IOC Radar
IPMediumSignal 0/100

13.107.138.10

Location
United StatesUnited States
Redmond, Washington
ASN
AS8075
Microsoft Corporation
First Seen
Apr 9, 2025
Last Seen
May 29, 2026
Apr 9
First Seen
427d ago
May 29
Last Seen
12d ago
4
Reports
source reports
0%
Confidence
medium
Found in 4 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
0%
Signal Score
0 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryUSUnited States
RegionRedmond, Washington
ASNAS8075
OrganizationMicrosoft Corporation

Feed Intelligence Summary

4 reports0% confidence
4
Source reports
0%
Confidence score
Category tags
indicatornetworkresearched

Activity Timeline

1 total obs
May 29May 29

Threat Activity Heatmap

· Peak: 2026-05-29
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
0
SIGNAL
Signal Score
0%
Confidence
4
Reports
First seenApr 9, 2025
Last seenMay 29, 2026
GeolocationUS
CountryUnited States
LocationRedmond, Washington
ASNAS8075
OrgMicrosoft Corporation
Coords47.6711, -122.1253

VirusTotal

Not checked

WHOIS

description
If I didn't know better, I would guess that is AWS, Fastly, Cloudflare botnet activity Targetting Urkraine Origin: Edmonton, Alnerta
raw
NetRange: 13.64.0.0 - 13.107.255.255 CIDR: 13.64.0.0/11, 13.104.0.0/14, 13.96.0.0/13 NetName: MSFT NetHandle: NET-13-64-0-0-1 Parent: NET13 (NET-13-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Microsoft Corporation (MSFT) RegDate: 2015-03-26 Updated: 2021-12-14 Ref: https://rdap.arin.net/registry/ip/13.64.0.0 OrgName: Microsoft Corporation OrgId: MSFT Address: One Microsoft Way City: Redmond StateProv: WA PostalCode: 98052 Country: US RegDate: 1998-07-10 Updated: 2025-06-10 Comment: To report suspected security issues specific to traffic emanating from Microsoft online services, including the distribution of malicious content or other illicit or illegal material through a Microsoft online service, please submit reports to: Comment: * https://cert.microsoft.com. Comment: Comment: For SPAM and other abuse issues, such as Microsoft Accounts, please contact: Comment: * [email protected]. Comment: Comment: To report security vulnerabilities in Microsoft products and services, please contact: Comment: * [email protected]. Comment: Comment: For legal and law enforcement-related requests, please contact: Comment: * [email protected] Comment: Comment: For routing, peering or DNS issues, please Comment: contact: Comment: * [email protected] Ref: https://rdap.arin.net/registry/entity/MSFT OrgTechHandle: BEDAR6-ARIN OrgTechName: Bedard, Dawn OrgTechPhone: +1-425-538-6637 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/BEDAR6-ARIN OrgAbuseHandle: MAC74-ARIN OrgAbuseName: Microsoft Abuse Contact OrgAbusePhone: +1-425-882-8080 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/MAC74-ARIN OrgTechHandle: MRPD-ARIN OrgTechName: Microsoft Routing, Peering, and DNS OrgTechPhone: +1-425-882-8080 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/MRPD-ARIN OrgTechHandle: IPHOS5-ARIN OrgTechName: IPHostmaster, IPHostmaster OrgTechPhone: +1-425-538-6637 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/IPHOS5-ARIN OrgTechHandle: SINGH683-ARIN OrgTechName: Singh, Prachi OrgTechPhone: +1-425-707-5601 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/SINGH683-ARIN OrgRoutingHandle: CHATU3-ARIN OrgRoutingName: Chaturmohta, Somesh OrgRoutingPhone: +1-425-882-8080 OrgRoutingEmail: [email protected] OrgRoutingRef: https://rdap.arin.net/registry/entity/CHATU3-ARIN
