IPMediumSignal 0/100
20.168.0.218
Location
United StatesPhoenix, Arizona
ASN
AS8075
Microsoft Azure Cloud (westus3)
First Seen
Mar 27, 2025
Last Seen
Jun 2, 2026
Found in 5 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
0%
Signal Score
0 / 100
IDS Rule
No
Threat Context
Tags
Network Information
CountryUnited States
United StatesRegionPhoenix, Arizona
ASNAS8075
OrganizationMicrosoft Azure Cloud (westus3)
Feed Intelligence Summary
5 reports0% confidence
5
Source reports
0%
Confidence score
Category tags
indicatornetworkresearched
Activity Timeline
Jun 2Jun 2
Threat Activity Heatmap
· Peak: 2026-06-02LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
0
SIGNAL
Signal Score
0%
Confidence
5
Reports
First seenMar 27, 2025
Last seenJun 2, 2026
GeolocationUS
CountryUnited States
LocationPhoenix, Arizona
ASNAS8075
OrgMicrosoft Azure Cloud (westus3)
Coords37.7510, -97.8220
VirusTotal
Not checked
WHOIS
- description
- IPv4 hosts detected port scanning Vultr Tokyo (Japan) honeypot
- raw
- NetRange: 20.160.0.0 - 20.175.255.255 CIDR: 20.160.0.0/12 NetName: MSFT NetHandle: NET-20-160-0-0-1 Parent: NET20 (NET-20-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Microsoft Corporation (MSFT) RegDate: 2017-02-22 Updated: 2017-02-22 Ref: https://rdap.arin.net/registry/ip/20.160.0.0 OrgName: Microsoft Corporation OrgId: MSFT Address: One Microsoft Way City: Redmond StateProv: WA PostalCode: 98052 Country: US RegDate: 1998-07-10 Updated: 2024-03-18 Comment: To report suspected security issues specific to traffic emanating from Microsoft online services, including the distribution of malicious content or other illicit or illegal material through a Microsoft online service, please submit reports to: Comment: * https://cert.microsoft.com. Comment: Comment: For SPAM and other abuse issues, such as Microsoft Accounts, please contact: Comment: * [email protected]. Comment: Comment: To report security vulnerabilities in Microsoft products and services, please contact: Comment: * [email protected]. Comment: Comment: For legal and law enforcement-related requests, please contact: Comment: * [email protected] Comment: Comment: For routing, peering or DNS issues, please Comment: contact: Comment: * [email protected] Ref: https://rdap.arin.net/registry/entity/MSFT OrgAbuseHandle: MAC74-ARIN OrgAbuseName: Microsoft Abuse Contact OrgAbusePhone: +1-425-882-8080 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/MAC74-ARIN OrgTechHandle: BEDAR6-ARIN OrgTechName: Bedard, Dawn OrgTechPhone: +1-425-538-6637 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/BEDAR6-ARIN OrgTechHandle: IPHOS5-ARIN OrgTechName: IPHostmaster, IPHostmaster OrgTechPhone: +1-425-538-6637 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/IPHOS5-ARIN OrgTechHandle: KIMAV-ARIN OrgTechName: Kim, Avery OrgTechPhone: +1-425-882-8080 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/KIMAV-ARIN OrgRoutingHandle: CHATU3-ARIN OrgRoutingName: Chaturmohta, Somesh OrgRoutingPhone: +1-425-882-8080 OrgRoutingEmail: [email protected] OrgRoutingRef: https://rdap.arin.net/registry/entity/CHATU3-ARIN OrgTechHandle: SINGH683-ARIN OrgTechName: Singh, Prachi OrgTechPhone: +1-425-707-5601 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/SINGH683-ARIN OrgTechHandle: MRPD-ARIN OrgTechName: Microsoft Routing, Peering, and DNS OrgTechPhone: +1-425-882-8080 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/MRPD-ARIN
- references
- https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 11 days ago
Appeared in 5 threat reports