IPDebrief

20.226.17.53

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 20.226.17.53/32

## Executive Summary

IP address 20.226.17.53 is classified as Low Risk with a risk score of 25. The address belongs to Microsoft Corporation (ASN 8075) and is deployed as Microsoft Azure cloud infrastructure. No malicious threat indicators were detected. The IP exhibits stable, benign behavior consistent with enterprise cloud services.

---

## Ownership & Infrastructure

AttributeValue
**Organization**Microsoft Corporation (MSFT)
**ASN**8075
**CIDR Block**20.192.0.0/10
**Provider**Microsoft Azure
**RIR**ARIN
**Classification**Cloud Infrastructure

The IP operates within Microsoft's /10 address space and is identified as cloud infrastructure with no proxy, VPN, or hosting characteristics.

---

## Geolocation

Note: Discrepancy between country code (US) and reported city location (Brazil) indicates multi-region cloud deployment typical of Azure's global infrastructure.

---

## Threat Assessment

IndicatorStatus
**Risk Score**25 (Low)
**Blacklist Count**0
**Known Attacker**No
**Tor Exit Node**No
**Spam Source**No
**Abuse Confidence**N/A
**Known Campaigns**None
**DNSBL Listings**1 of 8 lists

No active threat indicators detected. The single DNSBL listing represents minimal impact within the context of a cloud provider network.

---

## Network Behavior

The IP presents no open services, consistent with Azure's security-by-default posture for cloud endpoints.

---

## Neighborhood Analysis

Subnet: 20.226.17.53/24

Neighbor IPRisk ScoreAuthority Score
20.226.17.322550
20.226.17.1172550
20.226.17.1882550

All neighboring IPs in the /24 subnet exhibit low-risk profiles consistent with legitimate cloud infrastructure.

---

## Historical Observations

Historical data indicates stable ownership and consistent cloud provider classification with no emergence of malicious activity over the observation period.

---

## Relationship Graph

All 14 detected relationships classify as "Same Network" pointing to Microsoft (MSFT). No external associations with organizations, hostnames, or certificates were identified.

---

## Recommended Actions

No immediate remediation required. The IP address 20.226.17.53 represents legitimate Microsoft Azure infrastructure with no evidence of abuse or malicious activity.

Firewall/Security Recommendations:

SOC Analyst Notes:

This IP should be treated as benign enterprise infrastructure. Any alerts generated against this address warrant investigation for false positives. The IP's low-risk profile and Microsoft ownership place it in a trusted category for defensive analysis.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ง๐Ÿ‡ท Brazil
RegionSP
CitySão Paulo
TimezoneAmerica/Sao_Paulo
Latitude-23.55
Longitude-46.63

๐Ÿข Ownership & Registration

OrganizationMicrosoft Corporation
ASNAS8075
Network NameMSFT
CIDR Block20.192.0.0/10
RIRARIN
CountryUnited States
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTR RecordNo PTR
Forward ConfirmedNo โ€” PTR hostname does not resolve back to this IP (weak signal)

๐Ÿ” DNS Hygiene

Hygiene Score20% (Poor)
SPFNot configured
DMARCNot configured
FCrDNSNot verified
DNSSECValid
CAANot configured

โ˜๏ธ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeFirewalled / No Services
Network TierHosting โ€” Infrastructure provider without advanced routing
CloudHosting

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Closed Ports22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)
Serverโ€”
HTTP Titleโ€”

๐Ÿ” TLS Certificate

๐Ÿ”’
No certificate
Issued by โ€”
N/A
SANsNone
Valid Fromโ€”
Valid Untilโ€”

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
27%
24
routing
13%
11
services
19%
22
ownership
27%
23
reputation
22%
13
geolocation
28%
24
Overall23%1017
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (50%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-05-28 18:34:41 UTC
Last Seen2026-06-29 05:46:19 UTC
Profile Built2026-06-29 05:48:23 UTC
Data FreshnessLive
Signal Types21
Total Observations24
๐Ÿ” 21 signal types ยท 24 observations collected
This report is generated from 21+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.