Malware OriginationIP!

This IP address is originating spam emails with malware-infected attachments, and sending those emails through a server on Hetzner.

Received: from <x> (static.125.150.99.88.clients.your-server.de [88.99.150.125])
Received: from <x> (unknown [52.147.206.18])
Date: Wed, 19 Aug 2020 13:##:## +0000
From: «WeTransfer» <noreply@wetransfer.com>
Subject: You Have Received File Via WeTransfer

<snip>

Attention

You have received files via
WeTransfer
2 file, 16.3 MB in total · Will be deleted on 22 August, 2020

[ Get your files ]

<snip>

URI: https://firebasestorage.googleapis.com/<x>

NetRange: 52.145.0.0 — 52.191.255.255
CIDR: 52.146.0.0/15, 52.152.0.0/13, 52.160.0.0/11, 52.145.0.0/16, 52.148.0.0/14
NetName: MSFT
NetHandle: NET-52-145-0-0-1
Parent: NET52 (NET-52-0-0-0-0)
NetType: Direct Assignment
OriginAS:
Organization: Microsoft Corporation (MSFT)
RegDate: 2015-11-24
Updated: 2015-11-24
Ref: https://rdap.arin.net/registry//ip/52.145.0.0

OrgName: Microsoft Corporation
OrgId: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US
RegDate: 1998-07-10
Updated: 2017-01-28
Comment: To report suspected security issues specific to traffic emanating from Microsoft online services, including the distribution of malicious content or other illicit or illegal material through a Microsoft online service, please submit reports to:
Comment: * https://cert.microsoft.com.
Comment:
Comment: For SPAM and other abuse issues, such as Microsoft Accounts, please contact:
Comment: * abuse@microsoft.com.
Comment:
Comment: To report security vulnerabilities in Microsoft products and services, please contact:
Comment: * secure@microsoft.com.
Comment:
Comment: For legal and law enforcement-related requests, please contact:
Comment: * msndcc@microsoft.com
Comment:
Comment: For routing, peering or DNS issues, please
Comment: contact:
Comment: * IOC@microsoft.com
Ref: https://rdap.arin.net/registry//entity/MSFT

OrgTechHandle: MRPD-ARIN
OrgTechName: Microsoft Routing, Peering, and DNS
OrgTechPhone: +1-425-882-8080
OrgTechEmail: IOC@microsoft.com
OrgTechRef: https://rdap.arin.net/registry//entity/MRPD-ARIN

OrgAbuseHandle: MAC74-ARIN
OrgAbuseName: Microsoft Abuse Contact
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@microsoft.com
OrgAbuseRef: https://rdap.arin.net/registry//entity/MAC74-ARIN

Добавить комментарий

Ваш адрес email не будет опубликован.