20.9.87.130
IP Intelligence Briefing: 20.9.87.130
Date: 2026-06-12
---
**1. Core Profile**
- Risk Assessment:
- Overall Risk: Low (0/100)
- Provider Risk: Low (Microsoft Azure infrastructure)
- Threat Indicators: No malicious activity detected (no malware, phishing, or C2 indicators).
- Network Role: Microsoft Azure CloudCompute (firewalled, no public services).
- Geolocation:
- Country: United States (US)
- Region: Iowa (IA)
- City: Des Moines
- Coordinates: 41.6°N, -93.61°W
- Ownership:
- Organization: Microsoft Corporation (ASN: 8075, MSFT)
- Registry: ARIN
- Abuse Contact: Available via RDAP
---
**2. Network Activity**
- Services:
- Open Ports: Scanned ports include HTTP/HTTPS (80/443), SSH (22), and others.
- Server Banner: `nginx/1.27.5`
- TLS: No active certificates detected.
- DNS:
- PTR Record: None found.
- Domain: No associated domains or email auth records (SPF/DKIM).
- BGP:
- Prefix: `20.0.0.0/11` (Microsoft ASN 8075)
- Route Stability: Unstable (recent route changes).
---
**3. Threat Observations**
- Scan Activity:
- Detected 15 observations (last 30 days) including:
- Port Scans: 6 open ports (HTTP, SSH, etc.).
- Threat Feed Listings: 1 high-severity listing (likely benign).
- No Malicious Signatures: No malware, phishing, or exploit indicators.
- Behavioral Flags:
- Honeypot Hits: 0
- WAF Violations: 0
- Enumeration Attempts: 0
---
**4. Network Relationships**
- Connected Entities:
- Same Network: Linked to Microsoft's `MSFT` ASN (20.0.0.0/11).
- No Known Threat Associations: No shared IPs with malicious activity.
---
**5. Subnet Analysis**
- Subnet: `20.9.87.130/24`
- Neighbor Risk:
- Total IPs: 0 (no active neighbors detected).
- Abuse Density: 0% (clean subnet).
---
**6. Recommendations**
- Monitoring: Continue monitoring for unusual traffic patterns, as this is a public-facing cloud server.
- Firewall: Allow standard cloud traffic (HTTP/HTTPS, SSH) but block non-standard ports unless confirmed.
- Validation: Verify DNS and BGP records for consistency with Microsoft's infrastructure.
Conclusion: 20.9.87.130 is a legitimate Microsoft Azure IP with no malicious activity detected. No immediate threat to network security.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Microsoft Corporation |
| ASN | AS8075 |
| Network Name | MSFT |
| CIDR Block | 20.0.0.0/11 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| Closed Ports | 22, 25, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | nginx/1.27.5 |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 33% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 30% | 2 | 3 |
| ownership | 30% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 33% | 2 | 4 |
| Overall | 28% | 10 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-02 18:13:08 UTC |
| Last Seen | 2026-06-21 09:06:23 UTC |
| Profile Built | 2026-06-21 09:12:46 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 23 |
Full dossier details are available via our API.