IP Intelligence Briefing: 52.190.140.131
Date: 2026-06-16
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Provider: Microsoft Azure (ASN 8075)
- Geolocation: San Francisco, CA, US (37.78°N, -122.42°W)
- Network Role: CloudCompute (Microsoft Hosting)
- Threat Indicators: No malicious activity detected (no blacklists, campaigns, or abuse reports).
---
**2. Observation History (30 Days)**
- Consistency: Stable with no significant risk changes.
- Key Signals:
- Geolocation inferred via multi-signal methods (accuracy ±150km).
- Network ownership confirmed as Microsoft (ARIN-registed CIDR: 52.145.0.0/16).
- DNSSEC validation and route stability observed.
---
**3. Relationships**
- Linked Entities:
- Subnet: 52.145.0.0/16 (Microsoft "MSFT" netname).
- No external domains or certificates associated.
- Network Context: Part of Microsoft's Azure infrastructure, likely a virtual machine or cloud service.
---
**4. Neighborhood Analysis**
- Subnet: 52.190.140.131/24
- Neighbor Risk:
- 1 sibling IP (52.190.140.97) with moderate risk (authority score 50).
- Subnet abuse density: 0% (no malicious activity detected in neighbors).
---
**5. Recommended Actions**
- Firewall Rules: No action required due to low risk.
- Monitoring: Track for unexpected outbound connections or deviations from Azure baseline behavior.
- Context: Confirm alignment with Microsoft's infrastructure patterns (e.g., cloud service traffic).
---
Conclusion:
This IP is associated with Microsoft Azure and shows no signs of malicious activity. The low risk score and stable network behavior suggest it is a legitimate cloud resource. SOC teams should monitor for anomalies but no immediate mitigation is required.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Microsoft Corporation |
| ASN | AS8075 |
| Network Name | MSFT |
| CIDR Block | 52.145.0.0/16 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 2 |
| routing | 17% | 1 | 1 |
| services | 17% | 1 | 1 |
| ownership | 35% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 24% | 2 | 2 |
| Overall | 22% | 9 | 11 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-07 19:59:38 UTC |
| Last Seen | 2026-06-21 14:15:26 UTC |
| Profile Built | 2026-06-21 14:21:46 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 18 |
Full dossier details are available via our API.