222.110.147.56
IP Intelligence Briefing: 222.110.147.56
Date: 2026-06-18
---
**1. Risk Profile**
- Risk Score: 65 (Moderate Risk)
- Threat Indicators: No direct malicious activity observed. DNSBL listings (3/8) suggest minimal abuse risk.
- Network Role: Mobile device (KT Corporation, LTE/5G).
- Geolocation: South Korea (Seoul, Mapo-gu), latitude 35.91, longitude 127.77.
---
**2. Ownership & Infrastructure**
- ASN: 4766 (IP Manager, KT Corporation).
- Network Classification: Mobile carrier (KT), no cloud/CDN/VPN detected.
- Subnet: 222.110.147.0/24.
- Subnet Abuse Density: 1/256 (low).
---
**3. Temporal Observations**
- Recent Activity (2026-06-18):
- Minimal risk score (0.15) with DNSSEC validation.
- No persistent threats or ownership changes.
- Historical Trends:
- Stable risk profile since June 10, 2026.
- No spikes in threat indicators.
---
**4. Network Relationships**
- Linked Networks: KORNET-KR (South Korea).
- Neighbor IPs:
- 222.110.147.58: Risk score 50 (Moderate Risk).
- Subnet abuse density: 1/256 (low).
---
**5. Security Actions**
- Recommended Mitigations:
- Monitor 222.110.147.58 for anomalies due to moderate risk.
- Verify DNSSEC validation and ensure mobile device segmentation.
- Check for potential lateral movement risks within the 222.110.147.0/24 subnet.
---
Conclusion:
The IP is associated with a mobile LTE/5G device in South Korea (KT Corporation). While no direct malicious activity is detected, the subnet contains one moderate-risk neighbor. SOC teams should monitor the subnet for potential lateral movement and ensure mobile device access controls are enforced.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IP Manager |
| ASN | AS4766 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | APNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Multi-Service Host |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 22 | ssh | tcp | |
| 8080 | http-alt | tcp | โ |
| Closed Ports | 25, 443, 3389, 8443 (3 open / 7 scanned) | ||
| Server | nginx/1.18.0 (Ubuntu) |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 31% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 24% | 2 | 3 |
| reputation | 24% | 1 | 3 |
| geolocation | 37% | 2 | 3 |
| Overall | 23% | 9 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:04:13 UTC |
| Last Seen | 2026-06-26 18:11:10 UTC |
| Profile Built | 2026-06-26 09:44:36 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 19 |
Full dossier details are available via our API.