218.149.228.175
IP Intelligence Dossier
Your IP: 216.73.216.123
๐ค Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.
IP Intelligence Briefing: 218.149.228.175
*Last Updated: 2026-06-18*
---
**1. Core Profile**
- Risk Score: 80 (High Risk)
- Provider: IP Manager (AS4766)
- Geolocation: South Korea (Gyeongsangbuk-do, Yeongcheon-si), Latitude 35.91, Longitude 127.77
- Network Role: Mobile IP (KT Corporation LTE/5G)
- Threat Indicators: No active malicious indicators, but 5 listings across 8 threat feeds (June 18, 2026).
---
**2. Observation History**
- Recent Activity:
- June 18, 2026: 5 threat feed listings (high severity).
- June 15, 2026: HTTPS connection failed (potential misconfiguration).
- June 3, 2026: ICMP blocked, geolocation validation inconclusive.
- Trend: Increasing risk exposure with recent threat feed activity.
---
**3. Network Relationships**
- Subnet: 218.149.228.0/24
- Neighbors:
- 19 high-risk IPs (80 risk score), 9 medium-risk, 3 low-risk.
- Subnet abuse density: 61.3% (high-risk environment).
- Shared Network: KORNET-KR (South Korean mobile carrier network).
---
**4. Mobile Carrier Context**
- Carrier: KT Corporation (South Korea)
- Technology: LTE/5G
- MCC/MNC: 450-08
- Risk Implication: Mobile IPs may indicate legitimate users but are prone to misuse (e.g., SIM swapping, botnets).
---
**5. Services & Vulnerabilities**
- Open Ports: HTTP (80), HTTPS (443), SSH (22).
- TLS: No certificate detected.
- Banners: No server identification.
- Vulnerability: No active exploits detected, but lack of TLS may expose data in transit.
---
**6. Recommendations**
- Monitor: Track threat feed listings and ICMP blocking patterns.
- Block: Consider blocking traffic from this subnet (218.149.228.0/24) due to high abuse density.
- Investigate: Verify if the IP is part of a botnet or compromised mobile device.
- Validate: Use DNSSEC and CAA records to confirm ownership legitimacy.
---
Next Steps: Correlate with known campaigns, check for DNSBL listings, and assess subnet-wide risk.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IP Manager |
| ASN | AS4766 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | APNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Web Server |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| 22 | ssh | tcp | โ |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
No certificate
Issued by โ
N/A
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 33% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 28% | 2 | 4 |
| ownership | 20% | 2 | 3 |
| reputation | 27% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 25% | 10 | 18 |
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:04:12 UTC |
| Last Seen | 2026-06-26 18:11:08 UTC |
| Profile Built | 2026-06-24 06:28:26 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 25 |
๐ 23 signal types ยท 25 observations collected
This report is generated from 23+ independent intelligence signals including
ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds,
behavioral fingerprinting, and more.
Full dossier details are available via our API.
Full dossier details are available via our API.
โน๏ธ About This Report
All data shown is publicly available network metadata โ IP addresses do not reliably identify individuals.
Assessments are probabilistic and should not be used as sole basis for access control decisions.
To report an issue or request data review, contact admin@ipdebrief.com.