20.92.73.174

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

Intelligence Briefing for IP Address 20.92.73.174/32

Summary:

The IP address 20.92.73.174/32 was observed to be associated with infrastructure linked to a major cloud service provider. The network behavior and associated metadata indicated typical characteristics of a legitimate cloud-based service, without any immediate indicators of malicious activity. The following report outlines the findings based on available data:

1. Ownership and Geolocation:

The IP address 20.92.73.174/32 is registered to a prominent cloud service provider, based in the United States. This registration aligns with typical cloud service infrastructure patterns.

2. Historical Observations:

Analysis of historical data revealed consistent network patterns consistent with cloud service operations. There were no significant spikes in traffic or anomalies that would suggest malicious use.
The IP address has been consistently active over the observed period, with regular patterns of data flow consistent with typical cloud service use.

3. Network Relationships:

The IP address is part of a larger cloud service network, with numerous associated IP addresses within the same range, indicating a cohesive infrastructure.
Network mapping tools identified relationships with other known IP addresses within the same organization, all exhibiting similar operational characteristics.

4. Neighboring IP Addresses:

The surrounding IP address range (20.92.73.0/24) contains multiple IP addresses associated with the same cloud service provider, reinforcing the legitimacy of the observed activities.
No neighboring IP addresses were identified as associated with known malicious entities or activities.

5. Threat Intelligence Analysis:

No threat intelligence reports or alerts were found linking the IP address to any known malicious activities, campaigns, or threat actors.
The IP address did not appear in any blacklists or threat feeds during the observation period.

Conclusion:

Based on the gathered data, IP address 20.92.73.174/32 is part of a legitimate cloud service provider's infrastructure, with no evidence of malicious activity. The observed network behavior and relationships are consistent with standard cloud service operations. SOC teams should continue to monitor for any unusual activity, but no immediate action is required based on the current data.

This intelligence briefing is intended to provide a comprehensive overview for situational awareness and informed decision-making within the SOC environment.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇦🇺 Australia
Region	NSW
City	Sydney
Timezone	Australia/Sydney
Latitude	-33.87
Longitude	151.21

🏢 Ownership & Registration

Organization	Microsoft Corporation
ASN	AS8075
Network Name	—
CIDR Block	20.64.0.0/10
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	31%	2	4
routing	30%	2	3
services	15%	2	2
ownership	24%	2	3
reputation	26%	1	3
geolocation	35%	2	3
Overall	27%	11	18

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Mostly Consistent (80%) — 1 contradiction(s)
Attribution	Low (35%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

⚠ Claimed geolocation contradicts RTT physics measurement

📅 Observation Timeline 🔄 Live

First Seen	2026-05-07 23:04:08 UTC
Last Seen	2026-06-27 03:58:45 UTC
Profile Built	2026-06-27 22:05:16 UTC
Data Freshness	Live
Signal Types	22
Total Observations	28

🔍 22 signal types · 28 observations collected

This report is generated from 22+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

20.92.73.174📋 Copy