104.45.208.30

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

## IP Intelligence Briefing: 104.45.208.30

Executive Summary

IP 104.45.208.30 is a Microsoft Azure cloud infrastructure endpoint with a low-risk profile (risk score: 25). The address is part of Microsoft's global cloud computing network (AS8075, 104.40.0.0/13) and exhibits standard cloud provider behavior with no persistent malicious indicators.

Infrastructure Profile

Organization: Microsoft Corporation (AS8075)
Network: MSFT, 104.40.0.0/13
Location: San Francisco, CA, US (geolocation consensus: true)
Infrastructure Type: Cloud Computing (Microsoft Azure)
Risk Score: 25/100 (Low Risk)
Provider Score: 0
Authority Score: 0

Network Services

The IP hosts three active services:

Port 80/tcp: HTTP (web traffic)
Port 443/tcp: HTTPS (encrypted web traffic)
Port 22/tcp: SSH (OpenSSH 8.2p1 Ubuntu-4ubuntu0.13)

TLS certificate issued by Let's Encrypt (R13) for domain `social.oneworldonesai.com`, indicating the endpoint serves web content for this domain.

Threat Indicators

Abuse Confidence Score: Not applicable (low-risk profile)
Known Attacker: No
Spam Source: No
Tor Exit Node: No
Blacklist Count: 0
DNSBL Listed: 1 of 8 lists
Threat Persistence: 0 days
Campaign Likelihood: None

Observation History

27 signal observations recorded with the following key findings:

Route stability confirmed (isRouteStable: true)
BGP prefix stable with no route changes in 30-day period
Operator score: 0.3478 (Basic classification)
HTTP fingerprinting consistently identifies Apache server with 404 status codes
Geographic consistency observed between San Francisco and San Jose, CA
No persistent malicious behavior detected over observation period

Neighborhood Analysis

The /24 subnet (104.45.208.30/24) shows:

Abuse Density: 0 (mostly clean)
Total Siblings: 1 (1 active sibling)
Threat Siblings: 1
Risk Distribution: No high-risk neighbors identified
Classification: Mostly clean

Relationship Graph

22 relationships identified, all classified as "Same Network" relationships to Microsoft (MSFT), confirming the IP belongs to Microsoft's corporate network infrastructure.

Recommended Actions

Based on the low-risk profile and cloud infrastructure classification:

No immediate blocking recommended
SSH access on port 22 is standard for cloud provider management endpoints
No specific firewall rules generated
Continue monitoring for any changes in risk profile

Assessment

The IP address represents legitimate Microsoft Azure cloud infrastructure. The low risk score, clean neighborhood reputation, and absence of malicious threat indicators support continued normal traffic handling. The single DNSBL listing is likely due to standard cloud provider filtering practices rather than malicious activity. No SOC action required beyond standard monitoring.

---

*Report generated: [Current Date]*

*Data source: IPDebrief Intelligence Platform*

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇺🇸 United States
Region	CA
City	San Francisco
Timezone	America/Los_Angeles
Latitude	37.78
Longitude	-122.42

🏢 Ownership & Registration

Organization	Microsoft Corporation
ASN	AS8075
Network Name	MSFT
CIDR Block	104.40.0.0/13
RIR	ARIN
Country	United States
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	60% (Good)
SPF	Present
DMARC	Present
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Tier 3 — Basic operator with some routing infrastructure

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
443	https	tcp	—
22	ssh	tcp	SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.13
Closed Ports	25, 3389, 8080, 8443 (3 open / 7 scanned)

Server	Apache
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.13

🔐 TLS Certificate

🔒

CN=social.oneworldonesai.com

Issued by CN=R13, O=Let's Encrypt, C=US

Self-signed: No

SANs	social.oneworldonesai.com
Valid From	2026-04-22T02:17:58+00:00
Valid Until	2026-07-21T02:17:57+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_256_GCM_SHA384
Signature Algorithm	sha256RSA
Validity Period	89 days
Serial Number	062E8F130D149946235594AC2C8AE049ECFD
Thumbprint	B98FEBD93382FA8FEF18769EA1B7B2F26D8A4441

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	27%	2	4
routing	27%	2	3
services	27%	2	3
ownership	27%	2	3
reputation	22%	1	3
geolocation	24%	2	3
Overall	26%	11	19

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-28 12:24:33 UTC
Last Seen	2026-06-29 05:19:29 UTC
Profile Built	2026-06-29 05:24:37 UTC
Data Freshness	Live
Signal Types	25
Total Observations	25

🔍 25 signal types · 25 observations collected

This report is generated from 25+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

104.45.208.30📋 Copy