## IP Intelligence Briefing: 20.204.103.110/32
Classification: Microsoft Azure Cloud Infrastructure โ Low Risk
Report Date: Current
Risk Score: 25/100
---
Executive Summary
IP 20.204.103.110 is a Microsoft Corporation (ASN 8075) cloud compute resource located in Pune, India. The IP exhibits low-risk characteristics typical of Microsoft Azure infrastructure with firewalled/no services detected. No active threat indicators are present. Historical data shows a single blacklist listing event in June 2026, with otherwise stable routing and ownership profiles.
---
Infrastructure Profile
| Attribute | Value |
|---|---|
| ASN | 8075 (Microsoft Corporation) |
| Organization | Microsoft Corporation |
| Network Type | Microsoft Azure Cloud Compute |
| Location | Pune, Maharashtra, India |
| CIDR Block | 20.192.0.0/10 (origin) |
| BGP Stability | Stable (0 changes in 30 days) |
| Service State | Firewalled / No Open Ports |
---
Threat Assessment
Current Risk Level: Low
- Threat Indicators: None detected
- Known Attacker: No
- Spam Source: No
- Tor Exit Node: No
- Blacklist Count: 1 (out of 8 total DNSBL lists; control plane shows single listing)
- Abuse Confidence Score: Not applicable (infrastructure type)
- Campaign Correlation: None identified
---
Historical Observations (19 Total Signals)
- Recent Activity: Observations recorded June 2026
- Routing: Prefix 20.192.0.0/10 remains stable with no BGP changes
- Geolocation: Consistently resolved to Pune, India
- Notable Event: 2026-06-19 showed blacklist listing activity (8 total lists, max severity: high)
- Threat Persistence: False โ not persistently malicious
---
Network Relationships
- Total Relationships: 24
- Network Affiliation: All relationships point to Microsoft (MSFT) network
- Classification: Azure cloud infrastructure component
- Inherited Risk from Subnet: 2/100 (low)
---
Neighborhood Analysis (20.204.103.0/24)
| Metric | Value |
|---|---|
| Abuse Density | 1 (low) |
| Classification | Mostly Clean |
| Active Siblings | 0 |
| Threat Siblings | 1 |
---
Security Assessment
The IP 20.204.103.110 represents legitimate Microsoft Azure cloud infrastructure. The risk score of 25 reflects normal cloud compute behavior with firewalled services. The single historical blacklist event does not indicate current malicious activity. Routing stability and Microsoft network affiliation support benign classification.
---
Recommended Actions
No immediate blocking required. Standard logging and monitoring recommended.
Firewall Rules: None required for Microsoft Azure infrastructure traffic.
Threat Hunting: Monitor for any deviation from established baseline (service openings, geolocation changes, or new threat indicators).
---
Analyst Notes: This IP is part of Microsoft's global Azure infrastructure footprint. The presence of one DNSBL listing in historical data warrants awareness but does not constitute an active threat. No correlation with known threat campaigns detected.
Status: Clear โ Standard monitoring applies
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Microsoft Corporation |
| ASN | AS8075 |
| Network Name | โ |
| CIDR Block | 20.192.0.0/10 |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 30% | 2 | 3 |
| routing | 24% | 2 | 3 |
| services | 8% | 1 | 1 |
| ownership | 20% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 31% | 2 | 3 |
| Overall | 24% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-09 17:41:26 UTC |
| Last Seen | 2026-06-27 16:08:57 UTC |
| Profile Built | 2026-06-28 10:15:00 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 23 |
Full dossier details are available via our API.