191.235.102.176
IP Intelligence Briefing: 191.235.102.176
Date: 2026-06-12
---
**1. Core Profile**
- Risk Score: Moderate (50/100)
- Provider: Microsoft Azure (ASN 8075)
- Geolocation: Brazil (SP, Campinas), 2500km accuracy radius
- Ownership: Microsoft 272945 Brasil LTDA (LACNIC registry)
- Network Role: CloudCompute (Azure infrastructure)
- Threat Indicators: No malicious activity detected (zero threat feeds, no spam, no known attackers).
---
**2. Observation History**
- Recent Signals (30 days):
- Minimal DNSSEC validation risks (operator score: 0.13).
- No persistent malicious activity (zero threat observations).
- No changes in ownership or network configuration.
- Historical Context: Consistent low-risk behavior since 2026-06-01.
---
**3. Relationships & Network Context**
- Linked Entities:
- Subnet: 191.232.0.0/13 (Microsoft Azure infrastructure).
- No direct ties to malicious domains, organizations, or certificates.
- Subnet Abuse Density: 0% (clean neighborhood).
---
**4. Control Plane & Security**
- BGP: Valid DNSSEC, no RPKI violations.
- Routing: Stable route (no recent changes).
- DNS: No resolved PTR records or email authentication (SPF/DKIM).
- Firewall Recommendations: No immediate action required; IP is legitimate Azure infrastructure.
---
**5. Actionable Insights**
- SOC Guidance:
- Monitor for unexpected changes in network behavior or new threat indicators.
- Verify if the IP is part of a specific Azure service (e.g., virtual machines, storage).
- Ensure access controls align with Azure's security best practices.
- False Positives: DNSBL listings may be benign (e.g., Azure's infrastructure scans).
---
Conclusion: 191.235.102.176 is a legitimate Microsoft Azure IP with no current malicious activity. No security actions required, but ongoing monitoring is advised for anomalies.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Microsoft 272945 Brasil LTDA |
| ASN | AS8075 |
| Network Name | 211136 |
| CIDR Block | 191.232.0.0/14 |
| RIR | LACNIC |
| Country | BR |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 19% | 2 | 2 |
| ownership | 19% | 2 | 2 |
| reputation | 26% | 1 | 3 |
| geolocation | 34% | 2 | 3 |
| Overall | 23% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-06-01 17:53:45 UTC |
| Last Seen | 2026-06-29 09:55:44 UTC |
| Profile Built | 2026-06-29 15:57:02 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 19 |
Full dossier details are available via our API.