references
https://metadefender.com/results/file/bzI1MDMwMVFWaXRDS0hpWElYcnV0QllCYlB1, https://mwdb.cert.pl/file/efb45096e24a61b488eb809bd8edf874d15bb498dd75ced8b888b020c87e5c6c, https://n0paste.eu/UH6n5pD/, https://www.virustotal.com/graph/embed/g4ba19a7ec3564c599b1b8d19935cc3ccb7b538708e9b4a3b9048ec86e0062e01?theme=dark, https://www.virustotal.com/gui/collection/a5dc2ae56e9df5e39030274a91a061120d8e57309aed6be14334f7bfd5264726, https://www.virustotal.com/gui/collection/a5dc2ae56e9df5e39030274a91a061120d8e57309aed6be14334f7bfd5264726/iocs, https://www.virustotal.com/gui/collection/a5dc2ae56e9df5e39030274a91a061120d8e57309aed6be14334f7bfd5264726/community, https://www.virustotal.com/gui/collection/a5dc2ae56e9df5e39030274a91a061120d8e57309aed6be14334f7bfd5264726/graph, https://www.virustotal.com/gui/collection/c1ea74232c607b23ded09484664f00ae58f911ccb82433d042056cbb84c9d602/summary, https://www.virustotal.com/gui/collection/c1ea74232c607b23ded09484664f00ae58f911ccb82433d042056cbb84c9d602/iocs, https://www.virustotal.com/graph/embed/ga590434b8e274dc99fd39dd298c8c786abff51132c8d4646bb3fb3f1f4c3d100?theme=dark, https://www.virustotal.com/graph/embed/g16457cd5ead246d99d2ecf37b965641b258cffddb8374ad194cdea194868d1ec?theme=dark, https://www.virustotal.com/graph/embed/g2ef035cd31754a649909336c174aa141b9cca7e431994d12969e0d9d73a01b71?theme=dark, https://www.virustotal.com/graph/embed/g1ea71614909243c1a291970fa39651a2d169deef25b7418fab2f0299221eb152?theme=dark, https://www.virustotal.com/graph/embed/g20d14d97883a4127a500c45fcfb6e3e4961a30ef4bf74db7ab918bcbdb3f476b?theme=dark, https://www.virustotal.com/gui/collection/c1ea74232c607b23ded09484664f00ae58f911ccb82433d042056cbb84c9d602/graph, https://www.filescan.io/uploads/66feb74d83903120b70c820f/reports/0a3a6c27-a872-4e0c-86a4-0fc690fb5ecd/details, https://tip.neiki.dev/file/fb0b66efe3b780270db0693b6df42dd08068428b86fc1a579fe5117d4ae76e07/network, http://www.hybrid-analysis.com/file-collection/66febb8ee0244a7af5014d61, https://www.virustotal.com/graph/embed/g993ffeadf3fd4998ab224cfe2c747905168b064bf4ca43c8aaebcbfa1218cd32?theme=dark, https://www.virustotal.com/gui/collection/2b4bc65a1e84ddb7b105db1d321d35473978d8a0f29fe78f54400f08a3d8caff/summary, https://www.virustotal.com/gui/collection/2b4bc65a1e84ddb7b105db1d321d35473978d8a0f29fe78f54400f08a3d8caff/iocs, https://www.virustotal.com/gui/collection/2b4bc65a1e84ddb7b105db1d321d35473978d8a0f29fe78f54400f08a3d8caff/graph, 07.02.24 - dos - DLLExplorer.log, https://www.virustotal.com/gui/collection/a6a81c8412b19ac6357a7c6e978c31a38d52a75fbb3b2e44f0f1a2bf0deb8a58/iocs, https://www.virustotal.com/graph/embed/gc82d8656321749c4b614638eae5ff3f8bc3f23333b1b4df48879c6507a2adefb?theme=dark, https://www.virustotal.com/graph/embed/gfd0d5ec2257d4d19b8f451a22122e08984275c46301648eeb424004a0a52cc97?theme=dark

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 12 days ago
Appeared in 4 threat reports