52.125.141.24
IP Intelligence Briefing: 52.125.141.24/32
Date: 2026-06-18
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Ownership: Microsoft Corporation (ASN 8075)
- Geolocation: Amsterdam, Netherlands (52.37°N, 4.9°E)
- Network Role: Microsoft Azure CloudCompute (Firewalled / No Services)
- Threat Indicators: No malicious activity detected (empty threat list).
---
**2. Observation History**
- Latest Activity: June 18, 2026 (85% confidence).
- Key Findings:
- DNSBL listing detected (1 of 8 lists).
- Subnet abuse density: 1 (low).
- No persistent malicious behavior (threat observation count: 1).
---
**3. Network Relationships**
- Connected Entities:
- Linked to Microsoft's network (MSFT).
- No DNS, hostnames, or certificates associated.
- Subnet: 52.125.141.24/24 (1 active sibling, 1 threatening sibling).
---
**4. Neighborhood Analysis**
- Subnet Abuse Density: 1 (mostly clean).
- Neighbors:
- 52.125.141.22: Risk score 80 (High Risk).
- Other siblings: No data.
- Action: Monitor neighbor 52.125.141.22 for potential lateral movement or malicious activity.
---
**5. Recommendations**
- SOC Actions:
- Monitor the 52.125.141.24/24 subnet for unusual traffic patterns.
- Investigate the high-risk neighbor (52.125.141.22) for potential compromise.
- Verify if DNSBL listings are false positives (e.g., misconfigured Azure services).
- Firewall Rules:
- Allow traffic to Microsoft Azure (ASN 8075) per business needs.
- Block traffic from 52.125.141.22 if further suspicious activity is detected.
---
Conclusion:
The IP is low risk and owned by Microsoft, but its subnet contains a high-risk neighbor. Focus monitoring on the neighboring IP and ensure Azure services are configured securely. No immediate action required for the primary IP.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Microsoft Corporation |
| ASN | AS8075 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 46% | 2 | 9 |
| routing | 8% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 25% | 10 | 21 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:04:27 UTC |
| Last Seen | 2026-06-27 07:33:07 UTC |
| Profile Built | 2026-06-28 01:39:21 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 29 |
Full dossier details are available via our API.