I've been analyzing traffic with Heka and noticed that right after the bot visited site, it got bunch of brute-forcing attempts to Worpdress site. So the first tool I used was https://www.ipalyzer.com/207.46.13.105 which reports that this IP is owned by Microsoft and that it is listed in XBL blocklist. And then I got to WTF part http://cbl.abuseat.org/lookup.cgi?ip=207.46.13.105, is this even possible? And just to be sure that this isn't Azure customer I checked http://www.microsoft.com/en-us/download/confirmation.aspx?id=41653 and http://viewdns.info/whois/?domain=207.46.13.105.<p>Anyone encountered something similar?