4.228.83.111
IP Intelligence Briefing: 4.228.83.111
Date: 2026-06-09
---
**1. Core Profile**
- Risk Score: 65/100 (Moderate Risk)
- Ownership: Microsoft Corporation (ASN 8075)
- Geolocation: United States, Campinas, Brazil (latitude 39.83, longitude -98.58)
- Network Role: Microsoft Azure CloudCompute (firewalled, no public services)
- Threat Indicators: No malicious activity detected (no abuse reports, spam, or campaigns).
---
**2. Observation History**
- Recent Activity (Last 30 Days):
- DNSSEC validation issues noted (possibly misconfigured).
- Stable network role as Microsoft Azure infrastructure.
- No persistent malicious behavior or threat persistence.
- Risk Trends: Minimal fluctuations; current risk score remains moderate.
---
**3. Relationships & Subnet**
- Linked Entities:
- Strong ties to Microsoft Azure networks (MSFT).
- No connections to known malicious organizations or subnets.
- Subnet: 4.228.83.111/24
- Abuse Density: 0% (clean subnet).
- Neighbors: 1 sibling IP (4.228.83.12) with low risk score (25/100).
---
**4. Security Recommendations**
- Monitoring:
- Increase logging verbosity for this IP and review recent activity.
- Monitor DNSSEC validation status due to potential misconfiguration.
- Firewall Rules:
- iptables: `iptables -A INPUT -s 4.228.83.111 -j DROP`
- Cloudflare WAF: Block IP with rule `ip.src eq 4.228.83.111`
- AWS WAF: Add `4.228.83.111/32` to a rule with description "IPDebrief risk 65".
---
**5. Conclusion**
The IP is a legitimate Microsoft Azure resource with no direct evidence of malicious activity. The moderate risk score may stem from DNSSEC issues or isolated anomalies. SOC teams should maintain monitoring for unusual behavior, especially given its cloud infrastructure role. No immediate blocking recommended, but enhanced logging is advised.
Source: IPDebrief Threat Intelligence Platform
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Microsoft Corporation |
| ASN | AS8075 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 39% | 2 | 3 |
| routing | 8% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 22% | 1 | 2 |
| geolocation | 33% | 2 | 3 |
| Overall | 23% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-20 22:13:12 UTC |
| Last Seen | 2026-06-28 12:45:08 UTC |
| Profile Built | 2026-06-29 06:50:44 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 22 |
Full dossier details are available via our API.