IOC Radar
IPLowSignal 88/100

14.46.106.28

Location
Korea, Republic ofKorea, Republic of
Gumi, Gyeonggi-do
ASN
AS4766
Kornet
First Seen
Jun 13, 2024
Last Seen
Feb 25, 2026
Jun 13
First Seen
739d ago
Feb 25
Last Seen
116d ago
12
Reports
source reports
88%
Confidence
low
0/91
VirusTotal
detections
Found in 12 reports. Confidence: low. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
88%
Signal Score
88 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

36 techniques

Network Information

CountryKRKorea, Republic of
RegionGumi, Gyeonggi-do
ASNAS4766
OrganizationKornet

Feed Intelligence Summary

12 reports88% confidence
12
Source reports
88%
Confidence score
Category tags
abuseaccess controlactive scanningasiaattackbotnetbrute forcebrute force attackcommand and controlcommunication technologiescompromised hostcowrie honeypotcredential accesscredential stuffingdata exfiltrationddosddos attacksdecoy systemdenial of servicedionaea honeypotdistributed attacksexfiltrationexploit attemptsftp brute forcehoneytrap honeypothttp brute forceindicatorinternet of thingsiociot botnetiot/ics attackkorea, republic oflamplateral movementmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware propagationmalware scanningmirai botnetmobile carriersmobile networksnetworknetwork probingnetwork scanningnetwork securitynetwork traffic analysispassword attacksprocess injectionprotocol exploitationreconnaissanceremote accessremote servicesresearchedscannersecurity policysftp attacksmtp brute forcesocradar honeypotsouth koreasql injection attemptsssh attackssh monitoringt1021t1021.001t1040t1041t1046t1055t1059t1071t1071.001t1076t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1204.002t1210t1486t1496t1497t1499.002t1499.003t1563t1565t1573t1588t1595t1595.001t1595.002t1595.003tcp/23telecom servicestelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat prevention

Activity Timeline

1 total obs
Feb 25Feb 25

Threat Activity Heatmap

· Peak: 2026-02-25
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
88
SIGNAL
Signal Score
88%
Confidence
12
Reports
First seenJun 13, 2024
Last seenFeb 25, 2026
GeolocationKR
CountryKorea, Republic of
LocationGumi, Gyeonggi-do
ASNAS4766
OrgKornet
Coords37.3654, 127.1220

VirusTotal

0/ 91vendors flagged
0% detection rateJun 8, 2026

WHOIS

raw
inetnum: 14.32.0.0 - 14.95.255.255 netname: KORNET descr: Korea Telecom admin-c: IM667-AP tech-c: IM667-AP country: KR status: ALLOCATED PORTABLE mnt-by: MNT-KRNIC-AP mnt-irt: IRT-KRNIC-KR last-modified: 2017-03-30T06:39:01Z source: APNIC irt: IRT-KRNIC-KR address: 9, Jinheung-gil, Naju-si, Jeollanam-do e-mail: [email protected] abuse-mailbox: [email protected] admin-c: IM574-AP tech-c: IM574-AP auth: # Filtered remarks: [email protected] was validated on 2020-04-09 mnt-by: MNT-KRNIC-AP last-modified: 2025-04-10T04:49:23Z source: APNIC person: IP Manager address: Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro 90 country: KR phone: +82-2-500-6630 e-mail: [email protected] nic-hdl: IM667-AP mnt-by: MNT-KRNIC-AP last-modified: 2017-03-28T06:37:04Z source: APNIC inetnum: 14.32.0.0 - 14.95.255.255 netname: KORNET-KR descr: Korea Telecom country: KR admin-c: IA9-KR tech-c: IM9-KR status: ALLOCATED PORTABLE mnt-by: MNT-KRNIC-AP mnt-irt: IRT-KRNIC-KR changed: [email protected] 20240912 remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.kisa.or.kr. source: KRNIC person: IP Manager address: Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro 90 address: KT Head Office country: KR phone: +82-2-500-6630 e-mail: [email protected] nic-hdl: IA9-KR mnt-by: MNT-KRNIC-AP changed: [email protected] 20240912 remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.kisa.or.kr. source: KRNIC person: IP Manager address: Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro 90 address: KT Head Office country: KR phone: +82-2-500-6630 e-mail: [email protected] nic-hdl: IM9-KR mnt-by: MNT-KRNIC-AP changed: [email protected] 20240912 remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.kisa.or.kr. source: KRNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

low
First detected 2 years ago · Last seen 3 months ago
Appeared in 12 threat reports