20.2.17.10
Threat Intelligence Briefing: IP 20.2.17.10/32
Date: 2026-06-02
---
**1. IP Profile**
- Risk Score: 25 (Low Risk)
- Ownership:
- Organization: Microsoft Corporation (ASN 8075)
- Network Role: Microsoft Azure CloudCompute (firewalled, no public services)
- Geolocation:
- Country: Hong Kong (HK)
- Coordinates: 22.31°N, 113.91°E
- Accuracy: 150 km radius
- Threat Indicators:
- No malicious activity, blacklists, or known attacker campaigns detected.
- DNSSEC validated, no DNSBL listings.
---
**2. Observation History**
- Latest Activity: June 2, 2026
- Signals:
- No recent scans, threats, or DNS anomalies.
- Traceroute failed (ICMP blocked), limiting geographic validation.
- Stability: Route stability flagged as "unstable" due to limited validation.
---
**3. Network Relationships**
- Linked Entities:
- Microsoft Azure Network (MSFT)
- Subnet: 20.2.17.10/24 (part of Microsoft's infrastructure)
- Classification:
- Network Role: CloudCompute (firewalled, no public services)
- Hosting: Yes (Microsoft Azure)
---
**4. Neighborhood Analysis**
- Subnet: 20.2.17.10/24
- Neighbor Risk:
- Abuse Density: 0 (clean)
- Active Neighbors: 0 (isolated IP)
- Threat Siblings: 0
---
**5. Recommendations**
- SOC Action:
- Monitor for unexpected traffic patterns or deviations from Azure's baseline behavior.
- Validate geolocation anomalies (Hong Kong vs. Microsoft's expected regions).
- No immediate mitigation required; low-risk infrastructure.
Conclusion: This IP is part of Microsoft Azure's cloud infrastructure, showing no malicious indicators. While geolocation and traceroute validation are limited, the low risk score and absence of threats suggest it is a legitimate, isolated cloud node.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Microsoft Corporation |
| ASN | AS8075 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 39% | 2 | 5 |
| routing | 8% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 23% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:04:07 UTC |
| Last Seen | 2026-06-27 03:15:42 UTC |
| Profile Built | 2026-06-27 21:21:08 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 25 |
Full dossier details are available via our API.