172.202.28.4
IPDEBRIEF INTELLIGENCE BRIEFING
Target: 172.202.28.4/32 | Classification: Low Risk
---
**Executive Summary**
IP 172.202.28.4 is a Microsoft Azure cloud infrastructure address with a low risk profile (score: 25). The IP operates within the Microsoft Azure cloud compute environment and shows no active threat indicators, blacklisting, or malicious behavior. No immediate defensive actions required.
---
**Infrastructure Profile**
| Attribute | Value |
|---|---|
| **IP Address** | 172.202.28.4 |
| **ASN** | 8075 |
| **Organization** | Divya Quamara |
| **Network Provider** | Microsoft Azure |
| **Country** | United States (US) |
| **Region** | Iowa (IA) |
| **City** | Des Moines |
| **Geolocation Confidence** | 0.56 |
| **Network Role** | CloudCompute |
| **Infrastructure Type** | Cloud |
Geolocation Validation: GEOPLAUSIBLE=false. RTT measurement shows 51.0ms average versus minimum possible 141.3ms for 7,066km distanceβindicating geolocation data may require verification.
---
**Threat Assessment**
| Indicator | Status |
|---|---|
| **Risk Score** | 25/100 (Low) |
| **Blacklist Count** | 0 |
| **Known Attacker** | No |
| **Spam Source** | No |
| **Tor Exit** | No |
| **Active Threats** | None |
| **Open Ports** | None (Firewalled/No Services) |
| **DNSBL Listed** | 1 of 8 |
The IP shows no evidence of malicious activity, command and control operations, or abuse campaigns. DNS resolution is inactive with no PTR records or forward confirmations.
---
**Network Context**
Subnet Analysis: 172.202.28.0/24
- Abuse Density: Low (1.0/10)
- Classification: Mostly Clean
- Neighboring IPs: 1 threat sibling identified in subnet
- Risk Distribution: No high/medium risk neighbors detected
Relationships: 14 same-network cloud relationships detected, consistent with Azure infrastructure clustering.
---
**Temporal Analysis**
Observation History: 17 signals observed
- Latest Signal: 2026-06-17T17:02:38Z (Operator Score: 0.1304, Label: "Minimal")
- Observation Span: June 13β17, 2026
- Threat Persistence: 0 days
- Ownership Changes: 0
- Status: Not persistently malicious
No trend toward increasing risk observed. Signals remain stable with minimal operator activity.
---
**Recommended Actions**
Current Status: No firewall rules or blocking actions recommended.
Monitoring Guidance:
- Maintain passive monitoring for service activation
- Verify geolocation data through independent sources
- Monitor subnet 172.202.28.0/24 for the 1 identified threat sibling
---
**Intelligence Conclusion**
172.202.28.4 is a benign Microsoft Azure cloud infrastructure address with low risk characteristics. The IP demonstrates no malicious behavior, maintains a clean reputation, and shows stable temporal patterns. No immediate threat action required. Continue standard monitoring and validate geolocation data through alternative sources due to RTT discrepancy.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Divya Quamara |
| ASN | AS8075 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 28% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 21% | 10 | 16 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:54 UTC |
| Last Seen | 2026-06-27 01:55:02 UTC |
| Profile Built | 2026-06-27 20:01:35 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 25 |
Full dossier details are available via our API.