20.196.127.215
IP Intelligence Briefing: 20.196.127.215
Date: 2026-06-10
---
**1. IP Profile**
- Risk Score: 25 (Low Risk)
- Provider: Microsoft Corporation (AS8075)
- Geolocation: Seoul, South Korea (KR) | Latitude: 37.57, Longitude: 126.98
- Network Role: Microsoft Azure Cloud Infrastructure (Firewalled / No Services)
- Threat Indicators: None detected (no malware, spam, or known attacker activity).
- DNS/Services: No open ports, TLS certs, or HTTP services observed.
---
**2. Observation History**
- Recent Signals (Last 30 Days):
- Minimal risk scores consistently (0.13โ0.20).
- No spikes in threat activity or DNS anomalies.
- Stable geolocation and network ownership (Microsoft).
- Key Insight: No evidence of malicious behavior or network instability.
---
**3. Relationships**
- Linked Entities:
- Directly tied to Microsoft Azure infrastructure (MSFT).
- No connections to malicious organizations, domains, or subnets.
- Certificates/Hostnames: No associated TLS certs or PTR records.
---
**4. Neighborhood Analysis**
- Subnet: 20.196.127.215/24
- Neighbor Risk:
- 1 sibling IP (20.196.127.68) with a slightly higher risk score (25/100).
- Subnet abuse density: 0% (clean network).
- Recommendation: Monitor the neighbor IP (20.196.127.68) for potential anomalies, but no immediate action required for 20.196.127.215.
---
**5. Summary**
- Conclusion: 20.196.127.215 is a legitimate Microsoft Azure IP with no malicious activity detected. Its low risk score and stable network role indicate it is likely a benign cloud resource.
- SOC Actions:
- No firewall rules or blocks recommended for this IP.
- Monitor the subnet for new IPs (particularly 20.196.127.68) if unusual activity emerges.
End of Briefing
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Microsoft Corporation |
| ASN | AS8075 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 34% | 2 | 3 |
| Overall | 21% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-23 12:23:13 UTC |
| Last Seen | 2026-06-28 21:25:53 UTC |
| Profile Built | 2026-06-29 03:29:47 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 20 |
Full dossier details are available via our API.