20.151.6.104
# IP Intelligence Briefing: 20.151.6.104/32
Classification: Microsoft Azure Cloud Infrastructure
Risk Level: Low Risk (Score: 25/100)
Date Generated: 2026-07-10
---
## Executive Summary
IP address 20.151.6.104 is a Microsoft Corporation-owned IP address allocated from ASN 8075 (Microsoft Azure). The address is classified as cloud compute infrastructure with low-risk reputation. No active threat indicators, known campaigns, or malicious behavior have been observed. The IP is geolocated to Toronto, Ontario, Canada.
---
## Ownership and Network Classification
| Attribute | Value |
|---|---|
| **Organization** | Microsoft Corporation |
| **ASN** | 8075 |
| **Network Block** | 20.150.0.0/15 |
| **Infrastructure Type** | CloudCompute |
| **Cloud Provider** | Microsoft Azure |
| **Registration RIR** | ARIN |
| **Network Role** | Firewalled / No Services |
The IP resides within Microsoft's Azure cloud infrastructure, which is part of a large-scale cloud computing network. The BGP prefix 20.150.0.0/15 indicates this is part of Microsoft's broader cloud address allocation.
---
## Geolocation Data
| Attribute | Value |
|---|---|
| **Country** | Canada (CA) |
| **Province** | Ontario (ON) |
| **City** | Toronto |
| **Coordinates** | 43.65°N, 79.38°W |
| **Timezone** | America/Toronto |
| **Geo Confidence** | 80% |
| **Geo Source Count** | 1 |
| **Consensus Validated** | Yes |
---
## Threat Indicators
| Indicator | Status |
|---|---|
| **Known Attacker** | No |
| **Tor Exit Node** | No |
| **Spam Source** | No |
| **Blacklist Count** | 0 |
| **Abuse Confidence Score** | Not Applicable |
| **Known Campaigns** | None |
| **Threat Feeds** | None |
No threat indicators or malicious activity have been associated with this IP address.
---
## Service and Port Analysis
| Attribute | Status |
|---|---|
| **Open Ports** | None detected |
| **TLS Certificate** | N/A |
| **HTTP Title** | N/A |
| **Server Banner** | N/A |
| **Service Purpose** | Firewalled / No Services |
The IP does not expose any open services or ports, consistent with cloud infrastructure that is typically behind firewalls or load balancers.
---
## Control Plane Analysis
| Attribute | Value |
|---|---|
| **Operator Score** | 0.1304 (Minimal) |
| **Route Changes (30d)** | 0 |
| **Route Stability** | False |
| **DNSSEC Valid** | Yes |
| **DNSBL Listed** | 1 of 8 lists |
| **IRR Consistency** | N/A |
The control plane indicates minimal operator activity. The IP has been listed on 1 out of 8 DNS blacklists, though the specific lists are not disclosed.
---
## Neighborhood Analysis (20.151.6.0/24)
| Attribute | Value |
|---|---|
| **Subnet** | 20.151.6.0/24 |
| **Abuse Density** | 1 (Low) |
| **Classification** | Mostly Clean |
| **Total Siblings** | 1 |
| **Active Siblings** | 1 |
| **Threat Siblings** | 1 |
| **High Risk Neighbors** | 0 |
| **Medium Risk Neighbors** | 0 |
The /24 subnet shows minimal abuse density with classification as "mostly_clean." One threat sibling has been identified in the neighborhood, but no high or medium-risk neighbors detected.
---
## Observation History
Total Observations: 19 signals recorded
Key temporal observations:
- 2026-06-29: Geolocation signal confirmed Toronto, ON, CA (80% confidence)
- 2026-06-20: Subnet classification updated to "mostly_clean" with abuse density 1
- 2026-06-20: Ownership stability confirmed (0 changes)
- 2026-06-20: Network role confirmed as Microsoft Azure cloud infrastructure
The IP has demonstrated stable ownership with no threat persistence observed. Threat observation count remains at 1, indicating minimal malicious activity.
---
## Network Relationships
The IP shows 20 relationship entries, all classified as "Same Network" with target value "MSFT." These relationships confirm the IP's integration within Microsoft's broader network infrastructure.
---
## Recommended Security Actions
Based on the low-risk profile and cloud infrastructure nature:
1. Allow Traffic: No firewall blocking required for legitimate cloud traffic
2. Monitor: Standard monitoring for cloud provider traffic patterns
3. No Blocking Recommended: IP is not associated with known malicious activity
4. Verify Services: If unexpected traffic patterns observed, verify with Azure support
---
## Risk Assessment Summary
| Factor | Rating | Notes |
|---|---|---|
| **Overall Risk** | Low | Score: 25/100 |
| **Provider Trust** | High | Microsoft Corporation |
| **Infrastructure Type** | Cloud | Azure compute |
| **Threat Activity** | None | No indicators found |
| **Historical Behavior** | Stable | No ownership or threat changes |
| **Neighborhood Risk** | Low | Minimal abuse density |
---
Intelligence Conclusion: IP 20.151.6.104 represents normal Microsoft Azure cloud infrastructure with no evidence of malicious use. No defensive action required beyond standard cloud provider traffic monitoring.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Microsoft Corporation |
| ASN | AS8075 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 22% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-24 12:34:39 UTC |
| Last Seen | 2026-06-29 00:06:26 UTC |
| Profile Built | 2026-06-29 06:09:07 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 21 |
Full dossier details are available via our API.