JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2001:67c:289c:2::35

2001:67c:289c:2::35 was found in our database!

This IP was reported 99 times. Confidence of Abuse is 20%: ?

20%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Foreningen for digitala fri- och rattigheter
Usage Type	Fixed Line ISP
ASN	AS198093
Domain Name	dfri.net
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2001:67c:289c:2::35

Whois 2001:67c:289c:2::35

IP Abuse Reports for 2001:67c:289c:2::35:

This IP address has been reported a total of 99 times from 15 distinct sources. 2001:67c:289c:2::35 was first reported on July 25th 2025, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-12 12:11:17 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 2001:67c:289c:2::35 (tor-exit-read-me.dfri.se): ... show more (mod_security) mod_security (id:210492) triggered by 2001:67c:289c:2::35 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 08:11:10.447414 2026] [security2:error] [pid 26177:tid 26177] [client 2001:67c:289c:2::35:50198] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.klam.nyc"] [uri "/.git/config"] [unique_id "aiv3Xovm2Kpshu5E61yKKAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 22:26:24 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 2001:67c:289c:2::35 (tor-exit-read-me.dfri.se): ... show more (mod_security) mod_security (id:210492) triggered by 2001:67c:289c:2::35 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 18:26:14.729335 2026] [security2:error] [pid 19102:tid 19102] [client 2001:67c:289c:2::35:48618] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.picklebillystayandplay.com"] [uri "/.git/config"] [unique_id "ais2BpG3789VlajBioKg9gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 11:54:45 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2001:67c:289c:2::35 (tor-exit-read-me.dfri.se): ... show more (mod_security) mod_security (id:210492) triggered by 2001:67c:289c:2::35 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 07:54:39.085974 2026] [security2:error] [pid 3417:tid 3417] [client 2001:67c:289c:2::35:57654] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.mms-boss.net"] [uri "/.git/config"] [unique_id "aiK4_xIW3K106MoUgjdYKQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-05-23 02:08:00 (3 weeks ago)	IPBlock protected site ID [3717-sec]. Robotic site crawling, undeclared spider	Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-04-27 08:52:39 (1 month ago)	Blocked by UFW (TCP on 9999) Source port: 43700 Packet length: 80 This report (for 2001:067c:289c:0 ... show more Blocked by UFW (TCP on 9999) Source port: 43700 Packet length: 80 This report (for 2001:067c:289c:0002:0000:0000:0000:0035) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Ping of Death
Anonymous	2026-04-26 21:01:27 (1 month ago)	2026-04-26 08:00:23,132 fail2ban.actions [7718]: NOTICE [tor] Ban 2001:67c:289c:2::35 2026-0 ... show more 2026-04-26 08:00:23,132 fail2ban.actions [7718]: NOTICE [tor] Ban 2001:67c:289c:2::35 2026-04-26 12:01:23,049 fail2ban.actions [7718]: NOTICE [tor] Ban 2001:67c:289c:2::35 2026-04-26 18:01:20,803 fail2ban.actions [7718]: NOTICE [tor] Ban 2001:67c:289c:2::35 2026-04-26 21:01:17,818 fail2ban.actions [7718]: NOTICE [tor] Ban 2001:67c:289c:2::35 2026-04-27 00:01:26,357 fail2ban.actions [7718]: NOTICE [tor] Ban 2001:67c:289c:2::35 show less	Brute-Force
🇺🇸 TPI-Abuse	2026-04-22 10:38:55 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2001:67c:289c:2::35 (tor-exit-read-me.dfri.se): ... show more (mod_security) mod_security (id:210492) triggered by 2001:67c:289c:2::35 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 22 06:38:46.635932 2026] [security2:error] [pid 22524:tid 22524] [client 2001:67c:289c:2::35:41558] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "technesa.com"] [uri "/wp-config.php.sample"] [unique_id "aeilNnwV_10oeOr63X30wAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-03-26 20:36:18 (2 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 xmission.com	2026-03-12 18:42:40 (3 months ago)	Blocked by UFW (TCP on 8333) Source port: 54144 Packet length: 80 This report (for 2001:067c:289c:0 ... show more Blocked by UFW (TCP on 8333) Source port: 54144 Packet length: 80 This report (for 2001:067c:289c:0002:0000:0000:0000:0035) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-03-09 04:14:14 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::35 (tor-exit-read-me.dfri.se): ... show more (mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::35 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 09 00:14:04.989321 2026] [security2:error] [pid 25536:tid 25536] [client 2001:67c:289c:2::35:37192] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|geckoturner.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "geckoturner.com"] [uri "/wordpress_oturner.sql"] [unique_id "aa5JDIc2yCCn17aMZqNLEwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-05 13:28:21 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::35 (tor-exit-read-me.dfri.se): ... show more (mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::35 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 08:28:13.720126 2026] [security2:error] [pid 22269:tid 22269] [client 2001:67c:289c:2::35:34896] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|aboutagingparents.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "aboutagingparents.com"] [uri "/wordpress_tagingparents.sql"] [unique_id "aamE7dM2dssFJ6RpvUcYagAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-04 13:55:10 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::35 (tor-exit-read-me.dfri.se): ... show more (mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::35 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 04 08:54:57.402005 2026] [security2:error] [pid 29000:tid 29000] [client 2001:67c:289c:2::35:50252] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|forerunnersjazz.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "forerunnersjazz.org"] [uri "/wpadmin.sql"] [unique_id "aag5sZtbdfRY5fqxSRNZUgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-03 18:03:18 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::35 (tor-exit-read-me.dfri.se): ... show more (mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::35 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 03 13:03:10.059092 2026] [security2:error] [pid 17440:tid 17440] [client 2001:67c:289c:2::35:40064] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|jtagulator.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jtagulator.com"] [uri "/tor_db.sql"] [unique_id "aaciXoXI6HbGH8mpKwqtdQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2026-02-26 07:57:30 (3 months ago)	Triggered Cloudflare WAF (firewallCustom) from T1. Action: BLOCK \| Protocol: HTTP/2 (GET) \| Endpoint ... show more Triggered Cloudflare WAF (firewallCustom) from T1. Action: BLOCK \| Protocol: HTTP/2 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-24 05:39:33 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::35 (tor-exit-read-me.dfri.se): ... show more (mod_security) mod_security (id:210730) triggered by 2001:67c:289c:2::35 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 00:39:25.330130 2026] [security2:error] [pid 26108:tid 26108] [client 2001:67c:289c:2::35:42840] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|haroparke.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "haroparke.com"] [uri "/haroparke_db.sql"] [unique_id "aZ05jWiwbFiqiV06YEDUZgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 99 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.139.246

🇩🇪 213.209.159.241

🇭🇰 199.45.154.128

🇳🇱 176.65.139.250

🇭🇰 156.233.228.88

🇹🇼 140.235.38.36

🇰🇷 58.224.62.29

🇺🇸 52.167.144.168

🇺🇸 52.167.144.140

🇺🇸 52.167.144.20

🇵🇭 38.60.245.16

🇬🇧 35.203.210.151

🇰🇷 211.106.137.135

🇹🇼 198.235.24.49

🇦🇴 154.116.254.157

🇺🇸 147.185.132.100

🇩🇪 130.12.180.174

🇨🇳 111.0.81.84

🇮🇳 103.195.81.146

🇺🇸 66.132.186.190