# IP Intelligence Briefing: 20.193.250.198
## Executive Summary
IP 20.193.250.198 is a Microsoft Azure cloud infrastructure endpoint with moderate risk rating (65/100). The IP operates within Microsoft's cloud computing environment and exhibits typical web server characteristics with some DNSBL reputation concerns.
## Ownership and Infrastructure
- Organization: Microsoft Corporation (ASN: 8075)
- Network Role: Cloud Compute (Microsoft Azure)
- Infrastructure Type: Cloud Compute
- BGP Prefix: 20.192.0.0/10
- Route Stability: Unstable
## Geolocation Data
- Consensus Country: United States (US)
- Coordinates: Pune, MH (India region)
- GeoConsensus: False (multiple conflicting sources)
- Accuracy Radius: 2,500 km
- Note: Geographic inconsistencies detected between reported country and coordinate data.
## Threat Posture
- Overall Risk Score: 65 (Moderate Risk)
- Abuse Confidence Score: Not explicitly scored
- DNSBL Status: Listed on 3 of 8 threat feeds
- Known Attacker: No
- Tor Exit Node: No
- Spam Source: No
- Campaign Correlation: None detected
## Network Services
- Open Ports:
- TCP/80 (HTTP)
- TCP/443 (HTTPS)
- TCP/22 (SSH)
- Server Software: nginx/1.18.0 (Ubuntu)
- TLS Certificate: Let's Encrypt (CN=admin.gaonkari.com)
- HTTP2 Support: Enabled
## Neighborhood Analysis
- Subnet: 20.193.250.198/24
- Abuse Density: 0.5
- Classification: Mostly Clean
- Total Siblings: 2
- Active Siblings: 2
- Threat Siblings: 1
- Neighbor Risk: 20.193.250.100 (Risk Score: 25)
## Historical Signals
Recent observations (within last 30 days) indicate:
- Cloud infrastructure classification consistent (Microsoft Azure)
- DNSBL listings present with high severity ratings
- Geographic data inconsistencies persist across probes
- No persistent malicious threat pattern detected
## Recommended Actions
Based on the risk profile and DNSBL listings, the following security measures are recommended:
1. DNSBL Monitoring: Investigate the 3 DNSBL listings for potential policy violations or misconfiguration
2. TLS Certificate Review: Certificate subject (admin.gaonkari.com) warrants verification against expected domain usage
3. SSH Access: TCP/22 port is open on cloud infrastructureβconfirm legitimate administrative access requirements
4. Geolocation Discrepancy: Investigate why coordinates (Pune, India) differ from reported country (US)
## Classification
This IP represents standard Microsoft Azure cloud infrastructure with elevated DNSBL reputation. The moderate risk score (65) reflects the presence of blacklist listings rather than active malicious activity. Monitor for changes in DNSBL status and TLS certificate usage patterns.
---
*Data compiled from IPDebrief intelligence platform. Analysis timestamp: 2026-06-26*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Microsoft Corporation |
| ASN | AS8075 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | 1/2 domains |
| DMARC | 0/2 domains |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
| Domains Checked | 2 domains |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 443 | https | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | nginx/1.18.0 (Ubuntu) |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.14 |
π TLS Certificate
| SANs | admin.gaonkari.com |
| Valid From | 2026-05-02T16:22:39+00:00 |
| Valid Until | 2026-07-31T16:22:38+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha384ECDSA |
| Validity Period | 89 days |
| Serial Number | 05FF9C2C98E4ABBAA96E04FD0E91A5812A8B |
| Thumbprint | D334CF2A0FAD14E40771585365F73B099BA23D59 |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 28% | 2 | 3 |
| routing | 8% | 1 | 1 |
| services | 34% | 2 | 3 |
| ownership | 20% | 2 | 3 |
| reputation | 18% | 1 | 2 |
| geolocation | 19% | 2 | 2 |
| Overall | 21% | 10 | 14 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-10 22:17:31 UTC |
| Last Seen | 2026-06-27 18:26:12 UTC |
| Profile Built | 2026-06-28 12:31:11 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 25 |
Full dossier details are available via our API.