IOC Radar
IPMediumSignal 100/100

114.207.66.162

Location
Korea, Republic ofKorea, Republic of
Gimpo-si, Gyeonggi-do
ASN
AS9318
broadNnet
First Seen
Feb 3, 2025
Last Seen
Apr 6, 2025
Feb 3
First Seen
509d ago
Apr 6
Last Seen
447d ago
12
Reports
source reports
99%
Confidence
medium
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

25 techniques

Network Information

CountryKRKorea, Republic of
RegionGimpo-si, Gyeonggi-do
ASNAS9318
OrganizationbroadNnet

Feed Intelligence Summary

12 reports99% confidence
12
Source reports
99%
Confidence score
Category tags
abuseaccess controlactive scanningasiabotnetbrute forcebrute force attackbrute force attemptcommand and controlcommunication protocolcredential accesscredential stuffingdata exfiltrationddos attacksdecoy systemdistributed attacksindicatorinternet of thingsintrusion detectioniociot botnetiot/ics attackkorea (the republic of)korea, republic ofkrmalicious network activitymalicious softwaremalwaremirai botnetnetworknetwork attacksnetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork service scanningpassword attacksprocess injectionprotocol exploitationreconnaissanceresearchedscanscannersecurity policysouth koreat1021.002t1040t1046t1055t1056.001t1059.001t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1499.001t1499.002t1499.003t1565t1595t1595.001t1595.002t1595.003tcp protocoltelnet threatthreat intelligencethreat prevention

Activity Timeline

1 total obs
Apr 6Apr 6

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
12
Reports
First seenFeb 3, 2025
Last seenApr 6, 2025
GeolocationKR
CountryKorea, Republic of
LocationGimpo-si, Gyeonggi-do
ASNAS9318
OrgbroadNnet
Coords37.5614, 126.9960

VirusTotal

Not checked

WHOIS

description
Scans hitting the server at TCP port 23 Telnet. Same IP should not appear more than once in 96 hours in our lists S3#.
raw
inetnum: 114.200.0.0 - 114.207.255.255 netname: broadNnet descr: SK Broadband Co Ltd admin-c: IM670-AP tech-c: IM670-AP country: KR status: ALLOCATED PORTABLE mnt-by: MNT-KRNIC-AP mnt-irt: IRT-KRNIC-KR last-modified: 2017-02-03T00:38:16Z source: APNIC irt: IRT-KRNIC-KR address: Jeollanam-do Naju-si Jinheung-gil e-mail: [email protected] abuse-mailbox: [email protected] admin-c: IM574-AP tech-c: IM574-AP auth: # Filtered remarks: [email protected] was validated on 2020-04-09 mnt-by: MNT-KRNIC-AP last-modified: 2021-06-15T06:21:49Z source: APNIC person: IP Manager address: Seoul Jung-gu Toegye-ro 24 country: KR phone: +82-80-828-2106 e-mail: [email protected] nic-hdl: IM670-AP mnt-by: MNT-KRNIC-AP last-modified: 2021-10-05T05:20:03Z source: APNIC inetnum: 114.200.0.0 - 114.207.255.255 netname: broadNnet-KR descr: SK Broadband Co Ltd country: KR admin-c: IM12-KR tech-c: IM12-KR status: ALLOCATED PORTABLE mnt-by: MNT-KRNIC-AP mnt-irt: IRT-KRNIC-KR changed: [email protected] 20240912 remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.kisa.or.kr. source: KRNIC person: IP Manager address: Seoul Jung-gu Toegye-ro 24 address: SK Namsan Green Bldg. country: KR phone: +82-80-828-2106 e-mail: [email protected] nic-hdl: IM12-KR mnt-by: MNT-KRNIC-AP changed: [email protected] 20240912 remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.kisa.or.kr. source: KRNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 year ago
Appeared in 12 threat reports