JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.214.44.4

172.214.44.4 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 70%: ?

70%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.214.44.4

Whois 172.214.44.4

IP Abuse Reports for 172.214.44.4:

This IP address has been reported a total of 29 times from 23 distinct sources. 172.214.44.4 was first reported on July 15th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Ba-Yu	2026-06-14 17:21:23 (1 day ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇦🇺 LiftUp Hosting	2026-06-14 15:21:55 (1 day ago)	Honeypot hit: Empty payload (likely service probe); 2086 [3], 2087 [2], 2082 [1], 2083 [1], 2095 [1] ... show more Honeypot hit: Empty payload (likely service probe); 2086 [3], 2087 [2], 2082 [1], 2083 [1], 2095 [1], 2078 [1] TCP show less	Port Scan
🇧🇪 voormedia	2026-06-14 12:51:34 (1 day ago)	Accessed trap at '/.git/HEAD'	Web App Attack
🇫🇷 dynamix	2026-06-14 12:35:46 (1 day ago)	Multiple WAF Violations	Web App Attack
🇷🇴 gtheo99	2026-06-14 11:52:45 (1 day ago)	(cpanel) Failed cPanel login from 172.214.44.4 (US/United States/-): 2 in the last 900 secs	Brute-Force Web App Attack
🇺🇸 Axel	2026-06-14 11:39:13 (1 day ago)	Blocked by UFW on MVI [443/tcp] \| SPT: 28365 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github.c ... show more Blocked by UFW on MVI [443/tcp] \| SPT: 28365 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇮 kumiko	2026-06-03 16:41:41 (1 week ago)	[2026-06-03 19:41:40] Probing for exploits [1 requests] "\x16\x03\x01\x02" 301	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-02 10:12:25 (1 week ago)	Jun 2 06:12:25 localhost kernel: [108740462.164206] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:9 ... show more Jun 2 06:12:25 localhost kernel: [108740462.164206] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=172.214.44.4 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x40 TTL=45 ID=56946 DF PROTO=TCP SPT=48387 DPT=8443 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 2 06:12:25 localhost kernel: [108740462.164230] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=172.214.44.4 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x40 TTL=45 ID=56946 DF PROTO=TCP SPT=48387 DPT=8443 SEQ=2805755189 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405A00402080A5BCCB7B0000000000103030A) Jun 2 06:12:25 localhost kernel: [108740462.164883] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=172.214.44.4 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x40 TTL=45 ID=22337 DF PROTO=TCP SPT=48387 DPT=2086 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 2 06:12:25 localhost kernel: [108740462.171136] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e show less	Port Scan
🇺🇸 MPL	2026-06-02 10:06:13 (1 week ago)	tcp port scan (7 or more attempts)	Port Scan
🇳🇱 BIV	2026-06-02 08:45:52 (1 week ago)	Honeypot multi-source hit. Sources: dshield:fw,tpot:P0f,tpot:Suricata. Ports: 2082,2083,2086,2087,44 ... show more Honeypot multi-source hit. Sources: dshield:fw,tpot:P0f,tpot:Suricata. Ports: 2082,2083,2086,2087,443,8080,8443. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking Bad Web Bot
🇺🇸 MPL	2026-06-02 08:12:09 (1 week ago)	tcp port scan (8 or more attempts)	Port Scan
🇵🇱 Yachiyo Runami	2026-06-02 07:16:16 (1 week ago)	Port Scan on Honeypot \| Ports: 8080/HTTP-proxy, 80/HTTP \| Proto: TCP(2) \| Flags: all SYN \| TTL: 43-4 ... show more Port Scan on Honeypot \| Ports: 8080/HTTP-proxy, 80/HTTP \| Proto: TCP(2) \| Flags: all SYN \| TTL: 43-44 \| Len: 60B(2x) \| Win: 64240(2) \| F2B/ufw-honeypot@2026-06-02T07:16:16Z show less	Port Scan Hacking
🇮🇪 AutosOnShow	2026-06-02 06:36:05 (1 week ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-02 06:35:33.278 \|	Web App Attack
🇹🇷 Threat.live	2026-06-02 06:25:06 (1 week ago)	Suspicious Connection Attempts	Brute-Force
🇩🇪 2048	2026-05-11 14:24:39 (1 month ago)	2026-05-11T16:24:35.806082+02:00 machodeer kernel: [1217392.265529] [UFW BLOCK] IN=ens3 OUT= MAC=RED ... show more 2026-05-11T16:24:35.806082+02:00 machodeer kernel: [1217392.265529] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=172.214.44.4 DST=REDACTED LEN=60 TOS=0x08 PREC=0x20 TTL=42 ID=18580 DF PROTO=TCP SPT=1160 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-05-11T16:24:36.822704+02:00 machodeer kernel: [1217393.282231] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=172.214.44.4 DST=REDACTED LEN=60 TOS=0x08 PREC=0x20 TTL=42 ID=18581 DF PROTO=TCP SPT=1160 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-05-11T16:24:37.846552+02:00 machodeer kernel: [1217394.306326] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=172.214.44.4 DST=REDACTED LEN=60 TOS=0x08 PREC=0x20 TTL=42 ID=18582 DF PROTO=TCP SPT=1160 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Port Scan

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.243

🇰🇪 197.248.207.139

🇲🇽 187.191.48.5

🇧🇷 45.71.123.226

🇷🇴 2.57.122.177

🇺🇸 2a03:2880:7ff:56::

🇺🇸 216.180.246.6

🇧🇬 193.24.211.107

🇺🇸 192.3.13.105

🇮🇷 188.253.64.22

🇧🇷 170.80.65.140

🇺🇸 152.32.182.41

🇻🇳 116.110.216.230

🇨🇦 85.217.149.45

🇩🇪 81.169.154.173

🇺🇸 66.132.172.182

🇺🇸 50.46.141.125

🇨🇴 38.252.93.30

🇺🇸 34.41.247.182

🇺🇸 20.46.244.172