IPMediumSignal 100/100
114.207.66.162
Location
Korea, Republic ofGimpo-si, Gyeonggi-do
ASN
AS9318
broadNnet
First Seen
Feb 3, 2025
Last Seen
Apr 6, 2025
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryKorea, Republic of
Korea, Republic ofRegionGimpo-si, Gyeonggi-do
ASNAS9318
OrganizationbroadNnet
Feed Intelligence Summary
12 reports99% confidence
12
Source reports
99%
Confidence score
Category tags
abuseaccess controlactive scanningasiabotnetbrute forcebrute force attackbrute force attemptcommand and controlcommunication protocolcredential accesscredential stuffingdata exfiltrationddos attacksdecoy systemdistributed attacksindicatorinternet of thingsintrusion detectioniociot botnetiot/ics attackkorea (the republic of)korea, republic ofkrmalicious network activitymalicious softwaremalwaremirai botnetnetworknetwork attacksnetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork service scanningpassword attacksprocess injectionprotocol exploitationreconnaissanceresearchedscanscannersecurity policysouth koreat1021.002t1040t1046t1055t1056.001t1059.001t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1499.001t1499.002t1499.003t1565t1595t1595.001t1595.002t1595.003tcp protocoltelnet threatthreat intelligencethreat prevention
Activity Timeline
Apr 6Apr 6
Threat Activity Heatmap
LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
12
Reports
First seenFeb 3, 2025
Last seenApr 6, 2025
GeolocationKR
CountryKorea, Republic of
LocationGimpo-si, Gyeonggi-do
ASNAS9318
OrgbroadNnet
Coords37.5614, 126.9960
VirusTotal
Not checked
WHOIS
- description
- Scans hitting the server at TCP port 23 Telnet. Same IP should not appear more than once in 96 hours in our lists S3#.
- raw
- inetnum: 114.200.0.0 - 114.207.255.255 netname: broadNnet descr: SK Broadband Co Ltd admin-c: IM670-AP tech-c: IM670-AP country: KR status: ALLOCATED PORTABLE mnt-by: MNT-KRNIC-AP mnt-irt: IRT-KRNIC-KR last-modified: 2017-02-03T00:38:16Z source: APNIC irt: IRT-KRNIC-KR address: Jeollanam-do Naju-si Jinheung-gil e-mail: [email protected] abuse-mailbox: [email protected] admin-c: IM574-AP tech-c: IM574-AP auth: # Filtered remarks: [email protected] was validated on 2020-04-09 mnt-by: MNT-KRNIC-AP last-modified: 2021-06-15T06:21:49Z source: APNIC person: IP Manager address: Seoul Jung-gu Toegye-ro 24 country: KR phone: +82-80-828-2106 e-mail: [email protected] nic-hdl: IM670-AP mnt-by: MNT-KRNIC-AP last-modified: 2021-10-05T05:20:03Z source: APNIC inetnum: 114.200.0.0 - 114.207.255.255 netname: broadNnet-KR descr: SK Broadband Co Ltd country: KR admin-c: IM12-KR tech-c: IM12-KR status: ALLOCATED PORTABLE mnt-by: MNT-KRNIC-AP mnt-irt: IRT-KRNIC-KR changed: [email protected] 20240912 remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.kisa.or.kr. source: KRNIC person: IP Manager address: Seoul Jung-gu Toegye-ro 24 address: SK Namsan Green Bldg. country: KR phone: +82-80-828-2106 e-mail: [email protected] nic-hdl: IM12-KR mnt-by: MNT-KRNIC-AP changed: [email protected] 20240912 remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.kisa.or.kr. source: KRNIC
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 1 year ago
Appeared in 12 threat reports