JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 13.66.139.121

13.66.139.121 was found in our database!

This IP was reported 69 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Hostname(s)	msnbot-13-66-139-121.search.msn.com
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Moses Lake, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 13.66.139.121

Whois 13.66.139.121

IP Abuse Reports for 13.66.139.121:

This IP address has been reported a total of 69 times from 12 distinct sources. 13.66.139.121 was first reported on December 3rd 2020, and the most recent report was 5 years ago.

Old Reports: The most recent abuse report for this IP address is from 5 years ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇭 Sawasdee	2021-03-13 09:06:08 (5 years ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇩🇪 Harbi	2021-03-08 14:34:18 (5 years ago)	brute force attempts, scan for backdoor	Hacking SQL Injection Brute-Force Web App Attack
🇩🇪 seller_service	2021-03-08 06:16:01 (5 years ago)	abuseConfidenceScore blocked for 12h	Web App Attack
Anonymous	2021-03-05 11:11:32 (5 years ago)	WEB_SERVER 403 Forbidden	Hacking
🇫🇷 conseilgouz	2021-02-13 06:06:11 (5 years ago)	cow-Joomla User : try to access forms...	Hacking
🇮🇩 hermawan	2021-02-09 09:56:00 (5 years ago)	[Tue Feb 09 21:56:02.008262 2021] [:error] [pid 18606:tid 139635820848896] [client 13.66.139.121:136 ... show more [Tue Feb 09 21:56:02.008262 2021] [:error] [pid 18606:tid 139635820848896] [client 13.66.139.121:13632] [client 13.66.139.121] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/coreruleset-3.3.1-rc1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "756"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.3.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-musim/3955-prakiraan-musim-kemarau/prakiraan-awal-musim-kemarau/prakiraan-awal-musim-kemarau-di-propinsi-jawa-timur/prakiraan-awal-musim-kemarau-propinsi-jawa-timur-tahun-2019/555557137-prakiraan-awal-musim-kemarau-tahun-2019-zona-musim-di-provinsi-jawa-timur"] [unique_id "YCKigvR ... show less	Hacking Web App Attack
🇮🇩 hermawan	2021-02-09 05:19:54 (5 years ago)	[Tue Feb 09 17:19:55.790294 2021] [:error] [pid 9551:tid 140030253180672] [client 13.66.139.121:2681 ... show more [Tue Feb 09 17:19:55.790294 2021] [:error] [pid 9551:tid 140030253180672] [client 13.66.139.121:26816] [client 13.66.139.121] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/coreruleset-3.3.1-rc1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "756"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.3.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/prakiraan-dasarian/prakiraan-deterministik-curah-hujan-dasarian-provinsi-jawa-timur"] [unique_id "YCJhy6v7XlYgWiPac8G1@QAAAaw"] ... show less	Hacking Web App Attack
🇮🇩 hermawan	2021-02-09 02:29:41 (5 years ago)	[Tue Feb 09 14:29:38.284848 2021] [:error] [pid 13741:tid 140145801414400] [client 13.66.139.121:126 ... show more [Tue Feb 09 14:29:38.284848 2021] [:error] [pid 13741:tid 140145801414400] [client 13.66.139.121:12672] [client 13.66.139.121] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/coreruleset-3.3.1-rc1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "756"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.3.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-musim/295-prakiraan-musim-kemarau/prakiraan-sifat-hujan-musim-kemarau/prakiraan-sifat-hujan-musim-kemarau-di-propinsi-jawa-timur"] [unique_id "YCI54r6ay@C8A7lZe2w@wQAAAaY"] ... show less	Hacking Web App Attack
🇮🇹 LTM	2021-02-08 22:57:03 (5 years ago)	Common Web Attacks	Port Scan Hacking Web App Attack
🇮🇹 LTM	2021-02-07 22:57:07 (5 years ago)	Common Web Attacks	Port Scan Hacking Web App Attack
🇮🇩 hermawan	2021-02-07 15:56:12 (5 years ago)	[Mon Feb 08 03:56:13.212158 2021] [:error] [pid 2856:tid 139692978009856] [client 13.66.139.121:2483 ... show more [Mon Feb 08 03:56:13.212158 2021] [:error] [pid 2856:tid 139692978009856] [client 13.66.139.121:24832] [client 13.66.139.121] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/coreruleset-3.3.1-rc1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "756"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.3.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/profil/sitemap"] [unique_id "YCBT7URn2S8BGlQyI7k6uQAAADw"] ... show less	Hacking Web App Attack
🇮🇩 hermawan	2021-02-07 11:14:53 (5 years ago)	[Sun Feb 07 23:14:54.137778 2021] [:error] [pid 6895:tid 139750890116864] [client 13.66.139.121:1529 ... show more [Sun Feb 07 23:14:54.137778 2021] [:error] [pid 6895:tid 139750890116864] [client 13.66.139.121:15296] [client 13.66.139.121] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/coreruleset-3.3.1-rc1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "756"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.3.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/prakiraan-dasarian/prakiraan-deterministik-curah-hujan-dasarian-provinsi-jawa-timur"] [unique_id "YCAR-g4FxgvQ4UgP-y5l4wAAAh0"] ... show less	Hacking Web App Attack
🇮🇹 LTM	2021-02-06 22:57:24 (5 years ago)	Common Web Attacks	Port Scan Hacking Web App Attack
🇮🇩 hermawan	2021-02-06 12:24:36 (5 years ago)	[Sun Feb 07 00:24:36.873758 2021] [:error] [pid 3927:tid 139637280458496] [client 13.66.139.121:2329 ... show more [Sun Feb 07 00:24:36.873758 2021] [:error] [pid 3927:tid 139637280458496] [client 13.66.139.121:23296] [client 13.66.139.121] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/coreruleset-3.3.1-rc1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "756"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.3.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/profil/sitemap"] [unique_id "YB7Q1LavaRHqWEm8CnzE7wAAAEA"] ... show less	Hacking Web App Attack
🇮🇩 hermawan	2021-02-06 06:49:54 (5 years ago)	[Sat Feb 06 18:49:54.486205 2021] [:error] [pid 19528:tid 139694230705920] [client 13.66.139.121:268 ... show more [Sat Feb 06 18:49:54.486205 2021] [:error] [pid 19528:tid 139694230705920] [client 13.66.139.121:26816] [client 13.66.139.121] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/coreruleset-3.3.1-rc1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "756"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.3.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/profil/sitemap"] [unique_id "YB6CYp1jrgoWrNZ5oTI7IQAAALs"] ... show less	Hacking Web App Attack

Showing 1 to 15 of 69 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.43

🇮🇩 182.4.71.12

🇺🇦 176.99.98.63

🇮🇩 157.85.206.248

🇭🇰 152.32.239.122

🇫🇮 147.185.133.116

🇺🇸 147.185.132.31

🇷🇺 147.45.48.17

🇨🇳 123.245.85.204

🇨🇳 120.230.255.174

🇮🇩 114.8.203.255

🇮🇩 114.4.213.198

🇰🇷 110.14.190.221

🇮🇳 103.133.64.13

🇫🇷 51.159.115.116

🇷🇺 45.132.18.40

🇬🇧 35.203.210.65

🇺🇸 216.180.246.49

🇩🇪 213.209.159.241

🇧🇪 198.235.24.252