130.131.3.72

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING: 130.131.3.72/32

## Executive Summary

The target IP 130.131.3.72 is a Microsoft Azure cloud infrastructure address with an overall risk score of 25 (Low Risk). The IP is geolocated to Chicago, IL, and is currently configured with no open services, presenting minimal immediate threat. However, recent DNSBL listings indicate historical abuse activity that warrants monitoring.

## Infrastructure Profile

ASN: 8075 (Microsoft Azure)
Organization: Divya Quamara
Geolocation: Chicago, IL, United States (41.88°N, -87.63°W)
Infrastructure Type: Cloud Compute
Network Classification: Cloud hosting with no active services
Service Status: Firewalled / No Services Detected

## Threat Assessment

Risk Score: 25 (Low Risk)
Threat Indicators: None detected
Known Attacker: No
Spam Source: No
Tor Exit Node: No
Blacklist Status: 0 current listings
Campaign Association: No known campaigns correlated

## Historical Observations

The IP has generated 22 signal observations. Recent activity includes:

One high-severity DNSBL listing observed on 2026-06-26 (8 total listings)
Consistent geolocation signals from Chicago, IL
Operator score: 0 (Minimal)
No persistent malicious behavior detected
Zero threat persistence days

## Neighborhood Analysis

Subnet: 130.131.3.72/24
Abuse Density: 0%
Classification: Clean
Threat Siblings: 0
Active Siblings: 1
Inherited Risk: 0

## Control Plane Data

Origin ASN: 8075
BGP Prefix: 130.131.0.0/16
Route Stability: Unstable
RPKI State: Not evaluated
DNSSEC Valid: Yes

## Network Relationships

49 relationships detected, predominantly same-network cloud infrastructure associations
No unique organizational or certificate relationships identified

## Recommendations

1. Monitor: Track for renewed DNSBL activity following the 2026-06-26 listing event

2. Allow: No immediate blocking required; low risk profile

3. Contextualize: Consider as legitimate Azure infrastructure; no active services detected

4. Review: Monitor subnet 130.131.3.0/24 for any changes in abuse density

## SOC Action

No immediate defensive action required. The IP represents a low-risk cloud infrastructure address. Routine monitoring is sufficient.

---

*Intelligence generated from IPDebrief analysis tools. Data current as of analysis timestamp.*

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇺🇸 United States
Region	IL
City	Chicago
Timezone	America/Chicago
Latitude	41.88
Longitude	-87.63

🏢 Ownership & Registration

Organization	Divya Quamara
ASN	AS8075
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	40% (Fair)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Present

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	28%	2	4
routing	8%	1	1
services	17%	2	3
ownership	17%	2	3
reputation	27%	1	3
geolocation	23%	2	2
Overall	20%	10	16

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-12 09:40:05 UTC
Last Seen	2026-06-27 21:07:29 UTC
Profile Built	2026-06-28 15:13:03 UTC
Data Freshness	Live
Signal Types	21
Total Observations	26

🔍 21 signal types · 26 observations collected

This report is generated from 21+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

130.131.3.72📋 Copy