⚝
One Hat Cyber Team
⚝
Your IP:
216.73.217.4
Server IP:
41.128.143.86
Server:
Linux host.raqmix.cloud 6.8.0-1025-azure #30~22.04.1-Ubuntu SMP Wed Mar 12 15:28:20 UTC 2025 x86_64
Server Software:
Apache
PHP Version:
8.3.23
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
proc
/
self
/
root
/
proc
/
self
/
root
/
var
/
log
/
View File Name :
modsec_audit.log
--83f23350-A-- [23/Jul/2025:00:00:30.363544 +0300] aH_77Gg0fMQ6-543ouDQAQAAAEo 197.48.139.102 58016 127.0.0.1 7081 --83f23350-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 197.48.139.102 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 643 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/21G93 Instagram 389.0.0.20.89 (iPhone12,1; iOS 17_6_1; en_US; en; scale=2.00; 828x1792; 761848126; IABMV/1) referer: https://opalparis.store/?fbclid=PAZXh0bgNhZW0CMTEAAafkhjVZJmzSzRi4S8Yc42TfyuP_Q-Tu8WtWB0x_W3ZG--q0JpUyBQaiH4sloQ_aem_OiIVc9jJeQ98i5FCGQSdSA sec-fetch-dest: empty cookie: _fbc=fb.1.1753218027803.PAZXh0bgNhZW0CMTEAAafkhjVZJmzSzRi4S8Yc42TfyuP_Q-Tu8WtWB0x_W3ZG--q0JpUyBQaiH4sloQ_aem_OiIVc9jJeQ98i5FCGQSdSA; _fbp=fb.1.1752940465882.416236854811342550; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-22%2021%3A00%3A27%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAafkhjVZJmzSzRi4S8Yc42TfyuP_Q-Tu8WtWB0x_W3ZG--q0JpUyBQaiH4sloQ_aem_OiIVc9jJeQ98i5FCGQSdSA%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAafkhjVZJmzSzRi4S8Yc42TfyuP_Q-Tu8WtWB0x_W3ZG--q0JpUyBQaiH4sloQ_aem_OiIVc9jJeQ98i5FCGQSdSA; sbjs_udata=vst%3D2%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2017_6_1%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F21G93%20Instagram%20389.0.0.20.89%20%28iPhone12%2C1%3B%20iOS%2017_6_1%3B%20en_US%3B%20en%3B%20scale%3D2.00%3B%20828x1792%3B%20761848126%3B%20IABMV%2F1%29; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; woocommerce_recently_viewed=858; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-22%2020%3A01%3A46%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaeie2j-ZXhEg75fpWLCm0snF5jrUM76UnkozWIIcDotHQBAE6o0RSu7JLpl2A_aem_-gJ-D-cXQbXWMBQ24vPEAQ%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_migrations=1418474375998%3D1; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22; PHPSESSID=jqv9mj9i1ao48ajpig4om2nlm4; tk_ai=gXafUCUealmQZzIk3tvIHYJJ; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; botble_footprints_cookie=eyJpdiI6IlIrMFRjM3B3R0JQcFBFTjRSdUlVSWc9PSIsInZhbHVlIjoibVl6WUpmTHFobkFZKzZPOXpVb2YrSGw3QjZqblNmNmFIaHJYNVljRE4rRk1kRjhQY1F6ZnZ2Mk8vajcrZlpCOG1Qci9QV0lGZnM3OGViWTVGQ0hwSEFRTk9vN080MkJVblFIV1VYK2w1K2h1TzY5ckRSMUYzRkVCTDFnTXdTcjIiLCJtYWMiOiI5NGMyMGZmYmYzMjc1Y2ZiNzIyNTRlNGM0NmVhMmYyYTFhMDM3ZDczNTExOTYzNWY0NjE4NTkyNTFmNjNjOWRhIiwidGFnIjoiIn0%3D; botble_footprints_cookie_data=eyJpdiI6InJyMk82UVNQeG1DNjE3cGF0VHV4eHc9PSIsInZhbHVlIjoiTG5TWkFtUXZvR1g1NkJsblRlR0hsS2d5dm1VaWZXblk4YkFZT0pXeDdLVEQrVURhQ2hvMFRvNlNlNGNVNXZyK05oUUttUXRKTUJVNXE1ZmtFZ3FQVlJzdDRGcEdESEppVVhneVFSenlESmR3b2JJNnVlelBHbFJNKy9FRVFKRmFYTXNnOGI3aUJnMnJ1RWh3YUt2bGJ1TDg5eEM0RTlxNld2SWE5ZitVb1IvYlNKenZydGpWUVUxYXhZVjJTYjE4UGRUcE56QjZIM1Q1U1pLM2VNOE9VZkRMallvZ1JRMzFwVHN2elAxaDBIUW1OTVJLZXhDRFlWY29FMkw2NUVnblVYdmk3K3QvenFxOWJ5WGg3VTRqVFI2cEgvb0RvdDlFajhvRWRhT21hVm9SSzVxR05vdFBGblpRQmZPQWJKRWo1RjBxRU1Ham9MMjZxNGpKRCtQN0RwdDVrcTh3Z2Rwdlk0WXVabk5QV1BnK2N1OXZFajBQNERFY0ttUXo4UUdneW0yWk1MUHEySk8rNVg4NXhhWDhjaDlITzV5VXZ6WjBoenFSTWMyNEh2Q21jT1k3ZWtDTWthWmRHRzEvcjV0Q1NQeC9xajRTK2YrSU44U3UxN2xxTmo3TWkwWUFYNnQySzNEOXVySC9xZXBBS2ZGUk5IaVpJUFFoWjBiZlpxY2RYbE1OeWpVcjUrekduL1lPUFBwV3JianFKbmdEMzJTTWs3SVExVW5zVHJ0ZjZMTFpMVVhKK2hDSTRLMG1NU01JUEVlZVB1bVVqdzExUjNKU3NSL0dSN0U5L2ppeGh2NWlVYVloemFSbFNkK3RhNEI1c1IySVVUK055WDY0amh3cVM4OFNHbG8vVVV3NnhDUzNJK1BMTlQrUHowRExJdVF5V3hZd1RjZ0ZHYkJzYm5XYVM4YkZJZnYwMytMTHJXMDJjM0drRU4zUHN2cllPcWlXMnVxMFVCV0JhM3BvYXJDZGoveU9iNUsyL0lyRXV0RFFma3JidnMySWo0SHF4a0FNK1ZFOXZCUXRxSE9OSmMxL3RtRHdOb0lIQzU0RFhXdTlvdWVyYVZXclduZlpPTXFiR1pNRUVyTVhCSmJGUmlJNjN4QWFXRlF2YXVPT3YzanlaWURaWXc9PSIsIm1hYyI6ImQ2NTVlMmI2YmVlMjY3YjlhNDIwMWZkYTdlNzA3N2ZmMWFhNTJjZDEzODM3ZGRiZDQ0ZDYwYTU0YTNmYjhjMjUiLCJ0YWciOiIifQ%3D%3D --83f23350-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --83f23350-E-- --83f23350-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aH_77Gg0fMQ6-543ouDQAQAAAEo"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aH_77Gg0fMQ6-543ouDQAQAAAEo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753218028061119 2302640 (- - -) Stopwatch2: 1753218028061119 2302640; combined=110491, p1=998, p2=16152, p3=322, p4=56, p5=46571, sr=189, sw=0, l=0, gc=46392 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --83f23350-Z-- --5de2ca34-A-- [23/Jul/2025:00:00:42.768972 +0300] aH_7-Gg0fMQ6-543ouDQPwAAAEg 197.48.139.102 54894 127.0.0.1 7081 --5de2ca34-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 197.48.139.102 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 758 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/21G93 Instagram 389.0.0.20.89 (iPhone12,1; iOS 17_6_1; en_US; en; scale=2.00; 828x1792; 761848126; IABMV/1) NW/1 referer: https://opalparis.store/?fbclid=PAZXh0bgNhZW0CMTEAAafkhjVZJmzSzRi4S8Yc42TfyuP_Q-Tu8WtWB0x_W3ZG--q0JpUyBQaiH4sloQ_aem_OiIVc9jJeQ98i5FCGQSdSA sec-fetch-dest: empty cookie: _fbc=fb.1.1753218027803.PAZXh0bgNhZW0CMTEAAafkhjVZJmzSzRi4S8Yc42TfyuP_Q-Tu8WtWB0x_W3ZG--q0JpUyBQaiH4sloQ_aem_OiIVc9jJeQ98i5FCGQSdSA; _fbp=fb.1.1752940465882.416236854811342550; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_session=pgs%3D2%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAafkhjVZJmzSzRi4S8Yc42TfyuP_Q-Tu8WtWB0x_W3ZG--q0JpUyBQaiH4sloQ_aem_OiIVc9jJeQ98i5FCGQSdSA; sbjs_udata=vst%3D2%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2017_6_1%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F21G93%20Instagram%20389.0.0.20.89%20%28iPhone12%2C1%3B%20iOS%2017_6_1%3B%20en_US%3B%20en%3B%20scale%3D2.00%3B%20828x1792%3B%20761848126%3B%20IABMV%2F1%29%20NW%2F1; sbjs_current_add=fd%3D2025-07-22%2021%3A00%3A27%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAafkhjVZJmzSzRi4S8Yc42TfyuP_Q-Tu8WtWB0x_W3ZG--q0JpUyBQaiH4sloQ_aem_OiIVc9jJeQ98i5FCGQSdSA%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; woocommerce_recently_viewed=858; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-22%2020%3A01%3A46%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaeie2j-ZXhEg75fpWLCm0snF5jrUM76UnkozWIIcDotHQBAE6o0RSu7JLpl2A_aem_-gJ-D-cXQbXWMBQ24vPEAQ%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_migrations=1418474375998%3D1; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22; PHPSESSID=jqv9mj9i1ao48ajpig4om2nlm4; tk_ai=gXafUCUealmQZzIk3tvIHYJJ; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; botble_footprints_cookie=eyJpdiI6IlIrMFRjM3B3R0JQcFBFTjRSdUlVSWc9PSIsInZhbHVlIjoibVl6WUpmTHFobkFZKzZPOXpVb2YrSGw3QjZqblNmNmFIaHJYNVljRE4rRk1kRjhQY1F6ZnZ2Mk8vajcrZlpCOG1Qci9QV0lGZnM3OGViWTVGQ0hwSEFRTk9vN080MkJVblFIV1VYK2w1K2h1TzY5ckRSMUYzRkVCTDFnTXdTcjIiLCJtYWMiOiI5NGMyMGZmYmYzMjc1Y2ZiNzIyNTRlNGM0NmVhMmYyYTFhMDM3ZDczNTExOTYzNWY0NjE4NTkyNTFmNjNjOWRhIiwidGFnIjoiIn0%3D; botble_footprints_cookie_data=eyJpdiI6InJyMk82UVNQeG1DNjE3cGF0VHV4eHc9PSIsInZhbHVlIjoiTG5TWkFtUXZvR1g1NkJsblRlR0hsS2d5dm1VaWZXblk4YkFZT0pXeDdLVEQrVURhQ2hvMFRvNlNlNGNVNXZyK05oUUttUXRKTUJVNXE1ZmtFZ3FQVlJzdDRGcEdESEppVVhneVFSenlESmR3b2JJNnVlelBHbFJNKy9FRVFKRmFYTXNnOGI3aUJnMnJ1RWh3YUt2bGJ1TDg5eEM0RTlxNld2SWE5ZitVb1IvYlNKenZydGpWUVUxYXhZVjJTYjE4UGRUcE56QjZIM1Q1U1pLM2VNOE9VZkRMallvZ1JRMzFwVHN2elAxaDBIUW1OTVJLZXhDRFlWY29FMkw2NUVnblVYdmk3K3QvenFxOWJ5WGg3VTRqVFI2cEgvb0RvdDlFajhvRWRhT21hVm9SSzVxR05vdFBGblpRQmZPQWJKRWo1RjBxRU1Ham9MMjZxNGpKRCtQN0RwdDVrcTh3Z2Rwdlk0WXVabk5QV1BnK2N1OXZFajBQNERFY0ttUXo4UUdneW0yWk1MUHEySk8rNVg4NXhhWDhjaDlITzV5VXZ6WjBoenFSTWMyNEh2Q21jT1k3ZWtDTWthWmRHRzEvcjV0Q1NQeC9xajRTK2YrSU44U3UxN2xxTmo3TWkwWUFYNnQySzNEOXVySC9xZXBBS2ZGUk5IaVpJUFFoWjBiZlpxY2RYbE1OeWpVcjUrekduL1lPUFBwV3JianFKbmdEMzJTTWs3SVExVW5zVHJ0ZjZMTFpMVVhKK2hDSTRLMG1NU01JUEVlZVB1bVVqdzExUjNKU3NSL0dSN0U5L2ppeGh2NWlVYVloemFSbFNkK3RhNEI1c1IySVVUK055WDY0amh3cVM4OFNHbG8vVVV3NnhDUzNJK1BMTlQrUHowRExJdVF5V3hZd1RjZ0ZHYkJzYm5XYVM4YkZJZnYwMytMTHJXMDJjM0drRU4zUHN2cllPcWlXMnVxMFVCV0JhM3BvYXJDZGoveU9iNUsyL0lyRXV0RFFma3JidnMySWo0SHF4a0FNK1ZFOXZCUXRxSE9OSmMxL3RtRHdOb0lIQzU0RFhXdTlvdWVyYVZXclduZlpPTXFiR1pNRUVyTVhCSmJGUmlJNjN4QWFXRlF2YXVPT3YzanlaWURaWXc9PSIsIm1hYyI6ImQ2NTVlMmI2YmVlMjY3YjlhNDIwMWZkYTdlNzA3N2ZmMWFhNTJjZDEzODM3ZGRiZDQ0ZDYwYTU0YTNmYjhjMjUiLCJ0YWciOiIifQ%3D%3D --5de2ca34-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --5de2ca34-E-- --5de2ca34-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aH_7-Gg0fMQ6-543ouDQPwAAAEg"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aH_7-Gg0fMQ6-543ouDQPwAAAEg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753218040419413 2349713 (- - -) Stopwatch2: 1753218040419413 2349713; combined=20407, p1=1086, p2=18851, p3=249, p4=52, p5=169, sr=180, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5de2ca34-Z-- --a42ced78-A-- [23/Jul/2025:00:01:06.946226 +0300] aH_8Emg0fMQ6-543ouDQcQAAAFc 185.177.72.12 44022 127.0.0.1 7081 --a42ced78-B-- GET /info.php.bak HTTP/1.0 Host: www.sys.ellaith.com X-Real-IP: 185.177.72.12 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a42ced78-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Set-Cookie: csrf_cookie_name=93ffd24fc3953bb7430ef6564e84874d; expires=Tue, 22 Jul 2025 22:02:06 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --a42ced78-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sys.ellaith.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sys.ellaith.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sys.ellaith.com"] [uri "/info.php.bak"] [unique_id "aH_8Emg0fMQ6-543ouDQcQAAAFc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sys.ellaith.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753218066872259 74074 (- - -) Stopwatch2: 1753218066872259 74074; combined=13289, p1=623, p2=12529, p3=0, p4=0, p5=136, sr=239, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a42ced78-Z-- --9dd14a4e-A-- [23/Jul/2025:00:01:33.188933 +0300] aH_8KiWUl7EYyMzlnO0heQAAAJQ 185.177.72.13 51954 127.0.0.1 7081 --9dd14a4e-B-- GET /.env HTTP/1.0 Host: glamilea.com X-Real-IP: 185.177.72.13 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3 --9dd14a4e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.1.33 X-LiteSpeed-Tag: cb5_HTTP.404 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" Set-Cookie: yay_currency_widget=29035; expires=Thu, 21-Aug-2025 21:01:32 GMT; Max-Age=2592000; path=/ Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --9dd14a4e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glamilea.com"] [uri "/.env"] [unique_id "aH_8KiWUl7EYyMzlnO0heQAAAJQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753218090977834 2211202 (- - -) Stopwatch2: 1753218090977834 2211202; combined=4527, p1=718, p2=3666, p3=0, p4=0, p5=142, sr=133, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9dd14a4e-Z-- --a3986a27-A-- [23/Jul/2025:00:01:36.609892 +0300] aH_8Lmg0fMQ6-543ouDQrAAAAE8 185.177.72.13 58026 127.0.0.1 7081 --a3986a27-B-- GET /config/.env HTTP/1.0 Host: glamilea.com X-Real-IP: 185.177.72.13 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3 --a3986a27-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.1.33 X-LiteSpeed-Tag: cb5_HTTP.404 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" Set-Cookie: yay_currency_widget=29035; expires=Thu, 21-Aug-2025 21:01:35 GMT; Max-Age=2592000; path=/ Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --a3986a27-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glamilea.com"] [uri "/config/.env"] [unique_id "aH_8Lmg0fMQ6-543ouDQrAAAAE8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753218094151419 2458578 (- - -) Stopwatch2: 1753218094151419 2458578; combined=2762, p1=678, p2=1957, p3=0, p4=0, p5=126, sr=265, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a3986a27-Z-- --03e75b29-A-- [23/Jul/2025:00:01:39.909000 +0300] aH_8MSWUl7EYyMzlnO0hgQAAAIE 185.177.72.13 58098 127.0.0.1 7081 --03e75b29-B-- GET /api/.env HTTP/1.0 Host: glamilea.com X-Real-IP: 185.177.72.13 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3 --03e75b29-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.1.33 X-LiteSpeed-Tag: cb5_HTTP.404 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" Set-Cookie: yay_currency_widget=29035; expires=Thu, 21-Aug-2025 21:01:39 GMT; Max-Age=2592000; path=/ Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --03e75b29-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glamilea.com"] [uri "/api/.env"] [unique_id "aH_8MSWUl7EYyMzlnO0hgQAAAIE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753218097730375 2178715 (- - -) Stopwatch2: 1753218097730375 2178715; combined=2772, p1=667, p2=1948, p3=0, p4=0, p5=156, sr=178, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --03e75b29-Z-- --6a45ec71-A-- [23/Jul/2025:00:01:42.528687 +0300] aH_8Nmg0fMQ6-543ouDQsgAAAEY 185.177.72.12 58160 127.0.0.1 7081 --6a45ec71-B-- GET /phpinfo.php.bak HTTP/1.0 Host: www.sys.ellaith.com X-Real-IP: 185.177.72.12 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6a45ec71-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Set-Cookie: csrf_cookie_name=1c9a8f0ca4cf7395e25f0fdd95c12098; expires=Tue, 22 Jul 2025 22:02:42 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --6a45ec71-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sys.ellaith.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sys.ellaith.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sys.ellaith.com"] [uri "/phpinfo.php.bak"] [unique_id "aH_8Nmg0fMQ6-543ouDQsgAAAEY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sys.ellaith.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753218102474690 54093 (- - -) Stopwatch2: 1753218102474690 54093; combined=2886, p1=600, p2=2075, p3=0, p4=0, p5=210, sr=177, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6a45ec71-Z-- --608a456b-A-- [23/Jul/2025:00:01:43.221197 +0300] aH_8N2g0fMQ6-543ouDQtgAAAEs 185.177.72.12 41310 127.0.0.1 7081 --608a456b-B-- GET /.env.bak HTTP/1.0 Host: www.sys.ellaith.com X-Real-IP: 185.177.72.12 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --608a456b-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Set-Cookie: csrf_cookie_name=a56a2b6af501f48ae928c8afe20426b5; expires=Tue, 22 Jul 2025 22:02:43 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --608a456b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sys.ellaith.com|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sys.ellaith.com"] [uri "/.env.bak"] [unique_id "aH_8N2g0fMQ6-543ouDQtgAAAEs"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sys.ellaith.com|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sys.ellaith.com"] [uri "/.env.bak"] [unique_id "aH_8N2g0fMQ6-543ouDQtgAAAEs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sys.ellaith.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753218103168690 52614 (- - -) Stopwatch2: 1753218103168690 52614; combined=3357, p1=660, p2=2483, p3=0, p4=0, p5=213, sr=176, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --608a456b-Z-- --9dc6962d-A-- [23/Jul/2025:00:01:43.406017 +0300] aH_8NyWUl7EYyMzlnO0hhwAAAIU 185.177.72.12 41312 127.0.0.1 7081 --9dc6962d-B-- GET /.env HTTP/1.0 Host: www.sys.ellaith.com X-Real-IP: 185.177.72.12 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9dc6962d-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Set-Cookie: csrf_cookie_name=e137f94d75454a30f172f406af295197; expires=Tue, 22 Jul 2025 22:02:43 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --9dc6962d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sys.ellaith.com"] [uri "/.env"] [unique_id "aH_8NyWUl7EYyMzlnO0hhwAAAIU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sys.ellaith.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753218103345513 60587 (- - -) Stopwatch2: 1753218103345513 60587; combined=3329, p1=904, p2=2223, p3=0, p4=0, p5=201, sr=158, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9dc6962d-Z-- --083d5243-A-- [23/Jul/2025:00:01:43.584259 +0300] aH_8NyWUl7EYyMzlnO0hiAAAAJM 185.177.72.12 41318 127.0.0.1 7081 --083d5243-B-- GET /.env.backup HTTP/1.0 Host: www.sys.ellaith.com X-Real-IP: 185.177.72.12 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --083d5243-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Set-Cookie: csrf_cookie_name=2df4a10d3836f34be7330941d4ae720d; expires=Tue, 22 Jul 2025 22:02:43 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --083d5243-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sys.ellaith.com|F|2"] [data ".env.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sys.ellaith.com"] [uri "/.env.backup"] [unique_id "aH_8NyWUl7EYyMzlnO0hiAAAAJM"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sys.ellaith.com|F|2"] [data ".env.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sys.ellaith.com"] [uri "/.env.backup"] [unique_id "aH_8NyWUl7EYyMzlnO0hiAAAAJM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sys.ellaith.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753218103528670 55665 (- - -) Stopwatch2: 1753218103528670 55665; combined=3288, p1=658, p2=2470, p3=0, p4=0, p5=159, sr=143, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --083d5243-Z-- --050e9a53-A-- [23/Jul/2025:00:01:43.936601 +0300] aH_8N2g0fMQ6-543ouDQuAAAAEw 185.177.72.12 41362 127.0.0.1 7081 --050e9a53-B-- GET /.env_sample HTTP/1.0 Host: www.sys.ellaith.com X-Real-IP: 185.177.72.12 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --050e9a53-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Set-Cookie: csrf_cookie_name=a227e41cafa36a6c5d5380bb09278ac4; expires=Tue, 22 Jul 2025 22:02:43 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --050e9a53-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sys.ellaith.com"] [uri "/.env_sample"] [unique_id "aH_8N2g0fMQ6-543ouDQuAAAAEw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sys.ellaith.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753218103861799 74897 (- - -) Stopwatch2: 1753218103861799 74897; combined=2995, p1=573, p2=2274, p3=0, p4=0, p5=147, sr=141, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --050e9a53-Z-- --c5eeef7e-A-- [23/Jul/2025:00:01:44.114670 +0300] aH_8OGg0fMQ6-543ouDQugAAAFI 185.177.72.12 41380 127.0.0.1 7081 --c5eeef7e-B-- GET /.env.old HTTP/1.0 Host: www.sys.ellaith.com X-Real-IP: 185.177.72.12 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c5eeef7e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Set-Cookie: csrf_cookie_name=bccede6e4bfd4598a5868689e07689e6; expires=Tue, 22 Jul 2025 22:02:44 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --c5eeef7e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sys.ellaith.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sys.ellaith.com"] [uri "/.env.old"] [unique_id "aH_8OGg0fMQ6-543ouDQugAAAFI"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sys.ellaith.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sys.ellaith.com"] [uri "/.env.old"] [unique_id "aH_8OGg0fMQ6-543ouDQugAAAFI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sys.ellaith.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753218104059910 54844 (- - -) Stopwatch2: 1753218104059910 54844; combined=2908, p1=630, p2=2081, p3=0, p4=0, p5=196, sr=181, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c5eeef7e-Z-- --c1e29068-A-- [23/Jul/2025:00:04:57.674446 +0300] aH_8-Wg0fMQ6-543ouDR6QAAAEY 144.172.114.186 49038 127.0.0.1 7081 --c1e29068-B-- GET /.env HTTP/1.0 Host: haddadjewellery.com X-Real-IP: 144.172.114.186 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 Accept-Encoding: gzip, deflate Accept: */* --c1e29068-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 21 Jan 2025 14:39:31 GMT ETag: "328-62c38584f0049" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --c1e29068-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "haddadjewellery.com"] [uri "/.env"] [unique_id "aH_8-Wg0fMQ6-543ouDR6QAAAEY"] Stopwatch: 1753218297669900 4635 (- - -) Stopwatch2: 1753218297669900 4635; combined=2641, p1=550, p2=2021, p3=0, p4=0, p5=70, sr=143, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c1e29068-Z-- --2352fd59-A-- [23/Jul/2025:00:05:11.524237 +0300] aH_9B2g0fMQ6-543ouDR_wAAAFg 212.30.41.4 35656 127.0.0.1 7081 --2352fd59-B-- GET /faculty/onlineClasses.php?code=4/0AY0e-g6UYiolN9ouiBgWdROOnecNqUGUTmFUo0ouT4e-6JPF77KUlWrjtCVbc0kftDmpQQ&scope=email%20profile%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/gmail.readonly%20https://www.googleapis.com/auth/calendar.readonly%20https://www.googleapis.com/auth/classroom.courses.readonly%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.30.41.4 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Google Chrome";v="137", "Chromium";v="137", "Not/A)Brand";v="24" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: none sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document accept-encoding: gzip, deflate, br, zstd accept-language: en-GB,en;q=0.9,ar-LB;q=0.8,ar;q=0.7,en-US;q=0.6 priority: u=0, i --2352fd59-F-- HTTP/1.1 302 Moved Temporarily Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: PHPSESSID=lnq9rt1dbtihls8qbnuico5gu1; path=/ Upgrade: h2,h2c Connection: Upgrade, close Location: https://www.jinansystem.com/login.php Content-Type: text/html; charset=UTF-8 --2352fd59-E-- --2352fd59-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/gmail.readonly https:/www.googleapis.com/auth/calendar.readonly https:/www.googleapis.com/auth/classroom.courses.readonly https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/gmail.readonly https:/www.googleapis.com/auth/calendar.readonly https:/www.googleapis.com/auth/classroom.courses.readonly https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/faculty/onlineClasses.php"] [unique_id "aH_9B2g0fMQ6-543ouDR_wAAAFg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753218311513688 10658 (- - -) Stopwatch2: 1753218311513688 10658; combined=7071, p1=651, p2=6205, p3=73, p4=35, p5=106, sr=171, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2352fd59-Z-- --8b3e763b-A-- [23/Jul/2025:00:21:09.094297 +0300] aIAAxWg0fMQ6-543ouDb-AAAAFM 104.254.246.155 56448 127.0.0.1 7081 --8b3e763b-B-- GET /.env HTTP/1.0 Host: liberty.raqmix.net X-Real-IP: 104.254.246.155 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: python-requests/2.22.0 Accept-Encoding: gzip, deflate Accept: */* --8b3e763b-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close X-Accel-Version: 0.01 X-Accel-Redirect: /internal-nginx-static-location/.env Content-Length: 0 --8b3e763b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "liberty.raqmix.net"] [uri "/.env"] [unique_id "aIAAxWg0fMQ6-543ouDb-AAAAFM"] Stopwatch: 1753219269089468 5011 (- - -) Stopwatch2: 1753219269089468 5011; combined=2962, p1=585, p2=2207, p3=36, p4=42, p5=92, sr=166, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8b3e763b-Z-- --9a9aea41-A-- [23/Jul/2025:00:23:49.273335 +0300] aIABZWg0fMQ6-543ouDdvAAAAFU 93.123.109.64 41522 127.0.0.1 7081 --9a9aea41-B-- GET /.git/config HTTP/1.0 Host: college.jinansystem.com X-Real-IP: 93.123.109.64 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 11; SM-A515F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Mobile Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --9a9aea41-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --9a9aea41-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "college.jinansystem.com"] [uri "/.git/config"] [unique_id "aIABZWg0fMQ6-543ouDdvAAAAFU"] Stopwatch: 1753219429269342 4081 (- - -) Stopwatch2: 1753219429269342 4081; combined=2403, p1=507, p2=1826, p3=0, p4=0, p5=70, sr=133, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9a9aea41-Z-- --d3912601-A-- [23/Jul/2025:00:36:42.303534 +0300] aIAEamg0fMQ6-543ouDrNwAAAEU 185.205.211.23 33398 127.0.0.1 7081 --d3912601-B-- GET /.env?raw HTTP/1.0 Host: jinansystem.com X-Real-IP: 185.205.211.23 X-Accel-Internal: /internal-nginx-static-location Connection: close accept-encoding: gzip user-agent: Go-http-client/2.0 --d3912601-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --d3912601-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jinansystem.com"] [uri "/.env"] [unique_id "aIAEamg0fMQ6-543ouDrNwAAAEU"] Stopwatch: 1753220202298694 4923 (- - -) Stopwatch2: 1753220202298694 4923; combined=2943, p1=658, p2=2208, p3=0, p4=0, p5=77, sr=168, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d3912601-Z-- --8c006c4e-A-- [23/Jul/2025:00:36:42.556551 +0300] aIAEamg0fMQ6-543ouDrOQAAAEc 185.205.211.23 33408 127.0.0.1 7081 --8c006c4e-B-- GET /.env?raw HTTP/1.0 Host: jinansystem.com X-Real-IP: 185.205.211.23 X-Accel-Internal: /internal-nginx-static-location Connection: close referer: http://jinansystem.com/.env?raw accept-encoding: gzip user-agent: Go-http-client/2.0 --8c006c4e-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --8c006c4e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jinansystem.com"] [uri "/.env"] [unique_id "aIAEamg0fMQ6-543ouDrOQAAAEc"] Stopwatch: 1753220202507521 49103 (- - -) Stopwatch2: 1753220202507521 49103; combined=91060, p1=848, p2=2574, p3=0, p4=0, p5=43860, sr=429, sw=0, l=0, gc=43778 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8c006c4e-Z-- --ea796607-A-- [23/Jul/2025:00:43:24.413570 +0300] aIAF_Gg0fMQ6-543ouD0bwAAAEA 78.153.140.203 43974 127.0.0.1 7080 --ea796607-B-- GET /.env HTTP/1.0 Host: 41.128.143.86 X-Real-IP: 78.153.140.203 Connection: close Accept: */* User-Agent: Mozilla/5.0 (Linux; Android 4.3; Nexus 10 Build/JSS15Q) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2307.2 Safari/537.36 --ea796607-F-- HTTP/1.1 404 Not Found Content-Length: 259 Connection: close Content-Type: text/html; charset=iso-8859-1 --ea796607-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.86"] [uri "/.env"] [unique_id "aIAF_Gg0fMQ6-543ouD0bwAAAEA"] Stopwatch: 1753220604408654 4987 (- - -) Stopwatch2: 1753220604408654 4987; combined=3012, p1=639, p2=2247, p3=23, p4=34, p5=69, sr=185, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ea796607-Z-- --15456f55-A-- [23/Jul/2025:00:43:24.655742 +0300] aIAF_Gg0fMQ6-543ouD0cAAAAFI 78.153.140.203 43978 127.0.0.1 7080 --15456f55-B-- GET /api/.env HTTP/1.0 Host: 41.128.143.86 X-Real-IP: 78.153.140.203 Connection: close Accept: */* User-Agent: Mozilla/5.0 (Linux; U; Android 4.2.2; es-es; GT-P5110 Build/JDQ39) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Safari/534.30 --15456f55-F-- HTTP/1.1 404 Not Found Content-Length: 259 Connection: close Content-Type: text/html; charset=iso-8859-1 --15456f55-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.86"] [uri "/api/.env"] [unique_id "aIAF_Gg0fMQ6-543ouD0cAAAAFI"] Stopwatch: 1753220604649271 6555 (- - -) Stopwatch2: 1753220604649271 6555; combined=4034, p1=884, p2=2978, p3=34, p4=44, p5=93, sr=288, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --15456f55-Z-- --24a10703-A-- [23/Jul/2025:00:43:24.911390 +0300] aIAF_CWUl7EYyMzlnO0ylAAAAJM 78.153.140.203 43992 127.0.0.1 7080 --24a10703-B-- GET /backend/.env HTTP/1.0 Host: 41.128.143.86 X-Real-IP: 78.153.140.203 Connection: close Accept: */* User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 OPR/45.0.2552.898 --24a10703-F-- HTTP/1.1 404 Not Found Content-Length: 259 Connection: close Content-Type: text/html; charset=iso-8859-1 --24a10703-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.86"] [uri "/backend/.env"] [unique_id "aIAF_CWUl7EYyMzlnO0ylAAAAJM"] Stopwatch: 1753220604906335 5122 (- - -) Stopwatch2: 1753220604906335 5122; combined=3169, p1=771, p2=2256, p3=27, p4=37, p5=78, sr=315, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --24a10703-Z-- --a0264d79-A-- [23/Jul/2025:00:43:25.150729 +0300] aIAF_SWUl7EYyMzlnO0ylQAAAIc 78.153.140.203 44002 127.0.0.1 7080 --a0264d79-B-- GET /admin/.env HTTP/1.0 Host: 41.128.143.86 X-Real-IP: 78.153.140.203 Connection: close Accept: */* User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; SM-J700F Build/MMB29K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.98 Mobile Safari/537.36 --a0264d79-F-- HTTP/1.1 404 Not Found Content-Length: 259 Connection: close Content-Type: text/html; charset=iso-8859-1 --a0264d79-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.86"] [uri "/admin/.env"] [unique_id "aIAF_SWUl7EYyMzlnO0ylQAAAIc"] Stopwatch: 1753220605145772 5007 (- - -) Stopwatch2: 1753220605145772 5007; combined=2945, p1=620, p2=2178, p3=25, p4=52, p5=70, sr=186, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a0264d79-Z-- --6a72b477-A-- [23/Jul/2025:00:43:25.387218 +0300] aIAF_Wg0fMQ6-543ouD0dAAAAEM 78.153.140.203 44008 127.0.0.1 7080 --6a72b477-B-- GET /.env.example HTTP/1.0 Host: 41.128.143.86 X-Real-IP: 78.153.140.203 Connection: close Accept: */* User-Agent: Mozilla/5.0 (Linux; U; Android 2.3.6; en-us; SPH-M580BST Build/GINGERBREAD) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1 --6a72b477-F-- HTTP/1.1 404 Not Found Content-Length: 259 Connection: close Content-Type: text/html; charset=iso-8859-1 --6a72b477-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.86"] [uri "/.env.example"] [unique_id "aIAF_Wg0fMQ6-543ouD0dAAAAEM"] Stopwatch: 1753220605382509 4776 (- - -) Stopwatch2: 1753220605382509 4776; combined=2915, p1=643, p2=2084, p3=25, p4=36, p5=127, sr=200, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6a72b477-Z-- --121a8959-A-- [23/Jul/2025:00:44:55.129742 +0300] aIAGVCWUl7EYyMzlnO0zowAAAJE 172.166.217.122 56030 127.0.0.1 7081 --121a8959-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: glamilea.com X-Real-IP: 172.166.217.122 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-fetch-user: ?1 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 accept-encoding: gzip, deflate, br upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: same-origin user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 accept-language: en-US,en;q=0.5 referer: http://glamilea.com/wp-login.php cookie: yay_currency_widget=29035; wordpress_test_cookie=WP%20Cookie%20check --121a8959-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.1.33 X-Robots-Tag: noindex Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin Upgrade: h2,h2c Connection: Upgrade, close Content-Type: application/json; charset=UTF-8 --121a8959-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glamilea.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glamilea.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "glamilea.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIAGVCWUl7EYyMzlnO0zowAAAJE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753220692963645 2166323 (- - -) Stopwatch2: 1753220692963645 2166323; combined=3810, p1=490, p2=3171, p3=0, p4=0, p5=148, sr=156, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --121a8959-Z-- --78206d75-A-- [23/Jul/2025:00:45:57.394899 +0300] aIAGlSWUl7EYyMzlnO00ZQAAAJQ 93.123.109.64 34576 127.0.0.1 7081 --78206d75-B-- GET /.git/config HTTP/1.0 Host: alc.edu.lb X-Forwarded-Http-Host: alc.edu.lb:443 X-Real-IP: 93.123.109.64 Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.20 Safari/535.1 Accept-Charset: utf-8 Accept-Encoding: gzip --78206d75-F-- HTTP/1.1 301 Moved Permanently Location: https://www.alcsys.odoo.com/.git/config Content-Length: 308 Connection: close Content-Type: text/html; charset=iso-8859-1 --78206d75-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alc.edu.lb"] [uri "/.git/config"] [unique_id "aIAGlSWUl7EYyMzlnO00ZQAAAJQ"] Stopwatch: 1753220757393767 1212 (- - -) Stopwatch2: 1753220757393767 1212; combined=704, p1=566, p2=0, p3=32, p4=31, p5=75, sr=179, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --78206d75-Z-- --e4aefc25-A-- [23/Jul/2025:00:50:57.733813 +0300] aIAHwWg0fMQ6-543ouAAWQAAAFE 45.13.191.34 39822 127.0.0.1 7081 --e4aefc25-B-- HEAD /old/dump.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 45.13.191.34 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --e4aefc25-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --e4aefc25-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/old/dump.sql"] [unique_id "aIAHwWg0fMQ6-543ouAAWQAAAFE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753221057715740 18186 (- - -) Stopwatch2: 1753221057715740 18186; combined=2525, p1=481, p2=1921, p3=0, p4=0, p5=123, sr=141, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e4aefc25-Z-- --b07af64e-A-- [23/Jul/2025:00:50:58.404603 +0300] aIAHwmg0fMQ6-543ouAAWwAAAEI 45.13.191.59 39842 127.0.0.1 7081 --b07af64e-B-- HEAD /bak/sftp-config.json HTTP/1.0 Host: vivacetrading.com X-Real-IP: 45.13.191.59 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --b07af64e-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --b07af64e-H-- Message: Warning. Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vivacetrading.com"] [uri "/bak/sftp-config.json"] [unique_id "aIAHwmg0fMQ6-543ouAAWwAAAEI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753221058387820 16870 (- - -) Stopwatch2: 1753221058387820 16870; combined=2452, p1=545, p2=1785, p3=0, p4=0, p5=122, sr=150, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b07af64e-Z-- --f305122b-A-- [23/Jul/2025:00:50:59.835309 +0300] aIAHwyWUl7EYyMzlnO04EAAAAIY 45.13.191.18 39930 127.0.0.1 7081 --f305122b-B-- HEAD /backup/backup.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 45.13.191.18 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --f305122b-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --f305122b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/backup/backup.sql"] [unique_id "aIAHwyWUl7EYyMzlnO04EAAAAIY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753221059816122 19272 (- - -) Stopwatch2: 1753221059816122 19272; combined=2470, p1=500, p2=1850, p3=0, p4=0, p5=119, sr=129, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f305122b-Z-- --bb14d70b-A-- [23/Jul/2025:00:51:02.621572 +0300] aIAHxmg0fMQ6-543ouAAgQAAAFg 45.13.191.16 40404 127.0.0.1 7081 --bb14d70b-B-- HEAD /backup/wallet.dat HTTP/1.0 Host: vivacetrading.com X-Real-IP: 45.13.191.16 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --bb14d70b-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --bb14d70b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/backup/wallet.dat"] [unique_id "aIAHxmg0fMQ6-543ouAAgQAAAFg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753221062603977 17663 (- - -) Stopwatch2: 1753221062603977 17663; combined=2623, p1=493, p2=2041, p3=0, p4=0, p5=89, sr=165, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bb14d70b-Z-- --d8b22313-A-- [23/Jul/2025:00:51:33.836169 +0300] aIAH5Wg0fMQ6-543ouABeQAAAEw 185.177.72.205 53358 127.0.0.1 7081 --d8b22313-B-- GET /.env HTTP/1.0 Host: admin.casa-eg.com X-Real-IP: 185.177.72.205 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d8b22313-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private pragma: no-cache expires: -1 Set-Cookie: casa_session=bEUC0C6QO0qElMZO7Xi1hUs7sBKTlzm0eK3muXhJ; expires=Tue, 22-Jul-2025 23:51:33 GMT; Max-Age=7200; path=/; httponly; samesite=lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --d8b22313-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "admin.casa-eg.com"] [uri "/.env"] [unique_id "aIAH5Wg0fMQ6-543ouABeQAAAEw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/admin.casa-eg.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753221093677145 159117 (- - -) Stopwatch2: 1753221093677145 159117; combined=3401, p1=918, p2=2382, p3=0, p4=0, p5=100, sr=318, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d8b22313-Z-- --e767d671-A-- [23/Jul/2025:00:51:34.786951 +0300] aIAH5mg0fMQ6-543ouABhAAAAEY 185.177.72.205 53474 127.0.0.1 7081 --e767d671-B-- GET /backend/.env HTTP/1.0 Host: admin.casa-eg.com X-Real-IP: 185.177.72.205 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e767d671-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private pragma: no-cache expires: -1 Set-Cookie: casa_session=JvOVGXwTu28lDzGmhFfFSNlK8S7pqgJ7oZ2RIJo3; expires=Tue, 22-Jul-2025 23:51:34 GMT; Max-Age=7200; path=/; httponly; samesite=lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --e767d671-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "admin.casa-eg.com"] [uri "/backend/.env"] [unique_id "aIAH5mg0fMQ6-543ouABhAAAAEY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/admin.casa-eg.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753221094660973 126074 (- - -) Stopwatch2: 1753221094660973 126074; combined=2931, p1=712, p2=2084, p3=0, p4=0, p5=134, sr=254, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e767d671-Z-- --7d0c6123-A-- [23/Jul/2025:00:51:34.975225 +0300] aIAH5mg0fMQ6-543ouABiAAAAEE 185.177.72.205 53516 127.0.0.1 7081 --7d0c6123-B-- GET /api/.env HTTP/1.0 Host: admin.casa-eg.com X-Real-IP: 185.177.72.205 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7d0c6123-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private pragma: no-cache expires: -1 Vary: Origin Set-Cookie: casa_session=KMkKLWiVK0cqYwLmCr3pFhw2BcNPyur7ajlvt8In; expires=Tue, 22-Jul-2025 23:51:34 GMT; Max-Age=7200; path=/; httponly; samesite=lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --7d0c6123-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "admin.casa-eg.com"] [uri "/api/.env"] [unique_id "aIAH5mg0fMQ6-543ouABiAAAAEE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/admin.casa-eg.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753221094845623 129677 (- - -) Stopwatch2: 1753221094845623 129677; combined=2584, p1=519, p2=1878, p3=0, p4=0, p5=186, sr=165, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7d0c6123-Z-- --45175300-A-- [23/Jul/2025:00:51:35.232149 +0300] aIAH52g0fMQ6-543ouABiQAAAEk 185.177.72.205 53536 127.0.0.1 7081 --45175300-B-- GET /env.backup HTTP/1.0 Host: admin.casa-eg.com X-Real-IP: 185.177.72.205 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --45175300-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private pragma: no-cache expires: -1 Set-Cookie: casa_session=7RleTVKl4tbI3Baqy7JqL5sqk1m32eh9ZWL0KT4p; expires=Tue, 22-Jul-2025 23:51:35 GMT; Max-Age=7200; path=/; httponly; samesite=lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --45175300-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||admin.casa-eg.com|F|2"] [data ".backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||admin.casa-eg.com|F|2"] [data ".backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "admin.casa-eg.com"] [uri "/env.backup"] [unique_id "aIAH52g0fMQ6-543ouABiQAAAEk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/admin.casa-eg.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753221095036401 195844 (- - -) Stopwatch2: 1753221095036401 195844; combined=4630, p1=1017, p2=3486, p3=0, p4=0, p5=127, sr=310, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --45175300-Z-- --afb7bb32-A-- [23/Jul/2025:00:51:35.683698 +0300] aIAH52g0fMQ6-543ouABkAAAAEI 185.177.72.205 53628 127.0.0.1 7081 --afb7bb32-B-- GET /main/.env HTTP/1.0 Host: admin.casa-eg.com X-Real-IP: 185.177.72.205 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --afb7bb32-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private pragma: no-cache expires: -1 Set-Cookie: casa_session=ZZ8hmImRoRP9l7OAzGbvTjIdWq2TqRc6QjPZb7VG; expires=Tue, 22-Jul-2025 23:51:35 GMT; Max-Age=7200; path=/; httponly; samesite=lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --afb7bb32-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "admin.casa-eg.com"] [uri "/main/.env"] [unique_id "aIAH52g0fMQ6-543ouABkAAAAEI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/admin.casa-eg.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753221095556376 127419 (- - -) Stopwatch2: 1753221095556376 127419; combined=3124, p1=593, p2=2401, p3=0, p4=0, p5=129, sr=207, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --afb7bb32-Z-- --49437346-A-- [23/Jul/2025:00:51:35.866355 +0300] aIAH52g0fMQ6-543ouABlAAAAFI 185.177.72.205 53670 127.0.0.1 7081 --49437346-B-- GET /.env.old HTTP/1.0 Host: admin.casa-eg.com X-Real-IP: 185.177.72.205 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --49437346-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private pragma: no-cache expires: -1 Set-Cookie: casa_session=QYEJscb9zRmFNoA3dMoHPIJoZ7Oc0z1XNNCLJd0j; expires=Tue, 22-Jul-2025 23:51:35 GMT; Max-Age=7200; path=/; httponly; samesite=lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --49437346-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||admin.casa-eg.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "admin.casa-eg.com"] [uri "/.env.old"] [unique_id "aIAH52g0fMQ6-543ouABlAAAAFI"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||admin.casa-eg.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "admin.casa-eg.com"] [uri "/.env.old"] [unique_id "aIAH52g0fMQ6-543ouABlAAAAFI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/admin.casa-eg.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753221095742989 123473 (- - -) Stopwatch2: 1753221095742989 123473; combined=2859, p1=622, p2=2055, p3=0, p4=0, p5=181, sr=140, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --49437346-Z-- --98764b55-A-- [23/Jul/2025:00:53:33.632526 +0300] aIAIXWg0fMQ6-543ouAEiwAAAEQ 212.30.36.27 58462 127.0.0.1 7081 --98764b55-B-- HEAD /sftp-config.json HTTP/1.0 Host: vivacetrading.com X-Real-IP: 212.30.36.27 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --98764b55-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --98764b55-H-- Message: Warning. Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vivacetrading.com"] [uri "/sftp-config.json"] [unique_id "aIAIXWg0fMQ6-543ouAEiwAAAEQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753221213617571 15026 (- - -) Stopwatch2: 1753221213617571 15026; combined=2422, p1=526, p2=1806, p3=0, p4=0, p5=90, sr=132, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --98764b55-Z-- --0e72b70c-A-- [23/Jul/2025:00:55:35.532463 +0300] aIAI1yWUl7EYyMzlnO08CQAAAIU 206.189.89.120 53652 127.0.0.1 7080 --0e72b70c-B-- GET /.git/config HTTP/1.0 Host: 41.128.143.86 X-Real-IP: 206.189.89.120 Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --0e72b70c-F-- HTTP/1.1 404 Not Found Content-Length: 259 Connection: close Content-Type: text/html; charset=iso-8859-1 --0e72b70c-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.86"] [uri "/.git/config"] [unique_id "aIAI1yWUl7EYyMzlnO08CQAAAIU"] Stopwatch: 1753221335482510 50027 (- - -) Stopwatch2: 1753221335482510 50027; combined=93562, p1=628, p2=2067, p3=39, p4=38, p5=45434, sr=174, sw=0, l=0, gc=45356 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0e72b70c-Z-- --1fab656d-A-- [23/Jul/2025:00:56:32.603125 +0300] aIAJEGg0fMQ6-543ouAJagAAAE4 196.251.84.117 43282 127.0.0.1 7081 --1fab656d-B-- GET /.env HTTP/1.0 Host: verozone.md X-Real-IP: 196.251.84.117 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 Accept-Encoding: gzip, deflate Accept: */* --1fab656d-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 7293 Content-Type: text/html; charset=UTF-8 --1fab656d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "verozone.md"] [uri "/.env"] [unique_id "aIAJEGg0fMQ6-543ouAJagAAAE4"] Apache-Handler: proxy:unix:/var/www/vhosts/system/verozone.md/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753221392577697 25513 (- - -) Stopwatch2: 1753221392577697 25513; combined=2520, p1=527, p2=1897, p3=0, p4=0, p5=95, sr=150, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1fab656d-Z-- --ae51f116-A-- [23/Jul/2025:00:57:22.680921 +0300] aIAJQiWUl7EYyMzlnO095AAAAJY 196.251.84.117 58726 127.0.0.1 7081 --ae51f116-B-- GET /.env HTTP/1.0 Host: itilebanon.com X-Real-IP: 196.251.84.117 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 Accept-Encoding: gzip, deflate Accept: */* --ae51f116-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 24 Jul 2014 11:29:50 GMT ETag: "3bf-4feeec6556780" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --ae51f116-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "itilebanon.com"] [uri "/.env"] [unique_id "aIAJQiWUl7EYyMzlnO095AAAAJY"] Stopwatch: 1753221442676486 4528 (- - -) Stopwatch2: 1753221442676486 4528; combined=2578, p1=560, p2=1932, p3=0, p4=0, p5=86, sr=153, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ae51f116-Z-- --d5a13e58-A-- [23/Jul/2025:00:59:17.477474 +0300] aIAJtWg0fMQ6-543ouAOAgAAAEg 185.205.211.23 48688 127.0.0.1 7081 --d5a13e58-B-- GET /.env?raw HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 185.205.211.23 X-Accel-Internal: /internal-nginx-static-location Connection: close accept-encoding: gzip user-agent: Go-http-client/2.0 --d5a13e58-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --d5a13e58-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jinansystem.com"] [uri "/.env"] [unique_id "aIAJtWg0fMQ6-543ouAOAgAAAEg"] Stopwatch: 1753221557473467 4091 (- - -) Stopwatch2: 1753221557473467 4091; combined=2442, p1=525, p2=1839, p3=0, p4=0, p5=77, sr=160, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d5a13e58-Z-- --9c1b0360-A-- [23/Jul/2025:00:59:17.659377 +0300] aIAJtWg0fMQ6-543ouAOBQAAAEw 185.205.211.23 48720 127.0.0.1 7081 --9c1b0360-B-- GET /.env?raw HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 185.205.211.23 X-Accel-Internal: /internal-nginx-static-location Connection: close referer: http://www.jinansystem.com/.env?raw accept-encoding: gzip user-agent: Go-http-client/2.0 --9c1b0360-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --9c1b0360-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jinansystem.com"] [uri "/.env"] [unique_id "aIAJtWg0fMQ6-543ouAOBQAAAEw"] Stopwatch: 1753221557653955 5510 (- - -) Stopwatch2: 1753221557653955 5510; combined=3331, p1=722, p2=2530, p3=0, p4=0, p5=79, sr=230, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9c1b0360-Z-- --6b3c5e07-A-- [23/Jul/2025:01:01:15.598064 +0300] aIAKK2g0fMQ6-543ouASbAAAAEU 45.130.81.92 54708 127.0.0.1 7081 --6b3c5e07-B-- HEAD /restore/sql.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 45.130.81.92 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --6b3c5e07-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --6b3c5e07-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/restore/sql.sql"] [unique_id "aIAKK2g0fMQ6-543ouASbAAAAEU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753221675579089 19042 (- - -) Stopwatch2: 1753221675579089 19042; combined=2556, p1=449, p2=2007, p3=0, p4=0, p5=100, sr=153, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6b3c5e07-Z-- --aa90cc2e-A-- [23/Jul/2025:01:01:18.340570 +0300] aIAKLiWUl7EYyMzlnO1BMAAAAJc 45.130.81.114 55222 127.0.0.1 7081 --aa90cc2e-B-- HEAD /restore/wallet.dat HTTP/1.0 Host: vivacetrading.com X-Real-IP: 45.130.81.114 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --aa90cc2e-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --aa90cc2e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/restore/wallet.dat"] [unique_id "aIAKLiWUl7EYyMzlnO1BMAAAAJc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753221678312930 27729 (- - -) Stopwatch2: 1753221678312930 27729; combined=8445, p1=1017, p2=7301, p3=0, p4=0, p5=126, sr=540, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --aa90cc2e-Z-- --68227131-A-- [23/Jul/2025:01:13:26.836698 +0300] aIANBiWUl7EYyMzlnO1LWAAAAIY 93.123.109.64 60608 127.0.0.1 7081 --68227131-B-- GET /.git/config HTTP/1.0 Host: college.jinansystem.com X-Real-IP: 93.123.109.64 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 4.4.2; SAMSUNG-SM-G900A Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.94 Mobile Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --68227131-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --68227131-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "college.jinansystem.com"] [uri "/.git/config"] [unique_id "aIANBiWUl7EYyMzlnO1LWAAAAIY"] Stopwatch: 1753222406832228 4566 (- - -) Stopwatch2: 1753222406832228 4566; combined=2665, p1=593, p2=1998, p3=0, p4=0, p5=73, sr=165, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --68227131-Z-- --7deb4f20-A-- [23/Jul/2025:01:13:40.052805 +0300] aIANFGg0fMQ6-543ouAqMgAAAFY 178.128.48.245 53592 127.0.0.1 7081 --7deb4f20-B-- GET /.git/config HTTP/1.0 Host: 41.128.143.88 X-Real-IP: 178.128.48.245 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --7deb4f20-F-- HTTP/1.1 421 Misdirected Request Content-Length: 386 Connection: close Content-Type: text/html; charset=iso-8859-1 --7deb4f20-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.88"] [uri "/.git/config"] [unique_id "aIANFGg0fMQ6-543ouAqMgAAAFY"] Apache-Error: [file "ssl_engine_kernel.c"] [line 325] [level 3] AH02032: Hostname default-41_128_143_86 (default host as no SNI was provided) and hostname 41.128.143.88 provided via HTTP have no compatible SSL setup Stopwatch: 1753222420051727 1160 (- - -) Stopwatch2: 1753222420051727 1160; combined=673, p1=546, p2=0, p3=30, p4=30, p5=67, sr=131, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7deb4f20-Z-- --29838f19-A-- [23/Jul/2025:01:18:05.024081 +0300] aIAOHWg0fMQ6-543ouAyIQAAAFA 52.165.17.200 33042 127.0.0.1 7081 --29838f19-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: riyadhchocolate.com X-Real-IP: 52.165.17.200 X-Accel-Internal: /internal-nginx-static-location Connection: close accept-encoding: gzip, deflate, br upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-site: same-origin sec-fetch-user: ?1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 referer: http://riyadhchocolate.com/wp-login.php sec-fetch-mode: navigate accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 accept-language: en-US,en;q=0.5 cookie: wordpress_test_cookie=WP%20Cookie%20check --29838f19-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT ETag: "328-631485999ce56" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --29838f19-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "riyadhchocolate.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIAOHWg0fMQ6-543ouAyIQAAAFA"] Stopwatch: 1753222685017813 6392 (- - -) Stopwatch2: 1753222685017813 6392; combined=4231, p1=604, p2=3548, p3=0, p4=0, p5=79, sr=177, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --29838f19-Z-- --e7df127b-A-- [23/Jul/2025:01:22:04.303605 +0300] aIAPDGg0fMQ6-543ouA3NQAAAFU 45.13.191.13 43036 127.0.0.1 7081 --e7df127b-B-- HEAD /bak/www.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 45.13.191.13 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --e7df127b-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --e7df127b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/bak/www.sql"] [unique_id "aIAPDGg0fMQ6-543ouA3NQAAAFU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753222924287348 16329 (- - -) Stopwatch2: 1753222924287348 16329; combined=2721, p1=516, p2=2112, p3=0, p4=0, p5=93, sr=191, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e7df127b-Z-- --05fc2154-A-- [23/Jul/2025:01:22:04.919641 +0300] aIAPDGg0fMQ6-543ouA3PgAAAEM 45.13.191.116 43146 127.0.0.1 7081 --05fc2154-B-- HEAD /back/wallet.dat HTTP/1.0 Host: vivacetrading.com X-Real-IP: 45.13.191.116 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --05fc2154-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --05fc2154-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/back/wallet.dat"] [unique_id "aIAPDGg0fMQ6-543ouA3PgAAAEM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753222924900901 18793 (- - -) Stopwatch2: 1753222924900901 18793; combined=2389, p1=379, p2=1906, p3=0, p4=0, p5=104, sr=123, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --05fc2154-Z-- --38fad249-A-- [23/Jul/2025:01:29:53.672245 +0300] aIAQ4SWUl7EYyMzlnO1ZjgAAAIs 45.130.81.100 36086 127.0.0.1 7081 --38fad249-B-- HEAD /bak/backup.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 45.130.81.100 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --38fad249-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --38fad249-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/bak/backup.sql"] [unique_id "aIAQ4SWUl7EYyMzlnO1ZjgAAAIs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753223393655256 17079 (- - -) Stopwatch2: 1753223393655256 17079; combined=2756, p1=510, p2=2117, p3=0, p4=0, p5=128, sr=179, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --38fad249-Z-- --325afe1f-A-- [23/Jul/2025:01:36:15.574770 +0300] aIASX2g0fMQ6-543ouBRZwAAAEk 216.81.248.58 49440 127.0.0.1 7081 --325afe1f-B-- GET /.git/config HTTP/1.0 Host: first-builders.com X-Real-IP: 216.81.248.58 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko) Ubuntu/11.10 Chromium/15.0.874.120 Chrome/15.0.874.120 Safari/535.2 Accept-Charset: utf-8 Accept-Encoding: gzip --325afe1f-F-- HTTP/1.1 503 Service Unavailable X-Powered-By: PHP/8.3.23 Retry-After: 600 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=utf-8 --325afe1f-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "first-builders.com"] [uri "/.git/config"] [unique_id "aIASX2g0fMQ6-543ouBRZwAAAEk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/first-builders.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753223775548633 26247 (- - -) Stopwatch2: 1753223775548633 26247; combined=2926, p1=655, p2=2178, p3=0, p4=0, p5=93, sr=179, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --325afe1f-Z-- --da62ba3d-A-- [23/Jul/2025:01:41:55.598587 +0300] aIATs2g0fMQ6-543ouBb9wAAAEw 178.128.48.245 49246 127.0.0.1 7081 --da62ba3d-B-- GET /.git/config HTTP/1.0 Host: 41.128.143.88 X-Real-IP: 178.128.48.245 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --da62ba3d-F-- HTTP/1.1 421 Misdirected Request Content-Length: 386 Connection: close Content-Type: text/html; charset=iso-8859-1 --da62ba3d-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.88"] [uri "/.git/config"] [unique_id "aIATs2g0fMQ6-543ouBb9wAAAEw"] Apache-Error: [file "ssl_engine_kernel.c"] [line 325] [level 3] AH02032: Hostname default-41_128_143_86 (default host as no SNI was provided) and hostname 41.128.143.88 provided via HTTP have no compatible SSL setup Stopwatch: 1753224115597152 1531 (- - -) Stopwatch2: 1753224115597152 1531; combined=948, p1=789, p2=0, p3=35, p4=34, p5=90, sr=198, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --da62ba3d-Z-- --b71bcc41-A-- [23/Jul/2025:01:52:36.350849 +0300] aIAWNGg0fMQ6-543ouBx-QAAAEs 54.38.53.250 39494 127.0.0.1 7081 --b71bcc41-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: riyadhchocolate.com X-Real-IP: 54.38.53.250 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-user: ?1 accept-language: en-US,en;q=0.5 referer: http://riyadhchocolate.com/wp-login.php accept-encoding: gzip, deflate, br upgrade-insecure-requests: 1 sec-fetch-site: same-origin cookie: wordpress_test_cookie=WP%20Cookie%20check --b71bcc41-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT ETag: "328-631485999ce56" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --b71bcc41-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "riyadhchocolate.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIAWNGg0fMQ6-543ouBx-QAAAEs"] Stopwatch: 1753224756344597 6407 (- - -) Stopwatch2: 1753224756344597 6407; combined=3941, p1=622, p2=3207, p3=0, p4=0, p5=111, sr=235, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b71bcc41-Z-- --69b41177-A-- [23/Jul/2025:01:59:58.355054 +0300] aIAX7mg0fMQ6-543ouCAsgAAAEM 185.177.72.29 43722 127.0.0.1 7081 --69b41177-B-- GET /.env HTTP/1.0 Host: test.raversys.co.uk X-Real-IP: 185.177.72.29 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3 --69b41177-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 18 Jun 2025 20:28:19 GMT ETag: "328-637de783d2694" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --69b41177-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.raversys.co.uk"] [uri "/.env"] [unique_id "aIAX7mg0fMQ6-543ouCAsgAAAEM"] Stopwatch: 1753225198350286 4886 (- - -) Stopwatch2: 1753225198350286 4886; combined=2720, p1=589, p2=2041, p3=0, p4=0, p5=90, sr=183, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --69b41177-Z-- --45f65b47-A-- [23/Jul/2025:01:59:58.847172 +0300] aIAX7mg0fMQ6-543ouCAuQAAAFA 185.177.72.29 43800 127.0.0.1 7081 --45f65b47-B-- GET /config/.env HTTP/1.0 Host: test.raversys.co.uk X-Real-IP: 185.177.72.29 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3 --45f65b47-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 18 Jun 2025 20:28:19 GMT ETag: "328-637de783d2694" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --45f65b47-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.raversys.co.uk"] [uri "/config/.env"] [unique_id "aIAX7mg0fMQ6-543ouCAuQAAAFA"] Stopwatch: 1753225198842833 4430 (- - -) Stopwatch2: 1753225198842833 4430; combined=2482, p1=631, p2=1784, p3=0, p4=0, p5=66, sr=244, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --45f65b47-Z-- --d3c88f2e-A-- [23/Jul/2025:01:59:59.261168 +0300] aIAX7yWUl7EYyMzlnO11QQAAAII 185.177.72.29 43894 127.0.0.1 7081 --d3c88f2e-B-- GET /api/.env HTTP/1.0 Host: test.raversys.co.uk X-Real-IP: 185.177.72.29 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3 --d3c88f2e-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 18 Jun 2025 20:28:19 GMT ETag: "328-637de783d2694" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --d3c88f2e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.raversys.co.uk"] [uri "/api/.env"] [unique_id "aIAX7yWUl7EYyMzlnO11QQAAAII"] Stopwatch: 1753225199257067 4196 (- - -) Stopwatch2: 1753225199257067 4196; combined=2415, p1=530, p2=1786, p3=0, p4=0, p5=99, sr=133, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d3c88f2e-Z-- --6fc09c34-A-- [23/Jul/2025:02:00:11.489949 +0300] aIAX-mg0fMQ6-543ouCBMQAAAEM 185.177.72.29 34354 127.0.0.1 7081 --6fc09c34-B-- GET /.env HTTP/1.0 Host: raversys.co.uk X-Real-IP: 185.177.72.29 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3 --6fc09c34-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --6fc09c34-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "raversys.co.uk"] [uri "/.env"] [unique_id "aIAX-mg0fMQ6-543ouCBMQAAAEM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/raversys.co.uk/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753225210123037 1367018 (- - -) Stopwatch2: 1753225210123037 1367018; combined=11915, p1=9858, p2=1877, p3=0, p4=0, p5=179, sr=235, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6fc09c34-Z-- --27988071-A-- [23/Jul/2025:02:00:13.729741 +0300] aIAX_Gg0fMQ6-543ouCBRwAAAE4 185.177.72.29 34632 127.0.0.1 7081 --27988071-B-- GET /config/.env HTTP/1.0 Host: raversys.co.uk X-Real-IP: 185.177.72.29 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3 --27988071-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --27988071-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "raversys.co.uk"] [uri "/config/.env"] [unique_id "aIAX_Gg0fMQ6-543ouCBRwAAAE4"] Apache-Handler: proxy:unix:/var/www/vhosts/system/raversys.co.uk/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753225212388989 1340899 (- - -) Stopwatch2: 1753225212388989 1340899; combined=3382, p1=783, p2=2330, p3=0, p4=0, p5=269, sr=278, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --27988071-Z-- --fa52f260-A-- [23/Jul/2025:02:00:15.712333 +0300] aIAX_mg0fMQ6-543ouCBWgAAAEA 185.177.72.29 47300 127.0.0.1 7081 --fa52f260-B-- GET /api/.env HTTP/1.0 Host: raversys.co.uk X-Real-IP: 185.177.72.29 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3 --fa52f260-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Access-Control-Allow-Origin: * Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --fa52f260-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "raversys.co.uk"] [uri "/api/.env"] [unique_id "aIAX_mg0fMQ6-543ouCBWgAAAEA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/raversys.co.uk/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753225214230659 1481797 (- - -) Stopwatch2: 1753225214230659 1481797; combined=6266, p1=668, p2=5486, p3=0, p4=0, p5=112, sr=168, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fa52f260-Z-- --163a5e22-A-- [23/Jul/2025:02:04:29.503291 +0300] aIAY_Wg0fMQ6-543ouCJWwAAAFI 206.189.89.120 50010 127.0.0.1 7080 --163a5e22-B-- GET /.git/config HTTP/1.0 Host: 41.128.143.86 X-Real-IP: 206.189.89.120 Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --163a5e22-F-- HTTP/1.1 404 Not Found Content-Length: 259 Connection: close Content-Type: text/html; charset=iso-8859-1 --163a5e22-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.86"] [uri "/.git/config"] [unique_id "aIAY_Wg0fMQ6-543ouCJWwAAAFI"] Stopwatch: 1753225469499184 4207 (- - -) Stopwatch2: 1753225469499184 4207; combined=2448, p1=569, p2=1636, p3=37, p4=114, p5=91, sr=158, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --163a5e22-Z-- --ae08a239-A-- [23/Jul/2025:02:24:59.573332 +0300] aIAdy2g0fMQ6-543ouCwTgAAAEg 216.81.248.58 36174 127.0.0.1 7081 --ae08a239-B-- GET /.git/config HTTP/1.0 Host: haddadjewellery.com X-Real-IP: 216.81.248.58 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.101 Safari/537.36 OPR/40.0.2308.62 Accept-Charset: utf-8 Accept-Encoding: gzip --ae08a239-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 21 Jan 2025 14:39:31 GMT ETag: "328-62c38584f0049" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --ae08a239-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "haddadjewellery.com"] [uri "/.git/config"] [unique_id "aIAdy2g0fMQ6-543ouCwTgAAAEg"] Stopwatch: 1753226699567561 5886 (- - -) Stopwatch2: 1753226699567561 5886; combined=3396, p1=620, p2=2674, p3=0, p4=0, p5=102, sr=162, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ae08a239-Z-- --d0d3292f-A-- [23/Jul/2025:02:38:23.497333 +0300] aIAg72g0fMQ6-543ouDJnAAAAFU 164.90.208.56 36536 127.0.0.1 7081 --d0d3292f-B-- GET /.env HTTP/1.0 Host: kime.raqmix.net X-Real-IP: 164.90.208.56 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --d0d3292f-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 19:09:32 GMT ETag: "328-62a6d6f9f709e" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --d0d3292f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kime.raqmix.net"] [uri "/.env"] [unique_id "aIAg72g0fMQ6-543ouDJnAAAAFU"] Stopwatch: 1753227503491267 6151 (- - -) Stopwatch2: 1753227503491267 6151; combined=3723, p1=525, p2=3129, p3=0, p4=0, p5=69, sr=133, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d0d3292f-Z-- --4a4b7b47-A-- [23/Jul/2025:02:38:23.704392 +0300] aIAg7yWUl7EYyMzlnO2XPwAAAJY 164.90.208.56 36574 127.0.0.1 7081 --4a4b7b47-B-- GET /.git/config HTTP/1.0 Host: kime.raqmix.net X-Real-IP: 164.90.208.56 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --4a4b7b47-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 19:09:32 GMT ETag: "328-62a6d6f9f709e" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --4a4b7b47-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kime.raqmix.net"] [uri "/.git/config"] [unique_id "aIAg7yWUl7EYyMzlnO2XPwAAAJY"] Stopwatch: 1753227503700455 4014 (- - -) Stopwatch2: 1753227503700455 4014; combined=2268, p1=536, p2=1663, p3=0, p4=0, p5=69, sr=163, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4a4b7b47-Z-- --45812e72-A-- [23/Jul/2025:02:39:38.038920 +0300] aIAhOmg0fMQ6-543ouDLVwAAAFc 193.70.2.92 52120 127.0.0.1 7081 --45812e72-B-- GET /.env HTTP/1.0 Host: pos.itilebanon.com X-Real-IP: 193.70.2.92 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:83.0) Gecko/20100101 Firefox/83.0 Accept-Encoding: gzip, deflate Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Upgrade-Insecure-Requests: 1 --45812e72-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 24 Jul 2014 11:29:50 GMT ETag: "3bf-4feeec6556780" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --45812e72-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pos.itilebanon.com"] [uri "/.env"] [unique_id "aIAhOmg0fMQ6-543ouDLVwAAAFc"] Stopwatch: 1753227578013227 25822 (- - -) Stopwatch2: 1753227578013227 25822; combined=23734, p1=21564, p2=2057, p3=0, p4=0, p5=113, sr=215, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --45812e72-Z-- --5914e308-A-- [23/Jul/2025:02:43:32.091337 +0300] aIAiJCWUl7EYyMzlnO2bQAAAAIk 178.128.19.189 40828 127.0.0.1 7081 --5914e308-B-- GET /.env HTTP/1.0 Host: snapcart.io X-Real-IP: 178.128.19.189 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 Accept-Encoding: gzip, deflate Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Cache-Control: max-age=0 Upgrade-Insecure-Requests: 1 Accept-Language: en-US,en;q=0.9,fr;q=0.8 --5914e308-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 16 Mar 2025 19:58:17 GMT ETag: "328-6307b17c198d5" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --5914e308-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "snapcart.io"] [uri "/.env"] [unique_id "aIAiJCWUl7EYyMzlnO2bQAAAAIk"] Stopwatch: 1753227812086898 4538 (- - -) Stopwatch2: 1753227812086898 4538; combined=2657, p1=597, p2=1977, p3=0, p4=0, p5=82, sr=147, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5914e308-Z-- --0bd7a656-A-- [23/Jul/2025:02:44:31.984513 +0300] aIAiX2g0fMQ6-543ouDUmgAAAFQ 85.203.45.226 40006 127.0.0.1 7081 --0bd7a656-B-- HEAD /backups/sql.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 85.203.45.226 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --0bd7a656-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --0bd7a656-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/backups/sql.sql"] [unique_id "aIAiX2g0fMQ6-543ouDUmgAAAFQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753227871961612 22990 (- - -) Stopwatch2: 1753227871961612 22990; combined=2980, p1=665, p2=2173, p3=0, p4=0, p5=142, sr=212, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0bd7a656-Z-- --d7b5dd6e-A-- [23/Jul/2025:02:44:33.523070 +0300] aIAiYWg0fMQ6-543ouDUpwAAAFE 85.203.45.132 47018 127.0.0.1 7081 --d7b5dd6e-B-- HEAD /back/www.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 85.203.45.132 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --d7b5dd6e-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --d7b5dd6e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/back/www.sql"] [unique_id "aIAiYWg0fMQ6-543ouDUpwAAAFE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753227873506753 16388 (- - -) Stopwatch2: 1753227873506753 16388; combined=2962, p1=505, p2=2378, p3=0, p4=0, p5=79, sr=163, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d7b5dd6e-Z-- --699ade30-A-- [23/Jul/2025:02:44:35.877772 +0300] aIAiY2g0fMQ6-543ouDUyAAAAFA 85.203.45.153 47360 127.0.0.1 7081 --699ade30-B-- HEAD /old/wallet.dat HTTP/1.0 Host: vivacetrading.com X-Real-IP: 85.203.45.153 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --699ade30-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --699ade30-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/old/wallet.dat"] [unique_id "aIAiY2g0fMQ6-543ouDUyAAAAFA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753227875860219 17617 (- - -) Stopwatch2: 1753227875860219 17617; combined=2422, p1=514, p2=1806, p3=0, p4=0, p5=102, sr=172, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --699ade30-Z-- --e0648949-A-- [23/Jul/2025:02:54:08.671081 +0300] aIAkoCWUl7EYyMzlnO2k2AAAAII 216.81.248.58 45296 127.0.0.1 7081 --e0648949-B-- GET /.git/config HTTP/1.0 Host: glamileaclinics.com X-Real-IP: 216.81.248.58 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --e0648949-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --e0648949-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glamileaclinics.com"] [uri "/.git/config"] [unique_id "aIAkoCWUl7EYyMzlnO2k2AAAAII"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamileaclinics.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753228448375677 295503 (- - -) Stopwatch2: 1753228448375677 295503; combined=13846, p1=10230, p2=3476, p3=0, p4=0, p5=139, sr=129, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e0648949-Z-- --1ee6c059-A-- [23/Jul/2025:02:54:10.174043 +0300] aIAkn2g0fMQ6-543ouDnCQAAAFc 216.81.248.58 45208 127.0.0.1 7081 --1ee6c059-B-- GET /.git/config HTTP/1.0 Host: glamilea.com X-Real-IP: 216.81.248.58 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 OPR/62.0.3331.119 Accept-Charset: utf-8 Accept-Encoding: gzip --1ee6c059-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.1.33 X-LiteSpeed-Tag: cb5_HTTP.404 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" Set-Cookie: yay_currency_widget=29035; expires=Thu, 21-Aug-2025 23:54:09 GMT; Max-Age=2592000; path=/ Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --1ee6c059-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glamilea.com"] [uri "/.git/config"] [unique_id "aIAkn2g0fMQ6-543ouDnCQAAAFc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753228447736122 2438066 (- - -) Stopwatch2: 1753228447736122 2438066; combined=3353, p1=646, p2=2531, p3=0, p4=0, p5=175, sr=265, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1ee6c059-Z-- --74c1874a-A-- [23/Jul/2025:03:00:24.881882 +0300] aIAmGGg0fMQ6-543ouD0RAAAAFQ 198.44.136.79 52638 127.0.0.1 7081 --74c1874a-B-- GET /php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3D0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3D1+%ADd+auto_prepend_file%3Dphp://input HTTP/1.0 Host: www.itilebanon.com X-Real-IP: 198.44.136.79 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: python-requests/2.32.3 Accept-Encoding: gzip, deflate Accept: */* --74c1874a-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 24 Jul 2014 11:29:50 GMT ETag: "3bf-4feeec6556780" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --74c1874a-H-- Message: Warning. Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\xadd cgi.force_redirect=0 \xadd cgi.redirect_status_env \xadd allow_url_include=1 \xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||www.itilebanon.com|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\x5cxadd cgi.force_redirect=0 \x5cxadd cgi.redirect_status_env \x5cxadd allow_url_include=1 \x5cxadd auto_prepend_file=php://input: \xadd cgi.force_redirect=0 \xadd cgi.redirect_status_env \xadd allow_url_include=1 \xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\\\\xadd cgi.force_redirect=0 \\\\xadd cgi.redirect_status_env \\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||www.itilebanon.com|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\\\x5cxadd cgi.force_redirect=0 \\\\x5cxadd cgi.redirect_status_env \\\\x5cxadd allow_url_include=1 \\\\x5cxadd auto_prepend_file=php://input: \\\\xadd cgi.force_redirect=0 \\\\xadd cgi.redirect_status_env \\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "www.itilebanon.com"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aIAmGGg0fMQ6-543ouD0RAAAAFQ"] Stopwatch: 1753228824876138 5862 (- - -) Stopwatch2: 1753228824876138 5862; combined=3773, p1=570, p2=3064, p3=0, p4=0, p5=138, sr=181, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --74c1874a-Z-- --c921a354-A-- [23/Jul/2025:03:06:23.241496 +0300] aIAnf13rNiqQlzhNw8aXhwAAAM4 8.211.162.45 56328 127.0.0.1 7081 --c921a354-B-- POST /dns-query HTTP/1.0 Host: 41.128.143.88 X-Real-IP: 8.211.162.45 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 29 User-Agent: Go-http-client/1.1 Content-Type: application/dns-message --c921a354-F-- HTTP/1.1 421 Misdirected Request Content-Length: 386 Connection: close Content-Type: text/html; charset=iso-8859-1 --c921a354-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||41.128.143.88|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||41.128.143.88|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "41.128.143.88"] [uri "/dns-query"] [unique_id "aIAnf13rNiqQlzhNw8aXhwAAAM4"] Apache-Error: [file "ssl_engine_kernel.c"] [line 325] [level 3] AH02032: Hostname default-41_128_143_86 (default host as no SNI was provided) and hostname 41.128.143.88 provided via HTTP have no compatible SSL setup Stopwatch: 1753229183240081 1511 (- - -) Stopwatch2: 1753229183240081 1511; combined=943, p1=732, p2=0, p3=30, p4=56, p5=124, sr=160, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c921a354-Z-- --17ad6e56-A-- [23/Jul/2025:03:06:24.148514 +0300] aIAngF3rNiqQlzhNw8aXlQAAANc 8.211.162.45 56516 127.0.0.1 7081 --17ad6e56-B-- POST /dns-query HTTP/1.0 Host: 41.128.143.88 X-Real-IP: 8.211.162.45 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 29 User-Agent: Go-http-client/1.1 Content-Type: application/dns-message --17ad6e56-F-- HTTP/1.1 421 Misdirected Request Content-Length: 386 Connection: close Content-Type: text/html; charset=iso-8859-1 --17ad6e56-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||41.128.143.88|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||41.128.143.88|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "41.128.143.88"] [uri "/dns-query"] [unique_id "aIAngF3rNiqQlzhNw8aXlQAAANc"] Apache-Error: [file "ssl_engine_kernel.c"] [line 325] [level 3] AH02032: Hostname default-41_128_143_86 (default host as no SNI was provided) and hostname 41.128.143.88 provided via HTTP have no compatible SSL setup Stopwatch: 1753229184147062 1516 (- - -) Stopwatch2: 1753229184147062 1516; combined=978, p1=799, p2=0, p3=30, p4=47, p5=101, sr=149, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --17ad6e56-Z-- --6b115910-A-- [23/Jul/2025:03:06:25.056249 +0300] aIAngeay57Xp5nvmyGNVKAAAAAs 8.211.162.45 56668 127.0.0.1 7081 --6b115910-B-- POST /query HTTP/1.0 Host: 41.128.143.88 X-Real-IP: 8.211.162.45 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 29 User-Agent: Go-http-client/1.1 Content-Type: application/dns-message --6b115910-F-- HTTP/1.1 421 Misdirected Request Content-Length: 386 Connection: close Content-Type: text/html; charset=iso-8859-1 --6b115910-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||41.128.143.88|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||41.128.143.88|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "41.128.143.88"] [uri "/query"] [unique_id "aIAngeay57Xp5nvmyGNVKAAAAAs"] Apache-Error: [file "ssl_engine_kernel.c"] [line 325] [level 3] AH02032: Hostname default-41_128_143_86 (default host as no SNI was provided) and hostname 41.128.143.88 provided via HTTP have no compatible SSL setup Stopwatch: 1753229185054812 1515 (- - -) Stopwatch2: 1753229185054812 1515; combined=911, p1=678, p2=0, p3=30, p4=50, p5=153, sr=179, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6b115910-Z-- --ac3df004-A-- [23/Jul/2025:03:06:25.963362 +0300] aIAngeay57Xp5nvmyGNVLAAAAAk 8.211.162.45 56800 127.0.0.1 7081 --ac3df004-B-- POST /query HTTP/1.0 Host: 41.128.143.88 X-Real-IP: 8.211.162.45 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 29 User-Agent: Go-http-client/1.1 Content-Type: application/dns-message --ac3df004-F-- HTTP/1.1 421 Misdirected Request Content-Length: 386 Connection: close Content-Type: text/html; charset=iso-8859-1 --ac3df004-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||41.128.143.88|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||41.128.143.88|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "41.128.143.88"] [uri "/query"] [unique_id "aIAngeay57Xp5nvmyGNVLAAAAAk"] Apache-Error: [file "ssl_engine_kernel.c"] [line 325] [level 3] AH02032: Hostname default-41_128_143_86 (default host as no SNI was provided) and hostname 41.128.143.88 provided via HTTP have no compatible SSL setup Stopwatch: 1753229185961771 1670 (- - -) Stopwatch2: 1753229185961771 1670; combined=1114, p1=687, p2=0, p3=29, p4=152, p5=246, sr=166, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ac3df004-Z-- --b44eaa2f-A-- [23/Jul/2025:03:06:27.407563 +0300] aIAng-ay57Xp5nvmyGNVOAAAAAw 8.211.162.45 56982 127.0.0.1 7081 --b44eaa2f-B-- POST /resolve HTTP/1.0 Host: 41.128.143.88 X-Real-IP: 8.211.162.45 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 29 User-Agent: Go-http-client/1.1 Content-Type: application/dns-message --b44eaa2f-F-- HTTP/1.1 421 Misdirected Request Content-Length: 386 Connection: close Content-Type: text/html; charset=iso-8859-1 --b44eaa2f-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||41.128.143.88|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||41.128.143.88|F|2"] [data "TX:0=application/dns-message"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "41.128.143.88"] [uri "/resolve"] [unique_id "aIAng-ay57Xp5nvmyGNVOAAAAAw"] Apache-Error: [file "ssl_engine_kernel.c"] [line 325] [level 3] AH02032: Hostname default-41_128_143_86 (default host as no SNI was provided) and hostname 41.128.143.88 provided via HTTP have no compatible SSL setup Stopwatch: 1753229187406177 1477 (- - -) Stopwatch2: 1753229187406177 1477; combined=923, p1=724, p2=0, p3=27, p4=47, p5=125, sr=172, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b44eaa2f-Z-- --8f9af477-A-- [23/Jul/2025:03:10:49.883891 +0300] aIAoieay57Xp5nvmyGNYyAAAABc 185.177.72.12 47208 127.0.0.1 7081 --8f9af477-B-- GET /info.php.bak HTTP/1.0 Host: webmail.limexfinance.org X-Real-IP: 185.177.72.12 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8f9af477-F-- HTTP/1.1 404 Not Found Content-Length: 271 Connection: close Content-Type: text/html; charset=iso-8859-1 --8f9af477-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||webmail.limexfinance.org|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||webmail.limexfinance.org|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "webmail.limexfinance.org"] [uri "/info.php.bak"] [unique_id "aIAoieay57Xp5nvmyGNYyAAAABc"] Stopwatch: 1753229449879166 4814 (- - -) Stopwatch2: 1753229449879166 4814; combined=2907, p1=626, p2=2117, p3=23, p4=34, p5=107, sr=174, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8f9af477-Z-- --f2570d12-A-- [23/Jul/2025:03:11:08.126798 +0300] aIAonF3rNiqQlzhNw8af8gAAANU 185.177.72.12 58380 127.0.0.1 7081 --f2570d12-B-- GET /phpinfo.php.bak HTTP/1.0 Host: webmail.limexfinance.org X-Real-IP: 185.177.72.12 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f2570d12-F-- HTTP/1.1 404 Not Found Content-Length: 271 Connection: close Content-Type: text/html; charset=iso-8859-1 --f2570d12-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||webmail.limexfinance.org|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||webmail.limexfinance.org|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "webmail.limexfinance.org"] [uri "/phpinfo.php.bak"] [unique_id "aIAonF3rNiqQlzhNw8af8gAAANU"] Stopwatch: 1753229468121927 5014 (- - -) Stopwatch2: 1753229468121927 5014; combined=2948, p1=583, p2=2229, p3=25, p4=35, p5=76, sr=168, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f2570d12-Z-- --0e79d831-A-- [23/Jul/2025:03:11:08.446446 +0300] aIAonF3rNiqQlzhNw8af-QAAANY 185.177.72.12 58458 127.0.0.1 7081 --0e79d831-B-- GET /.env.bak HTTP/1.0 Host: webmail.limexfinance.org X-Real-IP: 185.177.72.12 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0e79d831-F-- HTTP/1.1 404 Not Found Content-Length: 271 Connection: close Content-Type: text/html; charset=iso-8859-1 --0e79d831-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||webmail.limexfinance.org|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.limexfinance.org"] [uri "/.env.bak"] [unique_id "aIAonF3rNiqQlzhNw8af-QAAANY"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||webmail.limexfinance.org|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "webmail.limexfinance.org"] [uri "/.env.bak"] [unique_id "aIAonF3rNiqQlzhNw8af-QAAANY"] Stopwatch: 1753229468442574 3921 (- - -) Stopwatch2: 1753229468442574 3921; combined=2616, p1=555, p2=1889, p3=22, p4=29, p5=120, sr=156, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0e79d831-Z-- --93591109-A-- [23/Jul/2025:03:11:08.574776 +0300] aIAonF3rNiqQlzhNw8af-wAAAMI 185.177.72.12 58484 127.0.0.1 7081 --93591109-B-- GET /.env HTTP/1.0 Host: webmail.limexfinance.org X-Real-IP: 185.177.72.12 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --93591109-F-- HTTP/1.1 404 Not Found Content-Length: 271 Connection: close Content-Type: text/html; charset=iso-8859-1 --93591109-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.limexfinance.org"] [uri "/.env"] [unique_id "aIAonF3rNiqQlzhNw8af-wAAAMI"] Stopwatch: 1753229468569715 5233 (- - -) Stopwatch2: 1753229468569715 5233; combined=3085, p1=601, p2=2338, p3=25, p4=36, p5=84, sr=172, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --93591109-Z-- --9957f712-A-- [23/Jul/2025:03:11:17.384851 +0300] aIAopV3rNiqQlzhNw8agWwAAANI 185.177.72.12 51456 127.0.0.1 7081 --9957f712-B-- GET /.env.backup HTTP/1.0 Host: webmail.limexfinance.org X-Real-IP: 185.177.72.12 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9957f712-F-- HTTP/1.1 404 Not Found Content-Length: 271 Connection: close Content-Type: text/html; charset=iso-8859-1 --9957f712-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||webmail.limexfinance.org|F|2"] [data ".env.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.limexfinance.org"] [uri "/.env.backup"] [unique_id "aIAopV3rNiqQlzhNw8agWwAAANI"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||webmail.limexfinance.org|F|2"] [data ".env.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "webmail.limexfinance.org"] [uri "/.env.backup"] [unique_id "aIAopV3rNiqQlzhNw8agWwAAANI"] Stopwatch: 1753229477378511 6418 (- - -) Stopwatch2: 1753229477378511 6418; combined=4127, p1=756, p2=3118, p3=32, p4=46, p5=175, sr=165, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9957f712-Z-- --23201420-A-- [23/Jul/2025:03:11:17.448810 +0300] aIAopV3rNiqQlzhNw8agXAAAAMI 185.177.72.12 51480 127.0.0.1 7081 --23201420-B-- GET /.env_sample HTTP/1.0 Host: webmail.limexfinance.org X-Real-IP: 185.177.72.12 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --23201420-F-- HTTP/1.1 404 Not Found Content-Length: 271 Connection: close Content-Type: text/html; charset=iso-8859-1 --23201420-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.limexfinance.org"] [uri "/.env_sample"] [unique_id "aIAopV3rNiqQlzhNw8agXAAAAMI"] Stopwatch: 1753229477445347 3533 (- - -) Stopwatch2: 1753229477445347 3533; combined=2347, p1=561, p2=1673, p3=21, p4=29, p5=62, sr=122, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --23201420-Z-- --6dd4b020-A-- [23/Jul/2025:03:11:17.512506 +0300] aIAopV3rNiqQlzhNw8agXQAAAMQ 185.177.72.12 51484 127.0.0.1 7081 --6dd4b020-B-- GET /.env.old HTTP/1.0 Host: webmail.limexfinance.org X-Real-IP: 185.177.72.12 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6dd4b020-F-- HTTP/1.1 404 Not Found Content-Length: 271 Connection: close Content-Type: text/html; charset=iso-8859-1 --6dd4b020-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||webmail.limexfinance.org|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.limexfinance.org"] [uri "/.env.old"] [unique_id "aIAopV3rNiqQlzhNw8agXQAAAMQ"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||webmail.limexfinance.org|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "webmail.limexfinance.org"] [uri "/.env.old"] [unique_id "aIAopV3rNiqQlzhNw8agXQAAAMQ"] Stopwatch: 1753229477508457 4814 (- - -) Stopwatch2: 1753229477508457 4814; combined=2576, p1=541, p2=1821, p3=23, p4=31, p5=159, sr=132, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6dd4b020-Z-- --7ad20004-A-- [23/Jul/2025:03:11:17.578355 +0300] aIAopWg0fMQ6-543ouD5TgAAAEI 185.177.72.12 51510 127.0.0.1 7081 --7ad20004-B-- GET /.env.www HTTP/1.0 Host: webmail.limexfinance.org X-Real-IP: 185.177.72.12 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7ad20004-F-- HTTP/1.1 404 Not Found Content-Length: 271 Connection: close Content-Type: text/html; charset=iso-8859-1 --7ad20004-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.limexfinance.org"] [uri "/.env.www"] [unique_id "aIAopWg0fMQ6-543ouD5TgAAAEI"] Stopwatch: 1753229477573480 4941 (- - -) Stopwatch2: 1753229477573480 4941; combined=2939, p1=825, p2=1967, p3=23, p4=31, p5=93, sr=211, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7ad20004-Z-- --c9700403-A-- [23/Jul/2025:03:11:17.647735 +0300] aIAopWg0fMQ6-543ouD5UAAAAEo 185.177.72.12 51536 127.0.0.1 7081 --c9700403-B-- GET /.docker/.env HTTP/1.0 Host: webmail.limexfinance.org X-Real-IP: 185.177.72.12 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c9700403-F-- HTTP/1.1 404 Not Found Content-Length: 271 Connection: close Content-Type: text/html; charset=iso-8859-1 --c9700403-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.limexfinance.org"] [uri "/.docker/.env"] [unique_id "aIAopWg0fMQ6-543ouD5UAAAAEo"] Stopwatch: 1753229477642206 5617 (- - -) Stopwatch2: 1753229477642206 5617; combined=3755, p1=732, p2=2819, p3=38, p4=54, p5=112, sr=167, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c9700403-Z-- --bb3cc93c-A-- [23/Jul/2025:03:11:17.761732 +0300] aIAopV3rNiqQlzhNw8agXgAAAMo 185.177.72.12 51578 127.0.0.1 7081 --bb3cc93c-B-- GET /.env.dev HTTP/1.0 Host: webmail.limexfinance.org X-Real-IP: 185.177.72.12 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --bb3cc93c-F-- HTTP/1.1 404 Not Found Content-Length: 271 Connection: close Content-Type: text/html; charset=iso-8859-1 --bb3cc93c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.limexfinance.org"] [uri "/.env.dev"] [unique_id "aIAopV3rNiqQlzhNw8agXgAAAMo"] Stopwatch: 1753229477757696 4087 (- - -) Stopwatch2: 1753229477757696 4087; combined=2471, p1=600, p2=1750, p3=24, p4=30, p5=66, sr=168, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bb3cc93c-Z-- --183f3d25-A-- [23/Jul/2025:03:11:17.866584 +0300] aIAopV3rNiqQlzhNw8agYQAAAMk 185.177.72.12 51614 127.0.0.1 7081 --183f3d25-B-- GET /.env.example HTTP/1.0 Host: webmail.limexfinance.org X-Real-IP: 185.177.72.12 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --183f3d25-F-- HTTP/1.1 404 Not Found Content-Length: 271 Connection: close Content-Type: text/html; charset=iso-8859-1 --183f3d25-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.limexfinance.org"] [uri "/.env.example"] [unique_id "aIAopV3rNiqQlzhNw8agYQAAAMk"] Stopwatch: 1753229477862380 4264 (- - -) Stopwatch2: 1753229477862380 4264; combined=2636, p1=573, p2=1936, p3=24, p4=34, p5=69, sr=162, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --183f3d25-Z-- --cdc49c04-A-- [23/Jul/2025:03:11:18.022614 +0300] aIAopl3rNiqQlzhNw8agZAAAAMU 185.177.72.12 51662 127.0.0.1 7081 --cdc49c04-B-- GET /.env_1 HTTP/1.0 Host: webmail.limexfinance.org X-Real-IP: 185.177.72.12 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --cdc49c04-F-- HTTP/1.1 404 Not Found Content-Length: 271 Connection: close Content-Type: text/html; charset=iso-8859-1 --cdc49c04-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.limexfinance.org"] [uri "/.env_1"] [unique_id "aIAopl3rNiqQlzhNw8agZAAAAMU"] Stopwatch: 1753229478018427 4237 (- - -) Stopwatch2: 1753229478018427 4237; combined=2604, p1=583, p2=1781, p3=24, p4=150, p5=65, sr=191, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cdc49c04-Z-- --cf6eff09-A-- [23/Jul/2025:03:11:18.197716 +0300] aIAopl3rNiqQlzhNw8agZQAAANM 185.177.72.12 51688 127.0.0.1 7081 --cf6eff09-B-- GET /.env.stage HTTP/1.0 Host: webmail.limexfinance.org X-Real-IP: 185.177.72.12 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --cf6eff09-F-- HTTP/1.1 404 Not Found Content-Length: 271 Connection: close Content-Type: text/html; charset=iso-8859-1 --cf6eff09-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.limexfinance.org"] [uri "/.env.stage"] [unique_id "aIAopl3rNiqQlzhNw8agZQAAANM"] Stopwatch: 1753229478139613 58160 (- - -) Stopwatch2: 1753229478139613 58160; combined=108100, p1=737, p2=2861, p3=37, p4=54, p5=52256, sr=178, sw=0, l=0, gc=52155 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cf6eff09-Z-- --5cde3e4c-A-- [23/Jul/2025:03:13:32.709566 +0300] aIApLOay57Xp5nvmyGNawwAAABI 212.30.37.208 40920 127.0.0.1 7081 --5cde3e4c-B-- HEAD /back/mysql.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 212.30.37.208 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --5cde3e4c-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --5cde3e4c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/back/mysql.sql"] [unique_id "aIApLOay57Xp5nvmyGNawwAAABI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753229612694779 14873 (- - -) Stopwatch2: 1753229612694779 14873; combined=2370, p1=507, p2=1747, p3=0, p4=0, p5=115, sr=178, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5cde3e4c-Z-- --3fa5a163-A-- [23/Jul/2025:03:33:31.290683 +0300] aIAt213rNiqQlzhNw8bEHwAAANI 64.64.108.66 52684 127.0.0.1 7081 --3fa5a163-B-- HEAD /wallet.dat HTTP/1.0 Host: vivacetrading.com X-Real-IP: 64.64.108.66 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --3fa5a163-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --3fa5a163-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/wallet.dat"] [unique_id "aIAt213rNiqQlzhNw8bEHwAAANI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753230811262532 28217 (- - -) Stopwatch2: 1753230811262532 28217; combined=4596, p1=606, p2=3884, p3=0, p4=0, p5=105, sr=186, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3fa5a163-Z-- --5fe2bc5d-A-- [23/Jul/2025:03:40:02.832820 +0300] aIAvYuay57Xp5nvmyGNvfwAAAAM 109.202.99.46 58834 127.0.0.1 7081 --5fe2bc5d-B-- GET /server.key HTTP/1.0 Host: host.raqmix.cloud X-Real-IP: 109.202.99.46 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --5fe2bc5d-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --5fe2bc5d-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||host.raqmix.cloud|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||host.raqmix.cloud|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "host.raqmix.cloud"] [uri "/server.key"] [unique_id "aIAvYuay57Xp5nvmyGNvfwAAAAM"] Stopwatch: 1753231202822484 10450 (- - -) Stopwatch2: 1753231202822484 10450; combined=9113, p1=393, p2=8650, p3=0, p4=0, p5=70, sr=144, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5fe2bc5d-Z-- --2c063a3e-A-- [23/Jul/2025:03:40:02.836986 +0300] aIAvYl3rNiqQlzhNw8bP6gAAAMo 109.202.99.46 58886 127.0.0.1 7081 --2c063a3e-B-- GET /dump.sql HTTP/1.0 Host: host.raqmix.cloud X-Real-IP: 109.202.99.46 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --2c063a3e-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --2c063a3e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||host.raqmix.cloud|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||host.raqmix.cloud|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "host.raqmix.cloud"] [uri "/dump.sql"] [unique_id "aIAvYl3rNiqQlzhNw8bP6gAAAMo"] Stopwatch: 1753231202833506 3562 (- - -) Stopwatch2: 1753231202833506 3562; combined=2144, p1=366, p2=1710, p3=0, p4=0, p5=68, sr=142, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2c063a3e-Z-- --a86c277a-A-- [23/Jul/2025:03:40:02.852405 +0300] aIAvYl3rNiqQlzhNw8bP7gAAANU 109.202.99.46 58900 127.0.0.1 7081 --a86c277a-B-- GET /database_backup.sql HTTP/1.0 Host: host.raqmix.cloud X-Real-IP: 109.202.99.46 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --a86c277a-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --a86c277a-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||host.raqmix.cloud|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||host.raqmix.cloud|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "host.raqmix.cloud"] [uri "/database_backup.sql"] [unique_id "aIAvYl3rNiqQlzhNw8bP7gAAANU"] Stopwatch: 1753231202848334 4161 (- - -) Stopwatch2: 1753231202848334 4161; combined=2476, p1=421, p2=1950, p3=0, p4=0, p5=105, sr=126, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a86c277a-Z-- --1c30c656-A-- [23/Jul/2025:03:40:02.852839 +0300] aIAvYl3rNiqQlzhNw8bP7AAAAMM 109.202.99.46 58872 127.0.0.1 7081 --1c30c656-B-- GET /wp-config.php HTTP/1.0 Host: host.raqmix.cloud X-Real-IP: 109.202.99.46 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --1c30c656-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --1c30c656-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "host.raqmix.cloud"] [uri "/wp-config.php"] [unique_id "aIAvYl3rNiqQlzhNw8bP7AAAAMM"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'Primary script unknown' Apache-Handler: proxy:unix:/var/www/vhosts/system/host.raqmix.cloud/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753231202837530 15395 (- - -) Stopwatch2: 1753231202837530 15395; combined=5641, p1=594, p2=4849, p3=43, p4=55, p5=99, sr=150, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1c30c656-Z-- --19fbd81c-A-- [23/Jul/2025:03:40:02.944083 +0300] aIAvYl3rNiqQlzhNw8bP7wAAANA 109.202.99.46 58934 127.0.0.1 7081 --19fbd81c-B-- GET /.env HTTP/1.0 Host: host.raqmix.cloud X-Real-IP: 109.202.99.46 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --19fbd81c-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --19fbd81c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "host.raqmix.cloud"] [uri "/.env"] [unique_id "aIAvYl3rNiqQlzhNw8bP7wAAANA"] Stopwatch: 1753231202939412 4768 (- - -) Stopwatch2: 1753231202939412 4768; combined=3172, p1=513, p2=2551, p3=0, p4=0, p5=108, sr=163, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --19fbd81c-Z-- --7ea36e67-A-- [23/Jul/2025:03:40:02.944374 +0300] aIAvYmg0fMQ6-543ouAE6gAAAEA 109.202.99.46 58918 127.0.0.1 7081 --7ea36e67-B-- GET /.git/HEAD HTTP/1.0 Host: host.raqmix.cloud X-Real-IP: 109.202.99.46 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --7ea36e67-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --7ea36e67-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "host.raqmix.cloud"] [uri "/.git/HEAD"] [unique_id "aIAvYmg0fMQ6-543ouAE6gAAAEA"] Stopwatch: 1753231202940755 3686 (- - -) Stopwatch2: 1753231202940755 3686; combined=2133, p1=498, p2=1565, p3=0, p4=0, p5=69, sr=184, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7ea36e67-Z-- --76a60a2d-A-- [23/Jul/2025:03:40:02.960338 +0300] aIAvYl3rNiqQlzhNw8bP8AAAAM8 109.202.99.46 58958 127.0.0.1 7081 --76a60a2d-B-- GET /.svn/wc.db HTTP/1.0 Host: host.raqmix.cloud X-Real-IP: 109.202.99.46 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --76a60a2d-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --76a60a2d-H-- Message: Warning. Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||host.raqmix.cloud|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "host.raqmix.cloud"] [uri "/.svn/wc.db"] [unique_id "aIAvYl3rNiqQlzhNw8bP8AAAAM8"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||host.raqmix.cloud|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "host.raqmix.cloud"] [uri "/.svn/wc.db"] [unique_id "aIAvYl3rNiqQlzhNw8bP8AAAAM8"] Stopwatch: 1753231202954818 5611 (- - -) Stopwatch2: 1753231202954818 5611; combined=3690, p1=610, p2=2866, p3=0, p4=0, p5=213, sr=204, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --76a60a2d-Z-- --d8682c34-A-- [23/Jul/2025:03:40:02.976976 +0300] aIAvYuay57Xp5nvmyGNvhwAAABM 109.202.99.46 58996 127.0.0.1 7081 --d8682c34-B-- GET /web.config HTTP/1.0 Host: host.raqmix.cloud X-Real-IP: 109.202.99.46 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --d8682c34-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --d8682c34-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||host.raqmix.cloud|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "host.raqmix.cloud"] [uri "/web.config"] [unique_id "aIAvYuay57Xp5nvmyGNvhwAAABM"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||host.raqmix.cloud|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "host.raqmix.cloud"] [uri "/web.config"] [unique_id "aIAvYuay57Xp5nvmyGNvhwAAABM"] Stopwatch: 1753231202973387 3655 (- - -) Stopwatch2: 1753231202973387 3655; combined=2369, p1=423, p2=1795, p3=0, p4=0, p5=151, sr=114, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d8682c34-Z-- --a036b659-A-- [23/Jul/2025:03:40:02.977336 +0300] aIAvYuay57Xp5nvmyGNvhgAAAAc 109.202.99.46 58988 127.0.0.1 7081 --a036b659-B-- GET /backup.sql HTTP/1.0 Host: host.raqmix.cloud X-Real-IP: 109.202.99.46 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --a036b659-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --a036b659-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||host.raqmix.cloud|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||host.raqmix.cloud|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "host.raqmix.cloud"] [uri "/backup.sql"] [unique_id "aIAvYuay57Xp5nvmyGNvhgAAAAc"] Stopwatch: 1753231202971999 5437 (- - -) Stopwatch2: 1753231202971999 5437; combined=3126, p1=519, p2=2487, p3=0, p4=0, p5=120, sr=153, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a036b659-Z-- --ddbbdb75-A-- [23/Jul/2025:03:40:02.979151 +0300] aIAvYl3rNiqQlzhNw8bP8wAAAM0 109.202.99.46 59006 127.0.0.1 7081 --ddbbdb75-B-- GET /_vti_pvt/service.pwd HTTP/1.0 Host: host.raqmix.cloud X-Real-IP: 109.202.99.46 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --ddbbdb75-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --ddbbdb75-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||host.raqmix.cloud|F|2"] [data ".pwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||host.raqmix.cloud|F|2"] [data ".pwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "host.raqmix.cloud"] [uri "/_vti_pvt/service.pwd"] [unique_id "aIAvYl3rNiqQlzhNw8bP8wAAAM0"] Stopwatch: 1753231202974924 4387 (- - -) Stopwatch2: 1753231202974924 4387; combined=2810, p1=483, p2=2230, p3=0, p4=0, p5=97, sr=216, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ddbbdb75-Z-- --8d12f965-A-- [23/Jul/2025:03:40:02.989348 +0300] aIAvYl3rNiqQlzhNw8bP9QAAANY 109.202.99.46 59026 127.0.0.1 7081 --8d12f965-B-- GET /database.sql HTTP/1.0 Host: host.raqmix.cloud X-Real-IP: 109.202.99.46 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --8d12f965-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --8d12f965-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||host.raqmix.cloud|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||host.raqmix.cloud|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "host.raqmix.cloud"] [uri "/database.sql"] [unique_id "aIAvYl3rNiqQlzhNw8bP9QAAANY"] Stopwatch: 1753231202985559 3852 (- - -) Stopwatch2: 1753231202985559 3852; combined=2481, p1=393, p2=1951, p3=0, p4=0, p5=136, sr=112, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8d12f965-Z-- --5c74eb12-A-- [23/Jul/2025:03:40:02.999163 +0300] aIAvYl3rNiqQlzhNw8bP-AAAANE 109.202.99.46 59056 127.0.0.1 7081 --5c74eb12-B-- GET /etc/ssl/private/server.key HTTP/1.0 Host: host.raqmix.cloud X-Real-IP: 109.202.99.46 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --5c74eb12-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --5c74eb12-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||host.raqmix.cloud|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||host.raqmix.cloud|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "host.raqmix.cloud"] [uri "/etc/ssl/private/server.key"] [unique_id "aIAvYl3rNiqQlzhNw8bP-AAAANE"] Stopwatch: 1753231202993958 5331 (- - -) Stopwatch2: 1753231202993958 5331; combined=3730, p1=542, p2=3101, p3=0, p4=0, p5=87, sr=147, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5c74eb12-Z-- --2ea9564a-A-- [23/Jul/2025:03:40:03.006199 +0300] aIAvY13rNiqQlzhNw8bP-wAAAM4 109.202.99.46 59082 127.0.0.1 7081 --2ea9564a-B-- GET /api/.env HTTP/1.0 Host: host.raqmix.cloud X-Real-IP: 109.202.99.46 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --2ea9564a-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --2ea9564a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "host.raqmix.cloud"] [uri "/api/.env"] [unique_id "aIAvY13rNiqQlzhNw8bP-wAAAM4"] Stopwatch: 1753231203000970 5364 (- - -) Stopwatch2: 1753231203000970 5364; combined=3420, p1=586, p2=2730, p3=0, p4=0, p5=104, sr=162, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2ea9564a-Z-- --4db0d215-A-- [23/Jul/2025:03:40:03.009984 +0300] aIAvY-ay57Xp5nvmyGNvigAAAAg 109.202.99.46 59104 127.0.0.1 7081 --4db0d215-B-- GET /.env.production HTTP/1.0 Host: host.raqmix.cloud X-Real-IP: 109.202.99.46 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --4db0d215-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --4db0d215-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "host.raqmix.cloud"] [uri "/.env.production"] [unique_id "aIAvY-ay57Xp5nvmyGNvigAAAAg"] Stopwatch: 1753231203006700 3347 (- - -) Stopwatch2: 1753231203006700 3347; combined=2071, p1=445, p2=1559, p3=0, p4=0, p5=67, sr=118, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4db0d215-Z-- --8c619258-A-- [23/Jul/2025:03:42:30.695354 +0300] aIAv9mg0fMQ6-543ouAF7AAAAFU 178.128.48.245 46392 127.0.0.1 7081 --8c619258-B-- GET /.git/config HTTP/1.0 Host: 41.128.143.88 X-Real-IP: 178.128.48.245 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --8c619258-F-- HTTP/1.1 421 Misdirected Request Content-Length: 386 Connection: close Content-Type: text/html; charset=iso-8859-1 --8c619258-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.88"] [uri "/.git/config"] [unique_id "aIAv9mg0fMQ6-543ouAF7AAAAFU"] Apache-Error: [file "ssl_engine_kernel.c"] [line 325] [level 3] AH02032: Hostname default-41_128_143_86 (default host as no SNI was provided) and hostname 41.128.143.88 provided via HTTP have no compatible SSL setup Stopwatch: 1753231350693359 2210 (- - -) Stopwatch2: 1753231350693359 2210; combined=888, p1=688, p2=0, p3=33, p4=33, p5=134, sr=251, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8c619258-Z-- --0ace5901-A-- [23/Jul/2025:03:52:39.486201 +0300] aIAyV13rNiqQlzhNw8bmtQAAANc 13.36.165.173 52126 127.0.0.1 7081 --0ace5901-B-- GET /.git/config HTTP/1.0 Host: app.jinansystem.com X-Real-IP: 13.36.165.173 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --0ace5901-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --0ace5901-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "app.jinansystem.com"] [uri "/.git/config"] [unique_id "aIAyV13rNiqQlzhNw8bmtQAAANc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/app.jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753231959333746 152607 (- - -) Stopwatch2: 1753231959333746 152607; combined=3132, p1=659, p2=2388, p3=0, p4=0, p5=84, sr=219, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0ace5901-Z-- --777a7048-A-- [23/Jul/2025:03:53:50.201035 +0300] aIAynl3rNiqQlzhNw8bpGwAAAM4 154.84.63.141 32778 127.0.0.1 7081 --777a7048-B-- POST /php-cgi/php-cgi.exe?%add+allow_url_include%3d1+%add+auto_prepend_file%3dphp://input HTTP/1.0 Host: verozone.md X-Real-IP: 154.84.63.141 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 25 Content-Type: application/x-www-form-urlencoded Accept: */* Referer: https://verozone.md/php-cgi/php-cgi.exe?%add+allow_url_include%3d1+%add+auto_prepend_file%3dphp://input User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/530.7 (KHTML, like Gecko) Chrome/2.0.175.0 Safari/530.7 REDIRECT-STATUS: 1 --777a7048-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 --777a7048-H-- Message: Warning. Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\xadd allow_url_include=1 \xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||verozone.md|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\x5cxadd allow_url_include=1 \x5cxadd auto_prepend_file=php://input: \xadd allow_url_include=1 \xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||verozone.md|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\\\x5cxadd allow_url_include=1 \\\\x5cxadd auto_prepend_file=php://input: \\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "verozone.md"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aIAynl3rNiqQlzhNw8bpGwAAAM4"] Apache-Handler: proxy:unix:/var/www/vhosts/system/verozone.md/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753232030183117 18053 (- - -) Stopwatch2: 1753232030183117 18053; combined=9775, p1=505, p2=9164, p3=0, p4=0, p5=105, sr=174, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --777a7048-Z-- --da3bf27c-A-- [23/Jul/2025:04:06:31.981169 +0300] aIA1l13rNiqQlzhNw8b_DQAAANE 77.90.153.170 43226 127.0.0.1 7081 --da3bf27c-B-- GET /.env HTTP/1.0 Host: app.jinansystem.com X-Real-IP: 77.90.153.170 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (compatible; YandexNews/4.0; +http://yandex.com/bots) Accept-Charset: utf-8 Accept-Encoding: gzip --da3bf27c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --da3bf27c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "app.jinansystem.com"] [uri "/.env"] [unique_id "aIA1l13rNiqQlzhNw8b_DQAAANE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/app.jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753232791850177 131085 (- - -) Stopwatch2: 1753232791850177 131085; combined=6576, p1=856, p2=5624, p3=0, p4=0, p5=95, sr=169, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --da3bf27c-Z-- --92097555-A-- [23/Jul/2025:04:09:24.157323 +0300] aIA2QOay57Xp5nvmyGOIQAAAAAk 167.99.65.60 35526 127.0.0.1 7081 --92097555-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: glamilea.com X-Real-IP: 167.99.65.60 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/91.0.4472.80 Mobile/15E148 Safari/604.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Language: en-US,en;q=0.9 --92097555-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.1.33 X-Robots-Tag: noindex Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin Set-Cookie: yay_currency_widget=29035; expires=Fri, 22-Aug-2025 01:09:22 GMT; Max-Age=2592000; path=/ Upgrade: h2,h2c Connection: Upgrade, close Content-Type: application/json; charset=UTF-8 --92097555-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glamilea.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glamilea.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "glamilea.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIA2QOay57Xp5nvmyGOIQAAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753232960963785 3193659 (- - -) Stopwatch2: 1753232960963785 3193659; combined=3024, p1=642, p2=2289, p3=0, p4=0, p5=92, sr=176, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --92097555-Z-- --84216325-A-- [23/Jul/2025:04:14:23.830767 +0300] aIA3b13rNiqQlzhNw8YLLAAAAMo 155.94.155.152 33336 127.0.0.1 7081 --84216325-B-- GET /.env HTTP/1.0 Host: test.jinansystem.com X-Real-IP: 155.94.155.152 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 accept-encoding: gzip --84216325-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --84216325-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.jinansystem.com"] [uri "/.env"] [unique_id "aIA3b13rNiqQlzhNw8YLLAAAAMo"] Stopwatch: 1753233263826450 4427 (- - -) Stopwatch2: 1753233263826450 4427; combined=2632, p1=682, p2=1869, p3=0, p4=0, p5=81, sr=191, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --84216325-Z-- --41664f1a-A-- [23/Jul/2025:04:17:44.509451 +0300] aIA4OF3rNiqQlzhNw8YRKwAAAMI 13.36.165.173 55898 127.0.0.1 7081 --41664f1a-B-- GET /.git/config HTTP/1.0 Host: college.jinansystem.com X-Real-IP: 13.36.165.173 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 5.2; rv:10.0.1) Gecko/20100101 Firefox/10.0.1 SeaMonkey/2.7.1 Accept-Charset: utf-8 Accept-Encoding: gzip --41664f1a-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --41664f1a-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "college.jinansystem.com"] [uri "/.git/config"] [unique_id "aIA4OF3rNiqQlzhNw8YRKwAAAMI"] Stopwatch: 1753233464505322 4219 (- - -) Stopwatch2: 1753233464505322 4219; combined=2482, p1=603, p2=1808, p3=0, p4=0, p5=71, sr=233, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --41664f1a-Z-- --30f23c0c-A-- [23/Jul/2025:04:27:35.254588 +0300] aIA6h-ay57Xp5nvmyGOXWAAAAAA 185.177.72.24 33256 127.0.0.1 7081 --30f23c0c-B-- GET /.git/config HTTP/1.0 Host: vivacetrading.com X-Real-IP: 185.177.72.24 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) snap Chromium/76.0.3809.100 Chrome/76.0.3809.100 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --30f23c0c-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 586 Content-Type: text/html; charset=UTF-8 --30f23c0c-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vivacetrading.com"] [uri "/.git/config"] [unique_id "aIA6h-ay57Xp5nvmyGOXWAAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753234055228517 26183 (- - -) Stopwatch2: 1753234055228517 26183; combined=2632, p1=577, p2=1952, p3=0, p4=0, p5=102, sr=122, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --30f23c0c-Z-- --bf1e3641-A-- [23/Jul/2025:04:34:20.679103 +0300] aIA8HOay57Xp5nvmyGOchQAAAAs 216.81.248.90 48332 127.0.0.1 7081 --bf1e3641-B-- GET /.env HTTP/1.0 Host: alc.edu.lb X-Forwarded-Http-Host: alc.edu.lb:443 X-Real-IP: 216.81.248.90 Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --bf1e3641-F-- HTTP/1.1 301 Moved Permanently Location: https://www.alcsys.odoo.com/.env Content-Length: 301 Connection: close Content-Type: text/html; charset=iso-8859-1 --bf1e3641-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alc.edu.lb"] [uri "/.env"] [unique_id "aIA8HOay57Xp5nvmyGOchQAAAAs"] Stopwatch: 1753234460677851 1318 (- - -) Stopwatch2: 1753234460677851 1318; combined=817, p1=513, p2=0, p3=32, p4=175, p5=97, sr=141, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bf1e3641-Z-- --80dbe46e-A-- [23/Jul/2025:04:34:21.593625 +0300] aIA8Heay57Xp5nvmyGOchwAAAAQ 77.90.153.170 48446 127.0.0.1 7081 --80dbe46e-B-- GET /.env HTTP/1.0 Host: college.jinansystem.com X-Real-IP: 77.90.153.170 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040614 Firefox/0.8 Accept-Charset: utf-8 Accept-Encoding: gzip --80dbe46e-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --80dbe46e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "college.jinansystem.com"] [uri "/.env"] [unique_id "aIA8Heay57Xp5nvmyGOchwAAAAQ"] Stopwatch: 1753234461589044 4671 (- - -) Stopwatch2: 1753234461589044 4671; combined=2943, p1=697, p2=2152, p3=0, p4=0, p5=93, sr=165, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --80dbe46e-Z-- --beb2b676-A-- [23/Jul/2025:04:37:42.519201 +0300] aIA85uay57Xp5nvmyGOfgwAAAA8 212.80.19.3 59786 127.0.0.1 7081 --beb2b676-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: first-builders.com X-Real-IP: 212.80.19.3 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Mobile Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Language: en-US,en;q=0.9 --beb2b676-F-- HTTP/1.1 503 Service Unavailable X-Powered-By: PHP/8.3.23 Retry-After: 600 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=utf-8 --beb2b676-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||first-builders.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||first-builders.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "first-builders.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIA85uay57Xp5nvmyGOfgwAAAA8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/first-builders.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753234662496546 22759 (- - -) Stopwatch2: 1753234662496546 22759; combined=2644, p1=592, p2=1867, p3=0, p4=0, p5=184, sr=189, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --beb2b676-Z-- --a41c3308-A-- [23/Jul/2025:04:37:43.176263 +0300] aIA85-ay57Xp5nvmyGOfjAAAABY 212.80.19.3 33328 127.0.0.1 7081 --a41c3308-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: first-builders.com X-Real-IP: 212.80.19.3 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Mobile Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Language: en-US,en;q=0.9 --a41c3308-F-- HTTP/1.1 503 Service Unavailable X-Powered-By: PHP/8.3.23 Retry-After: 600 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=utf-8 --a41c3308-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||first-builders.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||first-builders.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "first-builders.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIA85-ay57Xp5nvmyGOfjAAAABY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/first-builders.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753234663158921 17427 (- - -) Stopwatch2: 1753234663158921 17427; combined=2829, p1=533, p2=2179, p3=0, p4=0, p5=116, sr=174, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a41c3308-Z-- --9a7b312a-A-- [23/Jul/2025:04:37:44.240461 +0300] aIA86F3rNiqQlzhNw8YzUAAAAMc 212.80.19.3 33486 127.0.0.1 7081 --9a7b312a-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: first-builders.com X-Real-IP: 212.80.19.3 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Mobile Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Language: en-US,en;q=0.9 --9a7b312a-F-- HTTP/1.1 503 Service Unavailable X-Powered-By: PHP/8.3.23 Retry-After: 600 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=utf-8 --9a7b312a-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||first-builders.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||first-builders.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "first-builders.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIA86F3rNiqQlzhNw8YzUAAAAMc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/first-builders.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753234664227016 13526 (- - -) Stopwatch2: 1753234664227016 13526; combined=2276, p1=390, p2=1725, p3=0, p4=0, p5=160, sr=117, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9a7b312a-Z-- --abf2dd4b-A-- [23/Jul/2025:04:42:36.851716 +0300] aIA-DOay57Xp5nvmyGOjXgAAAA8 77.90.153.170 36872 127.0.0.1 7081 --abf2dd4b-B-- GET /.env HTTP/1.0 Host: demonanomie.com X-Real-IP: 77.90.153.170 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 9; JSN-AL00a Build/HONORJSN-AL00a; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/66.0.3359.126 MQQBrowser/6.2 TBS/044807 Mobile Safari/537.36 MMWEBID/1961 MicroMessenger/7.0.6.1460(0x27000634) Process/tools NetType/WIFI Language/zh_CN Accept-Charset: utf-8 Accept-Encoding: gzip --abf2dd4b-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 09 Jun 2025 14:06:48 GMT ETag: "328-637241743cede" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --abf2dd4b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demonanomie.com"] [uri "/.env"] [unique_id "aIA-DOay57Xp5nvmyGOjXgAAAA8"] Stopwatch: 1753234956837502 14378 (- - -) Stopwatch2: 1753234956837502 14378; combined=12422, p1=10391, p2=1959, p3=0, p4=0, p5=72, sr=174, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --abf2dd4b-Z-- --e1c75f68-A-- [23/Jul/2025:04:45:10.109411 +0300] aIA-puay57Xp5nvmyGOligAAAAg 172.166.217.122 44548 127.0.0.1 7081 --e1c75f68-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: riyadhchocolate.com X-Real-IP: 172.166.217.122 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: same-origin user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 referer: http://riyadhchocolate.com/wp-login.php accept-encoding: gzip, deflate, br sec-fetch-user: ?1 accept-language: en-US,en;q=0.5 upgrade-insecure-requests: 1 cookie: wordpress_test_cookie=WP%20Cookie%20check --e1c75f68-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT ETag: "328-631485999ce56" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --e1c75f68-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "riyadhchocolate.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIA-puay57Xp5nvmyGOligAAAAg"] Stopwatch: 1753235110104007 5687 (- - -) Stopwatch2: 1753235110104007 5687; combined=3332, p1=590, p2=2565, p3=0, p4=0, p5=176, sr=184, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e1c75f68-Z-- --d84a3f36-A-- [23/Jul/2025:04:46:32.020086 +0300] aIA-9Wg0fMQ6-543ouAgbAAAAFE 156.210.40.112 43172 127.0.0.1 7081 --d84a3f36-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 156.210.40.112 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 643 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 389.0.0.20.89 (iPhone13,4; iOS 18_5; en_US; en; scale=3.00; 1284x2778; 761848126; IABMV/1) NW/3 referer: https://opalparis.store/?fbclid=PAZXh0bgNhZW0CMTEAAadM49zCoUIHvhm8TGW2iVJLujQmXBHSfYsazBYxeo9R4ySnfmwl9ZoeTvGqhw_aem_yrk4hPXmVgXZSWK91pquZA sec-fetch-dest: empty cookie: _fbc=fb.1.1753235189711.PAZXh0bgNhZW0CMTEAAadM49zCoUIHvhm8TGW2iVJLujQmXBHSfYsazBYxeo9R4ySnfmwl9ZoeTvGqhw_aem_yrk4hPXmVgXZSWK91pquZA; _fbp=fb.1.1753235189719.945882182836549704; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2001%3A46%3A29%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadM49zCoUIHvhm8TGW2iVJLujQmXBHSfYsazBYxeo9R4ySnfmwl9ZoeTvGqhw_aem_yrk4hPXmVgXZSWK91pquZA%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2001%3A46%3A29%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadM49zCoUIHvhm8TGW2iVJLujQmXBHSfYsazBYxeo9R4ySnfmwl9ZoeTvGqhw_aem_yrk4hPXmVgXZSWK91pquZA%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_migrations=1418474375998%3D1; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadM49zCoUIHvhm8TGW2iVJLujQmXBHSfYsazBYxeo9R4ySnfmwl9ZoeTvGqhw_aem_yrk4hPXmVgXZSWK91pquZA; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20389.0.0.20.89%20%28iPhone13%2C4%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201284x2778%3B%20761848126%3B%20IABMV%2F1%29%20NW%2F3; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22 --d84a3f36-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Set-Cookie: PHPSESSID=t3toomag4apcqvvahimn0ifrg2; expires=Tue, 21 Oct 2025 01:46:31 GMT; Max-Age=7776000; path=/; domain=opalparis.store; HttpOnly; SameSite=lax Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --d84a3f36-E-- --d84a3f36-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIA-9Wg0fMQ6-543ouAgbAAAAFE"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIA-9Wg0fMQ6-543ouAgbAAAAFE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753235189880592 2139738 (- - -) Stopwatch2: 1753235189880592 2139738; combined=12959, p1=686, p2=11411, p3=282, p4=43, p5=537, sr=130, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d84a3f36-Z-- --dca10463-A-- [23/Jul/2025:04:46:44.404155 +0300] aIA_Al3rNiqQlzhNw8ZBagAAAMw 156.210.40.112 42826 127.0.0.1 7081 --dca10463-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 156.210.40.112 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 669 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 389.0.0.20.89 (iPhone13,4; iOS 18_5; en_US; en; scale=3.00; 1284x2778; 761848126; IABMV/1) NW/3 referer: https://opalparis.store/product-category/lingerie/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753235202071.PAZXh0bgNhZW0CMTEAAadM49zCoUIHvhm8TGW2iVJLujQmXBHSfYsazBYxeo9R4ySnfmwl9ZoeTvGqhw_aem_yrk4hPXmVgXZSWK91pquZA; _fbp=fb.1.1753235202073.923591638466955586; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2001%3A46%3A41%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Flingerie%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadM49zCoUIHvhm8TGW2iVJLujQmXBHSfYsazBYxeo9R4ySnfmwl9ZoeTvGqhw_aem_yrk4hPXmVgXZSWK91pquZA; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2001%3A46%3A41%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Flingerie%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadM49zCoUIHvhm8TGW2iVJLujQmXBHSfYsazBYxeo9R4ySnfmwl9ZoeTvGqhw_aem_yrk4hPXmVgXZSWK91pquZA; sbjs_migrations=1418474375998%3D1; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Flingerie%2F; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20389.0.0.20.89%20%28iPhone13%2C4%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201284x2778%3B%20761848126%3B%20IABMV%2F1%29%20NW%2F3; PHPSESSID=t3toomag4apcqvvahimn0ifrg2 --dca10463-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --dca10463-E-- --dca10463-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIA_Al3rNiqQlzhNw8ZBagAAAMw"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIA_Al3rNiqQlzhNw8ZBagAAAMw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753235202232958 2171378 (- - -) Stopwatch2: 1753235202232958 2171378; combined=14270, p1=946, p2=12795, p3=241, p4=66, p5=221, sr=168, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dca10463-Z-- --06fe676b-A-- [23/Jul/2025:04:46:53.727965 +0300] aIA_C2g0fMQ6-543ouAgnAAAAEE 156.210.40.112 41574 127.0.0.1 7081 --06fe676b-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 156.210.40.112 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 643 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 389.0.0.20.89 (iPhone13,4; iOS 18_5; en_US; en; scale=3.00; 1284x2778; 761848126; IABMV/1) NW/3 referer: https://opalparis.store/?fbclid=PAZXh0bgNhZW0CMTEAAadM49zCoUIHvhm8TGW2iVJLujQmXBHSfYsazBYxeo9R4ySnfmwl9ZoeTvGqhw_aem_yrk4hPXmVgXZSWK91pquZA sec-fetch-dest: empty cookie: _fbc=fb.1.1753235202071.PAZXh0bgNhZW0CMTEAAadM49zCoUIHvhm8TGW2iVJLujQmXBHSfYsazBYxeo9R4ySnfmwl9ZoeTvGqhw_aem_yrk4hPXmVgXZSWK91pquZA; _fbp=fb.1.1753235202073.923591638466955586; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2001%3A46%3A41%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Flingerie%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadM49zCoUIHvhm8TGW2iVJLujQmXBHSfYsazBYxeo9R4ySnfmwl9ZoeTvGqhw_aem_yrk4hPXmVgXZSWK91pquZA; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2001%3A46%3A41%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Flingerie%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadM49zCoUIHvhm8TGW2iVJLujQmXBHSfYsazBYxeo9R4ySnfmwl9ZoeTvGqhw_aem_yrk4hPXmVgXZSWK91pquZA; sbjs_migrations=1418474375998%3D1; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Flingerie%2F; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20389.0.0.20.89%20%28iPhone13%2C4%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201284x2778%3B%20761848126%3B%20IABMV%2F1%29%20NW%2F3; PHPSESSID=t3toomag4apcqvvahimn0ifrg2 --06fe676b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --06fe676b-E-- --06fe676b-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIA_C2g0fMQ6-543ouAgnAAAAEE"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIA_C2g0fMQ6-543ouAgnAAAAEE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753235211669843 2058291 (- - -) Stopwatch2: 1753235211669843 2058291; combined=10058, p1=908, p2=8742, p3=163, p4=41, p5=203, sr=158, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --06fe676b-Z-- --30c5f73d-A-- [23/Jul/2025:04:47:06.276195 +0300] aIA_GOay57Xp5nvmyGOnaAAAAAA 156.210.40.112 43046 127.0.0.1 7081 --30c5f73d-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 156.210.40.112 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 670 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 389.0.0.20.89 (iPhone13,4; iOS 18_5; en_US; en; scale=3.00; 1284x2778; 761848126; IABMV/1) NW/3 referer: https://opalparis.store/product-category/underwear/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753235202071.PAZXh0bgNhZW0CMTEAAadM49zCoUIHvhm8TGW2iVJLujQmXBHSfYsazBYxeo9R4ySnfmwl9ZoeTvGqhw_aem_yrk4hPXmVgXZSWK91pquZA; _fbp=fb.1.1753235202073.923591638466955586; sbjs_session=pgs%3D2%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Funderwear%2F; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2001%3A46%3A41%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Flingerie%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadM49zCoUIHvhm8TGW2iVJLujQmXBHSfYsazBYxeo9R4ySnfmwl9ZoeTvGqhw_aem_yrk4hPXmVgXZSWK91pquZA; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2001%3A46%3A41%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Flingerie%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadM49zCoUIHvhm8TGW2iVJLujQmXBHSfYsazBYxeo9R4ySnfmwl9ZoeTvGqhw_aem_yrk4hPXmVgXZSWK91pquZA; sbjs_migrations=1418474375998%3D1; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20389.0.0.20.89%20%28iPhone13%2C4%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201284x2778%3B%20761848126%3B%20IABMV%2F1%29%20NW%2F3; PHPSESSID=t3toomag4apcqvvahimn0ifrg2 --30c5f73d-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --30c5f73d-E-- --30c5f73d-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIA_GOay57Xp5nvmyGOnaAAAAAA"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIA_GOay57Xp5nvmyGOnaAAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753235224239829 2036579 (- - -) Stopwatch2: 1753235224239829 2036579; combined=10136, p1=840, p2=8879, p3=152, p4=45, p5=219, sr=163, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --30c5f73d-Z-- --f30c967b-A-- [23/Jul/2025:04:47:09.502042 +0300] aIA_G13rNiqQlzhNw8ZCZwAAAMI 156.210.40.112 43512 127.0.0.1 7081 --f30c967b-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 156.210.40.112 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 643 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 389.0.0.20.89 (iPhone13,4; iOS 18_5; en_US; en; scale=3.00; 1284x2778; 761848126; IABMV/1) NW/3 referer: https://opalparis.store/?fbclid=PAZXh0bgNhZW0CMTEAAadM49zCoUIHvhm8TGW2iVJLujQmXBHSfYsazBYxeo9R4ySnfmwl9ZoeTvGqhw_aem_yrk4hPXmVgXZSWK91pquZA sec-fetch-dest: empty cookie: _fbc=fb.1.1753235202071.PAZXh0bgNhZW0CMTEAAadM49zCoUIHvhm8TGW2iVJLujQmXBHSfYsazBYxeo9R4ySnfmwl9ZoeTvGqhw_aem_yrk4hPXmVgXZSWK91pquZA; _fbp=fb.1.1753235202073.923591638466955586; sbjs_session=pgs%3D2%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Funderwear%2F; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2001%3A46%3A41%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Flingerie%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadM49zCoUIHvhm8TGW2iVJLujQmXBHSfYsazBYxeo9R4ySnfmwl9ZoeTvGqhw_aem_yrk4hPXmVgXZSWK91pquZA; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2001%3A46%3A41%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Flingerie%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadM49zCoUIHvhm8TGW2iVJLujQmXBHSfYsazBYxeo9R4ySnfmwl9ZoeTvGqhw_aem_yrk4hPXmVgXZSWK91pquZA; sbjs_migrations=1418474375998%3D1; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20389.0.0.20.89%20%28iPhone13%2C4%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201284x2778%3B%20761848126%3B%20IABMV%2F1%29%20NW%2F3; PHPSESSID=t3toomag4apcqvvahimn0ifrg2 --f30c967b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --f30c967b-E-- --f30c967b-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIA_G13rNiqQlzhNw8ZCZwAAAMI"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIA_G13rNiqQlzhNw8ZCZwAAAMI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753235227475056 2027160 (- - -) Stopwatch2: 1753235227475056 2027160; combined=13115, p1=1006, p2=11625, p3=210, p4=61, p5=213, sr=157, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f30c967b-Z-- --fa94307c-A-- [23/Jul/2025:04:48:24.057436 +0300] aIA_Z-ay57Xp5nvmyGOolQAAAA0 185.177.72.24 36780 127.0.0.1 7081 --fa94307c-B-- GET /.git/config HTTP/1.0 Host: app.jinansystem.com X-Real-IP: 185.177.72.24 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 9; MI 8 SE Build/PKQ1.181121.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/66.0.3359.126 MQQBrowser/6.2 TBS/044807 Mobile Safari/537.36 MMWEBID/7941 MicroMessenger/7.0.6.1460(0x27000634) Process/tools NetType/WIFI Language/zh_CN Accept-Charset: utf-8 Accept-Encoding: gzip --fa94307c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --fa94307c-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "app.jinansystem.com"] [uri "/.git/config"] [unique_id "aIA_Z-ay57Xp5nvmyGOolQAAAA0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/app.jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753235303895689 161832 (- - -) Stopwatch2: 1753235303895689 161832; combined=2828, p1=671, p2=2041, p3=0, p4=0, p5=115, sr=155, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fa94307c-Z-- --3188306b-A-- [23/Jul/2025:04:50:03.326987 +0300] aIA_y13rNiqQlzhNw8ZHjgAAAME 185.221.132.204 33866 127.0.0.1 7081 --3188306b-B-- HEAD /backups/backup.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 185.221.132.204 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --3188306b-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --3188306b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/backups/backup.sql"] [unique_id "aIA_y13rNiqQlzhNw8ZHjgAAAME"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753235403304024 23050 (- - -) Stopwatch2: 1753235403304024 23050; combined=2240, p1=467, p2=1633, p3=0, p4=0, p5=139, sr=177, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3188306b-Z-- --e4dca417-A-- [23/Jul/2025:04:51:32.608841 +0300] aIBAJGg0fMQ6-543ouAh9wAAAFc 185.177.72.24 36498 127.0.0.1 7081 --e4dca417-B-- GET /.git/config HTTP/1.0 Host: test.jinansystem.com X-Real-IP: 185.177.72.24 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; U; Android 1.5; en-us; SPH-M900 Build/CUPCAKE) AppleWebKit/528.5 (KHTML, like Gecko) Version/3.1.2 Mobile Safari/525.20.1 Accept-Charset: utf-8 Accept-Encoding: gzip --e4dca417-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --e4dca417-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.jinansystem.com"] [uri "/.git/config"] [unique_id "aIBAJGg0fMQ6-543ouAh9wAAAFc"] Stopwatch: 1753235492604053 4919 (- - -) Stopwatch2: 1753235492604053 4919; combined=2759, p1=614, p2=2059, p3=0, p4=0, p5=86, sr=180, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e4dca417-Z-- --03258b64-A-- [23/Jul/2025:04:57:28.404271 +0300] aIBBiGg0fMQ6-543ouAj0QAAAEc 13.36.165.173 49472 127.0.0.1 7081 --03258b64-B-- GET /.git/config HTTP/1.0 Host: host.raqmix.cloud X-Real-IP: 13.36.165.173 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --03258b64-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --03258b64-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "host.raqmix.cloud"] [uri "/.git/config"] [unique_id "aIBBiGg0fMQ6-543ouAj0QAAAEc"] Stopwatch: 1753235848399234 5143 (- - -) Stopwatch2: 1753235848399234 5143; combined=2988, p1=735, p2=2164, p3=0, p4=0, p5=89, sr=195, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --03258b64-Z-- --15f41c6a-A-- [23/Jul/2025:05:02:38.348266 +0300] aIBCvl3rNiqQlzhNw8ZYKwAAAM4 65.49.1.142 47438 127.0.0.1 7081 --15f41c6a-B-- GET /.git/config HTTP/1.0 Host: 41.128.143.88 X-Real-IP: 65.49.1.142 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Accept: */* Accept-Encoding: gzip --15f41c6a-F-- HTTP/1.1 421 Misdirected Request Content-Length: 386 Connection: close Content-Type: text/html; charset=iso-8859-1 --15f41c6a-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.88"] [uri "/.git/config"] [unique_id "aIBCvl3rNiqQlzhNw8ZYKwAAAM4"] Apache-Error: [file "ssl_engine_kernel.c"] [line 325] [level 3] AH02032: Hostname default-41_128_143_86 (default host as no SNI was provided) and hostname 41.128.143.88 provided via HTTP have no compatible SSL setup Stopwatch: 1753236158347132 1205 (- - -) Stopwatch2: 1753236158347132 1205; combined=679, p1=521, p2=0, p3=45, p4=35, p5=77, sr=141, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --15f41c6a-Z-- --15606d21-A-- [23/Jul/2025:05:10:02.343040 +0300] aIBEel3rNiqQlzhNw8ZiXAAAAM8 93.123.109.4 42194 127.0.0.1 7081 --15606d21-B-- GET /.env HTTP/1.0 Host: www.menacore.net X-Real-IP: 93.123.109.4 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --15606d21-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.29 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: csrf_cookie_name=56b2c75816ca6d838a535ed485b0ef4f; expires=Wed, 23 Jul 2025 03:11:02 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Set-Cookie: sp_session=87olr68rvmdupksq3aags3g1ov9f495p; expires=Wed, 23 Jul 2025 10:10:02 GMT; Max-Age=28800; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=utf-8 --15606d21-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.menacore.net"] [uri "/.env"] [unique_id "aIBEel3rNiqQlzhNw8ZiXAAAAM8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/menacore.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753236602180827 162312 (- - -) Stopwatch2: 1753236602180827 162312; combined=2901, p1=649, p2=2151, p3=0, p4=0, p5=100, sr=236, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --15606d21-Z-- --32d3da7c-A-- [23/Jul/2025:05:10:02.894057 +0300] aIBEemg0fMQ6-543ouAoagAAAEM 93.123.109.4 42262 127.0.0.1 7081 --32d3da7c-B-- GET /.env.save HTTP/1.0 Host: www.menacore.net X-Real-IP: 93.123.109.4 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --32d3da7c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.29 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: csrf_cookie_name=b142fe2f8f683460c2e1f8c4e1e3599b; expires=Wed, 23 Jul 2025 03:11:02 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Set-Cookie: sp_session=ahndi8l6s3hmn22aobjuhj33vt7k80fv; expires=Wed, 23 Jul 2025 10:10:02 GMT; Max-Age=28800; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=utf-8 --32d3da7c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.menacore.net"] [uri "/.env.save"] [unique_id "aIBEemg0fMQ6-543ouAoagAAAEM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/menacore.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753236602754291 139846 (- - -) Stopwatch2: 1753236602754291 139846; combined=2495, p1=574, p2=1823, p3=0, p4=0, p5=98, sr=202, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --32d3da7c-Z-- --6bbf2306-A-- [23/Jul/2025:05:10:03.437146 +0300] aIBEe13rNiqQlzhNw8ZiZgAAAMo 93.123.109.4 37050 127.0.0.1 7081 --6bbf2306-B-- GET /.env.prod HTTP/1.0 Host: www.menacore.net X-Real-IP: 93.123.109.4 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --6bbf2306-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.29 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: csrf_cookie_name=116e292eb576742325918f296aae9feb; expires=Wed, 23 Jul 2025 03:11:03 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Set-Cookie: sp_session=al9a7bkirejk8bjjfupl7qq5kfmk0ppq; expires=Wed, 23 Jul 2025 10:10:03 GMT; Max-Age=28800; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=utf-8 --6bbf2306-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.menacore.net"] [uri "/.env.prod"] [unique_id "aIBEe13rNiqQlzhNw8ZiZgAAAMo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/menacore.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753236603293154 144069 (- - -) Stopwatch2: 1753236603293154 144069; combined=2408, p1=557, p2=1739, p3=0, p4=0, p5=111, sr=156, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6bbf2306-Z-- --ec73783c-A-- [23/Jul/2025:05:10:04.227002 +0300] aIBEfF3rNiqQlzhNw8ZibwAAANQ 93.123.109.4 37128 127.0.0.1 7081 --ec73783c-B-- GET /api/.env HTTP/1.0 Host: www.menacore.net X-Real-IP: 93.123.109.4 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --ec73783c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.29 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: csrf_cookie_name=1706afb165e85a1c5959b4a4fbbfca8c; expires=Wed, 23 Jul 2025 03:11:04 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Set-Cookie: sp_session=34omcm8dgrfrlokk2lg7ur2red4ol8pt; expires=Wed, 23 Jul 2025 10:10:04 GMT; Max-Age=28800; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=utf-8 --ec73783c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.menacore.net"] [uri "/api/.env"] [unique_id "aIBEfF3rNiqQlzhNw8ZibwAAANQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/menacore.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753236604076564 150543 (- - -) Stopwatch2: 1753236604076564 150543; combined=2580, p1=521, p2=1911, p3=0, p4=0, p5=147, sr=141, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ec73783c-Z-- --32fc2769-A-- [23/Jul/2025:05:10:04.923977 +0300] aIBEfF3rNiqQlzhNw8ZidgAAAMU 93.123.109.4 37224 127.0.0.1 7081 --32fc2769-B-- GET /dev/.env HTTP/1.0 Host: www.menacore.net X-Real-IP: 93.123.109.4 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --32fc2769-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.29 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: csrf_cookie_name=759ef12af8bd4158543e2e50205b079f; expires=Wed, 23 Jul 2025 03:11:04 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Set-Cookie: sp_session=u3h341pbk1j9qnscgjm73hubnkvo9tng; expires=Wed, 23 Jul 2025 10:10:04 GMT; Max-Age=28800; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=utf-8 --32fc2769-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.menacore.net"] [uri "/dev/.env"] [unique_id "aIBEfF3rNiqQlzhNw8ZidgAAAMU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/menacore.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753236604791761 132347 (- - -) Stopwatch2: 1753236604791761 132347; combined=2400, p1=562, p2=1696, p3=0, p4=0, p5=141, sr=136, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --32fc2769-Z-- --114b663f-A-- [23/Jul/2025:05:10:44.547416 +0300] aIBEpGg0fMQ6-543ouAolQAAAE8 185.177.72.24 43626 127.0.0.1 7081 --114b663f-B-- GET /.git/config HTTP/1.0 Host: soor.raqmix.cloud X-Real-IP: 185.177.72.24 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3889.0 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --114b663f-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --114b663f-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "soor.raqmix.cloud"] [uri "/.git/config"] [unique_id "aIBEpGg0fMQ6-543ouAolQAAAE8"] Stopwatch: 1753236644522361 25175 (- - -) Stopwatch2: 1753236644522361 25175; combined=22882, p1=20613, p2=2179, p3=0, p4=0, p5=90, sr=192, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --114b663f-Z-- --74449760-A-- [23/Jul/2025:05:12:37.261916 +0300] aIBFFeay57Xp5nvmyGO5WwAAABY 98.159.226.248 35084 127.0.0.1 7081 --74449760-B-- HEAD /bak/wallet.dat HTTP/1.0 Host: vivacetrading.com X-Real-IP: 98.159.226.248 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --74449760-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --74449760-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/bak/wallet.dat"] [unique_id "aIBFFeay57Xp5nvmyGO5WwAAABY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753236757246437 15569 (- - -) Stopwatch2: 1753236757246437 15569; combined=2566, p1=458, p2=1929, p3=0, p4=0, p5=179, sr=175, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --74449760-Z-- --822c825a-A-- [23/Jul/2025:05:12:40.922006 +0300] aIBFGF3rNiqQlzhNw8Zl-wAAAM4 98.159.226.252 35606 127.0.0.1 7081 --822c825a-B-- HEAD /mysql.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 98.159.226.252 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --822c825a-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --822c825a-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/mysql.sql"] [unique_id "aIBFGF3rNiqQlzhNw8Zl-wAAAM4"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753236760908658 13414 (- - -) Stopwatch2: 1753236760908658 13414; combined=2371, p1=474, p2=1711, p3=0, p4=0, p5=186, sr=164, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --822c825a-Z-- --26624119-A-- [23/Jul/2025:05:12:42.288370 +0300] aIBFGmg0fMQ6-543ouApRAAAAFE 98.159.226.250 35776 127.0.0.1 7081 --26624119-B-- HEAD /restore/www.