JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.70.1.167

212.70.1.167 was found in our database!

This IP was reported 74 times. Confidence of Abuse is 100%: ?

100%

ISP	HostRoyale Technologies Pvt Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS133499
Domain Name	hostroyale.com
Country	🇦🇺 Australia
City	Melbourne, Victoria

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.70.1.167

Whois 212.70.1.167

IP Abuse Reports for 212.70.1.167:

This IP address has been reported a total of 74 times from 62 distinct sources. 212.70.1.167 was first reported on June 7th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 geot	2026-06-09 10:33:14 (1 week ago)	HEAD /azure-pipelines.yml HTTP/1.1	Web App Attack
🇳🇱 JCB	2026-06-09 07:50:00 (1 week ago)	212.70.1.167 - - [08/Jun/2026:15:07:53 +0300] "HEAD /database.php.swp HTTP/1.1" 404 - "-" "Mozilla/5 ... show more 212.70.1.167 - - [08/Jun/2026:15:07:53 +0300] "HEAD /database.php.swp HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; WhiteWebSecurity/1.0; +https://whitewebsecurity.com; [email protected])" ... show less	Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-08 22:00:17 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-07. show less	Web App Attack SSH Hacking
🇩🇪 FeG Deutschland	2026-06-08 15:04:24 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇵🇱 dzpk	2026-06-08 14:32:56 (1 week ago)	[08/Jun/2026:16:28:09 +0200] 178092888992.461372 212.70.1.167 41839 HOST 443 [08/Jun/2026:16:31:15 + ... show more [08/Jun/2026:16:28:09 +0200] 178092888992.461372 212.70.1.167 41839 HOST 443 [08/Jun/2026:16:31:15 +0200] 178092907530.593198 212.70.1.167 44233 HOST 443 [08/Jun/2026:16:32:55 +0200] 178092917572.128544 212.70.1.167 34749 HOST 443 show less	Web App Attack
🇧🇪 voormedia	2026-06-08 13:20:50 (1 week ago)	Accessed trap at '/.aws/credentials'	Web App Attack
🇧🇪 voormedia	2026-06-08 12:37:08 (1 week ago)	Accessed trap at '/.circleci/config.yml'	Web App Attack
🇪🇸 el-brujo	2026-06-08 12:34:20 (1 week ago)	Cloudflare WAF: Request Path: /.env.old Request Query: Host: foro.elhacker.net userAgent: Mozilla/5 ... show more Cloudflare WAF: Request Path: /.env.old Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (compatible; WhiteWebSecurity/1.0; +https://whitewebsecurity.com; [email protected]) Action: block Source: firewallManaged ASN Description: HostRoyale Technologies Pvt Ltd Country: AU Method: HEAD Timestamp: 2026-06-08T12:34:20Z ruleId: c04705c7adee4ce3a763bd5e18135e0c. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇫🇷 bazter.pro	2026-06-08 12:08:09 (1 week ago)	Auto-Ban [2026-06-08 15:07:59]: CRITICAL: .env attack; DC: HostRoyale Technologies Pvt Ltd [Paths: 2 ... show more Auto-Ban [2026-06-08 15:07:59]: CRITICAL: .env attack; DC: HostRoyale Technologies Pvt Ltd [Paths: 26] \| Details: Exploit trap paths: /database.sql, /.env.php.swp, /db.sql, /.ssh/id_ed25519, /.env \| Sensitive files/paths: /terraform.tfvars.swp, /config.yml.swp, /database.sql, /web.config.swp, /.env.php.swp \| 404 errors (22): /id_rsa, /config/database.php, /.docker/config.json, /terraform.tfvars.swp, /settings/production.py, /Jenkinsfile, /.travis.yml, /auth.json, /terraform.tfvars, /persistence.xml (and 10 more) \| 403 errors (3): /database.sql, /config.yml.swp, /web.config.swp \| Other paths: /secrets.json, /context.xml, /.terraform/terraform.tfstate show less	Web App Attack Hacking
