I detect poneytelecom connections using iftop, but how to block them?

[postcd]

---

I see the http connections using iftop linux tool:

vps:http => 212-129-28-14.rev.poneytelecom.eu:49265 0b 0b 0b
<= 208b 104b 104b
vps:http => 212-129-28-14.rev.poneytelecom.eu:38081 0b 0b 0b
<= 0b 104b 104b
vps:http => 212-129-28-14.rev.poneytelecom.eu:33793 0b 0b 0b
<= 208b 104b 104b
vps:http => 212-129-28-14.rev.poneytelecom.eu:25905 0b 0b 0b
<= 208b 104b 104b
vps:http => 212-129-28-14.rev.poneytelecom.eu:61101 0b 0b 0b
<= 208b 104b 104b
vps:http => 212-129-28-14.rev.poneytelecom.eu:56018 0b 0b 0b
<= 208b 104b 104b
vps:http => 212-129-28-14.rev.poneytelecom.eu:34651 .......

i checked my httpd log folder and found no connections by that IP:
grep -Ril "212.129.28.14|14.28.129.212" /var/zpanel/logs/domains/admin/

Im seeing these connections even i added 212.129.28.14,14.28.129.212 IPs into /etc/hosts.deny which confusing me asking for help what is wrong and how to block it properly. Was looking up if i can block it in iptables according to hostname partial match, but no luck.

[zombykillah]

Not my expertises ... but to me it looks like "212-129-28-14.rev.poneytelecom.eu" tries to open a connection, but your server drops the request ...

vps:http => 212-129-28-14.rev.poneytelecom.eu:49265 0b 0b 0b
<= 208b 104b 104b

You got a request 104byte big ... and send 0byte back ...
Not even a request denied ...
It might get dropped in iptables - so it won't show in the httpd log ...