# IPDEBRIEF INTELLIGENCE BRIEFING
Target: 169.239.183.30/32
Classification: Low Risk / Investigative Interest
Date: 2026-06-22
---
## EXECUTIVE SUMMARY
IP 169.239.183.30 presents as a low-risk (score: 25) multi-service host located in Somerset West, South Africa. While currently showing no active threat indicators, the IP has been observed on 8 DNSBLs with at least one high-severity listing on 2026-06-22. The subnet (169.239.183.0/24) shows moderate abuse density (16.67%) with 1 threat sibling among 6 total IPs.
---
## OWNERSHIP & NETWORK CLASSIFICATION
- ASN: 329184
- Organization: Michael Osterloh
- CIDR Block: 169.239.183.0 - 169.239.183.255
- RIR: ARIN
- Geolocation: South Africa (Cape, Somerset West) β accuracy radius 800km
- Network Role: Multi-Service Host
- BGP Prefix: 169.239.183.0/24 (route stability: false)
---
## THREAT INDICATORS
- Abuse Confidence Score: Not available
- Blacklist Status: Listed on 1 DNSBL (of 8 total lists checked)
- Threat Feeds: None detected
- Known Campaigns: None
- Tor Exit/Proxy: No
- Spam Source: No
- Known Attacker: No
---
## NETWORK SERVICES & FINGERPRINTING
- Open Ports: 80/TCP (HTTP), 22/TCP (SSH)
- Web Server: Apache/2.4.41 (Ubuntu)
- HTTP Version: 1.1
- TLS Certificate: None observed
- DNS Resolution: No forward resolution / PTR records
---
## NEIGHBORHOOD ANALYSIS
Subnet: 169.239.183.0/24
- Abuse Density: 16.67% (moderate)
- Total Siblings: 6
- Active Siblings: 2
- Threat Siblings: 1
- Classification: Mostly clean
Neighbor Risk Distribution:
| IP Address | Risk Score | Authority Score |
|---|---|---|
| 169.239.183.4 | 25 | 50 |
| 169.239.183.136 | 0 | 50 |
| 169.239.183.137 | 0 | 50 |
| 169.239.183.156 | 0 | 50 |
| 169.239.183.171 | 0 | 50 |
---
## OBSERVATION HISTORY (17 Signals)
- 2026-06-22: Listed on 8 DNSBLs with high-severity ratings (confidence: 0.85)
- 2026-06-17: Subnet analysis showed mostly_clean classification with inherited risk of 2
- 2026-06-17: HTTP fingerprint confirmed Apache/2.4.41 (Ubuntu) with no CSP/HSTS headers
- 2026-06-17: Geolocation inference placed IP in South Africa (confidence: 0.52)
- Operator Score: 0.1304 (Minimal)
---
## SOC RECOMMENDATIONS
1. Monitor DNSBL Listings: Investigate which of the 8 DNSBLs has the high-severity listing and assess if delisting is warranted
2. Subnet Correlation: Monitor threat sibling at 169.239.183.4 for correlated activity
3. Route Stability: Verify BGP route changes for 169.239.183.0/24 due to unstable prefix
4. No Immediate Block: Current risk score (25) does not warrant blocking without additional context
Action Priority: MEDIUM (monitor)
Recommended Actions: None (system generated empty recommendations)
---
*Intelligence generated from IPDebrief platform. Correlate with internal logs and threat feeds before taking action.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Michael Osterloh |
| ASN | AS329184 |
| Network Name | 169.239.183.0 - 169.239.183.255 |
| CIDR Block | 169.239.183.0/24 |
| RIR | ARIN |
| Country | ZA |
| Abuse Contact | β |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Multi-Service Host |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 443, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | Apache/2.4.41 (Ubuntu) |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.13 |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 37% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 32% | 2 | 4 |
| ownership | 19% | 2 | 2 |
| reputation | 26% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 25% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:53 UTC |
| Last Seen | 2026-06-22 20:34:38 UTC |
| Profile Built | 2026-06-22 20:41:33 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 21 |
Full dossier details are available via our API.