JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2001:67c:289c:4::132

2001:67c:289c:4::132 was found in our database!

This IP was reported 99 times. Confidence of Abuse is 20%: ?

20%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Foreningen for digitala fri- och rattigheter
Usage Type	Fixed Line ISP
ASN	AS198093
Hostname(s)	tor-exit-read-me.dfri.se
Domain Name	dfri.net
Country	🇸🇪 Sweden
City	Solna, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2001:67c:289c:4::132

Whois 2001:67c:289c:4::132

IP Abuse Reports for 2001:67c:289c:4::132:

This IP address has been reported a total of 99 times from 10 distinct sources. 2001:67c:289c:4::132 was first reported on September 3rd 2025, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-05 11:53:48 (2 hours ago)	(mod_security) mod_security (id:210492) triggered by 2001:67c:289c:4::132 (tor-exit-read-me.dfri.se) ... show more (mod_security) mod_security (id:210492) triggered by 2001:67c:289c:4::132 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 07:53:42.944949 2026] [security2:error] [pid 27732:tid 27732] [client 2001:67c:289c:4::132:53162] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.7bsuperfruit.com"] [uri "/.git/config"] [unique_id "aiK4xtUrsNF54xiMaoDODgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-05-28 13:26:01 (1 week ago)	Blocked by UFW (TCP on 8333) Source port: 47326 Packet length: 80 This report (for 2001:067c:289c:0 ... show more Blocked by UFW (TCP on 8333) Source port: 47326 Packet length: 80 This report (for 2001:067c:289c:0004:0000:0000:0000:0132) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-05-09 01:09:44 (3 weeks ago)	(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:4::132 (tor-exit-read-me.dfri.se) ... show more (mod_security) mod_security (id:210730) triggered by 2001:67c:289c:4::132 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 21:09:36.473130 2026] [security2:error] [pid 18738:tid 18738] [client 2001:67c:289c:4::132:50060] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|areafinancieratf.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "areafinancieratf.com"] [uri "/nancieratf_com.sql"] [unique_id "af6JUJp5ppRsG1HHs3wqjAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-08 16:59:50 (3 weeks ago)	(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:4::132 (tor-exit-read-me.dfri.se) ... show more (mod_security) mod_security (id:210730) triggered by 2001:67c:289c:4::132 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 12:59:39.683500 2026] [security2:error] [pid 12634:tid 12634] [client 2001:67c:289c:4::132:37722] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|crep-psych.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "crep-psych.org"] [uri "/crep-psy.sql"] [unique_id "af4We7nwYXEpmDoAV5NCGgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-08 05:53:36 (4 weeks ago)	(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:4::132 (tor-exit-read-me.dfri.se) ... show more (mod_security) mod_security (id:210730) triggered by 2001:67c:289c:4::132 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 01:53:26.938431 2026] [security2:error] [pid 2592:tid 2592] [client 2001:67c:289c:4::132:51422] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|fishleadership.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "fishleadership.org"] [uri "/ership_com.sql"] [unique_id "af16Vmaw2cNmRJyqNj1SSQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-05-08 04:35:47 (4 weeks ago)	Blocked by UFW (TCP on 8333) Source port: 41550 Packet length: 80 This report (for 2001:067c:289c:0 ... show more Blocked by UFW (TCP on 8333) Source port: 41550 Packet length: 80 This report (for 2001:067c:289c:0004:0000:0000:0000:0132) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-05-07 05:27:49 (4 weeks ago)	Blocked by UFW (TCP on 8333) Source port: 38252 Packet length: 80 This report (for 2001:067c:289c:0 ... show more Blocked by UFW (TCP on 8333) Source port: 38252 Packet length: 80 This report (for 2001:067c:289c:0004:0000:0000:0000:0132) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-04-26 21:01:31 (1 month ago)	2026-04-26 08:00:24,258 fail2ban.actions [7718]: NOTICE [tor] Ban 2001:67c:289c:4::132 2026- ... show more 2026-04-26 08:00:24,258 fail2ban.actions [7718]: NOTICE [tor] Ban 2001:67c:289c:4::132 2026-04-26 12:01:23,737 fail2ban.actions [7718]: NOTICE [tor] Ban 2001:67c:289c:4::132 2026-04-26 18:01:21,470 fail2ban.actions [7718]: NOTICE [tor] Ban 2001:67c:289c:4::132 2026-04-26 21:01:18,507 fail2ban.actions [7718]: NOTICE [tor] Ban 2001:67c:289c:4::132 2026-04-27 00:01:30,695 fail2ban.actions [7718]: NOTICE [tor] Ban 2001:67c:289c:4::132 show less	Brute-Force
