172.176.155.194
# IP INTELLIGENCE BRIEFING
Target: 172.176.155.194/32
Classification: Cloud Infrastructure / Web Server
Assessment Date: June 2026
Risk Level: LOW (Score: 25/100)
---
## EXECUTIVE SUMMARY
IP 172.176.155.194 is a low-risk cloud computing endpoint hosted on Microsoft Azure infrastructure in Virginia, US. The IP demonstrates standard web server behavior with HTTP/HTTPS services and Let's Encrypt TLS certificate issuance. No active threat indicators or malicious campaign associations were detected. The subnet exhibits clean abuse density with no sibling IPs flagged as threats.
---
## INFRASTRUCTURE PROFILE
| Attribute | Value |
|---|---|
| **ASN** | 8075 (Microsoft Azure) |
| **Organization** | Divya Quamara |
| **CIDR Block** | 172.176.0.0/16 |
| **Infrastructure Type** | CloudCompute |
| **Geolocation** | Virginia, US |
| **Timezone** | America/New_York |
| **Provider Status** | Cloud Provider (Azure) |
---
## NETWORK SERVICES
- Open Ports: 80/TCP (HTTP), 443/TCP (HTTPS)
- Server Software: nginx
- TLS Certificate: Issued by Let's Encrypt (R12)
- Certificate Subject: sweet-beaver.172-176-155-194.plesk.page
- Protocol Support: HTTP/2 enabled
---
## THREAT ANALYSIS
Threat Indicators: None detected
- Blacklist Status: 0/8 DNSBL lists
- Tor Exit Node: No
- Known Attacker: No
- Spam Source: No
- Active Campaigns: None
- Abuse Confidence Score: N/A
DNSBL Presence: 1 out of 8 lists (minimal operator risk: 0.1304)
---
## OBSERVATION HISTORY (25 signals)
Temporal Analysis:
- Recent Activity: June 2026
- Ownership Changes: 0 (stable)
- Threat Persistence Days: 0
- Classification Consistency: CloudCompute infrastructure maintained across all observations
Signal Observations:
- Continuous Microsoft Azure provider classification
- Consistent cloud hosting infrastructure type
- No evidence of persistent malicious behavior
- Threat observation count: 1 (single historical signal)
---
## NEIGHBORHOOD ASSESSMENT
Subnet: 172.176.155.194/24
Abuse Density: 0 (Clean)
Subnet Classification: Clean
Total Siblings: 1
Active Siblings: 1
Threat Siblings: 0
No neighboring IPs within the /24 subnet exhibit abuse indicators or threat classifications.
---
## RELATIONSHIP GRAPH
Connected Entities: 16 relationships identified
- All relationships classified as "Same Network" type
- Consistent network association with "cloud" infrastructure
- No external organizational or hostname relationships detected
---
## SECURITY RECOMMENDATIONS
Current Risk Assessment: LOW RISK
No specific blocking or filtering actions recommended at this time. The IP demonstrates legitimate cloud infrastructure characteristics consistent with Microsoft Azure web hosting services.
Monitoring Guidance:
- Monitor for changes in TLS certificate rotation patterns
- Track for any emergence of threat indicators
- Maintain standard logging for cloud infrastructure communication
Note: IP is associated with Microsoft Azure cloud provider. Standard cloud traffic monitoring and logging practices apply. No immediate threat mitigation required.
---
Analyst Notes: This IP represents normal cloud infrastructure activity. The single DNSBL listing warrants periodic review but does not currently indicate malicious behavior. No firewall rule changes recommended.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Divya Quamara |
| ASN | AS8075 |
| Network Name | cloud |
| CIDR Block | 172.176.0.0/16 |
| RIR | ARIN |
| Country | US |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| Closed Ports | 22, 25, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | nginx |
| HTTP Title | β |
π TLS Certificate
| SANs | sweet-beaver.172-176-155-194.plesk.page |
| Valid From | 2026-05-04T14:22:35+00:00 |
| Valid Until | 2026-08-02T14:22:34+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha256RSA |
| Validity Period | 89 days |
| Serial Number | 068B86413CC434A74C3EB8CF4F96BF18DA52 |
| Thumbprint | 25732F7D24F1BFED4D9F233ED2265E26DE40C354 |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 27% | 2 | 3 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 28% | 2 | 3 |
| Overall | 24% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-28 23:51:04 UTC |
| Last Seen | 2026-06-29 05:57:04 UTC |
| Profile Built | 2026-06-29 06:00:58 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 22 |
Full dossier details are available via our API.