172.213.17.76
# IPDEBRIEF INTELLIGENCE BRIEFING
Target IP: 172.213.17.76/32
Date: 2026-06-17
Classification: Microsoft Azure Cloud Infrastructure
Risk Assessment: LOW (Score: 25/100)
---
## EXECUTIVE SUMMARY
IP 172.213.17.76 is a Microsoft Azure cloud compute resource with low-risk profile. The IP is geolocated to Milan, Italy (IT) and operates within a firewalled cloud infrastructure environment. No active threat indicators, malware campaigns, or abuse patterns detected. Recommended classification: ALLOW with standard cloud traffic policies.
---
## INFRASTRUCTURE PROFILE
| Attribute | Value |
|---|---|
| **ASN** | 8075 |
| **Organization** | Microsoft Azure |
| **Geolocation** | Milan, Italy (IT) |
| **Infrastructure Type** | CloudCompute |
| **Network Role** | Microsoft Azure (Cloud) |
| **Connection Type** | Firewalled / No Services |
The IP is part of Microsoft Azure's cloud infrastructure (BGP prefix: 172.208.0.0/13). No services are actively exposed; the infrastructure is firewalled with no open ports detected.
---
## THREAT INDICATOR ANALYSIS
| Indicator | Status |
|---|---|
| Known Attacker | **No** |
| Tor Exit Node | **No** |
| Spam Source | **No** |
| Blacklist Count | **0** |
| DNSBL Listed | **1/8 lists** |
| Threat Persistence | **0 days** |
| Known Campaigns | **None** |
No threat indicators, malicious campaigns, or blacklisting evidence detected. The single DNSBL listing appears to be a false positive or benign listing.
---
## NEIGHBORHOOD ANALYSIS
Subnet: 172.213.17.76/24
Abuse Density: 0.5 (Low)
Classification: mostly_clean
Active Siblings: 2
Threat Siblings: 1
Neighbor IP: 172.213.17.92 (Risk Score: 25, Authority Score: 50)
The /24 subnet shows minimal abuse density with 2 active sibling IPs. One threat sibling exists but does not indicate coordinated malicious activity. Overall subnet risk is inherited at level 2 (Low).
---
## OBSERVATION HISTORY
Total Observations: 21 signals
Latest Observation: 2026-06-17T17:13:35 UTC
Temporal analysis indicates stable behavior:
- Subnet Classification: Consistently "mostly_clean"
- Abuse Density: Stable at 0.5
- Geolocation: Consistent Milan, Italy placement
- Campaign Likelihood: None observed
- Banner Matches: 0
- Correlated IPs: 0
No escalation in threat signals observed over the monitoring period.
---
## RELATIONSHIP GRAPH
Relationships Identified: 20
Type: Same Network (Cloud Infrastructure)
All relationships indicate association with Microsoft Azure cloud infrastructure. No malicious relationships, command-and-control servers, or compromised hostnames detected.
---
## SECURITY ACTIONS
Recommended Actions: None (Low Risk)
Firewall Policy: Standard cloud traffic rules apply
No blocking or rate-limiting required. Standard Azure traffic policies are sufficient.
---
## INTELLIGENCE CONCLUSION
IP 172.213.17.76 is a legitimate Microsoft Azure cloud infrastructure resource with no evidence of malicious activity. The IP maintains a stable, low-risk profile with no threat indicators. SOC analysts may treat traffic from this IP as benign cloud infrastructure communication. No further investigation or blocking recommended.
Confidence Level: High
Status: MONITOR
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Divya Quamara |
| ASN | AS8075 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 22% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:03:54 UTC |
| Last Seen | 2026-06-27 01:59:33 UTC |
| Profile Built | 2026-06-27 20:06:19 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 26 |
Full dossier details are available via our API.