172.191.178.196
IP Intelligence Dossier
Your IP: 216.73.216.123
π€ Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.
IP Intelligence Briefing: 172.191.178.196
Date: 2026-06-07
---
**1. Risk Profile**
- Risk Score: 25 (Low Risk)
- Provider Score: 0 (No provider-specific risk)
- Authority Score: 0 (No authoritative risk indicators)
- Stability: Unstable (route stability score: 0)
- Threat Indicators: No malicious activity detected (no known attackers, spam, or campaigns).
---
**2. Ownership & Geolocation**
- ASN: 8075 (Divya Quamara)
- Geolocation: Washington, VA, US (ARIN registered).
- Network Role: Microsoft Azure CloudCompute host (hosting service).
- Infrastructure: Cloud-hosted, not residential or mobile.
---
**3. Threat Observations**
- DNS Security: Valid DNSSEC and CAA records.
- DNSBL Listing: 1/8 DNSBL lists (potential spam or abuse risk).
- Services: Open SSH (port 22) with banner "SSH-2.0-OpenSSH_8.9p1". No other exposed services.
- Historical Signals:
- DNSSEC validation and CAA records observed.
- No persistent malicious activity or campaign ties.
---
**4. Network Relationships**
- Linked Entities:
- Microsoft Azure cloud infrastructure.
- No direct hostname or certificate relationships.
- Subnet: 172.191.178.196/24 (abuse density: 0%, mostly clean).
---
**5. Neighborhood Analysis**
- Subnet: 172.191.178.0/24
- Neighbors: 0 active IPs detected (data may be incomplete or IP is isolated).
- Abuse Density: 0% (low risk in subnet).
---
**6. Recommendations**
- Monitor DNSBL Listings: Investigate the 1/8 DNSBL listing for potential spam or abuse.
- Secure SSH Access: Ensure SSH configurations are hardened (e.g., key-based auth, rate limiting).
- Verify Cloud Provider Context: Confirm Azure-hosted infrastructure aligns with expected network behavior.
- Subnet Scanning: Re-validate neighbor detection for 172.191.178.0/24 to ensure completeness.
Conclusion: This IP is low risk but hosts a cloud service with minimal security posture. Focus on DNS health and SSH access controls. No immediate action required, but monitor DNSBL status.
Source: IPDebrief Threat Intelligence Platform.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Divya Quamara |
| ASN | AS8075 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15 |
π TLS Certificate
No certificate
Issued by β
N/A
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 43% | 2 | 5 |
| routing | 8% | 1 | 1 |
| services | 20% | 2 | 3 |
| ownership | 17% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 25% | 10 | 18 |
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
β Claimed geolocation contradicts RTT physics measurement
π Observation Timeline π Live
| First Seen | 2026-05-14 07:13:25 UTC |
| Last Seen | 2026-06-28 00:23:27 UTC |
| Profile Built | 2026-06-28 18:31:16 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 28 |
π 23 signal types Β· 28 observations collected
This report is generated from 23+ independent intelligence signals including
ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds,
behavioral fingerprinting, and more.
Full dossier details are available via our API.
Full dossier details are available via our API.
βΉοΈ About This Report
All data shown is publicly available network metadata β IP addresses do not reliably identify individuals.
Assessments are probabilistic and should not be used as sole basis for access control decisions.
To report an issue or request data review, contact admin@ipdebrief.com.