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 98.159.226.250 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --26624119-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --26624119-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/restore/www.sql"] [unique_id "aIBFGmg0fMQ6-543ouApRAAAAFE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753236762271975 16464 (- - -) Stopwatch2: 1753236762271975 16464; combined=4056, p1=535, p2=3421, p3=0, p4=0, p5=100, sr=204, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --26624119-Z-- --3341d163-A-- [23/Jul/2025:05:16:05.349776 +0300] aIBF5eay57Xp5nvmyGO7PQAAAA8 146.190.30.155 60474 127.0.0.1 7080 --3341d163-B-- GET /.git/config HTTP/1.0 Host: 41.128.143.86 X-Real-IP: 146.190.30.155 Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: python-httpx/0.28.1 --3341d163-F-- HTTP/1.1 404 Not Found Content-Length: 259 Connection: close Content-Type: text/html; charset=iso-8859-1 --3341d163-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.86"] [uri "/.git/config"] [unique_id "aIBF5eay57Xp5nvmyGO7PQAAAA8"] Stopwatch: 1753236965345436 4408 (- - -) Stopwatch2: 1753236965345436 4408; combined=2707, p1=654, p2=1932, p3=23, p4=32, p5=65, sr=188, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3341d163-Z-- --90110e36-A-- [23/Jul/2025:05:16:26.855128 +0300] aIBF-uay57Xp5nvmyGO7gwAAAAA 185.221.132.212 51310 127.0.0.1 7081 --90110e36-B-- HEAD /vivacetrading.com.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 185.221.132.212 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --90110e36-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --90110e36-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".com.sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".com.sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/vivacetrading.com.sql"] [unique_id "aIBF-uay57Xp5nvmyGO7gwAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753236986835068 20113 (- - -) Stopwatch2: 1753236986835068 20113; combined=2823, p1=515, p2=2210, p3=0, p4=0, p5=97, sr=169, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --90110e36-Z-- --a9c2f433-A-- [23/Jul/2025:05:16:30.511580 +0300] aIBF_l3rNiqQlzhNw8Zq6AAAAMw 185.221.132.214 52158 127.0.0.1 7081 --a9c2f433-B-- HEAD /.env HTTP/1.0 Host: vivacetrading.com X-Real-IP: 185.221.132.214 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --a9c2f433-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --a9c2f433-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vivacetrading.com"] [uri "/.env"] [unique_id "aIBF_l3rNiqQlzhNw8Zq6AAAAMw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753236990493936 17700 (- - -) Stopwatch2: 1753236990493936 17700; combined=2487, p1=726, p2=1647, p3=0, p4=0, p5=113, sr=349, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a9c2f433-Z-- --e7a11f3f-A-- [23/Jul/2025:05:18:54.435563 +0300] aIBGjmg0fMQ6-543ouArcQAAAEg 77.90.153.170 58082 127.0.0.1 7081 --e7a11f3f-B-- GET /.env HTTP/1.0 Host: host.raqmix.cloud X-Real-IP: 77.90.153.170 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 9; SM-A505F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --e7a11f3f-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --e7a11f3f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "host.raqmix.cloud"] [uri "/.env"] [unique_id "aIBGjmg0fMQ6-543ouArcQAAAEg"] Stopwatch: 1753237134429457 6237 (- - -) Stopwatch2: 1753237134429457 6237; combined=4094, p1=658, p2=3365, p3=0, p4=0, p5=70, sr=177, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e7a11f3f-Z-- --acd15311-A-- [23/Jul/2025:05:21:11.618971 +0300] aIBHF13rNiqQlzhNw8ZxXgAAAME 185.177.72.24 46242 127.0.0.1 7081 --acd15311-B-- GET /.git/config HTTP/1.0 Host: host.raqmix.cloud X-Real-IP: 185.177.72.24 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 7.1.1; BBB100-1 Build/NMF26F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.125 Mobile Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --acd15311-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --acd15311-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "host.raqmix.cloud"] [uri "/.git/config"] [unique_id "aIBHF13rNiqQlzhNw8ZxXgAAAME"] Stopwatch: 1753237271614240 4820 (- - -) Stopwatch2: 1753237271614240 4820; combined=2882, p1=729, p2=1977, p3=0, p4=0, p5=176, sr=305, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --acd15311-Z-- --380d7a39-A-- [23/Jul/2025:05:21:28.929142 +0300] aIBHKOay57Xp5nvmyGO_1wAAAAU 185.177.72.205 59920 127.0.0.1 7081 --380d7a39-B-- GET /.env HTTP/1.0 Host: crm.verozone.md X-Real-IP: 185.177.72.205 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --380d7a39-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/7.4.33 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --380d7a39-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crm.verozone.md"] [uri "/.env"] [unique_id "aIBHKOay57Xp5nvmyGO_1wAAAAU"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning: file_exists(): open_basedir restriction in effect. File(/autoload.php) is not within the allowed path(s): (/var/www/vhosts/verozone.md/:/tmp/) in /var/www/vhosts/verozone.md/crm.verozone.md/vendor/vonage/nexmo-bridge/src/Autoloader.php on line 69' Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.verozone.md/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753237288157380 771956 (- - -) Stopwatch2: 1753237288157380 771956; combined=11642, p1=9409, p2=2085, p3=0, p4=0, p5=147, sr=207, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --380d7a39-Z-- --2fcf9a11-A-- [23/Jul/2025:05:21:32.088420 +0300] aIBHK13rNiqQlzhNw8ZxrQAAAMI 185.177.72.205 60058 127.0.0.1 7081 --2fcf9a11-B-- GET /backend/.env HTTP/1.0 Host: crm.verozone.md X-Real-IP: 185.177.72.205 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2fcf9a11-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/7.4.33 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --2fcf9a11-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crm.verozone.md"] [uri "/backend/.env"] [unique_id "aIBHK13rNiqQlzhNw8ZxrQAAAMI"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning: file_exists(): open_basedir restriction in effect. File(/autoload.php) is not within the allowed path(s): (/var/www/vhosts/verozone.md/:/tmp/) in /var/www/vhosts/verozone.md/crm.verozone.md/vendor/vonage/nexmo-bridge/src/Autoloader.php on line 69' Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.verozone.md/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753237291528504 559998 (- - -) Stopwatch2: 1753237291528504 559998; combined=2842, p1=707, p2=1944, p3=0, p4=0, p5=191, sr=249, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2fcf9a11-Z-- --dc281178-A-- [23/Jul/2025:05:21:33.151255 +0300] aIBHLOay57Xp5nvmyGO_3gAAABI 185.177.72.205 60096 127.0.0.1 7081 --dc281178-B-- GET /api/.env HTTP/1.0 Host: crm.verozone.md X-Real-IP: 185.177.72.205 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --dc281178-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/7.4.33 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --dc281178-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crm.verozone.md"] [uri "/api/.env"] [unique_id "aIBHLOay57Xp5nvmyGO_3gAAABI"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning: file_exists(): open_basedir restriction in effect. File(/autoload.php) is not within the allowed path(s): (/var/www/vhosts/verozone.md/:/tmp/) in /var/www/vhosts/verozone.md/crm.verozone.md/vendor/vonage/nexmo-bridge/src/Autoloader.php on line 69' Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.verozone.md/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753237292564562 586774 (- - -) Stopwatch2: 1753237292564562 586774; combined=5655, p1=2122, p2=3394, p3=0, p4=0, p5=138, sr=582, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dc281178-Z-- --60157300-A-- [23/Jul/2025:05:21:33.736920 +0300] aIBHLeay57Xp5nvmyGO_3wAAABg 185.177.72.205 36372 127.0.0.1 7081 --60157300-B-- GET /env.backup HTTP/1.0 Host: crm.verozone.md X-Real-IP: 185.177.72.205 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --60157300-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/7.4.33 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --60157300-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||crm.verozone.md|F|2"] [data ".backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||crm.verozone.md|F|2"] [data ".backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "crm.verozone.md"] [uri "/env.backup"] [unique_id "aIBHLeay57Xp5nvmyGO_3wAAABg"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning: file_exists(): open_basedir restriction in effect. File(/autoload.php) is not within the allowed path(s): (/var/www/vhosts/verozone.md/:/tmp/) in /var/www/vhosts/verozone.md/crm.verozone.md/vendor/vonage/nexmo-bridge/src/Autoloader.php on line 69' Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.verozone.md/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753237293213263 523749 (- - -) Stopwatch2: 1753237293213263 523749; combined=4355, p1=542, p2=3611, p3=0, p4=0, p5=201, sr=154, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --60157300-Z-- --9e59495e-A-- [23/Jul/2025:05:21:35.029598 +0300] aIBHLmg0fMQ6-543ouAsJAAAAFU 185.177.72.205 36456 127.0.0.1 7081 --9e59495e-B-- GET /main/.env HTTP/1.0 Host: crm.verozone.md X-Real-IP: 185.177.72.205 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9e59495e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/7.4.33 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --9e59495e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crm.verozone.md"] [uri "/main/.env"] [unique_id "aIBHLmg0fMQ6-543ouAsJAAAAFU"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning: file_exists(): open_basedir restriction in effect. File(/autoload.php) is not within the allowed path(s): (/var/www/vhosts/verozone.md/:/tmp/) in /var/www/vhosts/verozone.md/crm.verozone.md/vendor/vonage/nexmo-bridge/src/Autoloader.php on line 69' Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.verozone.md/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753237294447598 582082 (- - -) Stopwatch2: 1753237294447598 582082; combined=2766, p1=883, p2=1760, p3=0, p4=0, p5=122, sr=142, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9e59495e-Z-- --978bcd3b-A-- [23/Jul/2025:05:21:35.657807 +0300] aIBHL-ay57Xp5nvmyGO_4gAAABE 185.177.72.205 36480 127.0.0.1 7081 --978bcd3b-B-- GET /.env.old HTTP/1.0 Host: crm.verozone.md X-Real-IP: 185.177.72.205 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --978bcd3b-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/7.4.33 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --978bcd3b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||crm.verozone.md|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crm.verozone.md"] [uri "/.env.old"] [unique_id "aIBHL-ay57Xp5nvmyGO_4gAAABE"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||crm.verozone.md|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "crm.verozone.md"] [uri "/.env.old"] [unique_id "aIBHL-ay57Xp5nvmyGO_4gAAABE"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning: file_exists(): open_basedir restriction in effect. File(/autoload.php) is not within the allowed path(s): (/var/www/vhosts/verozone.md/:/tmp/) in /var/www/vhosts/verozone.md/crm.verozone.md/vendor/vonage/nexmo-bridge/src/Autoloader.php on line 69' Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.verozone.md/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753237295088610 569282 (- - -) Stopwatch2: 1753237295088610 569282; combined=6303, p1=697, p2=5433, p3=0, p4=0, p5=173, sr=239, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --978bcd3b-Z-- --9510fb21-A-- [23/Jul/2025:05:23:56.694499 +0300] aIBHvF3rNiqQlzhNw8Z00gAAAME 185.177.72.24 38132 127.0.0.1 7081 --9510fb21-B-- GET /.git/config HTTP/1.0 Host: demonanomie.com X-Real-IP: 185.177.72.24 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Microsoft URL Control - 6.00.8862 Accept-Charset: utf-8 Accept-Encoding: gzip --9510fb21-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 09 Jun 2025 14:06:48 GMT ETag: "328-637241743cede" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --9510fb21-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\.weblogs\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\bdatacha0s\\b|; widows|\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/modsecurity.d/rules/comodo_free/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||demonanomie.com|F|4"] [data "Microsoft URL"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demonanomie.com"] [uri "/.git/config"] [unique_id "aIBHvF3rNiqQlzhNw8Z00gAAAME"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\\\\\.weblogs\\\\\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\\\\\bdatacha0s\\\\\\\\b|; widows|\\\\\\\\\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/modsecurity.d/rules/comodo_free/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||demonanomie.com|F|4"] [data "Microsoft URL"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "demonanomie.com"] [uri "/.git/config"] [unique_id "aIBHvF3rNiqQlzhNw8Z00gAAAME"] Stopwatch: 1753237436690300 4288 (- - -) Stopwatch2: 1753237436690300 4288; combined=2544, p1=578, p2=1838, p3=0, p4=0, p5=127, sr=161, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9510fb21-Z-- --80ddbf51-A-- [23/Jul/2025:05:28:06.456712 +0300] aIBItl3rNiqQlzhNw8Z7rQAAANM 192.185.176.179 42750 127.0.0.1 7081 --80ddbf51-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: riyadhchocolate.com X-Real-IP: 192.185.176.179 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Language: en-US,en;q=0.9 --80ddbf51-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT ETag: "328-631485999ce56" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --80ddbf51-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "riyadhchocolate.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIBItl3rNiqQlzhNw8Z7rQAAANM"] Stopwatch: 1753237686452202 4629 (- - -) Stopwatch2: 1753237686452202 4629; combined=2488, p1=453, p2=1929, p3=0, p4=0, p5=106, sr=142, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --80ddbf51-Z-- --88c58c75-A-- [23/Jul/2025:05:28:07.042335 +0300] aIBIt-ay57Xp5nvmyGPFFgAAAAM 192.185.176.179 42830 127.0.0.1 7081 --88c58c75-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: riyadhchocolate.com X-Real-IP: 192.185.176.179 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Language: en-US,en;q=0.9 --88c58c75-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT ETag: "328-631485999ce56" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --88c58c75-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "riyadhchocolate.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIBIt-ay57Xp5nvmyGPFFgAAAAM"] Stopwatch: 1753237687037944 4535 (- - -) Stopwatch2: 1753237687037944 4535; combined=2546, p1=494, p2=1972, p3=0, p4=0, p5=79, sr=164, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --88c58c75-Z-- --b0ea181f-A-- [23/Jul/2025:05:28:07.640851 +0300] aIBIt13rNiqQlzhNw8Z7vgAAAMQ 192.185.176.179 42890 127.0.0.1 7081 --b0ea181f-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: riyadhchocolate.com X-Real-IP: 192.185.176.179 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Language: en-US,en;q=0.9 --b0ea181f-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT ETag: "328-631485999ce56" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --b0ea181f-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "riyadhchocolate.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIBIt13rNiqQlzhNw8Z7vgAAAMQ"] Stopwatch: 1753237687636311 4648 (- - -) Stopwatch2: 1753237687636311 4648; combined=2593, p1=463, p2=2013, p3=0, p4=0, p5=116, sr=162, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b0ea181f-Z-- --6ac8c715-A-- [23/Jul/2025:05:34:37.558357 +0300] aIBKPeay57Xp5nvmyGPJSwAAAAI 13.36.165.173 57094 127.0.0.1 7081 --6ac8c715-B-- GET /.git/config HTTP/1.0 Host: menacore.net X-Real-IP: 13.36.165.173 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux i686; rv:12.0) Gecko/20100101 Firefox/12.0 Accept-Charset: utf-8 Accept-Encoding: gzip --6ac8c715-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.29 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: csrf_cookie_name=c18583fcc48ee1404fd8ef94576fdb5e; expires=Wed, 23 Jul 2025 03:35:37 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Set-Cookie: sp_session=ihofpkv58859ok95bf286asgfbf8q143; expires=Wed, 23 Jul 2025 10:34:37 GMT; Max-Age=28800; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=utf-8 --6ac8c715-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "menacore.net"] [uri "/.git/config"] [unique_id "aIBKPeay57Xp5nvmyGPJSwAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/menacore.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753238077405251 153225 (- - -) Stopwatch2: 1753238077405251 153225; combined=2860, p1=668, p2=2069, p3=0, p4=0, p5=122, sr=191, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6ac8c715-Z-- --68d5b017-A-- [23/Jul/2025:05:39:10.924695 +0300] aIBLTl3rNiqQlzhNw8aLVgAAAMc 185.177.72.24 50258 127.0.0.1 7081 --68d5b017-B-- GET /.git/config HTTP/1.0 Host: menacore.net X-Real-IP: 185.177.72.24 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Firefox/31.0 Accept-Charset: utf-8 Accept-Encoding: gzip --68d5b017-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.29 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: csrf_cookie_name=917e39272d4a9418bd9edb8361b0851b; expires=Wed, 23 Jul 2025 03:40:10 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Set-Cookie: sp_session=cb4ae15muc8q0sv7o33kqf1t6g45hede; expires=Wed, 23 Jul 2025 10:39:10 GMT; Max-Age=28800; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=utf-8 --68d5b017-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "menacore.net"] [uri "/.git/config"] [unique_id "aIBLTl3rNiqQlzhNw8aLVgAAAMc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/menacore.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753238350754427 170369 (- - -) Stopwatch2: 1753238350754427 170369; combined=2979, p1=701, p2=2182, p3=0, p4=0, p5=96, sr=261, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --68d5b017-Z-- --73cbe658-A-- [23/Jul/2025:05:41:55.137335 +0300] aIBL813rNiqQlzhNw8aOMAAAAMY 185.177.72.205 42478 127.0.0.1 7081 --73cbe658-B-- GET /.env HTTP/1.0 Host: demonanomie.com X-Real-IP: 185.177.72.205 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --73cbe658-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 09 Jun 2025 14:06:48 GMT ETag: "328-637241743cede" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --73cbe658-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demonanomie.com"] [uri "/.env"] [unique_id "aIBL813rNiqQlzhNw8aOMAAAAMY"] Stopwatch: 1753238515131258 6259 (- - -) Stopwatch2: 1753238515131258 6259; combined=3617, p1=719, p2=2781, p3=0, p4=0, p5=117, sr=196, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --73cbe658-Z-- --1d6ac130-A-- [23/Jul/2025:05:41:55.461784 +0300] aIBL8-ay57Xp5nvmyGPNrQAAABA 185.177.72.205 42534 127.0.0.1 7081 --1d6ac130-B-- GET /backend/.env HTTP/1.0 Host: demonanomie.com X-Real-IP: 185.177.72.205 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1d6ac130-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 09 Jun 2025 14:06:48 GMT ETag: "328-637241743cede" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --1d6ac130-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demonanomie.com"] [uri "/backend/.env"] [unique_id "aIBL8-ay57Xp5nvmyGPNrQAAABA"] Stopwatch: 1753238515457722 4130 (- - -) Stopwatch2: 1753238515457722 4130; combined=2403, p1=672, p2=1656, p3=0, p4=0, p5=74, sr=199, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1d6ac130-Z-- --501a3d09-A-- [23/Jul/2025:05:41:55.527903 +0300] aIBL813rNiqQlzhNw8aONQAAANA 185.177.72.205 42550 127.0.0.1 7081 --501a3d09-B-- GET /api/.env HTTP/1.0 Host: demonanomie.com X-Real-IP: 185.177.72.205 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --501a3d09-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 09 Jun 2025 14:06:48 GMT ETag: "328-637241743cede" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --501a3d09-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demonanomie.com"] [uri "/api/.env"] [unique_id "aIBL813rNiqQlzhNw8aONQAAANA"] Stopwatch: 1753238515522912 5061 (- - -) Stopwatch2: 1753238515522912 5061; combined=3099, p1=742, p2=2275, p3=0, p4=0, p5=82, sr=270, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --501a3d09-Z-- --f86cb01b-A-- [23/Jul/2025:05:41:55.593072 +0300] aIBL8-ay57Xp5nvmyGPNrgAAABI 185.177.72.205 42572 127.0.0.1 7081 --f86cb01b-B-- GET /env.backup HTTP/1.0 Host: demonanomie.com X-Real-IP: 185.177.72.205 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f86cb01b-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 09 Jun 2025 14:06:48 GMT ETag: "328-637241743cede" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --f86cb01b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||demonanomie.com|F|2"] [data ".backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||demonanomie.com|F|2"] [data ".backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "demonanomie.com"] [uri "/env.backup"] [unique_id "aIBL8-ay57Xp5nvmyGPNrgAAABI"] Stopwatch: 1753238515588042 5119 (- - -) Stopwatch2: 1753238515588042 5119; combined=3036, p1=644, p2=2301, p3=0, p4=0, p5=90, sr=176, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f86cb01b-Z-- --58b63608-A-- [23/Jul/2025:05:41:55.844608 +0300] aIBL813rNiqQlzhNw8aOOAAAANQ 185.177.72.205 42586 127.0.0.1 7081 --58b63608-B-- GET /main/.env HTTP/1.0 Host: demonanomie.com X-Real-IP: 185.177.72.205 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --58b63608-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 09 Jun 2025 14:06:48 GMT ETag: "328-637241743cede" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --58b63608-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demonanomie.com"] [uri "/main/.env"] [unique_id "aIBL813rNiqQlzhNw8aOOAAAANQ"] Stopwatch: 1753238515840403 4276 (- - -) Stopwatch2: 1753238515840403 4276; combined=2422, p1=538, p2=1801, p3=0, p4=0, p5=83, sr=167, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --58b63608-Z-- --2f423153-A-- [23/Jul/2025:05:41:55.908507 +0300] aIBL8-ay57Xp5nvmyGPNrwAAAAc 185.177.72.205 42596 127.0.0.1 7081 --2f423153-B-- GET /.env.old HTTP/1.0 Host: demonanomie.com X-Real-IP: 185.177.72.205 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2f423153-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 09 Jun 2025 14:06:48 GMT ETag: "328-637241743cede" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --2f423153-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||demonanomie.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demonanomie.com"] [uri "/.env.old"] [unique_id "aIBL8-ay57Xp5nvmyGPNrwAAAAc"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||demonanomie.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "demonanomie.com"] [uri "/.env.old"] [unique_id "aIBL8-ay57Xp5nvmyGPNrwAAAAc"] Stopwatch: 1753238515903206 5384 (- - -) Stopwatch2: 1753238515903206 5384; combined=3137, p1=662, p2=2343, p3=0, p4=0, p5=132, sr=203, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2f423153-Z-- --0a503b7d-A-- [23/Jul/2025:05:41:56.163686 +0300] aIBL9Oay57Xp5nvmyGPNsQAAABY 185.177.72.205 42624 127.0.0.1 7081 --0a503b7d-B-- GET /core/.env HTTP/1.0 Host: demonanomie.com X-Real-IP: 185.177.72.205 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0a503b7d-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 09 Jun 2025 14:06:48 GMT ETag: "328-637241743cede" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --0a503b7d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demonanomie.com"] [uri "/core/.env"] [unique_id "aIBL9Oay57Xp5nvmyGPNsQAAABY"] Stopwatch: 1753238516159855 3897 (- - -) Stopwatch2: 1753238516159855 3897; combined=2244, p1=520, p2=1652, p3=0, p4=0, p5=72, sr=134, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0a503b7d-Z-- --ff9f717e-A-- [23/Jul/2025:05:48:26.029577 +0300] aIBNeuay57Xp5nvmyGPSJwAAAAA 172.166.217.122 49052 127.0.0.1 7081 --ff9f717e-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: riyadhchocolate.com X-Real-IP: 172.166.217.122 X-Accel-Internal: /internal-nginx-static-location Connection: close accept-language: en-US,en;q=0.5 referer: http://riyadhchocolate.com/wp-login.php accept-encoding: gzip, deflate, br sec-fetch-dest: document sec-fetch-mode: navigate accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 upgrade-insecure-requests: 1 sec-fetch-site: same-origin sec-fetch-user: ?1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 cookie: wordpress_test_cookie=WP%20Cookie%20check --ff9f717e-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT ETag: "328-631485999ce56" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --ff9f717e-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "riyadhchocolate.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIBNeuay57Xp5nvmyGPSJwAAAAA"] Stopwatch: 1753238906024723 4984 (- - -) Stopwatch2: 1753238906024723 4984; combined=2996, p1=580, p2=2324, p3=0, p4=0, p5=91, sr=184, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ff9f717e-Z-- --52e7dc34-A-- [23/Jul/2025:05:51:03.629301 +0300] aIBOF13rNiqQlzhNw8abYAAAAMA 185.177.72.24 60440 127.0.0.1 7081 --52e7dc34-B-- GET /.git/config HTTP/1.0 Host: college.jinansystem.com X-Real-IP: 185.177.72.24 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --52e7dc34-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --52e7dc34-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "college.jinansystem.com"] [uri "/.git/config"] [unique_id "aIBOF13rNiqQlzhNw8abYAAAAMA"] Stopwatch: 1753239063624552 4838 (- - -) Stopwatch2: 1753239063624552 4838; combined=3044, p1=653, p2=2321, p3=0, p4=0, p5=70, sr=207, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --52e7dc34-Z-- --e659a858-A-- [23/Jul/2025:05:53:30.551580 +0300] aIBOqjJOavSZnEpfYwOSZAAAAAI 138.197.191.87 39636 127.0.0.1 7081 --e659a858-B-- POST /php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3D0+%ADd+disable_functions%3D""+%ADd+allow_url_include%3D1+%ADd+auto_prepend_file%3Dphp://input HTTP/1.0 Host: test.kime.agency X-Real-IP: 138.197.191.87 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 164 User-Agent: Go-http-client/1.1 Content-Type: application/x-www-form-urlencoded Accept-Encoding: gzip --e659a858-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 25 Jan 2023 19:33:35 GMT ETag: "328-5f31bb5588323" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --e659a858-H-- Message: Warning. Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\xadd cgi.force_redirect=0 \xadd disable_functions="" \xadd allow_url_include=1 \xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||test.kime.agency|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\x5cxadd cgi.force_redirect=0 \x5cxadd disable_functions=\x22\x22 \x5cxadd allow_url_include=1 \x5cxadd auto_prepend_file=php://input: \xadd cgi.force_redirect=0 \xadd disable_functions=\x22\x22 \xadd allow_url_include=1 \xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\\\\xadd cgi.force_redirect=0 \\\\xadd disable_functions="" \\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||test.kime.agency|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\\\x5cxadd cgi.force_redirect=0 \\\\x5cxadd disable_functions=\\\\x22\\\\x22 \\\\x5cxadd allow_url_include=1 \\\\x5cxadd auto_prepend_file=php://input: \\\\xadd cgi.force_redirect=0 \\\\xadd disable_functions=\\\\x22\\\\x22 \\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "test.kime.agency"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aIBOqjJOavSZnEpfYwOSZAAAAAI"] Stopwatch: 1753239210521679 30027 (- - -) Stopwatch2: 1753239210521679 30027; combined=28039, p1=554, p2=27202, p3=0, p4=0, p5=282, sr=145, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e659a858-Z-- --054cdc6b-A-- [23/Jul/2025:05:53:32.565959 +0300] aIBOrHkuNqusJfAMBBxgmQAAAEc 138.197.191.87 39966 127.0.0.1 7081 --054cdc6b-B-- GET /.env HTTP/1.0 Host: test.kime.agency X-Real-IP: 138.197.191.87 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --054cdc6b-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 25 Jan 2023 19:33:35 GMT ETag: "328-5f31bb5588323" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --054cdc6b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.kime.agency"] [uri "/.env"] [unique_id "aIBOrHkuNqusJfAMBBxgmQAAAEc"] Stopwatch: 1753239212561143 4883 (- - -) Stopwatch2: 1753239212561143 4883; combined=2861, p1=613, p2=2163, p3=0, p4=0, p5=85, sr=175, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --054cdc6b-Z-- --eba58444-A-- [23/Jul/2025:05:53:32.745169 +0300] aIBOrHkuNqusJfAMBBxgmwAAAFE 138.197.191.87 39994 127.0.0.1 7081 --eba58444-B-- GET /.git/config HTTP/1.0 Host: test.kime.agency X-Real-IP: 138.197.191.87 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --eba58444-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 25 Jan 2023 19:33:35 GMT ETag: "328-5f31bb5588323" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --eba58444-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.kime.agency"] [uri "/.git/config"] [unique_id "aIBOrHkuNqusJfAMBBxgmwAAAFE"] Stopwatch: 1753239212740822 4412 (- - -) Stopwatch2: 1753239212740822 4412; combined=2602, p1=563, p2=1971, p3=0, p4=0, p5=67, sr=141, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --eba58444-Z-- --5c356d4d-A-- [23/Jul/2025:05:53:37.868130 +0300] aIBOsTJOavSZnEpfYwOStAAAAAI 93.123.109.64 57912 127.0.0.1 7081 --5c356d4d-B-- GET /.git/config HTTP/1.0 Host: test.kime.agency X-Real-IP: 93.123.109.64 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows Phone OS 7.5; Trident/5.0; IEMobile/9.0) Accept-Charset: utf-8 Accept-Encoding: gzip --5c356d4d-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 25 Jan 2023 19:33:35 GMT ETag: "328-5f31bb5588323" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --5c356d4d-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.kime.agency"] [uri "/.git/config"] [unique_id "aIBOsTJOavSZnEpfYwOStAAAAAI"] Stopwatch: 1753239217861113 7108 (- - -) Stopwatch2: 1753239217861113 7108; combined=5032, p1=656, p2=4289, p3=0, p4=0, p5=87, sr=162, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5c356d4d-Z-- --0ab8372c-A-- [23/Jul/2025:05:53:56.869713 +0300] aIBOxDJOavSZnEpfYwOTZwAAAAc 93.123.109.64 37080 127.0.0.1 7081 --0ab8372c-B-- GET /.git/config HTTP/1.0 Host: test.kime.agency X-Real-IP: 93.123.109.64 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Safari/605.1.15 Accept-Charset: utf-8 Accept-Encoding: gzip --0ab8372c-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 25 Jan 2023 19:33:35 GMT ETag: "328-5f31bb5588323" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --0ab8372c-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.kime.agency"] [uri "/.git/config"] [unique_id "aIBOxDJOavSZnEpfYwOTZwAAAAc"] Stopwatch: 1753239236860200 9689 (- - -) Stopwatch2: 1753239236860200 9689; combined=7675, p1=3915, p2=3638, p3=0, p4=0, p5=121, sr=289, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0ab8372c-Z-- --f49c437f-A-- [23/Jul/2025:05:54:45.799285 +0300] aIBO9TJOavSZnEpfYwOUmAAAAAk 93.123.109.64 45904 127.0.0.1 7081 --f49c437f-B-- GET /.git/config HTTP/1.0 Host: test.kime.agency X-Real-IP: 93.123.109.64 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --f49c437f-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 25 Jan 2023 19:33:35 GMT ETag: "328-5f31bb5588323" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --f49c437f-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.kime.agency"] [uri "/.git/config"] [unique_id "aIBO9TJOavSZnEpfYwOUmAAAAAk"] Stopwatch: 1753239285791667 8634 (- - -) Stopwatch2: 1753239285791667 8634; combined=5035, p1=726, p2=4238, p3=0, p4=0, p5=71, sr=145, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f49c437f-Z-- --8079576f-A-- [23/Jul/2025:05:55:21.953084 +0300] aIBPGTJOavSZnEpfYwOWEAAAABg 93.123.109.64 33898 127.0.0.1 7081 --8079576f-B-- GET /.git/config HTTP/1.0 Host: test.kime.agency X-Real-IP: 93.123.109.64 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a3pre) Gecko/20070330 Accept-Charset: utf-8 Accept-Encoding: gzip --8079576f-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 25 Jan 2023 19:33:35 GMT ETag: "328-5f31bb5588323" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --8079576f-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.kime.agency"] [uri "/.git/config"] [unique_id "aIBPGTJOavSZnEpfYwOWEAAAABg"] Stopwatch: 1753239321948311 4965 (- - -) Stopwatch2: 1753239321948311 4965; combined=2716, p1=618, p2=2020, p3=0, p4=0, p5=78, sr=172, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8079576f-Z-- --a77bef5f-A-- [23/Jul/2025:05:56:03.887192 +0300] aIBPQzJOavSZnEpfYwOW9gAAAAQ 93.123.109.64 60864 127.0.0.1 7081 --a77bef5f-B-- GET /.git/config HTTP/1.0 Host: test.kime.agency X-Real-IP: 93.123.109.64 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_0) AppleWebKit/536.3 (KHTML, like Gecko) Chrome/19.0.1063.0 Safari/536.3 Accept-Charset: utf-8 Accept-Encoding: gzip --a77bef5f-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 25 Jan 2023 19:33:35 GMT ETag: "328-5f31bb5588323" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --a77bef5f-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.kime.agency"] [uri "/.git/config"] [unique_id "aIBPQzJOavSZnEpfYwOW9gAAAAQ"] Stopwatch: 1753239363882981 4303 (- - -) Stopwatch2: 1753239363882981 4303; combined=2463, p1=476, p2=1915, p3=0, p4=0, p5=72, sr=137, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a77bef5f-Z-- --7a60292d-A-- [23/Jul/2025:05:59:01.424431 +0300] aIBP9TJOavSZnEpfYwOc4AAAAA0 77.90.153.170 35208 127.0.0.1 7081 --7a60292d-B-- GET /.env HTTP/1.0 Host: menacore.net X-Real-IP: 77.90.153.170 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 YaBrowser/19.6.2.594 (beta) Yowser/2.5 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --7a60292d-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.29 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: csrf_cookie_name=31448b8dbdbea08a06d71fac3e3615ba; expires=Wed, 23 Jul 2025 04:00:01 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Set-Cookie: sp_session=iqmsiaor0ab7mo8b36ris53dv31s47uh; expires=Wed, 23 Jul 2025 10:59:01 GMT; Max-Age=28800; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=utf-8 --7a60292d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "menacore.net"] [uri "/.env"] [unique_id "aIBP9TJOavSZnEpfYwOc4AAAAA0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/menacore.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753239541263048 161515 (- - -) Stopwatch2: 1753239541263048 161515; combined=2530, p1=512, p2=1899, p3=0, p4=0, p5=118, sr=128, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7a60292d-Z-- --bfdb5216-A-- [23/Jul/2025:06:05:20.171845 +0300] aIBRcDJOavSZnEpfYwOoDgAAAA0 209.38.208.202 45580 127.0.0.1 7081 --bfdb5216-B-- GET /.env HTTP/1.0 Host: riyadhchocolate.com X-Real-IP: 209.38.208.202 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --bfdb5216-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT ETag: "328-631485999ce56" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --bfdb5216-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "riyadhchocolate.com"] [uri "/.env"] [unique_id "aIBRcDJOavSZnEpfYwOoDgAAAA0"] Stopwatch: 1753239920167049 4924 (- - -) Stopwatch2: 1753239920167049 4924; combined=2793, p1=559, p2=2150, p3=0, p4=0, p5=83, sr=163, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bfdb5216-Z-- --67f76944-A-- [23/Jul/2025:06:05:20.433717 +0300] aIBRcDJOavSZnEpfYwOoEQAAAAE 209.38.208.202 45602 127.0.0.1 7081 --67f76944-B-- GET /.git/config HTTP/1.0 Host: riyadhchocolate.com X-Real-IP: 209.38.208.202 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --67f76944-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT ETag: "328-631485999ce56" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --67f76944-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "riyadhchocolate.com"] [uri "/.git/config"] [unique_id "aIBRcDJOavSZnEpfYwOoEQAAAAE"] Stopwatch: 1753239920426432 7380 (- - -) Stopwatch2: 1753239920426432 7380; combined=5485, p1=659, p2=4756, p3=0, p4=0, p5=70, sr=191, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --67f76944-Z-- --6c971e1b-A-- [23/Jul/2025:06:07:04.477729 +0300] aIBR2DJOavSZnEpfYwOrmQAAABU 185.177.72.210 59874 127.0.0.1 7081 --6c971e1b-B-- GET /httpd.conf HTTP/1.0 Host: sys.ellaith.com X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6c971e1b-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Set-Cookie: csrf_cookie_name=85ffa6c7020a3150f2adcb3deba22aa1; expires=Wed, 23 Jul 2025 04:08:04 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --6c971e1b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||sys.ellaith.com|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||sys.ellaith.com|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "sys.ellaith.com"] [uri "/httpd.conf"] [unique_id "aIBR2DJOavSZnEpfYwOrmQAAABU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sys.ellaith.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753240024394212 83729 (- - -) Stopwatch2: 1753240024394212 83729; combined=2744, p1=646, p2=1975, p3=0, p4=0, p5=123, sr=270, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6c971e1b-Z-- --bfba771b-A-- [23/Jul/2025:06:07:04.594558 +0300] aIBR2DJOavSZnEpfYwOrmwAAABM 185.177.72.210 59906 127.0.0.1 7081 --bfba771b-B-- GET /apps/.env HTTP/1.0 Host: sys.ellaith.com X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --bfba771b-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Set-Cookie: csrf_cookie_name=b83a577ee6a6f47cba50ce63f7cd8ccb; expires=Wed, 23 Jul 2025 04:08:04 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --bfba771b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sys.ellaith.com"] [uri "/apps/.env"] [unique_id "aIBR2DJOavSZnEpfYwOrmwAAABM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sys.ellaith.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753240024536737 57900 (- - -) Stopwatch2: 1753240024536737 57900; combined=2381, p1=476, p2=1806, p3=0, p4=0, p5=98, sr=135, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bfba771b-Z-- --54beab1b-A-- [23/Jul/2025:06:07:04.922675 +0300] aIBR2DJOavSZnEpfYwOrnwAAABg 185.177.72.210 59958 127.0.0.1 7081 --54beab1b-B-- GET /api/.env HTTP/1.0 Host: sys.ellaith.com X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --54beab1b-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Set-Cookie: csrf_cookie_name=960bcbcaab6829c7b0c137f19cafa33f; expires=Wed, 23 Jul 2025 04:08:04 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --54beab1b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sys.ellaith.com"] [uri "/api/.env"] [unique_id "aIBR2DJOavSZnEpfYwOrnwAAABg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sys.ellaith.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753240024769094 153647 (- - -) Stopwatch2: 1753240024769094 153647; combined=99464, p1=691, p2=2273, p3=0, p4=0, p5=48325, sr=179, sw=0, l=0, gc=48175 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --54beab1b-Z-- --c5d88771-A-- [23/Jul/2025:06:07:05.053658 +0300] aIBR2HkuNqusJfAMBBxr2gAAAFM 185.177.72.210 59996 127.0.0.1 7081 --c5d88771-B-- GET /blog/.env HTTP/1.0 Host: sys.ellaith.com X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c5d88771-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Set-Cookie: csrf_cookie_name=dbaf4ebdae9b23353b23b5e7d120739e; expires=Wed, 23 Jul 2025 04:08:05 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --c5d88771-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sys.ellaith.com"] [uri "/blog/.env"] [unique_id "aIBR2HkuNqusJfAMBBxr2gAAAFM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sys.ellaith.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753240024983464 70280 (- - -) Stopwatch2: 1753240024983464 70280; combined=3019, p1=663, p2=2237, p3=0, p4=0, p5=118, sr=159, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c5d88771-Z-- --e075003a-A-- [23/Jul/2025:06:07:05.188736 +0300] aIBR2TJOavSZnEpfYwOrpQAAAAM 185.177.72.210 60014 127.0.0.1 7081 --e075003a-B-- GET /.env.production HTTP/1.0 Host: sys.ellaith.com X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e075003a-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Set-Cookie: csrf_cookie_name=388a4f340153c6dd6df05e2756d5468f; expires=Wed, 23 Jul 2025 04:08:05 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --e075003a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sys.ellaith.com"] [uri "/.env.production"] [unique_id "aIBR2TJOavSZnEpfYwOrpQAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sys.ellaith.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753240025113561 75271 (- - -) Stopwatch2: 1753240025113561 75271; combined=2909, p1=541, p2=2266, p3=0, p4=0, p5=102, sr=156, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e075003a-Z-- --b187757e-A-- [23/Jul/2025:06:07:05.302170 +0300] aIBR2TJOavSZnEpfYwOrpwAAABQ 185.177.72.210 60028 127.0.0.1 7081 --b187757e-B-- GET /protected/.env HTTP/1.0 Host: sys.ellaith.com X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b187757e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Set-Cookie: csrf_cookie_name=2bbf4871347a60e29e792c3a350e6df4; expires=Wed, 23 Jul 2025 04:08:05 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --b187757e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sys.ellaith.com"] [uri "/protected/.env"] [unique_id "aIBR2TJOavSZnEpfYwOrpwAAABQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sys.ellaith.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753240025247086 55168 (- - -) Stopwatch2: 1753240025247086 55168; combined=2868, p1=646, p2=2101, p3=0, p4=0, p5=120, sr=185, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b187757e-Z-- --f3cb333a-A-- [23/Jul/2025:06:07:05.413229 +0300] aIBR2TJOavSZnEpfYwOrqQAAABY 185.177.72.210 60052 127.0.0.1 7081 --f3cb333a-B-- GET /config/.env HTTP/1.0 Host: sys.ellaith.com X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f3cb333a-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Set-Cookie: csrf_cookie_name=787fe9ceb589c51dc3f8fb3db13e31e3; expires=Wed, 23 Jul 2025 04:08:05 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --f3cb333a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sys.ellaith.com"] [uri "/config/.env"] [unique_id "aIBR2TJOavSZnEpfYwOrqQAAABY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sys.ellaith.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753240025361257 52068 (- - -) Stopwatch2: 1753240025361257 52068; combined=3251, p1=773, p2=2358, p3=0, p4=0, p5=119, sr=184, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f3cb333a-Z-- --e6ba4836-A-- [23/Jul/2025:06:07:05.539110 +0300] aIBR2TJOavSZnEpfYwOrqwAAAAY 185.177.72.210 60084 127.0.0.1 7081 --e6ba4836-B-- GET /base/.env HTTP/1.0 Host: sys.ellaith.com X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e6ba4836-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Set-Cookie: csrf_cookie_name=ff34f2969bf7dbe7a41952f19f378276; expires=Wed, 23 Jul 2025 04:08:05 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --e6ba4836-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sys.ellaith.com"] [uri "/base/.env"] [unique_id "aIBR2TJOavSZnEpfYwOrqwAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sys.ellaith.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753240025479126 60046 (- - -) Stopwatch2: 1753240025479126 60046; combined=3229, p1=943, p2=2187, p3=0, p4=0, p5=98, sr=158, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e6ba4836-Z-- --33547c74-A-- [23/Jul/2025:06:20:14.357899 +0300] aIBU7jJOavSZnEpfYwPBAwAAABQ 93.123.109.64 43820 127.0.0.1 7081 --33547c74-B-- GET /.git/config HTTP/1.0 Host: test.kime.agency X-Real-IP: 93.123.109.64 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (OS/2; Warp 4.5; rv:38.0) Gecko/20100101 Firefox/38.0 SeaMonkey/2.35 Accept-Charset: utf-8 Accept-Encoding: gzip --33547c74-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 25 Jan 2023 19:33:35 GMT ETag: "328-5f31bb5588323" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --33547c74-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.kime.agency"] [uri "/.git/config"] [unique_id "aIBU7jJOavSZnEpfYwPBAwAAABQ"] Stopwatch: 1753240814352454 5575 (- - -) Stopwatch2: 1753240814352454 5575; combined=3294, p1=652, p2=2545, p3=0, p4=0, p5=97, sr=161, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --33547c74-Z-- --ffd5e27c-A-- [23/Jul/2025:06:20:43.929488 +0300] aIBVCzJOavSZnEpfYwPCHAAAABU 93.123.109.64 35774 127.0.0.1 7081 --ffd5e27c-B-- GET /.git/config HTTP/1.0 Host: test.kime.agency X-Real-IP: 93.123.109.64 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Opera/9.80 (Windows NT 6.1; U; es-ES) Presto/2.9.181 Version/12.00 Accept-Charset: utf-8 Accept-Encoding: gzip --ffd5e27c-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 25 Jan 2023 19:33:35 GMT ETag: "328-5f31bb5588323" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --ffd5e27c-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.kime.agency"] [uri "/.git/config"] [unique_id "aIBVCzJOavSZnEpfYwPCHAAAABU"] Stopwatch: 1753240843873219 56389 (- - -) Stopwatch2: 1753240843873219 56389; combined=106423, p1=603, p2=1936, p3=0, p4=0, p5=51974, sr=172, sw=0, l=0, gc=51910 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ffd5e27c-Z-- --1bffbb01-A-- [23/Jul/2025:06:22:09.431318 +0300] aIBVYTJOavSZnEpfYwPEugAAABE 13.36.165.173 44832 127.0.0.1 7081 --1bffbb01-B-- GET /.git/config HTTP/1.0 Host: soor.raqmix.cloud X-Real-IP: 13.36.165.173 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 9; ONEPLUS A3010) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --1bffbb01-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --1bffbb01-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "soor.raqmix.cloud"] [uri "/.git/config"] [unique_id "aIBVYTJOavSZnEpfYwPEugAAABE"] Stopwatch: 1753240929425673 5757 (- - -) Stopwatch2: 1753240929425673 5757; combined=3420, p1=690, p2=2632, p3=0, p4=0, p5=98, sr=176, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1bffbb01-Z-- --87edc568-A-- [23/Jul/2025:06:22:52.376576 +0300] aIBVjDJOavSZnEpfYwPFkAAAAAg 185.177.72.210 60326 127.0.0.1 7081 --87edc568-B-- GET /httpd.conf HTTP/1.0 Host: internetlb.com X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --87edc568-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 12 Dec 2016 17:20:28 GMT ETag: "405-5437951ed94a5" Accept-Ranges: bytes Content-Length: 1029 Content-Type: text/html --87edc568-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||internetlb.com|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||internetlb.com|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "internetlb.com"] [uri "/httpd.conf"] [unique_id "aIBVjDJOavSZnEpfYwPFkAAAAAg"] Stopwatch: 1753240972371918 4753 (- - -) Stopwatch2: 1753240972371918 4753; combined=2718, p1=604, p2=2040, p3=0, p4=0, p5=74, sr=169, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --87edc568-Z-- --7cf1db48-A-- [23/Jul/2025:06:22:52.442794 +0300] aIBVjDJOavSZnEpfYwPFkQAAAAo 185.177.72.210 60328 127.0.0.1 7081 --7cf1db48-B-- GET /apps/.env HTTP/1.0 Host: internetlb.com X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7cf1db48-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 12 Dec 2016 17:20:28 GMT ETag: "405-5437951ed94a5" Accept-Ranges: bytes Content-Length: 1029 Content-Type: text/html --7cf1db48-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "internetlb.com"] [uri "/apps/.env"] [unique_id "aIBVjDJOavSZnEpfYwPFkQAAAAo"] Stopwatch: 1753240972437851 5051 (- - -) Stopwatch2: 1753240972437851 5051; combined=2999, p1=766, p2=2150, p3=0, p4=0, p5=82, sr=168, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7cf1db48-Z-- --783a401d-A-- [23/Jul/2025:06:22:52.583508 +0300] aIBVjHkuNqusJfAMBBx3kAAAAE8 185.177.72.210 60346 127.0.0.1 7081 --783a401d-B-- GET /api/.env HTTP/1.0 Host: internetlb.com X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --783a401d-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 12 Dec 2016 17:20:28 GMT ETag: "405-5437951ed94a5" Accept-Ranges: bytes Content-Length: 1029 Content-Type: text/html --783a401d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "internetlb.com"] [uri "/api/.env"] [unique_id "aIBVjHkuNqusJfAMBBx3kAAAAE8"] Stopwatch: 1753240972578838 4736 (- - -) Stopwatch2: 1753240972578838 4736; combined=2895, p1=594, p2=2234, p3=0, p4=0, p5=67, sr=136, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --783a401d-Z-- --12821a0f-A-- [23/Jul/2025:06:22:52.647616 +0300] aIBVjDJOavSZnEpfYwPFlAAAABM 185.177.72.210 60374 127.0.0.1 7081 --12821a0f-B-- GET /blog/.env HTTP/1.0 Host: internetlb.com X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --12821a0f-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 12 Dec 2016 17:20:28 GMT ETag: "405-5437951ed94a5" Accept-Ranges: bytes Content-Length: 1029 Content-Type: text/html --12821a0f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "internetlb.com"] [uri "/blog/.env"] [unique_id "aIBVjDJOavSZnEpfYwPFlAAAABM"] Stopwatch: 1753240972643434 4247 (- - -) Stopwatch2: 1753240972643434 4247; combined=2474, p1=496, p2=1913, p3=0, p4=0, p5=65, sr=161, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --12821a0f-Z-- --053f2c21-A-- [23/Jul/2025:06:22:52.715424 +0300] aIBVjDJOavSZnEpfYwPFlQAAAAk 185.177.72.210 60386 127.0.0.1 7081 --053f2c21-B-- GET /.env.production HTTP/1.0 Host: internetlb.com X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --053f2c21-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 12 Dec 2016 17:20:28 GMT ETag: "405-5437951ed94a5" Accept-Ranges: bytes Content-Length: 1029 Content-Type: text/html --053f2c21-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "internetlb.com"] [uri "/.env.production"] [unique_id "aIBVjDJOavSZnEpfYwPFlQAAAAk"] Stopwatch: 1753240972708845 6686 (- - -) Stopwatch2: 1753240972708845 6686; combined=3990, p1=823, p2=3048, p3=0, p4=0, p5=118, sr=180, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --053f2c21-Z-- --ad233678-A-- [23/Jul/2025:06:22:52.786673 +0300] aIBVjDJOavSZnEpfYwPFlgAAAAw 185.177.72.210 60398 127.0.0.1 7081 --ad233678-B-- GET /protected/.env HTTP/1.0 Host: internetlb.com X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ad233678-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 12 Dec 2016 17:20:28 GMT ETag: "405-5437951ed94a5" Accept-Ranges: bytes Content-Length: 1029 Content-Type: text/html --ad233678-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "internetlb.com"] [uri "/protected/.env"] [unique_id "aIBVjDJOavSZnEpfYwPFlgAAAAw"] Stopwatch: 1753240972778768 7972 (- - -) Stopwatch2: 1753240972778768 7972; combined=2994, p1=999, p2=1929, p3=0, p4=0, p5=66, sr=319, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ad233678-Z-- --0b4b4c3e-A-- [23/Jul/2025:06:22:52.851306 +0300] aIBVjHkuNqusJfAMBBx3kQAAAEs 185.177.72.210 52872 127.0.0.1 7081 --0b4b4c3e-B-- GET /config/.env HTTP/1.0 Host: internetlb.com X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0b4b4c3e-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 12 Dec 2016 17:20:28 GMT ETag: "405-5437951ed94a5" Accept-Ranges: bytes Content-Length: 1029 Content-Type: text/html --0b4b4c3e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "internetlb.com"] [uri "/config/.env"] [unique_id "aIBVjHkuNqusJfAMBBx3kQAAAEs"] Stopwatch: 1753240972847254 4116 (- - -) Stopwatch2: 1753240972847254 4116; combined=2401, p1=593, p2=1743, p3=0, p4=0, p5=65, sr=161, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0b4b4c3e-Z-- --00a94078-A-- [23/Jul/2025:06:22:52.923657 +0300] aIBVjDJOavSZnEpfYwPFmAAAAAI 185.177.72.210 52888 127.0.0.1 7081 --00a94078-B-- GET /base/.env HTTP/1.0 Host: internetlb.com X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --00a94078-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 12 Dec 2016 17:20:28 GMT ETag: "405-5437951ed94a5" Accept-Ranges: bytes Content-Length: 1029 Content-Type: text/html --00a94078-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "internetlb.com"] [uri "/base/.env"] [unique_id "aIBVjDJOavSZnEpfYwPFmAAAAAI"] Stopwatch: 1753240972916705 7042 (- - -) Stopwatch2: 1753240972916705 7042; combined=4070, p1=506, p2=3462, p3=0, p4=0, p5=101, sr=148, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --00a94078-Z-- --d2801f36-A-- [23/Jul/2025:06:22:52.990384 +0300] aIBVjDJOavSZnEpfYwPFmQAAAAU 185.177.72.210 52890 127.0.0.1 7081 --d2801f36-B-- GET /.env.development HTTP/1.0 Host: internetlb.com X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d2801f36-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 12 Dec 2016 17:20:28 GMT ETag: "405-5437951ed94a5" Accept-Ranges: bytes Content-Length: 1029 Content-Type: text/html --d2801f36-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "internetlb.com"] [uri "/.env.development"] [unique_id "aIBVjDJOavSZnEpfYwPFmQAAAAU"] Stopwatch: 1753240972984527 5954 (- - -) Stopwatch2: 1753240972984527 5954; combined=3392, p1=716, p2=2574, p3=0, p4=0, p5=101, sr=161, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d2801f36-Z-- --bb827228-A-- [23/Jul/2025:06:22:53.058323 +0300] aIBVjTJOavSZnEpfYwPFmgAAAAQ 185.177.72.210 52894 127.0.0.1 7081 --bb827228-B-- GET /v2/.env HTTP/1.0 Host: internetlb.com X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --bb827228-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 12 Dec 2016 17:20:28 GMT ETag: "405-5437951ed94a5" Accept-Ranges: bytes Content-Length: 1029 Content-Type: text/html --bb827228-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "internetlb.com"] [uri "/v2/.env"] [unique_id "aIBVjTJOavSZnEpfYwPFmgAAAAQ"] Stopwatch: 1753240973051538 6891 (- - -) Stopwatch2: 1753240973051538 6891; combined=4309, p1=779, p2=3338, p3=0, p4=0, p5=191, sr=250, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bb827228-Z-- --21597b20-A-- [23/Jul/2025:06:24:14.316054 +0300] aIBV3jJOavSZnEpfYwPHzgAAABU 85.203.45.149 53650 127.0.0.1 7081 --21597b20-B-- HEAD /backup/sftp-config.json HTTP/1.0 Host: vivacetrading.com X-Real-IP: 85.203.45.149 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --21597b20-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --21597b20-H-- Message: Warning. Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vivacetrading.com"] [uri "/backup/sftp-config.json"] [unique_id "aIBV3jJOavSZnEpfYwPHzgAAABU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753241054294417 21769 (- - -) Stopwatch2: 1753241054294417 21769; combined=3075, p1=667, p2=2224, p3=0, p4=0, p5=183, sr=205, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --21597b20-Z-- --26982373-A-- [23/Jul/2025:06:24:18.267769 +0300] aIBV4nkuNqusJfAMBBx4ZAAAAEA 93.123.109.64 53828 127.0.0.1 7081 --26982373-B-- GET /.git/config HTTP/1.0 Host: test.kime.agency X-Real-IP: 93.123.109.64 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --26982373-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 25 Jan 2023 19:33:35 GMT ETag: "328-5f31bb5588323" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --26982373-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.kime.agency"] [uri "/.git/config"] [unique_id "aIBV4nkuNqusJfAMBBx4ZAAAAEA"] Stopwatch: 1753241058263374 4571 (- - -) Stopwatch2: 1753241058263374 4571; combined=2591, p1=569, p2=1957, p3=0, p4=0, p5=65, sr=187, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --26982373-Z-- --b995fc32-A-- [23/Jul/2025:06:44:55.639719 +0300] aIBatzJOavSZnEpfYwPVLQAAABA 93.123.109.64 45282 127.0.0.1 7081 --b995fc32-B-- GET /.git/config HTTP/1.0 Host: test.kime.agency X-Real-IP: 93.123.109.64 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.93 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --b995fc32-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 25 Jan 2023 19:33:35 GMT ETag: "328-5f31bb5588323" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --b995fc32-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.kime.agency"] [uri "/.git/config"] [unique_id "aIBatzJOavSZnEpfYwPVLQAAABA"] Stopwatch: 1753242295630693 9143 (- - -) Stopwatch2: 1753242295630693 9143; combined=2555, p1=565, p2=1895, p3=0, p4=0, p5=95, sr=205, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b995fc32-Z-- --46971e59-A-- [23/Jul/2025:06:45:18.638639 +0300] aIBazjJOavSZnEpfYwPVbwAAAAE 13.36.165.173 53668 127.0.0.1 7081 --46971e59-B-- GET /.git/config HTTP/1.0 Host: vivacetrading.com X-Real-IP: 13.36.165.173 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 OPR/62.0.3331.116 Accept-Charset: utf-8 Accept-Encoding: gzip --46971e59-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 586 Content-Type: text/html; charset=UTF-8 --46971e59-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vivacetrading.com"] [uri "/.git/config"] [unique_id "aIBazjJOavSZnEpfYwPVbwAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753242318609012 29716 (- - -) Stopwatch2: 1753242318609012 29716; combined=2696, p1=552, p2=2001, p3=0, p4=0, p5=143, sr=146, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --46971e59-Z-- --aed2b150-A-- [23/Jul/2025:06:47:31.064251 +0300] aIBbU3kuNqusJfAMBBx_2wAAAE0 196.251.114.43 44114 127.0.0.1 7081 --aed2b150-B-- GET /.git/index HTTP/1.0 Host: 41.128.143.88 X-Real-IP: 196.251.114.43 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; SM-T550) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --aed2b150-F-- HTTP/1.1 421 Misdirected Request Content-Length: 386 Connection: close Content-Type: text/html; charset=iso-8859-1 --aed2b150-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.88"] [uri "/.git/index"] [unique_id "aIBbU3kuNqusJfAMBBx_2wAAAE0"] Apache-Error: [file "ssl_engine_kernel.c"] [line 325] [level 3] AH02032: Hostname default-41_128_143_86 (default host as no SNI was provided) and hostname 41.128.143.88 provided via HTTP have no compatible SSL setup Stopwatch: 1753242451063106 1220 (- - -) Stopwatch2: 1753242451063106 1220; combined=714, p1=531, p2=0, p3=29, p4=31, p5=123, sr=136, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --aed2b150-Z-- --4c7d830d-A-- [23/Jul/2025:06:50:00.548893 +0300] aIBb6DJOavSZnEpfYwPdAwAAABI 77.90.153.170 43522 127.0.0.1 7081 --4c7d830d-B-- GET /.env HTTP/1.0 Host: soor.raqmix.cloud X-Real-IP: 77.90.153.170 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.1 Safari/605.1.15 Accept-Charset: utf-8 Accept-Encoding: gzip --4c7d830d-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --4c7d830d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "soor.raqmix.cloud"] [uri "/.env"] [unique_id "aIBb6DJOavSZnEpfYwPdAwAAABI"] Stopwatch: 1753242600543721 5285 (- - -) Stopwatch2: 1753242600543721 5285; combined=2769, p1=835, p2=1870, p3=0, p4=0, p5=64, sr=128, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4c7d830d-Z-- --d076891c-A-- [23/Jul/2025:07:00:25.179354 +0300] aIBeWHkuNqusJfAMBByKsAAAAFE 209.97.180.8 39318 127.0.0.1 7081 --d076891c-B-- POST /php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3D0+%ADd+disable_functions%3D""+%ADd+allow_url_include%3D1+%ADd+auto_prepend_file%3Dphp://input HTTP/1.0 Host: rorobeauty.raqmix.cloud X-Real-IP: 209.97.180.8 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 164 User-Agent: Go-http-client/1.1 Content-Type: application/x-www-form-urlencoded Accept-Encoding: gzip --d076891c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --d076891c-H-- Message: Warning. Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\xadd cgi.force_redirect=0 \xadd disable_functions="" \xadd allow_url_include=1 \xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||rorobeauty.raqmix.cloud|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\x5cxadd cgi.force_redirect=0 \x5cxadd disable_functions=\x22\x22 \x5cxadd allow_url_include=1 \x5cxadd auto_prepend_file=php://input: \xadd cgi.force_redirect=0 \xadd disable_functions=\x22\x22 \xadd allow_url_include=1 \xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\\\\xadd cgi.force_redirect=0 \\\\xadd disable_functions="" \\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||rorobeauty.raqmix.cloud|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\\\x5cxadd cgi.force_redirect=0 \\\\x5cxadd disable_functions=\\\\x22\\\\x22 \\\\x5cxadd allow_url_include=1 \\\\x5cxadd auto_prepend_file=php://input: \\\\xadd cgi.force_redirect=0 \\\\xadd disable_functions=\\\\x22\\\\x22 \\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "rorobeauty.raqmix.cloud"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aIBeWHkuNqusJfAMBByKsAAAAFE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/rorobeauty.raqmix.cloud/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753243224877385 302119 (- - -) Stopwatch2: 1753243224877385 302119; combined=5790, p1=716, p2=4842, p3=0, p4=0, p5=231, sr=134, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d076891c-Z-- --39c6ab49-A-- [23/Jul/2025:07:00:39.421170 +0300] aIBeZzJOavSZnEpfYwPvfwAAAAE 209.97.180.8 36064 127.0.0.1 7081 --39c6ab49-B-- GET /.env HTTP/1.0 Host: rorobeauty.raqmix.cloud X-Real-IP: 209.97.180.8 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --39c6ab49-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --39c6ab49-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rorobeauty.raqmix.cloud"] [uri "/.env"] [unique_id "aIBeZzJOavSZnEpfYwPvfwAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/rorobeauty.raqmix.cloud/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753243239155619 265660 (- - -) Stopwatch2: 1753243239155619 265660; combined=2328, p1=487, p2=1718, p3=0, p4=0, p5=122, sr=135, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --39c6ab49-Z-- --df899a11-A-- [23/Jul/2025:07:00:39.904191 +0300] aIBeZzJOavSZnEpfYwPvhAAAAAI 209.97.180.8 36140 127.0.0.1 7081 --df899a11-B-- GET /.git/config HTTP/1.0 Host: rorobeauty.raqmix.cloud X-Real-IP: 209.97.180.8 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --df899a11-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --df899a11-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rorobeauty.raqmix.cloud"] [uri "/.git/config"] [unique_id "aIBeZzJOavSZnEpfYwPvhAAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/rorobeauty.raqmix.cloud/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753243239615358 288918 (- - -) Stopwatch2: 1753243239615358 288918; combined=5341, p1=1118, p2=4103, p3=0, p4=0, p5=120, sr=157, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --df899a11-Z-- --8afaf322-A-- [23/Jul/2025:07:13:17.372712 +0300] aIBhXXkuNqusJfAMBByXAAAAAEE 192.158.224.187 57448 127.0.0.1 7081 --8afaf322-B-- GET /vendor/phpunit/phpunit/phpunit.xsd HTTP/1.0 Host: internetlb.com X-Real-IP: 192.158.224.187 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0 Accept-Encoding: gzip, deflate Accept: */* Accept-Language: en-US,en;q=0.5 X-Requested-With: XMLHttpRequest --8afaf322-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 12 Dec 2016 17:20:28 GMT ETag: "405-5437951ed94a5" Accept-Ranges: bytes Content-Length: 1029 Content-Type: text/html --8afaf322-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||internetlb.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||internetlb.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "internetlb.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aIBhXXkuNqusJfAMBByXAAAAAEE"] Stopwatch: 1753243997367636 5515 (- - -) Stopwatch2: 1753243997367636 5515; combined=2811, p1=485, p2=2077, p3=0, p4=0, p5=249, sr=138, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8afaf322-Z-- --270b9159-A-- [23/Jul/2025:07:14:25.242871 +0300] aIBhoTJOavSZnEpfYwMHVQAAAAs 77.90.153.170 51364 127.0.0.1 7081 --270b9159-B-- GET /.env HTTP/1.0 Host: vivacetrading.com X-Real-IP: 77.90.153.170 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 9; LEX829) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/10.1 Chrome/71.0.3578.99 Mobile Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --270b9159-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 586 Content-Type: text/html; charset=UTF-8 --270b9159-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vivacetrading.com"] [uri "/.env"] [unique_id "aIBhoTJOavSZnEpfYwMHVQAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753244065213545 29422 (- - -) Stopwatch2: 1753244065213545 29422; combined=3603, p1=715, p2=2799, p3=0, p4=0, p5=88, sr=163, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --270b9159-Z-- --f5078f69-A-- [23/Jul/2025:07:17:59.531407 +0300] aIBidzJOavSZnEpfYwMMngAAABI 45.82.255.188 35862 127.0.0.1 7081 --f5078f69-B-- GET /app_dev.php/_profiler/open?file=app/config/parameters.yml HTTP/1.0 Host: jac.group X-Real-IP: 45.82.255.188 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f5078f69-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/7.4.33 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --f5078f69-H-- Message: Warning. Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Matched phrase "parameters.yml" at ARGS:file. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jac.group|F|2"] [data "Matched Data: parameters.yml found within ARGS:file: app/config/parameters.yml"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jac.group"] [uri "/app_dev.php/_profiler/open"] [unique_id "aIBidzJOavSZnEpfYwMMngAAABI"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "parameters.yml" at ARGS:file. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jac.group|F|2"] [data "Matched Data: parameters.yml found within ARGS:file: app/config/parameters.yml"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jac.group"] [uri "/app_dev.php/_profiler/open"] [unique_id "aIBidzJOavSZnEpfYwMMngAAABI"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'Primary script unknown' Apache-Handler: proxy:unix:/var/www/vhosts/system/jac.group/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753244279516902 14579 (- - -) Stopwatch2: 1753244279516902 14579; combined=5210, p1=601, p2=4355, p3=60, p4=61, p5=132, sr=181, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f5078f69-Z-- --38484c56-A-- [23/Jul/2025:07:21:35.847289 +0300] aIBjT3kuNqusJfAMBBydIQAAAE0 155.2.217.20 36178 127.0.0.1 7081 --38484c56-B-- HEAD /www.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 155.2.217.20 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --38484c56-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --38484c56-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/www.sql"] [unique_id "aIBjT3kuNqusJfAMBBydIQAAAE0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753244495831492 15864 (- - -) Stopwatch2: 1753244495831492 15864; combined=2098, p1=425, p2=1561, p3=0, p4=0, p5=111, sr=153, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --38484c56-Z-- --6e824320-A-- [23/Jul/2025:07:21:36.414597 +0300] aIBjUDJOavSZnEpfYwMTawAAABY 155.2.217.16 36266 127.0.0.1 7081 --6e824320-B-- HEAD /bak/sql.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 155.2.217.16 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --6e824320-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --6e824320-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/bak/sql.sql"] [unique_id "aIBjUDJOavSZnEpfYwMTawAAABY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753244496391515 23172 (- - -) Stopwatch2: 1753244496391515 23172; combined=7441, p1=5398, p2=1916, p3=0, p4=0, p5=126, sr=1814, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6e824320-Z-- --baf2d777-A-- [23/Jul/2025:07:28:42.308123 +0300] aIBk-jJOavSZnEpfYwMezwAAABM 98.159.226.17 46152 127.0.0.1 7081 --baf2d777-B-- HEAD /restore/mysql.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 98.159.226.17 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --baf2d777-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --baf2d777-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/restore/mysql.sql"] [unique_id "aIBk-jJOavSZnEpfYwMezwAAABM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753244922290770 17432 (- - -) Stopwatch2: 1753244922290770 17432; combined=3147, p1=480, p2=2576, p3=0, p4=0, p5=91, sr=167, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --baf2d777-Z-- --99939302-A-- [23/Jul/2025:07:28:44.049763 +0300] aIBk_DJOavSZnEpfYwMe4wAAAAQ 98.159.226.20 47358 127.0.0.1 7081 --99939302-B-- HEAD /back/dump.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 98.159.226.20 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --99939302-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --99939302-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/back/dump.sql"] [unique_id "aIBk_DJOavSZnEpfYwMe4wAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753244924031512 18308 (- - -) Stopwatch2: 1753244924031512 18308; combined=3346, p1=1415, p2=1820, p3=0, p4=0, p5=111, sr=428, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --99939302-Z-- --dea12a51-A-- [23/Jul/2025:07:28:44.898539 +0300] aIBk_DJOavSZnEpfYwMe6gAAABA 98.159.226.22 47488 127.0.0.1 7081 --dea12a51-B-- HEAD /backups/sftp-config.json HTTP/1.0 Host: vivacetrading.com X-Real-IP: 98.159.226.22 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --dea12a51-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --dea12a51-H-- Message: Warning. Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vivacetrading.com"] [uri "/backups/sftp-config.json"] [unique_id "aIBk_DJOavSZnEpfYwMe6gAAABA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753244924881524 17068 (- - -) Stopwatch2: 1753244924881524 17068; combined=2408, p1=610, p2=1702, p3=0, p4=0, p5=95, sr=153, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dea12a51-Z-- --6da5716e-A-- [23/Jul/2025:07:34:24.904617 +0300] aIBmUDJOavSZnEpfYwMoIwAAAAs 20.74.83.27 35806 127.0.0.1 7081 --6da5716e-B-- GET /.env HTTP/1.0 Host: raqmix.cloud X-Real-IP: 20.74.83.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 Accept: */* Accept-Encoding: gzip, deflate, br --6da5716e-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --6da5716e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "raqmix.cloud"] [uri "/.env"] [unique_id "aIBmUDJOavSZnEpfYwMoIwAAAAs"] Stopwatch: 1753245264899972 4734 (- - -) Stopwatch2: 1753245264899972 4734; combined=2667, p1=650, p2=1949, p3=0, p4=0, p5=68, sr=181, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6da5716e-Z-- --33eeb211-A-- [23/Jul/2025:07:42:42.750034 +0300] aIBoQjJOavSZnEpfYwM0gAAAAAE 141.105.87.197 48786 127.0.0.1 7081 --33eeb211-B-- GET /administration/index.php?code=4/0AVMBsJimUKQz_T3YMsJbyaHVcrwY_77AKfq_Oju-S1NvuiqqpJU4O9TGzuvcjZm4avMl6Q&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 141.105.87.197 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=buqp4ks3kpraa0l3eore96aj90 --33eeb211-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --33eeb211-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIBoQjJOavSZnEpfYwM0gAAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753245762337370 412874 (- - -) Stopwatch2: 1753245762337370 412874; combined=4897, p1=670, p2=3867, p3=138, p4=68, p5=153, sr=178, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --33eeb211-Z-- --dedb6c6c-A-- [23/Jul/2025:07:43:52.623218 +0300] aIBoiDJOavSZnEpfYwM2qgAAAA4 155.94.155.152 46292 127.0.0.1 7081 --dedb6c6c-B-- GET /.env HTTP/1.0 Host: vivacetrading.com X-Real-IP: 155.94.155.152 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 accept-encoding: gzip --dedb6c6c-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 586 Content-Type: text/html; charset=UTF-8 --dedb6c6c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vivacetrading.com"] [uri "/.env"] [unique_id "aIBoiDJOavSZnEpfYwM2qgAAAA4"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753245832607141 16157 (- - -) Stopwatch2: 1753245832607141 16157; combined=2295, p1=461, p2=1676, p3=0, p4=0, p5=158, sr=129, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dedb6c6c-Z-- --02082353-A-- [23/Jul/2025:07:47:09.192527 +0300] aIBpTTJOavSZnEpfYwM7QAAAABM 155.94.155.152 36218 127.0.0.1 7081 --02082353-B-- GET /.env HTTP/1.0 Host: college.jinansystem.com X-Real-IP: 155.94.155.152 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 accept-encoding: gzip --02082353-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --02082353-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "college.jinansystem.com"] [uri "/.env"] [unique_id "aIBpTTJOavSZnEpfYwM7QAAAABM"] Stopwatch: 1753246029187065 5580 (- - -) Stopwatch2: 1753246029187065 5580; combined=3559, p1=491, p2=2935, p3=0, p4=0, p5=132, sr=145, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --02082353-Z-- --e20b6b7d-A-- [23/Jul/2025:07:47:51.316215 +0300] aIBpdjJOavSZnEpfYwM8NgAAABg 212.28.242.186 56978 127.0.0.1 7081 --e20b6b7d-B-- GET /administration/index.php?code=4/0AVMBsJgf1wiWQPmRa7erVZnHPHRodBEVIfqdAh9ZpYGUZYMP24P1zlz9wi8KP7dCgqR3Gw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-GB,en-US;q=0.9,en;q=0.8 priority: u=0, i cookie: PHPSESSID=cu2ti8kadvkl84f49hl83k9ls0 --e20b6b7d-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --e20b6b7d-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIBpdjJOavSZnEpfYwM8NgAAABg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753246070862202 454166 (- - -) Stopwatch2: 1753246070862202 454166; combined=7137, p1=864, p2=5853, p3=229, p4=68, p5=123, sr=285, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e20b6b7d-Z-- --83088557-A-- [23/Jul/2025:07:51:28.787786 +0300] aIBqUHkuNqusJfAMBByzJgAAAE4 212.28.242.186 43642 127.0.0.1 7081 --83088557-B-- GET /administration/index.php?code=4/0AVMBsJilHUB7muBiVNH8LooSUPgRddIEgiKxJicqVIfErRqKvZ2fCDPIru3IzqPGmidV_A&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=28l4nn9cd51dd1g028foj41tf4 --83088557-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --83088557-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIBqUHkuNqusJfAMBByzJgAAAE4"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753246288372125 415950 (- - -) Stopwatch2: 1753246288372125 415950; combined=5220, p1=714, p2=4147, p3=160, p4=59, p5=139, sr=172, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --83088557-Z-- --57206a62-A-- [23/Jul/2025:07:58:45.432017 +0300] aIBsBDJOavSZnEpfYwNN_gAAAAA 212.28.242.186 53062 127.0.0.1 7081 --57206a62-B-- GET /administration/index.php?code=4/0AVMBsJgzIF-4SrL1bLdWexclixYZFh0Z2bq8MEDMJb0Sa0OvTux-pciciOzGFQbNGyBgzw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9,ar;q=0.8 priority: u=0, i cookie: PHPSESSID=vrs3gh47k02ifnhh32a0bqhcc1 --57206a62-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --57206a62-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIBsBDJOavSZnEpfYwNN_gAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753246724997569 434624 (- - -) Stopwatch2: 1753246724997569 434624; combined=5221, p1=682, p2=4172, p3=163, p4=56, p5=147, sr=169, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --57206a62-Z-- --be7f0329-A-- [23/Jul/2025:07:58:56.207764 +0300] aIBsDzJOavSZnEpfYwNOdAAAAAc 141.105.87.197 39676 127.0.0.1 7081 --be7f0329-B-- GET /administration/index.php?code=4/0AVMBsJhusmJuw0XfNM0JJknX3rakrgYIq5u_XY9OZ4y4z-u6pi8vzeXgDw9ZPSqympAwOA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 141.105.87.197 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br, zstd referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 priority: u=0, i cookie: PHPSESSID=g4lvet9ocvblqtmas3bh6ltar0 --be7f0329-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --be7f0329-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIBsDzJOavSZnEpfYwNOdAAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753246735799726 408265 (- - -) Stopwatch2: 1753246735799726 408265; combined=8643, p1=695, p2=7583, p3=123, p4=66, p5=175, sr=234, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --be7f0329-Z-- --5d1d3545-A-- [23/Jul/2025:08:03:50.177876 +0300] aIBtNXkuNqusJfAMBBy8OQAAAE4 212.28.242.186 34228 127.0.0.1 7081 --5d1d3545-B-- GET /administration/index.php?code=4/0AVMBsJhHVEUVmfXacYJqKrpDMWGdfdAYgQimy1mEg5lkUeYCTszfxcEKaWmBrjHsNZTpag&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=ukuv1qmu8bpol4ri5b12f9ipn5 --5d1d3545-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --5d1d3545-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIBtNXkuNqusJfAMBBy8OQAAAE4"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753247029768028 410109 (- - -) Stopwatch2: 1753247029768028 410109; combined=4342, p1=518, p2=3437, p3=180, p4=65, p5=142, sr=138, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5d1d3545-Z-- --503dbe7e-A-- [23/Jul/2025:08:08:45.961224 +0300] aIBuXTJOavSZnEpfYwNdYwAAAA0 212.28.242.186 35040 127.0.0.1 7081 --503dbe7e-B-- GET /administration/index.php?code=4/0AVMBsJgn2FAqrYoVOiVwy2bnJ_DWzEv-I1UoQMMMIPySkMOo3-YdvzIU6TWsmE8fP9d5wQ&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br, zstd referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 priority: u=0, i cookie: PHPSESSID=anno2jtglbfpf1prcl9m0t74l4 --503dbe7e-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --503dbe7e-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIBuXTJOavSZnEpfYwNdYwAAAA0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753247325549173 412239 (- - -) Stopwatch2: 1753247325549173 412239; combined=4670, p1=537, p2=3794, p3=120, p4=78, p5=141, sr=150, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --503dbe7e-Z-- --b0b6c337-A-- [23/Jul/2025:08:09:49.407872 +0300] aIBunDJOavSZnEpfYwNetwAAAAM 141.105.87.197 52626 127.0.0.1 7081 --b0b6c337-B-- GET /administration/index.php?code=4/0AVMBsJg9aGypom9m--AA_b93k9-1L-WlxTv0qe01aBV511bgrmfzRxFwRVgwvJPCW-IK4A&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 141.105.87.197 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=82c6vr51dbgm9prqdoeqn1gh17 --b0b6c337-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --b0b6c337-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIBunDJOavSZnEpfYwNetwAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753247388969928 438378 (- - -) Stopwatch2: 1753247388969928 438378; combined=4925, p1=497, p2=3927, p3=182, p4=131, p5=187, sr=146, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b0b6c337-Z-- --5e39b325-A-- [23/Jul/2025:08:13:45.539128 +0300] aIBviXkuNqusJfAMBBzEOAAAAE8 212.28.242.186 44432 127.0.0.1 7081 --5e39b325-B-- GET /administration/index.php?code=4/0AVMBsJjVJSzO5kMilNE0lkHSJUb-IxBhFb3GUOpPTdaeX2_6a_K4C9FG_NobU56-Cxg_Hg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=i1q5cmao91p1aphj5vmldvkip0 --5e39b325-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --5e39b325-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIBviXkuNqusJfAMBBzEOAAAAE8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753247625123675 415783 (- - -) Stopwatch2: 1753247625123675 415783; combined=5348, p1=679, p2=4151, p3=179, p4=98, p5=240, sr=177, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5e39b325-Z-- --7d5a1e49-A-- [23/Jul/2025:08:15:27.179588 +0300] aIBv7jJOavSZnEpfYwNoNwAAAA0 93.123.109.4 54352 127.0.0.1 7081 --7d5a1e49-B-- GET /.env HTTP/1.0 Host: testpos.raqmix.net X-Real-IP: 93.123.109.4 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --7d5a1e49-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --7d5a1e49-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "testpos.raqmix.net"] [uri "/.env"] [unique_id "aIBv7jJOavSZnEpfYwNoNwAAAA0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/testpos.raqmix.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753247726906736 272943 (- - -) Stopwatch2: 1753247726906736 272943; combined=2710, p1=574, p2=2031, p3=0, p4=0, p5=104, sr=174, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7d5a1e49-Z-- --d29c6d32-A-- [23/Jul/2025:08:15:27.910575 +0300] aIBv73kuNqusJfAMBBzFiAAAAFc 93.123.109.4 54462 127.0.0.1 7081 --d29c6d32-B-- GET /.env.save HTTP/1.0 Host: testpos.raqmix.net X-Real-IP: 93.123.109.4 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --d29c6d32-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --d29c6d32-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "testpos.raqmix.net"] [uri "/.env.save"] [unique_id "aIBv73kuNqusJfAMBBzFiAAAAFc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/testpos.raqmix.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753247727681983 228713 (- - -) Stopwatch2: 1753247727681983 228713; combined=2884, p1=575, p2=2190, p3=0, p4=0, p5=119, sr=241, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d29c6d32-Z-- --50896931-A-- [23/Jul/2025:08:15:29.014863 +0300] aIBv8HkuNqusJfAMBBzFjgAAAEs 93.123.109.4 54588 127.0.0.1 7081 --50896931-B-- GET /.env.prod HTTP/1.0 Host: testpos.raqmix.net X-Real-IP: 93.123.109.4 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --50896931-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --50896931-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "testpos.raqmix.net"] [uri "/.env.prod"] [unique_id "aIBv8HkuNqusJfAMBBzFjgAAAEs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/testpos.raqmix.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753247728774465 240587 (- - -) Stopwatch2: 1753247728774465 240587; combined=2517, p1=587, p2=1811, p3=0, p4=0, p5=119, sr=221, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --50896931-Z-- --82d95847-A-- [23/Jul/2025:08:15:29.571172 +0300] aIBv8TJOavSZnEpfYwNoTAAAAAQ 93.123.109.4 54638 127.0.0.1 7081 --82d95847-B-- GET /api/.env HTTP/1.0 Host: testpos.raqmix.net X-Real-IP: 93.123.109.4 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --82d95847-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Access-Control-Allow-Origin: * Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --82d95847-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "testpos.raqmix.net"] [uri "/api/.env"] [unique_id "aIBv8TJOavSZnEpfYwNoTAAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/testpos.raqmix.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753247729341870 229399 (- - -) Stopwatch2: 1753247729341870 229399; combined=2395, p1=481, p2=1815, p3=0, p4=0, p5=98, sr=141, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --82d95847-Z-- --9c7e466b-A-- [23/Jul/2025:08:15:30.186991 +0300] aIBv8TJOavSZnEpfYwNoUgAAAAk 93.123.109.4 54720 127.0.0.1 7081 --9c7e466b-B-- GET /dev/.env HTTP/1.0 Host: testpos.raqmix.net X-Real-IP: 93.123.109.4 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --9c7e466b-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --9c7e466b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "testpos.raqmix.net"] [uri "/dev/.env"] [unique_id "aIBv8TJOavSZnEpfYwNoUgAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/testpos.raqmix.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753247729932548 254540 (- - -) Stopwatch2: 1753247729932548 254540; combined=3182, p1=607, p2=2434, p3=0, p4=0, p5=141, sr=163, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9c7e466b-Z-- --a69c471b-A-- [23/Jul/2025:08:15:30.900163 +0300] aIBv8jJOavSZnEpfYwNoXAAAAAc 93.123.109.4 54842 127.0.0.1 7081 --a69c471b-B-- GET /application/.env HTTP/1.0 Host: testpos.raqmix.net X-Real-IP: 93.123.109.4 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --a69c471b-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --a69c471b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "testpos.raqmix.net"] [uri "/application/.env"] [unique_id "aIBv8jJOavSZnEpfYwNoXAAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/testpos.raqmix.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753247730672822 227435 (- - -) Stopwatch2: 1753247730672822 227435; combined=2611, p1=539, p2=1870, p3=0, p4=0, p5=201, sr=161, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a69c471b-Z-- --ab8de164-A-- [23/Jul/2025:08:18:08.762809 +0300] aIBwkHkuNqusJfAMBBzHUAAAAFU 155.94.155.152 37770 127.0.0.1 7081 --ab8de164-B-- GET /.env HTTP/1.0 Host: app.jinansystem.com X-Real-IP: 155.94.155.152 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 accept-encoding: gzip --ab8de164-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --ab8de164-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "app.jinansystem.com"] [uri "/.env"] [unique_id "aIBwkHkuNqusJfAMBBzHUAAAAFU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/app.jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753247888653699 109228 (- - -) Stopwatch2: 1753247888653699 109228; combined=2648, p1=557, p2=1992, p3=0, p4=0, p5=98, sr=157, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ab8de164-Z-- --551de903-A-- [23/Jul/2025:08:18:36.707216 +0300] aIBwqjJOavSZnEpfYwNt3QAAAAo 40.78.41.126 48092 127.0.0.1 7081 --551de903-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: glamilea.com X-Real-IP: 40.78.41.126 X-Accel-Internal: /internal-nginx-static-location Connection: close upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate accept-language: en-US,en;q=0.5 referer: http://glamilea.com/wp-login.php sec-fetch-site: same-origin sec-fetch-user: ?1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 accept-encoding: gzip, deflate, br cookie: yay_currency_widget=29035; wordpress_test_cookie=WP%20Cookie%20check --551de903-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.1.33 X-Robots-Tag: noindex Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin Upgrade: h2,h2c Connection: Upgrade, close Content-Type: application/json; charset=UTF-8 --551de903-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glamilea.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glamilea.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "glamilea.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIBwqjJOavSZnEpfYwNt3QAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753247914343765 2363628 (- - -) Stopwatch2: 1753247914343765 2363628; combined=3923, p1=496, p2=3115, p3=0, p4=0, p5=312, sr=164, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --551de903-Z-- --4fdeda1c-A-- [23/Jul/2025:08:20:05.023333 +0300] aIBxBDJOavSZnEpfYwNwLQAAAA0 195.112.198.68 59554 127.0.0.1 7081 --4fdeda1c-B-- GET /administration/index.php?code=4/0AVMBsJjoCao7_PHnrE1FmWpCTSUTonalP2BtZ-hta94FNYo6Yzcs1dGhBtxGH1uGLpznXg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 195.112.198.68 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=f4pcjd0vp3ra8p9gfr9hnjsdq3 --4fdeda1c-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --4fdeda1c-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIBxBDJOavSZnEpfYwNwLQAAAA0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753248004590217 433383 (- - -) Stopwatch2: 1753248004590217 433383; combined=5080, p1=625, p2=4089, p3=146, p4=82, p5=137, sr=169, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4fdeda1c-Z-- --346bfd6d-A-- [23/Jul/2025:08:24:23.661136 +0300] aIByBzJOavSZnEpfYwN2_QAAAAE 212.28.242.186 60382 127.0.0.1 7081 --346bfd6d-B-- GET /administration/index.php?code=4/0AVMBsJjXkVPPHZk_3mmQ9IyT8cw0EwzTjYmQ_cElKq-r01hFClQC6CSUdjxytU9RgLSPHQ&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br accept-language: en-US,en;q=0.9 cookie: PHPSESSID=hb4tbhpvgnvr3gd1el06167ld7 --346bfd6d-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --346bfd6d-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIByBzJOavSZnEpfYwN2_QAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753248263228104 433300 (- - -) Stopwatch2: 1753248263228104 433300; combined=5299, p1=634, p2=4327, p3=152, p4=55, p5=130, sr=180, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --346bfd6d-Z-- --95bc9e4a-A-- [23/Jul/2025:08:25:34.783559 +0300] aIByTjJOavSZnEpfYwN5kAAAAAw 141.105.87.197 50136 127.0.0.1 7081 --95bc9e4a-B-- GET /administration/index.php?code=4/0AVMBsJgINspugJ-XUplXokaBwSUz8L1PfP8zraEYr-9fw0B0Oaw0iaZRQs3YBTgAPJYTwg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 141.105.87.197 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=7d2ttk192900lb9upefir29nq4 --95bc9e4a-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --95bc9e4a-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIByTjJOavSZnEpfYwN5kAAAAAw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753248334354356 429410 (- - -) Stopwatch2: 1753248334354356 429410; combined=5072, p1=605, p2=4098, p3=157, p4=91, p5=120, sr=164, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --95bc9e4a-Z-- --92fea76c-A-- [23/Jul/2025:08:33:03.558601 +0300] aIB0DzJOavSZnEpfYwOGSAAAAAU 212.28.242.186 54164 127.0.0.1 7081 --92fea76c-B-- GET /administration/index.php?code=4/0AVMBsJgnw3DY9duxr95bltNlgROuXLUY0CZcydth02s8KXeYMI_euthc4eGILatHyALQnw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=tg57bp91ldlfucl8u3ctat32v2 --92fea76c-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --92fea76c-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIB0DzJOavSZnEpfYwOGSAAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753248783117676 441336 (- - -) Stopwatch2: 1753248783117676 441336; combined=4443, p1=501, p2=3554, p3=140, p4=52, p5=196, sr=134, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --92fea76c-Z-- --d9be606f-A-- [23/Jul/2025:08:35:03.082615 +0300] aIB0hnkuNqusJfAMBBzUfAAAAEI 141.105.87.197 60692 127.0.0.1 7081 --d9be606f-B-- GET /administration/index.php?code=4/0AVMBsJhrMJXU-YY1tTCAIyJN3nWVZjlVbpb6my_Il7VRswPt4y2wLWnA4Im0UWZCdESyqw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 141.105.87.197 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 cookie: PHPSESSID=n8c281duroclfl3s7r9cqg78j7 --d9be606f-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --d9be606f-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIB0hnkuNqusJfAMBBzUfAAAAEI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753248902637125 445676 (- - -) Stopwatch2: 1753248902637125 445676; combined=5613, p1=685, p2=4482, p3=117, p4=104, p5=224, sr=162, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d9be606f-Z-- --c4e1eb7e-A-- [23/Jul/2025:08:37:40.646366 +0300] aIB1JDJOavSZnEpfYwOOzgAAABI 195.112.198.68 53142 127.0.0.1 7081 --c4e1eb7e-B-- GET /administration/index.php?code=4/0AVMBsJha9HI2Vq4MMIcA6xBtXMS8m9D4CGAI5N18-GCWewK83-E4D5XWrKFp61saOf2RWg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 195.112.198.68 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 Firefox/128.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br, zstd referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 priority: u=0, i cookie: PHPSESSID=hbg9g0mbjmfs42ie5497qr70b6 --c4e1eb7e-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --c4e1eb7e-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIB1JDJOavSZnEpfYwOOzgAAABI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753249060234566 411994 (- - -) Stopwatch2: 1753249060234566 411994; combined=6491, p1=756, p2=5332, p3=136, p4=117, p5=149, sr=163, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c4e1eb7e-Z-- --6dfcb938-A-- [23/Jul/2025:08:43:42.549394 +0300] aIB2jnkuNqusJfAMBBzbQAAAAFU 20.74.83.27 51928 127.0.0.1 7081 --6dfcb938-B-- GET /.env HTTP/1.0 Host: soor.raqmix.cloud X-Real-IP: 20.74.83.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 Accept: */* Accept-Encoding: gzip, deflate, br --6dfcb938-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --6dfcb938-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "soor.raqmix.cloud"] [uri "/.env"] [unique_id "aIB2jnkuNqusJfAMBBzbQAAAAFU"] Stopwatch: 1753249422544400 5178 (- - -) Stopwatch2: 1753249422544400 5178; combined=2829, p1=641, p2=2100, p3=0, p4=0, p5=87, sr=182, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6dfcb938-Z-- --bf15b955-A-- [23/Jul/2025:08:43:42.834650 +0300] aIB2jjJOavSZnEpfYwOaCwAAABE 20.74.83.27 39480 127.0.0.1 7081 --bf15b955-B-- GET /.env HTTP/1.0 Host: raqmix.cloud X-Real-IP: 20.74.83.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 Accept: */* Accept-Encoding: gzip, deflate, br --bf15b955-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --bf15b955-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "raqmix.cloud"] [uri "/.env"] [unique_id "aIB2jjJOavSZnEpfYwOaCwAAABE"] Stopwatch: 1753249422830509 4241 (- - -) Stopwatch2: 1753249422830509 4241; combined=2373, p1=540, p2=1691, p3=0, p4=0, p5=142, sr=137, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bf15b955-Z-- --dfc67f72-A-- [23/Jul/2025:08:52:34.940514 +0300] aIB4onkuNqusJfAMBBzjLQAAAFM 93.123.109.64 49128 127.0.0.1 7081 --dfc67f72-B-- GET /.git/config HTTP/1.0 Host: test.kime.agency X-Real-IP: 93.123.109.64 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --dfc67f72-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 25 Jan 2023 19:33:35 GMT ETag: "328-5f31bb5588323" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --dfc67f72-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.kime.agency"] [uri "/.git/config"] [unique_id "aIB4onkuNqusJfAMBBzjLQAAAFM"] Stopwatch: 1753249954936073 4631 (- - -) Stopwatch2: 1753249954936073 4631; combined=2810, p1=674, p2=2052, p3=0, p4=0, p5=84, sr=235, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dfc67f72-Z-- --16340e43-A-- [23/Jul/2025:08:54:08.146753 +0300] aIB4_1niyxNU3fAGSMzUeQAAAEg 141.105.87.197 55784 127.0.0.1 7081 --16340e43-B-- GET /administration/index.php?code=4/0AVMBsJguvDTGv0qUntvShgepFY2MjAsl27q5rOxvm3nbY-cVD9p4X8BPlMH-fiXf6QyWqw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 141.105.87.197 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=82c6vr51dbgm9prqdoeqn1gh17 --16340e43-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --16340e43-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIB4_1niyxNU3fAGSMzUeQAAAEg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753250047705799 441197 (- - -) Stopwatch2: 1753250047705799 441197; combined=11541, p1=2404, p2=8741, p3=178, p4=70, p5=148, sr=180, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --16340e43-Z-- --3fbeb459-A-- [23/Jul/2025:08:54:21.940641 +0300] aIB5DZN3K6M05ZQw74wcSwAAAAo 195.112.198.68 42760 127.0.0.1 7081 --3fbeb459-B-- GET /administration/index.php?code=4/0AVMBsJjpb2tFNu6EEVNJ6UyGLnpjFiZUKSpgcaVj5TIWRsoIVndvXyLvZ_ylEvjmS58mtw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 195.112.198.68 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br, zstd referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 priority: u=0, i cookie: PHPSESSID=evak6koe8u1e9hkip4n2n75bv3 --3fbeb459-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --3fbeb459-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIB5DZN3K6M05ZQw74wcSwAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753250061520861 419948 (- - -) Stopwatch2: 1753250061520861 419948; combined=4995, p1=572, p2=4076, p3=85, p4=66, p5=196, sr=143, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3fbeb459-Z-- --24a54f37-A-- [23/Jul/2025:08:54:57.327314 +0300] aIB5K5N3K6M05ZQw74wdAAAAAAY 212.28.242.186 40666 127.0.0.1 7081 --24a54f37-B-- GET /faculty/onlineClasses.php?code=4/0AVMBsJhjUbMlmcFyO52QY4e39caFjaw9Wvz3LAO9VzblHS2Sl5TGGEEEdKngqnjZyTBA-g&scope=email%20profile%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/gmail.readonly%20https://www.googleapis.com/auth/calendar.readonly%20https://www.googleapis.com/auth/classroom.courses.readonly%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=3sg7r38pccqukvjv9mte6f1446 --24a54f37-F-- HTTP/1.1 200 OK Expires: Mon, 16 Jul 1981 05:00:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 7935 Content-Type: text/html; charset=UTF-8 --24a54f37-E-- --24a54f37-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/gmail.readonly https:/www.googleapis.com/auth/calendar.readonly https:/www.googleapis.com/auth/classroom.courses.readonly https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/gmail.readonly https:/www.googleapis.com/auth/calendar.readonly https:/www.googleapis.com/auth/classroom.courses.readonly https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/faculty/onlineClasses.php"] [unique_id "aIB5K5N3K6M05ZQw74wdAAAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753250091995345 5332135 (- - -) Stopwatch2: 1753250091995345 5332135; combined=7659, p1=630, p2=6314, p3=553, p4=62, p5=99, sr=165, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --24a54f37-Z-- --c6836230-A-- [23/Jul/2025:08:55:15.161036 +0300] aIB5Q1niyxNU3fAGSMzVmgAAAEA 216.81.248.90 43996 127.0.0.1 7081 --c6836230-B-- GET /.env HTTP/1.0 Host: www.demonanomie.com X-Real-IP: 216.81.248.90 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --c6836230-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 09 Jun 2025 14:06:48 GMT ETag: "328-637241743cede" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --c6836230-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.demonanomie.com"] [uri "/.env"] [unique_id "aIB5Q1niyxNU3fAGSMzVmgAAAEA"] Stopwatch: 1753250115156109 5008 (- - -) Stopwatch2: 1753250115156109 5008; combined=3027, p1=690, p2=2237, p3=0, p4=0, p5=100, sr=173, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c6836230-Z-- --10b90e00-A-- [23/Jul/2025:09:00:30.035562 +0300] aIB6fZN3K6M05ZQw74wnIgAAAA0 212.28.242.186 34874 127.0.0.1 7081 --10b90e00-B-- GET /administration/index.php?code=4/0AVMBsJgIU3PZ_stOeeiOxy00uVNn-E7FoYMzCwGrEZz_7D0RW2vQGuY0f3YOF9Jaxt8ZoQ&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=21bpo7shvcragcdcm1a0pbtd05 --10b90e00-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --10b90e00-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIB6fZN3K6M05ZQw74wnIgAAAA0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753250429615586 420384 (- - -) Stopwatch2: 1753250429615586 420384; combined=5275, p1=563, p2=4354, p3=134, p4=64, p5=159, sr=136, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --10b90e00-Z-- --6ee07215-A-- [23/Jul/2025:09:03:57.523773 +0300] aIB7TZN3K6M05ZQw74wtYgAAAAg 45.128.199.67 47582 127.0.0.1 7081 --6ee07215-B-- HEAD /back/backup.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 45.128.199.67 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --6ee07215-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --6ee07215-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/back/backup.sql"] [unique_id "aIB7TZN3K6M05ZQw74wtYgAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753250637509152 14712 (- - -) Stopwatch2: 1753250637509152 14712; combined=2363, p1=385, p2=1867, p3=0, p4=0, p5=111, sr=124, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6ee07215-Z-- --7a98ff0e-A-- [23/Jul/2025:09:03:58.559301 +0300] aIB7TpN3K6M05ZQw74wtZgAAAAQ 45.128.199.69 47634 127.0.0.1 7081 --7a98ff0e-B-- HEAD /backup/mysql.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 45.128.199.69 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --7a98ff0e-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --7a98ff0e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/backup/mysql.sql"] [unique_id "aIB7TpN3K6M05ZQw74wtZgAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753250638543217 16166 (- - -) Stopwatch2: 1753250638543217 16166; combined=2940, p1=533, p2=2212, p3=0, p4=0, p5=195, sr=169, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7a98ff0e-Z-- --b59e4e05-A-- [23/Jul/2025:09:04:29.496991 +0300] aIB7bZN3K6M05ZQw74wuNAAAABY 212.28.242.186 43574 127.0.0.1 7081 --b59e4e05-B-- GET /administration/index.php?code=4/0AVMBsJiTL-RiEcMSCuazVoypWwVCyrw-5Xj3NWn9Wuq7a7FnULjiHBk1J7T-Kum8orrZfg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=qrsbdl4go8hcliksmd14snrjv7 --b59e4e05-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --b59e4e05-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIB7bZN3K6M05ZQw74wuNAAAABY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753250669079058 418220 (- - -) Stopwatch2: 1753250669079058 418220; combined=5787, p1=612, p2=4803, p3=120, p4=92, p5=160, sr=171, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b59e4e05-Z-- --e6c8375e-A-- [23/Jul/2025:09:04:39.023448 +0300] aIB7dlniyxNU3fAGSMzdnwAAAEY 212.28.242.186 54750 127.0.0.1 7081 --e6c8375e-B-- GET /administration/index.php?code=4/0AVMBsJj_aPa4umOrhDYLLIPE1WTv4KPTIKYjgcxykkG65gr5LELKvbHKp670ik3vMQsSwQ&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br, zstd referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 priority: u=0, i cookie: PHPSESSID=ao5ll0b203asa2bj1pf6rkkqe5 --e6c8375e-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --e6c8375e-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIB7dlniyxNU3fAGSMzdnwAAAEY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753250678573428 450162 (- - -) Stopwatch2: 1753250678573428 450162; combined=5446, p1=681, p2=4491, p3=87, p4=86, p5=100, sr=185, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e6c8375e-Z-- --d8d48643-A-- [23/Jul/2025:09:06:50.463274 +0300] aIB7-lniyxNU3fAGSMzfgwAAAEY 195.112.198.68 56824 127.0.0.1 7081 --d8d48643-B-- GET /administration/index.php?code=4/0AVMBsJisgtkMFox_i3Mwwfnd1NNR4F9DrlhNiaU7Lvr5pxmma0FBxqsZOvwTTB76PAxzNA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 195.112.198.68 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=ji5tshcj6kkoa9k3uor9102b35 --d8d48643-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --d8d48643-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIB7-lniyxNU3fAGSMzfgwAAAEY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753250810060572 402916 (- - -) Stopwatch2: 1753250810060572 402916; combined=4665, p1=588, p2=3771, p3=104, p4=53, p5=148, sr=142, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d8d48643-Z-- --bb5c9a1a-A-- [23/Jul/2025:09:07:36.359531 +0300] aIB8J5N3K6M05ZQw74w0BQAAAAE 212.28.242.186 57336 127.0.0.1 7081 --bb5c9a1a-B-- GET /administration/index.php?code=4/0AVMBsJhDZaXrOjFJwDLNhB2ikHxQKbhlvSICtnRUJbgLxlbcm0I6eeYQXJf0uenAv7LPUQ&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=1&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=3rc1ccuoakuecgu1melqj96pu0 --bb5c9a1a-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --bb5c9a1a-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIB8J5N3K6M05ZQw74w0BQAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753250855958833 401696 (- - -) Stopwatch2: 1753250855958833 401696; combined=7449, p1=460, p2=6588, p3=120, p4=92, p5=189, sr=129, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bb5c9a1a-Z-- --21781e26-A-- [23/Jul/2025:09:09:17.275704 +0300] aIB8jFniyxNU3fAGSMzhkQAAAFE 212.28.242.186 49764 127.0.0.1 7081 --21781e26-B-- GET /administration/index.php?code=4/0AVMBsJi4n7-XfUjlJ4Cs8ZUyyuWfP8tqAtxVMxFul17J7P3K-pwaGfHJtcx7vYyXmPuf2g&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=h4dntrgoji6oae45sta0c4ir57 --21781e26-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --21781e26-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIB8jFniyxNU3fAGSMzhkQAAAFE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753250956846535 429446 (- - -) Stopwatch2: 1753250956846535 429446; combined=4686, p1=555, p2=3644, p3=196, p4=79, p5=211, sr=157, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --21781e26-Z-- --51f3be27-A-- [23/Jul/2025:09:11:38.007566 +0300] aIB9GZN3K6M05ZQw74w7fQAAABU 195.112.198.68 49006 127.0.0.1 7081 --51f3be27-B-- GET /administration/index.php?code=4/0AVMBsJgaaxObrKlMvl6Nkp85ACUqxw42mnzQeuCLIyUqXcWYu-izv5jsKZqPVNH-xWalzg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: college.jinansystem.com X-Real-IP: 195.112.198.68 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=68h6gs98d4kbm22ake5j8ol4j0 --51f3be27-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3649 Content-Type: text/html; charset=UTF-8 --51f3be27-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||college.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||college.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "college.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIB9GZN3K6M05ZQw74w7fQAAABU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/college.jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753251097543411 464308 (- - -) Stopwatch2: 1753251097543411 464308; combined=4563, p1=510, p2=3743, p3=90, p4=68, p5=151, sr=139, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --51f3be27-Z-- --4357830d-A-- [23/Jul/2025:09:12:17.788820 +0300] aIB9QZN3K6M05ZQw74w8HwAAAAk 212.28.242.186 46794 127.0.0.1 7081 --4357830d-B-- GET /administration/index.php?code=4/0AVMBsJiKdvYFVkAtiodHDcDMnS4B-j5xAXZsX7794eKRqxZFHhCuuGb1n-LN0RsWMv36-Q&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-GB,en-US;q=0.9,en;q=0.8 priority: u=0, i cookie: PHPSESSID=cu2ti8kadvkl84f49hl83k9ls0 --4357830d-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --4357830d-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIB9QZN3K6M05ZQw74w8HwAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753251137378351 410687 (- - -) Stopwatch2: 1753251137378351 410687; combined=6062, p1=726, p2=4972, p3=155, p4=65, p5=144, sr=245, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4357830d-Z-- --28309c1f-A-- [23/Jul/2025:09:12:31.164266 +0300] aIB9T5N3K6M05ZQw74w8TwAAAA0 155.2.217.19 45316 127.0.0.1 7081 --28309c1f-B-- HEAD /old/backup.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 155.2.217.19 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --28309c1f-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --28309c1f-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/old/backup.sql"] [unique_id "aIB9T5N3K6M05ZQw74w8TwAAAA0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753251151146627 17726 (- - -) Stopwatch2: 1753251151146627 17726; combined=3001, p1=571, p2=2310, p3=0, p4=0, p5=119, sr=181, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --28309c1f-Z-- --49f16252-A-- [23/Jul/2025:09:13:33.224238 +0300] aIB9jFniyxNU3fAGSMzlJQAAAEE 212.28.242.186 37940 127.0.0.1 7081 --49f16252-B-- GET /administration/index.php?code=4/0AVMBsJjVFxfnaXv1hFps3hvMo6x4bWVMDdWhZRAMAA0T1wjInMzET6bq6UVybbLS2-DKow&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=1&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en,en-US;q=0.9 priority: u=0, i cookie: PHPSESSID=090imudla8j79gkvb64p1h6qf3 --49f16252-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --49f16252-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIB9jFniyxNU3fAGSMzlJQAAAEE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753251212822745 401705 (- - -) Stopwatch2: 1753251212822745 401705; combined=5011, p1=504, p2=3671, p3=565, p4=98, p5=172, sr=145, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --49f16252-Z-- --3aff1740-A-- [23/Jul/2025:09:15:42.578336 +0300] aIB-DpN3K6M05ZQw74xCSgAAAAI 212.28.242.186 57966 127.0.0.1 7081 --3aff1740-B-- GET /administration/index.php?code=4/0AVMBsJj4IMr-9wzP07ATnj5wLOxadZeav0B_rCh55mEogT-rIpDtml_OqlmMh5ksKV2e9w&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=318bmr900c1fr0cj2fnr50int6 --3aff1740-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --3aff1740-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIB-DpN3K6M05ZQw74xCSgAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753251342134042 444506 (- - -) Stopwatch2: 1753251342134042 444506; combined=4539, p1=697, p2=3533, p3=131, p4=67, p5=111, sr=177, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3aff1740-Z-- --817fd662-A-- [23/Jul/2025:09:17:31.136703 +0300] aIB-elniyxNU3fAGSMzo0QAAAEE 212.28.242.186 48898 127.0.0.1 7081 --817fd662-B-- GET /administration/index.php?code=4/0AVMBsJi6Tgifd04i24Xh8-NPlJUJ1uGeju7gKBYut-vBZMVsZy_SzLrpfz7tJznFTaTByw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=1&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9,ar;q=0.8 priority: u=0, i cookie: PHPSESSID=t9n9osfhbc44102brtbgn3s816 --817fd662-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --817fd662-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIB-elniyxNU3fAGSMzo0QAAAEE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753251450746304 390628 (- - -) Stopwatch2: 1753251450746304 390628; combined=5293, p1=722, p2=4279, p3=106, p4=57, p5=128, sr=218, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --817fd662-Z-- --52ff495f-A-- [23/Jul/2025:09:19:48.344448 +0300] aIB_A1niyxNU3fAGSMzqlQAAAFE 212.28.242.186 54660 127.0.0.1 7081 --52ff495f-B-- GET /administration/index.php?code=4/0AVMBsJjTZE0KWw5KAelxUxWXFF9PnaXEdppUnAFTfTy9fLwzrIYNmbba7hjzVn3_XOY6dw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: ar-LB,ar;q=0.9,en-LB;q=0.8,en;q=0.7,en-US;q=0.6 priority: u=0, i cookie: PHPSESSID=tull8t6h7upgkrvn3f0a3fovd7 --52ff495f-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --52ff495f-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIB_A1niyxNU3fAGSMzqlQAAAFE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753251587937407 407251 (- - -) Stopwatch2: 1753251587937407 407251; combined=5821, p1=704, p2=4707, p3=178, p4=99, p5=133, sr=268, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --52ff495f-Z-- --1b4e0923-A-- [23/Jul/2025:09:19:49.699296 +0300] aIB_BZN3K6M05ZQw74xJgAAAAAM 195.112.198.68 54822 127.0.0.1 7081 --1b4e0923-B-- GET /administration/index.php?code=4/0AVMBsJhZ_DxtqdaV0ykHyggE948rTsdXmJc723-U8AjOHNYLFdZvp8rdjOw2GLVPVtbWdA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 195.112.198.68 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br accept-language: ar,en-US;q=0.9,en;q=0.8 cookie: PHPSESSID=bu0pk2tt3kudup9te07hgr3p44 --1b4e0923-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --1b4e0923-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIB_BZN3K6M05ZQw74xJgAAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753251589266107 433326 (- - -) Stopwatch2: 1753251589266107 433326; combined=5293, p1=640, p2=4303, p3=132, p4=72, p5=145, sr=160, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1b4e0923-Z-- --a94b7b75-A-- [23/Jul/2025:09:23:03.241361 +0300] aIB_xJN3K6M05ZQw74xP0QAAAA8 40.78.41.126 39782 127.0.0.1 7081 --a94b7b75-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: glamilea.com X-Real-IP: 40.78.41.126 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-fetch-site: same-origin accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br sec-fetch-user: ?1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 referer: http://glamilea.com/wp-login.php upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate cookie: yay_currency_widget=29035; wordpress_test_cookie=WP%20Cookie%20check --a94b7b75-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.1.33 X-Robots-Tag: noindex Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin Upgrade: h2,h2c Connection: Upgrade, close Content-Type: application/json; charset=UTF-8 --a94b7b75-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glamilea.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glamilea.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "glamilea.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIB_xJN3K6M05ZQw74xP0QAAAA8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753251780800232 2441334 (- - -) Stopwatch2: 1753251780800232 2441334; combined=3904, p1=545, p2=3210, p3=0, p4=0, p5=148, sr=152, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a94b7b75-Z-- --b8eb4224-A-- [23/Jul/2025:09:23:33.682172 +0300] aIB_5ZN3K6M05ZQw74xQgAAAAA8 90.214.236.66 55632 127.0.0.1 7081 --b8eb4224-B-- GET /administration/index.php?code=4/0AVMBsJi8HrixXSWvgNpGRwmCDYBla-Q9RmueN4bNRWCMn56B7coDtPBZnTSQgRO6LY2bqQ&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 90.214.236.66 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-encoding: gzip, deflate, br user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.1 Safari/605.1.15 accept-language: en-us referer: https://accounts.google.com/ cookie: PHPSESSID=l56ftredvmkg30u15jv119ben1 --b8eb4224-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --b8eb4224-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIB_5ZN3K6M05ZQw74xQgAAAAA8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753251813233356 448940 (- - -) Stopwatch2: 1753251813233356 448940; combined=5183, p1=1459, p2=3373, p3=149, p4=70, p5=132, sr=291, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b8eb4224-Z-- --963d1648-A-- [23/Jul/2025:09:25:47.089356 +0300] aICAa1niyxNU3fAGSMzwRgAAAE0 212.28.242.186 45280 127.0.0.1 7081 --963d1648-B-- GET /administration/index.php?code=4/0AVMBsJjXwxoqWoyPP8RCjjnxIEQmUMm064ATBbJgdLm0i3JxUzwpGcwzXytqgzqHNO71hQ&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=1&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 cookie: PHPSESSID=uoi9t7ct4sj5k55jesm5u3e940 --963d1648-F-- HTTP/1.1 302 Moved Temporarily Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Location: https://www.jinansystem.com/login.php Content-Length: 0 Content-Type: text/html; charset=UTF-8 --963d1648-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICAa1niyxNU3fAGSMzwRgAAAE0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753251947037593 51895 (- - -) Stopwatch2: 1753251947037593 51895; combined=91716, p1=616, p2=3943, p3=78, p4=41, p5=43565, sr=174, sw=0, l=0, gc=43473 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --963d1648-Z-- --9d392a2f-A-- [23/Jul/2025:09:26:01.501135 +0300] aICAeVniyxNU3fAGSMzwYAAAAEI 212.28.242.186 33140 127.0.0.1 7081 --9d392a2f-B-- GET /administration/index.php?code=4/0AVMBsJjb7xBGly2hZ1l4HkYqSusZyQkTYFJLV_2vtM7G1qTtrig5CHvBepbtnm3g9IPx3A&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=1&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 cookie: PHPSESSID=uoi9t7ct4sj5k55jesm5u3e940 --9d392a2f-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --9d392a2f-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICAeVniyxNU3fAGSMzwYAAAAEI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753251961020803 480476 (- - -) Stopwatch2: 1753251961020803 480476; combined=4935, p1=615, p2=3916, p3=186, p4=81, p5=137, sr=185, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9d392a2f-Z-- --fd3fc068-A-- [23/Jul/2025:09:27:59.938887 +0300] aICA75N3K6M05ZQw74xZXgAAABU 212.28.242.186 37744 127.0.0.1 7081 --fd3fc068-B-- GET /administration/index.php?code=4/0AVMBsJgaWofGfqBMebLrve483RRoKnRH8-OvXBvahjtEoCpB6OmzbRghyFZl2cPvK5sZRQ&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br, zstd referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 priority: u=0, i cookie: PHPSESSID=djdcmmtuoontm21hirlkdcv6u4 --fd3fc068-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --fd3fc068-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICA75N3K6M05ZQw74xZXgAAABU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753252079494281 444770 (- - -) Stopwatch2: 1753252079494281 444770; combined=4784, p1=551, p2=3670, p3=142, p4=58, p5=362, sr=132, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fd3fc068-Z-- --824d8450-A-- [23/Jul/2025:09:34:48.232438 +0300] aICCh5N3K6M05ZQw74xlYwAAAAA 212.28.242.186 56212 127.0.0.1 7081 --824d8450-B-- GET /administration/index.php?code=4/0AVMBsJiJgQYzqF5yVBZrO120FKLeqBnVZPt1S2Y2PQJSYrJZTMsGESCvxrPcdUaAP4oSQA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br, zstd referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 priority: u=0, i cookie: PHPSESSID=anno2jtglbfpf1prcl9m0t74l4 --824d8450-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --824d8450-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICCh5N3K6M05ZQw74xlYwAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753252487823952 408652 (- - -) Stopwatch2: 1753252487823952 408652; combined=4619, p1=607, p2=3691, p3=87, p4=87, p5=146, sr=232, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --824d8450-Z-- --dd272c74-A-- [23/Jul/2025:09:34:52.148167 +0300] aICCi1niyxNU3fAGSMz3yQAAAFM 195.112.198.68 56466 127.0.0.1 7081 --dd272c74-B-- GET /administration/index.php?code=4/0AVMBsJix7VKUqkXEMjLObSbaVot9v0Jlhr4mvUBXY02hH1bG3xAt3ndXKHgVk8sEqxArsg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 195.112.198.68 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 Firefox/128.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br, zstd referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 priority: u=0, i cookie: PHPSESSID=hbg9g0mbjmfs42ie5497qr70b6 --dd272c74-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --dd272c74-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICCi1niyxNU3fAGSMz3yQAAAFM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753252491727263 421065 (- - -) Stopwatch2: 1753252491727263 421065; combined=4457, p1=672, p2=3456, p3=127, p4=75, p5=126, sr=140, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dd272c74-Z-- --ca57e85d-A-- [23/Jul/2025:09:35:50.414185 +0300] aICCxZN3K6M05ZQw74xnVgAAAAU 212.28.242.186 36984 127.0.0.1 7081 --ca57e85d-B-- GET /administration/index.php?code=4/0AVMBsJhSbhgIAOdiXLuOb2hfIrG3AH7VulSPPnvXo1G8E8N-M4HEcUU303hkN7nhuVrDng&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9,ar;q=0.8 priority: u=0, i cookie: PHPSESSID=a97e6ndlc7hl54r1a3pf99sgd0 --ca57e85d-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --ca57e85d-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICCxZN3K6M05ZQw74xnVgAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753252549985843 428525 (- - -) Stopwatch2: 1753252549985843 428525; combined=6445, p1=679, p2=5452, p3=147, p4=55, p5=112, sr=244, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ca57e85d-Z-- --0b785005-A-- [23/Jul/2025:09:40:10.441544 +0300] aICDylniyxNU3fAGSMz8qgAAAFQ 212.28.242.186 55536 127.0.0.1 7081 --0b785005-B-- GET /administration/index.php?code=4/0Adeu5BWJqp0VhuiwaNY5tIfRjaU_6zwyaG074BAPKoHkGkxup5c7VMiqllW_q4NRVOOSgA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=1&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: none sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i --0b785005-F-- HTTP/1.1 302 Moved Temporarily Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: PHPSESSID=b89u6aa94kla370ssdpvn84547; path=/ Upgrade: h2,h2c Connection: Upgrade, close Location: https://www.jinansystem.com/login.php Content-Length: 0 Content-Type: text/html; charset=UTF-8 --0b785005-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICDylniyxNU3fAGSMz8qgAAAFQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753252810432461 9267 (- - -) Stopwatch2: 1753252810432461 9267; combined=5059, p1=648, p2=4069, p3=94, p4=104, p5=143, sr=184, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0b785005-Z-- --27780f64-A-- [23/Jul/2025:09:40:55.390113 +0300] aICD9pN3K6M05ZQw74xx7wAAAAY 212.28.242.186 39764 127.0.0.1 7081 --27780f64-B-- GET /administration/index.php?code=4/0AVMBsJiJy_9v_EDs6OX2CFJYR2Y15snX2IczdmuoB2eYwUv_p7kweFG3zfm-C4lCMlDp9w&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=1&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=b89u6aa94kla370ssdpvn84547 --27780f64-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --27780f64-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICD9pN3K6M05ZQw74xx7wAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753252854958974 431351 (- - -) Stopwatch2: 1753252854958974 431351; combined=5012, p1=490, p2=4137, p3=144, p4=61, p5=179, sr=138, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --27780f64-Z-- --dd9b770e-A-- [23/Jul/2025:09:41:08.063618 +0300] aICEBFniyxNU3fAGSMz9_QAAAFA 13.79.53.166 43808 127.0.0.1 7081 --dd9b770e-B-- GET /wp-includes/css/wp-config.php HTTP/1.0 Host: haddadjewellery.com X-Real-IP: 13.79.53.166 X-Accel-Internal: /internal-nginx-static-location Connection: close --dd9b770e-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 21 Jan 2025 14:39:31 GMT ETag: "328-62c38584f0049" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --dd9b770e-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "haddadjewellery.com"] [uri "/wp-includes/css/wp-config.php"] [unique_id "aICEBFniyxNU3fAGSMz9_QAAAFA"] Stopwatch: 1753252868058692 4988 (- - -) Stopwatch2: 1753252868058692 4988; combined=2539, p1=559, p2=1913, p3=0, p4=0, p5=66, sr=139, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dd9b770e-Z-- --6e3cf821-A-- [23/Jul/2025:09:43:17.160885 +0300] aICEhJN3K6M05ZQw74x2aAAAAAU 212.28.242.186 53866 127.0.0.1 7081 --6e3cf821-B-- GET /administration/index.php?code=4/0AVMBsJgK_dpvw_F0HheOPi0aRMXarzneIM4Q5_m0F15sejMWGgDbXrK1aRbPYv5vPV7wOA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br accept-language: en-US,en;q=0.9 cookie: PHPSESSID=hb4tbhpvgnvr3gd1el06167ld7 --6e3cf821-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --6e3cf821-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICEhJN3K6M05ZQw74x2aAAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753252996740709 420441 (- - -) Stopwatch2: 1753252996740709 420441; combined=6138, p1=616, p2=5124, p3=171, p4=66, p5=160, sr=165, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6e3cf821-Z-- --37fd0d6b-A-- [23/Jul/2025:09:47:05.978188 +0300] aICFaVniyxNU3fAGSMwDuwAAAFU 141.105.87.197 36238 127.0.0.1 7081 --37fd0d6b-B-- GET /administration/index.php?code=4/0AVMBsJhQ_sUi8nqtR_U991QgNy9MnpJpt9WYSTmlAVywFBq4tajVceXkBIQUFv0FYCOvwA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 141.105.87.197 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br, zstd referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 priority: u=0, i cookie: PHPSESSID=g4lvet9ocvblqtmas3bh6ltar0 --37fd0d6b-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --37fd0d6b-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICFaVniyxNU3fAGSMwDuwAAAFU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753253225570879 407498 (- - -) Stopwatch2: 1753253225570879 407498; combined=5138, p1=665, p2=4059, p3=211, p4=55, p5=147, sr=181, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --37fd0d6b-Z-- --52ee4a38-A-- [23/Jul/2025:09:49:01.800058 +0300] aICF3ZN3K6M05ZQw74yCOwAAAAw 212.28.242.186 60422 127.0.0.1 7081 --52ee4a38-B-- GET /administration/index.php?code=4/0AVMBsJg1zTK_fdAJ-bRQGbi2hdC5z3WqRjTHV_ekBG3MaLsYIgRiGthABEBDCRDvrDRigA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=tqq67ndqtps8b9f09ctrmell61 --52ee4a38-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --52ee4a38-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICF3ZN3K6M05ZQw74yCOwAAAAw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753253341395133 405134 (- - -) Stopwatch2: 1753253341395133 405134; combined=4994, p1=744, p2=3881, p3=144, p4=62, p5=162, sr=209, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --52ee4a38-Z-- --67041654-A-- [23/Jul/2025:09:50:53.000898 +0300] aICGTJN3K6M05ZQw74yFwwAAABg 141.105.87.197 58734 127.0.0.1 7081 --67041654-B-- GET /administration/index.php?code=4/0AVMBsJgwYJxEcEwNj0EcZnB1XydHklqzpEHincCdTSLodj7X0eDFXfEAIGWJMnoxTcVcig&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 141.105.87.197 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=7d2ttk192900lb9upefir29nq4 --67041654-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --67041654-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICGTJN3K6M05ZQw74yFwwAAABg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753253452598116 403015 (- - -) Stopwatch2: 1753253452598116 403015; combined=4455, p1=606, p2=3530, p3=125, p4=62, p5=131, sr=167, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --67041654-Z-- --e8067e3b-A-- [23/Jul/2025:09:52:47.368437 +0300] aICGvlniyxNU3fAGSMwJMQAAAEY 212.28.242.186 55782 127.0.0.1 7081 --e8067e3b-B-- GET /administration/index.php?code=4/0AVMBsJiUkhubrhKauQ8uyzasO8owocEltH_U-AKi0PiExv64wJ8UiKQN5AS2C_PrZYDT8w&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br accept-language: en-US,en;q=0.9 cookie: PHPSESSID=quug2ksgft2sod6oa82rq7ni26 --e8067e3b-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --e8067e3b-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICGvlniyxNU3fAGSMwJMQAAAEY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753253566915088 453547 (- - -) Stopwatch2: 1753253566915088 453547; combined=4833, p1=953, p2=3574, p3=115, p4=56, p5=135, sr=294, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e8067e3b-Z-- --d9206d19-A-- [23/Jul/2025:09:54:17.947523 +0300] aICHGZN3K6M05ZQw74yM6QAAABg 141.105.87.197 37894 127.0.0.1 7081 --d9206d19-B-- GET /administration/index.php?code=4/0AVMBsJhsSZzhQ3S_nG-_9AMgyufuTuJYm9mtDV7AdiTu5bcAVROrmqZZbNZ4cxE-VTLwbg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 141.105.87.197 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=82c6vr51dbgm9prqdoeqn1gh17 --d9206d19-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --d9206d19-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICHGZN3K6M05ZQw74yM6QAAABg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753253657493230 454832 (- - -) Stopwatch2: 1753253657493230 454832; combined=5358, p1=707, p2=4277, p3=173, p4=66, p5=134, sr=195, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d9206d19-Z-- --cdcf134e-A-- [23/Jul/2025:09:56:48.958558 +0300] aICHsJN3K6M05ZQw74ySFwAAAA8 141.105.87.197 40700 127.0.0.1 7081 --cdcf134e-B-- GET /administration/index.php?code=4/0AVMBsJh199yjCHcKSNV0dqRF2i-9bR08PTnikomMVqrq0WdnklfnzTQ6QBihjHOnOFiW-g&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 141.105.87.197 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=37uuej1qp5cte60vckipj77617 --cdcf134e-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --cdcf134e-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICHsJN3K6M05ZQw74ySFwAAAA8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753253808533385 425325 (- - -) Stopwatch2: 1753253808533385 425325; combined=5140, p1=738, p2=3779, p3=456, p4=57, p5=109, sr=288, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cdcf134e-Z-- --ec2b0d6b-A-- [23/Jul/2025:10:04:35.157862 +0300] aICJglniyxNU3fAGSMwUPwAAAEQ 212.28.242.186 42158 127.0.0.1 7081 --ec2b0d6b-B-- GET /administration/index.php?code=4/0AVMBsJj1zRbQYVtrXxlZYNUcatALvbFB8YyfQG5p_htGM7ODk6_gSVu5C-svzSlxFJUWgQ&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=28l4nn9cd51dd1g028foj41tf4 --ec2b0d6b-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --ec2b0d6b-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICJglniyxNU3fAGSMwUPwAAAEQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753254274738616 419499 (- - -) Stopwatch2: 1753254274738616 419499; combined=6290, p1=603, p2=5273, p3=152, p4=64, p5=197, sr=182, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ec2b0d6b-Z-- --9713d43f-A-- [23/Jul/2025:10:08:20.997843 +0300] aICKZFniyxNU3fAGSMwXyAAAAEw 2.57.170.73 37502 127.0.0.1 7081 --9713d43f-B-- HEAD /restore/sftp-config.json HTTP/1.0 Host: vivacetrading.com X-Real-IP: 2.57.170.73 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --9713d43f-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --9713d43f-H-- Message: Warning. Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vivacetrading.com"] [uri "/restore/sftp-config.json"] [unique_id "aICKZFniyxNU3fAGSMwXyAAAAEw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753254500982815 15126 (- - -) Stopwatch2: 1753254500982815 15126; combined=2534, p1=650, p2=1790, p3=0, p4=0, p5=94, sr=129, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9713d43f-Z-- --d4617d1f-A-- [23/Jul/2025:10:08:59.802308 +0300] aICKi5N3K6M05ZQw74ypOgAAAAQ 172.189.56.43 52346 127.0.0.1 7081 --d4617d1f-B-- GET /.env HTTP/1.0 Host: menacore.net X-Real-IP: 172.189.56.43 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 Accept: */* Accept-Encoding: gzip, deflate, br --d4617d1f-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.29 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: csrf_cookie_name=6819a42a171985698d5c6bd21e5842bd; expires=Wed, 23 Jul 2025 08:09:59 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Set-Cookie: sp_session=mga1eml0i2lcrkk3jrqrunujglrhvpck; expires=Wed, 23 Jul 2025 15:08:59 GMT; Max-Age=28800; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=utf-8 --d4617d1f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "menacore.net"] [uri "/.env"] [unique_id "aICKi5N3K6M05ZQw74ypOgAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/menacore.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753254539639093 163348 (- - -) Stopwatch2: 1753254539639093 163348; combined=2840, p1=532, p2=2209, p3=0, p4=0, p5=99, sr=134, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d4617d1f-Z-- --c84cd82e-A-- [23/Jul/2025:10:14:36.472109 +0300] aICL3FniyxNU3fAGSMweGQAAAEM 212.28.242.186 43914 127.0.0.1 7081 --c84cd82e-B-- GET /administration/index.php?code=4/0AVMBsJgqkov60-VdNnsedcC323y4AqoTXTAjuciiZEjXmMQEAnl-IP0jN3lURZ8czKMdSQ&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=cvfonph5vbrv6sro1qidf20292 --c84cd82e-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --c84cd82e-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICL3FniyxNU3fAGSMweGQAAAEM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753254876024151 448185 (- - -) Stopwatch2: 1753254876024151 448185; combined=5028, p1=731, p2=3795, p3=235, p4=74, p5=192, sr=220, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c84cd82e-Z-- --796d1977-A-- [23/Jul/2025:10:15:51.013032 +0300] aICMJlniyxNU3fAGSMwfdwAAAEs 212.28.242.186 51874 127.0.0.1 7081 --796d1977-B-- GET /administration/index.php?code=4/0AVMBsJje5nGZWhj4bJ0YQF5hqtZ7UfjblVqlG2XHhq4hefBtKiuH05kTSCyZ8MqlFg3R6g&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=qrsbdl4go8hcliksmd14snrjv7 --796d1977-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --796d1977-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICMJlniyxNU3fAGSMwfdwAAAEs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753254950549740 463971 (- - -) Stopwatch2: 1753254950549740 463971; combined=6281, p1=493, p2=5391, p3=171, p4=67, p5=158, sr=134, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --796d1977-Z-- --a0775436-A-- [23/Jul/2025:10:17:29.869295 +0300] aICMiZN3K6M05ZQw74y5WwAAAAw 20.74.85.78 38926 127.0.0.1 7081 --a0775436-B-- GET /.env HTTP/1.0 Host: demonanomie.com X-Real-IP: 20.74.85.78 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 Accept: */* Accept-Encoding: gzip, deflate, br --a0775436-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 09 Jun 2025 14:06:48 GMT ETag: "328-637241743cede" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --a0775436-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demonanomie.com"] [uri "/.env"] [unique_id "aICMiZN3K6M05ZQw74y5WwAAAAw"] Stopwatch: 1753255049865250 4136 (- - -) Stopwatch2: 1753255049865250 4136; combined=2325, p1=535, p2=1715, p3=0, p4=0, p5=75, sr=121, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a0775436-Z-- --d817a70e-A-- [23/Jul/2025:10:18:55.925548 +0300] aICM35N3K6M05ZQw74y7bgAAABc 212.28.242.186 49770 127.0.0.1 7081 --d817a70e-B-- GET /administration/index.php?code=4/0AVMBsJiRaodK3QhiByedtBsh3wdhVwMcDfJImUt4TO9PewwgDW3kQsqBlfK3FGaz2Rs9KA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br, zstd referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 priority: u=0, i cookie: PHPSESSID=djdcmmtuoontm21hirlkdcv6u4 --d817a70e-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --d817a70e-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICM35N3K6M05ZQw74y7bgAAABc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753255135445387 480320 (- - -) Stopwatch2: 1753255135445387 480320; combined=6027, p1=751, p2=4959, p3=121, p4=69, p5=127, sr=161, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d817a70e-Z-- --93a65a0a-A-- [23/Jul/2025:10:20:00.658750 +0300] aICNIJN3K6M05ZQw74y9wwAAAAs 195.112.198.68 52680 127.0.0.1 7081 --93a65a0a-B-- GET /administration/index.php?code=4/0AVMBsJj7YdapW98rNOkgw5_bzN7zKtJI1e0A-2gBnKFvdwMv2FPMLfFUcHbIyrHPr0nAxw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 195.112.198.68 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br, zstd referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 priority: u=0, i cookie: PHPSESSID=evak6koe8u1e9hkip4n2n75bv3 --93a65a0a-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --93a65a0a-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICNIJN3K6M05ZQw74y9wwAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753255200225646 433383 (- - -) Stopwatch2: 1753255200225646 433383; combined=5217, p1=563, p2=4220, p3=139, p4=111, p5=183, sr=134, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --93a65a0a-Z-- --8006d07a-A-- [23/Jul/2025:10:25:26.734950 +0300] aICOZlniyxNU3fAGSMwo_AAAAFU 212.28.242.186 50508 127.0.0.1 7081 --8006d07a-B-- GET /administration/index.php?code=4/0AVMBsJi--fBltl6AqQ3xHV6iY9Pm2AO_r7UuNr2RWq9Bloajm7sAQuGqR2GhVmvehpaitA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br accept-language: en-US,en;q=0.9 cookie: PHPSESSID=quug2ksgft2sod6oa82rq7ni26 --8006d07a-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --8006d07a-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICOZlniyxNU3fAGSMwo_AAAAFU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753255526322864 412231 (- - -) Stopwatch2: 1753255526322864 412231; combined=4803, p1=574, p2=3927, p3=139, p4=58, p5=105, sr=128, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8006d07a-Z-- --712f5d71-A-- [23/Jul/2025:10:32:26.953507 +0300] aICQCpN3K6M05ZQw74zW_QAAAA4 212.28.242.186 41948 127.0.0.1 7081 --712f5d71-B-- GET /administration/index.php?code=4/0AVMBsJj5u402f84bt70UAAwMZ9tMSNxXSCZbmTXjcXCPC7HrLYDyccBBePVEuc55MSnbag&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9,ar;q=0.8 priority: u=0, i cookie: PHPSESSID=vrs3gh47k02ifnhh32a0bqhcc1 --712f5d71-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --712f5d71-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICQCpN3K6M05ZQw74zW_QAAAA4"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753255946530280 423449 (- - -) Stopwatch2: 1753255946530280 423449; combined=4777, p1=727, p2=3622, p3=160, p4=93, p5=174, sr=260, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --712f5d71-Z-- --3bf75468-A-- [23/Jul/2025:10:33:59.064775 +0300] aICQZpN3K6M05ZQw74zaSgAAAAs 212.28.242.186 59778 127.0.0.1 7081 --3bf75468-B-- GET /administration/index.php?code=4/0AVMBsJg_0donJJrnIMRXFGH--FmeJKtMl3uAqb1_m-D_oCgE6R1oiRXSCl_AojCgl8qZKQ&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=1&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9,ar;q=0.8,fr;q=0.7 priority: u=0, i cookie: PHPSESSID=s8d4rbojk8t4hi6keo5rmg2934 --3bf75468-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --3bf75468-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICQZpN3K6M05ZQw74zaSgAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753256038659666 405281 (- - -) Stopwatch2: 1753256038659666 405281; combined=6866, p1=794, p2=5749, p3=163, p4=50, p5=109, sr=173, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3bf75468-Z-- --923c9c21-A-- [23/Jul/2025:10:51:31.966052 +0300] aICUg1niyxNU3fAGSMxDVQAAAEE 195.112.198.68 33724 127.0.0.1 7081 --923c9c21-B-- GET /administration/index.php?code=4/0AVMBsJgztK0Ws-mIhWV7_-IO0TWFCXccscQyp0I5PGjmhUshaSISjPK3ngbzAWBCKsNKlw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 195.112.198.68 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br accept-language: ar,en-US;q=0.9,en;q=0.8 cookie: PHPSESSID=bu0pk2tt3kudup9te07hgr3p44 --923c9c21-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --923c9c21-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICUg1niyxNU3fAGSMxDVQAAAEE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753257091498750 467601 (- - -) Stopwatch2: 1753257091498750 467601; combined=7672, p1=764, p2=6460, p3=229, p4=89, p5=129, sr=268, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --923c9c21-Z-- --0ae3ca1c-A-- [23/Jul/2025:10:52:19.417264 +0300] aICUspN3K6M05ZQw74z9-QAAAA4 212.28.242.186 33010 127.0.0.1 7081 --0ae3ca1c-B-- GET /administration/index.php?code=4/0AVMBsJiFYJeHLwuS97x2hIRiX14Z7TJHc3bgBIPa42-JTLEVapRUaDaYZ3Ay2THWYyf8Dw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br accept-language: en-US,en;q=0.9 cookie: PHPSESSID=ssg9gfmf8k0ruuofsmq3bke835 --0ae3ca1c-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --0ae3ca1c-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICUspN3K6M05ZQw74z9-QAAAA4"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753257138994198 423283 (- - -) Stopwatch2: 1753257138994198 423283; combined=6492, p1=750, p2=5398, p3=178, p4=52, p5=113, sr=183, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0ae3ca1c-Z-- --0da2e82a-A-- [23/Jul/2025:10:53:38.708345 +0300] aICVArpiKIKsx0AXGUUW3wAAAEg 155.94.155.152 56156 127.0.0.1 7081 --0da2e82a-B-- GET /.env HTTP/1.0 Host: menacore.net X-Real-IP: 155.94.155.152 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 accept-encoding: gzip --0da2e82a-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.29 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: csrf_cookie_name=fab1050dd4ccf2cef10db4cb77fca055; expires=Wed, 23 Jul 2025 08:54:38 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Set-Cookie: sp_session=jo7d607femsec26jro087tcc79ih3q40; expires=Wed, 23 Jul 2025 15:53:38 GMT; Max-Age=28800; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=utf-8 --0da2e82a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "menacore.net"] [uri "/.env"] [unique_id "aICVArpiKIKsx0AXGUUW3wAAAEg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/menacore.