147.30.249.4
IP Intelligence Briefing: 147.30.249.4
Date: June 11, 2026
---
**1. Risk Assessment**
- Risk Score: 80 (High Risk)
- Threat Indicators: No active malware, spam, or known attacker associations.
- DNS Blacklists: Listed in 4/8 DNS blacklists (high severity).
- Network Role: Residential endpoint (Kazakhtelecom).
---
**2. Geolocation & Ownership**
- Country: Kazakhstan (KZ)
- City/Region: Kokshetau, Aqumola
- Provider: Kazakhtelecom (ASN 9198, GPON_FTTH_SERVICES_KT)
- Subnet: 147.30.248.0/21 (residential network).
---
**3. Observation History**
- Recent Activity (June 11, 2026):
- DNS blacklisted (4/8 lists, high severity).
- Confirmed residential endpoint with telecom.kz DNS records.
- Operator score: 0.26 (Basic infrastructure risk).
- Geolocation Validity: Geo-validation failed (implausible location).
---
**4. Relationships & Network Context**
- DNS Associations:
- `147.30.249.4.dynamic.telecom.kz` (telecom.kz domain).
- Network Links:
- Same network as Kazakhtelecomβs GPON_FTTH_SERVICES_KT.
- Neighbors: No neighboring IPs found in the /24 subnet.
---
**5. Threat & Mitigation Notes**
- No Active Threats: No malware, phishing, or botnet indicators.
- DNS Risks: Potential spoofing or misconfigured DNS (geo-validation failure).
- Recommendations:
- Monitor DNS listings for persistent blacklisting.
- Validate geolocation anomalies (e.g., spoofed location).
- Track subnet activity for unusual traffic patterns.
---
Summary:
The IP is a residential endpoint registered to Kazakhtelecom in Kazakhstan. While no direct malicious activity is detected, its DNS blacklisting and geolocation inconsistencies warrant further investigation. SOC teams should prioritize validating DNS records and monitoring for unexpected network behavior.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | NOC Kazakhtelecom |
| ASN | AS9198 |
| Network Name | GPON_FTTH_SERVICES_KT |
| CIDR Block | 147.30.248.0/23 |
| RIR | ARIN |
| Country | KZ |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 147.30.249.4.dynamic.telecom.kz |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | 147.30.249.4.dynamic.telecom.kz |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Residential |
| Service Purpose | Residential Endpoint |
| Network Tier | End-User β Residential ISP endpoint |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 13% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-27 19:21:38 UTC |
| Last Seen | 2026-06-11 11:22:47 UTC |
| Profile Built | 2026-06-11 11:26:49 UTC |
| Data Freshness | Live |
| Signal Types | 16 |
| Total Observations | 16 |
Full dossier details are available via our API.