## IP Intelligence Briefing: 183.105.80.88/32
Classification: Low Risk โ Mobile Endpoint in South Korea
Executive Summary
IP address 183.105.80.88 is a mobile carrier endpoint associated with KT Corporation in Gwangju, South Korea. The IP presents a low-risk profile (risk score: 25/100) with minimal threat indicators. No malicious campaigns or persistent attack patterns detected.
Ownership and Registration
- ASN: 4766 (IP Manager)
- Organization: IP Manager
- Country: South Korea (KR)
- City: Gwangju
- RIR: APNIC
- Network Classification: Mobile carrier endpoint
Network Classification
- Mobile Carrier: KT Corporation (LTE/5G)
- Connection Type: Mobile device or hotspot
- Infrastructure Type: Single-service host
- Cloud/CDN/Proxy: Not detected
- Tor Exit Node: No
Service Exposure
- Open Ports: TCP/22 (SSH)
- SSH Banner: SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.2
- TLS Certificates: None
- HTTP Services: None detected
- Reverse DNS: Not resolved
- Forward Resolution: 0 records
Threat Intelligence Indicators
- Abuse Confidence Score: Not applicable
- Known Attacker: No
- Spam Source: No
- Blacklist Count: 0
- DNSBL Listings: 1 out of 8 lists
- Threat Observation Count: 1
- Campaign Likelihood: None
- Known Campaigns: None detected
Geographic and Control Plane Data
- Geolocation Confidence: 52% (multi-signal inference)
- Coordinate Accuracy: 250 km radius
- BGP Prefix: 183.104.0.0/13
- Route Stability: Unstable
- RPKI State: Not evaluated
- DNSSEC Valid: Yes
Neighborhood Analysis (183.105.80.0/24)
- Abuse Density: 0 (low)
- Subnet Classification: Mostly clean
- Total Sibling IPs: 1
- Active Siblings: 1
- Threat Siblings: 1
- Risk Distribution: No high or medium risk neighbors
Observation History
- Total Observations: 16 signals across observation period
- Threat Persistence: None detected
- Ownership Changes: 0
- Recent Activity: Most recent observation dated 2026-06-26 (minimal signals)
Network Relationships
- Primary Network: KORNET-KR (18 relationships identified)
- Network Type: Same network associations (KORNET-KR)
Recommended Actions
No specific firewall rules or blocking recommendations generated. The IP presents low-risk characteristics consistent with legitimate mobile carrier traffic.
Intelligence Assessment
This IP address represents a mobile carrier endpoint with minimal security concerns. The open SSH port on a mobile device is consistent with remote management capabilities provided by mobile operators. No evidence of malicious activity, campaign participation, or persistent threat behavior. The single DNSBL listing does not indicate significant abuse. SOC teams may treat this as benign traffic unless additional context suggests otherwise.
Recommendation: Monitor as normal mobile carrier traffic. No blocking required.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IP Manager |
| ASN | AS4766 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | APNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Single-Service Host |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.2 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 19% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-10 16:14:10 UTC |
| Last Seen | 2026-06-26 02:27:17 UTC |
| Profile Built | 2026-06-26 02:33:59 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 17 |
Full dossier details are available via our API.