🇺🇸 xmission.com	2026-04-20 05:10:10 (1 month ago)	Blocked by UFW (TCP on 8333) Source port: 40464 Packet length: 80 This report (for 2001:067c:289c:0 ... show more Blocked by UFW (TCP on 8333) Source port: 40464 Packet length: 80 This report (for 2001:067c:289c:0004:0000:0000:0000:0132) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-04-16 12:33:37 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2001:67c:289c:4::132 (tor-exit-read-me.dfri.se) ... show more (mod_security) mod_security (id:210492) triggered by 2001:67c:289c:4::132 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 16 08:33:29.532061 2026] [security2:error] [pid 4088901:tid 4088901] [client 2001:67c:289c:4::132:33930] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wildlandconservancy.com"] [uri "/wp-config.php_"] [unique_id "aeDXGX9sFFXTRC0-tvJnagAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-12 17:04:27 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2001:67c:289c:4::132 (tor-exit-read-me.dfri.se) ... show more (mod_security) mod_security (id:210492) triggered by 2001:67c:289c:4::132 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 12 13:04:24.573264 2026] [security2:error] [pid 799909:tid 799909] [client 2001:67c:289c:4::132:36794] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.dualspiralsystems.com"] [uri "/.git/config"] [unique_id "advQmM0uEPYDxHJTFHc26AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-12 03:46:27 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2001:67c:289c:4::132 (tor-exit-read-me.dfri.se) ... show more (mod_security) mod_security (id:210492) triggered by 2001:67c:289c:4::132 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 11 23:46:20.652216 2026] [security2:error] [pid 1302348:tid 1302348] [client 2001:67c:289c:4::132:34152] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paulsingdahlsen.com"] [uri "/wp-config.php.orig"] [unique_id "adsVjHuGTshqA-JWUR9fJAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-10 23:36:06 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:4::132 (tor-exit-read-me.dfri.se) ... show more (mod_security) mod_security (id:210730) triggered by 2001:67c:289c:4::132 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 10 19:35:57.020194 2026] [security2:error] [pid 604096:tid 604096] [client 2001:67c:289c:4::132:44068] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|cpking.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cpking.com"] [uri "/bb-config.php.bak"] [unique_id "admJXUXLpg3MW82GgWMCLAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-03-27 12:31:00 (2 months ago)	IPBlock protected site ID [3717-sec]. Robotic site crawling, undeclared spider	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-26 21:54:38 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 2001:67c:289c:4::132 (tor-exit-read-me.dfri.se) ... show more (mod_security) mod_security (id:210730) triggered by 2001:67c:289c:4::132 (tor-exit-read-me.dfri.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 17:54:31.242631 2026] [security2:error] [pid 27172:tid 27172] [client 2001:67c:289c:4::132:34058] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|desertautoworks.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "desertautoworks.com"] [uri "/des.sql"] [unique_id "acWrF1xDYd8mFPNSqraCVgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 99 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 182.180.154.234

🇸🇬 172.253.211.89

🇺🇸 162.216.149.56

🇨🇳 114.138.118.215

🇩🇪 47.245.143.210

🇩🇪 45.131.109.76

🇨🇳 218.28.18.2

🇭🇰 199.45.154.118

🇺🇸 195.184.76.230

🇺🇸 195.184.76.5

🇹🇭 171.4.225.83

🇺🇸 165.154.173.21

🇫🇮 147.185.133.17

🇮🇳 103.132.243.250

🇫🇷 94.176.161.162

🇷🇴 80.94.92.164

🇺🇸 74.48.105.66

🇺🇸 65.49.1.152

🇨🇳 60.166.82.84

🇺🇸 50.62.22.47