IPDebrief

52.185.75.214

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

Threat Intelligence Briefing: IP Address 52.185.75.214/32

Summary:

The IP address 52.185.75.214/32 is associated with Microsoft Corporation (ASN 8075) and operates as a Microsoft Azure cloud infrastructure node. It hosts HTTP/HTTPS services with a server banner of *"Microsoft-Azure-Application-Gateway/v2"*, indicating it is part of Microsoft's managed application gateway service.

Key Findings:

1. Risk Profile:

- Risk Score: 25 (Low Risk)

- Threat Indicators: No malicious activity, spam, or known attacker associations detected.

- Network Stability: Stable routing (BGP route stability: "stable"), no recent ownership changes.

2. Geolocation & Ownership:

- Location: Des Moines, IA, US (geolocation consensus: 100%).

- Provider: Microsoft Azure (cloud compute infrastructure).

- ASN: 8075 (Microsoft Corporation).

3. Network Services:

- Open Ports: 80 (HTTP), 443 (HTTPS).

- TLS Certificate: Valid, issued by GoDaddy, with subject *"*.corestack.io"*.

- Server Fingerprint: Microsoft Azure Application Gateway, no suspicious banners or HTTP anomalies.

4. Observation History:

- Activity Trends: No significant changes in risk signals over time (last 30 days).

- DNS & Routing: DNSSEC valid, no DNSBL listings.

5. Relationships:

- Network Links: Strongly tied to Microsoft's network (MSFT), with no external malicious connections.

- Subnet: Part of a mostly clean /24 subnet (abuse density: 0).

Recommendations:

Conclusion:

The IP address 52.185.75.214/32 is a low-risk, legitimate Microsoft Azure node with no evidence of malicious activity. No security actions are recommended at this time.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡ΊπŸ‡Έ United States
RegionIA
CityDes Moines
TimezoneAmerica/Chicago
Latitude41.60
Longitude-93.61

🏒 Ownership & Registration

OrganizationMicrosoft Corporation
ASNAS8075
Network Nameβ€”
CIDR Block52.160.0.0/11
RIRARIN
Countryβ€”
Abuse ContactAvailable via RDAP

🌐 DNS Intelligence

PTR RecordNo PTR
Forward ConfirmedNo β€” PTR hostname does not resolve back to this IP (weak signal)

πŸ” DNS Hygiene

Hygiene Score60% (Good)
SPFPresent
DMARCPresent
FCrDNSNot verified
DNSSECValid
CAANot configured

☁️ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeWeb Server
Network TierHosting β€” Infrastructure provider without advanced routing
CloudHosting

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
80httptcpβ€”
443httpstcpβ€”
Closed Ports22, 25, 3389, 8080, 8443 (2 open / 7 scanned)
ServerMicrosoft-Azure-Application-Gateway/v2
HTTP Titleβ€”

πŸ” TLS Certificate

πŸ”’
CN=*.corestack.io
Issued by CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
Self-signed: No
SANs*.corestack.iocorestack.io
Valid From2025-09-11T13:19:51+00:00
Valid Until2026-10-13T13:19:51+00:00
TLS ProtocolTls13
Cipher SuiteTLS_AES_256_GCM_SHA384
Signature Algorithmsha256RSA
Validity Period397 days
Serial Number00DAB9F3B6F78D71D9
Thumbprint6840995BF261316A8316A8CC9EB5C86B39F85DC0

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
26%
24
routing
17%
23
services
26%
23
ownership
20%
23
reputation
28%
13
geolocation
33%
23
Overall25%1119
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceMostly Consistent (80%) β€” 1 contradiction(s)
AttributionLow (35%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid
⚠ Claimed geolocation contradicts RTT physics measurement

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-17 03:09:20 UTC
Last Seen2026-06-28 04:38:40 UTC
Profile Built2026-06-28 22:43:41 UTC
Data FreshnessLive
Signal Types26
Total Observations29
πŸ” 26 signal types Β· 29 observations collected
This report is generated from 26+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.