169.239.183.30

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IPDEBRIEF INTELLIGENCE BRIEFING

Target: 169.239.183.30/32

Classification: Low Risk / Investigative Interest

Date: 2026-06-22

---

## EXECUTIVE SUMMARY

IP 169.239.183.30 presents as a low-risk (score: 25) multi-service host located in Somerset West, South Africa. While currently showing no active threat indicators, the IP has been observed on 8 DNSBLs with at least one high-severity listing on 2026-06-22. The subnet (169.239.183.0/24) shows moderate abuse density (16.67%) with 1 threat sibling among 6 total IPs.

---

## OWNERSHIP & NETWORK CLASSIFICATION

ASN: 329184
Organization: Michael Osterloh
CIDR Block: 169.239.183.0 - 169.239.183.255
RIR: ARIN
Geolocation: South Africa (Cape, Somerset West) — accuracy radius 800km
Network Role: Multi-Service Host
BGP Prefix: 169.239.183.0/24 (route stability: false)

---

## THREAT INDICATORS

Abuse Confidence Score: Not available
Blacklist Status: Listed on 1 DNSBL (of 8 total lists checked)
Threat Feeds: None detected
Known Campaigns: None
Tor Exit/Proxy: No
Spam Source: No
Known Attacker: No

---

## NETWORK SERVICES & FINGERPRINTING

Open Ports: 80/TCP (HTTP), 22/TCP (SSH)
Web Server: Apache/2.4.41 (Ubuntu)
HTTP Version: 1.1
TLS Certificate: None observed
DNS Resolution: No forward resolution / PTR records

---

## NEIGHBORHOOD ANALYSIS

Subnet: 169.239.183.0/24

Abuse Density: 16.67% (moderate)
Total Siblings: 6
Active Siblings: 2
Threat Siblings: 1
Classification: Mostly clean

Neighbor Risk Distribution:

IP Address	Risk Score	Authority Score
169.239.183.4	25	50
169.239.183.136	0	50
169.239.183.137	0	50
169.239.183.156	0	50
169.239.183.171	0	50

---

## OBSERVATION HISTORY (17 Signals)

2026-06-22: Listed on 8 DNSBLs with high-severity ratings (confidence: 0.85)
2026-06-17: Subnet analysis showed mostly_clean classification with inherited risk of 2
2026-06-17: HTTP fingerprint confirmed Apache/2.4.41 (Ubuntu) with no CSP/HSTS headers
2026-06-17: Geolocation inference placed IP in South Africa (confidence: 0.52)
Operator Score: 0.1304 (Minimal)

---

## SOC RECOMMENDATIONS

1. Monitor DNSBL Listings: Investigate which of the 8 DNSBLs has the high-severity listing and assess if delisting is warranted

2. Subnet Correlation: Monitor threat sibling at 169.239.183.4 for correlated activity

3. Route Stability: Verify BGP route changes for 169.239.183.0/24 due to unstable prefix

4. No Immediate Block: Current risk score (25) does not warrant blocking without additional context

Action Priority: MEDIUM (monitor)

Recommended Actions: None (system generated empty recommendations)

---

*Intelligence generated from IPDebrief platform. Correlate with internal logs and threat feeds before taking action.*

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇿🇦 South Africa
Region	Cape
City	Somerset West
Timezone	Africa/Johannesburg
Latitude	-29.00
Longitude	24.00

🏢 Ownership & Registration

Organization	Michael Osterloh
ASN	AS329184
Network Name	169.239.183.0 - 169.239.183.255
CIDR Block	169.239.183.0/24
RIR	ARIN
Country	ZA
Abuse Contact	—

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Unknown
Service Purpose	Multi-Service Host
Network Tier	Unknown — Insufficient routing data to classify

No specific classification

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
22	ssh	tcp	SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.13
Closed Ports	25, 443, 3389, 8080, 8443 (2 open / 7 scanned)

Server	Apache/2.4.41 (Ubuntu)
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.13

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	37%	2	3
routing	13%	1	1
services	32%	2	4
ownership	19%	2	2
reputation	26%	1	3
geolocation	21%	2	2
Overall	25%	10	15

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-07 23:03:53 UTC
Last Seen	2026-06-22 20:34:38 UTC
Profile Built	2026-06-22 20:41:33 UTC
Data Freshness	Live
Signal Types	20
Total Observations	21

🔍 20 signal types · 21 observations collected

This report is generated from 20+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

169.239.183.30📋 Copy