# INTELLIGENCE BRIEFING: 4.223.136.67
Classification: Low Risk / Microsoft Azure Infrastructure
Date: 2026-06-23
Analyst: IPDebrief Intelligence Team
---
## EXECUTIVE SUMMARY
IP 4.223.136.67 is a Microsoft Azure cloud compute resource located in Stockholm, Sweden (ASN 8075). The IP demonstrates low-risk characteristics with a reputation score of 25 and no active threat indicators. No actionable security recommendations are generated based on current risk profile.
---
## NETWORK OWNERSHIP & CLASSIFICATION
| Attribute | Value |
|---|---|
| **IP Address** | 4.223.136.67/32 |
| **Organization** | Microsoft Corporation |
| **ASN** | 8075 |
| **Country** | SE (Sweden) |
| **Region** | AB (Stockholm) |
| **Network Role** | Microsoft Azure CloudCompute |
| **Infrastructure Type** | Cloud |
| **Hosting** | Yes |
| **ISP/Provider** | Microsoft Azure |
---
## RISK ASSESSMENT
| Metric | Value | Assessment |
|---|---|---|
| **Overall Risk Score** | 25 | Low Risk |
| **Abuse Confidence Score** | N/A | No abuse detected |
| **Blacklist Count** | 0 | Clean |
| **Known Campaigns** | None | No active campaigns |
| **Is Tor Exit** | No | N/A |
| **Is Known Attacker** | No | N/A |
| **Is Spam Source** | No | N/A |
---
## THREAT INDICATORS
Current Signal Status: CLEAN
- Threat Indicators: None detected
- DNSBL Listings: 1 listing (out of 8 total)
- Campaign Likelihood: None
- Correlated IPs: 0
- Certificate Matches: 0
Temporal Analysis:
- Threat Persistence Days: 0
- Ownership Changes: 0
- Is Persistently Malicious: No
- Threat Observation Count: 1
---
## OBSERVATION HISTORY
Analysis Period: 2026-06-18 through 2026-06-23
Total Observations: 20
Recent Signal Trends:
- 2026-06-23: Operator Score 0.1304 (Minimal)
- 2026-06-19: Operator Score 0.1304 (Minimal)
- 2026-06-18: Operator Score 0.1304 (Minimal)
Historical Consistency: Risk profile remains stable with consistent "Minimal" operator scores. No escalation in threat signals observed.
---
## NETWORK RELATIONSHIPS
Total Relationships: 22
Network Classification: Microsoft (MSFT) infrastructure
All 22 relationships classified as "Same Network" targeting Microsoft Corporation infrastructure. This confirms the IP operates within Microsoft's global network topology, specifically Azure cloud services.
---
## SUBNET ANALYSIS
Subnet: 4.223.136.67/24
- Abuse Density: 0
- Classification: mostly_clean
- Total Siblings: 1
- Active Siblings: 1
- Threat Siblings: 1
- Inherited Risk: 2
Neighborhood Risk: Minimal. No high or medium risk neighbors detected in the /24 subnet.
---
## SERVICES & DNS
| Service | Status |
|---|---|
| **Open Ports** | None detected |
| **TLS Certificate** | N/A |
| **Forward Resolution** | Not confirmed |
| **Hosted Domains** | 0 |
| **DNSSEC Valid** | Yes |
| **PTR Hostnames** | None |
| **Email Auth (SPF/DMARC)** | N/A |
Control Plane:
- Origin ASN: 8075
- BGP Prefix: 4.208.0.0/12
- Route Stability: False
- RPKI State: Unknown
- Route Changes (30d): 0
---
## RECOMMENDED ACTIONS
Current Risk Score: 25 (Low)
Security Recommendations:
No specific firewall rules or blocking actions recommended based on current risk profile.
Firewall Rule Status: Not applicable
WAF Policy: No action required
Operational Guidance: Monitor as part of normal Microsoft Azure traffic. No special handling required unless traffic patterns indicate anomalous behavior.
---
## GEOLOCATION VALIDATION
- Geolocation Source Count: 1
- Geo Consensus: True
- Geo Plausible: True
- Accuracy Radius: 150 km
- Validation Status: ICMP blocked - unable to validate
- Minimum Possible RTT: 20.8 ms
---
## INTELLIGENCE SUMMARY
IP 4.223.136.67 represents a Microsoft Azure cloud compute resource with low-risk characteristics. The IP shows no active threat indicators, maintains clean blacklist status, and operates within Microsoft's established network infrastructure. Historical observations confirm stable risk posture with no escalation trends. No immediate security actions are warranted. SOC teams should monitor as part of routine Azure traffic analysis.
---
End of Briefing
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Microsoft Corporation |
| ASN | AS8075 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 21% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:18 UTC |
| Last Seen | 2026-06-27 05:15:23 UTC |
| Profile Built | 2026-06-27 23:21:25 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 24 |
Full dossier details are available via our API.