20.9.93.142

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

## IP Intelligence Briefing: 20.9.93.142/32

Classification: Low Risk - Microsoft Azure Cloud Infrastructure

Executive Summary

IP 20.9.93.142 is a Microsoft Azure cloud endpoint (ASN 8075) with a low-risk profile (risk score: 25). The IP belongs to Microsoft Corporation's MSFT network block (20.0.0.0/11) and is classified as cloud compute infrastructure. No malicious indicators or threat activity detected.

Ownership and Infrastructure

Attribute	Value
ASN	8075
Organization	Microsoft Corporation
Netname	MSFT
Country	United States (Des Moines, IA)
RIR	ARIN
CIDR Block	20.0.0.0/11
Infrastructure Type	CloudCompute

Technical Profile

Open Ports: 443/TCP (HTTPS)
TLS Certificate: Issued by cimpl-stack-ca
Server Banner: istio-envoy
DNS Security: SPF and DMARC configured
Control Plane: DNSSEC valid, route stable
Operator Score: 0.1304 (Minimal)

Threat Indicators

Reputation: Low Risk
Blacklist Count: 0
Known Attacker: No
Spam Source: No
Tor Exit Node: No
Abuse Confidence Score: Not applicable
DNSBL Listings: 0 of 8 total lists

Temporal Analysis

Observation History: 22 signals observed
Most Recent: 2026-06-21
Threat Persistence Days: 0
Is Persistently Malicious: No
Ownership Changes: 0

Neighborhood Analysis

Subnet: 20.9.93.142/24
Abuse Density: 1
Classification: Mostly Clean
Threat Siblings: 1
Active Siblings: 1

Recommended Actions

No firewall rules required. This IP is confirmed Microsoft Azure infrastructure with no malicious indicators.

Monitoring Recommendations:

Continue standard monitoring of Microsoft Azure cloud IPs
No blocking or rate-limiting actions recommended
If traffic is unexpected from this IP, verify via Azure network logs

Intelligence Narrative

The IP address 20.9.93.142 represents legitimate Microsoft Azure cloud infrastructure. The low risk score (25) and absence of blacklist entries indicate benign operation. The IP hosts HTTPS services behind istio-envoy, consistent with Microsoft's cloud compute architecture. The subnet classification as "mostly clean" with minimal abuse density further supports legitimate use. The operator score of 0.1304 reflects minimal routing concerns. Historical analysis shows 22 observations with no escalation in threat indicators over time. No correlation to known threat campaigns or malicious activities. SOC analysts may treat this IP as trusted infrastructure without additional blocking measures.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇺🇸 United States
Region	IA
City	Des Moines
Timezone	America/Chicago
Latitude	41.60
Longitude	-93.61

🏢 Ownership & Registration

Organization	Microsoft Corporation
ASN	AS8075
Network Name	MSFT
CIDR Block	20.0.0.0/11
RIR	ARIN
Country	United States
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	60% (Good)
SPF	Present
DMARC	Present
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
443	https	tcp	—
Closed Ports	22, 25, 80, 3389, 8080, 8443 (1 open / 7 scanned)

Server	istio-envoy
HTTP Title	—

🔐 TLS Certificate

🔒

Issued by CN=cimpl-stack-ca

Self-signed: No

SANs	*.20.9.93.142.nip.io20.9.93.142.nip.io
Valid From	2026-05-28T08:53:35+00:00
Valid Until	2027-05-28T08:53:35+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_256_GCM_SHA384
Signature Algorithm	sha256RSA
Validity Period	365 days
Serial Number	4434F493401CD61F5C606034EA08474093541F7D
Thumbprint	C2B6BBD5C6FA21924DB01FCAF2B7281418AFAEE8

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	27%	2	3
routing	8%	1	1
services	24%	2	3
ownership	27%	2	3
reputation	22%	1	3
geolocation	27%	2	3
Overall	22%	10	16

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-26 18:57:34 UTC
Last Seen	2026-06-29 03:20:28 UTC
Profile Built	2026-06-29 03:22:55 UTC
Data Freshness	Live
Signal Types	23
Total Observations	23

🔍 23 signal types · 23 observations collected

This report is generated from 23+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

20.9.93.142📋 Copy