IPDebrief

20.51.120.24

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# INTELLIGENCE BRIEFING: IP 20.51.120.24/32

Classification: LOW RISK β€” Cloud Infrastructure

Generated: Based on IPDebrief intelligence data

Target: 20.51.120.24

---

## EXECUTIVE SUMMARY

IP address 20.51.120.24 is a Microsoft Azure cloud infrastructure server operating with low-risk characteristics. The system presents as a legitimate web hosting endpoint for the domain clientes.soporteit.uy. No active threat indicators were detected, and the IP maintains proper security configurations including DNSSEC validation and email authentication records.

---

## RISK PROFILE

MetricValue
Risk Score25 (Low Risk)
ReputationLow Risk
Provider Score0
Authority Score0
Is CloudYes
Is Known AttackerNo
Is Spam SourceNo
Blacklist Count0

---

## OWNERSHIP & INFRASTRUCTURE

---

## GEOLOCATION

---

## NETWORK SERVICES & EXPOSED PORTS

PortProtocolService
80TCPHTTP
443TCPHTTPS
22TCPSSH

Additional Indicators:

---

## DNS & EMAIL AUTHENTICATION

---

## THREAT ANALYSIS

Active Threat Indicators:

Control Plane Observations:

---

## NEIGHBORHOOD ANALYSIS

Subnet: 20.51.120.0/24

MetricValue
Abuse Density1
ClassificationMostly Clean
Total Siblings1
Active Siblings1
Threat Siblings1
Inherited Risk2

The subnet shows minimal abuse activity with one threat sibling present.

---

## OBSERVATION HISTORY

Total Observations: 22

Recent Signals Include:

Temporal Indicators:

---

## RELATIONSHIP GRAPH

Identified Associations:

---

## SECURITY ACTIONS & RECOMMENDATIONS

Recommended Actions: None

Rationale: The IP presents as low-risk cloud infrastructure with proper security configurations. Standard cloud provider egress filtering and monitoring are sufficient.

Firewall Rules: Not required (no positive threat indicators)

---

## SOC ANALYST NOTES

1. Operational Context: This IP is Microsoft Azure cloud infrastructure hosting a support client portal. The legitimate business use case aligns with observed traffic patterns.

2. Threat Posture: Low risk. No malicious activity detected. The single DNSBL listing requires contextual investigation but does not indicate active compromise.

3. Monitoring: Continue standard cloud infrastructure monitoring. No escalation recommended based on current data.

4. Historical Trend: 22 observations show consistent low-risk behavior with no degradation in reputation.

5. Related Infrastructure: Monitor Microsoft Azure prefix 20.48.0.0/12 for coordinated activity if additional threats emerge.

---

END OF BRIEFING

*Data source: IPDebrief Intelligence Platform*

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡ΊπŸ‡Έ United States
RegionWA
CityQuincy
TimezoneAmerica/Los_Angeles
Latitude47.23
Longitude-119.85

🏒 Ownership & Registration

OrganizationMicrosoft Corporation
ASNAS8075
Network Nameβ€”
CIDR Blockβ€”
RIRARIN
Countryβ€”
Abuse ContactAvailable via RDAP

🌐 DNS Intelligence

PTRclientes.soporteit.uy
Forward ConfirmedYes β€” FCrDNS verified
Forward Hostnamesclientes.soporteit.uy

πŸ” DNS Hygiene

Hygiene Score80% (Excellent)
SPFPresent
DMARCPresent
FCrDNSVerified
DNSSECValid
CAANot configured

☁️ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeWeb Server
Network TierHosting β€” Infrastructure provider without advanced routing
CloudHosting

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
80httptcpβ€”
443httpstcpβ€”
22sshtcp
Closed Ports25, 3389, 8080, 8443 (3 open / 7 scanned)
Servernginx
HTTP Titleβ€”
SSH VersionSSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.13+tuxcare.els3

πŸ” TLS Certificate

πŸ”’
CN=clientes.soporteit.uy
Issued by CN=R12, O=Let's Encrypt, C=US
Self-signed: No
SANsclientes.soporteit.uy
Valid From2026-04-26T12:09:55+00:00
Valid Until2026-07-25T12:09:54+00:00
TLS ProtocolTls13
Cipher SuiteTLS_AES_256_GCM_SHA384
Signature Algorithmsha256RSA
Validity Period89 days
Serial Number0542E3A6728C863B5604A961E0157F853208
Thumbprint01C06C7C7C0E76A8C7AB4152119957D009CB1951

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
22%
24
routing
8%
11
services
26%
23
ownership
24%
23
reputation
26%
13
geolocation
25%
22
Overall22%1016
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (70%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-14 19:28:46 UTC
Last Seen2026-06-28 01:23:59 UTC
Profile Built2026-06-28 19:28:53 UTC
Data FreshnessLive
Signal Types22
Total Observations25
πŸ” 22 signal types Β· 25 observations collected
This report is generated from 22+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.