations, or hostnames linked.
- Services:
- No active services (ports, TLS, HTTP) detected.
---
**4. Neighborhood Analysis**
- Subnet: 175.212.144.0/24
- Neighbor Data:
- 0 active IPs in subnet (abuse density: 0%).
- No neighboring IPs with risk indicators.
- Implication:
- Isolated IP with no peer risk. Could indicate a misconfigured network, honeypot, or new deployment.
---
**5. Actionable Insights**
- Monitor:
- Track DNSBL listings and validate if the IP is a false positive.
- Check for anomalous traffic patterns (e.g., outbound connections to known malicious domains).
- Verify:
- Confirm KTβs network configuration to ensure no unauthorized use of the IP.
- No Firewall Actions:
- No recommended rules for iptables, nftables, or WAFs due to lack of direct threats.
---
Conclusion:
This IP is part of KTβs mobile network but appears in multiple DNSBLs, suggesting potential misuse. Despite its high risk score, no direct malicious activity (e.g., malware, phishing) is detected. The isolated subnet and lack of peer risk may indicate a misconfigured or new network segment. SOC teams should prioritize validating DNSBL entries and monitoring for unusual behavior.
Tools Used: IPDebrief Profile, History, Relationships, Neighbors.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | IP Manager |
| ASN | AS4766 |
| Network Name | KORNET-KR |
| CIDR Block | 175.208.0.0/13 |
| RIR | APNIC |
| Country | KR |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 30% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 25% | 2 | 2 |
| Overall | 16% | 7 | 8 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-21 08:54:40 UTC |
| Last Seen | 2026-06-26 18:10:47 UTC |
| Profile Built | 2026-06-09 08:53:51 UTC |
| Data Freshness | Live |
| Signal Types | 16 |
| Total Observations | 16 |
Full dossier details are available via our API.