140.82.28.70
# IP Intelligence Briefing: 140.82.28.70/32
Classification: Low Risk
Date Generated: Current
Analyst: SOC Intelligence Team
---
## Executive Summary
IP address 140.82.28.70 operates as a low-risk web server hosted on Vultr infrastructure (AS20473) in Miami, Florida. The IP demonstrates consistent "mostly_clean" classification with a risk score of 25/100. No active threat indicators or malicious campaigns are associated with this address. The environment supports standard web services (HTTP/HTTPS) and resolves to the domain icallsystems.com.
---
## Infrastructure Profile
| Attribute | Value |
|---|---|
| **Organization** | Vultr Holdings, LLC |
| **ASN** | 20473 |
| **CIDR Block** | 140.82.28.0/23 |
| **Geolocation** | Miami, Florida, US |
| **Infrastructure Type** | Cloud Hosting (Vultr) |
| **Risk Score** | 25 (Low) |
| **Reputation** | Low Risk |
---
## Network Services & DNS
- Open Ports: TCP/80 (HTTP), TCP/443 (HTTPS)
- Server Type: Apache
- DNS Resolution: 140.82.28.70.vultrusercontent.com
- TLS Certificate: Let's Encrypt (R12)
- Certificate Subject: icallsystems.com, office.icallsystems.com, www.icallsystems.com
- Email Authentication: SPF and DMARC records present
---
## Threat Intelligence Indicators
- Blacklist Status: 0 active blacklists
- DNSBL Listings: 1 out of 8 total lists
- Known Attacker: No
- Tor Exit Node: No
- Known Campaign: No
- Threat Persistence: None observed
- Abuse Confidence Score: Not applicable
---
## Subnet & Neighborhood Analysis
Subnet: 140.82.28.70/24
Abuse Density: 1 (minimal)
Classification: mostly_clean
Threat Siblings: 1
Active Siblings: 1
The immediate /24 subnet exhibits minimal abuse density with one active threat-related IP neighbor. The broader /23 block (140.82.28.0/23) contains the majority of network infrastructure.
---
## Historical Observations
- Total Observations: 22 signals recorded
- Observation Period: Recent activity tracked through June 2026
- Classification Trend: Consistent "mostly_clean" classification
- Ownership Changes: 0 (stable ownership)
- Threat Observation Count: 1 (isolated)
- Persistence Status: Not persistently malicious
Historical data indicates stable infrastructure with no significant risk escalation. The single threat observation remains isolated with no correlation to persistent malicious activity.
---
## Control Plane Assessment
- BGP Prefix: 140.82.24.0/21
- Route Stability: Not stable (route changes detected)
- RPKI State: Not determined
- DNSSEC: Valid
- Operator Score: 0.1304 (Minimal)
---
## Recommended Actions
Based on the risk profile (25/100) and threat indicators (none active), the following actions are recommended:
1. Allow Standard Web Traffic: No firewall restrictions required for HTTP/HTTPS services
2. Monitor DNSBL: Review the single DNSBL listing periodically for changes
3. Subnet Awareness: Monitor the /24 subnet (140.82.28.0/24) for any escalation in abuse density
4. Certificate Renewal: TLS certificate valid through Let's Encrypt standard timeline
---
## Intelligence Conclusions
IP 140.82.28.70 represents a legitimate cloud hosting endpoint with minimal security concerns. The infrastructure supports standard web services for the icallsystems.com domain. No immediate threat mitigation is required, though routine monitoring of the associated subnet is recommended given the presence of one threat-related sibling IP.
Status: No Action Required
Threat Level: Low
Classification Confidence: High
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Vultr Holdings, LLC |
| ASN | AS20473 |
| Network Name | NET-140-82-28-0-23 |
| CIDR Block | 140.82.28.0/23 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 140.82.28.70.vultrusercontent.com |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | 140.82.28.70.vultrusercontent.com |
π DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | 2/2 domains |
| DMARC | 2/2 domains |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
| Domains Checked | 2 domains |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| Closed Ports | 22, 25, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | Apache |
| HTTP Title | β |
π TLS Certificate
| SANs | icallsystems.comoffice.icallsystems.comwww.icallsystems.com |
| Valid From | 2026-04-26T20:45:51+00:00 |
| Valid Until | 2026-07-25T20:45:50+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha256RSA |
| Validity Period | 89 days |
| Serial Number | 06FF1DA6BE07961E1A00CCB3F1FACED945AA |
| Thumbprint | 097B94FE13A9BADFEC65265F73AB1EE3606AF827 |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 27% | 2 | 3 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 27% | 2 | 3 |
| Overall | 24% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-30 23:03:27 UTC |
| Last Seen | 2026-06-29 08:01:58 UTC |
| Profile Built | 2026-06-29 08:04:57 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 23 |
Full dossier details are available via our API.