158.158.124.89
IP INTELLIGENCE BRIEFING
Target IP: 158.158.124.89/32
Classification: Microsoft Azure Cloud Compute Instance
Report Date: 2026-06-18
EXECUTIVE SUMMARY
IP 158.158.124.89 is a Microsoft Azure cloud infrastructure asset located in Madrid, Spain (ES). The address exhibits low-risk characteristics with a risk score of 25/100. No active threat indicators were detected across monitored feeds. The IP operates within a Microsoft Azure cloud compute environment and is associated with ASN 8075 (IRT-MICROSOFT-APNIC-SG).
OWNERSHIP AND NETWORK CLASSIFICATION
The address belongs to organization IRT-MICROSOFT-APNIC-SG under the MICROSOFT-APNIC-AP network block (158.158.0.0/16). Infrastructure classification identifies this as Microsoft Azure cloud compute infrastructure. The address is not flagged as a proxy, VPN, Tor exit, or residential IP. BGP routing shows stable origin through ASN 8075 with path 49788 8075. Route stability is confirmed with zero route changes observed over the past 30 days.
GEOLOCATION AND INFRASTRUCTURE
Geolocation data indicates placement in Madrid, Spain (latitude 40.42, longitude -3.7). Geovalidation was inconclusive due to ICMP blocking during probe attempts, though geo-plausibility flags remain true. The address is classified as hosting infrastructure with firewalled/no services status detected.
THREAT INDICATORS AND BLACKLISTING
No threat indicators were identified across monitored sources. The IP is not registered as a known attacker, spam source, or Tor exit node. Blacklist enumeration returned zero entries. DNSBL listing was detected on 1 of 8 total lists, representing minimal exposure. Abuse confidence score remains uncalculated (null).
NETWORK BEHAVIOR AND SERVICES
Network scanning revealed no open ports. TLS certificate, HTTP title, and server banner data were not observed. DNS configuration shows no PTR hostnames and no forward resolution confirmed. Email authentication records (SPF, DMARC) were not detected.
NEIGHBORHOOD ANALYSIS
The /24 subnet (158.158.124.89/24) contains 3 active sibling IPs with abuse density rated at 1. Classification for the subnet is "mostly_clean." Two neighboring addresses (158.158.124.31, 158.158.124.190) each exhibit risk scores of 25 with authority scores of 50. Inherited risk assessment for the subnet is 7/100.
OBSERVATION HISTORY
Twenty-four historical observations were recorded. The most recent data point dates to 2026-06-18. Operator scores maintained at 0.3478 ("Basic" label) across multiple observation periods. Route stability and BGP community signals remain consistent. Threat observation count totals 1, with no persistent malicious behavior detected.
RELATIONSHIP GRAPH
The IP maintains 19 relationship entries, all categorized as "Same Network" with target value MICROSOFT-APNIC-AP. No external entity relationships (certificates, organizations, hostnames) were identified beyond network-level associations.
RECOMMENDED SECURITY ACTIONS
No automated firewall rules or security recommendations were generated due to low-risk classification. The IP's risk profile does not warrant immediate blocking or defensive firewall modifications.
ASSESSMENT
IP 158.158.124.89 represents a standard Microsoft Azure cloud compute resource with no active threat indicators. The address exhibits benign network behavior consistent with cloud infrastructure operations. Standard cloud provider egress/ingress policies apply. No defensive firewall rules are required at this time.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-MICROSOFT-APNIC-SG |
| ASN | AS8075 |
| Network Name | MICROSOFT-APNIC-AP |
| CIDR Block | 158.158.0.0/16 |
| RIR | ARIN |
| Country | SG |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 22% | 2 | 4 |
| routing | 24% | 2 | 3 |
| services | 12% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 23% | 11 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:03:49 UTC |
| Last Seen | 2026-06-27 00:48:14 UTC |
| Profile Built | 2026-06-27 21:01:22 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 30 |
Full dossier details are available via our API.