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753257218568598 139843 (- - -) Stopwatch2: 1753257218568598 139843; combined=2684, p1=501, p2=2073, p3=0, p4=0, p5=109, sr=170, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0da2e82a-Z-- --d15d7172-A-- [23/Jul/2025:10:53:58.980316 +0300] aICVFrpiKIKsx0AXGUUXKwAAAEw 212.28.242.186 59234 127.0.0.1 7081 --d15d7172-B-- GET /administration/index.php?code=4/0AVMBsJjH6KF5cc-8OAFhheiripsnwLDYJczA183Jguj5tp2fzDd7epig5txKLnRdKaLAEg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=hbba11ekuss73be8qgtrf1ajv2 --d15d7172-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --d15d7172-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICVFrpiKIKsx0AXGUUXKwAAAEw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753257238537581 443035 (- - -) Stopwatch2: 1753257238537581 443035; combined=5473, p1=686, p2=4094, p3=111, p4=432, p5=149, sr=151, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d15d7172-Z-- --c8822b1b-A-- [23/Jul/2025:10:54:27.267144 +0300] aICVMpJtMdVA_1kExR3LhAAAAA0 212.28.242.186 41324 127.0.0.1 7081 --c8822b1b-B-- GET /administration/index.php?code=4/0AVMBsJg422XTezd9mhizbiMINMm8eLPJxl5ey6cqHOXOG2M4stheMSnofdcEmfM-CtGPYQ&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9,ar;q=0.8 priority: u=0, i cookie: PHPSESSID=2d6ou4jffsrigq3kbh24k83j61 --c8822b1b-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --c8822b1b-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICVMpJtMdVA_1kExR3LhAAAAA0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753257266842471 424893 (- - -) Stopwatch2: 1753257266842471 424893; combined=5185, p1=569, p2=4150, p3=153, p4=147, p5=166, sr=163, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c8822b1b-Z-- --cc82db3f-A-- [23/Jul/2025:10:55:06.492092 +0300] aICVWpJtMdVA_1kExR3M8AAAABI 167.99.182.39 33960 127.0.0.1 7081 --cc82db3f-B-- GET /.env HTTP/1.0 Host: riyadh-choc.raqmix.cloud X-Real-IP: 167.99.182.39 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --cc82db3f-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --cc82db3f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "riyadh-choc.raqmix.cloud"] [uri "/.env"] [unique_id "aICVWpJtMdVA_1kExR3M8AAAABI"] Stopwatch: 1753257306486360 5817 (- - -) Stopwatch2: 1753257306486360 5817; combined=3279, p1=1008, p2=2200, p3=0, p4=0, p5=70, sr=169, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cc82db3f-Z-- --ef4d7101-A-- [23/Jul/2025:10:55:06.950512 +0300] aICVWrpiKIKsx0AXGUUYUgAAAEw 167.99.182.39 34042 127.0.0.1 7081 --ef4d7101-B-- GET /.git/config HTTP/1.0 Host: riyadh-choc.raqmix.cloud X-Real-IP: 167.99.182.39 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --ef4d7101-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --ef4d7101-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "riyadh-choc.raqmix.cloud"] [uri "/.git/config"] [unique_id "aICVWrpiKIKsx0AXGUUYUgAAAEw"] Stopwatch: 1753257306945751 4864 (- - -) Stopwatch2: 1753257306945751 4864; combined=2856, p1=666, p2=2122, p3=0, p4=0, p5=68, sr=156, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ef4d7101-Z-- --5b353b76-A-- [23/Jul/2025:10:57:22.450414 +0300] aICV4rpiKIKsx0AXGUUaLwAAAEk 185.177.72.9 56952 127.0.0.1 7081 --5b353b76-B-- GET /.env HTTP/1.0 Host: itilebanon.com X-Real-IP: 185.177.72.9 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5b353b76-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 24 Jul 2014 11:29:50 GMT ETag: "3bf-4feeec6556780" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --5b353b76-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "itilebanon.com"] [uri "/.env"] [unique_id "aICV4rpiKIKsx0AXGUUaLwAAAEk"] Stopwatch: 1753257442443431 7114 (- - -) Stopwatch2: 1753257442443431 7114; combined=4081, p1=1303, p2=2591, p3=0, p4=0, p5=186, sr=146, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5b353b76-Z-- --c7e42f72-A-- [23/Jul/2025:10:57:22.823801 +0300] aICV4pJtMdVA_1kExR3Q1QAAABE 185.177.72.9 57066 127.0.0.1 7081 --c7e42f72-B-- GET /backend/.env HTTP/1.0 Host: itilebanon.com X-Real-IP: 185.177.72.9 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c7e42f72-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 24 Jul 2014 11:29:50 GMT ETag: "3bf-4feeec6556780" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --c7e42f72-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "itilebanon.com"] [uri "/backend/.env"] [unique_id "aICV4pJtMdVA_1kExR3Q1QAAABE"] Stopwatch: 1753257442814395 9532 (- - -) Stopwatch2: 1753257442814395 9532; combined=7484, p1=621, p2=6788, p3=0, p4=0, p5=74, sr=161, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c7e42f72-Z-- --a51e011e-A-- [23/Jul/2025:10:57:22.886806 +0300] aICV4rpiKIKsx0AXGUUaNwAAAFQ 185.177.72.9 55500 127.0.0.1 7081 --a51e011e-B-- GET /api/.env HTTP/1.0 Host: itilebanon.com X-Real-IP: 185.177.72.9 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a51e011e-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 24 Jul 2014 11:29:50 GMT ETag: "3bf-4feeec6556780" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --a51e011e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "itilebanon.com"] [uri "/api/.env"] [unique_id "aICV4rpiKIKsx0AXGUUaNwAAAFQ"] Stopwatch: 1753257442882203 4730 (- - -) Stopwatch2: 1753257442882203 4730; combined=2575, p1=499, p2=2004, p3=0, p4=0, p5=72, sr=134, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a51e011e-Z-- --94b68913-A-- [23/Jul/2025:10:57:22.963994 +0300] aICV4pJtMdVA_1kExR3Q2AAAABA 185.177.72.9 55542 127.0.0.1 7081 --94b68913-B-- GET /env.backup HTTP/1.0 Host: itilebanon.com X-Real-IP: 185.177.72.9 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --94b68913-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 24 Jul 2014 11:29:50 GMT ETag: "3bf-4feeec6556780" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --94b68913-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||itilebanon.com|F|2"] [data ".backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||itilebanon.com|F|2"] [data ".backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "itilebanon.com"] [uri "/env.backup"] [unique_id "aICV4pJtMdVA_1kExR3Q2AAAABA"] Stopwatch: 1753257442959207 4854 (- - -) Stopwatch2: 1753257442959207 4854; combined=3022, p1=856, p2=2097, p3=0, p4=0, p5=69, sr=423, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --94b68913-Z-- --fa62e10b-A-- [23/Jul/2025:10:57:23.087212 +0300] aICV47piKIKsx0AXGUUaOQAAAE0 185.177.72.9 55576 127.0.0.1 7081 --fa62e10b-B-- GET /main/.env HTTP/1.0 Host: itilebanon.com X-Real-IP: 185.177.72.9 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --fa62e10b-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 24 Jul 2014 11:29:50 GMT ETag: "3bf-4feeec6556780" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --fa62e10b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "itilebanon.com"] [uri "/main/.env"] [unique_id "aICV47piKIKsx0AXGUUaOQAAAE0"] Stopwatch: 1753257443082781 4498 (- - -) Stopwatch2: 1753257443082781 4498; combined=2746, p1=585, p2=2093, p3=0, p4=0, p5=68, sr=126, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fa62e10b-Z-- --ec618d52-A-- [23/Jul/2025:10:57:23.148148 +0300] aICV47piKIKsx0AXGUUaOgAAAEo 185.177.72.9 55600 127.0.0.1 7081 --ec618d52-B-- GET /.env.old HTTP/1.0 Host: itilebanon.com X-Real-IP: 185.177.72.9 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ec618d52-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 24 Jul 2014 11:29:50 GMT ETag: "3bf-4feeec6556780" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --ec618d52-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||itilebanon.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "itilebanon.com"] [uri "/.env.old"] [unique_id "aICV47piKIKsx0AXGUUaOgAAAEo"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||itilebanon.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "itilebanon.com"] [uri "/.env.old"] [unique_id "aICV47piKIKsx0AXGUUaOgAAAEo"] Stopwatch: 1753257443143003 5229 (- - -) Stopwatch2: 1753257443143003 5229; combined=3037, p1=585, p2=2334, p3=0, p4=0, p5=118, sr=174, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ec618d52-Z-- --f587a217-A-- [23/Jul/2025:10:58:04.720356 +0300] aICWDJJtMdVA_1kExR3SUQAAAAc 94.187.21.53 56216 127.0.0.1 7081 --f587a217-B-- GET /administration/index.php?code=4/0AVMBsJhZ2_Tq53YTfLX479dPYeUD0Jtib6ZMoWbZq6AwZIY27gKBno8bJwCRFIfhCA1eGg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 94.187.21.53 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Opera";v="119" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 OPR/119.0.0.0 (Edition Campaign 34) accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-GB,en-US;q=0.9,en;q=0.8,ar;q=0.7,hu;q=0.6,fr;q=0.5 priority: u=0, i cookie: PHPSESSID=o6679l27jspetdnihv2o8f7dp2 --f587a217-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --f587a217-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICWDJJtMdVA_1kExR3SUQAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753257484296561 424017 (- - -) Stopwatch2: 1753257484296561 424017; combined=5659, p1=627, p2=4634, p3=149, p4=53, p5=195, sr=174, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f587a217-Z-- --258eca44-A-- [23/Jul/2025:10:58:31.460548 +0300] aICWJ7piKIKsx0AXGUUbNgAAAE8 195.112.198.68 45572 127.0.0.1 7081 --258eca44-B-- GET /administration/index.php?code=4/0AVMBsJioxeCeAAVL1ZYbHtHAAd4P_fNf-_IidwRIaUXK1rmV7ZymWCr-Ip5wuc2pQMEoCA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 195.112.198.68 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 Firefox/128.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br, zstd referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 priority: u=0, i cookie: PHPSESSID=u7h4sbrbkkltqd28hiiburgcj6 --258eca44-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --258eca44-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICWJ7piKIKsx0AXGUUbNgAAAE8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753257511014448 446265 (- - -) Stopwatch2: 1753257511014448 446265; combined=4794, p1=677, p2=3624, p3=185, p4=160, p5=147, sr=128, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --258eca44-Z-- --34c7c229-A-- [23/Jul/2025:11:02:45.416242 +0300] aICXJDfVyTqsOoOtZ6B2HwAAAMQ 141.105.87.197 59268 127.0.0.1 7081 --34c7c229-B-- GET /administration/index.php?code=4/0AVMBsJgCFQgecJtDjxyTdDVIps_flEPYo3FtPgoYpJsgU0rN5Cwdlkf_VdYUyDsycBBjWw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 141.105.87.197 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=82c6vr51dbgm9prqdoeqn1gh17 --34c7c229-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --34c7c229-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICXJDfVyTqsOoOtZ6B2HwAAAMQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753257764973038 443518 (- - -) Stopwatch2: 1753257764973038 443518; combined=7606, p1=711, p2=6515, p3=149, p4=81, p5=149, sr=148, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --34c7c229-Z-- --a6ef2856-A-- [23/Jul/2025:11:07:36.783531 +0300] aICYSDfVyTqsOoOtZ6B9zwAAAMs 212.28.242.186 33306 127.0.0.1 7081 --a6ef2856-B-- GET /administration/index.php?code=4/0AVMBsJiXyZQcAiubZRk4cvN7gE0Rek6kSwiMIbowql7YGMypz97S-GpEAgsGs2UykiXM7g&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9,ar;q=0.8 priority: u=0, i cookie: PHPSESSID=a97e6ndlc7hl54r1a3pf99sgd0 --a6ef2856-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --a6ef2856-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICYSDfVyTqsOoOtZ6B9zwAAAMs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753258056327578 456136 (- - -) Stopwatch2: 1753258056327578 456136; combined=4516, p1=578, p2=3573, p3=135, p4=72, p5=157, sr=162, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a6ef2856-Z-- --d1431f4f-A-- [23/Jul/2025:11:08:16.600803 +0300] aICYcDSlzRK7A2fl0tjPjQAAAIs 212.28.242.186 40268 127.0.0.1 7081 --d1431f4f-B-- GET /administration/index.php?code=4/0AVMBsJgnhKCc7-ARkz1HXVc2SWnoMRnHjTwy4y5wX6F2Fq_yVeI0_jc_Bcatu5OHIAA_Dg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=28l4nn9cd51dd1g028foj41tf4 --d1431f4f-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --d1431f4f-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICYcDSlzRK7A2fl0tjPjQAAAIs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753258096156681 444342 (- - -) Stopwatch2: 1753258096156681 444342; combined=8642, p1=694, p2=7541, p3=138, p4=61, p5=207, sr=188, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d1431f4f-Z-- --9933866e-A-- [23/Jul/2025:11:10:49.019121 +0300] aICZCJJtMdVA_1kExR3dZwAAAAw 212.28.242.186 37938 127.0.0.1 7081 --9933866e-B-- GET /administration/index.php?code=4/0AVMBsJhi1mZeE6d8X5AooSaohoX1JMVC2wGhKebiE7oNjhRL8fQaXrVbWbum5wmMQYloZg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=i1q5cmao91p1aphj5vmldvkip0 --9933866e-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --9933866e-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICZCJJtMdVA_1kExR3dZwAAAAw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753258248588653 430679 (- - -) Stopwatch2: 1753258248588653 430679; combined=4573, p1=516, p2=3703, p3=110, p4=73, p5=170, sr=145, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9933866e-Z-- --05854a6f-A-- [23/Jul/2025:11:11:59.539434 +0300] aICZTzSlzRK7A2fl0tjSZgAAAIA 185.177.72.210 36540 127.0.0.1 7081 --05854a6f-B-- GET /httpd.conf HTTP/1.0 Host: train.jac.group X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --05854a6f-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --05854a6f-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||train.jac.group|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||train.jac.group|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "train.jac.group"] [uri "/httpd.conf"] [unique_id "aICZTzSlzRK7A2fl0tjSZgAAAIA"] Stopwatch: 1753258319529160 10423 (- - -) Stopwatch2: 1753258319529160 10423; combined=7402, p1=577, p2=6741, p3=0, p4=0, p5=84, sr=187, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --05854a6f-Z-- --ab0f5d7c-A-- [23/Jul/2025:11:11:59.601954 +0300] aICZTzSlzRK7A2fl0tjSZwAAAI8 185.177.72.210 36548 127.0.0.1 7081 --ab0f5d7c-B-- GET /apps/.env HTTP/1.0 Host: train.jac.group X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ab0f5d7c-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --ab0f5d7c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "train.jac.group"] [uri "/apps/.env"] [unique_id "aICZTzSlzRK7A2fl0tjSZwAAAI8"] Stopwatch: 1753258319597684 4355 (- - -) Stopwatch2: 1753258319597684 4355; combined=2566, p1=557, p2=1937, p3=0, p4=0, p5=72, sr=198, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ab0f5d7c-Z-- --9901883d-A-- [23/Jul/2025:11:11:59.734014 +0300] aICZTzSlzRK7A2fl0tjSaAAAAIM 185.177.72.210 36572 127.0.0.1 7081 --9901883d-B-- GET /api/.env HTTP/1.0 Host: train.jac.group X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9901883d-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --9901883d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "train.jac.group"] [uri "/api/.env"] [unique_id "aICZTzSlzRK7A2fl0tjSaAAAAIM"] Stopwatch: 1753258319729012 5146 (- - -) Stopwatch2: 1753258319729012 5146; combined=2937, p1=576, p2=2278, p3=0, p4=0, p5=83, sr=220, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9901883d-Z-- --b4e6b222-A-- [23/Jul/2025:11:11:59.794895 +0300] aICZTzSlzRK7A2fl0tjSagAAAIg 185.177.72.210 36596 127.0.0.1 7081 --b4e6b222-B-- GET /blog/.env HTTP/1.0 Host: train.jac.group X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b4e6b222-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --b4e6b222-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "train.jac.group"] [uri "/blog/.env"] [unique_id "aICZTzSlzRK7A2fl0tjSagAAAIg"] Stopwatch: 1753258319790360 4601 (- - -) Stopwatch2: 1753258319790360 4601; combined=2710, p1=567, p2=2063, p3=0, p4=0, p5=80, sr=170, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b4e6b222-Z-- --34086408-A-- [23/Jul/2025:11:11:59.858583 +0300] aICZTzfVyTqsOoOtZ6CEygAAAME 185.177.72.210 36616 127.0.0.1 7081 --34086408-B-- GET /.env.production HTTP/1.0 Host: train.jac.group X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --34086408-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --34086408-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "train.jac.group"] [uri "/.env.production"] [unique_id "aICZTzfVyTqsOoOtZ6CEygAAAME"] Stopwatch: 1753258319853754 4921 (- - -) Stopwatch2: 1753258319853754 4921; combined=3098, p1=590, p2=2388, p3=0, p4=0, p5=119, sr=156, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --34086408-Z-- --f4452963-A-- [23/Jul/2025:11:11:59.924544 +0300] aICZTzSlzRK7A2fl0tjSawAAAIY 185.177.72.210 36630 127.0.0.1 7081 --f4452963-B-- GET /protected/.env HTTP/1.0 Host: train.jac.group X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f4452963-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --f4452963-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "train.jac.group"] [uri "/protected/.env"] [unique_id "aICZTzSlzRK7A2fl0tjSawAAAIY"] Stopwatch: 1753258319914670 9943 (- - -) Stopwatch2: 1753258319914670 9943; combined=3210, p1=704, p2=2431, p3=0, p4=0, p5=74, sr=183, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f4452963-Z-- --9c42d202-A-- [23/Jul/2025:11:11:59.984472 +0300] aICZTzSlzRK7A2fl0tjSbQAAAJA 185.177.72.210 36644 127.0.0.1 7081 --9c42d202-B-- GET /config/.env HTTP/1.0 Host: train.jac.group X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9c42d202-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --9c42d202-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "train.jac.group"] [uri "/config/.env"] [unique_id "aICZTzSlzRK7A2fl0tjSbQAAAJA"] Stopwatch: 1753258319979752 4807 (- - -) Stopwatch2: 1753258319979752 4807; combined=2737, p1=712, p2=1941, p3=0, p4=0, p5=84, sr=164, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9c42d202-Z-- --8901fb75-A-- [23/Jul/2025:11:12:00.047758 +0300] aICZUDSlzRK7A2fl0tjSbgAAAJg 185.177.72.210 36654 127.0.0.1 7081 --8901fb75-B-- GET /base/.env HTTP/1.0 Host: train.jac.group X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8901fb75-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --8901fb75-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "train.jac.group"] [uri "/base/.env"] [unique_id "aICZUDSlzRK7A2fl0tjSbgAAAJg"] Stopwatch: 1753258320039518 8309 (- - -) Stopwatch2: 1753258320039518 8309; combined=2718, p1=503, p2=2136, p3=0, p4=0, p5=79, sr=131, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8901fb75-Z-- --312ede10-A-- [23/Jul/2025:11:14:50.814820 +0300] aICZ-jSlzRK7A2fl0tjUmwAAAIo 212.28.242.186 35474 127.0.0.1 7081 --312ede10-B-- GET /administration/index.php?code=4/0AVMBsJhai2eeFXOQTbdWVcSAjuZWeiYx0RJSWDgcQuaOxYuWqVKHN91t728jFayRvhi5lQ&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=318bmr900c1fr0cj2fnr50int6 --312ede10-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --312ede10-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICZ-jSlzRK7A2fl0tjUmwAAAIo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753258490350375 464627 (- - -) Stopwatch2: 1753258490350375 464627; combined=106219, p1=604, p2=4197, p3=112, p4=57, p5=50685, sr=181, sw=0, l=0, gc=50564 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --312ede10-Z-- --4f84933d-A-- [23/Jul/2025:11:17:02.074090 +0300] aICaeDSlzRK7A2fl0tjWOgAAAIQ 212.28.242.186 37550 127.0.0.1 7081 --4f84933d-B-- GET /administration/index.php?code=4/0AVMBsJhsc2-2qoZzmUmEddZz7BLCyygT5UHJes30iHuE1XliuTfWiga4cchRer9m6Px2Vg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=qrsbdl4go8hcliksmd14snrjv7 --4f84933d-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --4f84933d-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICaeDSlzRK7A2fl0tjWOgAAAIQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753258616600892 5473405 (- - -) Stopwatch2: 1753258616600892 5473405; combined=5225, p1=518, p2=4435, p3=101, p4=55, p5=116, sr=146, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4f84933d-Z-- --d1c65740-A-- [23/Jul/2025:11:17:43.800135 +0300] aICapzfVyTqsOoOtZ6CNaAAAAMA 185.148.1.243 38540 127.0.0.1 7081 --d1c65740-B-- GET /.git/config HTTP/1.0 Host: admintest1.snapcart.io X-Real-IP: 185.148.1.243 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0 Accept-Charset: utf-8 Accept-Encoding: gzip --d1c65740-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 16 Mar 2025 19:58:17 GMT ETag: "328-6307b17c198d5" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --d1c65740-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "admintest1.snapcart.io"] [uri "/.git/config"] [unique_id "aICapzfVyTqsOoOtZ6CNaAAAAMA"] Stopwatch: 1753258663792718 7764 (- - -) Stopwatch2: 1753258663792718 7764; combined=5461, p1=568, p2=4159, p3=0, p4=0, p5=733, sr=174, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d1c65740-Z-- --addd2613-A-- [23/Jul/2025:11:18:57.847578 +0300] aICa5zfVyTqsOoOtZ6CO7AAAAMw 212.28.242.186 44136 127.0.0.1 7081 --addd2613-B-- GET /administration/index.php?code=4/0AVMBsJiyodW0XEWQp44up3e1g0dvIwnPa8ZbGvoRbKksc0klxTIoPY-cDJeMQAAqJx0ieA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br accept-language: en-US,en;q=0.9 cookie: PHPSESSID=hb4tbhpvgnvr3gd1el06167ld7 --addd2613-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --addd2613-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICa5zfVyTqsOoOtZ6CO7AAAAMw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753258727073190 10774597 (- - -) Stopwatch2: 1753258727073190 10774597; combined=6339, p1=786, p2=5095, p3=151, p4=70, p5=236, sr=291, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --addd2613-Z-- --7094c830-A-- [23/Jul/2025:11:21:17.073992 +0300] aICbfDfVyTqsOoOtZ6CS7QAAANU 94.187.21.53 43728 127.0.0.1 7081 --7094c830-B-- GET /administration/index.php?code=4/0AVMBsJi17dupsK0MT2fkSx7awcuj3PMYLQIRnUArYp2Eh_4te1gwCL5dp3gSflYTXgGK1g&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 94.187.21.53 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-GB,en;q=0.5 accept-encoding: gzip, deflate, br, zstd referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 priority: u=0, i cookie: PHPSESSID=m83g75l0ig8aho0s0vqua2f505 --7094c830-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --7094c830-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICbfDfVyTqsOoOtZ6CS7QAAANU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753258876623008 451144 (- - -) Stopwatch2: 1753258876623008 451144; combined=4368, p1=780, p2=3250, p3=112, p4=84, p5=141, sr=196, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7094c830-Z-- --e380ec5f-A-- [23/Jul/2025:11:21:17.529977 +0300] aICbfTSlzRK7A2fl0tjZHQAAAI4 94.187.21.53 43788 127.0.0.1 7081 --e380ec5f-B-- GET /administration/index.php?code=4/0AVMBsJhWIBE1oyuxg-cm-Z2o2BVR55BO3ZZs6PLBF76FHefrAP6VnzSsvYx_12ULBk0ClA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 94.187.21.53 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-GB,en;q=0.5 accept-encoding: gzip, deflate, br, zstd referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 priority: u=0, i cookie: PHPSESSID=m83g75l0ig8aho0s0vqua2f505 --e380ec5f-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --e380ec5f-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICbfTSlzRK7A2fl0tjZHQAAAI4"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753258877228008 302168 (- - -) Stopwatch2: 1753258877228008 302168; combined=4530, p1=592, p2=3582, p3=109, p4=72, p5=174, sr=167, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e380ec5f-Z-- --7d004c7d-A-- [23/Jul/2025:11:25:08.933824 +0300] aICcZDfVyTqsOoOtZ6CY-AAAAMI 198.55.98.76 47196 127.0.0.1 7081 --7d004c7d-B-- GET /.git/config HTTP/1.0 Host: 41.128.143.88 X-Real-IP: 198.55.98.76 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Web Downloader/6.9 Accept-Charset: utf-8 Accept-Encoding: gzip --7d004c7d-F-- HTTP/1.1 421 Misdirected Request Content-Length: 386 Connection: close Content-Type: text/html; charset=iso-8859-1 --7d004c7d-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.88"] [uri "/.git/config"] [unique_id "aICcZDfVyTqsOoOtZ6CY-AAAAMI"] Apache-Error: [file "ssl_engine_kernel.c"] [line 325] [level 3] AH02032: Hostname default-41_128_143_86 (default host as no SNI was provided) and hostname 41.128.143.88 provided via HTTP have no compatible SSL setup Stopwatch: 1753259108932734 1157 (- - -) Stopwatch2: 1753259108932734 1157; combined=667, p1=531, p2=0, p3=29, p4=29, p5=78, sr=143, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7d004c7d-Z-- --f8fea77b-A-- [23/Jul/2025:11:28:35.986837 +0300] aICdM5JtMdVA_1kExR3j_gAAAAo 195.112.198.68 55548 127.0.0.1 7081 --f8fea77b-B-- GET /administration/index.php?code=4/0AVMBsJhRl_X-7kOgt_zkhEv_Gma1idVfUOdvPY6idqvQiV8Xf8bn5U_EtFejtrxDCmjhlA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: college.jinansystem.com X-Real-IP: 195.112.198.68 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=56us622j2vc3cdak3cc8knsbd3 --f8fea77b-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3649 Content-Type: text/html; charset=UTF-8 --f8fea77b-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||college.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||college.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "college.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICdM5JtMdVA_1kExR3j_gAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/college.jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753259315428062 558986 (- - -) Stopwatch2: 1753259315428062 558986; combined=4857, p1=606, p2=3941, p3=119, p4=53, p5=137, sr=196, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f8fea77b-Z-- --34908b2c-A-- [23/Jul/2025:11:34:06.967065 +0300] aICefpJtMdVA_1kExR3mDgAAABI 155.94.155.152 43574 127.0.0.1 7081 --34908b2c-B-- GET /.env HTTP/1.0 Host: host.raqmix.cloud X-Real-IP: 155.94.155.152 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 accept-encoding: gzip --34908b2c-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --34908b2c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "host.raqmix.cloud"] [uri "/.env"] [unique_id "aICefpJtMdVA_1kExR3mDgAAABI"] Stopwatch: 1753259646962109 5069 (- - -) Stopwatch2: 1753259646962109 5069; combined=3023, p1=732, p2=2203, p3=0, p4=0, p5=88, sr=253, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --34908b2c-Z-- --ca8d324b-A-- [23/Jul/2025:11:35:58.669437 +0300] aICe7jSlzRK7A2fl0tjkkAAAAIw 141.105.87.197 38520 127.0.0.1 7081 --ca8d324b-B-- GET /administration/index.php?code=4/0AVMBsJhS3MBBOL0YPLwGUN_wEPL6E7pkIt7zfjqK2Z0h2RTJBzWgAYh3HWqOo135ht1XjA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 141.105.87.197 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br, zstd referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 priority: u=0, i cookie: PHPSESSID=g4lvet9ocvblqtmas3bh6ltar0 --ca8d324b-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --ca8d324b-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICe7jSlzRK7A2fl0tjkkAAAAIw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753259758225462 444232 (- - -) Stopwatch2: 1753259758225462 444232; combined=4463, p1=560, p2=3482, p3=174, p4=72, p5=174, sr=131, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ca8d324b-Z-- --179b833c-A-- [23/Jul/2025:11:43:15.410793 +0300] aICgojfVyTqsOoOtZ6C5aAAAAM0 212.28.242.186 43394 127.0.0.1 7081 --179b833c-B-- GET /administration/index.php?code=4/0AVMBsJjMD1Agh4KlM2mi0TkjEt77nPWV2Nc894ftbJJt8tcCBACXF-8OQSb5Ok_fzrahQg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9,ar;q=0.8 priority: u=0, i cookie: PHPSESSID=2d6ou4jffsrigq3kbh24k83j61 --179b833c-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --179b833c-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICgojfVyTqsOoOtZ6C5aAAAAM0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753260194983737 427260 (- - -) Stopwatch2: 1753260194983737 427260; combined=4986, p1=664, p2=3963, p3=113, p4=60, p5=185, sr=242, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --179b833c-Z-- --9a99585c-A-- [23/Jul/2025:11:43:20.689832 +0300] aICgqDfVyTqsOoOtZ6C5ggAAANY 185.53.46.92 43790 127.0.0.1 7081 --9a99585c-B-- GET /app_dev.php/_profiler/open?file=app/config/parameters.yml HTTP/1.0 Host: verozone.md X-Real-IP: 185.53.46.92 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9a99585c-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 7293 Content-Type: text/html; charset=UTF-8 --9a99585c-H-- Message: Warning. Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Matched phrase "parameters.yml" at ARGS:file. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||verozone.md|F|2"] [data "Matched Data: parameters.yml found within ARGS:file: app/config/parameters.yml"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "verozone.md"] [uri "/app_dev.php/_profiler/open"] [unique_id "aICgqDfVyTqsOoOtZ6C5ggAAANY"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "parameters.yml" at ARGS:file. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||verozone.md|F|2"] [data "Matched Data: parameters.yml found within ARGS:file: app/config/parameters.yml"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "verozone.md"] [uri "/app_dev.php/_profiler/open"] [unique_id "aICgqDfVyTqsOoOtZ6C5ggAAANY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/verozone.md/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753260200661391 28569 (- - -) Stopwatch2: 1753260200661391 28569; combined=3422, p1=510, p2=2695, p3=0, p4=0, p5=216, sr=155, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9a99585c-Z-- --ec399640-A-- [23/Jul/2025:11:46:42.499974 +0300] aIChcpJtMdVA_1kExR3rcgAAABI 195.112.198.68 35558 127.0.0.1 7081 --ec399640-B-- GET /administration/index.php?code=4/0AVMBsJheenLCyK3uTHrsTnhp85cbZntbJItE-YVJY8-vJTPd7EbxTPvzJ1yLntSCGZcZyA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 195.112.198.68 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br, zstd referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 priority: u=0, i cookie: PHPSESSID=evak6koe8u1e9hkip4n2n75bv3 --ec399640-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --ec399640-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIChcpJtMdVA_1kExR3rcgAAABI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753260402084533 415582 (- - -) Stopwatch2: 1753260402084533 415582; combined=5422, p1=464, p2=4665, p3=97, p4=91, p5=104, sr=131, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ec399640-Z-- --20f20f79-A-- [23/Jul/2025:11:48:41.551192 +0300] aICh6TfVyTqsOoOtZ6DGagAAAMw 212.28.242.186 32942 127.0.0.1 7081 --20f20f79-B-- GET /administration/index.php?code=4/0Adeu5BWJqp0VhuiwaNY5tIfRjaU_6zwyaG074BAPKoHkGkxup5c7VMiqllW_q4NRVOOSgA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=1&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: none sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i --20f20f79-F-- HTTP/1.1 302 Moved Temporarily Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: PHPSESSID=7j1bncap1hu85hpv8hvuo6kcp4; path=/ Upgrade: h2,h2c Connection: Upgrade, close Location: https://www.jinansystem.com/login.php Content-Length: 0 Content-Type: text/html; charset=UTF-8 --20f20f79-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICh6TfVyTqsOoOtZ6DGagAAAMw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753260521544035 7343 (- - -) Stopwatch2: 1753260521544035 7343; combined=4161, p1=719, p2=3206, p3=79, p4=49, p5=107, sr=249, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --20f20f79-Z-- --cc9e2434-A-- [23/Jul/2025:11:49:16.029693 +0300] aICiCjfVyTqsOoOtZ6DHawAAAMc 212.28.242.186 38166 127.0.0.1 7081 --cc9e2434-B-- GET /administration/index.php?code=4/0AVMBsJidCLjBjbXrouFzkkBwe81YO2RgAANQN7LCODRU4I4z9m1xOc8FBZcSXfoOKYUJUw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=1&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=7j1bncap1hu85hpv8hvuo6kcp4 --cc9e2434-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --cc9e2434-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICiCjfVyTqsOoOtZ6DHawAAAMc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753260554512801 1517106 (- - -) Stopwatch2: 1753260554512801 1517106; combined=5588, p1=791, p2=4351, p3=147, p4=79, p5=219, sr=178, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cc9e2434-Z-- --f37c1f40-A-- [23/Jul/2025:11:49:54.401342 +0300] aICiMjfVyTqsOoOtZ6DIoAAAAMc 142.93.52.141 57226 127.0.0.1 7080 --f37c1f40-B-- GET /.env HTTP/1.0 Host: 41.128.143.86 X-Real-IP: 142.93.52.141 Connection: close User-Agent: Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about); Accept: */* Accept-Encoding: gzip --f37c1f40-F-- HTTP/1.1 404 Not Found Content-Length: 259 Connection: close Content-Type: text/html; charset=iso-8859-1 --f37c1f40-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.86"] [uri "/.env"] [unique_id "aICiMjfVyTqsOoOtZ6DIoAAAAMc"] Stopwatch: 1753260594397457 3969 (- - -) Stopwatch2: 1753260594397457 3969; combined=2499, p1=492, p2=1877, p3=23, p4=34, p5=73, sr=145, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f37c1f40-Z-- --d141f978-A-- [23/Jul/2025:11:49:54.786724 +0300] aICiMjSlzRK7A2fl0tjxWgAAAIQ 142.93.52.141 57232 127.0.0.1 7080 --d141f978-B-- GET /.git/config HTTP/1.0 Host: 41.128.143.86 X-Real-IP: 142.93.52.141 Connection: close User-Agent: Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about); Accept: */* Accept-Encoding: gzip --d141f978-F-- HTTP/1.1 404 Not Found Content-Length: 259 Connection: close Content-Type: text/html; charset=iso-8859-1 --d141f978-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.86"] [uri "/.git/config"] [unique_id "aICiMjSlzRK7A2fl0tjxWgAAAIQ"] Stopwatch: 1753260594782187 4607 (- - -) Stopwatch2: 1753260594782187 4607; combined=2732, p1=618, p2=1966, p3=25, p4=35, p5=88, sr=183, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d141f978-Z-- --dd273021-A-- [23/Jul/2025:11:50:32.483242 +0300] aICiVzfVyTqsOoOtZ6DJeAAAAME 185.148.1.243 51042 127.0.0.1 7081 --dd273021-B-- GET /.git/config HTTP/1.0 Host: demo.snapcart.io X-Real-IP: 185.148.1.243 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0 Accept-Charset: utf-8 Accept-Encoding: gzip --dd273021-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 Set-Cookie: XSRF-TOKEN=eyJpdiI6ImFPc3hHY3ZzbFBTdVU3ZEtlTnpqa2c9PSIsInZhbHVlIjoiekk1eW1FRTJDTzFkQk5mNnphTnRBZllwOVBBZlZmYkVNdlJnVmp4cG14L2VsK0lFdDBQRFdONDdvVnAzUStneG1acDlybTVUNEtSMUluVFVrRXFVQnI4NjVqY2c3SjlDUEFXQ3hjTHYwZTNqTDBJc3d5eTJhYmVqSVhzMkkrb2EiLCJtYWMiOiIwZDUzNzBmNjM1NjVmMjA1ODczMzI0MTY1Y2UyMzEzOWQzMDY2NzY5NTczOGE0ZDk4OWU4YTM2N2I5Nzg5NDVhIiwidGFnIjoiIn0%3D; expires=Wed, 23 Jul 2025 10:50:32 GMT; Max-Age=7200; path=/; secure; samesite=lax Set-Cookie: shopking_ecommerce_app_with_laravel_website_admin_panel_with_pos_inventory_management_session=eyJpdiI6ImVyQ1ByQzdZc1R4b201QXVWTXg2OVE9PSIsInZhbHVlIjoiVzMzNk1TUnJwYzl4aXNDU2RuYkdvZGF6WjRHbG82NzFzQmsyZ2RBbFJ4UDludjdtcmRTaGZwLzdaak8zczFqUzJnekRoWWZhZ3NvdDdXM09sTnFyQzh2a1EvN3VYck9GNnhIeFFQSDdySmNxYnhEakgrU2pTL2wwSnMzbkpPcHIiLCJtYWMiOiJkYTU2ZDcxYTVkYzc3ZTQzOTA5ZWFmYTMzZTY1YzExNDA5MGY1NDRiNDBkMTk4Zjg0N2UxZTJkMjRiOTQxZDBiIiwidGFnIjoiIn0%3D; expires=Wed, 23 Jul 2025 10:50:32 GMT; Max-Age=7200; path=/; httponly; samesite=lax Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 547 Content-Type: text/html; charset=UTF-8 --dd273021-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demo.snapcart.io"] [uri "/.git/config"] [unique_id "aICiVzfVyTqsOoOtZ6DJeAAAAME"] Apache-Handler: proxy:unix:/var/www/vhosts/system/demo.snapcart.io/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753260631976518 506877 (- - -) Stopwatch2: 1753260631976518 506877; combined=2500, p1=534, p2=1850, p3=0, p4=0, p5=114, sr=133, sw=2, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dd273021-Z-- --1a38913b-A-- [23/Jul/2025:11:51:20.108072 +0300] aICihTfVyTqsOoOtZ6DK3QAAANE 219.151.177.122 48466 127.0.0.1 7081 --1a38913b-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: glamilea.com X-Real-IP: 219.151.177.122 X-Accel-Internal: /internal-nginx-static-location Connection: close upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-site: same-origin user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 accept-encoding: gzip, deflate, br sec-fetch-mode: navigate sec-fetch-user: ?1 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 accept-language: en-US,en;q=0.5 referer: http://glamilea.com/wp-login.php cookie: yay_currency_widget=29035; wordpress_test_cookie=WP%20Cookie%20check --1a38913b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.1.33 X-Robots-Tag: noindex Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin Upgrade: h2,h2c Connection: Upgrade, close Content-Type: application/json; charset=UTF-8 --1a38913b-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glamilea.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glamilea.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "glamilea.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aICihTfVyTqsOoOtZ6DK3QAAANE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753260677656290 2451959 (- - -) Stopwatch2: 1753260677656290 2451959; combined=4030, p1=606, p2=3228, p3=0, p4=0, p5=195, sr=246, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1a38913b-Z-- --bd48057f-A-- [23/Jul/2025:11:51:45.485937 +0300] aICioDSlzRK7A2fl0tjy4AAAAIY 212.28.242.186 40790 127.0.0.1 7081 --bd48057f-B-- GET /administration/index.php?code=4/0AVMBsJhB9b57fZNKOv8_5Myo9PTbDeNV3dRdq3WTCgeiOaImyjFQny9A9fRiUbmTE55_4Q&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: ar-LB,ar;q=0.9,en-LB;q=0.8,en;q=0.7,en-US;q=0.6 priority: u=0, i cookie: PHPSESSID=tull8t6h7upgkrvn3f0a3fovd7 --bd48057f-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --bd48057f-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICioDSlzRK7A2fl0tjy4AAAAIY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753260704985494 500643 (- - -) Stopwatch2: 1753260704985494 500643; combined=91359, p1=488, p2=3460, p3=210, p4=59, p5=43630, sr=145, sw=1, l=0, gc=43511 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bd48057f-Z-- --255a3852-A-- [23/Jul/2025:11:53:58.425596 +0300] aICjJTSlzRK7A2fl0tj05QAAAIs 195.112.198.68 49194 127.0.0.1 7081 --255a3852-B-- GET /administration/index.php?code=4/0AVMBsJifyl2NlO7UCzsJYiU-cqo-kT7qa3GOR7KUg7EjTjaatr1Incp0Slhau7TfIj7rXg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 195.112.198.68 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 Firefox/128.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br, zstd referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 priority: u=0, i cookie: PHPSESSID=u7h4sbrbkkltqd28hiiburgcj6 --255a3852-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --255a3852-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICjJTSlzRK7A2fl0tj05QAAAIs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753260837962237 463547 (- - -) Stopwatch2: 1753260837962237 463547; combined=8368, p1=678, p2=7322, p3=121, p4=71, p5=175, sr=179, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --255a3852-Z-- --95308760-A-- [23/Jul/2025:11:54:56.960437 +0300] aICjYJJtMdVA_1kExR3u0wAAAAA 94.187.21.53 56232 127.0.0.1 7081 --95308760-B-- GET /administration/index.php?code=4/0AVMBsJjIKGTqvMvxwbJ9ZQkrVF7bXAhj5HXgmdIUKmSBKygOZPjTfp70Swa8cKBFryt5uw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 94.187.21.53 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Opera";v="119" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 OPR/119.0.0.0 (Edition Campaign 34) accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-GB,en-US;q=0.9,en;q=0.8,ar;q=0.7,hu;q=0.6,fr;q=0.5 priority: u=0, i cookie: PHPSESSID=o6679l27jspetdnihv2o8f7dp2 --95308760-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --95308760-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICjYJJtMdVA_1kExR3u0wAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753260896519004 441738 (- - -) Stopwatch2: 1753260896519004 441738; combined=6319, p1=496, p2=5431, p3=113, p4=72, p5=206, sr=150, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --95308760-Z-- --7d227214-A-- [23/Jul/2025:11:59:52.403600 +0300] aICkh5JtMdVA_1kExR3wTAAAAAM 212.28.242.186 34804 127.0.0.1 7081 --7d227214-B-- GET /administration/index.php?code=4/0AVMBsJjiMXFTPKWD9YnKyKPym-FEWUf7Fz8DXDWLZzDFIq7o88gSeXSQXvMw43OqpmTrXQ&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=21bpo7shvcragcdcm1a0pbtd05 --7d227214-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --7d227214-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICkh5JtMdVA_1kExR3wTAAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753261191009131 1394627 (- - -) Stopwatch2: 1753261191009131 1394627; combined=4445, p1=596, p2=3499, p3=169, p4=55, p5=125, sr=173, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7d227214-Z-- --adf80007-A-- [23/Jul/2025:12:06:16.255239 +0300] aICmCJJtMdVA_1kExR3yyQAAAA8 45.95.243.79 39950 127.0.0.1 7081 --adf80007-B-- HEAD /restore/dump.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 45.95.243.79 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --adf80007-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --adf80007-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/restore/dump.sql"] [unique_id "aICmCJJtMdVA_1kExR3yyQAAAA8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753261576239171 16153 (- - -) Stopwatch2: 1753261576239171 16153; combined=2313, p1=488, p2=1736, p3=0, p4=0, p5=89, sr=143, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --adf80007-Z-- --7f56cc7e-A-- [23/Jul/2025:12:06:18.388422 +0300] aICmCjSlzRK7A2fl0tj-bgAAAIs 45.95.243.73 40230 127.0.0.1 7081 --7f56cc7e-B-- HEAD /backups/dump.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 45.95.243.73 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --7f56cc7e-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --7f56cc7e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/backups/dump.sql"] [unique_id "aICmCjSlzRK7A2fl0tj-bgAAAIs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753261578372017 16471 (- - -) Stopwatch2: 1753261578372017 16471; combined=2877, p1=585, p2=2161, p3=0, p4=0, p5=130, sr=162, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7f56cc7e-Z-- --546db77b-A-- [23/Jul/2025:12:06:21.164806 +0300] aICmDTSlzRK7A2fl0tj-fAAAAIw 45.95.243.100 40622 127.0.0.1 7081 --546db77b-B-- HEAD /back/sql.sql HTTP/1.0 Host: vivacetrading.com X-Real-IP: 45.95.243.100 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --546db77b-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --546db77b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/back/sql.sql"] [unique_id "aICmDTSlzRK7A2fl0tj-fAAAAIw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753261581149766 15205 (- - -) Stopwatch2: 1753261581149766 15205; combined=2461, p1=445, p2=1873, p3=0, p4=0, p5=142, sr=151, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --546db77b-Z-- --66c4355b-A-- [23/Jul/2025:12:08:32.063558 +0300] aICmj5JtMdVA_1kExR3ztgAAAAg 212.28.242.186 54592 127.0.0.1 7081 --66c4355b-B-- GET /administration/index.php?code=4/0AVMBsJgZbHNgXZlJdVYYk5Nrgh4AAbkLFeSL5mUV2dmpKy_23FJ2fYG0rAqHEe5GZm6E9g&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=m4cfl3ae3r55g2d5i9aoomdmh4 --66c4355b-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --66c4355b-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICmj5JtMdVA_1kExR3ztgAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753261711636835 426940 (- - -) Stopwatch2: 1753261711636835 426940; combined=5380, p1=712, p2=4348, p3=128, p4=61, p5=131, sr=207, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --66c4355b-Z-- --203da067-A-- [23/Jul/2025:12:13:01.437359 +0300] aICnnDfVyTqsOoOtZ6DxQwAAAM8 212.28.242.186 59046 127.0.0.1 7081 --203da067-B-- GET /administration/index.php?code=4/0AVMBsJgOJ4EmMZy0AlEHi6CB-I761NF_-TC24h9G2bREMsgBpLc7OcF1NTuOG1lQMUCZUg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=28l4nn9cd51dd1g028foj41tf4 --203da067-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --203da067-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICnnDfVyTqsOoOtZ6DxQwAAAM8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753261980982632 454956 (- - -) Stopwatch2: 1753261980982632 454956; combined=4849, p1=515, p2=3881, p3=175, p4=128, p5=149, sr=151, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --203da067-Z-- --7dbc5958-A-- [23/Jul/2025:12:19:00.144296 +0300] aICpAzfVyTqsOoOtZ6D6-QAAAMI 141.105.87.197 59672 127.0.0.1 7081 --7dbc5958-B-- GET /administration/index.php?code=4/0AVMBsJhEZjg9G-lHwcpuwsUp6o7C6eXMm4WL_iuTlbfCtKH3U8TNk5hT4UsDZjGmbBReWQ&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 141.105.87.197 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=ifbhdev1gghgrptvh1f1mjt090 --7dbc5958-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --7dbc5958-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICpAzfVyTqsOoOtZ6D6-QAAAMI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753262339700803 443799 (- - -) Stopwatch2: 1753262339700803 443799; combined=4895, p1=659, p2=3786, p3=124, p4=63, p5=262, sr=136, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7dbc5958-Z-- --1d5edd39-A-- [23/Jul/2025:12:20:19.533616 +0300] aICpU5JtMdVA_1kExR34QQAAAAE 212.28.242.186 58444 127.0.0.1 7081 --1d5edd39-B-- GET /administration/index.php?code=4/0AVMBsJidThmqrpL0fUL7l1nVGSgJuYvIIlugW8GOvyYIkz61P3ZfAefKGjhUjujezOWCsQ&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=aod5ac3mu1e9ht1pnt024u1nr5 --1d5edd39-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --1d5edd39-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICpU5JtMdVA_1kExR34QQAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753262419060729 473044 (- - -) Stopwatch2: 1753262419060729 473044; combined=5954, p1=459, p2=5212, p3=109, p4=64, p5=110, sr=139, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1d5edd39-Z-- --d6b22e0e-A-- [23/Jul/2025:12:20:56.537665 +0300] aICpeDfVyTqsOoOtZ6D-GwAAANM 212.28.242.186 38052 127.0.0.1 7081 --d6b22e0e-B-- GET /administration/index.php?code=4/0AVMBsJjl7MzwreQPsYl3wimYp2bFTtxUxP0x76axJ6MwPZLucqYcmW334-o3sfcraSGHFw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=hbba11ekuss73be8qgtrf1ajv2 --d6b22e0e-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --d6b22e0e-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICpeDfVyTqsOoOtZ6D-GwAAANM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753262456088460 449369 (- - -) Stopwatch2: 1753262456088460 449369; combined=5198, p1=677, p2=4165, p3=124, p4=66, p5=165, sr=169, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d6b22e0e-Z-- --79a36024-A-- [23/Jul/2025:12:21:12.912162 +0300] aICpiDfVyTqsOoOtZ6D-qAAAAMo 212.28.242.186 44202 127.0.0.1 7081 --79a36024-B-- GET /administration/index.php?code=4/0AVMBsJijaYRpty-g7K2wBsvaRT0_OVNKTNT73n4Lofv6U6ZBXVr3QkqYdWQh-rWS4q0eWA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=tqq67ndqtps8b9f09ctrmell61 --79a36024-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --79a36024-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICpiDfVyTqsOoOtZ6D-qAAAAMo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753262472490748 421608 (- - -) Stopwatch2: 1753262472490748 421608; combined=6718, p1=660, p2=5723, p3=160, p4=61, p5=114, sr=158, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --79a36024-Z-- --71182c3f-A-- [23/Jul/2025:12:23:03.109489 +0300] aICp9jSlzRK7A2fl0tgK3AAAAIk 212.28.242.186 47266 127.0.0.1 7081 --71182c3f-B-- GET /administration/index.php?code=4/0AVMBsJg_S_di9ShoJ9W7Y9bcoXJs3j1Y5bDfxsyJejIqYNDJAAZ3X9Z8rZtwTp-T--awvw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=tg57bp91ldlfucl8u3ctat32v2 --71182c3f-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --71182c3f-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICp9jSlzRK7A2fl0tgK3AAAAIk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753262582661274 448613 (- - -) Stopwatch2: 1753262582661274 448613; combined=9569, p1=763, p2=8402, p3=197, p4=73, p5=133, sr=177, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --71182c3f-Z-- --cfd12267-A-- [23/Jul/2025:12:23:26.092666 +0300] aICqDjfVyTqsOoOtZ6AClwAAAMI 185.148.1.243 60064 127.0.0.1 7080 --cfd12267-B-- GET /.git/config HTTP/1.0 Host: mail.snapcart.io X-Real-IP: 185.148.1.243 Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0 Accept-Charset: utf-8 Accept-Encoding: gzip --cfd12267-F-- HTTP/1.1 404 Not Found Content-Length: 262 Connection: close Content-Type: text/html; charset=iso-8859-1 --cfd12267-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.snapcart.io"] [uri "/.git/config"] [unique_id "aICqDjfVyTqsOoOtZ6AClwAAAMI"] Stopwatch: 1753262606088274 4482 (- - -) Stopwatch2: 1753262606088274 4482; combined=2810, p1=575, p2=2097, p3=25, p4=37, p5=76, sr=167, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cfd12267-Z-- --f78f6261-A-- [23/Jul/2025:12:26:45.908495 +0300] aICq1TfVyTqsOoOtZ6AI-AAAANc 207.154.212.47 46678 127.0.0.1 7081 --f78f6261-B-- POST /php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3D0+%ADd+disable_functions%3D""+%ADd+allow_url_include%3D1+%ADd+auto_prepend_file%3Dphp://input HTTP/1.0 Host: crm.verozone.md X-Real-IP: 207.154.212.47 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 164 User-Agent: Go-http-client/1.1 Content-Type: application/x-www-form-urlencoded Accept-Encoding: gzip --f78f6261-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/7.4.33 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --f78f6261-H-- Message: Warning. Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\xadd cgi.force_redirect=0 \xadd disable_functions="" \xadd allow_url_include=1 \xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||crm.verozone.md|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\x5cxadd cgi.force_redirect=0 \x5cxadd disable_functions=\x22\x22 \x5cxadd allow_url_include=1 \x5cxadd auto_prepend_file=php://input: \xadd cgi.force_redirect=0 \xadd disable_functions=\x22\x22 \xadd allow_url_include=1 \xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\\\\xadd cgi.force_redirect=0 \\\\xadd disable_functions="" \\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||crm.verozone.md|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\\\x5cxadd cgi.force_redirect=0 \\\\x5cxadd disable_functions=\\\\x22\\\\x22 \\\\x5cxadd allow_url_include=1 \\\\x5cxadd auto_prepend_file=php://input: \\\\xadd cgi.force_redirect=0 \\\\xadd disable_functions=\\\\x22\\\\x22 \\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "crm.verozone.md"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aICq1TfVyTqsOoOtZ6AI-AAAANc"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning: file_exists(): open_basedir restriction in effect. File(/autoload.php) is not within the allowed path(s): (/var/www/vhosts/verozone.md/:/tmp/) in /var/www/vhosts/verozone.md/crm.verozone.md/vendor/vonage/nexmo-bridge/src/Autoloader.php on line 69' Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.verozone.md/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753262805321913 586716 (- - -) Stopwatch2: 1753262805321913 586716; combined=6996, p1=760, p2=5907, p3=0, p4=0, p5=328, sr=214, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f78f6261-Z-- --8da0cb5b-A-- [23/Jul/2025:12:27:02.885852 +0300] aICq5jfVyTqsOoOtZ6AJvgAAAMU 207.154.212.47 45728 127.0.0.1 7081 --8da0cb5b-B-- GET /.env HTTP/1.0 Host: crm.verozone.md X-Real-IP: 207.154.212.47 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --8da0cb5b-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/7.4.33 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --8da0cb5b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crm.verozone.md"] [uri "/.env"] [unique_id "aICq5jfVyTqsOoOtZ6AJvgAAAMU"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning: file_exists(): open_basedir restriction in effect. File(/autoload.php) is not within the allowed path(s): (/var/www/vhosts/verozone.md/:/tmp/) in /var/www/vhosts/verozone.md/crm.verozone.md/vendor/vonage/nexmo-bridge/src/Autoloader.php on line 69' Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.verozone.md/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753262822317860 568129 (- - -) Stopwatch2: 1753262822317860 568129; combined=3173, p1=1300, p2=1615, p3=0, p4=0, p5=257, sr=823, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8da0cb5b-Z-- --c8314c4e-A-- [23/Jul/2025:12:27:03.806331 +0300] aICq5zfVyTqsOoOtZ6AJygAAANE 207.154.212.47 38162 127.0.0.1 7081 --c8314c4e-B-- GET /.git/config HTTP/1.0 Host: crm.verozone.md X-Real-IP: 207.154.212.47 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --c8314c4e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/7.4.33 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --c8314c4e-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crm.verozone.md"] [uri "/.git/config"] [unique_id "aICq5zfVyTqsOoOtZ6AJygAAANE"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning: file_exists(): open_basedir restriction in effect. File(/autoload.php) is not within the allowed path(s): (/var/www/vhosts/verozone.md/:/tmp/) in /var/www/vhosts/verozone.md/crm.verozone.md/vendor/vonage/nexmo-bridge/src/Autoloader.php on line 69' Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.verozone.md/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753262823128645 677769 (- - -) Stopwatch2: 1753262823128645 677769; combined=3372, p1=613, p2=2626, p3=0, p4=0, p5=132, sr=160, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c8314c4e-Z-- --b5d72a40-A-- [23/Jul/2025:12:33:16.628618 +0300] aICsXJJtMdVA_1kExR39oAAAABc 195.112.198.68 49762 127.0.0.1 7081 --b5d72a40-B-- GET /administration/index.php?code=4/0AVMBsJg8IFiQoowAdIg8HuDDj8H1FrG7v4CwDWbPmVwxvDBVN4dhiN0O-XcKitW24zfDuw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 195.112.198.68 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=ohj4pfo8uui7tamcaqc5cbt4c1 --b5d72a40-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --b5d72a40-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICsXJJtMdVA_1kExR39oAAAABc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753263196214671 414125 (- - -) Stopwatch2: 1753263196214671 414125; combined=4862, p1=712, p2=3792, p3=157, p4=66, p5=134, sr=179, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b5d72a40-Z-- --22159d0d-A-- [23/Jul/2025:12:36:04.216025 +0300] aICtBDfVyTqsOoOtZ6AYrQAAAM8 35.198.215.128 44548 127.0.0.1 7081 --22159d0d-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: riyadhchocolate.com X-Real-IP: 35.198.215.128 X-Accel-Internal: /internal-nginx-static-location Connection: close upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-user: ?1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br sec-fetch-mode: navigate sec-fetch-site: same-origin referer: http://riyadhchocolate.com/wp-login.php cookie: wordpress_test_cookie=WP%20Cookie%20check --22159d0d-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT ETag: "328-631485999ce56" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --22159d0d-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "riyadhchocolate.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aICtBDfVyTqsOoOtZ6AYrQAAAM8"] Stopwatch: 1753263364210222 6141 (- - -) Stopwatch2: 1753263364210222 6141; combined=3805, p1=727, p2=2935, p3=0, p4=0, p5=143, sr=185, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --22159d0d-Z-- --e0e45a21-A-- [23/Jul/2025:12:36:55.308312 +0300] aICtNjSlzRK7A2fl0tgWNgAAAJc 141.105.87.197 59212 127.0.0.1 7081 --e0e45a21-B-- GET /administration/index.php?code=4/0AVMBsJgcQc6oSFCBbIKnwzNXaTAgjut41n2ayu6fjYwp1bR0r0JNY3pATPDvLkIcMU3CtQ&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 141.105.87.197 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 6.1; rv:109.0) Gecko/20100101 Firefox/115.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 cookie: PHPSESSID=3qi4esj5jgfbu61tfa7fh03gc2 --e0e45a21-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --e0e45a21-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICtNjSlzRK7A2fl0tgWNgAAAJc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753263414799957 508663 (- - -) Stopwatch2: 1753263414799957 508663; combined=6801, p1=721, p2=5737, p3=116, p4=75, p5=151, sr=218, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e0e45a21-Z-- --ed333749-A-- [23/Jul/2025:12:37:14.973885 +0300] aICtSjfVyTqsOoOtZ6AavwAAAM8 141.105.87.197 45614 127.0.0.1 7081 --ed333749-B-- GET /administration/index.php?code=4/0AVMBsJhylNKv49pttzYzn5AXrXi1hGYVdDFTHgvD2bmfM3AmzjhrFMG23XStUYRCYX7zkA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 141.105.87.197 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=7d2ttk192900lb9upefir29nq4 --ed333749-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --ed333749-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICtSjfVyTqsOoOtZ6AavwAAAM8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753263434510636 463471 (- - -) Stopwatch2: 1753263434510636 463471; combined=7342, p1=722, p2=6165, p3=133, p4=70, p5=251, sr=180, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ed333749-Z-- --cd184a2b-A-- [23/Jul/2025:12:40:00.791750 +0300] aICt8DfVyTqsOoOtZ6Ae7gAAAMo 212.28.242.186 40262 127.0.0.1 7081 --cd184a2b-B-- GET /administration/index.php?code=4/0AVMBsJji_aAlaROtmqJI9hzF97KvaO2yoiZwyuXzs1kue_mOBlcJP0W_etK-Mp6NkphYNA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9,ar;q=0.8 priority: u=0, i cookie: PHPSESSID=2d6ou4jffsrigq3kbh24k83j61 --cd184a2b-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --cd184a2b-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICt8DfVyTqsOoOtZ6Ae7gAAAMo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753263600200776 591184 (- - -) Stopwatch2: 1753263600200776 591184; combined=5049, p1=646, p2=4078, p3=126, p4=56, p5=143, sr=179, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cd184a2b-Z-- --72080917-A-- [23/Jul/2025:12:44:42.514044 +0300] aICvCjfVyTqsOoOtZ6AnUAAAAMg 212.28.242.186 42856 127.0.0.1 7081 --72080917-B-- GET /administration/index.php?code=4/0AVMBsJhDKbBdzSo-nojCzl44mtwkOR2OWNvzZoYW1ms3vG9fipzv-V4E8hHPnAO5f6K2vg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-GB,en-US;q=0.9,en;q=0.8 priority: u=0, i cookie: PHPSESSID=cu2ti8kadvkl84f49hl83k9ls0 --72080917-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --72080917-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICvCjfVyTqsOoOtZ6AnUAAAAMg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753263882049408 464852 (- - -) Stopwatch2: 1753263882049408 464852; combined=6791, p1=734, p2=5596, p3=178, p4=91, p5=191, sr=179, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --72080917-Z-- --7bb97408-A-- [23/Jul/2025:12:45:17.071961 +0300] aICvLTSlzRK7A2fl0tgdGgAAAJM 185.148.1.243 36474 127.0.0.1 7081 --7bb97408-B-- GET /.git/config HTTP/1.0 Host: snapcart.io X-Real-IP: 185.148.1.243 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0 Accept-Charset: utf-8 Accept-Encoding: gzip --7bb97408-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 16 Mar 2025 19:58:17 GMT ETag: "328-6307b17c198d5" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --7bb97408-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "snapcart.io"] [uri "/.git/config"] [unique_id "aICvLTSlzRK7A2fl0tgdGgAAAJM"] Stopwatch: 1753263917067176 5040 (- - -) Stopwatch2: 1753263917067176 5040; combined=2745, p1=583, p2=2023, p3=0, p4=0, p5=139, sr=149, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7bb97408-Z-- --b203557c-A-- [23/Jul/2025:12:54:07.196535 +0300] aICxPzfVyTqsOoOtZ6A2jgAAAMo 20.229.113.53 37868 127.0.0.1 7081 --b203557c-B-- GET /.env HTTP/1.0 Host: raqmix.cloud X-Real-IP: 20.229.113.53 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: python-requests/2.32.4 Accept-Encoding: gzip, deflate Accept: */* --b203557c-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --b203557c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "raqmix.cloud"] [uri "/.env"] [unique_id "aICxPzfVyTqsOoOtZ6A2jgAAAMo"] Stopwatch: 1753264447190125 6518 (- - -) Stopwatch2: 1753264447190125 6518; combined=3799, p1=890, p2=2831, p3=0, p4=0, p5=77, sr=298, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b203557c-Z-- --3bef6076-A-- [23/Jul/2025:12:54:47.050974 +0300] aICxZjSlzRK7A2fl0tgkvQAAAIY 90.214.236.66 48628 127.0.0.1 7081 --3bef6076-B-- GET /administration/index.php?code=4/0AVMBsJiOLC3W97dYMfUu2CH4-QIceHzYLKPqQLK0uAm39emoU8qmbyds-C962wLNoy2GiA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 90.214.236.66 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-encoding: gzip, deflate, br user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.1 Safari/605.1.15 accept-language: en-us referer: https://accounts.google.com/ cookie: PHPSESSID=l56ftredvmkg30u15jv119ben1 --3bef6076-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --3bef6076-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICxZjSlzRK7A2fl0tgkvQAAAIY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753264486606163 444991 (- - -) Stopwatch2: 1753264486606163 444991; combined=6637, p1=583, p2=5471, p3=119, p4=310, p5=154, sr=150, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3bef6076-Z-- --85ba3012-A-- [23/Jul/2025:12:55:03.870078 +0300] aICxdzfVyTqsOoOtZ6A4JAAAAM8 212.28.242.186 47756 127.0.0.1 7081 --85ba3012-B-- GET /administration/index.php?code=4/0AVMBsJiLAiaqMQ2-AjA0Jsg-4OZLMqdHi1lwM5s4JgZAKhBlgJpE0mbbD8iJz8RhYLTWNg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=4rb1dmr2tgc5c0f9eek0u1j3e0 --85ba3012-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --85ba3012-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICxdzfVyTqsOoOtZ6A4JAAAAM8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753264503404809 465433 (- - -) Stopwatch2: 1753264503404809 465433; combined=5408, p1=733, p2=4153, p3=114, p4=163, p5=244, sr=274, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --85ba3012-Z-- --fdc93f42-A-- [23/Jul/2025:12:55:06.044721 +0300] aICxejfVyTqsOoOtZ6A4OwAAAMc 14.225.27.172 48132 127.0.0.1 7081 --fdc93f42-B-- GET /public/vendor/phpunit/phpunit/phpunit.xsd HTTP/1.0 Host: haddadjewellery.com X-Real-IP: 14.225.27.172 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_2) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.4 Safari/605.1.15 Accept-Charset: utf-8 Accept-Encoding: gzip --fdc93f42-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 21 Jan 2025 14:39:31 GMT ETag: "328-62c38584f0049" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --fdc93f42-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||haddadjewellery.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||haddadjewellery.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "haddadjewellery.com"] [uri "/public/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aICxejfVyTqsOoOtZ6A4OwAAAMc"] Stopwatch: 1753264506038245 6568 (- - -) Stopwatch2: 1753264506038245 6568; combined=2464, p1=445, p2=1921, p3=0, p4=0, p5=97, sr=138, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fdc93f42-Z-- --30734645-A-- [23/Jul/2025:12:55:06.062909 +0300] aICxejfVyTqsOoOtZ6A4PAAAAM0 14.225.27.172 48136 127.0.0.1 7081 --30734645-B-- GET /laravel/vendor/phpunit/phpunit/phpunit.xsd HTTP/1.0 Host: haddadjewellery.com X-Real-IP: 14.225.27.172 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (ZZ; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0 Accept-Charset: utf-8 Accept-Encoding: gzip --30734645-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 21 Jan 2025 14:39:31 GMT ETag: "328-62c38584f0049" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --30734645-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||haddadjewellery.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||haddadjewellery.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "haddadjewellery.com"] [uri "/laravel/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aICxejfVyTqsOoOtZ6A4PAAAAM0"] Stopwatch: 1753264506053887 9094 (- - -) Stopwatch2: 1753264506053887 9094; combined=5947, p1=1385, p2=4070, p3=0, p4=0, p5=491, sr=370, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --30734645-Z-- --9172340b-A-- [23/Jul/2025:12:55:06.065958 +0300] aICxejfVyTqsOoOtZ6A4PQAAAM8 14.225.27.172 48144 127.0.0.1 7081 --9172340b-B-- GET /api/vendor/phpunit/phpunit/phpunit.xsd HTTP/1.0 Host: haddadjewellery.com X-Real-IP: 14.225.27.172 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/113.0 Accept-Charset: utf-8 Accept-Encoding: gzip --9172340b-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 21 Jan 2025 14:39:31 GMT ETag: "328-62c38584f0049" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --9172340b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||haddadjewellery.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||haddadjewellery.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "haddadjewellery.com"] [uri "/api/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aICxejfVyTqsOoOtZ6A4PQAAAM8"] Stopwatch: 1753264506060268 5785 (- - -) Stopwatch2: 1753264506060268 5785; combined=3875, p1=528, p2=3238, p3=0, p4=0, p5=109, sr=178, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9172340b-Z-- --ee6b0c2e-A-- [23/Jul/2025:12:55:06.069228 +0300] aICxejfVyTqsOoOtZ6A4PgAAAMg 14.225.27.172 48142 127.0.0.1 7081 --ee6b0c2e-B-- GET /app/laravel/vendor/phpunit/phpunit/phpunit.xsd HTTP/1.0 Host: haddadjewellery.com X-Real-IP: 14.225.27.172 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.6 Mobile/15E148 Safari/604.1 Accept-Charset: utf-8 Accept-Encoding: gzip --ee6b0c2e-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 21 Jan 2025 14:39:31 GMT ETag: "328-62c38584f0049" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --ee6b0c2e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||haddadjewellery.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||haddadjewellery.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "haddadjewellery.com"] [uri "/app/laravel/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aICxejfVyTqsOoOtZ6A4PgAAAMg"] Stopwatch: 1753264506061753 7569 (- - -) Stopwatch2: 1753264506061753 7569; combined=5171, p1=1255, p2=3814, p3=0, p4=0, p5=102, sr=259, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ee6b0c2e-Z-- --0bcc6d3e-A-- [23/Jul/2025:12:55:06.073453 +0300] aICxepJtMdVA_1kExR0FyAAAABI 14.225.27.172 48158 127.0.0.1 7081 --0bcc6d3e-B-- GET /vendor/phpunit/phpunit/phpunit.xsd HTTP/1.0 Host: haddadjewellery.com X-Real-IP: 14.225.27.172 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --0bcc6d3e-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 21 Jan 2025 14:39:31 GMT ETag: "328-62c38584f0049" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --0bcc6d3e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||haddadjewellery.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||haddadjewellery.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "haddadjewellery.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aICxepJtMdVA_1kExR0FyAAAABI"] Stopwatch: 1753264506064236 9313 (- - -) Stopwatch2: 1753264506064236 9313; combined=7353, p1=402, p2=6814, p3=0, p4=0, p5=136, sr=127, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0bcc6d3e-Z-- --2ccd273d-A-- [23/Jul/2025:12:55:06.077585 +0300] aICxejSlzRK7A2fl0tglBQAAAJg 14.225.27.172 48186 127.0.0.1 7081 --2ccd273d-B-- GET /app/vendor/phpunit/phpunit/phpunit.xsd HTTP/1.0 Host: haddadjewellery.com X-Real-IP: 14.225.27.172 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Kubuntu; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0 Accept-Charset: utf-8 Accept-Encoding: gzip --2ccd273d-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 21 Jan 2025 14:39:31 GMT ETag: "328-62c38584f0049" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --2ccd273d-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||haddadjewellery.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||haddadjewellery.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "haddadjewellery.com"] [uri "/app/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aICxejSlzRK7A2fl0tglBQAAAJg"] Stopwatch: 1753264506072684 4972 (- - -) Stopwatch2: 1753264506072684 4972; combined=3026, p1=709, p2=2215, p3=0, p4=0, p5=102, sr=147, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2ccd273d-Z-- --45b67c40-A-- [23/Jul/2025:12:55:06.083892 +0300] aICxejfVyTqsOoOtZ6A4PwAAAMk 14.225.27.172 48174 127.0.0.1 7081 --45b67c40-B-- GET /backend/vendor/phpunit/phpunit/phpunit.xsd HTTP/1.0 Host: haddadjewellery.com X-Real-IP: 14.225.27.172 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --45b67c40-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 21 Jan 2025 14:39:31 GMT ETag: "328-62c38584f0049" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --45b67c40-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||haddadjewellery.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||haddadjewellery.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "haddadjewellery.com"] [uri "/backend/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aICxejfVyTqsOoOtZ6A4PwAAAMk"] Stopwatch: 1753264506076967 6995 (- - -) Stopwatch2: 1753264506076967 6995; combined=5248, p1=523, p2=4646, p3=0, p4=0, p5=79, sr=193, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --45b67c40-Z-- --c4c2c03e-A-- [23/Jul/2025:12:55:06.096293 +0300] aICxejfVyTqsOoOtZ6A4QAAAANI 14.225.27.172 48202 127.0.0.1 7081 --c4c2c03e-B-- GET /core/vendor/phpunit/phpunit/phpunit.xsd HTTP/1.0 Host: haddadjewellery.com X-Real-IP: 14.225.27.172 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.1 Accept-Charset: utf-8 Accept-Encoding: gzip --c4c2c03e-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 21 Jan 2025 14:39:31 GMT ETag: "328-62c38584f0049" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --c4c2c03e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||haddadjewellery.