113.212.70.114
# IP Intelligence Briefing: 113.212.70.114
## Executive Summary
IP address 113.212.70.114 is a Java-based network infrastructure endpoint located in Jakarta, Indonesia, operated by IRT-DATAUTAMA-ID (DATAUTAMA-NET). The IP carries a moderate risk score of 40 and is classified within a high-abuse subnet environment.
## Profile Overview
The IP address belongs to the DATAUTAMA-NET network block (113.212.68.0/22) under APNIC registration. Geolocation data places the endpoint in Meruya Utara - Kembangan, Jakarta, Indonesia. Network classification indicates the system is firewalled with no active services detected. The endpoint is not registered as a Tor exit node, known attacker, spam source, proxy, or hosting provider. DNS resolution shows zero forward hostnames and no email authentication records (SPF, DMARC).
## Risk Assessment
The IP maintains a risk score of 40, categorized as Moderate Risk. The abuse confidence score remains unpopulated. Threat indicators returned empty arrays across all threat feeds. Blacklist enumeration showed zero entries, though the IP appeared on one of eight checked DNSBL lists. Control plane data indicates route instability with DNSSEC validation enabled.
## Temporal Behavior
Historical analysis captured 49 observations across the monitoring period. Recent observations from June 23-24, 2026, consistently labeled the endpoint as "Minimal" risk with zero operator score contributions. No persistent malicious activity was detected, and threat persistence days remained at zero.
## Subnet Context
The /24 subnet (113.212.70.0/24) exhibits high abuse classification with an abuse density rating of 1. Neighborhood analysis sampled 100 sibling IPs, all showing identical riskScore of 40 and authorityScore of 50. The subnet contains 256 total addresses with 119 active siblings and 256 threat siblings detected.
## Relationship Graph
The endpoint maintains 153 documented relationships, predominantly "Same Network" associations with DATAUTAMA-NET. This indicates the IP operates within a larger organizational network infrastructure.
## Recommended Actions
Based on the moderate risk profile, the following firewall rules are recommended:
iptables:
```
iptables -A INPUT -s 113.212.70.114 -j DROP
```
nftables:
```
nft add rule inet filter input ip saddr 113.212.70.114 drop
```
nginx:
```
deny 113.212.70.114;
```
Cloudflare WAF:
```json
{
"description": "Block 113.212.70.114 โ IPDebrief risk score 40",
"action": "block",
"filter": {"expression": "ip.src eq 113.212.70.114"}
}
```
AWS WAF:
```json
{
"Addresses": ["113.212.70.114/32"],
"Description": "IPDebrief risk 40"
}
```
## Intelligence Notes
The subnet's uniform risk profile (all neighbors showing riskScore 40) suggests coordinated network behavior or shared infrastructure characteristics. The absence of open ports and services indicates the endpoint may serve as a firewall or internal management interface rather than a publicly accessible service. SOC teams should monitor the subnet as a whole given the consistent moderate risk classification across all sampled addresses.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-DATAUTAMA-ID |
| ASN | โ |
| Network Name | DATAUTAMA-NET |
| CIDR Block | 113.212.68.0/22 |
| RIR | APNIC |
| Country | ID |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 20% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 27% | 1 | 3 |
| geolocation | 31% | 2 | 3 |
| Overall | 23% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:05:07 UTC |
| Last Seen | 2026-06-26 18:12:04 UTC |
| Profile Built | 2026-06-27 02:11:44 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 49 |
Full dossier details are available via our API.