JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.214.44.50

172.214.44.50 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 55%: ?

55%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.214.44.50

Whois 172.214.44.50

IP Abuse Reports for 172.214.44.50:

This IP address has been reported a total of 23 times from 19 distinct sources. 172.214.44.50 was first reported on September 13th 2025, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 sgwid	2026-06-03 13:40:59 (13 hours ago)	172.214.44.50 - - [03/Jun/2026:06:54:33 +0000] "GET /.git/HEAD HTTP/1.1" 301 162 "-" "Mozilla/5.0 (W ... show more 172.214.44.50 - - [03/Jun/2026:06:54:33 +0000] "GET /.git/HEAD HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" 172.214.44.50 - - [03/Jun/2026:06:54:35 +0000] "GET /.env HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 172.214.44.50 - - [03/Jun/2026:06:54:42 +0000] "GET /.aws/credentials HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 172.214.44.50 - - [03/Jun/2026:06:54:45 +0000] "GET /phpinfo.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" show less	Hacking Bad Web Bot Web App Attack
🇵🇱 WinnieHoneypots	2026-06-03 07:45:03 (19 hours ago)	Crappy bot probing nonexistent /.git/HEAD	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 06:44:14 (20 hours ago)	(mod_security) mod_security (id:210492) triggered by 172.214.44.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 172.214.44.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 02:44:11.547159 2026] [security2:error] [pid 27201:tid 27201] [client 172.214.44.50:12307] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.70"] [uri "/.git/HEAD"] [unique_id "ah_NO8XsqdxiNWn7nmy6JQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 PeravixGroup	2026-06-03 05:12:16 (21 hours ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇳🇱 homeshowdomain.nl	2026-05-29 22:08:03 (5 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-28. show less	Web App Attack SSH Hacking
🇨🇭 4server	2026-05-28 09:57:13 (6 days ago)	[ThuMay2811:57:09.3032022026][security2:error][pid3779324:tid3779484][client172.214.44.50:0]ModSecur ... show more [ThuMay2811:57:09.3032022026][security2:error][pid3779324:tid3779484][client172.214.44.50:0]ModSecurity:Accessdeniedwithcode403$phase1$.Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"privilege-service.ch\"][uri\"/config/.env\"][unique_id\"ahgRdZu1ffLGPIesdfAB9QAAAAk\"] show less	Hacking Web App Attack
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-07 15:08:54 (3 weeks ago)	Honeypot hit: Brute-force attack detected on 22/SSH • Credentials used: root:xxxx, root:wwww, root:e ... show more Honeypot hit: Brute-force attack detected on 22/SSH • Credentials used: root:xxxx, root:wwww, root:eeeeeeeee, root:r, root:rrrr, root:rrr, root:nnnnnnnn, root:nnnnnnnnnn, root:m, root:mm, root:mmm, root:P@$$worD12, root:QWEqaz!@#123, root:QWEqaz!@#1234, root:Password0123, root:PassworD1, root:password10, root:password11, root:password12, root:flvbybcnhfnjh, root:admin1, root:P@ssw0rd, root:cthdth, root:user, root:qwe!@#123, root:qwe123123, root:qwe12345, root:Abc884, root:Abc886 • Number of login attempts: 29 • Client: SSH-2.0-Go show less	Hacking Brute-Force SSH
Anonymous	2026-05-07 14:58:58 (3 weeks ago)	(sshd) Failed SSH login from 172.214.44.50 (US/United States/-)	Brute-Force SSH
🇨🇳 さいとうあすか	2026-05-07 14:58:41 (3 weeks ago)	2026-05-07T22:58:38.108663+08:00 pbs sshd[1142612]: pam_unix(sshd:auth): authentication failure; log ... show more 2026-05-07T22:58:38.108663+08:00 pbs sshd[1142612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.214.44.50 user=root 2026-05-07T22:58:39.917990+08:00 pbs sshd[1142612]: Failed password for root from 172.214.44.50 port 5137 ssh2 ... show less	Brute-Force SSH
🇯🇵 demonsword	2026-05-06 19:48:07 (4 weeks ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: api.binance.com:443 show less	Open Proxy Port Scan
🇮🇱 spd.co.il	2026-04-09 10:01:47 (1 month ago)	Web application attack detected	Hacking Web App Attack
🇺🇸 octageeks.com	2026-04-08 04:06:29 (1 month ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇳🇱 homeshowdomain.nl	2026-04-07 22:06:56 (1 month ago)	Auto-ban: >3000 req/min op 2026-04-07	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-04-07 12:48:35 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 172.214.44.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 172.214.44.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 08:48:29.822971 2026] [security2:error] [pid 1478572:tid 1478572] [client 172.214.44.50:29966] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pathpointexec.com"] [uri "/.git/config"] [unique_id "adT9HR0gyVbZHV8I-FyKzgAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 rakkor	2026-04-07 12:46:31 (1 month ago)	2026/04/07 13:46:30 [error] 1552#1552: 4852012 open() "/usr/syno/synoman/@fs/etc/passwd" failed (2: ... show more 2026/04/07 13:46:30 [error] 1552#1552: 4852012 open() "/usr/syno/synoman/@fs/etc/passwd" failed (2: No such file or directory), client: 172.214.44.50, server: sso.rakkor.uk, request: "GET /@fs/etc/passwd?raw?? HTTP/2.0", host: "sso.rakkor.uk", referrer: "https://github.com/" 2026/04/07 13:46:30 [error] 1552#1552: *4852012 open() "/usr/syno/synoman/@fs/etc/passwd" failed (2: No such file or directory), client: 172.214.44.50, server: sso.rakkor.uk, request: "GET /@fs/etc/passwd?import&raw?? HTTP/2.0", host: "sso.rakkor.uk" ... show less	Brute-Force Hacking Web App Attack

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.242.226.73

🇺🇸 173.252.69.7

🇧🇷 164.163.150.100

🇳🇱 154.16.180.28

🇺🇸 103.144.28.85

🇺🇸 91.230.168.129

🇺🇸 91.230.168.102

🇨🇦 85.217.149.74

🇯🇲 69.160.103.11

🇬🇧 35.203.210.181

🇺🇸 34.227.58.132

🇫🇷 2a02:c207:2334:5065::1

🇨🇳 222.91.124.34

🇺🇸 216.180.246.115

🇧🇷 201.69.32.200

🇧🇷 138.97.243.18

🇭🇰 114.111.53.116

🇺🇸 107.174.13.146

🇩🇪 89.106.74.199

🇮🇳 45.40.57.23