This IP address has been reported a total of
14
times from
11 distinct
sources.
38.60.229.233 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
[ThuJul0209:54:31.6364832026][security2:error][pid2685392:tid2685510][client38.60.229.233:0]ModSecur ...
show more[ThuJul0209:54:31.6364832026][security2:error][pid2685392:tid2685510][client38.60.229.233:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\|passwd\|group\)\|www_\?acl\)\|global\\\\\\\\.asa\|httpd\\\\\\\\.conf\|boot\\\\\\\\.ini\|web.config\)\\\\\\\\b\|\(\|\^\|\\\\\\\\.\\\\\\\\.\)/etc/\|/\\\\\\\\.\(\?:history\|bash_history\|sh_history\|env\)\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"mail.wildpferde.ch\"][uri\"/.openclaw/.env\"][unique_id\"akYZN-MjscCSqqXO2QdRfwAAANY\"]
show less
(mod_security) mod_security (id:243320) triggered by 38.60.229.233 (-): 1 in the last 300 secs; Port ...
show more(mod_security) mod_security (id:243320) triggered by 38.60.229.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 22:19:12.351564 2026] [security2:error] [pid 25751:tid 25751] [client 38.60.229.233:35928] ModSecurity: Access denied with code 403 (phase 2). String match "/.profile" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6621"] [id "243320"] [rev "1"] [msg "COMODO WAF: Information disclosure vulnerability in Cloud Foundry PHP Buildpack (aka php-buildpack) before 4.3.18 and PHP Buildpack Cf-release before 242, as used in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.38 and 1.7.x before 1.7.19 and other products (CVE-2016-6639)||www.qxoticdivas.postermodelsworldwideinc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.qxoticdivas.postermodelsworldwideinc.com"] [uri "/.profile"] [unique_id "akXKoHPu5S-T4D2v0yKKEgAAAAI"]
show less
Aggressive web search of vulnerable pages: /.gemini/.env /.hermes/.env /.env.local /config/.env /doc ...
show moreAggressive web search of vulnerable pages: /.gemini/.env /.hermes/.env /.env.local /config/.env /docker-compose.override.yml ...
show less