172.172.180.124
IP Intelligence Briefing: 172.172.180.124/32
Date: 2026-06-14
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Provider: Microsoft Azure (CloudCompute)
- Ownership: Divya Quamara (AS8075)
- Geolocation: Washington, VA, US (geoPlausible: False)
- Network Role: Cloud infrastructure host (no residential/mobile carrier)
- Services:
- Open ports: HTTP (80/tcp), SSH (22/tcp)
- Server banner: `nginx/1.18.0 (Ubuntu)`
- No TLS certificate detected
---
**2. Threat Indicators**
- Malicious Activity: None detected (no indicators, blacklists, or campaigns).
- Network Stability:
- BGP route stability: Unstable (routeChanges30d: 0, isRouteStable: False)
- DNSSEC validation: Valid
- Abuse Density: Subnet (172.172.180.0/24) has 1 abuse report (mostly_clean classification).
---
**3. Observation History**
- Recent Signals (2026-06-07 to 2026-06-14):
- Minimal risk scores (operatorScore: 0.13).
- Stable SSH service with no anomalous banners.
- Geo-validation anomalies (RTT < minimum expected for distance).
---
**4. Relationships**
- Network Links:
- Directly tied to Microsoft Azure's cloud infrastructure.
- No direct connections to other IPs, domains, or organizations.
- Certificates: No TLS certificates linked.
---
**5. Neighborhood Analysis**
- Subnet: 172.172.180.0/24
- Neighbors: No active sibling IPs found (abuseDensity: 0).
- Risks: No malicious siblings or high-risk neighbors.
---
**6. Recommendations**
- Monitor: Cloud configuration and network stability, given BGP instability and geo-validation anomalies.
- Verify: Ensure SSH access is restricted to authorized users and audit server banners.
- Check: Confirm no unexpected changes in subnet abuse density or service behavior.
Conclusion: This IP is a legitimate Azure cloud host with no immediate threats. However, its moderate risk score and network instability warrant continued monitoring.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Divya Quamara |
| ASN | AS8075 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Multi-Service Host |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 443, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | nginx/1.18.0 (Ubuntu) |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.13 |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 25% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 39% | 2 | 3 |
| Overall | 24% | 10 | 17 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-15 08:43:24 UTC |
| Last Seen | 2026-06-28 02:01:02 UTC |
| Profile Built | 2026-06-28 20:06:59 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 25 |
Full dossier details are available via our API.