# IP INTELLIGENCE BRIEFING
Target: 135.225.181.175/32
Classification: Low Risk / Cloud Infrastructure
Date: June 2026
Analyst: IPDebrief Intelligence Unit
---
## EXECUTIVE SUMMARY
IP 135.225.181.175 is a Microsoft Azure cloud compute instance with a risk score of 25 (Low Risk). The IP is classified as CloudCompute infrastructure with no active threat indicators, open ports, or malicious activity observed. The IP is hosted in Stockholm, Sweden, though geolocation validation indicates ICMP blocking which limits network characterization.
---
## OWNERSHIP & INFRASTRUCTURE
| Attribute | Value |
|---|---|
| **ASN** | 8075 |
| **Organization** | Divya Quamara |
| **Provider** | Microsoft Azure |
| **Infrastructure Type** | CloudCompute |
| **Network Role** | Cloud Hosting |
| **Country** | Sweden (SE) |
| **City** | Stockholm |
| **CIDR Block** | 135.224.0.0/15 (BGP Prefix) |
The IP is registered to Microsoft Azure's cloud infrastructure network. The organization name "Divya Quamara" suggests customer-owned cloud infrastructure rather than direct Microsoft ownership.
---
## THREAT ASSESSMENT
Current Risk Score: 25 (Low Risk)
Abuse Confidence Score: Not applicable
Blacklist Count: 0
Known Threats: None detected
Threat Indicators:
- Not a known attacker
- Not a spam source
- Not a Tor exit node
- Not a proxy or VPN service
- No active threat feeds flagged
Campaign Correlation: No matching campaigns or correlated IPs identified.
---
## NEIGHBORHOOD ANALYSIS
The IP resides within subnet 135.225.181.0/24, which contains 9 additional sibling IPs.
Subnet Risk Profile:
- Abuse Density: 0.5 (Moderate)
- Classification: Mostly Clean
- Risk Distribution:
- High Risk: 0 IPs
- Medium Risk: 2 IPs (135.225.181.165, 135.225.181.167)
- Low Risk: 7 IPs
Notable Sibling IPs:
- 135.225.181.171: Risk Score 25 (Similar to target)
- 135.225.181.165, 135.225.181.167: Risk Score 50 (Elevated but not critical)
- 7 IPs with Risk Score 0 (Clean)
The subnet exhibits low-to-moderate risk concentration, typical of cloud hosting environments where multiple customer IPs share the same /24 block.
---
## NETWORK SERVICES & EXPOSURE
Open Ports: None detected
DNS Resolution: No PTR hostnames, forward resolution not confirmed
HTTP/HTTPS: No web services detected
TLS Certificates: None
Banner Grab: No banner data captured
The IP shows no active services or open ports, indicating it is likely a backend infrastructure component rather than a publicly accessible endpoint.
---
## OBSERVATION HISTORY (19 Signals)
Historical monitoring reveals:
- June 19, 2026: Subnet abuse density observed at 0.1, classification "mostly_clean", 1 threat sibling in 10 total siblings
- June 14, 2026: Multiple signals recorded:
- Operator score: 0.1304 (Minimal)
- DNSSEC validation signals
- Full infrastructure profile coverage
- June 5, 2026: Historical association with AS10455 (Nokia of America Corporation) in US location with threats detected
Temporal Analysis:
- Ownership Changes: 0
- Threat Persistence Days: 0
- Not Persistently Malicious
- No campaign correlation over time
The IP has been observed sporadically, with no persistent malicious behavior pattern. Historical data shows transient associations with different network providers, which is common for cloud infrastructure routing.
---
## RELATIONSHIP GRAPH
21 relationships identified, predominantly "Same Network" type connections to cloud network segments. These represent Azure infrastructure interconnections and do not indicate malicious relationships.
---
## ROUTING & CONTROL PLANE
- Route Stability: Unstable (false)
- Route Changes (30d): 0
- MoAS: No
- RPKI State: Not validated
- IRR Consistency: Not validated
- DNSSEC: Valid
- DNSBL Listed: 1 of 8 total lists (minimal impact)
Operator Score: 0.1304 (Minimal)
---
## RECOMMENDED ACTIONS
Current Risk Level: Low
Action Required: None
Based on the IP's risk profile, no immediate firewall rules or blocking actions are recommended. The IP is classified as clean cloud infrastructure with no active threat indicators.
Monitoring Recommendations:
- Continue passive monitoring if this IP appears in traffic logs
- No blocking or rate-limiting required
- Standard cloud infrastructure handling procedures apply
---
## INTELLIGENCE CONCLUSION
IP 135.225.181.175 is a low-risk Microsoft Azure cloud compute instance with no active threats, open ports, or malicious behavior. The IP should be treated as legitimate cloud infrastructure. No defensive actions are required at this time.
Classification: CLEAN / LOW RISK
Action: MONITOR ONLY
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Divya Quamara |
| ASN | AS8075 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 28% | 2 | 3 |
| routing | 8% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 21% | 1 | 2 |
| geolocation | 33% | 2 | 3 |
| Overall | 20% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-09 22:10:42 UTC |
| Last Seen | 2026-06-27 16:33:51 UTC |
| Profile Built | 2026-06-28 10:39:20 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 23 |
Full dossier details are available via our API.