# IPDEBRIEF INTELLIGENCE BRIEFING
IP Address: 172.212.185.224/32
Classification: Low Risk / Cloud Infrastructure
Date: Current Analysis
Provider: Microsoft Azure (ASN 8075)
---
## EXECUTIVE SUMMARY
IP 172.212.185.224 is a Microsoft Azure cloud compute infrastructure address with a low-risk profile (risk score: 25). The IP is geolocated to Des Moines, IA, US, operating within the 172.208.0.0/13 BGP prefix. No active threat indicators were observed. The IP shows minimal malicious activity with a single DNSBL listing out of 8 total checks.
---
## TECHNICAL PROFILE
Ownership & Infrastructure
- ASN: 8075 (Microsoft Corporation)
- Organization: Divya Quamara
- Infrastructure Type: CloudCompute
- Network Role: Firewalled / No Services
- Cloud Provider: Microsoft Azure
- CIDR Block: 172.208.0.0/13
Geolocation
- Country: United States (US)
- Region: Iowa (IA)
- City: Des Moines
- Coordinates: 41.6°N, -93.61°W
- Geo Consensus: Validated across multiple sources
Network Status
- Open Ports: None
- TLS Certificate: None
- HTTP Title: None
- DNS Resolution: Forward resolution failed
- PTR Hostnames: None
- Services: No active services detected
---
## THREAT INDICATORS
Risk Assessment
- Overall Risk Score: 25/100 (Low Risk)
- Abuse Confidence Score: Not applicable
- Blacklist Count: 0
- Known Attacker: No
- Tor Exit Node: No
- Spam Source: No
Control Plane Data
- DNSBL Listed: 1/8 total lists
- Operator Score: 0.1304 (Minimal)
- Route Stability: Unstable
- RPKI State: Not available
- IRR Consistency: Not available
Historical Signals (18 Observations)
- Observation Period: Multiple timestamps observed
- Threat Persistence: 0 days
- Ownership Changes: 0
- Campaign Correlation: None detected
- Cert Matches: 0
---
## NEIGHBORHOOD ANALYSIS
Subnet: 172.212.185.224/24
- Abuse Density: 1 (Minimal)
- Classification: mostly_clean
- Total Siblings: 1
- Active Siblings: 0
- Threat Siblings: 1
- Inherited Risk: 2
Assessment: The /24 subnet shows minimal abuse activity with low inherited risk. No neighboring IPs pose significant threat.
---
## RELATIONSHIP GRAPH
Network Relationships
- Total Relationships: 17
- Primary Type: Same Network (Cloud Infrastructure)
- Network Association: All relationships point to cloud network infrastructure
Assessment: The IP exhibits standard Microsoft Azure cloud network patterns with no anomalous external relationships.
---
## RECOMMENDED ACTIONS
Firewall & Security
- Risk Score: 25/100
- Recommended Action: Monitor
- Firewall Rules: None required (no specific recommendations generated)
- WAF Configuration: No specific rules needed
SOC Analyst Guidance
1. Allow with Logging: Standard allow rule with logging recommended for visibility
2. No Block Required: Low risk profile does not warrant blocking
3. Monitor for Changes: Track any shift in risk score or threat indicators
4. Context: Microsoft Azure cloud infrastructure β typical for web hosting, SaaS, or cloud services
---
## CONCLUSION
IP 172.212.185.224 is a legitimate Microsoft Azure cloud infrastructure address with no current threat indicators. The low risk score, consistent geolocation data, and minimal neighborhood abuse density support routine operational treatment. No immediate defensive action required beyond standard logging and monitoring.
---
*Report generated by IPDebrief Intelligence Platform*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Divya Quamara |
| ASN | AS8075 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 28% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 22% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:54 UTC |
| Last Seen | 2026-06-27 01:57:12 UTC |
| Profile Built | 2026-06-27 20:03:58 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 26 |
Full dossier details are available via our API.