13.68.214.34
IP Intelligence Briefing: 13.68.214.34
*Generated via IPDebrief Analysis*
---
**1. IP Profile**
- Risk Score: 80 (High Risk)
- Ownership: Microsoft Corporation (ASN 8075, Microsoft Azure infrastructure)
- Geolocation: Washington, D.C., USA (validated via geolocation signals)
- Network Role: CloudCompute (Microsoft Azure) β Hosting web services (HTTPS/SSH).
- Services:
- Open ports: 443 (HTTPS), 22 (SSH).
- TLS certificate: Issued by Trend Micro, Inc. (self-signed: false).
- No active malware indicators or known attacker associations.
---
**2. Observation History**
- Recent Activity:
- June 13, 2026: Connection failure detected (low confidence).
- June 10, 2026: Confirmed as Microsoft Azure infrastructure (cloud hosting).
- June 2, 2026: TLS scan showed valid certificate, no banner matches, and no campaign likelihood.
- Trend: No persistent malicious activity observed; risk score remains stable.
---
**3. Relationships & Network Context**
- Linked Entities:
- Directly associated with Microsoft Azure infrastructure (multiple MSFT network ties).
- No known malicious relationships or campaigns correlated.
- Subnet: 13.68.214.34/24 β Clean classification, 0 abuse density.
---
**4. Neighborhood Analysis**
- Subnet Siblings: 1 active IP in 13.68.214.0/24; no threat siblings detected.
- Neighboring IPs: No abuse density reported; subnet appears benign.
---
**5. Security Implications**
- Mitigation: Monitor for unexpected behavior (e.g., port changes, TLS certificate updates).
- Actionable Steps:
- Allow traffic on ports 443/22 for Azure services.
- Validate TLS certificates periodically.
- No immediate blocking recommended due to legitimate cloud infrastructure.
---
Note: This IP is part of Microsoftβs Azure network. Ensure alignment with Microsoftβs security policies and validate any anomalies against known Azure service patterns.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Microsoft Corporation |
| ASN | AS8075 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 443 | https | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_9.6 |
π TLS Certificate
| SANs | None |
| Valid From | 2025-04-24T13:30:45+00:00 |
| Valid Until | 2035-04-22T13:30:45+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_128_GCM_SHA256 |
| Signature Algorithm | sha512ECDSA |
| Validity Period | 3650 days |
| Serial Number | 5D183A1696987778 |
| Thumbprint | 9D762F46D01B7FF3F6C158862375E91E642ABB7F |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 40% | 2 | 5 |
| routing | 8% | 1 | 1 |
| services | 26% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 27% | 2 | 3 |
| Overall | 25% | 10 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:39 UTC |
| Last Seen | 2026-06-26 22:12:43 UTC |
| Profile Built | 2026-06-27 18:25:48 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 26 |
Full dossier details are available via our API.