23.97.62.113
# IP INTELLIGENCE BRIEFING
Target: 23.97.62.113/32
Classification: Microsoft Azure Infrastructure
Risk Assessment: Moderate Risk (Score: 40/100)
Generated: [Current Time]
---
## EXECUTIVE SUMMARY
IP 23.97.62.113 is a Microsoft Azure cloud infrastructure address (AS8075) geolocated to Singapore. The IP presents moderate risk primarily driven by DNSBL listings (2 of 8 lists) rather than active threat indicators. No confirmed malicious activity, campaigns, or attack signatures were detected. The subnet (23.97.62.0/24) exhibits clean classification with zero abuse density.
---
## OWNERSHIP & INFRASTRUCTURE
| Attribute | Value |
|---|---|
| ASN | 8075 (Microsoft Corporation) |
| Netname | MSFT |
| CIDR Block | 23.96.0.0/13 |
| Infrastructure Type | CloudCompute |
| Classification | Microsoft Azure |
| RIR | ARIN |
---
## GEOLOCATION
| Attribute | Value |
|---|---|
| Country | Singapore (SG) |
| City | Singapore |
| Coordinates | 1.35°N, 103.82°E |
| Accuracy | 150 km radius |
| Consensus | Yes (1 source) |
---
## THREAT INDICATORS
| Indicator | Status |
|---|---|
| Known Attacker | False |
| Spam Source | False |
| Tor Exit Node | False |
| Blacklist Count | 0 |
| DNSBL Listed | 2 of 8 lists |
| Threat Feeds | None |
| Known Campaigns | None |
---
## NETWORK SERVICES
- Open Ports: None detected (firewalled/no services)
- TLS Certificate: None
- Hosted Domains: 0
- Email Authentication: SPF/DMARC not configured (no hosted domains)
---
## OBSERVATION HISTORY
Total Observations: 17
Recent Signals (June 2026):
- 2026-06-21: Geolocation Singapore (confidence: 56%)
- 2026-06-16: Operator score "Minimal" (0.1304)
- 2026-06-13: ASN AS8075 Microsoft Corporation flagged with 35 threat pulses
Temporal Analysis:
- Ownership Changes: 0
- Threat Persistence Days: 0
- Is Persistently Malicious: False
---
## NEIGHBORHOOD ANALYSIS (23.97.62.0/24)
| Metric | Value |
|---|---|
| Subnet Size | 256 IPs |
| Total Siblings | 7 |
| Active Siblings | 1 |
| Abuse Density | 0 (clean) |
| Threat Siblings | 0 |
Neighbor Risk Distribution:
- High Risk: 0
- Medium Risk: 2 (25.97.62.115, 25.97.62.116)
- Low Risk: 5 (25.97.62.121, 133, 135, 146, 150)
---
## SECURITY ACTIONS
Recommended Firewall Rules:
- iptables: `iptables -A INPUT -s 23.97.62.113 -j DROP`
- nftables: `nft add rule inet filter input ip saddr 23.97.62.113 drop`
- nginx: `deny 23.97.62.113;`
- Cloudflare WAF: Block with expression `ip.src eq 23.97.62.113`
- AWS WAF: Block address `23.97.62.113/32`
Risk-Based Recommendation:
Given the moderate risk score (40) with no confirmed threat indicators, monitor rather than block unless additional contextual signals emerge. The IP operates within legitimate Microsoft Azure infrastructure with no active malicious activity detected.
---
## INTELLIGENCE CONCLUSION
IP 23.97.62.113 represents Microsoft Azure cloud infrastructure with moderate risk primarily from DNSBL listings rather than confirmed threat activity. The subnet shows clean abuse density and no threat siblings. Recommended action: Monitor with logging; no immediate blocking required unless additional threat indicators surface.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Microsoft Corporation |
| ASN | AS8075 |
| Network Name | MSFT |
| CIDR Block | 23.96.0.0/13 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 15% | 1 | 2 |
| geolocation | 27% | 2 | 2 |
| Overall | 19% | 9 | 11 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-04 12:42:11 UTC |
| Last Seen | 2026-06-21 11:27:57 UTC |
| Profile Built | 2026-06-21 11:56:23 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 20 |
Full dossier details are available via our API.