IP Address

78.140.216.223

IPv4 Public
RU RU
AS200643
Osinovaya Roshcha Ltd
510 Reports
This IP is under Observation Suspicious activity detected - monitor closely
10/10 Threat
67% Confidence
510 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Top 10% High Threat
RU
RU Location
Osinovaya Roshcha Ltd ASN 200643
510 Reports
Honeypot Data Source

Critical Threat

IP 78.140.216.223 is a critical-risk address registered to Osinovaya Roshcha Ltd in Russia, carrying a maximum threat level of 10/10 across 510 total abuse reports submitted through automated honeypot sensors during October 2025. The dominant threat classification is "Exploited Host," indicating this IP belongs to a compromised system being weaponized for external attacks without the legitimate owner's knowledge. Recent activity shows concentrated attempts to exploit Redis database services, a pattern consistent with automated vulnerability scanning targeting misconfigured in-memory data stores exposed to the internet.

The detection data reveals 20 separate automated honeypot reports, all categorizing this IP as an exploited host actively engaging in malicious scanning behaviour. All reports span the October 2025 timeframe, with activity frequency scored at 0/10, suggesting the IP may have been taken offline, quarantined by its provider, or is currently dormant between attack campaigns. The 67% confidence score reflects uncertainty about attribution rather than threat severity, as the volume and consistency of reports clearly establish harmful activity originating from this Russian network address within AS200643.

An exploited host represents a particularly insidious threat vector because the IP address belongs to an unwitting victim rather than a deliberate attacker infrastructure. The Redis attack pattern indicates automated exploitation of known Redis vulnerabilities or misconfiguration weaknesses, potentially enabling data exfiltration, remote code execution, or use of the compromised system as a stepping-stone for further attacks against other targets. Any organization running exposed Redis instances without proper authentication hardening or network-level access controls is vulnerable to compromise by traffic originating from this address.

Site operators should immediately block 78.140.216.223 at the network perimeter firewall and implement geo-based restrictions on inbound traffic from Russian address space if business operations do not require such connectivity. Redis instances should never be exposed directly to the internet; enforce bind-address restrictions, implement strong AUTH authentication, and consider deploying fail2ban or similar intrusion-prevention tools to dynamically block repeat offenders. Organizations discovering successful Redis exploitation should assume credential theft and data compromise, rotating all secrets and reviewing access logs for unauthorised commands.

More threatening than 92% of monitored IPs

Threat Categories

Exploited Host 30

Technical Details

This IP belongs to a compromised system being used as an attack platform without the owner's knowledge.

Recommended Mitigations

Block the IP and consider notifying the hosting provider or system owner about the compromise.

High-Risk Network Association

This IP belongs to a network (ASN 200643) with elevated threat levels. The ISP Osinovaya Roshcha Ltd hosts multiple reported malicious addresses, suggesting systemic security issues or permissive policies.

Network-wide patterns may indicate this is part of a larger malicious infrastructure.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 10/10 Critical
Critical
Activity Frequency 0/10 Inactive
Confidence Score 59% High Confidence

Confidence History

28. Oct 2025
67% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
10 of 510 shown

Technical Details

Basic Information

IP Address
78.140.216.223
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
RU RU
ASN
AS200643
ISP
Osinovaya Roshcha Ltd

DNS Information

Reverse DNS
78x140x216x223.static.or-terminal.ru
PTR Record
Yes
Connection Type
Static

Statistics

Total Reports
510
First Reported
27 Oct 2025
Last Reported
28 Oct 2025, 05:08

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS200643
Osinovaya Roshcha Ltd
RU RU

Network Threat Assessment

10/10
This network has a high threat level with significant malicious activity reported across multiple IPs.

Network Statistics

1
Total IPs Monitored
526
Total Reports
526
Reports per IP

Network Context

This IP address belongs to Osinovaya Roshcha Ltd (AS200643), which manages 1 IP addresses in our monitoring system. Out of these, 526 have been reported for suspicious activities, resulting in a network-wide threat level of 10/10.

Network warning: This network has elevated threat levels. Exercise caution when interacting with IPs from this ASN.

Comparative Analysis

How this IP compares to others in our threat intelligence database

92 %

Global Threat Ranking

This IP is more threatening than 92% of all IPs in our database.

Top 10% Most Dangerous

Global Comparison

Compared against 199,613 reported IPs worldwide

Threat Level 10/10 avg: 5.3 ++
Total Reports 510 avg: 23 ++

Geographic Comparison

Compared against 4,703 IPs in RU

Threat Level 10/10 country avg: 5.3 ++
Total Reports 510 country avg: 17 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,273 threat incidents tracked globally • Last 24h: 18,965 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,457 20.5%
  2. 02
    IN
    India IN
    29,090 15.5%
  3. 03
    CN
    China CN
    26,027 13.9%
  4. 04
    BR
    Brazil BR
    10,256 5.5%
  5. 05
    DE
    Germany DE
    7,143 3.8%
  6. 06
    SG
    Singapore SG
    6,476 3.5%
  7. 07
    ID
    Indonesia ID
    5,543 3%
  8. 08
    RU
    Russia RU THIS IP
    4,703 2.5%
  9. 09
    PK
    Pakistan PK
    4,670 2.5%
  10. 10
    NL
    Netherlands NL
    4,357 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs with similar threat level and confidence scores.

15 Related IPs
9.4/10 Avg Threat
67% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
119.96.159.237 10/10
Confidence 67%
Reports 1,904
Location CN CN
26 May 2026
152.32.135.214 10/10
Confidence 67%
Reports 1,466
Location HK HK
9 Jun 2026
180.153.91.15 10/10
Confidence 67%
Reports 1,424
Location CN CN
9 Jun 2026
66.132.153.50 10/10
Confidence 67%
Reports 1,350
Location US US
23 Mar 2026
77.83.39.249 7/10
Confidence 67%
Reports 1,106
Location UA UA
11 Mar 2026
167.99.141.235 8/10
Confidence 67%
Reports 1,100
Location DE DE
21 Mar 2026
130.12.180.80 10/10
Confidence 67%
Reports 976
Location GB GB
14 Mar 2026
45.135.232.177 8/10
Confidence 67%
Reports 876
Location RU RU
16 Nov 2025
120.48.175.69 10/10
Confidence 67%
Reports 857
Location CN CN
6 Jun 2026
103.105.66.26 10/10
Confidence 67%
Reports 726
Location ID ID
26 Oct 2025
23.94.38.226 10/10
Confidence 67%
Reports 717
Location US US
26 Oct 2025
207.90.244.23 8/10
Confidence 67%
Reports 684
Location US US
19 Nov 2025
115.247.46.121 10/10
Confidence 67%
Reports 666
Location IN IN
28 Oct 2025
204.76.203.18 10/10
Confidence 67%
Reports 591
Location NL NL
23 Mar 2026
136.114.224.44 10/10
Confidence 67%
Reports 571
Location US US
27 Oct 2025

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "78.140.216.223",
    "threat_level": 10,
    "confidence_score": 67,
    "total_reports": 510,
    "country_code": "RU",
    "isp_name": "Osinovaya Roshcha Ltd",
    "asn": "200643",
    "first_reported": "2025-10-27 12:59:00",
    "last_reported": "2025-10-28 05:08:45",
    "exported_at": "2026-06-09T10:09:58+02:00",
    "source": "https://reportedip.de/ip/78.140.216.223/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses