191.232.209.213
IP Intelligence Briefing: 191.232.209.213
Date: 2026-06-10
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Provider: Microsoft Azure (ASN 8075)
- Geolocation: Brazil (SP, Campinas), inferred with 2500km accuracy radius.
- Network Role: CloudCompute (Microsoft Azure infrastructure).
- Ownership: Registered to "Microsoft 272945 Brasil LTDA" (LACNIC).
- Threat Indicators: No malicious activity detected; no abuse confidence scores or blacklist entries.
---
**2. Observation History**
- Last 30 Days:
- 17 observations, with 14 from June 2026.
- Geolocation inferred via multi-signal analysis (latitude -14.24, longitude -51.93).
- Operator score of 0.13 (Minimal risk label).
- No persistent threats or malicious campaigns linked.
---
**3. Relationships & Network**
- Connected Entities:
- Subnet: `191.232.209.213/24` (no active neighbors detected).
- Linked to ASN 8075 (Microsoft Azure) and network block `211136`.
- DNS: No PTR records or domain associations.
- Services: No open ports, TLS certs, or HTTP services detected.
---
**4. Threat & Security Context**
- Threat Assessment:
- No spam, Tor exit, or known attacker indicators.
- DNSBL listings: 2 out of 8 total lists (low priority).
- Firewall Recommendations:
- iptables: `iptables -A INPUT -s 191.232.209.213 -j DROP`
- Cloudflare WAF: Block IP with description "IPDebrief risk score 50".
- AWS WAF: Add `191.232.209.213/32` to a rule with description "IPDebrief risk 50".
---
**5. Actionable Insight**
- SOC Guidance:
- Monitor for unusual traffic patterns, as the IP is part of a cloud infrastructure with no active threats.
- Consider allowing traffic unless specific anomalies (e.g., unexpected DNS queries) are detected.
- Use the provided firewall rules as a baseline for blocking if the IPโs behavior changes.
---
Note: This IP shows no current malicious activity but should be monitored for deviations from its established cloud infrastructure role.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Microsoft 272945 Brasil LTDA |
| ASN | AS8075 |
| Network Name | 211136 |
| CIDR Block | 191.232.0.0/14 |
| RIR | LACNIC |
| Country | BR |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 19% | 2 | 2 |
| reputation | 26% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 19% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-22 15:18:56 UTC |
| Last Seen | 2026-06-28 19:41:07 UTC |
| Profile Built | 2026-06-29 07:45:07 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 20 |
Full dossier details are available via our API.