IPDebrief

113.212.70.70

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 113.212.70.70

## Executive Summary

IP 113.212.70.70 presents a moderate risk profile (Score: 49) associated with Indonesian infrastructure provider IRT-DATAUTAMA-ID. The address is listed on threat feeds (blocklist.de) and classified as a known attacker, with multiple blacklist entries detected. The IP operates within a high-abuse subnet (113.212.70.0/24) exhibiting elevated threat activity across the neighborhood.

## Ownership & Geolocation

## Threat Assessment

IndicatorStatus
Known Attacker**YES**
Tor Exit NodeNo
Spam SourceNo
Blacklist Count1
DNSBL Listed1 of 8 lists
ReputationModerate Risk
Operator Score0.1304 (Minimal)

Threat Indicators:

## Network & Service Analysis

## Control Plane & Routing

## Neighborhood Analysis (113.212.70.0/24)

## Observation History (41 Observations)

Recent activity logged from June 24, 2026, showing:

## Relationships

## Recommended Actions

Based on risk profile and threat indicators, the following actions are recommended:

Immediate (High Priority):

Defensive Controls:

```

iptables -A INPUT -s 113.212.70.70/32 -j DROP

```

```

nft add rule inet filter input ip saddr 113.212.70.70/32 drop

```

Cloud/WAF Rules:

## Threat Intelligence Narrative

IP 113.212.70.70 is a medium-to-high risk address within Indonesian infrastructure managed by IRT-DATAUTAMA-ID. While the IP shows no currently open services or active host signatures, it maintains a known attacker classification and is listed on external threat feeds. The surrounding /24 subnet exhibits high abuse density with 256 threat siblings and 100% medium-risk classification, suggesting systemic abuse potential in this network block. The IP's firewalled status may indicate it is a compromised endpoint used for outbound reconnaissance or as part of a botnet infrastructure. The absence of persistent malicious behavior signals suggests episodic rather than sustained attack campaigns, but the known attacker designation warrants continued monitoring.

## IOC Summary

---

*Generated from IPDebrief Intelligence Platform. Data subject to verification with additional context.*

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ฎ๐Ÿ‡ฉ Indonesia
RegionJakarta
CityMeruya Utara - Kembangan
Timezoneโ€”
Latitude-6.18
Longitude106.83

๐Ÿข Ownership & Registration

OrganizationIRT-DATAUTAMA-ID
ASNโ€”
Network NameDATAUTAMA-NET
CIDR Block113.212.68.0/22
RIRAPNIC
CountryID
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTR RecordNo PTR
Forward ConfirmedNo โ€” PTR hostname does not resolve back to this IP (weak signal)

๐Ÿ” DNS Hygiene

Hygiene Score20% (Poor)
SPFNot configured
DMARCNot configured
FCrDNSNot verified
DNSSECValid
CAANot configured

โ˜๏ธ Network Classification

InfrastructureUnknown
Service PurposeFirewalled / No Services
Network TierUnknown โ€” Insufficient routing data to classify
No specific classification

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Serverโ€”
HTTP Titleโ€”

๐Ÿ” TLS Certificate

๐Ÿ”’
No certificate
Issued by โ€”
N/A
SANsNone
Valid Fromโ€”
Valid Untilโ€”

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
35%
23
routing
0%
00
services
8%
11
ownership
24%
23
reputation
33%
13
geolocation
35%
23
Overall22%813
Coverage: 5/6 dimensions ยท Data sufficiency: partial
Data CoherenceConsistent (100%)
AttributionModerate (50%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-05-07 23:05:06 UTC
Last Seen2026-06-26 18:12:04 UTC
Profile Built2026-06-27 02:15:11 UTC
Data FreshnessLive
Signal Types15
Total Observations42
๐Ÿ” 15 signal types ยท 42 observations collected
This report is generated from 15+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.