This IP address is originating spam emails with malware-infected attachments, and sending those emails through a server on Hetzner.
Received: from <x> (static.18.104.22.168.clients.your-server.de [22.214.171.124])
Received: from <x> (unknown [126.96.36.199])
Date: Wed, 19 Aug 2020 13:##:## +0000
From: «WeTransfer» <email@example.com>
Subject: You Have Received File Via WeTransfer
You have received files via
2 file, 16.3 MB in total · Will be deleted on 22 August, 2020
[ Get your files ]
NetRange: 188.8.131.52 — 184.108.40.206
CIDR: 220.127.116.11/15, 18.104.22.168/13, 22.214.171.124/11, 126.96.36.199/16, 188.8.131.52/14
Parent: NET52 (NET-52-0-0-0-0)
NetType: Direct Assignment
Organization: Microsoft Corporation (MSFT)
OrgName: Microsoft Corporation
Address: One Microsoft Way
Comment: To report suspected security issues specific to traffic emanating from Microsoft online services, including the distribution of malicious content or other illicit or illegal material through a Microsoft online service, please submit reports to:
Comment: * https://cert.microsoft.com.
Comment: For SPAM and other abuse issues, such as Microsoft Accounts, please contact:
Comment: * firstname.lastname@example.org.
Comment: To report security vulnerabilities in Microsoft products and services, please contact:
Comment: * email@example.com.
Comment: For legal and law enforcement-related requests, please contact:
Comment: * firstname.lastname@example.org
Comment: For routing, peering or DNS issues, please
Comment: * IOC@microsoft.com
OrgTechName: Microsoft Routing, Peering, and DNS
OrgAbuseName: Microsoft Abuse Contact