20.65.194.164
IP Intelligence Briefing: 20.65.194.164
Date: 2026-06-16
---
**1. IP Profile**
- Risk Score: Low (25/100) | Reputation: Low Risk
- Ownership: Microsoft Corporation (ASN 8075, MSFT)
- Geolocation: San Antonio, Texas, US (29.43°N, -98.49°W)
- Network Role: Microsoft Azure Cloud Compute (Firewalled / No Services)
- Threat Indicators: No malicious activity detected; not listed in blacklists or threat feeds.
---
**2. Observation History**
- Recent Activity (2026-06-16):
- Stable geolocation and DNS records (ptr: `azpdssn2jsr7.stretchoid.com`).
- No changes in risk score or threat indicators.
- BGP route stability: 0 changes in 30 days; route is stable.
- Historical Context:
- No persistent malicious behavior or campaign associations.
---
**3. Relationships & Dependencies**
- Network Affiliation:
- Part of Microsoft's MSFT ASN (20.33.0.0/16).
- Subnet: `20.65.194.164/24` (abuse density: 42.86%).
- DNS Associations:
- Linked to `azpdssn2jsr7.stretchoid.com` (domain: `stretchoid.com`).
- No email authentication (SPF/DKIM) detected.
---
**4. Neighborhood Analysis**
- Subnet (20.65.194.164/24):
- Abuse Density: 42.86% (mixed risk).
- High-Risk Neighbors:
- `20.65.194.28` (risk score: 40)
- `20.65.194.168` (risk score: 40)
- Low-Risk Neighbors:
- `20.65.194.111` (risk score: 0)
- `20.65.194.129` (risk score: 25)
- Total Siblings: 7 (4 active, 3 flagged as threats).
---
**5. Threat Assessment**
- Direct Risk: Minimal. The IP is associated with Microsoft Azure and shows no malicious activity.
- Subnet Risk: Moderate. Neighboring IPs exhibit higher risk scores, suggesting potential for lateral movement or shared infrastructure risks.
- Recommendations:
- Monitor subnet for unusual traffic patterns, especially around high-risk neighbors.
- Verify DNS records (`azpdssn2jsr7.stretchoid.com`) for potential misconfigurations.
- Ensure network segmentation to isolate cloud infrastructure from internal systems.
---
Conclusion:
The IP `20.65.194.164` is a legitimate Microsoft Azure resource with no direct threat indicators. However, its subnet contains high-risk neighbors, warranting closer scrutiny. SOC teams should focus on subnet-level monitoring and validate DNS/infrastructure configurations to mitigate potential indirect risks.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Microsoft Corporation |
| ASN | AS8075 |
| Network Name | MSFT |
| CIDR Block | 20.33.0.0/16 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | azpdssn2jsr7.stretchoid.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | azpdssn2jsr7.stretchoid.com |
π DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 30% | 2 | 3 |
| Overall | 22% | 9 | 12 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-03 06:16:20 UTC |
| Last Seen | 2026-06-21 09:50:58 UTC |
| Profile Built | 2026-06-21 10:06:45 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 23 |
Full dossier details are available via our API.