139.185.55.154

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 139.185.55.154

Date: 2026-06-12

---

1. Basic Profile

Risk Score: Moderate (50/100)
Provider: Oracle Corporation (ASN 31898)
Geolocation: United States (US), region flagged as "Dubai" (possibly placeholder/incorrect).
Network Role: Oracle Cloud Compute instance (Hosting/Cloud).
Services:

- HTTPS (port 443, 8443), SSH (port 22), and HTTP-alt (port 8443).

- TLS certificate: Issued to `shop.dast-chin.com` (Let’s Encrypt), valid for HTTPS.

- Server banner: `SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15`.

---

2. Threat Indicators

No malicious activity detected:

- No malware indicators, spam, or known attacker associations.

- No DNS-based threats (no DNSBL listings).

TLS Security: Valid certificate with modern cipher suite (`TLS_AES_128_GCM_SHA256`).

---

3. Observation History

Activity Trends (Last 30 Days):

- Stable network presence with no significant changes in risk scores.

- Last TLS scan: June 1, 2026 (valid certificate, no anomalies).

- Geo-validation inconsistencies: "Dubai" region reported despite US country code.

---

4. Network Relationships

Subnet: `139.185.55.154/24`
Neighbors:

- No risky siblings detected in the subnet (abuse density: 0%).

- All neighbors classified as "clean."

Parent Network: Part of Oracle Corporation’s `ORACLE-CORP` ASN 31898.

---

5. Actionable Insights

No immediate mitigation required:

- IP is associated with legitimate Oracle Cloud infrastructure.

- No evidence of exploitation or malicious campaigns.

Recommendations:

- Monitor SSH access controls (port 22) for unauthorized access.

- Verify TLS certificate validity and renewals for `shop.dast-chin.com`.

- Investigate geo-validation discrepancies for potential misconfiguration.

---

Conclusion:

139.185.55.154 is a legitimate Oracle Cloud server with standard services. No active threats detected. SOC teams should focus on routine security checks for cloud instances and ensure compliance with internal access controls.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇺🇸 United States
Region	AZ
City	Abu Dhabi
Timezone	—
Latitude	25.07
Longitude	55.30

🏢 Ownership & Registration

Organization	Oracle Corporation
ASN	AS31898
Network Name	ORACLE-CORP
CIDR Block	139.185.0.0/16
RIR	ARIN
Country	United States
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	40% (Fair)
SPF	Present
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
443	https	tcp	—
22	ssh	tcp	SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15
8443	https-alt	tcp	—
Closed Ports	25, 80, 3389, 8080 (3 open / 7 scanned)

Server	gws
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15

🔐 TLS Certificate

🔒

CN=shop.dast-chin.com

Issued by CN=E7, O=Let's Encrypt, C=US

Self-signed: No

SANs	shop.dast-chin.com
Valid From	2026-05-06T01:20:37+00:00
Valid Until	2026-08-04T01:20:36+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_128_GCM_SHA256
Signature Algorithm	sha384ECDSA
Validity Period	89 days
Serial Number	065AC68A9AD8A0A9C8D59A9AAFD195563174
Thumbprint	077A0E858D6A5B057BC85FD4DA6191F2C20D01C1

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	30%	2	3
routing	13%	1	1
services	31%	2	3
ownership	27%	2	3
reputation	15%	1	2
geolocation	19%	2	2
Overall	22%	10	14

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Fresh

First Seen	2026-06-01 05:37:55 UTC
Last Seen	2026-06-26 18:10:36 UTC
Profile Built	2026-06-25 00:19:36 UTC
Data Freshness	Fresh
Signal Types	20
Total Observations	20

🔍 20 signal types · 20 observations collected

This report is generated from 20+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

139.185.55.154📋 Copy

**1. Basic Profile**

**2. Threat Indicators**

**3. Observation History**

**4. Network Relationships**

**5. Actionable Insights**