78.141.223.8
IP Intelligence Briefing: 78.141.223.8
Date: 2026-06-10
---
**1. Risk Profile**
- Risk Score: 25 (Low Risk)
- Reputation: Low Risk | No malicious indicators detected.
- Provider: Vultr (cloud hosting) | ASN: AS20473 (MAINT-AS20473).
- Geolocation: Amsterdam, North Holland, Netherlands (52.13°N, 5.29°E).
---
**2. Network & Hosting Context**
- Hosting Role: Multi-service host (Vultr CloudCompute).
- Services:
- SSH (port 22): OpenSSH 8.9p1.
- HTTP (port 80): OpenResty/1.29.2.4.
- DNS:
- PTR hostname: `78.141.223.8.vultrusercontent.com`.
- No email authentication records (SPF/DKIM).
---
**3. Threat & Abuse Indicators**
- Threat Signals:
- No malware, phishing, or exploit activity detected.
- Not listed in DNSBLs or threat feeds.
- Subnet Abuse:
- Subnet `78.141.223.8/24` has abuse density 1 (low risk).
- No neighboring IPs identified in the subnet.
---
**4. Historical Observations**
- Recent Activity (30 days):
- 1 observation of low-risk HTTP traffic (confidence 0.95).
- 1 network classification as "mostly_clean" (subnet abuse density 1).
- No persistent malicious behavior or ownership changes.
---
**5. Relationships & Dependencies**
- DNS Associations:
- Linked to `vultrusercontent.com` (hosted domains: 0).
- Network Relationships:
- Same subnet: `NET-V4-78-141-192-0-19` (192 IPs).
- No direct relationships to other malicious entities.
---
**6. Security Recommendations**
- Firewall Rules: No actionable rules required due to low risk.
- Monitoring:
- Track changes in network behavior or service banners.
- Monitor for unexpected DNS or subnet activity.
---
Conclusion:
The IP 78.141.223.8 is a legitimate Vultr-hosted server in Amsterdam with no current threat indicators. While the subnet shows low abuse density, continuous monitoring is recommended to detect any emerging risks. No immediate mitigation actions are required.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | MAINT-AS20473 |
| ASN | AS20473 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | 78.141.223.8.vultrusercontent.com |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | 78.141.223.8.vultrusercontent.com |
๐ DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Multi-Service Host |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 22 | ssh | tcp | |
| Closed Ports | 25, 443, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | openresty/1.29.2.4 |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 17% | 2 | 3 |
| ownership | 20% | 2 | 3 |
| reputation | 29% | 1 | 3 |
| geolocation | 40% | 2 | 3 |
| Overall | 24% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-22 18:18:43 UTC |
| Last Seen | 2026-06-28 20:06:49 UTC |
| Profile Built | 2026-06-29 02:10:09 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 25 |
Full dossier details are available via our API.