211.63.138.134
Threat Intelligence Briefing for IP 211.63.138.134
*Generated via IPDebrief Intelligence Network*
---
**1. Risk Profile**
- Risk Score: 55/100 (Moderate Risk)
- Provider: KT Corporation (South Korea)
- Network Role: Mobile Carrier (LTE/5G)
- Geolocation: Seoul, South Korea (Gangseo-gu)
- Threat Indicators: No malicious activity detected (no indicators, blacklists, or campaigns).
---
**2. Network Relationships**
- Linked Networks: KORNET-KR (KT Corporation)
- Subnet: 211.63.128.0/17 (apnic)
- ASN: AS4766 (KT Corporation)
- BGP Prefix: 211.63.128.0/17
- DNS: No PTR records or domain associations.
---
**3. Observation History**
- Latest Activity: Geolocation update (Seoul, South Korea) on 2026-05-30.
- Threat Signals: No persistent malicious observations.
- Network Stability: Route stability flagged as "unstable" (BGP route changes).
---
**4. Neighborhood Analysis**
- Subnet Abuse Density: 0% (no malicious neighbors in 211.63.138.134/24).
- Active Siblings: 0 (no neighboring IPs reported).
---
**5. Recommended Actions**
- Monitoring: Increase logging verbosity for this IP due to moderate risk score.
- Firewall Rules:
- iptables: `iptables -A INPUT -s 211.63.138.134 -j DROP`
- Cloudflare WAF: Block IP with rule `{\"action\":\"block\",\"expression\":\"ip.src eq 211.63.138.134\"}`
- AWS WAF: Add `211.63.138.134/32` to IP set.
---
Conclusion: This IP belongs to a South Korean mobile carrier and shows no direct malicious activity. The moderate risk score may reflect network instability or operational anomalies. Monitor for unexpected behavior but no immediate mitigation is required unless additional signals emerge.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IP Manager |
| ASN | AS4766 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | APNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 13% | 1 | 2 |
| geolocation | 13% | 1 | 1 |
| Overall | 16% | 8 | 11 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-16 02:55:11 UTC |
| Last Seen | 2026-06-07 19:15:33 UTC |
| Profile Built | 2026-06-07 19:24:15 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 20 |
Full dossier details are available via our API.