40.74.66.130
IP Intelligence Briefing: 40.74.66.130
Date: 2026-06-12
---
**1. Core Profile**
- Risk Score: Moderate (50/100)
- Ownership: Microsoft Corporation (ASN 8075, MSFT)
- Geolocation:
- Country: US
- City: Osaka (discrepancy noted; likely misattribution)
- Coordinates: 39.83°N, -98.58°W (approx. US Midwest)
- Network Role: Microsoft Azure cloud compute infrastructure (firewalled, no services exposed)
- Threat Indicators: No malicious activity detected (zero threat indicators, no DNSBL listings).
---
**2. Observation History**
- Stability:
- BGP routes stable for 30 days (no changes).
- Geolocation data consistent across 17 observations.
- Abuse Density:
- No suspicious activity in the 40.74.0.0/15 prefix.
- Zero abuse-related signals (e.g., spam, phishing, C2).
---
**3. Relationships**
- Linked Entities:
- Subnet: 40.74.0.0/15 (Microsoft Azure infrastructure).
- No external hostnames, certificates, or organizations linked.
- Network Context:
- Part of Microsoftβs enterprise infrastructure; no malicious peer relationships.
---
**4. Neighborhood Analysis**
- Subnet: 40.74.66.130/24
- Abuse Density: 0% (clean subnet).
- Neighbors: No active or risky sibling IPs in the subnet.
---
**5. Recommendations**
- SOC Action:
- No immediate mitigation required.
- Monitor for unexpected geolocation discrepancies or subnet changes.
- Ensure Azure security groups restrict access to trusted sources.
- Firewall Rules:
- Allow traffic via Microsoftβs Azure security best practices (no explicit rules needed).
---
Conclusion:
40.74.66.130 is a legitimate Microsoft Azure cloud resource with no evidence of malicious activity. The IPβs moderate risk score reflects its association with a large enterprise network, but no threats were detected. SOC teams should treat it as low risk but remain vigilant for anomalous behavior.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Microsoft Corporation |
| ASN | AS8075 |
| Network Name | MSFT |
| CIDR Block | 40.74.0.0/15 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 3 |
| routing | 30% | 2 | 3 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 15% | 1 | 2 |
| geolocation | 30% | 2 | 3 |
| Overall | 25% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-02 12:04:15 UTC |
| Last Seen | 2026-06-21 08:47:25 UTC |
| Profile Built | 2026-06-21 09:08:12 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 25 |
Full dossier details are available via our API.