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||haddadjewellery.com|F|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "haddadjewellery.com"] [uri "/core/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aICxejfVyTqsOoOtZ6A4QAAAANI"] Stopwatch: 1753264506091787 4651 (- - -) Stopwatch2: 1753264506091787 4651; combined=2724, p1=538, p2=2090, p3=0, p4=0, p5=96, sr=136, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c4c2c03e-Z-- --8ac64371-A-- [23/Jul/2025:12:56:36.893587 +0300] aICx1DfVyTqsOoOtZ6A6MAAAAM0 141.105.87.197 43316 127.0.0.1 7081 --8ac64371-B-- GET /administration/index.php?code=4/0AVMBsJj1RDKNEnJtKjqQjszaH1hTZFaRehTdbaVnoMZ4D2rB-z4Dtk-BTtgtCAMmsCdlEw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 141.105.87.197 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=buqp4ks3kpraa0l3eore96aj90 --8ac64371-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --8ac64371-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICx1DfVyTqsOoOtZ6A6MAAAAM0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753264596430168 463603 (- - -) Stopwatch2: 1753264596430168 463603; combined=6060, p1=673, p2=4959, p3=193, p4=78, p5=156, sr=170, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8ac64371-Z-- --dd829203-A-- [23/Jul/2025:13:00:11.310790 +0300] aICypZJtMdVA_1kExR0H2gAAAAY 212.28.242.186 49342 127.0.0.1 7081 --dd829203-B-- GET /administration/index.php?code=4/0AVMBsJhnUOPHfALrN4BL5BkskMz8QfQ2BjSSQOIfM6qv8EloBOj5hrlrSL6hc80NPuktvw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=1&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9,ar;q=0.8 priority: u=0, i cookie: PHPSESSID=t9n9osfhbc44102brtbgn3s816 --dd829203-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --dd829203-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICypZJtMdVA_1kExR0H2gAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753264805793745 5517315 (- - -) Stopwatch2: 1753264805793745 5517315; combined=5122, p1=700, p2=3985, p3=166, p4=54, p5=216, sr=188, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dd829203-Z-- --48cece08-A-- [23/Jul/2025:13:00:50.545262 +0300] aICy0jfVyTqsOoOtZ6BA0QAAANg 212.28.242.186 39738 127.0.0.1 7081 --48cece08-B-- GET /administration/index.php?code=4/0AVMBsJgji-ScuL_Xz3qXO_er6G3vsuSmVq8Q06J8NfvGwZSIZ2DGWkPr0J7WaV5Gtr4rOg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: ar-LB,ar;q=0.9,en-LB;q=0.8,en;q=0.7,en-US;q=0.6 priority: u=0, i cookie: PHPSESSID=tull8t6h7upgkrvn3f0a3fovd7 --48cece08-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --48cece08-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aICy0jfVyTqsOoOtZ6BA0QAAANg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753264850051340 494118 (- - -) Stopwatch2: 1753264850051340 494118; combined=7066, p1=997, p2=5668, p3=183, p4=57, p5=160, sr=305, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --48cece08-Z-- --3f373b41-A-- [23/Jul/2025:13:00:59.592858 +0300] aICy2zSlzRK7A2fl0tgpXAAAAJM 185.148.1.243 34948 127.0.0.1 7081 --3f373b41-B-- GET /.git/config HTTP/1.0 Host: webmail.snapcart.io X-Real-IP: 185.148.1.243 Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0 Accept-Charset: utf-8 Accept-Encoding: gzip --3f373b41-F-- HTTP/1.1 403 Forbidden Content-Length: 269 Connection: close Content-Type: text/html; charset=iso-8859-1 --3f373b41-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.snapcart.io"] [uri "/.git/config"] [unique_id "aICy2zSlzRK7A2fl0tgpXAAAAJM"] Stopwatch: 1753264859587173 5740 (- - -) Stopwatch2: 1753264859587173 5740; combined=3183, p1=1163, p2=1896, p3=22, p4=33, p5=69, sr=138, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3f373b41-Z-- --21f3527b-A-- [23/Jul/2025:13:01:27.099704 +0300] aICy9JJtMdVA_1kExR0IgQAAAAE 110.238.119.101 50736 127.0.0.1 7081 --21f3527b-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: glamilea.com X-Real-IP: 110.238.119.101 X-Accel-Internal: /internal-nginx-static-location Connection: close accept-encoding: gzip, deflate, br upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 referer: http://glamilea.com/wp-login.php sec-fetch-site: same-origin sec-fetch-user: ?1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 accept-language: en-US,en;q=0.5 cookie: yay_currency_widget=29035; wordpress_test_cookie=WP%20Cookie%20check --21f3527b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.1.33 X-Robots-Tag: noindex Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin Upgrade: h2,h2c Connection: Upgrade, close Content-Type: application/json; charset=UTF-8 --21f3527b-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glamilea.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glamilea.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "glamilea.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aICy9JJtMdVA_1kExR0IgQAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753264884520393 2579519 (- - -) Stopwatch2: 1753264884520393 2579519; combined=4307, p1=460, p2=3660, p3=0, p4=0, p5=186, sr=150, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --21f3527b-Z-- --55b16942-A-- [23/Jul/2025:13:09:46.313705 +0300] aIC06TSlzRK7A2fl0tgw5AAAAJU 212.28.242.186 46362 127.0.0.1 7081 --55b16942-B-- GET /administration/index.php?code=4/0AVMBsJi3nlqmz1ht_iJGeMUtwseldCL19iYgR6AuJ-S44rV3BnUeCm2H-3VhudNuq3hBog&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=1&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=7j1bncap1hu85hpv8hvuo6kcp4 --55b16942-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --55b16942-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIC06TSlzRK7A2fl0tgw5AAAAJU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753265385839239 474670 (- - -) Stopwatch2: 1753265385839239 474670; combined=5173, p1=522, p2=4323, p3=136, p4=55, p5=137, sr=137, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --55b16942-Z-- --a9d8cc6c-A-- [23/Jul/2025:13:12:26.350950 +0300] aIC1iTfVyTqsOoOtZ6BVzwAAANQ 212.28.242.186 37720 127.0.0.1 7081 --a9d8cc6c-B-- GET /administration/index.php?code=4/0AVMBsJgZBz4omamy6ucTiYJ2qL9-n_M6HI8leh5rBM_qbdiiyGo_AXJJsl2ZwQWT2ZO46Q&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=audgchliafhq2fnvth0dne6ae1 --a9d8cc6c-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --a9d8cc6c-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIC1iTfVyTqsOoOtZ6BVzwAAANQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753265545895628 455481 (- - -) Stopwatch2: 1753265545895628 455481; combined=8859, p1=593, p2=7953, p3=120, p4=83, p5=110, sr=148, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a9d8cc6c-Z-- --5e7c0411-A-- [23/Jul/2025:13:15:24.647469 +0300] aIC2PDfVyTqsOoOtZ6BbbAAAANE 195.112.198.68 57434 127.0.0.1 7081 --5e7c0411-B-- GET /administration/index.php?code=4/0AVMBsJg0vrgjVf3H13rjjvpn5SSBLke5VwDn8uwVUH0ZB0n1X4VhzjSI9I9NOBYgGVwUFQ&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 195.112.198.68 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=ohj4pfo8uui7tamcaqc5cbt4c1 --5e7c0411-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --5e7c0411-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIC2PDfVyTqsOoOtZ6BbbAAAANE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753265724209837 437854 (- - -) Stopwatch2: 1753265724209837 437854; combined=4711, p1=594, p2=3789, p3=133, p4=64, p5=130, sr=132, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5e7c0411-Z-- --830bb54f-A-- [23/Jul/2025:13:19:03.167700 +0300] aIC3FjfVyTqsOoOtZ6BhWAAAANA 212.28.242.186 49788 127.0.0.1 7081 --830bb54f-B-- GET /administration/index.php?code=4/0AVMBsJh2neA_OTDtDcFhlIACMkIUIb40a-Oxx-H11Z3RQSw56DHkXc2hmG0vdRoXGVZA6g&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=qrsbdl4go8hcliksmd14snrjv7 --830bb54f-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --830bb54f-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIC3FjfVyTqsOoOtZ6BhWAAAANA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753265942723472 444482 (- - -) Stopwatch2: 1753265942723472 444482; combined=8706, p1=504, p2=7872, p3=130, p4=64, p5=135, sr=137, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --830bb54f-Z-- --ff75a61f-A-- [23/Jul/2025:13:19:21.000426 +0300] aIC3JpJtMdVA_1kExR0P1AAAABU 156.214.120.64 38768 127.0.0.1 7081 --ff75a61f-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 156.214.120.64 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 658 sec-ch-ua-platform: "Android" user-agent: Mozilla/5.0 (Linux; Android 15; SM-A165F Build/AP3A.240905.015.A2; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/138.0.7204.67 Mobile Safari/537.36 Instagram 389.0.0.49.87 Android (35/15; 480dpi; 1080x2340; samsung; SM-A165F; a16; mt6789; en_GB; 763654648; IABMV/1) sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Android WebView";v="138" content-type: text/plain;charset=UTF-8 sec-ch-ua-mobile: ?1 accept: */* origin: https://opalparis.store x-requested-with: com.instagram.android sec-fetch-site: same-origin sec-fetch-mode: cors sec-fetch-dest: empty referer: https://opalparis.store/ accept-encoding: gzip, deflate, br, zstd accept-language: en-GB,en-US;q=0.9,en;q=0.8 priority: u=1, i cookie: sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2025-07-23%2010%3A19%3A18%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first_add=fd%3D2025-07-23%2010%3A19%3A18%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Linux%3B%20Android%2015%3B%20SM-A165F%20Build%2FAP3A.240905.015.A2%3B%20wv%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Version%2F4.0%20Chrome%2F138.0.7204.67%20Mobile%20Safari%2F537.36%20Instagram%20389.0.0.49.87%20Android%20%2835%2F15%3B%20480dpi%3B%201080x2340%3B%20samsung%3B%20SM-A165F%3B%20a16%3B%20mt6789%3B%20en_GB%3B%20763654648%3B%20IABMV%2F1%29; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2F; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; _fbp=fb.1.1753265958565.83878817266825758; _fbc=fb.1.1753265958580.PAZXh0bgNhZW0CMTAAAadiVAAxSIyDURbkD0lELCRiSVPhTRoxGoZg7v5pV6fvRpqU-8bSQ4IKkiZg9Q_aem_kqM_82vqIVVSoHw7w1Okxw --ff75a61f-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Set-Cookie: PHPSESSID=ufl9pp117hle76jvqh2cql1auv; expires=Tue, 21 Oct 2025 10:19:20 GMT; Max-Age=7776000; path=/; domain=opalparis.store; HttpOnly; SameSite=lax Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --ff75a61f-E-- --ff75a61f-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIC3JpJtMdVA_1kExR0P1AAAABU"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIC3JpJtMdVA_1kExR0P1AAAABU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753265958841891 2158852 (- - -) Stopwatch2: 1753265958841891 2158852; combined=12422, p1=768, p2=11161, p3=260, p4=54, p5=179, sr=133, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ff75a61f-Z-- --a3289b0e-A-- [23/Jul/2025:13:26:28.596644 +0300] aIC40jSlzRK7A2fl0tg-WAAAAJM 35.205.201.80 42278 127.0.0.1 7081 --a3289b0e-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: opalparis.store X-Real-IP: 35.205.201.80 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 --a3289b0e-F-- HTTP/1.1 500 Internal Server Error X-Powered-By: PHP/8.3.23 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --a3289b0e-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "opalparis.store"] [uri "/wp-json/wp/v2/users/"] [unique_id "aIC40jSlzRK7A2fl0tg-WAAAAJM"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 20480 bytes) in /var/www/vhosts/opalparis.store/httpdocs/wp-includes/rest-api/endpoints/class-wp-rest-search-controller.php on line 283; PHP message: PHP Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 65536 bytes) in /var/www/vhosts/opalparis.store/httpdocs/wp-includes/functions.php on line 3848' Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753266386748991 1847750 (- - -) Stopwatch2: 1753266386748991 1847750; combined=3045, p1=591, p2=2168, p3=0, p4=0, p5=285, sr=189, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a3289b0e-Z-- --498f4b51-A-- [23/Jul/2025:13:27:15.854697 +0300] aIC5AzfVyTqsOoOtZ6BwMAAAANg 212.28.242.186 38692 127.0.0.1 7081 --498f4b51-B-- GET /administration/index.php?code=4/0AVMBsJhxGypWdWaXvZA1FARDxPdTPpEgv5DyKl5Vyq0N1KR7GxXmj8K8P3lLJOL6eacocA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: college.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=aalgg7v401j1akavffhab1q5d6 --498f4b51-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3649 Content-Type: text/html; charset=UTF-8 --498f4b51-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||college.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||college.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "college.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIC5AzfVyTqsOoOtZ6BwMAAAANg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/college.jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753266435380130 474716 (- - -) Stopwatch2: 1753266435380130 474716; combined=4717, p1=642, p2=3802, p3=115, p4=57, p5=101, sr=269, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --498f4b51-Z-- --5ea2fb24-A-- [23/Jul/2025:13:28:34.527437 +0300] aIC5UjSlzRK7A2fl0thAlAAAAIA 78.153.140.218 34124 127.0.0.1 7081 --5ea2fb24-B-- GET /.env HTTP/1.0 Host: haddadjewellery.com X-Real-IP: 78.153.140.218 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.172 Safari/537.22 --5ea2fb24-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 21 Jan 2025 14:39:31 GMT ETag: "328-62c38584f0049" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --5ea2fb24-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "haddadjewellery.com"] [uri "/.env"] [unique_id "aIC5UjSlzRK7A2fl0thAlAAAAIA"] Stopwatch: 1753266514521618 6016 (- - -) Stopwatch2: 1753266514521618 6016; combined=3455, p1=758, p2=2610, p3=0, p4=0, p5=87, sr=172, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5ea2fb24-Z-- --49f42971-A-- [23/Jul/2025:13:28:34.546049 +0300] aIC5UjfVyTqsOoOtZ6BycQAAANA 78.153.140.218 34132 127.0.0.1 7081 --49f42971-B-- GET /.env HTTP/1.0 Host: www.haddadjewellery.com X-Real-IP: 78.153.140.218 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36 --49f42971-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 21 Jan 2025 14:39:31 GMT ETag: "328-62c38584f0049" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --49f42971-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.haddadjewellery.com"] [uri "/.env"] [unique_id "aIC5UjfVyTqsOoOtZ6BycQAAANA"] Stopwatch: 1753266514541800 4334 (- - -) Stopwatch2: 1753266514541800 4334; combined=2446, p1=526, p2=1853, p3=0, p4=0, p5=67, sr=134, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --49f42971-Z-- --45edef5f-A-- [23/Jul/2025:13:28:42.479870 +0300] aIC5WjfVyTqsOoOtZ6BytwAAANU 78.153.140.218 35194 127.0.0.1 7081 --45edef5f-B-- GET /api/.env HTTP/1.0 Host: haddadjewellery.com X-Real-IP: 78.153.140.218 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; fr; rv:1.9.0.14) Gecko/2009090216 Ubuntu/8.04 (hardy) Firefox/3.0.14 --45edef5f-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 21 Jan 2025 14:39:31 GMT ETag: "328-62c38584f0049" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --45edef5f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "haddadjewellery.com"] [uri "/api/.env"] [unique_id "aIC5WjfVyTqsOoOtZ6BytwAAANU"] Stopwatch: 1753266522474474 5489 (- - -) Stopwatch2: 1753266522474474 5489; combined=2901, p1=593, p2=2236, p3=0, p4=0, p5=71, sr=172, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --45edef5f-Z-- --17dde465-A-- [23/Jul/2025:13:36:58.852293 +0300] aIC7SjSlzRK7A2fl0thHtgAAAJU 212.28.242.186 45170 127.0.0.1 7081 --17dde465-B-- GET /administration/index.php?code=4/0AVMBsJi82ptcPY-92miYTFb2z0sMlcRtPYl9ZC1CKaw1SlOaP7-TrKR-Va0VjjEZq8Y8EA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=e6b1bq0tafquf0v7nj766pssg5 --17dde465-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --17dde465-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIC7SjSlzRK7A2fl0thHtgAAAJU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753267018421008 431589 (- - -) Stopwatch2: 1753267018421008 431589; combined=4870, p1=662, p2=3852, p3=149, p4=60, p5=147, sr=188, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --17dde465-Z-- --6b83bd66-A-- [23/Jul/2025:13:37:03.335242 +0300] aIC7TzfVyTqsOoOtZ6CAxgAAAMo 212.28.242.186 40194 127.0.0.1 7081 --6b83bd66-B-- GET /administration/index.php?code=4/0AVMBsJi82ptcPY-92miYTFb2z0sMlcRtPYl9ZC1CKaw1SlOaP7-TrKR-Va0VjjEZq8Y8EA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=e6b1bq0tafquf0v7nj766pssg5 --6b83bd66-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --6b83bd66-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIC7TzfVyTqsOoOtZ6CAxgAAAMo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753267023035927 299444 (- - -) Stopwatch2: 1753267023035927 299444; combined=7738, p1=770, p2=6622, p3=127, p4=75, p5=144, sr=236, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6b83bd66-Z-- --a5dfa22e-A-- [23/Jul/2025:13:45:55.766198 +0300] aIC9Y5JtMdVA_1kExR0Y7QAAAAQ 212.28.242.186 36676 127.0.0.1 7081 --a5dfa22e-B-- GET /administration/index.php?code=4/0AVMBsJhdqMWW5g5UoMBxhh6CZoK3boDnEbZuBRxFC1tawe2wVHpdH4FYzKsSHUDqoCwfKg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=21bpo7shvcragcdcm1a0pbtd05 --a5dfa22e-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --a5dfa22e-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIC9Y5JtMdVA_1kExR0Y7QAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753267555033612 732809 (- - -) Stopwatch2: 1753267555033612 732809; combined=4504, p1=612, p2=3583, p3=133, p4=53, p5=123, sr=169, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a5dfa22e-Z-- --b9c8b801-A-- [23/Jul/2025:13:48:34.441072 +0300] aIC-ATfVyTqsOoOtZ6CUsgAAANU 212.28.242.186 41904 127.0.0.1 7081 --b9c8b801-B-- GET /administration/index.php?code=4/0AVMBsJigEjeYqUBTd27xJM9YwSnAKe257HL1NzKNXp_6z2bjdnckGZ9YY7FNodejRzE9lw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br, zstd referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 priority: u=0, i cookie: PHPSESSID=anno2jtglbfpf1prcl9m0t74l4 --b9c8b801-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --b9c8b801-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIC-ATfVyTqsOoOtZ6CUsgAAANU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753267713943185 498117 (- - -) Stopwatch2: 1753267713943185 498117; combined=4725, p1=489, p2=3897, p3=138, p4=71, p5=130, sr=151, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b9c8b801-Z-- --51b06467-A-- [23/Jul/2025:13:56:41.114292 +0300] aIC_6ZJtMdVA_1kExR0cxAAAAA0 93.123.109.64 43150 127.0.0.1 7081 --51b06467-B-- GET /.git/config HTTP/1.0 Host: own-dev.com X-Real-IP: 93.123.109.64 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux i686; rv:32.0) Gecko/20100101 Firefox/32.0 Accept-Charset: utf-8 Accept-Encoding: gzip --51b06467-F-- HTTP/1.1 404 Not Found Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Next-Router-Segment-Prefetch,Accept-Encoding Content-Encoding: gzip link: </_next/static/media/a901a185d5dbd5ee-s.p.ttf>; rel=preload; as="font"; crossorigin=""; type="font/ttf", </own logo.png>; rel=preload; as="image" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Upgrade: h2,h2c Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --51b06467-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "own-dev.com"] [uri "/.git/config"] [unique_id "aIC_6ZJtMdVA_1kExR0cxAAAAA0"] Stopwatch: 1753268201023623 90814 (- - -) Stopwatch2: 1753268201023623 90814; combined=2913, p1=554, p2=2049, p3=89, p4=126, p5=94, sr=154, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --51b06467-Z-- --c5b25662-A-- [23/Jul/2025:13:58:32.108017 +0300] aIDAVzfVyTqsOoOtZ6Cj-AAAAM4 195.112.198.68 36972 127.0.0.1 7081 --c5b25662-B-- GET /administration/index.php?code=4/0AVMBsJj61_cYufngP8FErk-ku0ymhDs5LfTK10KKU6oWVi18z182VUca2ws3cy6TlJ0amA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 195.112.198.68 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=ji5tshcj6kkoa9k3uor9102b35 --c5b25662-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --c5b25662-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIDAVzfVyTqsOoOtZ6Cj-AAAAM4"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753268311679878 428340 (- - -) Stopwatch2: 1753268311679878 428340; combined=4554, p1=558, p2=3540, p3=232, p4=70, p5=154, sr=162, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c5b25662-Z-- --feb1094a-A-- [23/Jul/2025:13:59:43.144992 +0300] aIDAnTfVyTqsOoOtZ6CmAQAAAMI 34.122.134.147 59518 127.0.0.1 7081 --feb1094a-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: opalparis.store X-Real-IP: 34.122.134.147 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 --feb1094a-F-- HTTP/1.1 500 Internal Server Error X-Powered-By: PHP/8.3.23 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --feb1094a-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "opalparis.store"] [uri "/wp-json/wp/v2/users/"] [unique_id "aIDAnTfVyTqsOoOtZ6CmAQAAAMI"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 20480 bytes) in /var/www/vhosts/opalparis.store/httpdocs/wp-includes/rest-api/endpoints/class-wp-rest-search-controller.php on line 283; PHP message: PHP Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 65536 bytes) in /var/www/vhosts/opalparis.store/httpdocs/wp-includes/functions.php on line 3848' Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753268381258603 1886489 (- - -) Stopwatch2: 1753268381258603 1886489; combined=3609, p1=628, p2=2736, p3=0, p4=0, p5=244, sr=169, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --feb1094a-Z-- --fb23601a-A-- [23/Jul/2025:14:02:18.254144 +0300] aIDBOTSlzRK7A2fl0thbLQAAAI0 195.112.198.68 53668 127.0.0.1 7081 --fb23601a-B-- GET /administration/index.php?code=4/0AVMBsJjXCke48f8sLMV-muGay9ZXrRymyJAZbmhLpy5HB9IqnXleksYEqjU_WuB4gcJ-yA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 195.112.198.68 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br accept-language: en-US,en;q=0.9 cookie: PHPSESSID=60s6r51vcodcerq60go9florq1 --fb23601a-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --fb23601a-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIDBOTSlzRK7A2fl0thbLQAAAI0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753268537788148 466189 (- - -) Stopwatch2: 1753268537788148 466189; combined=5432, p1=732, p2=4316, p3=145, p4=93, p5=145, sr=261, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fb23601a-Z-- --926f981e-A-- [23/Jul/2025:14:03:23.849901 +0300] aIDBezSlzRK7A2fl0thcGgAAAIk 195.112.198.68 52288 127.0.0.1 7081 --926f981e-B-- GET /administration/index.php?code=4/0AVMBsJjXCke48f8sLMV-muGay9ZXrRymyJAZbmhLpy5HB9IqnXleksYEqjU_WuB4gcJ-yA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 195.112.198.68 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br accept-language: en-US,en;q=0.9 cookie: PHPSESSID=60s6r51vcodcerq60go9florq1 --926f981e-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --926f981e-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIDBezSlzRK7A2fl0thcGgAAAIk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753268603544271 305819 (- - -) Stopwatch2: 1753268603544271 305819; combined=5572, p1=714, p2=4435, p3=125, p4=73, p5=224, sr=182, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --926f981e-Z-- --6f9dbd77-A-- [23/Jul/2025:14:07:33.258595 +0300] aIDCdTSlzRK7A2fl0thflQAAAII 69.163.184.191 37572 127.0.0.1 7081 --6f9dbd77-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: riyadhchocolate.com X-Real-IP: 69.163.184.191 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 accept-language: en-US,en;q=0.5 sec-fetch-mode: navigate sec-fetch-site: same-origin sec-fetch-user: ?1 referer: http://riyadhchocolate.com/wp-login.php accept-encoding: gzip, deflate, br upgrade-insecure-requests: 1 sec-fetch-dest: document cookie: wordpress_test_cookie=WP%20Cookie%20check --6f9dbd77-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT ETag: "328-631485999ce56" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --6f9dbd77-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "riyadhchocolate.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIDCdTSlzRK7A2fl0thflQAAAII"] Stopwatch: 1753268853253192 5599 (- - -) Stopwatch2: 1753268853253192 5599; combined=3648, p1=469, p2=3047, p3=0, p4=0, p5=131, sr=137, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6f9dbd77-Z-- --d57ef943-A-- [23/Jul/2025:14:16:17.930803 +0300] aIDEgTfVyTqsOoOtZ6DBOgAAAMg 212.28.242.186 59034 127.0.0.1 7081 --d57ef943-B-- GET /administration/index.php?code=4/0AVMBsJiy5atZSpqQXDpwwLTrRDKGTbEO3yvexEFx5tQHl7oOy9J8dpVXTKUfXqtUtOvdYg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: ar-LB,ar;q=0.9,en-LB;q=0.8,en;q=0.7,en-US;q=0.6 priority: u=0, i cookie: PHPSESSID=tull8t6h7upgkrvn3f0a3fovd7 --d57ef943-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --d57ef943-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIDEgTfVyTqsOoOtZ6DBOgAAAMg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753269377473732 457325 (- - -) Stopwatch2: 1753269377473732 457325; combined=6713, p1=714, p2=5650, p3=140, p4=77, p5=131, sr=182, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d57ef943-Z-- --af47d42e-A-- [23/Jul/2025:14:16:24.508761 +0300] aIDEiDfVyTqsOoOtZ6DBTAAAAMs 195.112.198.68 38620 127.0.0.1 7081 --af47d42e-B-- GET /administration/index.php?code=4/0AVMBsJgMxamUqDJkAZbKAawK6lSd9FLeWCKMztuXxeo-r5IOcYNgOlV6Wtu6lqHlqLoqaQ&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 195.112.198.68 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br, zstd referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 priority: u=0, i cookie: PHPSESSID=evak6koe8u1e9hkip4n2n75bv3 --af47d42e-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --af47d42e-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIDEiDfVyTqsOoOtZ6DBTAAAAMs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753269384057251 451632 (- - -) Stopwatch2: 1753269384057251 451632; combined=4646, p1=588, p2=3684, p3=119, p4=86, p5=169, sr=140, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --af47d42e-Z-- --b93ea924-A-- [23/Jul/2025:14:18:27.986827 +0300] aIDFAzSlzRK7A2fl0thoigAAAJE 195.112.198.68 38632 127.0.0.1 7081 --b93ea924-B-- GET /administration/index.php?code=4/0AVMBsJh9w6WfpWooNPQh8HQMmHUP_N1RHfNEmSnyNdI_BxUssMOdDDV6SYqIPnc9boZeXA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: college.jinansystem.com X-Real-IP: 195.112.198.68 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=56us622j2vc3cdak3cc8knsbd3 --b93ea924-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3649 Content-Type: text/html; charset=UTF-8 --b93ea924-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||college.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||college.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "college.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIDFAzSlzRK7A2fl0thoigAAAJE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/college.jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753269507500628 486336 (- - -) Stopwatch2: 1753269507500628 486336; combined=5089, p1=660, p2=4113, p3=109, p4=62, p5=145, sr=179, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b93ea924-Z-- --5657a153-A-- [23/Jul/2025:14:20:55.711755 +0300] aIDFlzfVyTqsOoOtZ6DI1wAAAMw 212.28.242.186 48078 127.0.0.1 7081 --5657a153-B-- GET /administration/index.php?code=4/0AVMBsJhzo5u4WFq8FMBATF4EW_4-aK7K7IoMyuwJIAhIabCDmgk2VgOJz3JmKpF81qNMcw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9,ar;q=0.8 priority: u=0, i cookie: PHPSESSID=2d6ou4jffsrigq3kbh24k83j61 --5657a153-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --5657a153-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIDFlzfVyTqsOoOtZ6DI1wAAAMw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753269655230114 481827 (- - -) Stopwatch2: 1753269655230114 481827; combined=5477, p1=724, p2=4387, p3=137, p4=71, p5=157, sr=278, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5657a153-Z-- --4a0ccf16-A-- [23/Jul/2025:14:21:55.002218 +0300] aIDF0jSlzRK7A2fl0thrSgAAAIE 195.112.198.68 59880 127.0.0.1 7081 --4a0ccf16-B-- GET /administration/index.php?code=4/0AVMBsJgBAc-opjQReXpN7UFZE9nTv7JX9b0Uco2Z49nVL_IrtkibsrCAdtwSVuPXhDXlng&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 195.112.198.68 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 Firefox/128.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br, zstd referer: https://accounts.google.com/ upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 priority: u=0, i cookie: PHPSESSID=u7h4sbrbkkltqd28hiiburgcj6 --4a0ccf16-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --4a0ccf16-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIDF0jSlzRK7A2fl0thrSgAAAIE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753269714545334 457081 (- - -) Stopwatch2: 1753269714545334 457081; combined=5039, p1=605, p2=4137, p3=99, p4=65, p5=133, sr=172, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4a0ccf16-Z-- --5d21032c-A-- [23/Jul/2025:14:28:38.109623 +0300] aIDHZjSlzRK7A2fl0thwmQAAAIU 172.93.102.107 50340 127.0.0.1 7081 --5d21032c-B-- GET /.git/config HTTP/1.0 Host: casa-eg.com X-Real-IP: 172.93.102.107 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozila/5.0 Referer: http://casa-eg.com/.git/config Accept-Encoding: gzip --5d21032c-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 09 Oct 2022 09:06:36 GMT ETag: "328-5ea965c36c41b" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --5d21032c-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "casa-eg.com"] [uri "/.git/config"] [unique_id "aIDHZjSlzRK7A2fl0thwmQAAAIU"] Stopwatch: 1753270118105105 4606 (- - -) Stopwatch2: 1753270118105105 4606; combined=2472, p1=501, p2=1905, p3=0, p4=0, p5=65, sr=148, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5d21032c-Z-- --a6c25e26-A-- [23/Jul/2025:14:30:29.625845 +0300] aIDH1TfVyTqsOoOtZ6DYQQAAANg 212.28.242.186 38754 127.0.0.1 7081 --a6c25e26-B-- GET /administration/index.php?code=4/0AVMBsJhzJ4QN4ERaqoMMah05zePBLSmCEiw502nYkFH4OUCgYvHzrEIRraIUWiMbwww4YQ&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=1&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en,en-US;q=0.9 priority: u=0, i cookie: PHPSESSID=090imudla8j79gkvb64p1h6qf3 --a6c25e26-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --a6c25e26-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIDH1TfVyTqsOoOtZ6DYQQAAANg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753270229195547 430495 (- - -) Stopwatch2: 1753270229195547 430495; combined=4543, p1=467, p2=3617, p3=182, p4=58, p5=218, sr=129, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a6c25e26-Z-- --64bcb902-A-- [23/Jul/2025:14:32:34.385127 +0300] aIDIUTfVyTqsOoOtZ6Da8QAAANM 212.28.242.186 39146 127.0.0.1 7081 --64bcb902-B-- GET /administration/index.php?code=4/0AVMBsJjT_l_Jb10tspy8Vk-s3d9RqzPX45NxvFBgRONG25-Ow89tlNPU2f1cdEN9efX9_g&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=28l4nn9cd51dd1g028foj41tf4 --64bcb902-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --64bcb902-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIDIUTfVyTqsOoOtZ6Da8QAAANM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753270353950241 435086 (- - -) Stopwatch2: 1753270353950241 435086; combined=4520, p1=533, p2=3628, p3=136, p4=76, p5=146, sr=139, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --64bcb902-Z-- --ab51f226-A-- [23/Jul/2025:14:35:53.801870 +0300] aIDJGTfVyTqsOoOtZ6DgwwAAAM0 212.28.242.186 57568 127.0.0.1 7081 --ab51f226-B-- GET /administration/index.php?code=4/0AVMBsJj9NYDZxveP4UX8E4zhapV_pC5KYwsICP3j2SC51RfLBlp_c5qaOgy7jbtNE6XEUA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=tqq67ndqtps8b9f09ctrmell61 --ab51f226-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --ab51f226-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIDJGTfVyTqsOoOtZ6DgwwAAAM0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753270553376862 425201 (- - -) Stopwatch2: 1753270553376862 425201; combined=5293, p1=644, p2=4150, p3=224, p4=62, p5=212, sr=175, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ab51f226-Z-- --3f811960-A-- [23/Jul/2025:14:40:26.931499 +0300] aIDKKjfVyTqsOoOtZ6DpAwAAAMI 212.28.242.186 45548 127.0.0.1 7081 --3f811960-B-- GET /administration/index.php?code=4/0Adeu5BWJqp0VhuiwaNY5tIfRjaU_6zwyaG074BAPKoHkGkxup5c7VMiqllW_q4NRVOOSgA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=1&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: none sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i --3f811960-F-- HTTP/1.1 302 Moved Temporarily Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: PHPSESSID=k1d4r1do9642aaho7u6gbhqij1; path=/ Upgrade: h2,h2c Connection: Upgrade, close Location: https://www.jinansystem.com/login.php Content-Length: 0 Content-Type: text/html; charset=UTF-8 --3f811960-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIDKKjfVyTqsOoOtZ6DpAwAAAMI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753270826923583 8091 (- - -) Stopwatch2: 1753270826923583 8091; combined=4277, p1=586, p2=3483, p3=77, p4=32, p5=99, sr=170, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3f811960-Z-- --4196a72c-A-- [23/Jul/2025:14:41:27.723123 +0300] aIDKZzfVyTqsOoOtZ6DrfAAAAMU 212.28.242.186 45378 127.0.0.1 7081 --4196a72c-B-- GET /administration/index.php?code=4/0AVMBsJjnnqDq-zySPtKaPYgNm4i4IGr2osec7tpC8j8tbPeglnw_Y0wHK2lpxP2lkhRtLg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=1&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Microsoft Edge";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=k1d4r1do9642aaho7u6gbhqij1 --4196a72c-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --4196a72c-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIDKZzfVyTqsOoOtZ6DrfAAAAMU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753270887258811 464506 (- - -) Stopwatch2: 1753270887258811 464506; combined=4718, p1=733, p2=3672, p3=113, p4=68, p5=131, sr=191, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4196a72c-Z-- --7593ea1e-A-- [23/Jul/2025:14:45:33.072839 +0300] aIDLXDfVyTqsOoOtZ6DyngAAANA 185.177.72.210 37482 127.0.0.1 7081 --7593ea1e-B-- GET /httpd.conf HTTP/1.0 Host: hamomohsen.net X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7593ea1e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --7593ea1e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||hamomohsen.net|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||hamomohsen.net|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "hamomohsen.net"] [uri "/httpd.conf"] [unique_id "aIDLXDfVyTqsOoOtZ6DyngAAANA"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning: PHP Request Startup: open_basedir restriction in effect. File(/var/cpanel/php/sessions/ea-php82) is not within the allowed path(s): (/var/www/vhosts/hamomohsen.net/:/tmp/) in Unknown on line 0' Apache-Handler: proxy:unix:/var/www/vhosts/system/hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753271132819113 253841 (- - -) Stopwatch2: 1753271132819113 253841; combined=3291, p1=618, p2=2458, p3=0, p4=0, p5=214, sr=225, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7593ea1e-Z-- --25ece856-A-- [23/Jul/2025:14:45:33.392753 +0300] aIDLXTSlzRK7A2fl0th9-AAAAIk 185.177.72.210 58922 127.0.0.1 7081 --25ece856-B-- GET /apps/.env HTTP/1.0 Host: hamomohsen.net X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --25ece856-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --25ece856-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hamomohsen.net"] [uri "/apps/.env"] [unique_id "aIDLXTSlzRK7A2fl0th9-AAAAIk"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning: PHP Request Startup: open_basedir restriction in effect. File(/var/cpanel/php/sessions/ea-php82) is not within the allowed path(s): (/var/www/vhosts/hamomohsen.net/:/tmp/) in Unknown on line 0' Apache-Handler: proxy:unix:/var/www/vhosts/system/hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753271133131895 261019 (- - -) Stopwatch2: 1753271133131895 261019; combined=2737, p1=674, p2=1931, p3=0, p4=0, p5=131, sr=257, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --25ece856-Z-- --308c7765-A-- [23/Jul/2025:14:45:33.973578 +0300] aIDLXTSlzRK7A2fl0th9-gAAAJg 185.177.72.210 58946 127.0.0.1 7081 --308c7765-B-- GET /api/.env HTTP/1.0 Host: hamomohsen.net X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --308c7765-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Access-Control-Allow-Origin: * Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --308c7765-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hamomohsen.net"] [uri "/api/.env"] [unique_id "aIDLXTSlzRK7A2fl0th9-gAAAJg"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning: PHP Request Startup: open_basedir restriction in effect. File(/var/cpanel/php/sessions/ea-php82) is not within the allowed path(s): (/var/www/vhosts/hamomohsen.net/:/tmp/) in Unknown on line 0' Apache-Handler: proxy:unix:/var/www/vhosts/system/hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753271133735939 237750 (- - -) Stopwatch2: 1753271133735939 237750; combined=2787, p1=697, p2=1810, p3=0, p4=0, p5=279, sr=199, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --308c7765-Z-- --a4b8984b-A-- [23/Jul/2025:14:45:34.349557 +0300] aIDLXjfVyTqsOoOtZ6DyoQAAAM8 185.177.72.210 58964 127.0.0.1 7081 --a4b8984b-B-- GET /blog/.env HTTP/1.0 Host: hamomohsen.net X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a4b8984b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 Set-Cookie: XSRF-TOKEN=eyJpdiI6InI2TG5QUjVrbTJ6YTRpNVhESSthUEE9PSIsInZhbHVlIjoiWlRBaCtKU0V2LzBva0tWcUVvK2w1SzgwUnExUVY0UUtuMWJDUlBwMWVZRVRWYngwU0ZrZzQ4QnRVUjJTZ0U5YXI3MmU4eHQwZHMvdytPdXR3cm80Qkg3N0l5NnhleEtOWDJxbmRRYjRBWlRteHkwZzhCQ3JmVlBhMVdrNFdVRnUiLCJtYWMiOiIyNjk5NmE1NWZjYWI0YzdjMGUwZTAyMmU3ZGM5ZjBjNDNmZmVjOGNjMDc2ZWM5NDE0ZjFlM2I1YTI0YTYyOGNmIiwidGFnIjoiIn0%3D; expires=Wed, 23 Jul 2025 13:45:34 GMT; Max-Age=7200; path=/; secure; samesite=lax Set-Cookie: hamo_session=eyJpdiI6IkdBZzU5cnlUY3hES21vV1dRTlJkWlE9PSIsInZhbHVlIjoiY1FEam5ISWgyZlcyNXNaczRINXFSeVZURjIvWWR0QnRtS3gyd0pUd0l1cno0NmUxbW8xUmRUTTNoZmNGaUNNQ3RYM2tuYm5MWjNLQW9QYWd0MURZZ3NHS1JTdnkxbzhoZ3dTbTJTNlNjSk1pQSs3WFJiRnhhTWhlVjdkam1SUWYiLCJtYWMiOiIxYTc5NDFjZGJmZTc0NTRlZTIyNmFlYWU0ZmQwMTJhNTMxZmI3MGQ2MGNjNDcxZWJmZmQ5ZGEzNzJkYTNkZjczIiwidGFnIjoiIn0%3D; expires=Wed, 23 Jul 2025 13:45:34 GMT; Max-Age=7200; path=/; httponly; samesite=lax Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 5303 Content-Type: text/html; charset=UTF-8 --a4b8984b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hamomohsen.net"] [uri "/blog/.env"] [unique_id "aIDLXjfVyTqsOoOtZ6DyoQAAAM8"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning: PHP Request Startup: open_basedir restriction in effect. File(/var/cpanel/php/sessions/ea-php82) is not within the allowed path(s): (/var/www/vhosts/hamomohsen.net/:/tmp/) in Unknown on line 0' Apache-Handler: proxy:unix:/var/www/vhosts/system/hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753271134032986 316711 (- - -) Stopwatch2: 1753271134032986 316711; combined=2588, p1=554, p2=1810, p3=0, p4=0, p5=223, sr=176, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a4b8984b-Z-- --358da90a-A-- [23/Jul/2025:14:45:34.663543 +0300] aIDLXjfVyTqsOoOtZ6DyogAAAM4 185.177.72.210 58976 127.0.0.1 7081 --358da90a-B-- GET /.env.production HTTP/1.0 Host: hamomohsen.net X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --358da90a-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --358da90a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hamomohsen.net"] [uri "/.env.production"] [unique_id "aIDLXjfVyTqsOoOtZ6DyogAAAM4"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning: PHP Request Startup: open_basedir restriction in effect. File(/var/cpanel/php/sessions/ea-php82) is not within the allowed path(s): (/var/www/vhosts/hamomohsen.net/:/tmp/) in Unknown on line 0' Apache-Handler: proxy:unix:/var/www/vhosts/system/hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753271134406941 256713 (- - -) Stopwatch2: 1753271134406941 256713; combined=3146, p1=684, p2=2222, p3=0, p4=0, p5=239, sr=197, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --358da90a-Z-- --3912172a-A-- [23/Jul/2025:14:45:34.955427 +0300] aIDLXjfVyTqsOoOtZ6DypAAAANc 185.177.72.210 59000 127.0.0.1 7081 --3912172a-B-- GET /protected/.env HTTP/1.0 Host: hamomohsen.net X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3912172a-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --3912172a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hamomohsen.net"] [uri "/protected/.env"] [unique_id "aIDLXjfVyTqsOoOtZ6DypAAAANc"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning: PHP Request Startup: open_basedir restriction in effect. File(/var/cpanel/php/sessions/ea-php82) is not within the allowed path(s): (/var/www/vhosts/hamomohsen.net/:/tmp/) in Unknown on line 0' Apache-Handler: proxy:unix:/var/www/vhosts/system/hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753271134720541 234997 (- - -) Stopwatch2: 1753271134720541 234997; combined=3009, p1=702, p2=2166, p3=0, p4=0, p5=140, sr=176, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3912172a-Z-- --cab48752-A-- [23/Jul/2025:14:45:35.254901 +0300] aIDLXzSlzRK7A2fl0th9-wAAAJI 185.177.72.210 59038 127.0.0.1 7081 --cab48752-B-- GET /config/.env HTTP/1.0 Host: hamomohsen.net X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --cab48752-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --cab48752-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hamomohsen.net"] [uri "/config/.env"] [unique_id "aIDLXzSlzRK7A2fl0th9-wAAAJI"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning: PHP Request Startup: open_basedir restriction in effect. File(/var/cpanel/php/sessions/ea-php82) is not within the allowed path(s): (/var/www/vhosts/hamomohsen.net/:/tmp/) in Unknown on line 0' Apache-Handler: proxy:unix:/var/www/vhosts/system/hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753271135012098 242897 (- - -) Stopwatch2: 1753271135012098 242897; combined=3894, p1=677, p2=3034, p3=0, p4=0, p5=182, sr=168, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cab48752-Z-- --150ae31e-A-- [23/Jul/2025:14:47:39.790968 +0300] aIDL2zfVyTqsOoOtZ6D2JgAAAMo 212.28.242.186 40258 127.0.0.1 7081 --150ae31e-B-- GET /administration/index.php?code=4/0AVMBsJiPzGmC8xTcvvcS1_5yUaszACmf8PAF7hBMRcl55DBGnz8ZyMt6T1eTfmob8o83tg&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br accept-language: en-US,en;q=0.9 cookie: PHPSESSID=hb4tbhpvgnvr3gd1el06167ld7 --150ae31e-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3671 Content-Type: text/html; charset=UTF-8 --150ae31e-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIDL2zfVyTqsOoOtZ6D2JgAAAMo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753271259349982 441151 (- - -) Stopwatch2: 1753271259349982 441151; combined=5074, p1=776, p2=3926, p3=194, p4=60, p5=117, sr=316, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --150ae31e-Z-- --3b433105-A-- [23/Jul/2025:14:50:14.463177 +0300] aIDMdjfVyTqsOoOtZ6D6hAAAAMw 212.28.242.186 51482 127.0.0.1 7081 --3b433105-B-- GET /administration/index.php?code=4/0AVMBsJjjqowXiwJgfgK1HcsSPFNQQaFFJVNVYiqlO-F7UX5GyOSbI3aSjlVRGWXNZCeT3A&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=1&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9,ar;q=0.8 priority: u=0, i cookie: PHPSESSID=t9n9osfhbc44102brtbgn3s816 --3b433105-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --3b433105-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIDMdjfVyTqsOoOtZ6D6hAAAAMw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753271414047688 415674 (- - -) Stopwatch2: 1753271414047688 415674; combined=4857, p1=729, p2=3689, p3=162, p4=95, p5=181, sr=178, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3b433105-Z-- --61bd2673-A-- [23/Jul/2025:14:53:52.558545 +0300] aIDNUDSlzRK7A2fl0tiEfwAAAIY 77.90.153.170 34144 127.0.0.1 7081 --61bd2673-B-- GET /.git/config HTTP/1.0 Host: app.jinansystem.com X-Real-IP: 77.90.153.170 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 9; BLA-L29) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.101 Mobile Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --61bd2673-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --61bd2673-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "app.jinansystem.com"] [uri "/.git/config"] [unique_id "aIDNUDSlzRK7A2fl0tiEfwAAAIY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/app.jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753271632425023 133618 (- - -) Stopwatch2: 1753271632425023 133618; combined=4382, p1=964, p2=3334, p3=0, p4=0, p5=84, sr=356, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --61bd2673-Z-- --393b112f-A-- [23/Jul/2025:14:55:51.775763 +0300] aIDNxzfVyTqsOoOtZ6AEQgAAANE 212.28.242.186 38926 127.0.0.1 7081 --393b112f-B-- GET /administration/index.php?code=4/0AVMBsJi4n7-XfUjlJ4Cs8ZUyyuWfP8tqAtxVMxFul17J7P3K-pwaGfHJtcx7vYyXmPuf2g&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 212.28.242.186 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=h4dntrgoji6oae45sta0c4ir57 --393b112f-F-- HTTP/1.1 302 Moved Temporarily Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Location: https://www.jinansystem.com/login.php Content-Length: 0 Content-Type: text/html; charset=UTF-8 --393b112f-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIDNxzfVyTqsOoOtZ6AEQgAAANE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753271751764398 11571 (- - -) Stopwatch2: 1753271751764398 11571; combined=5090, p1=510, p2=4339, p3=74, p4=47, p5=119, sr=162, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --393b112f-Z-- --54db1607-A-- [23/Jul/2025:15:01:43.974499 +0300] aIDPJTfVyTqsOoOtZ6AODAAAAMQ 197.37.187.63 43066 127.0.0.1 7081 --54db1607-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 197.37.187.63 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 670 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 381.1.2.26.83 (iPhone11,6; iOS 18_5; en_US; en; scale=3.00; 1242x2688; IABMV/1; 737297623) referer: https://opalparis.store/my-account/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753272077470.PAZXh0bgNhZW0CMTAAAadM_Tpzr6FRFvWyHNI-_2e_SLZDXttA72CgOZzCp5atmnavctyQbw7TrQxqYw_aem_BLSpKSAKO6pVr1DYEPfMhA; _fbp=fb.1.1753271801131.881201212355184295; sbjs_session=pgs%3D3%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fmy-account%2F; tk_lr=%22%22; tk_or=%22%22; tk_r3d=%22%22; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2011%3A56%3A28%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2011%3A56%3A28%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3D%28none%29; sbjs_migrations=1418474375998%3D1; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20381.1.2.26.83%20%28iPhone11%2C6%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201242x2688%3B%20IABMV%2F1%3B%20737297623%29 --54db1607-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Set-Cookie: PHPSESSID=aqpa250unm0kdqqh9sp9jnklo1; expires=Tue, 21 Oct 2025 12:01:43 GMT; Max-Age=7776000; path=/; domain=opalparis.store; HttpOnly; SameSite=lax Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --54db1607-E-- --54db1607-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIDPJTfVyTqsOoOtZ6AODAAAAMQ"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIDPJTfVyTqsOoOtZ6AODAAAAMQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753272101884532 2090163 (- - -) Stopwatch2: 1753272101884532 2090163; combined=13577, p1=825, p2=12343, p3=242, p4=36, p5=131, sr=228, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --54db1607-Z-- --50790b60-A-- [23/Jul/2025:15:03:30.026174 +0300] aIDPkDSlzRK7A2fl0tiMKwAAAIY 197.37.187.63 49868 127.0.0.1 7081 --50790b60-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 197.37.187.63 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 635 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 381.1.2.26.83 (iPhone11,6; iOS 18_5; en_US; en; scale=3.00; 1242x2688; IABMV/1; 737297623) referer: https://opalparis.store/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753272077470.PAZXh0bgNhZW0CMTAAAadM_Tpzr6FRFvWyHNI-_2e_SLZDXttA72CgOZzCp5atmnavctyQbw7TrQxqYw_aem_BLSpKSAKO6pVr1DYEPfMhA; _fbp=fb.1.1753271801131.881201212355184295; PHPSESSID=aqpa250unm0kdqqh9sp9jnklo1; sbjs_session=pgs%3D3%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fmy-account%2F; tk_lr=%22%22; tk_or=%22%22; tk_r3d=%22%22; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2011%3A56%3A28%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2011%3A56%3A28%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3D%28none%29; sbjs_migrations=1418474375998%3D1; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20381.1.2.26.83%20%28iPhone11%2C6%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201242x2688%3B%20IABMV%2F1%3B%20737297623%29 --50790b60-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --50790b60-E-- --50790b60-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIDPkDSlzRK7A2fl0tiMKwAAAIY"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIDPkDSlzRK7A2fl0tiMKwAAAIY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753272208037255 1989131 (- - -) Stopwatch2: 1753272208037255 1989131; combined=20556, p1=1137, p2=18873, p3=315, p4=59, p5=171, sr=185, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --50790b60-Z-- --9f619f74-A-- [23/Jul/2025:15:07:48.634315 +0300] aIDQlDfVyTqsOoOtZ6AYoQAAAMU 108.179.211.98 33616 127.0.0.1 7081 --9f619f74-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: riyadhchocolate.com X-Real-IP: 108.179.211.98 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-fetch-user: ?1 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 referer: http://riyadhchocolate.com/wp-login.php accept-encoding: gzip, deflate, br sec-fetch-dest: document sec-fetch-mode: navigate user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 accept-language: en-US,en;q=0.5 upgrade-insecure-requests: 1 sec-fetch-site: same-origin cookie: wordpress_test_cookie=WP%20Cookie%20check --9f619f74-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT ETag: "328-631485999ce56" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --9f619f74-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "riyadhchocolate.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIDQlDfVyTqsOoOtZ6AYoQAAAMU"] Stopwatch: 1753272468628814 5743 (- - -) Stopwatch2: 1753272468628814 5743; combined=3779, p1=462, p2=3213, p3=0, p4=0, p5=104, sr=161, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9f619f74-Z-- --9a903d64-A-- [23/Jul/2025:15:15:46.602221 +0300] aIDScjfVyTqsOoOtZ6AksgAAAMc 139.59.224.88 48326 127.0.0.1 7081 --9a903d64-B-- GET /.env HTTP/1.0 Host: demo.snapcart.io X-Real-IP: 139.59.224.88 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:83.0) Gecko/20100101 Firefox/83.0 Accept-Encoding: gzip, deflate Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Upgrade-Insecure-Requests: 1 --9a903d64-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Cache-Control: private, must-revalidate pragma: no-cache expires: -1 Set-Cookie: XSRF-TOKEN=eyJpdiI6Im1ScEg4c29PN1lURmx0TUdZTkp0OWc9PSIsInZhbHVlIjoiRzdGU1VpZTgydmJBc2Q1MWd2YzAxTHRFNS9PcG5ZamFmMDNjYWhDc3YzdFZQQjdrOTBRUjJnMmFoRW83REZIbGlmS2QwZGZWYjIrWElVRXRNYXBxUHpDOGxuSlVHcWlDdlhoOUp3ZTY4Z1VjUHRnbndJd00rS3FSWWNGRlU5c2oiLCJtYWMiOiI5YTY4YWRkOWJlY2MxMmIzODcyOGY0MjY5OWM3NTBjNTE2MzNkYjljMDc4ZjU3NmJhNWFkMzZjYzE1NzlkODA4IiwidGFnIjoiIn0%3D; expires=Wed, 23 Jul 2025 14:15:46 GMT; Max-Age=7200; path=/; secure; samesite=lax Set-Cookie: shopking_ecommerce_app_with_laravel_website_admin_panel_with_pos_inventory_management_session=eyJpdiI6IjdBS1RZMy9MSVU2WVA1ZlJXM0wyY0E9PSIsInZhbHVlIjoiSWxPYzZ1MFpwdkRzQzEvTVQ4L1R5U0t4ZlpWVjRXNVltQXFta0ErMDd2blhzU3BqbVM4U1QzMnhxSGJndTc1QjdRRkNyL1BoY0w5NUZEeC80a0pLYWhYdVRubUhEeWYyL0hrQ0kvSHN3U3NZT2N4WmwyOERHcWE2UmZpWGN0SHciLCJtYWMiOiIxN2FiY2I3OTFjZTkyNmY4MTkxNTNiNjAyZjBkNjYxY2VmMGIxM2ZhYmU5YTA4MzdlNzZiMjczOGZlNTgzOWYxIiwidGFnIjoiIn0%3D; expires=Wed, 23 Jul 2025 14:15:46 GMT; Max-Age=7200; path=/; httponly; samesite=lax Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 547 Content-Type: text/html; charset=UTF-8 --9a903d64-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demo.snapcart.io"] [uri "/.env"] [unique_id "aIDScjfVyTqsOoOtZ6AksgAAAMc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/demo.snapcart.io/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753272946081020 521676 (- - -) Stopwatch2: 1753272946081020 521676; combined=7841, p1=5425, p2=2306, p3=0, p4=0, p5=109, sr=206, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9a903d64-Z-- --ab4dcc79-A-- [23/Jul/2025:15:19:42.604565 +0300] aIDTXDfVyTqsOoOtZ6ArCwAAAME 197.37.187.63 51450 127.0.0.1 7081 --ab4dcc79-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 197.37.187.63 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 635 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 381.1.2.26.83 (iPhone11,6; iOS 18_5; en_US; en; scale=3.00; 1242x2688; IABMV/1; 737297623) referer: https://opalparis.store/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753272210525.PAZXh0bgNhZW0CMTAAAadqkytlSimhHgO5fb28CA0VQBev06Xp8R5C2LcFEzf-8pGfEZY-bNKgof8Wcg_aem_kmqQo725KechOlj3qccXhA; _fbp=fb.1.1753271801131.881201212355184295; sbjs_session=pgs%3D6%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2F; tk_lr=%22%22; tk_or=%22%22; tk_r3d=%22%22; PHPSESSID=aqpa250unm0kdqqh9sp9jnklo1; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2011%3A56%3A28%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2011%3A56%3A28%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3D%28none%29; sbjs_migrations=1418474375998%3D1; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20381.1.2.26.83%20%28iPhone11%2C6%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201242x2688%3B%20IABMV%2F1%3B%20737297623%29 --ab4dcc79-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --ab4dcc79-E-- --ab4dcc79-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIDTXDfVyTqsOoOtZ6ArCwAAAME"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIDTXDfVyTqsOoOtZ6ArCwAAAME"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753273180559223 2045539 (- - -) Stopwatch2: 1753273180559223 2045539; combined=16783, p1=1491, p2=14629, p3=332, p4=68, p5=263, sr=236, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ab4dcc79-Z-- --7400362e-A-- [23/Jul/2025:15:22:29.502079 +0300] aIDT_jSlzRK7A2fl0tiZhgAAAIU 197.37.187.63 36522 127.0.0.1 7081 --7400362e-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 197.37.187.63 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 686 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 381.1.2.26.83 (iPhone11,6; iOS 18_5; en_US; en; scale=3.00; 1242x2688; IABMV/1; 737297623) referer: https://opalparis.store/product-category/home-wear/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753273304001.PAZXh0bgNhZW0CMTAAAadqkytlSimhHgO5fb28CA0VQBev06Xp8R5C2LcFEzf-8pGfEZY-bNKgof8Wcg_aem_kmqQo725KechOlj3qccXhA; _fbp=fb.1.1753271801131.881201212355184295; sbjs_session=pgs%3D7%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Fhome-wear%2F; tk_lr=%22%22; tk_or=%22%22; tk_r3d=%22%22; PHPSESSID=aqpa250unm0kdqqh9sp9jnklo1; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2011%3A56%3A28%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2011%3A56%3A28%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3D%28none%29; sbjs_migrations=1418474375998%3D1; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20381.1.2.26.83%20%28iPhone11%2C6%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201242x2688%3B%20IABMV%2F1%3B%20737297623%29 --7400362e-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --7400362e-E-- --7400362e-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIDT_jSlzRK7A2fl0tiZhgAAAIU"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIDT_jSlzRK7A2fl0tiZhgAAAIU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753273342407402 7094933 (- - -) Stopwatch2: 1753273342407402 7094933; combined=12488, p1=1010, p2=11158, p3=165, p4=31, p5=123, sr=192, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7400362e-Z-- --070b6916-A-- [23/Jul/2025:15:22:30.460178 +0300] aIDUBDfVyTqsOoOtZ6At5wAAANI 197.37.187.63 38172 127.0.0.1 7081 --070b6916-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 197.37.187.63 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 635 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 381.1.2.26.83 (iPhone11,6; iOS 18_5; en_US; en; scale=3.00; 1242x2688; IABMV/1; 737297623) referer: https://opalparis.store/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753273304001.PAZXh0bgNhZW0CMTAAAadqkytlSimhHgO5fb28CA0VQBev06Xp8R5C2LcFEzf-8pGfEZY-bNKgof8Wcg_aem_kmqQo725KechOlj3qccXhA; _fbp=fb.1.1753271801131.881201212355184295; sbjs_session=pgs%3D7%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Fhome-wear%2F; tk_lr=%22%22; tk_or=%22%22; tk_r3d=%22%22; PHPSESSID=aqpa250unm0kdqqh9sp9jnklo1; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2011%3A56%3A28%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2011%3A56%3A28%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3D%28none%29; sbjs_migrations=1418474375998%3D1; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20381.1.2.26.83%20%28iPhone11%2C6%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201242x2688%3B%20IABMV%2F1%3B%20737297623%29 --070b6916-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --070b6916-E-- --070b6916-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIDUBDfVyTqsOoOtZ6At5wAAANI"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIDUBDfVyTqsOoOtZ6At5wAAANI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753273348150916 2309502 (- - -) Stopwatch2: 1753273348150916 2309502; combined=13760, p1=802, p2=12452, p3=291, p4=41, p5=174, sr=200, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --070b6916-Z-- --43e59f5a-A-- [23/Jul/2025:15:22:44.398286 +0300] aIDUEjSlzRK7A2fl0tiZ7AAAAIs 197.37.187.63 36238 127.0.0.1 7081 --43e59f5a-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 197.37.187.63 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 824 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 381.1.2.26.83 (iPhone11,6; iOS 18_5; en_US; en; scale=3.00; 1242x2688; IABMV/1; 737297623) referer: https://opalparis.store/product/push-up-bra-with-sheer-mesh/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753273304001.PAZXh0bgNhZW0CMTAAAadqkytlSimhHgO5fb28CA0VQBev06Xp8R5C2LcFEzf-8pGfEZY-bNKgof8Wcg_aem_kmqQo725KechOlj3qccXhA; _fbp=fb.1.1753271801131.881201212355184295; sbjs_session=pgs%3D8%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct%2Fpush-up-bra-with-sheer-mesh%2F; tk_ai=8pbHRxYVwWshauA92quN8yt7; tk_qs=session_id%3D%26blog_id%3D245943483%26store_id%3D08cc8d12-0c1d-42f3-8519-7c52fd206c9a%26ui%3D%26url%3Dhttps%253A%252F%252Fopalparis.store%26landing_page%3D%26woo_version%3D9.9.5%26wp_version%3D6.8.1%26store_admin%3D0%26device%3Dmobile%26template_used%3D0%26additional_blocks_on_cart_page%3D%26additional_blocks_on_checkout_page%3D%26store_currency%3DEGP%26timezone%3D%252B00%253A00%26is_guest%3D1%26order_value%3D0%26order_total%3D0%26total_tax%3D0%26total_discount%3D0%26total_shipping%3D0%26products_count%3D0%26cart_page_contains_cart_block%3D1%26cart_page_contains_cart_shortcode%3D0%26checkout_page_contains_checkout_block%3D1%26checkout_page_contains_checkout_shortcode%3D0%26pi%3D351%26pn%3DPush-Up%2520bra%2520with%2520sheer%2520mesh%26pc%3DBras%252FUnderwear%26pp%3D300%26pt%3Dvariable%26lr%3D%26or%3D%26r3d%3D%26_en%3Dwoocommerceanalytics_product_view%26_ui%3D8pbHRxYVwWshauA92quN8yt7%26_ut%3Danon%26_ts%3D1753273362289%26_tz%3D-3%26_lg%3Den-GB%26_pf%3DiPhone%26_ht%3D896%26_wd%3D414%26_sx%3D0%26_sy%3D0%26_dl%3Dhttps%253A%252F%252Fopalparis.store%252Fproduct%252Fpush-up-bra-with-sheer-mesh%252F%26_dr%3Dhttps%253A%252F%252Fopalparis.store%252F; woocommerce_recently_viewed=351; tk_lr=%22%22; tk_or=%22%22; tk_r3d=%22%22; PHPSESSID=aqpa250unm0kdqqh9sp9jnklo1; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2011%3A56%3A28%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2011%3A56%3A28%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3D%28none%29; sbjs_migrations=1418474375998%3D1; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20381.1.2.26.83%20%28iPhone11%2C6%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201242x2688%3B%20IABMV%2F1%3B%20737297623%29 --43e59f5a-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --43e59f5a-E-- --43e59f5a-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIDUEjSlzRK7A2fl0tiZ7AAAAIs"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIDUEjSlzRK7A2fl0tiZ7AAAAIs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753273362372897 2025691 (- - -) Stopwatch2: 1753273362372897 2025691; combined=16820, p1=763, p2=15553, p3=278, p4=51, p5=174, sr=185, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --43e59f5a-Z-- --c4804e4a-A-- [23/Jul/2025:15:22:44.792130 +0300] aIDUEjfVyTqsOoOtZ6AufgAAANM 197.37.187.63 36292 127.0.0.1 7081 --c4804e4a-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 197.37.187.63 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 1173 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 381.1.2.26.83 (iPhone11,6; iOS 18_5; en_US; en; scale=3.00; 1242x2688; IABMV/1; 737297623) referer: https://opalparis.store/product/push-up-bra-with-sheer-mesh/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753273304001.PAZXh0bgNhZW0CMTAAAadqkytlSimhHgO5fb28CA0VQBev06Xp8R5C2LcFEzf-8pGfEZY-bNKgof8Wcg_aem_kmqQo725KechOlj3qccXhA; _fbp=fb.1.1753271801131.881201212355184295; sbjs_session=pgs%3D8%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct%2Fpush-up-bra-with-sheer-mesh%2F; tk_ai=8pbHRxYVwWshauA92quN8yt7; tk_qs=session_id%3D%26blog_id%3D245943483%26store_id%3D08cc8d12-0c1d-42f3-8519-7c52fd206c9a%26ui%3D%26url%3Dhttps%253A%252F%252Fopalparis.store%26landing_page%3D%26woo_version%3D9.9.5%26wp_version%3D6.8.1%26store_admin%3D0%26device%3Dmobile%26template_used%3D0%26additional_blocks_on_cart_page%3D%26additional_blocks_on_checkout_page%3D%26store_currency%3DEGP%26timezone%3D%252B00%253A00%26is_guest%3D1%26order_value%3D0%26order_total%3D0%26total_tax%3D0%26total_discount%3D0%26total_shipping%3D0%26products_count%3D0%26cart_page_contains_cart_block%3D1%26cart_page_contains_cart_shortcode%3D0%26checkout_page_contains_checkout_block%3D1%26checkout_page_contains_checkout_shortcode%3D0%26pi%3D351%26pn%3DPush-Up%2520bra%2520with%2520sheer%2520mesh%26pc%3DBras%252FUnderwear%26pp%3D300%26pt%3Dvariable%26lr%3D%26or%3D%26r3d%3D%26_en%3Dwoocommerceanalytics_product_view%26_ui%3D8pbHRxYVwWshauA92quN8yt7%26_ut%3Danon%26_ts%3D1753273362289%26_tz%3D-3%26_lg%3Den-GB%26_pf%3DiPhone%26_ht%3D896%26_wd%3D414%26_sx%3D0%26_sy%3D0%26_dl%3Dhttps%253A%252F%252Fopalparis.store%252Fproduct%252Fpush-up-bra-with-sheer-mesh%252F%26_dr%3Dhttps%253A%252F%252Fopalparis.store%252F; woocommerce_recently_viewed=351; tk_lr=%22%22; tk_or=%22%22; tk_r3d=%22%22; PHPSESSID=aqpa250unm0kdqqh9sp9jnklo1; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2011%3A56%3A28%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2011%3A56%3A28%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3D%28none%29; sbjs_migrations=1418474375998%3D1; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20381.1.2.26.83%20%28iPhone11%2C6%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201242x2688%3B%20IABMV%2F1%3B%20737297623%29 --c4804e4a-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --c4804e4a-E-- --c4804e4a-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIDUEjfVyTqsOoOtZ6AufgAAANM"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIDUEjfVyTqsOoOtZ6AufgAAANM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753273362419979 2372338 (- - -) Stopwatch2: 1753273362419979 2372338; combined=120729, p1=2121, p2=117963, p3=341, p4=52, p5=251, sr=289, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c4804e4a-Z-- --74961e76-A-- [23/Jul/2025:15:25:28.753970 +0300] aIDUuJJtMdVA_1kExR08wQAAABE 185.177.72.7 44544 127.0.0.1 7081 --74961e76-B-- GET /.git/ HTTP/1.0 Host: riyadhchocolate.com X-Real-IP: 185.177.72.7 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --74961e76-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT ETag: "328-631485999ce56" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --74961e76-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "riyadhchocolate.com"] [uri "/.git/"] [unique_id "aIDUuJJtMdVA_1kExR08wQAAABE"] Stopwatch: 1753273528748823 5300 (- - -) Stopwatch2: 1753273528748823 5300; combined=2939, p1=716, p2=2104, p3=0, p4=0, p5=119, sr=179, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --74961e76-Z-- --b3fdce2b-A-- [23/Jul/2025:15:25:28.853487 +0300] aIDUuDSlzRK7A2fl0tib6QAAAII 185.177.72.7 44554 127.0.0.1 7081 --b3fdce2b-B-- GET /.git/config HTTP/1.0 Host: riyadhchocolate.com X-Real-IP: 185.177.72.7 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b3fdce2b-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT ETag: "328-631485999ce56" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --b3fdce2b-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "riyadhchocolate.com"] [uri "/.git/config"] [unique_id "aIDUuDSlzRK7A2fl0tib6QAAAII"] Stopwatch: 1753273528846027 7588 (- - -) Stopwatch2: 1753273528846027 7588; combined=4170, p1=575, p2=3485, p3=0, p4=0, p5=110, sr=170, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b3fdce2b-Z-- --b367b11c-A-- [23/Jul/2025:15:25:28.929094 +0300] aIDUuJJtMdVA_1kExR08wgAAAAc 185.177.72.7 44570 127.0.0.1 7081 --b367b11c-B-- GET /.git/HEAD HTTP/1.0 Host: riyadhchocolate.com X-Real-IP: 185.177.72.7 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b367b11c-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT ETag: "328-631485999ce56" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --b367b11c-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "riyadhchocolate.com"] [uri "/.git/HEAD"] [unique_id "aIDUuJJtMdVA_1kExR08wgAAAAc"] Stopwatch: 1753273528924921 4239 (- - -) Stopwatch2: 1753273528924921 4239; combined=2378, p1=564, p2=1748, p3=0, p4=0, p5=66, sr=135, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b367b11c-Z-- --b43b024d-A-- [23/Jul/2025:15:25:29.077067 +0300] aIDUuTfVyTqsOoOtZ6Ax0gAAAMM 185.177.72.7 44586 127.0.0.1 7081 --b43b024d-B-- GET /.git/index HTTP/1.0 Host: riyadhchocolate.com X-Real-IP: 185.177.72.7 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b43b024d-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT ETag: "328-631485999ce56" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --b43b024d-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "riyadhchocolate.com"] [uri "/.git/index"] [unique_id "aIDUuTfVyTqsOoOtZ6Ax0gAAAMM"] Stopwatch: 1753273529073072 4063 (- - -) Stopwatch2: 1753273529073072 4063; combined=2284, p1=548, p2=1654, p3=0, p4=0, p5=82, sr=167, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b43b024d-Z-- --4639ef57-A-- [23/Jul/2025:15:25:29.522432 +0300] aIDUuTfVyTqsOoOtZ6Ax1AAAANY 185.177.72.7 44630 127.0.0.1 7081 --4639ef57-B-- GET /.env HTTP/1.0 Host: riyadhchocolate.com X-Real-IP: 185.177.72.7 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4639ef57-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT ETag: "328-631485999ce56" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --4639ef57-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "riyadhchocolate.com"] [uri "/.env"] [unique_id "aIDUuTfVyTqsOoOtZ6Ax1AAAANY"] Stopwatch: 1753273529515920 6632 (- - -) Stopwatch2: 1753273529515920 6632; combined=2745, p1=720, p2=1943, p3=0, p4=0, p5=82, sr=224, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4639ef57-Z-- --79c6d14b-A-- [23/Jul/2025:15:31:58.612083 +0300] aIDWPjSlzRK7A2fl0tigqgAAAIQ 35.187.222.91 43616 127.0.0.1 7081 --79c6d14b-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: riyadhchocolate.com X-Real-IP: 35.187.222.91 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-fetch-user: ?1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 referer: http://riyadhchocolate.com/wp-login.php accept-encoding: gzip, deflate, br sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: same-origin accept-language: en-US,en;q=0.5 upgrade-insecure-requests: 1 cookie: wordpress_test_cookie=WP%20Cookie%20check --79c6d14b-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT ETag: "328-631485999ce56" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --79c6d14b-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "riyadhchocolate.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIDWPjSlzRK7A2fl0tigqgAAAIQ"] Stopwatch: 1753273918606440 5872 (- - -) Stopwatch2: 1753273918606440 5872; combined=3579, p1=602, p2=2874, p3=0, p4=0, p5=103, sr=186, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --79c6d14b-Z-- --29909a6e-A-- [23/Jul/2025:15:33:08.329217 +0300] aIDWhDfVyTqsOoOtZ6A-eAAAANY 77.90.153.170 58182 127.0.0.1 7081 --29909a6e-B-- GET /.git/config HTTP/1.0 Host: college.jinansystem.com X-Real-IP: 77.90.153.170 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 7.0; LGMS428) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --29909a6e-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --29909a6e-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "college.jinansystem.com"] [uri "/.git/config"] [unique_id "aIDWhDfVyTqsOoOtZ6A-eAAAANY"] Stopwatch: 1753273988321260 8341 (- - -) Stopwatch2: 1753273988321260 8341; combined=4268, p1=1361, p2=2840, p3=0, p4=0, p5=66, sr=142, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --29909a6e-Z-- --7ce43417-A-- [23/Jul/2025:15:35:14.384869 +0300] aIDXAjfVyTqsOoOtZ6BBAgAAAMk 3.12.146.27 60112 127.0.0.1 7081 --7ce43417-B-- GET /.git/config HTTP/1.0 Host: app.jinansystem.com X-Real-IP: 3.12.146.