20.215.251.95
Threat Intelligence Briefing: IP 20.215.251.95/32
Summary:
The IP address 20.215.251.95/32 is associated with Microsoft Corporation (ASN 8075) and is part of Microsoft Azure cloud infrastructure. It is geolocated in Warsaw, Poland and classified as a cloud compute service with no active threat indicators.
Key Findings:
1. Ownership & Network Role:
- Belongs to Microsoft Azure, a legitimate cloud hosting provider.
- Subnet 20.215.251.95/24 has abuse density 0, indicating minimal malicious activity in the neighborhood.
2. Threat Indicators:
- No malicious campaigns, spam, or known attacker associations detected.
- DNSSEC validation is active, and BGP route stability is reported.
3. Observation History:
- Observed twice (June 2β14, 2026) with low confidence (0.23β0.30).
- No significant changes in risk scores or network behavior noted.
4. Neighborhood Analysis:
- Single neighbor 20.215.251.188 with riskScore 25 and authorityScore 50 (moderate risk).
- Subnet classified as "mostly_clean" with no high-risk siblings.
5. Behavioral & Technical Context:
- No open ports, TLS certificates, or HTTP services detected.
- ICMP validation failed, suggesting potential network filtering or misconfiguration.
Recommendations:
- Monitor the neighbor IP 20.215.251.188 for suspicious activity.
- Verify if the IP is used for authorized cloud services (e.g., Azure VMs).
- Ensure no unauthorized access or misconfigured services are associated with the subnet.
Conclusion:
This IP is part of a legitimate cloud providerβs infrastructure with no immediate threat indicators. However, the subnetβs moderate-risk neighbor warrants further investigation. No urgent action required unless the neighborβs risk profile escalates.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Microsoft Corporation |
| ASN | AS8075 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 22% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 20% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:08 UTC |
| Last Seen | 2026-06-27 03:27:15 UTC |
| Profile Built | 2026-06-27 21:32:51 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 25 |
Full dossier details are available via our API.