IOC Radar
IPLowSignal 100/100

122.33.26.70

Location
South KoreaSouth Korea
Yongsan-dong, Seoul
ASN
AS17858
Xpeed
First Seen
Jan 24, 2025
Last Seen
Feb 3, 2026
Jan 24
First Seen
516d ago
Feb 3
Last Seen
141d ago
15
Reports
source reports
99%
Confidence
low
0/91
VirusTotal
detections
Found in 15 reports. Confidence: low. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

22 techniques

Network Information

CountryKRSouth Korea
RegionYongsan-dong, Seoul
ASNAS17858
OrganizationXpeed

Feed Intelligence Summary

15 reports99% confidence
15
Source reports
99%
Confidence score
Category tags
abuseaccess controlactive scanningasiaauthenticationauthentication attackbotnetbrute forcebrute force attackbrute force attemptcommand and controlcredential accesscredential stuffingctadata exfiltrationdecoy systemdistributed attacksfailed authenticationindicatorkorea (the republic of)korea, republic ofkrlogin attackmalicious softwaremalwarenetworknetwork intrusionnetwork scanningnetwork service exploitationnorth americapassword attacksprocess injectionreconnaissanceremote accessresearchedscannersecurity policysouth koreassh attackt1021t1021.004t1055t1071.001t1078t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1133t1486t1496t1499.002t1499.003t1565t1589t1589.002t1595.001t1595.002t1595.003telecommunicationsthreat intelligencethreat preventionunited states

Activity Timeline

1 total obs
Feb 3Feb 3

Threat Activity Heatmap

· Peak: 2026-02-03
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
15
Reports
First seenJan 24, 2025
Last seenFeb 3, 2026
GeolocationKR
CountrySouth Korea
LocationYongsan-dong, Seoul
ASNAS17858
OrgXpeed
Coords37.5379, 126.9700

VirusTotal

0/ 91vendors flagged
0% detection rateJun 14, 2026

WHOIS

description
SSH bruteforce client IP
raw
inetnum: 122.32.0.0 - 122.47.255.255 netname: Xpeed descr: LG POWERCOMM admin-c: IM669-AP tech-c: IM669-AP country: KR status: ALLOCATED PORTABLE mnt-by: MNT-KRNIC-AP mnt-irt: IRT-KRNIC-KR last-modified: 2017-02-02T01:32:06Z source: APNIC irt: IRT-KRNIC-KR address: 9, Jinheung-gil, Naju-si, Jeollanam-do e-mail: [email protected] abuse-mailbox: [email protected] admin-c: IM574-AP tech-c: IM574-AP auth: # Filtered remarks: [email protected] was validated on 2020-04-09 mnt-by: MNT-KRNIC-AP last-modified: 2025-04-10T04:49:23Z source: APNIC person: IP Manager address: Hangang-daero Yongsan-gu Seoul country: KR phone: +82-2-1-01 e-mail: [email protected] nic-hdl: IM669-AP mnt-by: MNT-KRNIC-AP last-modified: 2017-08-07T01:06:20Z source: APNIC route: 122.32.0.0/12 origin: AS17858 descr: Xpeed mnt-by: MNT-KRNIC-AP last-modified: 2019-09-25T00:41:29Z source: APNIC inetnum: 122.32.0.0 - 122.47.255.255 netname: Xpeed-KR descr: LG POWERCOMM country: KR admin-c: IA469-KR tech-c: IM469-KR status: ALLOCATED PORTABLE mnt-by: MNT-KRNIC-AP mnt-irt: IRT-KRNIC-KR changed: [email protected] 20240912 remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.kisa.or.kr. source: KRNIC person: IP Manager address: Hangang-daero Yongsan-gu Seoul address: 32 LGUPLUS country: KR phone: +82-2-1-01 e-mail: [email protected] nic-hdl: IA469-KR mnt-by: MNT-KRNIC-AP changed: [email protected] 20240912 remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.kisa.or.kr. source: KRNIC person: IP Manager address: Hangang-daero Yongsan-gu Seoul address: 32 LGUPLUS country: KR phone: +82-2-1-01 e-mail: [email protected] nic-hdl: IM469-KR mnt-by: MNT-KRNIC-AP changed: [email protected] 20240912 remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.kisa.or.kr. source: KRNIC
references
https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, https://redpiranha.net

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

low
First detected 1 year ago · Last seen 4 months ago
Appeared in 15 threat reports