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/4.0 (compatible; Dillo 3.0) Accept-Charset: utf-8 Accept-Encoding: gzip --7ce43417-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --7ce43417-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "app.jinansystem.com"] [uri "/.git/config"] [unique_id "aIDXAjfVyTqsOoOtZ6BBAgAAAMk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/app.jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753274114256385 128663 (- - -) Stopwatch2: 1753274114256385 128663; combined=2443, p1=494, p2=1818, p3=0, p4=0, p5=130, sr=134, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7ce43417-Z-- --c03da826-A-- [23/Jul/2025:15:37:52.442551 +0300] aIDXnjfVyTqsOoOtZ6BEfgAAANI 156.202.179.190 59774 127.0.0.1 7081 --c03da826-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 156.202.179.190 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 774 sec-ch-ua-platform: "Android" user-agent: Mozilla/5.0 (Linux; Android 12; SM-N975F Build/SP1A.210812.016; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/138.0.7204.157 Mobile Safari/537.36 Instagram 389.0.0.49.87 Android (31/12; 560dpi; 1440x2759; samsung; SM-N975F; d2s; exynos9825; en_GB; 763654648; IABMV/1) sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Android WebView";v="138" content-type: text/plain;charset=UTF-8 sec-ch-ua-mobile: ?1 accept: */* origin: https://opalparis.store x-requested-with: com.instagram.android sec-fetch-site: same-origin sec-fetch-mode: cors sec-fetch-dest: empty referer: https://opalparis.store/?fbclid=PAZXh0bgNhZW0CMTEAAafdxLqJv0JsqJ03OaERffyr4eTKbocLqe28fATuFULu6EF4HhGUgqVUw-P-Yw_aem_ppLf9p97egSFVtCF2K1FUQ accept-encoding: gzip, deflate, br, zstd accept-language: en-GB,en-US;q=0.9,en;q=0.8 priority: u=1, i cookie: sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2025-07-23%2012%3A37%3A50%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAafdxLqJv0JsqJ03OaERffyr4eTKbocLqe28fATuFULu6EF4HhGUgqVUw-P-Yw_aem_ppLf9p97egSFVtCF2K1FUQ%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first_add=fd%3D2025-07-23%2012%3A37%3A50%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAafdxLqJv0JsqJ03OaERffyr4eTKbocLqe28fATuFULu6EF4HhGUgqVUw-P-Yw_aem_ppLf9p97egSFVtCF2K1FUQ%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Linux%3B%20Android%2012%3B%20SM-N975F%20Build%2FSP1A.210812.016%3B%20wv%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Version%2F4.0%20Chrome%2F138.0.7204.157%20Mobile%20Safari%2F537.36%20Instagram%20389.0.0.49.87%20Android%20%2831%2F12%3B%20560dpi%3B%201440x2759%3B%20samsung%3B%20SM-N975F%3B%20d2s%3B%20exynos9825%3B%20en_GB%3B%20763654648%3B%20IABMV%2F1%29; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAafdxLqJv0JsqJ03OaERffyr4eTKbocLqe28fATuFULu6EF4HhGUgqVUw-P-Yw_aem_ppLf9p97egSFVtCF2K1FUQ; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; _fbc=fb.1.1753274270983.PAZXh0bgNhZW0CMTEAAafdxLqJv0JsqJ03OaERffyr4eTKbocLqe28fATuFULu6EF4HhGUgqVUw-P-Yw_aem_ppLf9p97egSFVtCF2K1FUQ; _fbp=fb.1.1753274271009.576624751272459281 --c03da826-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Set-Cookie: PHPSESSID=usqlt10pmb0aa5qi4icgq6d80t; expires=Tue, 21 Oct 2025 12:37:52 GMT; Max-Age=7776000; path=/; domain=opalparis.store; HttpOnly; SameSite=lax Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --c03da826-E-- --c03da826-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIDXnjfVyTqsOoOtZ6BEfgAAANI"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIDXnjfVyTqsOoOtZ6BEfgAAANI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753274270385198 2057550 (- - -) Stopwatch2: 1753274270385198 2057550; combined=114483, p1=932, p2=13136, p3=400, p4=67, p5=50090, sr=170, sw=1, l=0, gc=49857 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c03da826-Z-- --b251d717-A-- [23/Jul/2025:15:39:24.283836 +0300] aIDX-jfVyTqsOoOtZ6BHYQAAAMQ 103.188.167.165 35756 127.0.0.1 7081 --b251d717-B-- GET /.env HTTP/1.0 Host: londonfds.raqmix.net X-Real-IP: 103.188.167.165 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:83.0) Gecko/20100101 Firefox/83.0 Accept-Encoding: gzip, deflate Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Upgrade-Insecure-Requests: 1 --b251d717-F-- HTTP/1.1 500 Internal Server Error X-Powered-By: PHP/8.1.33 Link: <https://londonfds.raqmix.net/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 5181 Content-Type: text/html; charset=UTF-8 --b251d717-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "londonfds.raqmix.net"] [uri "/.env"] [unique_id "aIDX-jfVyTqsOoOtZ6BHYQAAAMQ"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Deprecated: Return type of ameMetaBoxSettings::offsetExists($offset) should either be compatible with ArrayAccess::offsetExists(mixed $offset): bool, or the #[\\\\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/admin-menu-editor-pro/extras/modules/metaboxes/ameMetaBoxSettings.php on line 85PHP message: PHP Deprecated: Return type of ameMetaBoxSettings::offsetGet($offset) should either be compatible with ArrayAccess::offsetGet(mixed $offset): mixed, or the #[\\\\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/admin-menu-editor-pro/extras/modules/metaboxes/ameMetaBoxSettings.php on line 99PHP message: PHP Deprecated: Return type of ameMetaBoxSettings::offsetSet($offset, $value) should either be compatible with ArrayAccess::offsetSet(mixed $offset, mixed $value): void, or the #[\\\\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/admin-menu-editor-pro/extras/modules/metaboxes/ameMetaBoxSettings.php on line 116PHP message: PHP Deprecated: Return type of ameMetaBoxSettings::offsetUnset($offset) should either be compatible with ArrayAccess::offsetUnset(mixed $offset): void, or the #[\\\\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/admin-menu-editor-pro/extras/modules/metaboxes/ameMetaBoxSettings.php on line 130PHP message: PHP Deprecated: Return type of Wslm_ProductLicense::offsetExists($offset) should either be compatible with ArrayAccess::offsetExists(mixed $offset): bool, or the #[\\\\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/admin-menu-editor-pro/license-manager/ProductLicense.php on line 75PHP message: PHP Deprecated: Return type of Wslm_ProductLicense::offsetGet($offset) should either be compatible with ArrayAccess::offsetGet(mixed $offset): mixed, or the #[\\\\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/admin-menu-editor-pro/license-manager/ProductLicense.php on line 79PHP message: PHP Deprecated: Return type of Wslm_ProductLicense::offsetSet($offset, $value) should either be compatible with ArrayAccess::offsetSet(mixed $offset, mixed $value): void, or the #[\\\\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/admin-menu-editor-pro/license-manager/ProductLicense.php on line 83PHP message: PHP Deprecated: Return type of Wslm_ProductLicense::offsetUnset($offset) should either be compatible with ArrayAccess::offsetUnset(mixed $offset): void, or the #[\\\\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/admin-menu-editor-pro/license-manager/ProductLicense.php on line 87PHP message: PHP Deprecated: Optional parameter $post_id declared before required parameter $field is implicitly treated as a required parameter in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/advanced-custom-fields-pro/includes/acf-value-functions.php on line 54PHP message: PHP Deprecated: Optional parameter $value declared before required parameter $field is implicitly treated as a required parameter in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/advanced-custom-fields-pro/includes/acf-value-functions.php on line 166PHP message: PHP Deprecated: Optional parameter $post_id declared before required parameter $field is implicitly treated as a required parameter in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/advanced-custom-fields-pro/includes/acf-value-functions.php on line 166PHP message: PHP Deprecated: Optional parameter $key declared before required parameter $value is implicitly treated as a required parameter in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/advanced-custom-fields-pro/includes/ajax/class-acf-ajax.php on line 76PHP message: PHP Notice: spl_autoload_register(): Argument #2 ($do_throw) has been ignored, spl_autoload_register() will always throw in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/invisible-recaptcha/includes/MchLibAutoloader.php on line 53PHP message: PHP Notice: spl_autoload_register(): Argument #2 ($do_throw) has been ignored, spl_autoload_register() will always throw in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/invisible-recaptcha/engine/RequestHandler.php on line 84PHP message: PHP Notice: spl_autoload_register(): Argument #2 ($do_throw) has been ignored, spl_autoload_register() will always throw in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/invisible-recaptcha/engine/Controllers/ModulesController.php on line 104PHP message: PHP Warning: The magic method InvisibleReCaptcha\\\\MchLib\\\\Plugin\\\\MchBasePublicPlugin::__wakeup() must have public visibility in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/invisible-recaptcha/includes/plugin/MchBasePublicPlugin.php on line 37PHP message: PHP Deprecated: Optional parameter $i declared before required parameter $post_id is implicitly treated as a required parameter in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/advanced-custom-fields-pro/pro/fields/class-acf-field-repeater.php on line 720PHP message: PHP Deprecated: Optional parameter $i declared before required parameter $post_id is implicitly treated as a required parameter in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/advanced-custom-fields-pro/pro/fields/class-acf-field-repeater.php on line 786PHP message: PHP Deprecated: Optional parameter $name declared before required parameter $field is implicitly treated as a required parameter in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/advanced-custom-fields-pro/pro/fields/class-acf-field-flexible-content.php on line 1038PHP message: PHP Deprecated: Optional parameter $i declared before required parameter $post_id is implicitly treated as a required parameter in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/advanced-custom-fields-pro/pro/fields/class-acf-field-flexible-content.php on line 1074PHP message: PHP Deprecated: Optional parameter $i declared before required parameter $post_id is implicitly treated as a required parameter in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/advanced-custom-fields-pro/pro/fields/class-acf-field-flexible-content.php on line 1126PHP message: PHP Deprecated: Optional parameter $id declared before required parameter $field is implicitly treated as a required parameter in /var/www/vhosts/raqmix.net/londonfds.raqmix.net/assets/plugins/advanced-custom-fields-pro/pro/fields/class-acf-field-gallery.php on line 296' Apache-Handler: proxy:unix:/var/www/vhosts/system/londonfds.raqmix.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753274362619263 1664686 (- - -) Stopwatch2: 1753274362619263 1664686; combined=3180, p1=602, p2=2215, p3=0, p4=0, p5=362, sr=179, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b251d717-Z-- --96e4bf64-A-- [23/Jul/2025:15:43:49.573148 +0300] aIDZBTfVyTqsOoOtZ6BN3QAAAMQ 77.90.153.170 46408 127.0.0.1 7081 --96e4bf64-B-- GET /.git/config HTTP/1.0 Host: demonanomie.com X-Real-IP: 77.90.153.170 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 12_1_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/16D57 Accept-Charset: utf-8 Accept-Encoding: gzip --96e4bf64-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 09 Jun 2025 14:06:48 GMT ETag: "328-637241743cede" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --96e4bf64-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demonanomie.com"] [uri "/.git/config"] [unique_id "aIDZBTfVyTqsOoOtZ6BN3QAAAMQ"] Stopwatch: 1753274629568272 4967 (- - -) Stopwatch2: 1753274629568272 4967; combined=2895, p1=670, p2=2159, p3=0, p4=0, p5=65, sr=236, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --96e4bf64-Z-- --a0134e18-A-- [23/Jul/2025:15:51:30.473636 +0300] aIDa0jfVyTqsOoOtZ6BY3wAAAMU 185.177.72.201 51424 127.0.0.1 7081 --a0134e18-B-- GET /.env HTTP/1.0 Host: crm.hamomohsen.net X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a0134e18-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --a0134e18-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crm.hamomohsen.net"] [uri "/.env"] [unique_id "aIDa0jfVyTqsOoOtZ6BY3wAAAMU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753275090333392 140349 (- - -) Stopwatch2: 1753275090333392 140349; combined=14840, p1=12673, p2=2006, p3=0, p4=0, p5=160, sr=177, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a0134e18-Z-- --0c03990c-A-- [23/Jul/2025:15:51:30.877537 +0300] aIDa0jfVyTqsOoOtZ6BY4QAAANc 185.177.72.201 51440 127.0.0.1 7081 --0c03990c-B-- GET /api/.env HTTP/1.0 Host: crm.hamomohsen.net X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0c03990c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --0c03990c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crm.hamomohsen.net"] [uri "/api/.env"] [unique_id "aIDa0jfVyTqsOoOtZ6BY4QAAANc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753275090725796 151862 (- - -) Stopwatch2: 1753275090725796 151862; combined=2933, p1=495, p2=2296, p3=0, p4=0, p5=141, sr=139, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0c03990c-Z-- --47d2707f-A-- [23/Jul/2025:15:51:31.060042 +0300] aIDa0jfVyTqsOoOtZ6BY4gAAAMI 185.177.72.201 51448 127.0.0.1 7081 --47d2707f-B-- GET /backend/.env HTTP/1.0 Host: crm.hamomohsen.net X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --47d2707f-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --47d2707f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crm.hamomohsen.net"] [uri "/backend/.env"] [unique_id "aIDa0jfVyTqsOoOtZ6BY4gAAAMI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753275090936768 123338 (- - -) Stopwatch2: 1753275090936768 123338; combined=3001, p1=679, p2=2226, p3=0, p4=0, p5=95, sr=224, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --47d2707f-Z-- --2cc9a35c-A-- [23/Jul/2025:15:51:31.248731 +0300] aIDa0zSlzRK7A2fl0tit6wAAAIY 185.177.72.201 51452 127.0.0.1 7081 --2cc9a35c-B-- GET /server/.env HTTP/1.0 Host: crm.hamomohsen.net X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2cc9a35c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --2cc9a35c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crm.hamomohsen.net"] [uri "/server/.env"] [unique_id "aIDa0zSlzRK7A2fl0tit6wAAAIY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753275091117182 131650 (- - -) Stopwatch2: 1753275091117182 131650; combined=3896, p1=563, p2=3193, p3=0, p4=0, p5=139, sr=134, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2cc9a35c-Z-- --47a4dd00-A-- [23/Jul/2025:15:51:31.447115 +0300] aIDa0zSlzRK7A2fl0tit7AAAAIE 185.177.72.201 51466 127.0.0.1 7081 --47a4dd00-B-- GET /.env.example HTTP/1.0 Host: crm.hamomohsen.net X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --47a4dd00-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --47a4dd00-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crm.hamomohsen.net"] [uri "/.env.example"] [unique_id "aIDa0zSlzRK7A2fl0tit7AAAAIE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753275091306790 140445 (- - -) Stopwatch2: 1753275091306790 140445; combined=4058, p1=942, p2=2979, p3=0, p4=0, p5=136, sr=255, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --47a4dd00-Z-- --957e9308-A-- [23/Jul/2025:15:51:31.651759 +0300] aIDa0zfVyTqsOoOtZ6BY5AAAAMk 185.177.72.201 51484 127.0.0.1 7081 --957e9308-B-- GET /.env.production HTTP/1.0 Host: crm.hamomohsen.net X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --957e9308-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --957e9308-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crm.hamomohsen.net"] [uri "/.env.production"] [unique_id "aIDa0zfVyTqsOoOtZ6BY5AAAAMk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753275091505132 146711 (- - -) Stopwatch2: 1753275091505132 146711; combined=2476, p1=504, p2=1798, p3=0, p4=0, p5=173, sr=142, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --957e9308-Z-- --f609e322-A-- [23/Jul/2025:15:51:31.830838 +0300] aIDa0zfVyTqsOoOtZ6BY5gAAAMM 185.177.72.201 51508 127.0.0.1 7081 --f609e322-B-- GET /.env.bak HTTP/1.0 Host: crm.hamomohsen.net X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f609e322-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --f609e322-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||crm.hamomohsen.net|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crm.hamomohsen.net"] [uri "/.env.bak"] [unique_id "aIDa0zfVyTqsOoOtZ6BY5gAAAMM"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||crm.hamomohsen.net|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "crm.hamomohsen.net"] [uri "/.env.bak"] [unique_id "aIDa0zfVyTqsOoOtZ6BY5gAAAMM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753275091709415 121530 (- - -) Stopwatch2: 1753275091709415 121530; combined=3153, p1=714, p2=2303, p3=0, p4=0, p5=135, sr=212, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f609e322-Z-- --d46d6558-A-- [23/Jul/2025:15:51:32.009228 +0300] aIDa0zSlzRK7A2fl0tit7gAAAIQ 185.177.72.201 51546 127.0.0.1 7081 --d46d6558-B-- GET /.env.old HTTP/1.0 Host: crm.hamomohsen.net X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d46d6558-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --d46d6558-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||crm.hamomohsen.net|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crm.hamomohsen.net"] [uri "/.env.old"] [unique_id "aIDa0zSlzRK7A2fl0tit7gAAAIQ"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||crm.hamomohsen.net|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "crm.hamomohsen.net"] [uri "/.env.old"] [unique_id "aIDa0zSlzRK7A2fl0tit7gAAAIQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753275091888620 120691 (- - -) Stopwatch2: 1753275091888620 120691; combined=2191, p1=420, p2=1587, p3=0, p4=0, p5=183, sr=119, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d46d6558-Z-- --ae9c411d-A-- [23/Jul/2025:15:51:32.185179 +0300] aIDa1DSlzRK7A2fl0tit7wAAAJY 185.177.72.201 51552 127.0.0.1 7081 --ae9c411d-B-- GET /.env.local HTTP/1.0 Host: crm.hamomohsen.net X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ae9c411d-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --ae9c411d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crm.hamomohsen.net"] [uri "/.env.local"] [unique_id "aIDa1DSlzRK7A2fl0tit7wAAAJY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753275092064958 120304 (- - -) Stopwatch2: 1753275092064958 120304; combined=3553, p1=676, p2=2761, p3=0, p4=0, p5=116, sr=188, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ae9c411d-Z-- --65647500-A-- [23/Jul/2025:15:51:32.437974 +0300] aIDa1DfVyTqsOoOtZ6BY7QAAANM 185.177.72.201 51570 127.0.0.1 7081 --65647500-B-- GET /.env.dev HTTP/1.0 Host: crm.hamomohsen.net X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --65647500-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --65647500-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crm.hamomohsen.net"] [uri "/.env.dev"] [unique_id "aIDa1DfVyTqsOoOtZ6BY7QAAANM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753275092242182 195859 (- - -) Stopwatch2: 1753275092242182 195859; combined=97538, p1=695, p2=2691, p3=0, p4=0, p5=47147, sr=195, sw=0, l=0, gc=47005 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --65647500-Z-- --36dcfc49-A-- [23/Jul/2025:15:51:58.891629 +0300] aIDa7jfVyTqsOoOtZ6BZrwAAAMg 3.12.146.27 38960 127.0.0.1 7081 --36dcfc49-B-- GET /.git/config HTTP/1.0 Host: college.jinansystem.com X-Real-IP: 3.12.146.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --36dcfc49-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --36dcfc49-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "college.jinansystem.com"] [uri "/.git/config"] [unique_id "aIDa7jfVyTqsOoOtZ6BZrwAAAMg"] Stopwatch: 1753275118887230 4477 (- - -) Stopwatch2: 1753275118887230 4477; combined=2554, p1=591, p2=1891, p3=0, p4=0, p5=71, sr=190, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --36dcfc49-Z-- --cf46a805-A-- [23/Jul/2025:15:56:57.084161 +0300] aIDcGTfVyTqsOoOtZ6BgjQAAAMo 185.177.72.7 54508 127.0.0.1 7081 --cf46a805-B-- GET /.git/ HTTP/1.0 Host: glamileaclinics.com X-Real-IP: 185.177.72.7 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --cf46a805-F-- HTTP/1.1 301 Moved Permanently Location: https://glamileaclinics.com/.git Content-Length: 310 Connection: close Content-Type: text/html; charset=iso-8859-1 --cf46a805-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glamileaclinics.com"] [uri "/.git/"] [unique_id "aIDcGTfVyTqsOoOtZ6BgjQAAAMo"] Stopwatch: 1753275417079844 4389 (- - -) Stopwatch2: 1753275417079844 4389; combined=2489, p1=628, p2=1712, p3=23, p4=66, p5=60, sr=169, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cf46a805-Z-- --2503b813-A-- [23/Jul/2025:15:56:57.882877 +0300] aIDcGTSlzRK7A2fl0tixiAAAAIk 185.177.72.7 54610 127.0.0.1 7081 --2503b813-B-- GET /.git/config HTTP/1.0 Host: glamileaclinics.com X-Real-IP: 185.177.72.7 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2503b813-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --2503b813-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glamileaclinics.com"] [uri "/.git/config"] [unique_id "aIDcGTSlzRK7A2fl0tixiAAAAIk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamileaclinics.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753275417612183 270833 (- - -) Stopwatch2: 1753275417612183 270833; combined=3002, p1=725, p2=2163, p3=0, p4=0, p5=113, sr=179, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2503b813-Z-- --7732b224-A-- [23/Jul/2025:15:56:58.204842 +0300] aIDcGTfVyTqsOoOtZ6BgmAAAAMM 185.177.72.7 54650 127.0.0.1 7081 --7732b224-B-- GET /.git/HEAD HTTP/1.0 Host: glamileaclinics.com X-Real-IP: 185.177.72.7 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7732b224-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --7732b224-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glamileaclinics.com"] [uri "/.git/HEAD"] [unique_id "aIDcGTfVyTqsOoOtZ6BgmAAAAMM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamileaclinics.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753275417942703 262229 (- - -) Stopwatch2: 1753275417942703 262229; combined=3045, p1=693, p2=2230, p3=0, p4=0, p5=122, sr=158, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7732b224-Z-- --396b5539-A-- [23/Jul/2025:15:56:59.251277 +0300] aIDcGjfVyTqsOoOtZ6BgowAAANU 185.177.72.7 54806 127.0.0.1 7081 --396b5539-B-- GET /.git/index HTTP/1.0 Host: glamileaclinics.com X-Real-IP: 185.177.72.7 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --396b5539-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --396b5539-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glamileaclinics.com"] [uri "/.git/index"] [unique_id "aIDcGjfVyTqsOoOtZ6BgowAAANU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamileaclinics.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753275418965718 285684 (- - -) Stopwatch2: 1753275418965718 285684; combined=8626, p1=563, p2=7952, p3=0, p4=0, p5=110, sr=132, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --396b5539-Z-- --70957d7a-A-- [23/Jul/2025:15:57:01.944313 +0300] aIDcHTfVyTqsOoOtZ6BgxwAAAMo 185.177.72.7 55230 127.0.0.1 7081 --70957d7a-B-- GET /.env HTTP/1.0 Host: glamileaclinics.com X-Real-IP: 185.177.72.7 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --70957d7a-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close X-Accel-Version: 0.01 X-Accel-Redirect: /internal-nginx-static-location/.env Content-Length: 0 --70957d7a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glamileaclinics.com"] [uri "/.env"] [unique_id "aIDcHTfVyTqsOoOtZ6BgxwAAAMo"] Stopwatch: 1753275421937359 7051 (- - -) Stopwatch2: 1753275421937359 7051; combined=3521, p1=701, p2=2663, p3=40, p4=38, p5=79, sr=162, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --70957d7a-Z-- --09643e3a-A-- [23/Jul/2025:15:58:41.166136 +0300] aIDcgTfVyTqsOoOtZ6BjrAAAAMQ 3.12.146.27 36186 127.0.0.1 7081 --09643e3a-B-- GET /.git/config HTTP/1.0 Host: demonanomie.com X-Real-IP: 3.12.146.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux i686; rv:46.0) Gecko/20100101 Firefox/46.0 Accept-Charset: utf-8 Accept-Encoding: gzip --09643e3a-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 09 Jun 2025 14:06:48 GMT ETag: "328-637241743cede" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --09643e3a-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demonanomie.com"] [uri "/.git/config"] [unique_id "aIDcgTfVyTqsOoOtZ6BjrAAAAMQ"] Stopwatch: 1753275521159775 6501 (- - -) Stopwatch2: 1753275521159775 6501; combined=3899, p1=798, p2=2985, p3=0, p4=0, p5=116, sr=187, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --09643e3a-Z-- --4c0ee459-A-- [23/Jul/2025:16:02:04.742288 +0300] aIDdTDfVyTqsOoOtZ6BodAAAAMQ 65.181.111.149 55000 127.0.0.1 7081 --4c0ee459-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: riyadhchocolate.com X-Real-IP: 65.181.111.149 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-fetch-mode: navigate sec-fetch-user: ?1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 accept-language: en-US,en;q=0.5 referer: http://riyadhchocolate.com/wp-login.php accept-encoding: gzip, deflate, br upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-site: same-origin accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 cookie: wordpress_test_cookie=WP%20Cookie%20check --4c0ee459-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT ETag: "328-631485999ce56" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --4c0ee459-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "riyadhchocolate.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIDdTDfVyTqsOoOtZ6BodAAAAMQ"] Stopwatch: 1753275724733910 8532 (- - -) Stopwatch2: 1753275724733910 8532; combined=6070, p1=660, p2=5317, p3=0, p4=0, p5=92, sr=291, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4c0ee459-Z-- --c27ee21e-A-- [23/Jul/2025:16:09:04.300421 +0300] aIDe7TSlzRK7A2fl0ti6aAAAAIg 197.48.139.102 38580 127.0.0.1 7081 --c27ee21e-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 197.48.139.102 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 774 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/21G93 Instagram 389.0.0.20.89 (iPhone12,1; iOS 17_6_1; en_US; en; scale=2.00; 828x1792; 761848126; IABMV/1) referer: https://opalparis.store/?fbclid=PAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A sec-fetch-dest: empty cookie: _fbc=fb.1.1753276141449.PAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A; _fbp=fb.1.1753276141454.632552641358366271; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2013%3A09%3A00%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2013%3A09%3A00%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_migrations=1418474375998%3D1; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2017_6_1%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F21G93%20Instagram%20389.0.0.20.89%20%28iPhone12%2C1%3B%20iOS%2017_6_1%3B%20en_US%3B%20en%3B%20scale%3D2.00%3B%20828x1792%3B%20761848126%3B%20IABMV%2F1%29; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22; PHPSESSID=0vpc2kfboudbhtnvff04adpb9k --c27ee21e-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --c27ee21e-E-- --c27ee21e-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIDe7TSlzRK7A2fl0ti6aAAAAIg"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIDe7TSlzRK7A2fl0ti6aAAAAIg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753276141594523 2706124 (- - -) Stopwatch2: 1753276141594523 2706124; combined=20872, p1=1012, p2=19439, p3=212, p4=48, p5=160, sr=161, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c27ee21e-Z-- --77e8f405-A-- [23/Jul/2025:16:09:12.735750 +0300] aIDe9pJtMdVA_1kExR1K5wAAABg 197.48.139.102 46768 127.0.0.1 7081 --77e8f405-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 197.48.139.102 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 800 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/21G93 Instagram 389.0.0.20.89 (iPhone12,1; iOS 17_6_1; en_US; en; scale=2.00; 828x1792; 761848126; IABMV/1) referer: https://opalparis.store/product-category/lingerie/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753276141449.PAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A; _fbp=fb.1.1753276141454.632552641358366271; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_session=pgs%3D2%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Flingerie%2F; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2017_6_1%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F21G93%20Instagram%20389.0.0.20.89%20%28iPhone12%2C1%3B%20iOS%2017_6_1%3B%20en_US%3B%20en%3B%20scale%3D2.00%3B%20828x1792%3B%20761848126%3B%20IABMV%2F1%29; sbjs_current_add=fd%3D2025-07-23%2013%3A09%3A00%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2013%3A09%3A00%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_migrations=1418474375998%3D1; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22; PHPSESSID=0vpc2kfboudbhtnvff04adpb9k --77e8f405-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --77e8f405-E-- --77e8f405-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIDe9pJtMdVA_1kExR1K5wAAABg"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIDe9pJtMdVA_1kExR1K5wAAABg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753276150635152 2100908 (- - -) Stopwatch2: 1753276150635152 2100908; combined=21886, p1=2475, p2=18908, p3=239, p4=42, p5=222, sr=247, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --77e8f405-Z-- --a9f4f55b-A-- [23/Jul/2025:16:10:05.938775 +0300] aIDfKzfVyTqsOoOtZ6B1awAAAM4 197.48.139.102 43308 127.0.0.1 7081 --a9f4f55b-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 197.48.139.102 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 774 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/21G93 Instagram 389.0.0.20.89 (iPhone12,1; iOS 17_6_1; en_US; en; scale=2.00; 828x1792; 761848126; IABMV/1) referer: https://opalparis.store/?fbclid=PAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A sec-fetch-dest: empty cookie: _fbc=fb.1.1753276141449.PAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A; _fbp=fb.1.1753276141454.632552641358366271; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_session=pgs%3D2%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Flingerie%2F; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2017_6_1%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F21G93%20Instagram%20389.0.0.20.89%20%28iPhone12%2C1%3B%20iOS%2017_6_1%3B%20en_US%3B%20en%3B%20scale%3D2.00%3B%20828x1792%3B%20761848126%3B%20IABMV%2F1%29; sbjs_current_add=fd%3D2025-07-23%2013%3A09%3A00%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2013%3A09%3A00%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_migrations=1418474375998%3D1; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22; PHPSESSID=0vpc2kfboudbhtnvff04adpb9k --a9f4f55b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --a9f4f55b-E-- --a9f4f55b-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIDfKzfVyTqsOoOtZ6B1awAAAM4"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIDfKzfVyTqsOoOtZ6B1awAAAM4"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753276203062859 2876106 (- - -) Stopwatch2: 1753276203062859 2876106; combined=23060, p1=1251, p2=21298, p3=306, p4=45, p5=160, sr=156, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a9f4f55b-Z-- --a2c9e046-A-- [23/Jul/2025:16:10:10.808366 +0300] aIDfMDfVyTqsOoOtZ6B1qAAAAMI 197.48.139.102 44000 127.0.0.1 7081 --a2c9e046-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 197.48.139.102 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 800 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/21G93 Instagram 389.0.0.20.89 (iPhone12,1; iOS 17_6_1; en_US; en; scale=2.00; 828x1792; 761848126; IABMV/1) referer: https://opalparis.store/product-category/lingerie/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753276141449.PAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A; _fbp=fb.1.1753276141454.632552641358366271; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_session=pgs%3D3%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Flingerie%2F; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2017_6_1%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F21G93%20Instagram%20389.0.0.20.89%20%28iPhone12%2C1%3B%20iOS%2017_6_1%3B%20en_US%3B%20en%3B%20scale%3D2.00%3B%20828x1792%3B%20761848126%3B%20IABMV%2F1%29; sbjs_current_add=fd%3D2025-07-23%2013%3A09%3A00%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2013%3A09%3A00%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_migrations=1418474375998%3D1; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22; PHPSESSID=0vpc2kfboudbhtnvff04adpb9k --a2c9e046-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --a2c9e046-E-- --a2c9e046-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIDfMDfVyTqsOoOtZ6B1qAAAAMI"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIDfMDfVyTqsOoOtZ6B1qAAAAMI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753276208669634 2138916 (- - -) Stopwatch2: 1753276208669634 2138916; combined=13587, p1=813, p2=12377, p3=202, p4=36, p5=158, sr=142, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a2c9e046-Z-- --49cd8c44-A-- [23/Jul/2025:16:10:12.347068 +0300] aIDfMTfVyTqsOoOtZ6B1rgAAAM0 197.48.139.102 44094 127.0.0.1 7081 --49cd8c44-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 197.48.139.102 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 774 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/21G93 Instagram 389.0.0.20.89 (iPhone12,1; iOS 17_6_1; en_US; en; scale=2.00; 828x1792; 761848126; IABMV/1) referer: https://opalparis.store/?fbclid=PAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A sec-fetch-dest: empty cookie: _fbc=fb.1.1753276141449.PAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A; _fbp=fb.1.1753276141454.632552641358366271; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_session=pgs%3D3%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Flingerie%2F; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2017_6_1%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F21G93%20Instagram%20389.0.0.20.89%20%28iPhone12%2C1%3B%20iOS%2017_6_1%3B%20en_US%3B%20en%3B%20scale%3D2.00%3B%20828x1792%3B%20761848126%3B%20IABMV%2F1%29; sbjs_current_add=fd%3D2025-07-23%2013%3A09%3A00%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2013%3A09%3A00%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_migrations=1418474375998%3D1; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22; PHPSESSID=0vpc2kfboudbhtnvff04adpb9k --49cd8c44-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --49cd8c44-E-- --49cd8c44-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIDfMTfVyTqsOoOtZ6B1rgAAAM0"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIDfMTfVyTqsOoOtZ6B1rgAAAM0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753276209086993 3260252 (- - -) Stopwatch2: 1753276209086993 3260252; combined=12743, p1=744, p2=11460, p3=302, p4=47, p5=190, sr=173, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --49cd8c44-Z-- --4e9c413c-A-- [23/Jul/2025:16:10:14.304540 +0300] aIDfNDfVyTqsOoOtZ6B10QAAAMI 197.48.139.102 44572 127.0.0.1 7081 --4e9c413c-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 197.48.139.102 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 801 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/21G93 Instagram 389.0.0.20.89 (iPhone12,1; iOS 17_6_1; en_US; en; scale=2.00; 828x1792; 761848126; IABMV/1) referer: https://opalparis.store/product-category/home-wear/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753276141449.PAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A; _fbp=fb.1.1753276141454.632552641358366271; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_session=pgs%3D4%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Fhome-wear%2F; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2017_6_1%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F21G93%20Instagram%20389.0.0.20.89%20%28iPhone12%2C1%3B%20iOS%2017_6_1%3B%20en_US%3B%20en%3B%20scale%3D2.00%3B%20828x1792%3B%20761848126%3B%20IABMV%2F1%29; sbjs_current_add=fd%3D2025-07-23%2013%3A09%3A00%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2013%3A09%3A00%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAacHrIy9sDnjb4R-PxY60BfUfDtSsZcvTTTESUlOulP0s1ceoSc_zOOCcJk2Nw_aem_bkzAyC-hGR7zByyhssXs3A%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_migrations=1418474375998%3D1; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22; PHPSESSID=0vpc2kfboudbhtnvff04adpb9k --4e9c413c-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --4e9c413c-E-- --4e9c413c-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIDfNDfVyTqsOoOtZ6B10QAAAMI"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIDfNDfVyTqsOoOtZ6B10QAAAMI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753276212309682 1995045 (- - -) Stopwatch2: 1753276212309682 1995045; combined=14263, p1=876, p2=12931, p3=243, p4=41, p5=171, sr=152, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4e9c413c-Z-- --50ac2a74-A-- [23/Jul/2025:16:12:43.493705 +0300] aIDfyTSlzRK7A2fl0ti9HQAAAI0 156.217.133.186 48316 127.0.0.1 7081 --50ac2a74-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 156.217.133.186 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 656 sec-ch-ua-platform: "Android" user-agent: Mozilla/5.0 (Linux; Android 15; CPH2591 Build/AP3A.240617.008; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/138.0.7204.157 Mobile Safari/537.36 Instagram 390.0.0.43.81 Android (35/15; 360dpi; 720x1612; OPPO; CPH2591; OP575DL1; mt6768; ar_AE; 766920165) sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Android WebView";v="138" content-type: text/plain;charset=UTF-8 sec-ch-ua-mobile: ?1 accept: */* origin: https://opalparis.store x-requested-with: com.instagram.android sec-fetch-site: same-origin sec-fetch-mode: cors sec-fetch-dest: empty referer: https://opalparis.store/ accept-encoding: gzip, deflate, br, zstd accept-language: ar-AE,ar;q=0.9,en-US;q=0.8,en;q=0.7 priority: u=1, i cookie: sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2025-07-23%2013%3A12%3A38%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3Dhttp%3A%2F%2Finstagram.com%2F; sbjs_first_add=fd%3D2025-07-23%2013%3A12%3A38%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3Dhttp%3A%2F%2Finstagram.com%2F; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dinstagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dinstagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Linux%3B%20Android%2015%3B%20CPH2591%20Build%2FAP3A.240617.008%3B%20wv%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Version%2F4.0%20Chrome%2F138.0.7204.157%20Mobile%20Safari%2F537.36%20Instagram%20390.0.0.43.81%20Android%20%2835%2F15%3B%20360dpi%3B%20720x1612%3B%20OPPO%3B%20CPH2591%3B%20OP575DL1%3B%20mt6768%3B%20ar_AE%3B%20766920165%29; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2F; _fbp=fb.1.1753276359883.149489876544746741; _fbc=fb.1.1753276360068.PAZXh0bgNhZW0CMTAAAaeVFfnfH8K3R7zwZY1pKTuCR__Mi2cgmLkhsa7-cfhmqShWkbwpYjrFOjsZdQ_aem_wI1YGpSRlQ0Xb1Z8oJNZ5w --50ac2a74-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Set-Cookie: PHPSESSID=01bj145ol29tofmsriikurucu5; expires=Tue, 21 Oct 2025 13:12:42 GMT; Max-Age=7776000; path=/; domain=opalparis.store; HttpOnly; SameSite=lax Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --50ac2a74-E-- --50ac2a74-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIDfyTSlzRK7A2fl0ti9HQAAAI0"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIDfyTSlzRK7A2fl0ti9HQAAAI0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753276361104197 2389689 (- - -) Stopwatch2: 1753276361104197 2389689; combined=17814, p1=1109, p2=16315, p3=176, p4=34, p5=179, sr=191, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --50ac2a74-Z-- --c3d5b72d-A-- [23/Jul/2025:16:12:55.515038 +0300] aIDf1JJtMdVA_1kExR1MSwAAABE 156.217.133.186 46880 127.0.0.1 7081 --c3d5b72d-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 156.217.133.186 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 679 sec-ch-ua-platform: "Android" user-agent: Mozilla/5.0 (Linux; Android 15; CPH2591 Build/AP3A.240617.008; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/138.0.7204.157 Mobile Safari/537.36 Instagram 390.0.0.43.81 Android (35/15; 360dpi; 720x1612; OPPO; CPH2591; OP575DL1; mt6768; ar_AE; 766920165) sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Android WebView";v="138" content-type: text/plain;charset=UTF-8 sec-ch-ua-mobile: ?1 accept: */* origin: https://opalparis.store x-requested-with: com.instagram.android sec-fetch-site: same-origin sec-fetch-mode: cors sec-fetch-dest: empty referer: https://opalparis.store/product/safari-chic/ accept-encoding: gzip, deflate, br, zstd accept-language: ar-AE,ar;q=0.9,en-US;q=0.8,en;q=0.7 priority: u=1, i cookie: sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2025-07-23%2013%3A12%3A38%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3Dhttp%3A%2F%2Finstagram.com%2F; sbjs_first_add=fd%3D2025-07-23%2013%3A12%3A38%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3Dhttp%3A%2F%2Finstagram.com%2F; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dinstagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dinstagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Linux%3B%20Android%2015%3B%20CPH2591%20Build%2FAP3A.240617.008%3B%20wv%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Version%2F4.0%20Chrome%2F138.0.7204.157%20Mobile%20Safari%2F537.36%20Instagram%20390.0.0.43.81%20Android%20%2835%2F15%3B%20360dpi%3B%20720x1612%3B%20OPPO%3B%20CPH2591%3B%20OP575DL1%3B%20mt6768%3B%20ar_AE%3B%20766920165%29; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2F; _fbp=fb.1.1753276359883.149489876544746741; _fbc=fb.1.1753276360068.PAZXh0bgNhZW0CMTAAAaeVFfnfH8K3R7zwZY1pKTuCR__Mi2cgmLkhsa7-cfhmqShWkbwpYjrFOjsZdQ_aem_wI1YGpSRlQ0Xb1Z8oJNZ5w; tk_or=%22http%3A%2F%2Finstagram.com%2F%22; tk_r3d=%22http%3A%2F%2Finstagram.com%2F%22; tk_lr=%22http%3A%2F%2Finstagram.com%2F%22; PHPSESSID=01bj145ol29tofmsriikurucu5; woocommerce_recently_viewed=386 --c3d5b72d-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --c3d5b72d-E-- --c3d5b72d-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIDf1JJtMdVA_1kExR1MSwAAABE"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIDf1JJtMdVA_1kExR1MSwAAABE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753276372932275 2582981 (- - -) Stopwatch2: 1753276372932275 2582981; combined=25038, p1=1168, p2=23265, p3=249, p4=61, p5=295, sr=187, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c3d5b72d-Z-- --c2f36d58-A-- [23/Jul/2025:16:12:55.943930 +0300] aIDf1TSlzRK7A2fl0ti9RwAAAIg 156.217.133.186 46916 127.0.0.1 7081 --c2f36d58-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 156.217.133.186 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 679 sec-ch-ua-platform: "Android" user-agent: Mozilla/5.0 (Linux; Android 15; CPH2591 Build/AP3A.240617.008; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/138.0.7204.157 Mobile Safari/537.36 Instagram 390.0.0.43.81 Android (35/15; 360dpi; 720x1612; OPPO; CPH2591; OP575DL1; mt6768; ar_AE; 766920165) sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Android WebView";v="138" content-type: text/plain;charset=UTF-8 sec-ch-ua-mobile: ?1 accept: */* origin: https://opalparis.store x-requested-with: com.instagram.android sec-fetch-site: same-origin sec-fetch-mode: cors sec-fetch-dest: empty referer: https://opalparis.store/product/safari-chic/ accept-encoding: gzip, deflate, br, zstd accept-language: ar-AE,ar;q=0.9,en-US;q=0.8,en;q=0.7 priority: u=1, i cookie: sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2025-07-23%2013%3A12%3A38%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3Dhttp%3A%2F%2Finstagram.com%2F; sbjs_first_add=fd%3D2025-07-23%2013%3A12%3A38%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3Dhttp%3A%2F%2Finstagram.com%2F; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dinstagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dinstagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Linux%3B%20Android%2015%3B%20CPH2591%20Build%2FAP3A.240617.008%3B%20wv%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Version%2F4.0%20Chrome%2F138.0.7204.157%20Mobile%20Safari%2F537.36%20Instagram%20390.0.0.43.81%20Android%20%2835%2F15%3B%20360dpi%3B%20720x1612%3B%20OPPO%3B%20CPH2591%3B%20OP575DL1%3B%20mt6768%3B%20ar_AE%3B%20766920165%29; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2F; _fbp=fb.1.1753276359883.149489876544746741; _fbc=fb.1.1753276360068.PAZXh0bgNhZW0CMTAAAaeVFfnfH8K3R7zwZY1pKTuCR__Mi2cgmLkhsa7-cfhmqShWkbwpYjrFOjsZdQ_aem_wI1YGpSRlQ0Xb1Z8oJNZ5w; tk_or=%22http%3A%2F%2Finstagram.com%2F%22; tk_r3d=%22http%3A%2F%2Finstagram.com%2F%22; tk_lr=%22http%3A%2F%2Finstagram.com%2F%22; PHPSESSID=01bj145ol29tofmsriikurucu5; woocommerce_recently_viewed=386 --c2f36d58-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --c2f36d58-E-- --c2f36d58-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIDf1TSlzRK7A2fl0ti9RwAAAIg"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIDf1TSlzRK7A2fl0ti9RwAAAIg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753276373096916 2847217 (- - -) Stopwatch2: 1753276373096916 2847217; combined=22579, p1=970, p2=21125, p3=217, p4=34, p5=232, sr=145, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c2f36d58-Z-- --c4766d63-A-- [23/Jul/2025:16:13:58.990899 +0300] aIDgFDSlzRK7A2fl0ti96QAAAIg 156.217.133.186 41302 127.0.0.1 7081 --c4766d63-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 156.217.133.186 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 679 sec-ch-ua-platform: "Android" user-agent: Mozilla/5.0 (Linux; Android 15; CPH2591 Build/AP3A.240617.008; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/138.0.7204.157 Mobile Safari/537.36 Instagram 390.0.0.43.81 Android (35/15; 360dpi; 720x1612; OPPO; CPH2591; OP575DL1; mt6768; ar_AE; 766920165) sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Android WebView";v="138" content-type: text/plain;charset=UTF-8 sec-ch-ua-mobile: ?1 accept: */* origin: https://opalparis.store x-requested-with: com.instagram.android sec-fetch-site: same-origin sec-fetch-mode: cors sec-fetch-dest: empty referer: https://opalparis.store/product/safari-chic/ accept-encoding: gzip, deflate, br, zstd accept-language: ar-AE,ar;q=0.9,en-US;q=0.8,en;q=0.7 priority: u=1, i cookie: sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2025-07-23%2013%3A12%3A38%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3Dhttp%3A%2F%2Finstagram.com%2F; sbjs_first_add=fd%3D2025-07-23%2013%3A12%3A38%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3Dhttp%3A%2F%2Finstagram.com%2F; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dinstagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dinstagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Linux%3B%20Android%2015%3B%20CPH2591%20Build%2FAP3A.240617.008%3B%20wv%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Version%2F4.0%20Chrome%2F138.0.7204.157%20Mobile%20Safari%2F537.36%20Instagram%20390.0.0.43.81%20Android%20%2835%2F15%3B%20360dpi%3B%20720x1612%3B%20OPPO%3B%20CPH2591%3B%20OP575DL1%3B%20mt6768%3B%20ar_AE%3B%20766920165%29; _fbp=fb.1.1753276359883.149489876544746741; _fbc=fb.1.1753276360068.PAZXh0bgNhZW0CMTAAAaeVFfnfH8K3R7zwZY1pKTuCR__Mi2cgmLkhsa7-cfhmqShWkbwpYjrFOjsZdQ_aem_wI1YGpSRlQ0Xb1Z8oJNZ5w; tk_or=%22http%3A%2F%2Finstagram.com%2F%22; tk_r3d=%22http%3A%2F%2Finstagram.com%2F%22; PHPSESSID=01bj145ol29tofmsriikurucu5; woocommerce_recently_viewed=386; sbjs_session=pgs%3D2%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2F; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22 --c4766d63-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --c4766d63-E-- --c4766d63-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIDgFDSlzRK7A2fl0ti96QAAAIg"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIDgFDSlzRK7A2fl0ti96QAAAIg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753276436999761 1991448 (- - -) Stopwatch2: 1753276436999761 1991448; combined=16006, p1=1071, p2=14413, p3=270, p4=76, p5=175, sr=129, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c4766d63-Z-- --59017e6d-A-- [23/Jul/2025:16:13:59.387678 +0300] aIDgFDSlzRK7A2fl0ti96AAAAJA 156.217.133.186 41284 127.0.0.1 7081 --59017e6d-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 156.217.133.186 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 679 sec-ch-ua-platform: "Android" user-agent: Mozilla/5.0 (Linux; Android 15; CPH2591 Build/AP3A.240617.008; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/138.0.7204.157 Mobile Safari/537.36 Instagram 390.0.0.43.81 Android (35/15; 360dpi; 720x1612; OPPO; CPH2591; OP575DL1; mt6768; ar_AE; 766920165) sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Android WebView";v="138" content-type: text/plain;charset=UTF-8 sec-ch-ua-mobile: ?1 accept: */* origin: https://opalparis.store x-requested-with: com.instagram.android sec-fetch-site: same-origin sec-fetch-mode: cors sec-fetch-dest: empty referer: https://opalparis.store/product/safari-chic/ accept-encoding: gzip, deflate, br, zstd accept-language: ar-AE,ar;q=0.9,en-US;q=0.8,en;q=0.7 priority: u=1, i cookie: sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2025-07-23%2013%3A12%3A38%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3Dhttp%3A%2F%2Finstagram.com%2F; sbjs_first_add=fd%3D2025-07-23%2013%3A12%3A38%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%7C%7C%7Crf%3Dhttp%3A%2F%2Finstagram.com%2F; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dinstagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dinstagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Linux%3B%20Android%2015%3B%20CPH2591%20Build%2FAP3A.240617.008%3B%20wv%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Version%2F4.0%20Chrome%2F138.0.7204.157%20Mobile%20Safari%2F537.36%20Instagram%20390.0.0.43.81%20Android%20%2835%2F15%3B%20360dpi%3B%20720x1612%3B%20OPPO%3B%20CPH2591%3B%20OP575DL1%3B%20mt6768%3B%20ar_AE%3B%20766920165%29; _fbp=fb.1.1753276359883.149489876544746741; _fbc=fb.1.1753276360068.PAZXh0bgNhZW0CMTAAAaeVFfnfH8K3R7zwZY1pKTuCR__Mi2cgmLkhsa7-cfhmqShWkbwpYjrFOjsZdQ_aem_wI1YGpSRlQ0Xb1Z8oJNZ5w; tk_or=%22http%3A%2F%2Finstagram.com%2F%22; tk_r3d=%22http%3A%2F%2Finstagram.com%2F%22; PHPSESSID=01bj145ol29tofmsriikurucu5; woocommerce_recently_viewed=386; sbjs_session=pgs%3D2%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2F; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22 --59017e6d-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --59017e6d-E-- --59017e6d-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIDgFDSlzRK7A2fl0ti96AAAAJA"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIDgFDSlzRK7A2fl0ti96AAAAJA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753276436960051 2427827 (- - -) Stopwatch2: 1753276436960051 2427827; combined=19583, p1=902, p2=18067, p3=346, p4=51, p5=216, sr=174, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --59017e6d-Z-- --1728a16f-A-- [23/Jul/2025:16:16:45.023351 +0300] aIDgvTSlzRK7A2fl0ti_9AAAAIQ 103.115.164.181 42494 127.0.0.1 7081 --1728a16f-B-- GET /.env HTTP/1.0 Host: jac.group X-Real-IP: 103.115.164.181 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:83.0) Gecko/20100101 Firefox/83.0 Accept-Encoding: gzip, deflate Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Upgrade-Insecure-Requests: 1 --1728a16f-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --1728a16f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jac.group"] [uri "/.env"] [unique_id "aIDgvTSlzRK7A2fl0ti_9AAAAIQ"] Stopwatch: 1753276605005163 18984 (- - -) Stopwatch2: 1753276605005163 18984; combined=7351, p1=778, p2=5568, p3=0, p4=0, p5=1005, sr=172, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1728a16f-Z-- --84d8ad42-A-- [23/Jul/2025:16:17:45.481821 +0300] aIDg9zfVyTqsOoOtZ6CA8QAAANQ 197.45.37.109 57038 127.0.0.1 7081 --84d8ad42-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 197.45.37.109 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 801 sec-ch-ua-platform: "Android" user-agent: Mozilla/5.0 (Linux; Android 11; CPH2059 Build/RKQ1.200903.002; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/138.0.7204.150 Mobile Safari/537.36 Instagram 389.0.0.49.87 Android (30/11; 408dpi; 1080x2290; OPPO; CPH2059; OP4C72L1; qcom; en_US; 763654535) sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Android WebView";v="138" content-type: text/plain;charset=UTF-8 sec-ch-ua-mobile: ?1 accept: */* origin: https://opalparis.store x-requested-with: com.instagram.android sec-fetch-site: same-origin sec-fetch-mode: cors sec-fetch-dest: empty referer: https://opalparis.store/product-category/home-wear/ accept-encoding: gzip, deflate, br, zstd accept-language: en-GB,en;q=0.9,tr-TR;q=0.8,tr;q=0.7,en-US;q=0.6,ar-EG;q=0.5,ar;q=0.4,ru-RU;q=0.3,ru;q=0.2,id-ID;q=0.1,id;q=0.1 priority: u=1, i cookie: sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2025-07-23%2013%3A17%3A32%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAacmWxEyTWOYXGodSAJizuWjcRHD7sqAgw7C7SGhGMD8jmAU2retRt7Zhr-Z9A_aem_8dq9mWZsxikDdBMxZ-kP4A%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first_add=fd%3D2025-07-23%2013%3A17%3A32%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAacmWxEyTWOYXGodSAJizuWjcRHD7sqAgw7C7SGhGMD8jmAU2retRt7Zhr-Z9A_aem_8dq9mWZsxikDdBMxZ-kP4A%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Linux%3B%20Android%2011%3B%20CPH2059%20Build%2FRKQ1.200903.002%3B%20wv%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Version%2F4.0%20Chrome%2F138.0.7204.150%20Mobile%20Safari%2F537.36%20Instagram%20389.0.0.49.87%20Android%20%2830%2F11%3B%20408dpi%3B%201080x2290%3B%20OPPO%3B%20CPH2059%3B%20OP4C72L1%3B%20qcom%3B%20en_US%3B%20763654535%29; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAacmWxEyTWOYXGodSAJizuWjcRHD7sqAgw7C7SGhGMD8jmAU2retRt7Zhr-Z9A_aem_8dq9mWZsxikDdBMxZ-kP4A; _fbc=fb.1.1753276652124.PAZXh0bgNhZW0CMTEAAacmWxEyTWOYXGodSAJizuWjcRHD7sqAgw7C7SGhGMD8jmAU2retRt7Zhr-Z9A_aem_8dq9mWZsxikDdBMxZ-kP4A; _fbp=fb.1.1753276652272.165128696843465883; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22 --84d8ad42-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Set-Cookie: PHPSESSID=cqgr5246595hqoeoc2vid4jcci; expires=Tue, 21 Oct 2025 13:17:45 GMT; Max-Age=7776000; path=/; domain=opalparis.store; HttpOnly; SameSite=lax Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --84d8ad42-E-- --84d8ad42-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIDg9zfVyTqsOoOtZ6CA8QAAANQ"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIDg9zfVyTqsOoOtZ6CA8QAAANQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753276663368171 2113863 (- - -) Stopwatch2: 1753276663368171 2113863; combined=16415, p1=796, p2=15144, p3=216, p4=57, p5=201, sr=149, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --84d8ad42-Z-- --d5975b79-A-- [23/Jul/2025:16:20:02.936446 +0300] aIDhgjSlzRK7A2fl0tjCXgAAAI8 3.12.146.27 33232 127.0.0.1 7081 --d5975b79-B-- GET /.git/config HTTP/1.0 Host: host.raqmix.cloud X-Real-IP: 3.12.146.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --d5975b79-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --d5975b79-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "host.raqmix.cloud"] [uri "/.git/config"] [unique_id "aIDhgjSlzRK7A2fl0tjCXgAAAI8"] Stopwatch: 1753276802920621 15985 (- - -) Stopwatch2: 1753276802920621 15985; combined=3851, p1=766, p2=2961, p3=0, p4=0, p5=123, sr=168, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d5975b79-Z-- --cc79cd38-A-- [23/Jul/2025:16:28:06.918757 +0300] aIDjZjfVyTqsOoOtZ6CRawAAANA 196.251.114.43 55638 127.0.0.1 7081 --cc79cd38-B-- GET /.git/HEAD HTTP/1.0 Host: 41.128.143.88 X-Real-IP: 196.251.114.43 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 8.1.0; SM-G610M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --cc79cd38-F-- HTTP/1.1 421 Misdirected Request Content-Length: 386 Connection: close Content-Type: text/html; charset=iso-8859-1 --cc79cd38-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.88"] [uri "/.git/HEAD"] [unique_id "aIDjZjfVyTqsOoOtZ6CRawAAANA"] Apache-Error: [file "ssl_engine_kernel.c"] [line 325] [level 3] AH02032: Hostname default-41_128_143_86 (default host as no SNI was provided) and hostname 41.128.143.88 provided via HTTP have no compatible SSL setup Stopwatch: 1753277286917364 1483 (- - -) Stopwatch2: 1753277286917364 1483; combined=836, p1=618, p2=0, p3=34, p4=43, p5=140, sr=184, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cc79cd38-Z-- --a6c0e769-A-- [23/Jul/2025:16:34:14.559259 +0300] aIDk1jfVyTqsOoOtZ6CZ_AAAAMo 77.90.153.170 56700 127.0.0.1 7081 --a6c0e769-B-- GET /.git/config HTTP/1.0 Host: host.raqmix.cloud X-Real-IP: 77.90.153.170 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --a6c0e769-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --a6c0e769-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "host.raqmix.cloud"] [uri "/.git/config"] [unique_id "aIDk1jfVyTqsOoOtZ6CZ_AAAAMo"] Stopwatch: 1753277654550120 9277 (- - -) Stopwatch2: 1753277654550120 9277; combined=6387, p1=521, p2=5784, p3=0, p4=0, p5=82, sr=149, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a6c0e769-Z-- --7eb01e41-A-- [23/Jul/2025:16:49:35.787319 +0300] aIDobzfVyTqsOoOtZ6CwvwAAANg 3.12.146.27 37624 127.0.0.1 7081 --7eb01e41-B-- GET /.git/config HTTP/1.0 Host: menacore.net X-Real-IP: 3.12.146.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Symbian/3; Series60/5.2 NokiaC6-01/011.010; Profile/MIDP-2.1 Configuration/CLDC-1.1 ) AppleWebKit/525 (KHTML, like Gecko) Version/3.0 BrowserNG/7.2.7.2 3gpp-gba Accept-Charset: utf-8 Accept-Encoding: gzip --7eb01e41-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.29 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: csrf_cookie_name=db3fa2f165f27feb7966c52656f475fa; expires=Wed, 23 Jul 2025 14:50:35 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Set-Cookie: sp_session=md1mbbltolaq53ima8789o6eq4hbe88a; expires=Wed, 23 Jul 2025 21:49:35 GMT; Max-Age=28800; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=utf-8 --7eb01e41-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "menacore.net"] [uri "/.git/config"] [unique_id "aIDobzfVyTqsOoOtZ6CwvwAAANg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/menacore.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753278575618420 169010 (- - -) Stopwatch2: 1753278575618420 169010; combined=2750, p1=582, p2=2072, p3=0, p4=0, p5=96, sr=169, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7eb01e41-Z-- --1eba7869-A-- [23/Jul/2025:17:03:41.449085 +0300] aIDrvTfVyTqsOoOtZ6DGUQAAAMc 195.178.110.161 44590 127.0.0.1 7081 --1eba7869-B-- GET /.env HTTP/1.0 Host: en.verozone.md X-Real-IP: 195.178.110.161 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --1eba7869-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 6514 Content-Type: text/html; charset=UTF-8 --1eba7869-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "en.verozone.md"] [uri "/.env"] [unique_id "aIDrvTfVyTqsOoOtZ6DGUQAAAMc"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Deprecated: Optional parameter $level declared before required parameter $message is implicitly treated as a required parameter in /var/www/vhosts/verozone.md/en.verozone.md/system/core/Common.php on line 350' Apache-Handler: proxy:unix:/var/www/vhosts/system/en.verozone.md/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753279421402071 47135 (- - -) Stopwatch2: 1753279421402071 47135; combined=2776, p1=622, p2=2033, p3=0, p4=0, p5=121, sr=172, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1eba7869-Z-- --988d4a1c-A-- [23/Jul/2025:17:03:42.014561 +0300] aIDrvTfVyTqsOoOtZ6DGVAAAANg 195.178.110.161 44642 127.0.0.1 7081 --988d4a1c-B-- GET /.env.save HTTP/1.0 Host: en.verozone.md X-Real-IP: 195.178.110.161 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --988d4a1c-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 6514 Content-Type: text/html; charset=UTF-8 --988d4a1c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "en.verozone.md"] [uri "/.env.save"] [unique_id "aIDrvTfVyTqsOoOtZ6DGVAAAANg"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Deprecated: Optional parameter $level declared before required parameter $message is implicitly treated as a required parameter in /var/www/vhosts/verozone.md/en.verozone.md/system/core/Common.php on line 350' Apache-Handler: proxy:unix:/var/www/vhosts/system/en.verozone.md/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753279421973901 40779 (- - -) Stopwatch2: 1753279421973901 40779; combined=3034, p1=698, p2=2204, p3=0, p4=0, p5=132, sr=274, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --988d4a1c-Z-- --3f9ab54f-A-- [23/Jul/2025:17:03:42.663098 +0300] aIDrvjfVyTqsOoOtZ6DGWwAAANc 195.178.110.161 44712 127.0.0.1 7081 --3f9ab54f-B-- GET /.env.prod HTTP/1.0 Host: en.verozone.md X-Real-IP: 195.178.110.161 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --3f9ab54f-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 6514 Content-Type: text/html; charset=UTF-8 --3f9ab54f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "en.verozone.md"] [uri "/.env.prod"] [unique_id "aIDrvjfVyTqsOoOtZ6DGWwAAANc"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Deprecated: Optional parameter $level declared before required parameter $message is implicitly treated as a required parameter in /var/www/vhosts/verozone.md/en.verozone.md/system/core/Common.php on line 350' Apache-Handler: proxy:unix:/var/www/vhosts/system/en.verozone.md/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753279422626046 37183 (- - -) Stopwatch2: 1753279422626046 37183; combined=3047, p1=610, p2=2276, p3=0, p4=0, p5=161, sr=172, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3f9ab54f-Z-- --d1a2414b-A-- [23/Jul/2025:17:03:43.030035 +0300] aIDrvpJtMdVA_1kExR1c_gAAAAE 195.178.110.161 52168 127.0.0.1 7081 --d1a2414b-B-- GET /api/.env HTTP/1.0 Host: en.verozone.md X-Real-IP: 195.178.110.161 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --d1a2414b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 6514 Content-Type: text/html; charset=UTF-8 --d1a2414b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "en.verozone.md"] [uri "/api/.env"] [unique_id "aIDrvpJtMdVA_1kExR1c_gAAAAE"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Deprecated: Optional parameter $level declared before required parameter $message is implicitly treated as a required parameter in /var/www/vhosts/verozone.md/en.verozone.md/system/core/Common.php on line 350' Apache-Handler: proxy:unix:/var/www/vhosts/system/en.verozone.md/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753279422995662 34471 (- - -) Stopwatch2: 1753279422995662 34471; combined=2366, p1=446, p2=1785, p3=0, p4=0, p5=134, sr=126, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d1a2414b-Z-- --a9e6ea47-A-- [23/Jul/2025:17:03:43.325905 +0300] aIDrvzfVyTqsOoOtZ6DGYQAAAMA 195.178.110.161 52204 127.0.0.1 7081 --a9e6ea47-B-- GET /dev/.env HTTP/1.0 Host: en.verozone.md X-Real-IP: 195.178.110.161 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --a9e6ea47-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 6514 Content-Type: text/html; charset=UTF-8 --a9e6ea47-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "en.verozone.md"] [uri "/dev/.env"] [unique_id "aIDrvzfVyTqsOoOtZ6DGYQAAAMA"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Deprecated: Optional parameter $level declared before required parameter $message is implicitly treated as a required parameter in /var/www/vhosts/verozone.md/en.verozone.md/system/core/Common.php on line 350' Apache-Handler: proxy:unix:/var/www/vhosts/system/en.verozone.md/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753279423291675 34373 (- - -) Stopwatch2: 1753279423291675 34373; combined=2503, p1=513, p2=1806, p3=0, p4=0, p5=183, sr=139, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a9e6ea47-Z-- --1f355146-A-- [23/Jul/2025:17:03:43.739479 +0300] aIDrvzfVyTqsOoOtZ6DGaAAAANg 195.178.110.161 52262 127.0.0.1 7081 --1f355146-B-- GET /application/.env HTTP/1.0 Host: en.verozone.md X-Real-IP: 195.178.110.161 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --1f355146-F-- HTTP/1.1 403 Forbidden Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 17:54:09 GMT ETag: "3be-4fee006ea7240" Accept-Ranges: bytes Content-Length: 958 Content-Type: text/html --1f355146-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "en.verozone.md"] [uri "/application/.env"] [unique_id "aIDrvzfVyTqsOoOtZ6DGaAAAANg"] Apache-Error: [file "mod_access_compat.c"] [line 350] [level 3] AH01797: client denied by server configuration: /var/www/vhosts/verozone.md/en.verozone.md/application/.env Stopwatch: 1753279423719725 19901 (- - -) Stopwatch2: 1753279423719725 19901; combined=713, p1=565, p2=0, p3=0, p4=0, p5=148, sr=132, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1f355146-Z-- --827d3c40-A-- [23/Jul/2025:17:13:49.670495 +0300] aIDuHTfVyTqsOoOtZ6DWvAAAANA 93.152.210.169 43310 127.0.0.1 7081 --827d3c40-B-- GET /.env HTTP/1.0 Host: web.raqmix.net X-Real-IP: 93.152.210.169 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 9; ASUS_I005DA Build/PI; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/133.0.6943.122 Mobile Accept: */* Accept-Encoding: gzip --827d3c40-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Set-Cookie: XSRF-TOKEN=eyJpdiI6Ii9iQzh4YTZXYStnbm1UNXd6c1UyRkE9PSIsInZhbHVlIjoiU2hoWmZqS1hKNk5yVldoZUpDMHRCSlFPYlhVQ25yU1hkYVYwS2lXaW9qamcwWTRrVXNidGdoZUlCY0RkVmZtY3V2dXc5STEwekNEOGR3TU5wWkZaMzFVOU9tRkgxRDlDRnViS3BvWUZ0eVExUS9pZWJHOE85SlRlNGJPeTlEOGQiLCJtYWMiOiI5ZWFkZjk3M2IzNjkxMDBhZDBkMmJiZGRiMTlmY2QxNGMzODhiNTAzMzc2MDQxMWVmYjk4MThjOTliY2Y5MDU3IiwidGFnIjoiIn0%3D; expires=Wed, 23 Jul 2025 16:13:49 GMT; Max-Age=7200; path=/ Set-Cookie: raqweb_session=eyJpdiI6InBMc1VOOU9nU3FrOC8xSGROU2JVcmc9PSIsInZhbHVlIjoiWFJ2RXlJTWwwd2RpdWJWVjZONDZodjIyOVFpa1h4bVpGbzNVM2t3WkpuQm9qb2RpNDV2ZzVtUG9UYzRFSjZNZjRlUXgybFkvVHFTSlQxZ0ZZKzYyRDFEVUVDZUpFMWU3TFN0REt4QzBpQ2xNWGJMd0QvcHYvRnZ0bGh2MzZsSGMiLCJtYWMiOiI3YTU1MTk3YmUwMzgzYjk2Y2FjYjY0MGMwNzhmYWM2MDM0YzUzNTE3NDM0NDRjZGY4ZmIyZTIzOTdlNmI5NzA3IiwidGFnIjoiIn0%3D; expires=Wed, 23 Jul 2025 16:13:49 GMT; Max-Age=7200; path=/; httponly Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --827d3c40-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web.raqmix.net"] [uri "/.env"] [unique_id "aIDuHTfVyTqsOoOtZ6DWvAAAANA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/web.raqmix.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753280029534184 136542 (- - -) Stopwatch2: 1753280029534184 136542; combined=8893, p1=6906, p2=1863, p3=0, p4=0, p5=123, sr=217, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --827d3c40-Z-- --6c675516-A-- [23/Jul/2025:17:24:32.467619 +0300] aIDwmjfVyTqsOoOtZ6Do2QAAANU 94.187.23.207 38094 127.0.0.1 7081 --6c675516-B-- GET /faculty/onlineClasses.php?code=4/0AVMBsJij37f7_crFEv1WVzJyBsBrQPAtyAkY-HgJKfHBPorZpSvDLDDCxFm3KWCcQn663w&scope=email%20profile%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/gmail.readonly%20https://www.googleapis.com/auth/calendar.readonly%20https://www.googleapis.com/auth/classroom.courses.readonly%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 94.187.23.207 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=csm4ifeu0sluist68v4427kk47 --6c675516-F-- HTTP/1.1 200 OK Expires: Mon, 16 Jul 1981 05:00:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 7872 Content-Type: text/html; charset=UTF-8 --6c675516-E-- --6c675516-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/gmail.readonly https:/www.googleapis.com/auth/calendar.readonly https:/www.googleapis.com/auth/classroom.courses.readonly https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/gmail.readonly https:/www.googleapis.com/auth/calendar.readonly https:/www.googleapis.com/auth/classroom.courses.readonly https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/faculty/onlineClasses.php"] [unique_id "aIDwmjfVyTqsOoOtZ6Do2QAAANU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753280666750749 5717066 (- - -) Stopwatch2: 1753280666750749 5717066; combined=8302, p1=730, p2=7216, p3=143, p4=70, p5=143, sr=175, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6c675516-Z-- --2596dc61-A-- [23/Jul/2025:17:30:56.818711 +0300] aIDyIDSlzRK7A2fl0tjzfwAAAJg 77.90.153.170 40624 127.0.0.1 7081 --2596dc61-B-- GET /.git/config HTTP/1.0 Host: menacore.net X-Real-IP: 77.90.153.170 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 9; SM-G973F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.89 Mobile Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --2596dc61-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.29 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: csrf_cookie_name=cf809366e6e14e474382d5fce290cd3d; expires=Wed, 23 Jul 2025 15:31:56 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Set-Cookie: sp_session=jotoaspccldj064atretpimkbtl57ob3; expires=Wed, 23 Jul 2025 22:30:56 GMT; Max-Age=28800; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=utf-8 --2596dc61-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "menacore.net"] [uri "/.git/config"] [unique_id "aIDyIDSlzRK7A2fl0tjzfwAAAJg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/menacore.