IPMediumSignal 31/100
218.238.122.186
Location
Korea, Republic ofSuwon, 41
ASN
AS9318
broadNnet
First Seen
Feb 13, 2025
Last Seen
Apr 28, 2026
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
31%
Signal Score
31 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryKorea, Republic of
Korea, Republic ofRegionSuwon, 41
ASNAS9318
OrganizationbroadNnet
Feed Intelligence Summary
15 reports31% confidence
15
Source reports
31%
Confidence score
Category tags
account discoveryaccount profilingaccount takeoveractive scanactive scanningasiaattackauthentication attackbad reputationbotnetbotnet activitybrute forcebrute force attackbrute force attemptcivil servicescommand and controlcompromised credentialscredential accesscredential stuffingdata exfiltrationdata store exposuredistributed attackseuropeexploitation activityexternal ipfailed logingovernment technologyidentity & access exploitationindicatorinjection activityintrusion detectionknown malicious actorkorea, republic ofkrlocal governmentlocal government targetlogin attacklogin attemptmalicious activitymalicious softwaremalwarenetworknetwork scanningnetwork securitypassword attacksprocess injectionpublic administrationpublic infrastructurepublic policyreconnaissanceregulatory agenciesresearchedscannersouth koreassh attackt1040t1055t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1499.001t1499.002t1499.003t1565t1567t1592.004t1595.001t1595.002t1595.003telecommunicationsthreat actorthreat intelligencetor nodeunauthorized accessunited kingdom
Activity Timeline
Apr 28Apr 28
Threat Activity Heatmap
· Peak: 2026-04-28LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
31
SIGNAL
Signal Score
31%
Confidence
15
Reports
First seenFeb 13, 2025
Last seenApr 28, 2026
GeolocationKR
CountryKorea, Republic of
LocationSuwon, 41
ASNAS9318
OrgbroadNnet
Coords37.2872, 127.0116
VirusTotal
Not checked
WHOIS
- raw
- inetnum: 218.236.0.0 - 218.239.255.255 netname: broadNnet descr: SK Broadband Co Ltd admin-c: IM670-AP tech-c: IM670-AP country: KR status: ALLOCATED PORTABLE mnt-by: MNT-KRNIC-AP mnt-irt: IRT-KRNIC-KR last-modified: 2017-02-03T00:38:48Z source: APNIC irt: IRT-KRNIC-KR address: 9, Jinheung-gil, Naju-si, Jeollanam-do e-mail: [email protected] abuse-mailbox: [email protected] admin-c: IM574-AP tech-c: IM574-AP auth: # Filtered remarks: [email protected] was validated on 2020-04-09 mnt-by: MNT-KRNIC-AP last-modified: 2025-09-04T01:00:01Z source: APNIC person: IP Manager address: Seoul Jung-gu Toegye-ro 24 country: KR phone: +82-80-828-2106 e-mail: [email protected] nic-hdl: IM670-AP mnt-by: MNT-KRNIC-AP last-modified: 2021-10-05T05:20:03Z source: APNIC inetnum: 218.236.0.0 - 218.239.255.255 netname: broadNnet-KR descr: SK Broadband Co Ltd country: KR admin-c: IM12-KR tech-c: IM12-KR status: ALLOCATED PORTABLE mnt-by: MNT-KRNIC-AP mnt-irt: IRT-KRNIC-KR changed: [email protected] 20240912 remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.kisa.or.kr. source: KRNIC person: IP Manager address: Seoul Jung-gu Toegye-ro 24 address: SKB country: KR phone: +82-80-828-2106 e-mail: [email protected] nic-hdl: IM12-KR mnt-by: MNT-KRNIC-AP remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.kisa.or.kr. source: KRNIC
- references
- Sign in from malicious ip blocked-2025-02-17 17_19_32.861.csv
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 1 month ago
Appeared in 15 threat reports