113.212.69.78
# IPDEBRIEF INTELLIGENCE BRIEFING
Target IP: 113.212.69.78/32
Date: 2026-06-24
Classification: Moderate Risk
Risk Score: 40/100
---
## 1. OWNERSHIP & NETWORK CONTEXT
| Attribute | Value |
|---|---|
| Organization | IRT-DATAUTAMA-ID |
| Network Name | DATAUTAMA-NET |
| ASN | Not available |
| RIR | APNIC |
| CIDR Block | 113.212.68.0/22 |
| Registration Date | Not available |
Geolocation: Indonesia (ID), Jakarta, Meruya Utara - Kembangan. Accuracy radius: 1500 km. Multiple geolocation sources confirm consistency.
---
## 2. THREAT ASSESSMENT
- Reputation: Moderate Risk
- Risk Score: 40
- Abuse Confidence Score: Not available
- Blacklist Count: 0
- Known Attacker: No
- Spam Source: No
- Tor Exit Node: No
- Active Threat Feeds: None
Service Status: Firewalled / No Services Detected. No open ports, TLS certificates, or HTTP services observed.
DNS Status: Forward resolution confirmed false. Zero hosted domains. No SPF/DMARC email authentication records.
---
## 3. NEIGHBORHOOD ANALYSIS (113.212.69.0/24)
| Metric | Value |
|---|---|
| Abuse Density | 0.8398 (High) |
| Classification | High Abuse |
| Inherited Risk | 33 |
| Total Siblings | 256 |
| Active Siblings | 147 |
| Threat Siblings | 215 |
Risk Distribution in Subnet:
- High Risk: 0
- Medium Risk: 100
- Low Risk: 0
Assessment: This /24 subnet exhibits high abuse density. Of 256 total sibling IPs, 215 are classified as threat siblings. The target IP inherits significant neighborhood risk despite its moderate individual risk score.
---
## 4. OBSERVATION HISTORY (42 Signals)
Temporal Trends:
- Recent observations (2026-06-24) show consistent high-abuse classification
- Abuse density signals ranged from 0.53 to 0.84 across recent signals
- Operator score: Minimal (0.1304)
- DNSBL Listed Count: 1
- DNSBL Total Lists: 8
Signal Types Observed:
- Subnet abuse density (0.75 confidence)
- Geolocation via RDAP registration (0.40 confidence)
- Operator scoring (0.30 confidence)
- Overall profile assessment (0.20 confidence)
---
## 5. ENTITY RELATIONSHIPS
Network Associations: Strong correlation with DATAUTAMA-NET network (134 relationship links detected). All relationships classified as "Same Network" indicating consistent network-level affiliation.
Campaign Correlation: No known campaigns, certificate matches, or banner correlations detected.
---
## 6. RECOMMENDED SECURITY ACTIONS
Firewall Rules:
```bash
# iptables
iptables -A INPUT -s 113.212.69.78 -j DROP
# nftables
nft add rule inet filter input ip saddr 113.212.69.78 drop
# nginx
deny 113.212.69.78;
# pfSense
113.212.69.78/32
# Cloudflare WAF
{"description":"Block 113.212.69.78 โ IPDebrief risk score 40","action":"block","filter":{"expression":"ip.src eq 113.212.69.78"}}
# AWS WAF
{"Addresses":["113.212.69.78/32"],"Description":"IPDebrief risk 40"}
```
---
## 7. INTELLIGENCE SUMMARY & RECOMMENDATIONS
Assessment: IP 113.212.69.78 is a moderately risky endpoint associated with the DATAUTAMA-NET network in Jakarta, Indonesia. While the individual IP shows no active threat indicators or open services, it resides within a high-abuse subnet where 84% of neighbors are classified as threat siblings.
Recommended Actions:
1. Block at perimeter: Implement the recommended firewall rules to prevent lateral movement from the high-risk subnet
2. Monitor neighborhood: Track the 113.212.69.0/24 subnet for coordinated activity
3. Contextualize blocking: The moderate risk score (40) with no active threats suggests this IP may be dormant or repurposed. Blocking should be combined with traffic pattern analysis
4. Review related IPs: Investigate the 215 threat siblings within the subnet for potential campaign correlation
Confidence Level: Medium. Data sufficiency is limited by firewalled status and missing service signals.
---
*Report generated by IPDebrief Intelligence Platform*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-DATAUTAMA-ID |
| ASN | โ |
| Network Name | DATAUTAMA-NET |
| CIDR Block | 113.212.68.0/22 |
| RIR | APNIC |
| Country | ID |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 28% | 2 | 4 |
| routing | 0% | 0 | 0 |
| services | 12% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 27% | 1 | 3 |
| geolocation | 28% | 2 | 3 |
| Overall | 20% | 9 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:05:05 UTC |
| Last Seen | 2026-06-26 18:12:03 UTC |
| Profile Built | 2026-06-27 02:38:02 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 44 |
Full dossier details are available via our API.