172.172.131.149
IP Intelligence Briefing: 172.172.131.149
*Generated via IPDebrief Analysis*
---
**1. Core Profile**
- Risk Score: 80 (High Risk)
- Ownership: Registered to Divya Quamara (ASN 8075, Microsoft Azure).
- Geolocation: Washington, VA, US (geolocation plausible via ARIN).
- Network Role: CloudCompute (Microsoft Azure infrastructure).
- Services:
- Open ports: HTTP (80), SSH (22).
- Server banner: `nginx/1.18.0 (Ubuntu)`.
- TLS: No certificate detected.
- Threat Indicators: No malicious indicators, blacklists, or known campaigns.
---
**2. Observation History**
- Recent Activity:
- 27 observations over 30 days, with mixed confidence scores (0.25β0.90).
- Stable network role (CloudCompute) but inconsistent threat signaling.
- No persistent malicious activity detected.
- Key Findings:
- High "Minimal" operator risk score (0.2174).
- DNSSEC and CAA records present, but no DNSBL listings.
---
**3. Network Relationships**
- Linked Entities:
- Subnet: `172.172.131.149/24` (abuse density: 1, classified as "mostly_clean").
- Relationships: 42 connections, primarily to cloud infrastructure.
- Notable:
- No direct ties to known malicious organizations or subnets.
- No Tor, VPN, or proxy associations.
---
**4. Neighborhood Analysis**
- Subnet: `172.172.131.149/24`
- Neighbors:
- 0 active neighbors detected.
- Subnet abuse density: 1 (low risk).
---
**5. Recommendations**
- Monitoring: Track traffic anomalies due to Azure-hosted services.
- Firewall: Consider restrictive rules for SSH (22) and HTTP (80) ports.
- Validation: Verify geolocation consistency with ARIN records.
- Context: High risk score may reflect Azureβs cloud environment, not direct malicious activity.
Conclusion: This IP is part of Microsoft Azureβs infrastructure, hosting services with no direct threat indicators. Monitor for unusual traffic patterns while leveraging its cloud-hosted nature for potential security controls.
*Generated by IPDebrief | © 2026 Jason Alberino*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Divya Quamara |
| ASN | AS8075 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Multi-Service Host |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 443, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | nginx/1.18.0 (Ubuntu) |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15 |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 31% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 28% | 2 | 4 |
| ownership | 20% | 2 | 3 |
| reputation | 27% | 1 | 3 |
| geolocation | 31% | 2 | 3 |
| Overall | 25% | 10 | 18 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-14 07:13:25 UTC |
| Last Seen | 2026-06-28 00:23:07 UTC |
| Profile Built | 2026-06-29 00:29:13 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 29 |
Full dossier details are available via our API.