Near: Columbus, Ohio, United States
IP Lookup Details:
IP Information - 40.107.20.85
Host name: mail-db8eur05on2085.outbound.protection.outlook.com
Country: United States
Country Code: US
Region:
City:
Latitude: 37.751
Longitude: -97.822
Whois information
CIDR: 40.96.0.0/12, 40.74.0.0/15, 40.125.0.0/17, 40.112.0.0/13, 40.124.0.0/16, 40.76.0.0/14, 40.120.0.0/14, 40.80.0.0/12
NetName: MSFT
NetHandle: NET-40-74-0-0-1
Parent: NET40 (NET-40-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Microsoft Corporation (MSFT)
RegDate: 2015-02-23
Updated: 2021-12-14
Ref: https://rdap.arin.net/registry/ip/40.74.0.0
OrgName: Microsoft Corporation
OrgId: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US
RegDate: 1998-07-10
Updated: 2024-03-18
Comment: To report suspected security issues specific to traffic emanating from Microsoft online services, including the distribution of malicious content or other illicit or illegal material through a Microsoft online service, please submit reports to:
Comment: * https://cert.microsoft.com.
Comment:
Comment: For SPAM and other abuse issues, such as Microsoft Accounts, please contact:
Comment: * abuse@microsoft.com.
Comment:
Comment: To report security vulnerabilities in Microsoft products and services, please contact:
Comment: * secure@microsoft.com.
Comment:
Comment: For legal and law enforcement-related requests, please contact:
Comment: * msndcc@microsoft.com
Comment:
Comment: For routing, peering or DNS issues, please
Comment: contact:
Comment: * IOC@microsoft.com
Ref: https://rdap.arin.net/registry/entity/MSFT
OrgTechHandle: MRPD-ARIN
OrgTechName: Microsoft Routing, Peering, and DNS
OrgTechPhone: +1-425-882-8080
OrgTechEmail: IOC@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/MRPD-ARIN
OrgTechHandle: SINGH683-ARIN
OrgTechName: Singh, Prachi
OrgTechPhone: +1-425-707-5601
OrgTechEmail: pracsin@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/SINGH683-ARIN
OrgRoutingHandle: CHATU3-ARIN
OrgRoutingName: Chaturmohta, Somesh
OrgRoutingPhone: +1-425-882-8080
OrgRoutingEmail: someshch@microsoft.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/CHATU3-ARIN
OrgTechHandle: KIMAV-ARIN
OrgTechName: Kim, Avery
OrgTechPhone: +1-425-882-8080
OrgTechEmail: averykim@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/KIMAV-ARIN
OrgAbuseHandle: MAC74-ARIN
OrgAbuseName: Microsoft Abuse Contact
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@microsoft.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/MAC74-ARIN
OrgTechHandle: BEDAR6-ARIN
OrgTechName: Bedard, Dawn
OrgTechPhone: +1-425-538-6637
OrgTechEmail: dabedard@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/BEDAR6-ARIN
OrgTechHandle: IPHOS5-ARIN
OrgTechName: IPHostmaster, IPHostmaster
OrgTechPhone: +1-425-538-6637
OrgTechEmail: iphostmaster@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/IPHOS5-ARIN
FOR YOUR INFORMATIONS and ACTIONS against these Bastards HACKERS USING your servers IP, accounts and mails boxes ! Pour votre Information et Actions contre ces hackers utilisant vos serveurs IP, comptes et boites mails ! Recu Mardi 10 Decembre 2024 après 19h32 mails escrocs ( envoyés les nuits ) via MS Outlook et usurpant ELECTRODEPOT et demandant de rappeler le 09.70.40.50.00 ( ALTICE CAMPUS ) venant de l’adresse Mail bidon: trabzon@bayi.efespilsen.com.tr mais vraie adresse mail pour répondre aux hackers: Reply-To : "SOSCARTE" no-replay@sfr.fr avec adresse IP utilisées: 40.107.20.85 gérée par abuse@microsoft.com Received : from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2085.outbound.protection.outlook.com [40.107.20.85]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mlpnf0116.laposte.net (SMTP Server) with ESMTPS id 4Y76mF37Jdz1GBwD for <@laposte.net>; Tue, 10 Dec 2024 19:32:45 +0100 (CET) ARC-Seal : i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; IP Lookup Details: IP Information - 40.107.20.85 Host name: mail-db8eur05on2085.outbound.protection.outlook.com Country: United States Country Code: US Region: City: Latitude: 37.751 Longitude: -97.822 ******************* Contenu du mail des hackers *************** ?Votre carte est actuellement en mode blocage. • Aujourd'hui, à 19:32 (il y a une heure) 21Ko • • • R De : Réponse • A : Moi • Cmd Confirmé avec succès 684,36 validé sur le site ELECTRODEPOT 1. Pour toute question ou assistance, notre équipe reste à votre disposition . Nous vous invitons à nous rejoindre sur le numeros d'urgence ? **09.70.405.500**. La Consignation sera réalisée sans confirmation préalable. Cordialement, **************** CODES HTML des hackers ******************** Return-Path : <trabzon@bayi.efespilsen.com.tr> Received : from mlpnf0116.laposte.net (mlpnf0116.sys.meshcore.net [10.94.128.95]) by mlpnb0108 with LMTPA; Tue, 10 Dec 2024 19:32:45 +0100 X-Cyrus-Session-Id : cyrus-31264-1733855565-2-5371445277477112732 X-Sieve : CMU Sieve 3.0 ARC-Seal : i=2; a=rsa-sha256; d=laposte.net; s=lpn-wlmd; t=1733855565; cv=pass; b=nX4D3BINX9vxYCYKup+27Uaoz64P1EZo9POqGSrngHjB+hd+n1N1+cThvpWcOypb3NJFcKcXj2d nr2qYIKwTqccuhDA6lfyr3yXu+pDKjkKboHBPeFncw2NpRly1Oedwoek8G5kOokomU3PhZOy8Nia XYC6Z7I/cHxP+whN09UNl3QdhUF94ej/pvTF/9kvVWNYQTUd6tu4RmNOvob/Qn6WulGzWUw6YRuR vvrVA5RmQkS2C9a8A1vwEzoNszmQc3j8pHZqL8PiRhidg5Dj4miYoAI/z2G3OleqM3h504MLZE5C uCCXYYHk+tphLirOiw/Wh9OOKuDbqQdrWDWfUTw== ARC-Message-Signature : i=2; a=rsa-sha256; c=relaxed/relaxed; d=laposte.net; s=lpn-wlmd; t=1733855565; h=DKIM-Signature:From:Subject:To:Reply-To:Date; bh= grw6gZRPStYzpVO3jBTA5MwNetrElgYIz2zZ86zcGq4=; b=LJnpMNOjeNuxO/BFLcA/b3YGjerz eJ+fQ+SazSfYTb5UFUmcv0JDxnkZZlAhPqviXo6JcbIDd+k962u1ImMzL6qQeCGSJX9qWD/2/7vR RDx+MGgCwQLsJk6fJxMOSb+uIe1UzSb/JNhRivno45CxBMdpxpUEiEK4T8/trieq3/XLbfzr8B6b CorKRK9oX9VHI59qEGYde6c6fA4UQXNeEZlaJrImiHl/qQeJoiUfKx2ygvqE4SnZAHkqP+ztAU6C YaQx3ORrZ1oF7O14xpy1ROdKPuWXAx8QLzMRx9v2z14ZKqZTcPSwr5+eTA7jBSKOCt6PYHIXdet2 6DHJAeUpjA== ARC-Authentication-Results : i=2; laposte.net; spf=pass smtp.helo=EUR05-DB8-obe.outbound.protection.outlook.com smtp.mailfrom=trabzon@bayi.efespilsen.com.tr; dkim=pass reason="good signature" header.b=Spnc3A header.d=aefesbayi.onmicrosoft.com header.s=selector2-aefesbayi-onmicrosoft-com; dmarc=none reason="No policy found"; arc=pass header.oldest-pass=0 smtp.remote-ip=40.107.20.85; bimi=skipped reason="non-pass DMARC" X-mail-filterd : {"version":"1.8.0","queueID":"4Y76mF41vmz1GBvw","contextId": "23d8b9e6-4714-4ff4-91b7-09be2f46bd26"} X-ppbforward : {"queueID":"4Y76mF41vmz1GBvw","server":"mlpnf0116"} Received : from outgoing-mail.laposte.net (localhost.localdomain [127.0.0.1]) by mlpnf0116.laposte.net (SMTP Server) with ESMTP id 4Y76mF41vmz1GBvw for <lpn000000000000000018870443@back01-mail02-04.lpn.svc.meshcore.net>; Tue, 10 Dec 2024 19:32:45 +0100 (CET) X-mail-filterd : {"version":"1.8.0","queueID":"4Y76mF37Jdz1GBwD","contextId": "8f0c92c5-cb77-4bdf-83f0-28aa904551c5"} X-lpn-mailing : LEGIT X-lpn-spamrating : 41 X-lpn-spamlevel : not-spam Authentication-Results : laposte.net; spf=pass smtp.mailfrom=trabzon@bayi.efespilsen.com.tr smtp.helo=EUR05-DB8-obe.outbound.protection.outlook.com; dkim=pass reason="good signature" header.d=aefesbayi.onmicrosoft.com header.s=selector2-aefesbayi-onmicrosoft-com header.b=Spnc3A; dmarc=none reason="No policy found"; arc=pass smtp.remote-ip=40.107.20.85 header.oldest-pass=0; bimi=skipped reason="non-pass DMARC"
