20.228.133.97
# IP Intelligence Briefing: 20.228.133.97/32
Classification: LOW RISK β Legitimate Cloud Infrastructure
Analysis Date: 2026-06-15
Source: IPDebrief Intelligence Platform
---
## Executive Summary
IP address 20.228.133.97 is identified as Microsoft Corporation cloud infrastructure (Microsoft Azure). The IP carries a risk score of 25 (Low Risk) and shows no active threat indicators. The address is part of Microsoft's AS8075 network and is classified as cloud compute infrastructure. No malicious activity, campaigns, or threat correlations were detected.
---
## Ownership and Infrastructure
| Attribute | Value |
|---|---|
| **Organization** | Microsoft Corporation |
| **ASN** | 8075 |
| **Infrastructure Type** | CloudCompute |
| **Network Role** | Microsoft Azure |
| **Provider** | Microsoft Azure |
| **Country** | US |
| **Region** | Virginia |
| **CIDR Block** | 20.228.133.0/24 |
| **BGP Prefix** | 20.192.0.0/10 |
---
## Risk Assessment
- Overall Risk Score: 25 (Low Risk)
- Abuse Confidence Score: Not applicable
- Blacklist Count: 0
- Threat Indicators: None detected
- Known Campaigns: None
- Tor Exit Node: False
- Known Attacker: False
- Spam Source: False
---
## Network Behavior
- Open Ports: None detected
- Active Services: None detected
- TLS Certificate: None
- HTTP Banner: None
- Reverse DNS: None
- Forward Resolution: Unresolved
The IP is configured with firewalled/no services posture, consistent with cloud infrastructure that may not expose public-facing services from this specific endpoint.
---
## Control Plane Analysis
- Operator Score: 0.1304 (Minimal)
- Route Stability: False
- DNSSEC Valid: True
- RPKI State: Not available
- Route Changes (30 days): 0
---
## Temporal Analysis
- Threat Persistence Days: 0
- Threat Observation Count: 1
- Ownership Changes: 0
- Persistently Malicious: False
The IP has demonstrated consistent ownership and infrastructure classification with no observed malicious behavior over the observation period.
---
## Geographic Data
- Country: United States (US)
- Region: Virginia (VA)
- Coordinates: 37.37° N, -79.46° W
- Timezone: America/New_York
- Geo Source Count: 2
- Geo Consensus: True
---
## Neighborhood Analysis (20.228.133.0/24)
- Subnet Classification: Mostly Clean
- Abuse Density: 0
- Total Siblings: 1
- Active Siblings: 1
- Threat Siblings: 1
- High Risk Neighbors: 0
- Medium Risk Neighbors: 0
The immediate /24 subnet shows minimal abuse density, consistent with Microsoft's legitimate cloud infrastructure.
---
## Relationship Graph
The IP maintains 11 network relationships, all identified as "Same Network" with MSFT (Microsoft Corporation), confirming the IP's integration within Microsoft's broader network infrastructure.
---
## Observation History
Total observations: 18
Key observations:
- 2026-06-15: Operator score 0.1304, DNSSEC validation active
- 2026-06-09: Confirmed Microsoft Azure cloud infrastructure, Virginia location
- Consistent Classification: No changes to infrastructure type or ownership over observation period
---
## Recommended Actions
| Action Type | Recommendation |
|---|---|
| **Firewall** | No blocking required β legitimate cloud infrastructure |
| **Monitoring** | Standard monitoring appropriate |
| **Threat Intel** | No threat indicators present |
| **Reputation** | Low risk β maintain current classification |
Note: While the control plane data indicates 1 DNSBL listing among 8 total lists, the overall threat assessment remains LOW RISK. This discrepancy warrants continued monitoring but does not currently indicate malicious activity.
---
## Conclusion
IP 20.228.133.97 represents legitimate Microsoft Azure cloud infrastructure with no evidence of malicious activity. The IP demonstrates stable ownership, consistent geographic attribution to Virginia, and clean neighborhood metrics. No security actions or blocking are recommended. Standard monitoring practices should be maintained.
Analyst Notes: This IP should be treated as trusted infrastructure. If this IP appears in threat feeds or incident reports, investigate the context of those reports against this baseline profile.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Microsoft Corporation |
| ASN | AS8075 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 20% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-21 08:55:09 UTC |
| Last Seen | 2026-06-28 13:11:49 UTC |
| Profile Built | 2026-06-29 07:17:07 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 22 |
Full dossier details are available via our API.