20.119.41.195
IP Intelligence Briefing: 20.119.41.195
*Generated via IPDebrief Analysis*
---
1. Core Profile
- Risk Score: 25 (Low Risk)
- Ownership: Microsoft Corporation (ASN 8075, MSFT netname)
- Geolocation: Virginia, US (37.37°N, -79.46°E), 150km accuracy radius
- Network Role: Microsoft Azure cloud compute instance (firewalled, no services exposed)
- Threat Indicators: No malicious activity, no abuse confidence scores, not listed in DNSBLs
2. Observation History
- Recent Activity:
- Traceroute to 20.119.41.195 showed ICMP blockage (potential firewall rules).
- June 12 scan detected no open ports (no active services).
- Geolocation inferred via multi-signal analysis (confidence 56%).
- No Threat Correlations: No malicious campaigns, spam, or known attackers linked.
3. Network Relationships
- Linked Entities:
- Same network: Microsoft Azure (MSFT)
- No external subnets or organizations tied to this IP.
4. Subnet Analysis
- Neighboring IPs:
- 20.119.41.196: Risk Score 25 (low), but higher authority score (50).
- Subnet Abuse Density: 0% (no malicious activity in the 20.119.41.0/24 range).
5. Actionable Insights
- Monitor Neighbors: While 20.119.41.195 is low-risk, the neighboring IP (20.119.41.196) has a higher authority score. Investigate if this is part of a larger network with potential risks.
- Verify Cloud Segmentation: Ensure Microsoft Azure resources are properly segmented to prevent lateral movement.
- Traceroute Validation: The ICMP blockage may indicate strict firewall rules, but further validation is needed to confirm network health.
Conclusion: This IP is associated with legitimate Microsoft infrastructure and shows no malicious behavior. Focus on monitoring its subnet and neighboring IPs for anomalies. No immediate mitigation required for this IP itself.
---
*End of Briefing*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Microsoft Corporation |
| ASN | AS8075 |
| Network Name | MSFT |
| CIDR Block | 20.33.0.0/16 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 32% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 19% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 30% | 2 | 3 |
| Overall | 23% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-02 18:13:06 UTC |
| Last Seen | 2026-06-21 09:03:53 UTC |
| Profile Built | 2026-06-21 09:13:55 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 24 |
Full dossier details are available via our API.