Whenever I look up IP addresses in traffic and it says it’s registered to Microsoft, I can’t tell if it could be an attacker renting a cloud service from them. I’d think that all cloud services would be registered to Microsoft Azure? Can I completely whitelist all IPs with Microsoft as its registrant?
See differences between the two:
In the second link, I can see the name servers are Azure. In the first link, idk if anything is rentable for APTs to use.