20.194.127.207
IP Intelligence Briefing: 20.194.127.207
Date: June 14, 2026
---
**1. Core Profile**
- Risk Assessment:
- Risk Score: 25 (Low Risk)
- Provider Score: 0 (No provider risk)
- Authority Score: 0 (No authoritative abuse)
- Stability: Stable (no recent anomalies)
- Ownership:
- Organization: Microsoft Corporation (ASN 8075)
- Network Role: Microsoft Azure CloudCompute (firewalled, no public services)
- Geolocation: Seoul, South Korea (KR) | Latitude 37.57, Longitude 126.98
- Threat Indicators:
- No malicious activity, spam, or known attacker associations.
- No DNS/DGA activity, zero threat feed matches.
---
**2. Observation History**
- Recent Activity (June 14, 2026):
- Geolocation confirmed in Seoul, South Korea (150km accuracy radius).
- Traceroute failed due to ICMP blocking, suggesting active firewall rules.
- Historical Trends:
- 19 observations over 30 days, with consistent geolocation and network role.
- No spikes in threat signals or abnormal behavior.
---
**3. Network Relationships**
- Linked Entities:
- Directly tied to Microsoft Azure infrastructure (multiple "MSFT" network relationships).
- No connections to C2 servers, malicious domains, or peer IPs.
- Subnet Context:
- Part of 20.194.127.0/24 subnet.
- No neighboring IPs reported (subnet abuse density: 0).
---
**4. Behavioral Analysis**
- Services:
- No open ports, TLS certificates, or HTTP services detected.
- No server banners, HTTP titles, or DNS records linked.
- Routing:
- BGP prefix: 20.192.0.0/10 (Microsoft Azure).
- Route stability: 0 changes in 30 days.
---
**5. Recommendations**
- SOC Actions:
- Monitor for unexpected geolocation shifts or service exposure.
- No immediate mitigation required; IP is part of legitimate Microsoft infrastructure.
- Firewall Rules:
- Allow traffic based on Microsoft Azure security groups (if applicable).
- Maintain strict ingress/egress controls for cloud resources.
---
Conclusion: 20.194.127.207 is a low-risk, legitimate Microsoft Azure resource in South Korea. No malicious activity detected. Continuously monitor for anomalies in cloud environment.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Microsoft Corporation |
| ASN | AS8075 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 21% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-13 12:12:42 UTC |
| Last Seen | 2026-06-27 23:11:00 UTC |
| Profile Built | 2026-06-28 17:16:28 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 22 |
Full dossier details are available via our API.