JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.69.70.126

172.69.70.126 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 0%: ?

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇺🇸 United States of America
City	Atlanta, Georgia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Important Note: 172.69.70.126 is an IP address from within our whitelist belonging to the subnet 172.64.0.0/13, which we identify as: "Cloudflare Reverse Proxy".

Whitelisted netblocks are typically owned by trusted entities, such as Google or Microsoft who may use them for search engine spiders. However, these same entities sometimes also provide cloud servers and mail services which are easily abused. Pay special attention when trusting or distrusting these IPs.

Report 172.69.70.126

Whois 172.69.70.126

IP Abuse Reports for 172.69.70.126:

This IP address has been reported a total of 36 times from 19 distinct sources. 172.69.70.126 was first reported on December 20th 2020, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-17 01:12:43 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 172.69.70.126 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 172.69.70.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 21:12:37.246083 2026] [security2:error] [pid 30617:tid 30644] [client 172.69.70.126:13771] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.jd-web-designs.com"] [uri "/.git/config"] [unique_id "ajH0hSS2N5-GZHA8YQFDAwAAAFg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-11 21:04:47 (5 days ago)	LH-Watcher: FAKE_ID [Fake Googlebot]	Bad Web Bot
🇺🇦 URAN Publishing Service	2026-03-28 04:42:18 (2 months ago)	172.69.70.126 - - [28/Mar/2026:06:42:16 +0200] "GET /wp-content/uploads/2024/ HTTP/1.1" 404 280 "-" ... show more 172.69.70.126 - - [28/Mar/2026:06:42:16 +0200] "GET /wp-content/uploads/2024/ HTTP/1.1" 404 280 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0" 172.69.70.126 - - [28/Mar/2026:06:42:18 +0200] "GET /wp-content/uploads/2025/ HTTP/1.1" 404 280 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" ... show less	Web App Attack
🇺🇸 myagent.site	2026-03-19 20:01:26 (2 months ago)	Blocking for trying to access an exploit file: /root/.env	Hacking
Anonymous	2025-12-14 22:56:56 (6 months ago)	[Sun Dec 14 23:56:20.702987 2025] [authz_core:error] [pid 30459] [client 172.69.70.126:13915] AH0163 ... show more [Sun Dec 14 23:56:20.702987 2025] [authz_core:error] [pid 30459] [client 172.69.70.126:13915] AH01630: client denied by server configuration: /etc/httpd/htdocs, referer: https://www.google.co.uk/ [Sun Dec 14 23:56:24.578563 2025] [authz_core:error] [pid 30459] [client 172.69.70.126:13915] AH01630: client denied by server configuration: /etc/httpd/htdocs, referer: https://www.google.fr/ [Sun Dec 14 23:56:55.850652 2025] [authz_core:error] [pid 29272] [client 172.69.70.126:13679] AH01630: client denied by server configuration: /etc/httpd/htdocs, referer: https://www.google.de/ ... show less	Web App Attack
🇫🇷 Campus France	2025-11-25 12:36:34 (6 months ago)	172.69.70.126 - - [25/Nov/2025:13:36:33 +0100] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 413 " ... show more 172.69.70.126 - - [25/Nov/2025:13:36:33 +0100] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 413 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 172.69.70.126 - - [25/Nov/2025:13:36:34 +0100] "GET /xmlrpc.php?rsd HTTP/1.1" 404 412 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 172.69.70.126 - - [25/Nov/2025:13:36:34 +0100] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 412 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 172.69.70.126 - - [25/Nov/2025:13:36:34 +0100] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 412 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 172.69.70.126 - - [25/Nov/2025:13:36:34 +0100] "GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 412 "-" "Mozill ... show less	Brute-Force Web App Attack
🇩🇪 Blexyel	2025-10-19 10:02:23 (7 months ago)	172.69.70.126 - - [19/Oct/2025:12:02:23 +0200] "GET /modules/mod_simplefileuploadv1.3/elements/udd.p ... show more 172.69.70.126 - - [19/Oct/2025:12:02:23 +0200] "GET /modules/mod_simplefileuploadv1.3/elements/udd.php HTTP/1.1" 404 153 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" "v.pingusmc.org" ... show less	Brute-Force Web App Attack
🇺🇸 thefoofighter	2025-08-18 17:11:04 (9 months ago)	[Mon Aug 18 17:11:03.344107 2025] [:error] [pid 1296221] [client 172.69.70.126:25688] [client 172.69 ... show more [Mon Aug 18 17:11:03.344107 2025] [:error] [pid 1296221] [client 172.69.70.126:25688] [client 172.69.70.126] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.cathalmcnally.com"] [uri "/logs/app.log"] [unique_id "aKNep52NHJetIm1wkbpR-QAAABM"] [Mon Aug 18 17:11:03.669115 2025] [:error] [pid 1296221] [client 172.69.70.126:25688] [client 172.69.70.126] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OW ... show less	Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2025-04-18 23:06:08 (1 year ago)	2025-04-18 18:49:15 /	Web App Attack
🇯🇵 S.O.B.A. Dev.	2025-02-21 22:19:43 (1 year ago)	Persistent port scanning or vulnerability scanning	Port Scan
🇳🇱 Study Bitcoin 🤗	2025-01-31 06:20:39 (1 year ago)	Port probe to tcp/443 (https) [srv125]	Port Scan Brute-Force Bad Web Bot Web App Attack
🇳🇱 Study Bitcoin 🤗	2025-01-03 19:52:38 (1 year ago)	Port probe to tcp/80 (http) [srv125]	Port Scan Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-11-13 16:31:15 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 172.69.70.126 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 172.69.70.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 13 11:31:09.921492 2024] [security2:error] [pid 4260:tid 4260] [client 172.69.70.126:11356] [client 172.69.70.126] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 34.139.96.157 (0+1 hits since last alert)\|virtualizecr.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "virtualizecr.net"] [uri "/xmlrpc.php"] [unique_id "ZzTUTTVW0-o8cv45e0-GswAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 Kinsei Engineering Inc.	2024-10-16 00:41:15 (1 year ago)	UFW:High-frequency access to unused ports	Port Scan
Anonymous	2024-07-03 14:43:23 (1 year ago)	Jul 3 16:43:22 syscgn kernel: [2751092.747418] [UFW BLOCK] IN=eth0 OUT= MAC=0a:d1:7f:3c:98:09:bc:0f ... show more Jul 3 16:43:22 syscgn kernel: [2751092.747418] [UFW BLOCK] IN=eth0 OUT= MAC=0a:d1:7f:3c:98:09:bc:0f:fe:37:fb:a2:08:00 SRC=172.69.70.126 DST=185.194.141.106 LEN=60 TOS=0x08 PREC=0x80 TTL=56 ID=6654 DF PROTO=TCP SPT=16076 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0 ... show less	Hacking

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4001:c70::127

🇳🇱 185.136.15.11

🇻🇳 180.93.245.203

🇺🇸 165.154.162.237

🇨🇳 111.26.67.36

🇮🇳 103.85.9.65

🇻🇳 103.74.116.219

🇺🇸 89.117.120.200

🇨🇦 85.217.149.38

🇨🇦 85.217.149.20

🇺🇸 66.132.224.89

🇺🇸 45.156.129.95

🇰🇷 43.203.174.127

🇷🇺 37.204.2.122

🇧🇷 20.226.2.115

🇨🇳 139.170.72.147

🇺🇸 104.194.10.16

🇵🇱 95.214.53.157

🇫🇷 89.117.57.182

🇸🇬 85.203.21.115