# IP Intelligence Briefing: 172.188.179.145
Classification: Low Risk | Provider: Microsoft Azure | Date: Current Analysis
## Executive Summary
IP 172.188.179.145 is classified as Low Risk (Risk Score: 25) and is identified as Microsoft Azure cloud compute infrastructure. The IP shows no active threat indicators, no blacklist entries, and no known malicious associations. Geolocation signals are inconsistent, with conflicting reports placing the IP in the US (Boston), Singapore, and UK, which is characteristic of cloud infrastructure utilizing anycast routing.
## Technical Profile
- IP: 172.188.179.145/32
- Provider: Microsoft Azure
- ASN: AS8075
- BGP Prefix: 172.160.0.0/11
- Infrastructure Type: CloudCompute
- Network Role: Firewalled/No Services
- DNS Resolution: No forward resolution, no PTR hostnames
- Open Ports: None detected
- TLS/Certificates: No certificates observed
## Risk Assessment
- Overall Risk Score: 25 (Low)
- Abuse Confidence Score: Not applicable
- Blacklist Count: 0
- Known Attacker: No
- Spam Source: No
- Tor Exit Node: No
- Route Stability: Unstable (isRouteStable: false)
- DNSBL Listed: 1 of 8 total lists
## Geolocation Analysis
Geolocation signals show inconsistency, with multiple conflicting reports:
- Primary Signal: US, Massachusetts, Boston
- Secondary Signal: Singapore (confidence 0.56)
- Tertiary Signal: UK (via alienvault-otx, confidence 0.95)
These inconsistencies are typical for cloud infrastructure and do not indicate malicious activity.
## Neighborhood Analysis
The /24 subnet (172.188.179.0/24) contains 8 sibling IPs with the following distribution:
- High Risk: 0
- Medium Risk: 3 (scores: 25-50)
- Low Risk: 4 (scores: 0-25)
- Abuse Density: 0
Notable neighbors include 172.188.179.146 (Risk: 50), 172.188.179.147 (Risk: 25), and 172.188.179.149 (Risk: 25). The subnet exhibits low abuse density, indicating this is part of a shared cloud infrastructure with mixed usage patterns.
## Threat Indicators
- Threat Indicators: None
- Known Campaigns: None
- Threat Feeds: No associations
- Honeypot Hits: 0
- Enumeration Strikes: 0
- WAF Violations: 0
## Observation History
15 historical observations collected. Key signals include:
- Ownership attribution to "Divya Quamara" via Microsoft
- Multiple geolocation updates with varying confidence levels
- No persistent malicious behavior detected
- Threat persistence days: 0
## Relationships
No relationships detected in the relationship graph. The IP has no associations with subnets, hostnames, organizations, or certificates in the intelligence database.
## Recommended Actions
Based on current risk profile:
- No immediate firewall rules or blocking actions required
- Risk score of 25 indicates low threat
- Standard monitoring for cloud infrastructure is appropriate
- No specific recommendations from automated analysis
## Intelligence Conclusion
IP 172.188.179.145 is legitimate Microsoft Azure cloud infrastructure with no evidence of malicious activity. The inconsistent geolocation signals are consistent with cloud provider anycast routing. The IP maintains a low risk score with no blacklist associations or threat indicators. No security actions are recommended beyond standard monitoring. SOC analysts may classify this as "benign cloud infrastructure" for logging and monitoring purposes.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Divya Quamara |
| ASN | AS8075 |
| Network Name | cloud |
| CIDR Block | 172.188.0.0/16 |
| RIR | ARIN |
| Country | SG |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 0% | 0 | 0 |
| routing | 0% | 0 | 0 |
| services | 0% | 0 | 0 |
| ownership | 0% | 0 | 0 |
| reputation | 0% | 0 | 0 |
| geolocation | 0% | 0 | 0 |
| Overall | 0% | 0 | 0 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-19 05:25:55 UTC |
| Last Seen | 2026-06-22 02:57:37 UTC |
| Profile Built | 2026-06-22 03:32:00 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 19 |
Full dossier details are available via our API.