59.22.68.213
IP Intelligence Briefing: 59.22.68.213
Date: 2026-06-18
---
**1. Core Profile**
- Risk Rating: Moderate (Risk Score: 40 / 100)
- Ownership:
- ASN: 4766 (IP Manager)
- Country: South Korea (KR)
- Mobile Carrier: KT Corporation (LTE/5G)
- Geolocation:
- City: Busan, Yeonje-gu
- Coordinates: 35.91° N, 127.77° E
- Accuracy: ±250 km
- Network Role: Mobile device (not residential/cloud)
- Services:
- Open Port: 8080 (HTTP-alt)
- Server Banner: "Httpd/1.0"
---
**2. Threat & Risk Indicators**
- Threat Feed Listings:
- 4/8 listings in threat feeds (confidence: 0.52โ0.85).
- No known malicious campaigns or spam sources.
- BGP Analysis:
- Prefix: 59.16.0.0/12 (KIXS-AS-KR-KR, KT Corporation).
- Route stability: Minimal risk (operator score: 0.17).
- DNSSEC: Validated.
- DNS: No resolved PTR records or domain associations.
---
**3. Observation History**
- Recent Activity (2026-06-18):
- Inferred geolocation (moderate confidence).
- BGP prefix analysis (KIXS-AS-KR-KR).
- No recent scans or DNS anomalies.
- Long-Term Trends:
- No persistent malicious behavior (threat persistence: 0 days).
- Subnet abuse density: 0% (clean).
---
**4. Network Relationships**
- Subnets: Linked to KORNET-KR (repeated 15x).
- Neighbors:
- No active neighbors in 59.22.68.213/24 subnet.
- Subnet abuse density: 0% (clean).
---
**5. Recommendations**
- Monitoring: Track port 8080 traffic for anomalies.
- Firewall: No immediate blocking required; monitor for unexpected geolocation shifts.
- Context: Mobile device (KT Corporation) with no known malicious activity.
---
Conclusion: 59.22.68.213 is a low-risk mobile device associated with KT Corporation in South Korea. No malicious indicators detected, but moderate risk from inferred geolocation and limited threat feed listings. Continue monitoring for unexpected behavior.
*Generated by IPDebrief Threat Intelligence Platform.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IP Manager |
| ASN | AS4766 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | APNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Single-Service Host |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 8080 | http-alt | tcp | โ |
| Closed Ports | 22, 25, 80, 443, 3389, 8443 (1 open / 7 scanned) | ||
| Server | Httpd/1.0 |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 2 |
| routing | 17% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 15% | 1 | 2 |
| geolocation | 32% | 2 | 3 |
| Overall | 21% | 10 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:04:30 UTC |
| Last Seen | 2026-06-23 19:00:50 UTC |
| Profile Built | 2026-06-23 19:07:53 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 23 |
Full dossier details are available via our API.