20.203.160.110
# IP Intelligence Briefing: 20.203.160.110/32
## Executive Summary
IP address 20.203.160.110 is classified as Microsoft Azure CloudCompute infrastructure with an overall risk score of 25 (Low Risk). The IP belongs to Microsoft Corporation (ASN 8075) and operates within a predominantly clean subnet environment. No active threat indicators or malicious campaigns detected.
## Infrastructure Profile
- Organization: Microsoft Corporation
- ASN: 8075
- Infrastructure Type: CloudCompute (Microsoft Azure)
- Geolocation: United States
- Network Role: Cloud hosting infrastructure with firewall/no services configuration
- DNS Status: No reverse PTR records; forward resolution unavailable
## Threat Assessment
- Risk Score: 25/100 (Low Risk)
- Abuse Confidence Score: Not applicable
- Blacklist Status: 0 lists
- Tor/Proxy/VPN: Not associated
- Known Attacker: No
- Spam Source: No
- Campaign Association: None detected
## Behavioral History
Analysis of 18 signal observations reveals:
- Consistent cloud infrastructure classification (Microsoft Azure)
- No persistent malicious behavior detected
- One threat observation recorded
- Average ownership stability maintained
- No recent changes to infrastructure classification
## Neighborhood Analysis
Subnet 20.203.160.0/24 analysis:
- Abuse Density: 0 (minimal)
- Total Siblings: 1
- Active Siblings: 1
- Threat Siblings: 1
- Risk Classification: Mostly clean
- Inherited Risk Score: 2
## Network Relationships
21 relationships identified, all associated with Microsoft (MSFT) network infrastructure. No cross-organization or cross-subnet anomalies detected.
## Recommended Actions
No immediate firewall or blocking actions recommended. The IP is classified as legitimate Microsoft Azure infrastructure with low risk profile.
## SOC Analyst Notes
This IP represents Microsoft Azure cloud infrastructure operating in a low-risk environment. The single threat sibling in the /24 subnet warrants monitoring but does not affect the risk posture of 20.203.160.110/32. Routine logging and monitoring are sufficient; no blocking or escalation required.
---
*Intel generated: IPDebrief Threat Intelligence Platform*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Microsoft Corporation |
| ASN | AS8075 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 22% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 18% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:07 UTC |
| Last Seen | 2026-06-27 03:17:32 UTC |
| Profile Built | 2026-06-27 21:23:31 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 23 |
Full dossier details are available via our API.