45.78.199.70

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 45.78.199.70/32

Date: 2026-06-26

Classification: MODERATE RISK

Status: RECOMMENDED FOR BLOCK

---

## Executive Summary

IP address 45.78.199.70 is associated with IRT-BYTEPLUS-SG (ASN 150436) and is located in Singapore. The IP presents a moderate risk profile (risk score: 40/100) with evidence of being firewalled with no open services. The /24 subnet (45.78.199.0/24) exhibits high abuse density at 57.14%, with 12 of 21 sibling IPs classified as threats.

## Technical Profile

Attribute	Value
Risk Score	40 (Moderate)
ASN	150436
Organization	IRT-BYTEPLUS-SG
Location	Singapore (SG)
CIDR Block	45.78.199.70/24
Network Role	Firewalled / No Services
DNSBL Listed	1 of 8 lists
Is Tor Exit	No
Is Known Attacker	No

## Neighborhood Analysis

The 45.78.199.0/24 subnet demonstrates elevated abuse characteristics:

Abuse Density: 57.14%
Total Siblings: 21 IPs
Active Siblings: 11
Threat Siblings: 12
Classification: high_abuse

Risk distribution across neighboring IPs shows 11 medium-risk and 9 low-risk addresses, with no high-risk neighbors currently identified. This indicates the subnet is shared infrastructure with mixed service profiles.

## Threat Indicators

Threat Indicators: None identified
Campaign Correlation: None
Known Malicious Activity: No direct attribution
Blacklist Count: 0
Operator Score: 0.1304 (Minimal)

The IP is not associated with any known malicious campaigns and shows no Tor exit node behavior or spam source classification.

## Behavioral History

Observation history reveals 18 signals captured between 2026-06-05 and 2026-06-26. Key temporal indicators:

Subnet Abuse Classification: High abuse status observed as of 2026-06-05
Operator Classification: Minimal threat level maintained
Route Stability: Unstable routing with 0 route changes in 30 days
Threat Persistence: 0 threat persistence days observed

## Recommended Security Actions

Based on risk profile analysis, the following blocking rules are recommended:

```bash

# iptables

iptables -A INPUT -s 45.78.199.70 -j DROP

# nftables

nft add rule inet filter input ip saddr 45.78.199.70 drop

# nginx

deny 45.78.199.70;

# pfSense

45.78.199.70/32

# Cloudflare WAF

{

"description": "Block 45.78.199.70 — IPDebrief risk score 40",

"action": "block",

"filter": {

"expression": "ip.src eq 45.78.199.70"

}

# AWS WAF

{

"Addresses": ["45.78.199.70/32"],

"Description": "IPDebrief risk 40"

}

```

## Analyst Notes

1. Subnet Context: The IP belongs to a subnet with 57.14% abuse density. Consider implementing subnet-level blocking (45.78.199.0/24) if threat correlation warrants.

2. Service Status: No open ports or services detected. The "Firewalled / No Services" classification suggests the IP may be used for outbound traffic only or is behind enterprise firewalling.

3. Geographic Attribution: Singapore-based infrastructure under BYTEPLUS hosting. Verify against known legitimate traffic patterns before blocking.

4. Action Priority: Medium. The moderate risk score (40) combined with subnet-level abuse indicators warrants blocking, but correlation with internal threat intelligence is recommended before enforcement.

---

Source: IPDebrief Intelligence Platform

Data Freshness: Current (2026-06-26)

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇸🇬 Singapore
Region	—
City	Singapore
Timezone	Asia/Singapore
Latitude	1.35
Longitude	103.82

🏢 Ownership & Registration

Organization	IRT-BYTEPLUS-SG
ASN	AS150436
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Unknown
Service Purpose	Firewalled / No Services
Network Tier	Unknown — Insufficient routing data to classify

No specific classification

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	30%	2	4
routing	13%	1	1
services	15%	2	2
ownership	27%	2	3
reputation	22%	1	3
geolocation	19%	2	2
Overall	21%	10	15

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-10 22:17:43 UTC
Last Seen	2026-06-26 05:28:13 UTC
Profile Built	2026-06-26 05:35:40 UTC
Data Freshness	Live
Signal Types	17
Total Observations	17

🔍 17 signal types · 17 observations collected

This report is generated from 17+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

45.78.199.70📋 Copy