🇫🇷 Coco Bongo	2026-06-08 11:53:39 (1 week ago)	212.70.1.167 [redacted].contaboserver.net (133499-HostRoyale Technologies Pvt Ltd Australia Sydney) ... show more 212.70.1.167 [redacted].contaboserver.net (133499-HostRoyale Technologies Pvt Ltd Australia Sydney) - - [08/Jun/2026:13:50:34 +0200] "HEAD /.secrets.swp HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; Wh ... show less	Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-08 11:40:45 (1 week ago)	URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .b ... show more URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .backup/ .bak/ .bck/ .bk/ .bkp/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .cnf/ .com/ .compositefont/ .config/ .conf/ .copy/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll/ .dos/ .dpkg-dist/ .drv/ .gadget/ .hta/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .inf/ .ini/ .jks/ .jse/ .key/ .licx/ .lnk/ .log/ .mdb/ .msc/ .ocx/ .old/ .pass/ .pdb/ .pfx/ .pif/ .pem/ .pol/ .prf/ .printer/ .pwd/ .rdb/ .rdp/ .reg/ .resources/ .resx/ .sav/ .save/ .scr/ .sct/ .sh/ .shs/ .sql/ .sqlite/ .sqlite3/ .swap/ .swo/ .swp/ .sys/ .temp/ .tfstate/ .tlb/ .tmp/ .vb/ .vbe/ .vbs/ .vbproj/ .vsdisco/ .vxd/ .webinfo/ .ws/ .wsc/ .wsf/ .wsh/ .xsd/ .xsx/" at TX:extension. (920440-193) show less	Hacking
🇫🇷 LoneRider	2026-06-08 11:34:41 (1 week ago)	[08/Jun/2026:13:33:32.659889 +0200] aiaojKwA69BlqZ3GnKB40QAAAAo 212.70.1.167 59366 127.0.0.1 7081 [0 ... show more [08/Jun/2026:13:33:32.659889 +0200] aiaojKwA69BlqZ3GnKB40QAAAAo 212.70.1.167 59366 127.0.0.1 7081 [08/Jun/2026:13:33:39.363630 +0200] aiaok-JYkd7-KwJrKZ-kBgAAAAY 212.70.1.167 59432 127.0.0.1 7081 [08/Jun/2026:13:34:41.166071 +0200] aiao0UxARtICYESdPP96jAAAAAc 212.70.1.167 41450 127.0.0.1 7080 ... show less	Hacking
🇫🇮 as211431.net	2026-06-08 10:54:03 (1 week ago)	Triggered Cloudflare WAF (firewallCustom) from AU. Action taken: BLOCK Protocol: HTTP/1.1 (HEAD meth ... show more Triggered Cloudflare WAF (firewallCustom) from AU. Action taken: BLOCK Protocol: HTTP/1.1 (HEAD method) Endpoint: /.git/index UA: Mozilla/5.0 (compatible; WhiteWebSecurity/1.0; +https://whitewebsecurity.com; [email protected]) This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇫🇷 omartin	2026-06-08 10:48:52 (1 week ago)	Critical Vulnerability Scan detected	Hacking Brute-Force Exploited Host Web App Attack
🇫🇷 vtchost.com	2026-06-08 10:47:12 (1 week ago)	vtchost.com:443 212.70.1.167 - - [08/Jun/2026:12:47:11 +0200] "HEAD /.database.php.swp HTTP/1.1" 404 ... show more vtchost.com:443 212.70.1.167 - - [08/Jun/2026:12:47:11 +0200] "HEAD /.database.php.swp HTTP/1.1" 404 2703 "-" "Mozilla/5.0 (compatible; WhiteWebSecurity/1.0; +https://whitewebsecurity.com; [email protected])" ... show less	Web App Attack

Showing 1 to 15 of 74 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.139.231

🇺🇸 156.232.13.161

🇫🇷 152.228.135.83

🇳🇱 93.158.210.52

🇳🇱 92.63.197.5

🇨🇦 85.217.149.8

🇧🇬 78.128.112.74

🇺🇸 45.33.109.18

🇺🇸 45.33.12.122

🇺🇸 20.64.105.19

🇬🇧 193.176.29.25

🇳🇮 190.212.214.85

🇦🇷 190.195.232.151

🇩🇪 178.83.45.218

🇺🇸 174.202.2.7

🇧🇷 168.138.232.38

🇺🇸 162.216.150.78

🇸🇬 159.223.32.146

🇮🇳 150.241.244.100

🇧🇪 146.148.13.38