## IPDEBRIEF INTELLIGENCE BRIEFING
Target: 210.79.142.221/32
Classification: Moderate Risk
Report Date: 2026-06-23
---
EXECUTIVE SUMMARY
IP 210.79.142.221 presents a moderate risk profile (score: 50) associated with Indonesian network infrastructure. The address is registered to IRT-CLN-ID (IDNIC-CLN-ID) network with BGP origin ASN 141607. While the IP shows no active service exposure, it is listed on 2 of 8 DNSBLs with maximum severity ratings on some lists, warranting defensive consideration.
---
NETWORK OWNERSHIP & GEOLOCATION
- ASN: 141607
- Organization: IRT-CLN-ID
- CIDR Block: 210.79.142.0/23
- Country: Indonesia (ID)
- Region: Jawa Timur
- Geolocation Confidence: 0.52 (1500km accuracy radius)
---
THREAT ASSESSMENT
| Indicator | Status |
|---|---|
| Risk Score | 50 (Moderate) |
| Blacklist Count | 2/8 lists |
| DNSBL Severity | High (partial) |
| Is Tor Exit | No |
| Known Attacker | No |
| Spam Source | No |
| Open Ports | None detected |
| Service Banner | None |
---
OBSERVATION HISTORY
18 observations recorded since initial detection. Key temporal findings:
- 2026-06-23: Operator score 0 (Minimal), DNSBL listing with high severity detected
- 2026-06-18: Subnet abuse density 1, classification "mostly_clean", 1 threat sibling in /24
- Geographic Inference: Indonesia coordinates (-0.79, 113.92) with 0.52 confidence
- Threat Persistence: 0 days (non-persistent)
---
NETWORK RELATIONSHIPS
14 relationships mapped, all pointing to IDNIC-CLN-ID network infrastructure. This indicates the IP is part of legitimate Indonesian telecommunications infrastructure rather than a standalone malicious host.
---
SUBNET ANALYSIS (210.79.142.0/24)
- Abuse Density: 1 (from profile data)
- Classification: mostly_clean
- Active Siblings: 1
- Threat Siblings: 1
- Control Plane: BGP prefix 210.79.142.0/24, origin ASN 141607
- Route Stability: Unstable
---
RECOMMENDED ACTIONS
Based on risk profile (score 50), the following firewall rules are recommended:
iptables:
```bash
iptables -A INPUT -s 210.79.142.221 -j DROP
```
nftables:
```bash
nft add rule inet filter input ip saddr 210.79.142.221 drop
```
Cloudflare WAF:
```json
{"description":"Block 210.79.142.221 โ IPDebrief risk score 50","action":"block","filter":{"expression":"ip.src eq 210.79.142.221"}}
```
AWS WAF:
```json
{"Addresses":["210.79.142.221/32"],"Description":"IPDebrief risk 50"}
```
---
ANALYST NOTES
This IP appears to be part of Indonesian telecommunications infrastructure with moderate risk indicators. The DNSBL listings suggest potential reputation issues, though no active threat campaigns or known attacker signatures were identified. The lack of open ports and services reduces immediate exploitation risk. Recommended approach: Monitor traffic patterns before implementing blocking, as this may be a legitimate infrastructure IP with historical reputation issues rather than active malicious activity.
---
*Report generated by IPDebrief Intelligence Platform*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-CLN-ID |
| ASN | AS141607 |
| Network Name | IDNIC-CLN-ID |
| CIDR Block | 210.79.142.0/23 |
| RIR | APNIC |
| Country | ID |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 37% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 23% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:04:10 UTC |
| Last Seen | 2026-06-23 06:56:39 UTC |
| Profile Built | 2026-06-23 07:02:12 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 20 |
Full dossier details are available via our API.