40.121.200.75
IP Intelligence Briefing: 40.121.200.75
Date: 2026-06-15
---
**1. Core Profile**
- Risk Score: Moderate (50/100)
- Ownership: Microsoft Corporation (AS8075)
- Geolocation: Washington, VA, US (Microsoft Azure infrastructure)
- Network Role: CloudCompute (Microsoft Azure)
- Services: Open SSH (port 22)
---
**2. Threat Observations**
- Listings:
- Flagged in 3β8 threat feeds (high-severity categories).
- Recent observation (June 14, 2026): 0.85 confidence, listed in 3+ feeds.
- Abuse Density: Subnet (40.121.200.0/24) has 0 abuse reports.
- DNS: No public PTR records; no email auth (SPF/DKIM).
- TLS/HTTP: No TLS certificates or web server banners detected.
---
**3. Relationships**
- Network Links:
- Directly tied to Microsoft Azure infrastructure (MSFT).
- No peer IPs in the subnet (neighbors list empty).
- Threat Correlation:
- No direct links to known malicious campaigns or domains.
---
**4. Temporal Trends**
- Observation History:
- First flagged on June 3, 2026 (confidence 0.85).
- No persistent malicious activity (threat persistence days = 0).
- Risk Stability:
- Risk score remains stable at 50; no upward trend detected.
---
**5. Security Actions**
- Recommended Mitigations:
- Block IP via firewall rules (iptables/nftables/nginx/AWS WAF).
- Monitor SSH activity (port 22) for unauthorized access attempts.
- Validate DNSSEC and CAA records for subdomains (if applicable).
---
**6. Analyst Notes**
- Context: Microsoft-owned IP with moderate risk, likely part of Azure infrastructure.
- Critical Flags:
- Listed in multiple threat feeds (high-severity categories).
- No subnet-wide abuse, but individual IP flagged.
- Next Steps:
- Investigate SSH access logs for anomalies.
- Cross-reference with internal threat feeds for contextual correlation.
Threat Level: Moderate (monitor and block based on threat feed signals).
---
*Generated by IPDebrief intelligence platform.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Microsoft Corporation |
| ASN | AS8075 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.10 |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 28% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 17% | 2 | 3 |
| ownership | 20% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 20% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:19 UTC |
| Last Seen | 2026-06-27 05:27:21 UTC |
| Profile Built | 2026-06-27 23:32:54 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 30 |
Full dossier details are available via our API.