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753281056645759 173086 (- - -) Stopwatch2: 1753281056645759 173086; combined=2991, p1=612, p2=2204, p3=0, p4=0, p5=175, sr=154, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2596dc61-Z-- --4f70d22f-A-- [23/Jul/2025:17:33:20.587647 +0300] aIDysDSlzRK7A2fl0tj1ZAAAAIc 3.12.146.27 45672 127.0.0.1 7081 --4f70d22f-B-- GET /.git/config HTTP/1.0 Host: soor.raqmix.cloud X-Real-IP: 3.12.146.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 YaBrowser/19.6.0.1583 Yowser/2.5 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --4f70d22f-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --4f70d22f-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "soor.raqmix.cloud"] [uri "/.git/config"] [unique_id "aIDysDSlzRK7A2fl0tj1ZAAAAIc"] Stopwatch: 1753281200582182 5584 (- - -) Stopwatch2: 1753281200582182 5584; combined=3447, p1=551, p2=2781, p3=0, p4=0, p5=114, sr=137, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4f70d22f-Z-- --d884e17b-A-- [23/Jul/2025:17:36:03.808136 +0300] aIDzUzfVyTqsOoOtZ6D70wAAANQ 78.40.176.204 40702 127.0.0.1 7081 --d884e17b-B-- GET /administration/index.php?code=4/0AVMBsJgPJe8kW3qIQOnCr0YZ_DOdzvn4llpNeZR82k8n5WpMcT3l9pwX75jGPalFbYQ6gw&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=1&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 78.40.176.204 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?1 sec-ch-ua-platform: "Android" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Mobile Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9,ar;q=0.8,tr;q=0.7 priority: u=0, i cookie: PHPSESSID=5fflh49digkdam8pek91ft2a54 --d884e17b-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --d884e17b-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIDzUzfVyTqsOoOtZ6D70wAAANQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753281363351691 456669 (- - -) Stopwatch2: 1753281363351691 456669; combined=6473, p1=715, p2=5406, p3=133, p4=60, p5=159, sr=184, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d884e17b-Z-- --bfbd2201-A-- [23/Jul/2025:17:41:30.352412 +0300] aID0mn6zR-fOy7Xs3z_5VAAAABA 3.12.146.27 53014 127.0.0.1 7081 --bfbd2201-B-- GET /.git/config HTTP/1.0 Host: test.jinansystem.com X-Real-IP: 3.12.146.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows Phone 8.1; ARM; Trident/7.0; Touch; rv:11.0; IEMobile/11.0; NOKIA; Lumia 530) like Gecko Accept-Charset: utf-8 Accept-Encoding: gzip --bfbd2201-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --bfbd2201-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.jinansystem.com"] [uri "/.git/config"] [unique_id "aID0mn6zR-fOy7Xs3z_5VAAAABA"] Stopwatch: 1753281690344868 7702 (- - -) Stopwatch2: 1753281690344868 7702; combined=5073, p1=818, p2=4128, p3=0, p4=0, p5=126, sr=187, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bfbd2201-Z-- --ae2cc61d-A-- [23/Jul/2025:17:42:08.025548 +0300] aID0wNOE1mnnEZNZOMVMLgAAAMQ 103.115.164.181 43274 127.0.0.1 7081 --ae2cc61d-B-- GET /.env HTTP/1.0 Host: www.jac.group X-Real-IP: 103.115.164.181 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:83.0) Gecko/20100101 Firefox/83.0 Accept-Encoding: gzip, deflate Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Upgrade-Insecure-Requests: 1 --ae2cc61d-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --ae2cc61d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jac.group"] [uri "/.env"] [unique_id "aID0wNOE1mnnEZNZOMVMLgAAAMQ"] Stopwatch: 1753281728020741 4965 (- - -) Stopwatch2: 1753281728020741 4965; combined=2985, p1=674, p2=2119, p3=0, p4=0, p5=192, sr=148, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ae2cc61d-Z-- --256c0d20-A-- [23/Jul/2025:17:51:01.436822 +0300] aID21X6zR-fOy7Xs3z8BlgAAAAg 3.12.146.27 44196 127.0.0.1 7081 --256c0d20-B-- GET /.git/config HTTP/1.0 Host: vivacetrading.com X-Real-IP: 3.12.146.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3 like Mac OS X; de-de) AppleWebKit/533.17.9 (KHTML, like Gecko) Mobile/8F190 Accept-Charset: utf-8 Accept-Encoding: gzip --256c0d20-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 586 Content-Type: text/html; charset=UTF-8 --256c0d20-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vivacetrading.com"] [uri "/.git/config"] [unique_id "aID21X6zR-fOy7Xs3z8BlgAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753282261406056 30853 (- - -) Stopwatch2: 1753282261406056 30853; combined=3540, p1=693, p2=2680, p3=0, p4=0, p5=167, sr=207, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --256c0d20-Z-- --12170042-A-- [23/Jul/2025:17:55:16.067073 +0300] aID30dOE1mnnEZNZOMVlLgAAANI 102.185.164.175 40416 127.0.0.1 7081 --12170042-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 102.185.164.175 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 774 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 387.0.0.24.91 (iPhone14,5; iOS 18_5; en_US; en; scale=3.00; 1170x2532; 755087652; IABMV/1) referer: https://opalparis.store/?fbclid=PAZXh0bgNhZW0CMTEAAaemq10UyRtH6G2E0z7VM2-QhXi3UJ7-hjns-Z7sa2p99XCkTQOfQEhnoHOTAA_aem_95kOYKtwDmECRSaOEy7FJw sec-fetch-dest: empty cookie: _fbc=fb.1.1753282513834.PAZXh0bgNhZW0CMTEAAaemq10UyRtH6G2E0z7VM2-QhXi3UJ7-hjns-Z7sa2p99XCkTQOfQEhnoHOTAA_aem_95kOYKtwDmECRSaOEy7FJw; _fbp=fb.1.1753282513841.231877684976033795 --12170042-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Set-Cookie: PHPSESSID=7ucpooldaohtgk2rc20g6r0ch0; expires=Tue, 21 Oct 2025 14:55:15 GMT; Max-Age=7776000; path=/; domain=opalparis.store; HttpOnly; SameSite=lax Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --12170042-E-- --12170042-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aID30dOE1mnnEZNZOMVlLgAAANI"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aID30dOE1mnnEZNZOMVlLgAAANI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753282513988828 2078447 (- - -) Stopwatch2: 1753282513988828 2078447; combined=4748, p1=790, p2=3506, p3=179, p4=41, p5=232, sr=258, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --12170042-Z-- --5d4d303b-A-- [23/Jul/2025:17:55:31.734911 +0300] aID34dOE1mnnEZNZOMVl4QAAANA 102.185.164.175 53908 127.0.0.1 7081 --5d4d303b-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 102.185.164.175 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 800 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 387.0.0.24.91 (iPhone14,5; iOS 18_5; en_US; en; scale=3.00; 1170x2532; 755087652; IABMV/1) referer: https://opalparis.store/product-category/lingerie/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753282513834.PAZXh0bgNhZW0CMTEAAaemq10UyRtH6G2E0z7VM2-QhXi3UJ7-hjns-Z7sa2p99XCkTQOfQEhnoHOTAA_aem_95kOYKtwDmECRSaOEy7FJw; _fbp=fb.1.1753282513841.231877684976033795; sbjs_session=pgs%3D2%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Flingerie%2F; PHPSESSID=7ucpooldaohtgk2rc20g6r0ch0; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2014%3A55%3A16%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaemq10UyRtH6G2E0z7VM2-QhXi3UJ7-hjns-Z7sa2p99XCkTQOfQEhnoHOTAA_aem_95kOYKtwDmECRSaOEy7FJw%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2014%3A55%3A16%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaemq10UyRtH6G2E0z7VM2-QhXi3UJ7-hjns-Z7sa2p99XCkTQOfQEhnoHOTAA_aem_95kOYKtwDmECRSaOEy7FJw%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_migrations=1418474375998%3D1; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20387.0.0.24.91%20%28iPhone14%2C5%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201170x2532%3B%20755087652%3B%20IABMV%2F1%29 --5d4d303b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --5d4d303b-E-- --5d4d303b-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aID34dOE1mnnEZNZOMVl4QAAANA"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aID34dOE1mnnEZNZOMVl4QAAANA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753282529620157 2115648 (- - -) Stopwatch2: 1753282529620157 2115648; combined=13233, p1=876, p2=11684, p3=321, p4=71, p5=280, sr=165, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5d4d303b-Z-- --ef16613e-A-- [23/Jul/2025:17:55:46.762369 +0300] aID38H6zR-fOy7Xs3z8FiAAAABU 102.185.164.175 41770 127.0.0.1 7081 --ef16613e-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 102.185.164.175 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 1141 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 387.0.0.24.91 (iPhone14,5; iOS 18_5; en_US; en; scale=3.00; 1170x2532; 755087652; IABMV/1) referer: https://opalparis.store/product/velora/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753282513834.PAZXh0bgNhZW0CMTEAAaemq10UyRtH6G2E0z7VM2-QhXi3UJ7-hjns-Z7sa2p99XCkTQOfQEhnoHOTAA_aem_95kOYKtwDmECRSaOEy7FJw; _fbp=fb.1.1753282513841.231877684976033795; tk_ai=mIT%2B860J%2FLRTPBwF3Z4kTdcf; tk_qs=session_id%3D%26blog_id%3D245943483%26store_id%3D08cc8d12-0c1d-42f3-8519-7c52fd206c9a%26ui%3D%26url%3Dhttps%253A%252F%252Fopalparis.store%26landing_page%3D%26woo_version%3D9.9.5%26wp_version%3D6.8.1%26store_admin%3D0%26device%3Dmobile%26template_used%3D0%26additional_blocks_on_cart_page%3D%26additional_blocks_on_checkout_page%3D%26store_currency%3DEGP%26timezone%3D%252B00%253A00%26is_guest%3D1%26order_value%3D0%26order_total%3D0%26total_tax%3D0%26total_discount%3D0%26total_shipping%3D0%26products_count%3D0%26cart_page_contains_cart_block%3D1%26cart_page_contains_cart_shortcode%3D0%26checkout_page_contains_checkout_block%3D1%26checkout_page_contains_checkout_shortcode%3D0%26pi%3D601%26pn%3DVelora%26pc%3DLingerie%252FSlips%26pp%3D1600%26pt%3Dvariable%26lr%3Dhttps%253A%252F%252Fl.instagram.com%252F%26or%3Dhttps%253A%252F%252Fl.instagram.com%252F%26r3d%3Dhttps%253A%252F%252Fl.instagram.com%252F%26_en%3Dwoocommerceanalytics_product_view%26_ui%3DmIT%252B860J%252FLRTPBwF3Z4kTdcf%26_ut%3Danon%26_ts%3D1753282544478%26_tz%3D-3%26_lg%3Den-GB%26_pf%3DiPhone%26_ht%3D844%26_wd%3D390%26_sx%3D0%26_sy%3D0%26_dl%3Dhttps%253A%252F%252Fopalparis.store%252Fproduct%252Fvelora%252F%26_dr%3Dhttps%253A%252F%252Fopalparis.store%252Fproduct-category%252Flingerie%252F; sbjs_session=pgs%3D3%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct%2Fvelora%2F; woocommerce_recently_viewed=601; PHPSESSID=7ucpooldaohtgk2rc20g6r0ch0; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2014%3A55%3A16%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaemq10UyRtH6G2E0z7VM2-QhXi3UJ7-hjns-Z7sa2p99XCkTQOfQEhnoHOTAA_aem_95kOYKtwDmECRSaOEy7FJw%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2014%3A55%3A16%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaemq10UyRtH6G2E0z7VM2-QhXi3UJ7-hjns-Z7sa2p99XCkTQOfQEhnoHOTAA_aem_95kOYKtwDmECRSaOEy7FJw%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_migrations=1418474375998%3D1; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20387.0.0.24.91%20%28iPhone14%2C5%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201170x2532%3B%20755087652%3B%20IABMV%2F1%29 --ef16613e-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --ef16613e-E-- --ef16613e-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aID38H6zR-fOy7Xs3z8FiAAAABU"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aID38H6zR-fOy7Xs3z8FiAAAABU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753282544653728 2108815 (- - -) Stopwatch2: 1753282544653728 2108815; combined=16953, p1=930, p2=15571, p3=215, p4=36, p5=201, sr=232, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ef16613e-Z-- --8af5ae16-A-- [23/Jul/2025:17:55:47.185438 +0300] aID38NOE1mnnEZNZOMVmpQAAANQ 102.185.164.175 41756 127.0.0.1 7081 --8af5ae16-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 102.185.164.175 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 828 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 387.0.0.24.91 (iPhone14,5; iOS 18_5; en_US; en; scale=3.00; 1170x2532; 755087652; IABMV/1) referer: https://opalparis.store/product/velora/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753282513834.PAZXh0bgNhZW0CMTEAAaemq10UyRtH6G2E0z7VM2-QhXi3UJ7-hjns-Z7sa2p99XCkTQOfQEhnoHOTAA_aem_95kOYKtwDmECRSaOEy7FJw; _fbp=fb.1.1753282513841.231877684976033795; tk_ai=mIT%2B860J%2FLRTPBwF3Z4kTdcf; tk_qs=session_id%3D%26blog_id%3D245943483%26store_id%3D08cc8d12-0c1d-42f3-8519-7c52fd206c9a%26ui%3D%26url%3Dhttps%253A%252F%252Fopalparis.store%26landing_page%3D%26woo_version%3D9.9.5%26wp_version%3D6.8.1%26store_admin%3D0%26device%3Dmobile%26template_used%3D0%26additional_blocks_on_cart_page%3D%26additional_blocks_on_checkout_page%3D%26store_currency%3DEGP%26timezone%3D%252B00%253A00%26is_guest%3D1%26order_value%3D0%26order_total%3D0%26total_tax%3D0%26total_discount%3D0%26total_shipping%3D0%26products_count%3D0%26cart_page_contains_cart_block%3D1%26cart_page_contains_cart_shortcode%3D0%26checkout_page_contains_checkout_block%3D1%26checkout_page_contains_checkout_shortcode%3D0%26pi%3D601%26pn%3DVelora%26pc%3DLingerie%252FSlips%26pp%3D1600%26pt%3Dvariable%26lr%3Dhttps%253A%252F%252Fl.instagram.com%252F%26or%3Dhttps%253A%252F%252Fl.instagram.com%252F%26r3d%3Dhttps%253A%252F%252Fl.instagram.com%252F%26_en%3Dwoocommerceanalytics_product_view%26_ui%3DmIT%252B860J%252FLRTPBwF3Z4kTdcf%26_ut%3Danon%26_ts%3D1753282544478%26_tz%3D-3%26_lg%3Den-GB%26_pf%3DiPhone%26_ht%3D844%26_wd%3D390%26_sx%3D0%26_sy%3D0%26_dl%3Dhttps%253A%252F%252Fopalparis.store%252Fproduct%252Fvelora%252F%26_dr%3Dhttps%253A%252F%252Fopalparis.store%252Fproduct-category%252Flingerie%252F; sbjs_session=pgs%3D3%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct%2Fvelora%2F; woocommerce_recently_viewed=601; PHPSESSID=7ucpooldaohtgk2rc20g6r0ch0; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2014%3A55%3A16%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaemq10UyRtH6G2E0z7VM2-QhXi3UJ7-hjns-Z7sa2p99XCkTQOfQEhnoHOTAA_aem_95kOYKtwDmECRSaOEy7FJw%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2014%3A55%3A16%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaemq10UyRtH6G2E0z7VM2-QhXi3UJ7-hjns-Z7sa2p99XCkTQOfQEhnoHOTAA_aem_95kOYKtwDmECRSaOEy7FJw%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_migrations=1418474375998%3D1; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20387.0.0.24.91%20%28iPhone14%2C5%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201170x2532%3B%20755087652%3B%20IABMV%2F1%29 --8af5ae16-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --8af5ae16-E-- --8af5ae16-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aID38NOE1mnnEZNZOMVmpQAAANQ"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aID38NOE1mnnEZNZOMVmpQAAANQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753282544651801 2533847 (- - -) Stopwatch2: 1753282544651801 2533847; combined=19556, p1=1087, p2=17985, p3=219, p4=40, p5=224, sr=168, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8af5ae16-Z-- --a8b10d58-A-- [23/Jul/2025:17:58:22.679464 +0300] aID4htOE1mnnEZNZOMVrtwAAAMo 102.185.164.175 54620 127.0.0.1 7081 --a8b10d58-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 102.185.164.175 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 800 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 387.0.0.24.91 (iPhone14,5; iOS 18_5; en_US; en; scale=3.00; 1170x2532; 755087652; IABMV/1) referer: https://opalparis.store/product-category/lingerie/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753282513834.PAZXh0bgNhZW0CMTEAAaemq10UyRtH6G2E0z7VM2-QhXi3UJ7-hjns-Z7sa2p99XCkTQOfQEhnoHOTAA_aem_95kOYKtwDmECRSaOEy7FJw; _fbp=fb.1.1753282513841.231877684976033795; tk_ai=mIT%2B860J%2FLRTPBwF3Z4kTdcf; tk_qs=; sbjs_session=pgs%3D3%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct%2Fvelora%2F; woocommerce_recently_viewed=601; PHPSESSID=7ucpooldaohtgk2rc20g6r0ch0; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2014%3A55%3A16%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaemq10UyRtH6G2E0z7VM2-QhXi3UJ7-hjns-Z7sa2p99XCkTQOfQEhnoHOTAA_aem_95kOYKtwDmECRSaOEy7FJw%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2014%3A55%3A16%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaemq10UyRtH6G2E0z7VM2-QhXi3UJ7-hjns-Z7sa2p99XCkTQOfQEhnoHOTAA_aem_95kOYKtwDmECRSaOEy7FJw%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_migrations=1418474375998%3D1; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20387.0.0.24.91%20%28iPhone14%2C5%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201170x2532%3B%20755087652%3B%20IABMV%2F1%29 --a8b10d58-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --a8b10d58-E-- --a8b10d58-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aID4htOE1mnnEZNZOMVrtwAAAMo"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aID4htOE1mnnEZNZOMVrtwAAAMo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753282694122601 8557090 (- - -) Stopwatch2: 1753282694122601 8557090; combined=25521, p1=793, p2=24268, p3=231, p4=52, p5=177, sr=203, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a8b10d58-Z-- --62fc7f44-A-- [23/Jul/2025:18:15:05.606913 +0300] aID8edOE1mnnEZNZOMWLSQAAAMc 196.251.70.223 48380 127.0.0.1 7081 --62fc7f44-B-- GET /.env HTTP/1.0 Host: demonanomie.com X-Real-IP: 196.251.70.223 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --62fc7f44-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 09 Jun 2025 14:06:48 GMT ETag: "328-637241743cede" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --62fc7f44-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demonanomie.com"] [uri "/.env"] [unique_id "aID8edOE1mnnEZNZOMWLSQAAAMc"] Stopwatch: 1753283705602555 4447 (- - -) Stopwatch2: 1753283705602555 4447; combined=2615, p1=775, p2=1766, p3=0, p4=0, p5=74, sr=354, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --62fc7f44-Z-- --294d0329-A-- [23/Jul/2025:18:18:00.549398 +0300] aID9KNOE1mnnEZNZOMWRwgAAAMs 196.251.70.223 53496 127.0.0.1 7081 --294d0329-B-- GET /.env HTTP/1.0 Host: demonanomie.com X-Real-IP: 196.251.70.223 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --294d0329-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 09 Jun 2025 14:06:48 GMT ETag: "328-637241743cede" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --294d0329-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demonanomie.com"] [uri "/.env"] [unique_id "aID9KNOE1mnnEZNZOMWRwgAAAMs"] Stopwatch: 1753283880544626 4923 (- - -) Stopwatch2: 1753283880544626 4923; combined=2966, p1=543, p2=2338, p3=0, p4=0, p5=85, sr=162, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --294d0329-Z-- --042f5821-A-- [23/Jul/2025:18:18:22.651895 +0300] aID9Pn6zR-fOy7Xs3z8Y-QAAAA8 196.251.70.223 56050 127.0.0.1 7081 --042f5821-B-- GET /.env HTTP/1.0 Host: demonanomie.com X-Real-IP: 196.251.70.223 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: WDG_Validator/1.6.2 Accept-Charset: utf-8 Accept-Encoding: gzip --042f5821-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 09 Jun 2025 14:06:48 GMT ETag: "328-637241743cede" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --042f5821-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demonanomie.com"] [uri "/.env"] [unique_id "aID9Pn6zR-fOy7Xs3z8Y-QAAAA8"] Stopwatch: 1753283902639200 12766 (- - -) Stopwatch2: 1753283902639200 12766; combined=10568, p1=584, p2=9916, p3=0, p4=0, p5=68, sr=138, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --042f5821-Z-- --ea84ac71-A-- [23/Jul/2025:18:19:01.194998 +0300] aID9ZX6zR-fOy7Xs3z8ZdwAAAAI 196.251.70.223 44590 127.0.0.1 7081 --ea84ac71-B-- GET /.env HTTP/1.0 Host: demonanomie.com X-Real-IP: 196.251.70.223 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15 Accept-Charset: utf-8 Accept-Encoding: gzip --ea84ac71-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 09 Jun 2025 14:06:48 GMT ETag: "328-637241743cede" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --ea84ac71-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demonanomie.com"] [uri "/.env"] [unique_id "aID9ZX6zR-fOy7Xs3z8ZdwAAAAI"] Stopwatch: 1753283941191483 3605 (- - -) Stopwatch2: 1753283941191483 3605; combined=2134, p1=429, p2=1645, p3=0, p4=0, p5=60, sr=118, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ea84ac71-Z-- --2d4e0558-A-- [23/Jul/2025:18:26:18.424452 +0300] aID_GNOE1mnnEZNZOMWgQwAAANY 185.177.72.7 53794 127.0.0.1 7081 --2d4e0558-B-- GET /.git/ HTTP/1.0 Host: own-dev.com X-Real-IP: 185.177.72.7 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2d4e0558-F-- HTTP/1.1 308 Resume Incomplete Refresh: 0;url=/.git X-Powered-By: Phusion Passenger(R) 6.0.26 Upgrade: h2,h2c location: /.git Status: 308 Resume Incomplete Connection: close --2d4e0558-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "own-dev.com"] [uri "/.git/"] [unique_id "aID_GNOE1mnnEZNZOMWgQwAAANY"] Stopwatch: 1753284376302850 2121793 (- - -) Stopwatch2: 1753284376302850 2121793; combined=3668, p1=1510, p2=1887, p3=70, p4=78, p5=123, sr=1008, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2d4e0558-Z-- --cc78c670-A-- [23/Jul/2025:18:26:18.597899 +0300] aID_GtOE1mnnEZNZOMWgWgAAAMY 185.177.72.7 54082 127.0.0.1 7081 --cc78c670-B-- GET /.git/config HTTP/1.0 Host: own-dev.com X-Real-IP: 185.177.72.7 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --cc78c670-F-- HTTP/1.1 404 Not Found link: </_next/static/media/a901a185d5dbd5ee-s.p.ttf>; rel=preload; as="font"; crossorigin=""; type="font/ttf", </own logo.png>; rel=preload; as="image" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Next-Router-Segment-Prefetch,Accept-Encoding Content-Encoding: gzip Upgrade: h2,h2c Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --cc78c670-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "own-dev.com"] [uri "/.git/config"] [unique_id "aID_GtOE1mnnEZNZOMWgWgAAAMY"] Stopwatch: 1753284378481376 116626 (- - -) Stopwatch2: 1753284378481376 116626; combined=3618, p1=653, p2=2726, p3=86, p4=60, p5=92, sr=178, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cc78c670-Z-- --5affcb6e-A-- [23/Jul/2025:18:26:18.703735 +0300] aID_GtOE1mnnEZNZOMWgXAAAAMc 185.177.72.7 54108 127.0.0.1 7081 --5affcb6e-B-- GET /.git/HEAD HTTP/1.0 Host: own-dev.com X-Real-IP: 185.177.72.7 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5affcb6e-F-- HTTP/1.1 404 Not Found link: </_next/static/media/a901a185d5dbd5ee-s.p.ttf>; rel=preload; as="font"; crossorigin=""; type="font/ttf", </own logo.png>; rel=preload; as="image" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Next-Router-Segment-Prefetch,Accept-Encoding Content-Encoding: gzip Upgrade: h2,h2c Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --5affcb6e-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "own-dev.com"] [uri "/.git/HEAD"] [unique_id "aID_GtOE1mnnEZNZOMWgXAAAAMc"] Stopwatch: 1753284378655577 48263 (- - -) Stopwatch2: 1753284378655577 48263; combined=2620, p1=596, p2=1775, p3=87, p4=44, p5=117, sr=173, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5affcb6e-Z-- --5f86fa16-A-- [23/Jul/2025:18:26:18.803926 +0300] aID_GtOE1mnnEZNZOMWgXwAAAMs 185.177.72.7 54144 127.0.0.1 7081 --5f86fa16-B-- GET /.git/index HTTP/1.0 Host: own-dev.com X-Real-IP: 185.177.72.7 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5f86fa16-F-- HTTP/1.1 404 Not Found link: </_next/static/media/a901a185d5dbd5ee-s.p.ttf>; rel=preload; as="font"; crossorigin=""; type="font/ttf", </own logo.png>; rel=preload; as="image" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Next-Router-Segment-Prefetch,Accept-Encoding Content-Encoding: gzip Upgrade: h2,h2c Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --5f86fa16-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "own-dev.com"] [uri "/.git/index"] [unique_id "aID_GtOE1mnnEZNZOMWgXwAAAMs"] Stopwatch: 1753284378762433 41590 (- - -) Stopwatch2: 1753284378762433 41590; combined=3473, p1=523, p2=2708, p3=75, p4=53, p5=113, sr=160, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5f86fa16-Z-- --b4228065-A-- [23/Jul/2025:18:26:18.967742 +0300] aID_GtOE1mnnEZNZOMWgZAAAAMk 185.177.72.7 54184 127.0.0.1 7081 --b4228065-B-- GET /.env HTTP/1.0 Host: own-dev.com X-Real-IP: 185.177.72.7 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b4228065-F-- HTTP/1.1 404 Not Found link: </_next/static/media/a901a185d5dbd5ee-s.p.ttf>; rel=preload; as="font"; crossorigin=""; type="font/ttf", </own logo.png>; rel=preload; as="image" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Next-Router-Segment-Prefetch,Accept-Encoding Content-Encoding: gzip Upgrade: h2,h2c Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --b4228065-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "own-dev.com"] [uri "/.env"] [unique_id "aID_GtOE1mnnEZNZOMWgZAAAAMk"] Stopwatch: 1753284378934491 33360 (- - -) Stopwatch2: 1753284378934491 33360; combined=2877, p1=559, p2=1987, p3=58, p4=40, p5=232, sr=160, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b4228065-Z-- --6762135f-A-- [23/Jul/2025:18:36:03.537139 +0300] aIEBYdOE1mnnEZNZOMWzXAAAAM0 154.177.53.242 57548 127.0.0.1 7081 --6762135f-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 154.177.53.242 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 773 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 389.0.0.20.89 (iPhone14,5; iOS 18_5; en_US; en; scale=3.00; 1170x2532; IABMV/1; 761848126) referer: https://opalparis.store/?fbclid=PAZXh0bgNhZW0CMTEAAadqEYO0oSxY8MaG2WeKIfXM8ZNTrPtAIdPrH3JOdulqwiKF_q2Ax-dG0MYMZA_aem_rFdVUYn5skVOqKVjS-UXsw sec-fetch-dest: empty cookie: _fbc=fb.1.1753284960970.PAZXh0bgNhZW0CMTEAAadqEYO0oSxY8MaG2WeKIfXM8ZNTrPtAIdPrH3JOdulqwiKF_q2Ax-dG0MYMZA_aem_rFdVUYn5skVOqKVjS-UXsw; _fbp=fb.1.1753284960979.80207178525715071; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2015%3A36%3A00%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadqEYO0oSxY8MaG2WeKIfXM8ZNTrPtAIdPrH3JOdulqwiKF_q2Ax-dG0MYMZA_aem_rFdVUYn5skVOqKVjS-UXsw%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2015%3A36%3A00%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadqEYO0oSxY8MaG2WeKIfXM8ZNTrPtAIdPrH3JOdulqwiKF_q2Ax-dG0MYMZA_aem_rFdVUYn5skVOqKVjS-UXsw%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_migrations=1418474375998%3D1; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadqEYO0oSxY8MaG2WeKIfXM8ZNTrPtAIdPrH3JOdulqwiKF_q2Ax-dG0MYMZA_aem_rFdVUYn5skVOqKVjS-UXsw; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20389.0.0.20.89%20%28iPhone14%2C5%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201170x2532%3B%20IABMV%2F1%3B%20761848126%29; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22 --6762135f-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Set-Cookie: PHPSESSID=u53pbi2l9b4qt6thju9jjntbob; expires=Tue, 21 Oct 2025 15:36:03 GMT; Max-Age=7776000; path=/; domain=opalparis.store; HttpOnly; SameSite=lax Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --6762135f-E-- --6762135f-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIEBYdOE1mnnEZNZOMWzXAAAAM0"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIEBYdOE1mnnEZNZOMWzXAAAAM0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753284961353696 2183663 (- - -) Stopwatch2: 1753284961353696 2183663; combined=13674, p1=864, p2=12188, p3=286, p4=61, p5=274, sr=169, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6762135f-Z-- --81c61c53-A-- [23/Jul/2025:18:36:13.096689 +0300] aIEBa36zR-fOy7Xs3z8nSwAAABE 154.177.53.242 44848 127.0.0.1 7081 --81c61c53-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 154.177.53.242 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 801 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 389.0.0.20.89 (iPhone14,5; iOS 18_5; en_US; en; scale=3.00; 1170x2532; IABMV/1; 761848126) referer: https://opalparis.store/product-category/home-wear/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753284970907.PAZXh0bgNhZW0CMTEAAadqEYO0oSxY8MaG2WeKIfXM8ZNTrPtAIdPrH3JOdulqwiKF_q2Ax-dG0MYMZA_aem_rFdVUYn5skVOqKVjS-UXsw; _fbp=fb.1.1753284970910.810488842258189101; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2015%3A36%3A10%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Fhome-wear%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadqEYO0oSxY8MaG2WeKIfXM8ZNTrPtAIdPrH3JOdulqwiKF_q2Ax-dG0MYMZA_aem_rFdVUYn5skVOqKVjS-UXsw; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2015%3A36%3A10%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Fhome-wear%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadqEYO0oSxY8MaG2WeKIfXM8ZNTrPtAIdPrH3JOdulqwiKF_q2Ax-dG0MYMZA_aem_rFdVUYn5skVOqKVjS-UXsw; sbjs_migrations=1418474375998%3D1; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Fhome-wear%2F; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20389.0.0.20.89%20%28iPhone14%2C5%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201170x2532%3B%20IABMV%2F1%3B%20761848126%29; PHPSESSID=u53pbi2l9b4qt6thju9jjntbob --81c61c53-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --81c61c53-E-- --81c61c53-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIEBa36zR-fOy7Xs3z8nSwAAABE"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIEBa36zR-fOy7Xs3z8nSwAAABE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753284971032965 2063865 (- - -) Stopwatch2: 1753284971032965 2063865; combined=11362, p1=981, p2=9949, p3=224, p4=39, p5=169, sr=234, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --81c61c53-Z-- --63e25d23-A-- [23/Jul/2025:18:36:22.117932 +0300] aIEBdNOE1mnnEZNZOMWzsQAAAMM 154.177.53.242 38718 127.0.0.1 7081 --63e25d23-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 154.177.53.242 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 774 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 389.0.0.20.89 (iPhone14,5; iOS 18_5; en_US; en; scale=3.00; 1170x2532; IABMV/1; 761848126) referer: https://opalparis.store/?fbclid=PAZXh0bgNhZW0CMTEAAadqEYO0oSxY8MaG2WeKIfXM8ZNTrPtAIdPrH3JOdulqwiKF_q2Ax-dG0MYMZA_aem_rFdVUYn5skVOqKVjS-UXsw sec-fetch-dest: empty cookie: _fbc=fb.1.1753284970907.PAZXh0bgNhZW0CMTEAAadqEYO0oSxY8MaG2WeKIfXM8ZNTrPtAIdPrH3JOdulqwiKF_q2Ax-dG0MYMZA_aem_rFdVUYn5skVOqKVjS-UXsw; _fbp=fb.1.1753284970910.810488842258189101; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2015%3A36%3A10%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Fhome-wear%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadqEYO0oSxY8MaG2WeKIfXM8ZNTrPtAIdPrH3JOdulqwiKF_q2Ax-dG0MYMZA_aem_rFdVUYn5skVOqKVjS-UXsw; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2015%3A36%3A10%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Fhome-wear%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadqEYO0oSxY8MaG2WeKIfXM8ZNTrPtAIdPrH3JOdulqwiKF_q2Ax-dG0MYMZA_aem_rFdVUYn5skVOqKVjS-UXsw; sbjs_migrations=1418474375998%3D1; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Fhome-wear%2F; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20389.0.0.20.89%20%28iPhone14%2C5%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201170x2532%3B%20IABMV%2F1%3B%20761848126%29; PHPSESSID=u53pbi2l9b4qt6thju9jjntbob --63e25d23-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --63e25d23-E-- --63e25d23-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIEBdNOE1mnnEZNZOMWzsQAAAMM"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIEBdNOE1mnnEZNZOMWzsQAAAMM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753284980082277 2035857 (- - -) Stopwatch2: 1753284980082277 2035857; combined=9734, p1=637, p2=8650, p3=203, p4=44, p5=200, sr=115, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --63e25d23-Z-- --2d28cd05-A-- [23/Jul/2025:18:36:26.666048 +0300] aIEBeNOE1mnnEZNZOMWzvwAAAMI 154.177.53.242 59966 127.0.0.1 7081 --2d28cd05-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 154.177.53.242 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 801 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 389.0.0.20.89 (iPhone14,5; iOS 18_5; en_US; en; scale=3.00; 1170x2532; IABMV/1; 761848126) referer: https://opalparis.store/product-category/underwear/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753284970907.PAZXh0bgNhZW0CMTEAAadqEYO0oSxY8MaG2WeKIfXM8ZNTrPtAIdPrH3JOdulqwiKF_q2Ax-dG0MYMZA_aem_rFdVUYn5skVOqKVjS-UXsw; _fbp=fb.1.1753284970910.810488842258189101; sbjs_session=pgs%3D2%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Funderwear%2F; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2015%3A36%3A10%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Fhome-wear%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadqEYO0oSxY8MaG2WeKIfXM8ZNTrPtAIdPrH3JOdulqwiKF_q2Ax-dG0MYMZA_aem_rFdVUYn5skVOqKVjS-UXsw; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2015%3A36%3A10%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Fhome-wear%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadqEYO0oSxY8MaG2WeKIfXM8ZNTrPtAIdPrH3JOdulqwiKF_q2Ax-dG0MYMZA_aem_rFdVUYn5skVOqKVjS-UXsw; sbjs_migrations=1418474375998%3D1; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20389.0.0.20.89%20%28iPhone14%2C5%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201170x2532%3B%20IABMV%2F1%3B%20761848126%29; PHPSESSID=u53pbi2l9b4qt6thju9jjntbob --2d28cd05-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --2d28cd05-E-- --2d28cd05-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIEBeNOE1mnnEZNZOMWzvwAAAMI"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIEBeNOE1mnnEZNZOMWzvwAAAMI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753284984724824 1941388 (- - -) Stopwatch2: 1753284984724824 1941388; combined=10527, p1=813, p2=9096, p3=335, p4=57, p5=225, sr=149, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2d28cd05-Z-- --854c4a20-A-- [23/Jul/2025:18:36:51.959305 +0300] aIEBkdOE1mnnEZNZOMW0JgAAAME 154.177.53.242 52982 127.0.0.1 7081 --854c4a20-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 154.177.53.242 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 835 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 389.0.0.20.89 (iPhone14,5; iOS 18_5; en_US; en; scale=3.00; 1170x2532; IABMV/1; 761848126) referer: https://opalparis.store/product/lace-embrace/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753284970907.PAZXh0bgNhZW0CMTEAAadqEYO0oSxY8MaG2WeKIfXM8ZNTrPtAIdPrH3JOdulqwiKF_q2Ax-dG0MYMZA_aem_rFdVUYn5skVOqKVjS-UXsw; _fbp=fb.1.1753284970910.810488842258189101; sbjs_session=pgs%3D3%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct%2Flace-embrace%2F; tk_ai=p1y3wzHN7Gval00ge6v%2BO08O; tk_qs=session_id%3D%26blog_id%3D245943483%26store_id%3D08cc8d12-0c1d-42f3-8519-7c52fd206c9a%26ui%3D%26url%3Dhttps%253A%252F%252Fopalparis.store%26landing_page%3D%26woo_version%3D9.9.5%26wp_version%3D6.8.1%26store_admin%3D0%26device%3Dmobile%26template_used%3D0%26additional_blocks_on_cart_page%3D%26additional_blocks_on_checkout_page%3D%26store_currency%3DEGP%26timezone%3D%252B00%253A00%26is_guest%3D1%26order_value%3D0%26order_total%3D0%26total_tax%3D0%26total_discount%3D0%26total_shipping%3D0%26products_count%3D0%26cart_page_contains_cart_block%3D1%26cart_page_contains_cart_shortcode%3D0%26checkout_page_contains_checkout_block%3D1%26checkout_page_contains_checkout_shortcode%3D0%26pi%3D896%26pn%3DLace%2520Embrace%26pc%3DBras%252FUnderwear%26pp%3D350%26pt%3Dvariable%26lr%3Dnull%26or%3Dnull%26r3d%3Dnull%26_en%3Dwoocommerceanalytics_product_view%26_ui%3Dp1y3wzHN7Gval00ge6v%252BO08O%26_ut%3Danon%26_ts%3D1753285009623%26_tz%3D-3%26_lg%3Den-GB%26_pf%3DiPhone%26_ht%3D844%26_wd%3D390%26_sx%3D0%26_sy%3D0%26_dl%3Dhttps%253A%252F%252Fopalparis.store%252Fproduct%252Flace-embrace%252F%26_dr%3Dhttps%253A%252F%252Fopalparis.store%252Fproduct-category%252Funderwear%252F; woocommerce_recently_viewed=896; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2015%3A36%3A10%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Fhome-wear%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadqEYO0oSxY8MaG2WeKIfXM8ZNTrPtAIdPrH3JOdulqwiKF_q2Ax-dG0MYMZA_aem_rFdVUYn5skVOqKVjS-UXsw; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2015%3A36%3A10%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Fhome-wear%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadqEYO0oSxY8MaG2WeKIfXM8ZNTrPtAIdPrH3JOdulqwiKF_q2Ax-dG0MYMZA_aem_rFdVUYn5skVOqKVjS-UXsw; sbjs_migrations=1418474375998%3D1; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20389.0.0.20.89%20%28iPhone14%2C5%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201170x2532%3B%20IABMV%2F1%3B%20761848126%29; PHPSESSID=u53pbi2l9b4qt6thju9jjntbob --854c4a20-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --854c4a20-E-- --854c4a20-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIEBkdOE1mnnEZNZOMW0JgAAAME"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIEBkdOE1mnnEZNZOMW0JgAAAME"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753285009812193 2147393 (- - -) Stopwatch2: 1753285009812193 2147393; combined=16622, p1=924, p2=15052, p3=329, p4=68, p5=248, sr=159, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --854c4a20-Z-- --6aca6217-A-- [23/Jul/2025:18:36:52.362088 +0300] aIEBkX6zR-fOy7Xs3z8negAAAAI 154.177.53.242 52984 127.0.0.1 7081 --6aca6217-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 154.177.53.242 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 1152 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en-US;q=0.9,en;q=0.8 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 389.0.0.20.89 (iPhone14,5; iOS 18_5; en_US; en; scale=3.00; 1170x2532; IABMV/1; 761848126) referer: https://opalparis.store/product/lace-embrace/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753284970907.PAZXh0bgNhZW0CMTEAAadqEYO0oSxY8MaG2WeKIfXM8ZNTrPtAIdPrH3JOdulqwiKF_q2Ax-dG0MYMZA_aem_rFdVUYn5skVOqKVjS-UXsw; _fbp=fb.1.1753284970910.810488842258189101; sbjs_session=pgs%3D3%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct%2Flace-embrace%2F; tk_ai=p1y3wzHN7Gval00ge6v%2BO08O; tk_qs=session_id%3D%26blog_id%3D245943483%26store_id%3D08cc8d12-0c1d-42f3-8519-7c52fd206c9a%26ui%3D%26url%3Dhttps%253A%252F%252Fopalparis.store%26landing_page%3D%26woo_version%3D9.9.5%26wp_version%3D6.8.1%26store_admin%3D0%26device%3Dmobile%26template_used%3D0%26additional_blocks_on_cart_page%3D%26additional_blocks_on_checkout_page%3D%26store_currency%3DEGP%26timezone%3D%252B00%253A00%26is_guest%3D1%26order_value%3D0%26order_total%3D0%26total_tax%3D0%26total_discount%3D0%26total_shipping%3D0%26products_count%3D0%26cart_page_contains_cart_block%3D1%26cart_page_contains_cart_shortcode%3D0%26checkout_page_contains_checkout_block%3D1%26checkout_page_contains_checkout_shortcode%3D0%26pi%3D896%26pn%3DLace%2520Embrace%26pc%3DBras%252FUnderwear%26pp%3D350%26pt%3Dvariable%26lr%3Dnull%26or%3Dnull%26r3d%3Dnull%26_en%3Dwoocommerceanalytics_product_view%26_ui%3Dp1y3wzHN7Gval00ge6v%252BO08O%26_ut%3Danon%26_ts%3D1753285009623%26_tz%3D-3%26_lg%3Den-GB%26_pf%3DiPhone%26_ht%3D844%26_wd%3D390%26_sx%3D0%26_sy%3D0%26_dl%3Dhttps%253A%252F%252Fopalparis.store%252Fproduct%252Flace-embrace%252F%26_dr%3Dhttps%253A%252F%252Fopalparis.store%252Fproduct-category%252Funderwear%252F; woocommerce_recently_viewed=896; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-23%2015%3A36%3A10%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Fhome-wear%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadqEYO0oSxY8MaG2WeKIfXM8ZNTrPtAIdPrH3JOdulqwiKF_q2Ax-dG0MYMZA_aem_rFdVUYn5skVOqKVjS-UXsw; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-23%2015%3A36%3A10%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Fhome-wear%2F%7C%7C%7Crf%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadqEYO0oSxY8MaG2WeKIfXM8ZNTrPtAIdPrH3JOdulqwiKF_q2Ax-dG0MYMZA_aem_rFdVUYn5skVOqKVjS-UXsw; sbjs_migrations=1418474375998%3D1; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20389.0.0.20.89%20%28iPhone14%2C5%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201170x2532%3B%20IABMV%2F1%3B%20761848126%29; PHPSESSID=u53pbi2l9b4qt6thju9jjntbob --6aca6217-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --6aca6217-E-- --6aca6217-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIEBkX6zR-fOy7Xs3z8negAAAAI"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIEBkX6zR-fOy7Xs3z8negAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753285009815133 2547232 (- - -) Stopwatch2: 1753285009815133 2547232; combined=14264, p1=861, p2=12646, p3=325, p4=102, p5=329, sr=129, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6aca6217-Z-- --7ef8562b-A-- [23/Jul/2025:18:42:21.188879 +0300] aIEC2dOE1mnnEZNZOMXAQQAAAMQ 41.37.177.73 49586 127.0.0.1 7081 --7ef8562b-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 41.37.177.73 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 774 sec-ch-ua-platform: "Android" user-agent: Mozilla/5.0 (Linux; Android 13; SM-A245F Build/TP1A.220624.014; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/138.0.7204.157 Mobile Safari/537.36 Instagram 389.0.0.49.87 Android (33/13; 450dpi; 1080x2128; samsung; SM-A245F; a24; mt6789; en_GB; 763654648) sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Android WebView";v="138" content-type: text/plain;charset=UTF-8 sec-ch-ua-mobile: ?1 accept: */* origin: https://opalparis.store x-requested-with: com.instagram.android sec-fetch-site: same-origin sec-fetch-mode: cors sec-fetch-dest: empty referer: https://opalparis.store/?fbclid=PAZXh0bgNhZW0CMTEAAaehh4xC7eAVPx8eEe8PhWGflOu_b4CAn2iSonTVVkdCLilDILAAS4IciVLnOQ_aem_ACiiRgBj7OqnmjGGOGZ2yw accept-encoding: gzip, deflate, br, zstd accept-language: en-GB,en-US;q=0.9,en;q=0.8 priority: u=1, i cookie: sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2025-07-23%2015%3A42%3A17%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaehh4xC7eAVPx8eEe8PhWGflOu_b4CAn2iSonTVVkdCLilDILAAS4IciVLnOQ_aem_ACiiRgBj7OqnmjGGOGZ2yw%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first_add=fd%3D2025-07-23%2015%3A42%3A17%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaehh4xC7eAVPx8eEe8PhWGflOu_b4CAn2iSonTVVkdCLilDILAAS4IciVLnOQ_aem_ACiiRgBj7OqnmjGGOGZ2yw%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Linux%3B%20Android%2013%3B%20SM-A245F%20Build%2FTP1A.220624.014%3B%20wv%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Version%2F4.0%20Chrome%2F138.0.7204.157%20Mobile%20Safari%2F537.36%20Instagram%20389.0.0.49.87%20Android%20%2833%2F13%3B%20450dpi%3B%201080x2128%3B%20samsung%3B%20SM-A245F%3B%20a24%3B%20mt6789%3B%20en_GB%3B%20763654648%29; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaehh4xC7eAVPx8eEe8PhWGflOu_b4CAn2iSonTVVkdCLilDILAAS4IciVLnOQ_aem_ACiiRgBj7OqnmjGGOGZ2yw; _fbc=fb.1.1753285337906.PAZXh0bgNhZW0CMTEAAaehh4xC7eAVPx8eEe8PhWGflOu_b4CAn2iSonTVVkdCLilDILAAS4IciVLnOQ_aem_ACiiRgBj7OqnmjGGOGZ2yw; _fbp=fb.1.1753285337952.903870558281640224 --7ef8562b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Set-Cookie: PHPSESSID=vce29i3jqct1n2g3mkrv7tnfm6; expires=Tue, 21 Oct 2025 15:42:19 GMT; Max-Age=7776000; path=/; domain=opalparis.store; HttpOnly; SameSite=lax Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --7ef8562b-E-- --7ef8562b-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIEC2dOE1mnnEZNZOMXAQQAAAMQ"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIEC2dOE1mnnEZNZOMXAQQAAAMQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753285337903075 3286023 (- - -) Stopwatch2: 1753285337903075 3286023; combined=14582, p1=745, p2=13433, p3=222, p4=42, p5=140, sr=157, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7ef8562b-Z-- --289ad922-A-- [23/Jul/2025:18:42:32.518254 +0300] aIEC5n6zR-fOy7Xs3z8sfQAAAAA 41.37.177.73 50746 127.0.0.1 7081 --289ad922-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 41.37.177.73 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 774 sec-ch-ua-platform: "Android" user-agent: Mozilla/5.0 (Linux; Android 13; SM-A245F Build/TP1A.220624.014; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/138.0.7204.157 Mobile Safari/537.36 Instagram 389.0.0.49.87 Android (33/13; 450dpi; 1080x2128; samsung; SM-A245F; a24; mt6789; en_GB; 763654648) sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Android WebView";v="138" content-type: text/plain;charset=UTF-8 sec-ch-ua-mobile: ?1 accept: */* origin: https://opalparis.store x-requested-with: com.instagram.android sec-fetch-site: same-origin sec-fetch-mode: cors sec-fetch-dest: empty referer: https://opalparis.store/ accept-encoding: gzip, deflate, br, zstd accept-language: en-GB,en-US;q=0.9,en;q=0.8 priority: u=1, i cookie: sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2025-07-23%2015%3A42%3A17%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaehh4xC7eAVPx8eEe8PhWGflOu_b4CAn2iSonTVVkdCLilDILAAS4IciVLnOQ_aem_ACiiRgBj7OqnmjGGOGZ2yw%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first_add=fd%3D2025-07-23%2015%3A42%3A17%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaehh4xC7eAVPx8eEe8PhWGflOu_b4CAn2iSonTVVkdCLilDILAAS4IciVLnOQ_aem_ACiiRgBj7OqnmjGGOGZ2yw%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Linux%3B%20Android%2013%3B%20SM-A245F%20Build%2FTP1A.220624.014%3B%20wv%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Version%2F4.0%20Chrome%2F138.0.7204.157%20Mobile%20Safari%2F537.36%20Instagram%20389.0.0.49.87%20Android%20%2833%2F13%3B%20450dpi%3B%201080x2128%3B%20samsung%3B%20SM-A245F%3B%20a24%3B%20mt6789%3B%20en_GB%3B%20763654648%29; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaehh4xC7eAVPx8eEe8PhWGflOu_b4CAn2iSonTVVkdCLilDILAAS4IciVLnOQ_aem_ACiiRgBj7OqnmjGGOGZ2yw; _fbc=fb.1.1753285337906.PAZXh0bgNhZW0CMTEAAaehh4xC7eAVPx8eEe8PhWGflOu_b4CAn2iSonTVVkdCLilDILAAS4IciVLnOQ_aem_ACiiRgBj7OqnmjGGOGZ2yw; _fbp=fb.1.1753285337952.903870558281640224; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; PHPSESSID=vce29i3jqct1n2g3mkrv7tnfm6; woocommerce_recently_viewed=386 --289ad922-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --289ad922-E-- --289ad922-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIEC5n6zR-fOy7Xs3z8sfQAAAAA"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIEC5n6zR-fOy7Xs3z8sfQAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753285350398860 2119586 (- - -) Stopwatch2: 1753285350398860 2119586; combined=18256, p1=793, p2=14511, p3=2450, p4=312, p5=189, sr=139, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --289ad922-Z-- --b8ec7b24-A-- [23/Jul/2025:18:42:37.843404 +0300] aIEC69OE1mnnEZNZOMXBFwAAAMo 41.37.177.73 57330 127.0.0.1 7081 --b8ec7b24-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 41.37.177.73 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 686 sec-ch-ua-platform: "Android" user-agent: Mozilla/5.0 (Linux; Android 13; SM-A245F Build/TP1A.220624.014; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/138.0.7204.157 Mobile Safari/537.36 Instagram 389.0.0.49.87 Android (33/13; 450dpi; 1080x2128; samsung; SM-A245F; a24; mt6789; en_GB; 763654648) sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Android WebView";v="138" content-type: text/plain;charset=UTF-8 sec-ch-ua-mobile: ?1 accept: */* origin: https://opalparis.store x-requested-with: com.instagram.android sec-fetch-site: same-origin sec-fetch-mode: cors sec-fetch-dest: empty referer: https://opalparis.store/product-category/underwear/ accept-encoding: gzip, deflate, br, zstd accept-language: en-GB,en-US;q=0.9,en;q=0.8 priority: u=1, i cookie: sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2025-07-23%2015%3A42%3A17%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaehh4xC7eAVPx8eEe8PhWGflOu_b4CAn2iSonTVVkdCLilDILAAS4IciVLnOQ_aem_ACiiRgBj7OqnmjGGOGZ2yw%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first_add=fd%3D2025-07-23%2015%3A42%3A17%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaehh4xC7eAVPx8eEe8PhWGflOu_b4CAn2iSonTVVkdCLilDILAAS4IciVLnOQ_aem_ACiiRgBj7OqnmjGGOGZ2yw%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Linux%3B%20Android%2013%3B%20SM-A245F%20Build%2FTP1A.220624.014%3B%20wv%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Version%2F4.0%20Chrome%2F138.0.7204.157%20Mobile%20Safari%2F537.36%20Instagram%20389.0.0.49.87%20Android%20%2833%2F13%3B%20450dpi%3B%201080x2128%3B%20samsung%3B%20SM-A245F%3B%20a24%3B%20mt6789%3B%20en_GB%3B%20763654648%29; _fbc=fb.1.1753285337906.PAZXh0bgNhZW0CMTEAAaehh4xC7eAVPx8eEe8PhWGflOu_b4CAn2iSonTVVkdCLilDILAAS4IciVLnOQ_aem_ACiiRgBj7OqnmjGGOGZ2yw; _fbp=fb.1.1753285337952.903870558281640224; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; PHPSESSID=vce29i3jqct1n2g3mkrv7tnfm6; woocommerce_recently_viewed=386; sbjs_session=pgs%3D2%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2F --b8ec7b24-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --b8ec7b24-E-- --b8ec7b24-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIEC69OE1mnnEZNZOMXBFwAAAMo"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIEC69OE1mnnEZNZOMXBFwAAAMo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753285355642402 2201220 (- - -) Stopwatch2: 1753285355642402 2201220; combined=60267, p1=1478, p2=58182, p3=313, p4=62, p5=232, sr=208, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b8ec7b24-Z-- --44316304-A-- [23/Jul/2025:18:59:45.623357 +0300] aIEG8dOE1mnnEZNZOMXgAwAAANU 185.177.72.179 56984 127.0.0.1 7081 --44316304-B-- GET /.env HTTP/1.0 Host: boneless.raqmix.cloud X-Real-IP: 185.177.72.179 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --44316304-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close X-Accel-Version: 0.01 X-Accel-Redirect: /internal-nginx-static-location/.env Content-Length: 0 --44316304-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "boneless.raqmix.cloud"] [uri "/.env"] [unique_id "aIEG8dOE1mnnEZNZOMXgAwAAANU"] Stopwatch: 1753286385608836 14717 (- - -) Stopwatch2: 1753286385608836 14717; combined=12143, p1=9917, p2=2102, p3=31, p4=30, p5=63, sr=292, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --44316304-Z-- --362aa449-A-- [23/Jul/2025:18:59:46.013606 +0300] aIEG8dOE1mnnEZNZOMXgBgAAAMU 185.177.72.179 57008 127.0.0.1 7081 --362aa449-B-- GET /.env.local HTTP/1.0 Host: boneless.raqmix.cloud X-Real-IP: 185.177.72.179 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --362aa449-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Access-Control-Allow-Methods: * Access-Control-Allow-Headers: * Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --362aa449-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "boneless.raqmix.cloud"] [uri "/.env.local"] [unique_id "aIEG8dOE1mnnEZNZOMXgBgAAAMU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/boneless.raqmix.cloud/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753286385686041 327689 (- - -) Stopwatch2: 1753286385686041 327689; combined=3549, p1=737, p2=2643, p3=0, p4=0, p5=168, sr=214, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --362aa449-Z-- --cf53423c-A-- [23/Jul/2025:18:59:46.592174 +0300] aIEG8tOE1mnnEZNZOMXgDgAAAME 185.177.72.179 57084 127.0.0.1 7081 --cf53423c-B-- GET /.env.save HTTP/1.0 Host: boneless.raqmix.cloud X-Real-IP: 185.177.72.179 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --cf53423c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Access-Control-Allow-Methods: * Access-Control-Allow-Headers: * Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --cf53423c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "boneless.raqmix.cloud"] [uri "/.env.save"] [unique_id "aIEG8tOE1mnnEZNZOMXgDgAAAME"] Apache-Handler: proxy:unix:/var/www/vhosts/system/boneless.raqmix.cloud/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753286386271049 321223 (- - -) Stopwatch2: 1753286386271049 321223; combined=3200, p1=811, p2=2269, p3=0, p4=0, p5=119, sr=169, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cf53423c-Z-- --3a175921-A-- [23/Jul/2025:18:59:47.065182 +0300] aIEG8tOE1mnnEZNZOMXgFQAAAMM 185.177.72.179 57158 127.0.0.1 7081 --3a175921-B-- GET /api/.env HTTP/1.0 Host: boneless.raqmix.cloud X-Real-IP: 185.177.72.179 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3a175921-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Access-Control-Allow-Methods: * Access-Control-Allow-Headers: * Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --3a175921-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "boneless.raqmix.cloud"] [uri "/api/.env"] [unique_id "aIEG8tOE1mnnEZNZOMXgFQAAAMM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/boneless.raqmix.cloud/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753286386704205 361088 (- - -) Stopwatch2: 1753286386704205 361088; combined=2890, p1=645, p2=2111, p3=0, p4=0, p5=133, sr=141, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3a175921-Z-- --ef57e275-A-- [23/Jul/2025:18:59:47.571901 +0300] aIEG89OE1mnnEZNZOMXgHAAAANg 185.177.72.179 57230 127.0.0.1 7081 --ef57e275-B-- GET /backend/.env HTTP/1.0 Host: boneless.raqmix.cloud X-Real-IP: 185.177.72.179 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ef57e275-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Access-Control-Allow-Methods: * Access-Control-Allow-Headers: * Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --ef57e275-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "boneless.raqmix.cloud"] [uri "/backend/.env"] [unique_id "aIEG89OE1mnnEZNZOMXgHAAAANg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/boneless.raqmix.cloud/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753286387225674 346328 (- - -) Stopwatch2: 1753286387225674 346328; combined=2563, p1=554, p2=1837, p3=0, p4=0, p5=171, sr=195, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ef57e275-Z-- --639d2c41-A-- [23/Jul/2025:19:33:44.443385 +0300] aIEO6NOE1mnnEZNZOMUd1wAAANA 213.209.143.116 36380 127.0.0.1 7081 --639d2c41-B-- GET /.env HTTP/1.0 Host: test.jinansystem.com X-Real-IP: 213.209.143.116 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 accept-encoding: gzip --639d2c41-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --639d2c41-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.jinansystem.com"] [uri "/.env"] [unique_id "aIEO6NOE1mnnEZNZOMUd1wAAANA"] Stopwatch: 1753288424438464 5006 (- - -) Stopwatch2: 1753288424438464 5006; combined=2813, p1=641, p2=2084, p3=0, p4=0, p5=88, sr=195, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --639d2c41-Z-- --4e0aa149-A-- [23/Jul/2025:19:41:56.697467 +0300] aIEQ0tOE1mnnEZNZOMUuUQAAAMM 104.131.20.165 38592 127.0.0.1 7081 --4e0aa149-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: glamilea.com X-Real-IP: 104.131.20.165 X-Accel-Internal: /internal-nginx-static-location Connection: close accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br sec-fetch-mode: navigate sec-fetch-site: same-origin user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 referer: http://glamilea.com/wp-login.php upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-user: ?1 cookie: yay_currency_widget=29035; wordpress_test_cookie=WP%20Cookie%20check --4e0aa149-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.1.33 X-Robots-Tag: noindex Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin Upgrade: h2,h2c Connection: Upgrade, close Content-Type: application/json; charset=UTF-8 --4e0aa149-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glamilea.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glamilea.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "glamilea.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIEQ0tOE1mnnEZNZOMUuUQAAAMM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753288914158435 2539333 (- - -) Stopwatch2: 1753288914158435 2539333; combined=3712, p1=543, p2=3025, p3=0, p4=0, p5=143, sr=173, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4e0aa149-Z-- --c763a773-A-- [23/Jul/2025:19:46:34.583142 +0300] aIER6tOE1mnnEZNZOMU1hgAAAMo 91.232.100.209 57132 127.0.0.1 7081 --c763a773-B-- GET /administration/index.php?code=4/0AVMBsJgzdaIdTediX6Knd2DRTgi4Zj1CBwGpY5NNOH_Aldc7gXTlMRfdkLQ8W-F1qytGRA&scope=email%20profile%20https://mail.google.com/%20https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/classroom.courses%20https://www.googleapis.com/auth/classroom.rosters%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=1&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: www.jinansystem.com X-Real-IP: 91.232.100.209 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?1 sec-ch-ua-platform: "Android" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Mobile Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9,ar;q=0.8,tr;q=0.7 priority: u=0, i cookie: PHPSESSID=9o91lesssf4qgblil9e10r0ae6 --c763a773-F-- HTTP/1.1 200 OK Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3676 Content-Type: text/html; charset=UTF-8 --c763a773-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/mail.google.com/ https:/www.googleapis.com/auth/calendar https:/www.googleapis.com/auth/classroom.courses https:/www.googleapis.com/auth/classroom.rosters https:/www.googleapis.com/auth/admin.directory.user https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.jinansystem.com"] [uri "/administration/index.php"] [unique_id "aIER6tOE1mnnEZNZOMU1hgAAAMo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753289194162925 420504 (- - -) Stopwatch2: 1753289194162925 420504; combined=5540, p1=713, p2=4483, p3=162, p4=71, p5=110, sr=204, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c763a773-Z-- --32effc17-A-- [23/Jul/2025:19:52:57.389061 +0300] aIETadOE1mnnEZNZOMVCkQAAAMc 143.110.251.158 60008 127.0.0.1 7081 --32effc17-B-- GET /admin/.git/config HTTP/1.0 Host: webmail.haddadjewellery.com X-Real-IP: 143.110.251.158 Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 14_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15 Accept-Charset: utf-8 Accept-Encoding: gzip --32effc17-F-- HTTP/1.1 404 Not Found Content-Length: 274 Connection: close Content-Type: text/html; charset=iso-8859-1 --32effc17-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.haddadjewellery.com"] [uri "/admin/.git/config"] [unique_id "aIETadOE1mnnEZNZOMVCkQAAAMc"] Stopwatch: 1753289577384941 4218 (- - -) Stopwatch2: 1753289577384941 4218; combined=2431, p1=556, p2=1687, p3=23, p4=95, p5=70, sr=149, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --32effc17-Z-- --cde66228-A-- [23/Jul/2025:19:52:57.407002 +0300] aIETadOE1mnnEZNZOMVCkgAAAMs 143.110.251.158 60020 127.0.0.1 7081 --cde66228-B-- GET /public/.git/config HTTP/1.0 Host: webmail.haddadjewellery.com X-Real-IP: 143.110.251.158 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --cde66228-F-- HTTP/1.1 404 Not Found Content-Length: 274 Connection: close Content-Type: text/html; charset=iso-8859-1 --cde66228-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.haddadjewellery.com"] [uri "/public/.git/config"] [unique_id "aIETadOE1mnnEZNZOMVCkgAAAMs"] Stopwatch: 1753289577402527 4549 (- - -) Stopwatch2: 1753289577402527 4549; combined=2795, p1=626, p2=2048, p3=23, p4=31, p5=67, sr=167, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cde66228-Z-- --4b7d8a6b-A-- [23/Jul/2025:19:52:57.411449 +0300] aIETaX6zR-fOy7Xs3z9jYgAAAAw 143.110.251.158 60044 127.0.0.1 7081 --4b7d8a6b-B-- GET /wp-content/.git/config HTTP/1.0 Host: webmail.haddadjewellery.com X-Real-IP: 143.110.251.158 Connection: close User-Agent: Mozilla/5.0 (Ubuntu; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0 Accept-Charset: utf-8 Accept-Encoding: gzip --4b7d8a6b-F-- HTTP/1.1 404 Not Found Content-Length: 274 Connection: close Content-Type: text/html; charset=iso-8859-1 --4b7d8a6b-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.haddadjewellery.com"] [uri "/wp-content/.git/config"] [unique_id "aIETaX6zR-fOy7Xs3z9jYgAAAAw"] Stopwatch: 1753289577406529 5011 (- - -) Stopwatch2: 1753289577406529 5011; combined=3500, p1=903, p2=2400, p3=30, p4=41, p5=125, sr=463, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4b7d8a6b-Z-- --e81d6944-A-- [23/Jul/2025:19:52:57.414810 +0300] aIETaX6zR-fOy7Xs3z9jYwAAAA4 143.110.251.158 60050 127.0.0.1 7081 --e81d6944-B-- GET /wp-content/themes/.git/config HTTP/1.0 Host: webmail.haddadjewellery.com X-Real-IP: 143.110.251.158 Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.3 Safari/605.1.15 Accept-Charset: utf-8 Accept-Encoding: gzip --e81d6944-F-- HTTP/1.1 404 Not Found Content-Length: 274 Connection: close Content-Type: text/html; charset=iso-8859-1 --e81d6944-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.haddadjewellery.com"] [uri "/wp-content/themes/.git/config"] [unique_id "aIETaX6zR-fOy7Xs3z9jYwAAAA4"] Stopwatch: 1753289577408494 6385 (- - -) Stopwatch2: 1753289577408494 6385; combined=4783, p1=619, p2=3986, p3=37, p4=49, p5=92, sr=147, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e81d6944-Z-- --cbacd322-A-- [23/Jul/2025:19:52:57.422117 +0300] aIETadOE1mnnEZNZOMVClgAAANU 143.110.251.158 60092 127.0.0.1 7081 --cbacd322-B-- GET /wp-content/plugins/.git/config HTTP/1.0 Host: webmail.haddadjewellery.com X-Real-IP: 143.110.251.158 Connection: close User-Agent: Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --cbacd322-F-- HTTP/1.1 404 Not Found Content-Length: 274 Connection: close Content-Type: text/html; charset=iso-8859-1 --cbacd322-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.haddadjewellery.com"] [uri "/wp-content/plugins/.git/config"] [unique_id "aIETadOE1mnnEZNZOMVClgAAANU"] Stopwatch: 1753289577418287 3910 (- - -) Stopwatch2: 1753289577418287 3910; combined=2792, p1=613, p2=2000, p3=16, p4=29, p5=134, sr=128, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cbacd322-Z-- --5279831a-A-- [23/Jul/2025:19:52:57.422264 +0300] aIETaX6zR-fOy7Xs3z9jZAAAAAk 143.110.251.158 60060 127.0.0.1 7081 --5279831a-B-- GET /blog/.git/config HTTP/1.0 Host: webmail.haddadjewellery.com X-Real-IP: 143.110.251.158 Connection: close User-Agent: Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --5279831a-F-- HTTP/1.1 404 Not Found Content-Length: 274 Connection: close Content-Type: text/html; charset=iso-8859-1 --5279831a-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.haddadjewellery.com"] [uri "/blog/.git/config"] [unique_id "aIETaX6zR-fOy7Xs3z9jZAAAAAk"] Stopwatch: 1753289577411200 11135 (- - -) Stopwatch2: 1753289577411200 11135; combined=7487, p1=3697, p2=3519, p3=33, p4=39, p5=198, sr=139, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5279831a-Z-- --32a9ef06-A-- [23/Jul/2025:19:52:57.423091 +0300] aIETadOE1mnnEZNZOMVClAAAAM0 143.110.251.158 60064 127.0.0.1 7081 --32a9ef06-B-- GET /.git/config HTTP/1.0 Host: webmail.haddadjewellery.com X-Real-IP: 143.110.251.158 Connection: close User-Agent: Mozilla/5.0 (Mac OS X 13_2) AppleWebKit/537.36 (KHTML, like Gecko) Safari/123.0 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --32a9ef06-F-- HTTP/1.1 403 Forbidden Content-Length: 277 Connection: close Content-Type: text/html; charset=iso-8859-1 --32a9ef06-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.haddadjewellery.com"] [uri "/.git/config"] [unique_id "aIETadOE1mnnEZNZOMVClAAAAM0"] Stopwatch: 1753289577415799 7365 (- - -) Stopwatch2: 1753289577415799 7365; combined=4589, p1=1492, p2=2896, p3=38, p4=53, p5=110, sr=190, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --32a9ef06-Z-- --fccef144-A-- [23/Jul/2025:19:52:57.423341 +0300] aIETadOE1mnnEZNZOMVClQAAANQ 143.110.251.158 60080 127.0.0.1 7081 --fccef144-B-- GET /app/.git/config HTTP/1.0 Host: webmail.haddadjewellery.com X-Real-IP: 143.110.251.158 Connection: close User-Agent: Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --fccef144-F-- HTTP/1.1 404 Not Found Content-Length: 274 Connection: close Content-Type: text/html; charset=iso-8859-1 --fccef144-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.haddadjewellery.com"] [uri "/app/.git/config"] [unique_id "aIETadOE1mnnEZNZOMVClQAAANQ"] Stopwatch: 1753289577417158 6283 (- - -) Stopwatch2: 1753289577417158 6283; combined=3983, p1=779, p2=2952, p3=33, p4=105, p5=113, sr=239, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fccef144-Z-- --8bee4313-A-- [23/Jul/2025:19:52:57.461364 +0300] aIETadOE1mnnEZNZOMVCkwAAANA 143.110.251.158 60030 127.0.0.1 7081 --8bee4313-B-- GET /api/.git/config HTTP/1.0 Host: webmail.haddadjewellery.com X-Real-IP: 143.110.251.158 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0 Accept-Charset: utf-8 Accept-Encoding: gzip --8bee4313-F-- HTTP/1.1 404 Not Found Content-Length: 274 Connection: close Content-Type: text/html; charset=iso-8859-1 --8bee4313-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.haddadjewellery.com"] [uri "/api/.git/config"] [unique_id "aIETadOE1mnnEZNZOMVCkwAAANA"] Stopwatch: 1753289577404632 56791 (- - -) Stopwatch2: 1753289577404632 56791; combined=106873, p1=838, p2=2261, p3=29, p4=42, p5=51904, sr=195, sw=1, l=0, gc=51798 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8bee4313-Z-- --e676e979-A-- [23/Jul/2025:20:04:25.685643 +0300] aIEWGdOE1mnnEZNZOMVYAgAAAMg 213.209.143.116 40112 127.0.0.1 7081 --e676e979-B-- GET /.env HTTP/1.0 Host: demonanomie.com X-Real-IP: 213.209.143.116 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 accept-encoding: gzip --e676e979-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 09 Jun 2025 14:06:48 GMT ETag: "328-637241743cede" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --e676e979-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demonanomie.com"] [uri "/.env"] [unique_id "aIEWGdOE1mnnEZNZOMVYAgAAAMg"] Stopwatch: 1753290265681792 3935 (- - -) Stopwatch2: 1753290265681792 3935; combined=2415, p1=668, p2=1678, p3=0, p4=0, p5=69, sr=167, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e676e979-Z-- --7254ef7c-A-- [23/Jul/2025:20:07:24.294157 +0300] aIEWzNOE1mnnEZNZOMVcXwAAAME 78.153.140.151 37096 127.0.0.1 7081 --7254ef7c-B-- GET /.env HTTP/1.0 Host: 41.128.143.88 X-Real-IP: 78.153.140.151 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/7.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3; Tablet PC 2.0) --7254ef7c-F-- HTTP/1.1 421 Misdirected Request Content-Length: 386 Connection: close Content-Type: text/html; charset=iso-8859-1 --7254ef7c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.88"] [uri "/.env"] [unique_id "aIEWzNOE1mnnEZNZOMVcXwAAAME"] Apache-Error: [file "ssl_engine_kernel.c"] [line 325] [level 3] AH02032: Hostname default-41_128_143_86 (default host as no SNI was provided) and hostname 41.128.143.88 provided via HTTP have no compatible SSL setup Stopwatch: 1753290444293040 1193 (- - -) Stopwatch2: 1753290444293040 1193; combined=719, p1=581, p2=0, p3=30, p4=30, p5=77, sr=169, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7254ef7c-Z-- --afb2716a-A-- [23/Jul/2025:20:07:24.746180 +0300] aIEWzH6zR-fOy7Xs3z9ufQAAAAc 78.153.140.151 37158 127.0.0.1 7081 --afb2716a-B-- GET /.env.private HTTP/1.0 Host: 41.128.143.88 X-Real-IP: 78.153.140.151 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; pt-BR; rv:1.8.0.2) Gecko/20060308 Firefox/1.5.0.2 --afb2716a-F-- HTTP/1.1 421 Misdirected Request Content-Length: 386 Connection: close Content-Type: text/html; charset=iso-8859-1 --afb2716a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.88"] [uri "/.env.private"] [unique_id "aIEWzH6zR-fOy7Xs3z9ufQAAAAc"] Apache-Error: [file "ssl_engine_kernel.c"] [line 325] [level 3] AH02032: Hostname default-41_128_143_86 (default host as no SNI was provided) and hostname 41.128.143.88 provided via HTTP have no compatible SSL setup Stopwatch: 1753290444744500 1771 (- - -) Stopwatch2: 1753290444744500 1771; combined=762, p1=570, p2=0, p3=46, p4=40, p5=105, sr=153, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --afb2716a-Z-- --f9eea864-A-- [23/Jul/2025:20:07:25.185537 +0300] aIEWzdOE1mnnEZNZOMVcZQAAAMU 78.153.140.151 37204 127.0.0.1 7081 --f9eea864-B-- GET /.env-ids.env HTTP/1.0 Host: 41.128.143.88 X-Real-IP: 78.153.140.151 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; Touch; TNJB; rv:11.0) like Gecko --f9eea864-F-- HTTP/1.1 421 Misdirected Request Content-Length: 386 Connection: close Content-Type: text/html; charset=iso-8859-1 --f9eea864-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.88"] [uri "/.env-ids.env"] [unique_id "aIEWzdOE1mnnEZNZOMVcZQAAAMU"] Apache-Error: [file "ssl_engine_kernel.c"] [line 325] [level 3] AH02032: Hostname default-41_128_143_86 (default host as no SNI was provided) and hostname 41.128.143.88 provided via HTTP have no compatible SSL setup Stopwatch: 1753290445184186 1449 (- - -) Stopwatch2: 1753290445184186 1449; combined=827, p1=670, p2=0, p3=33, p4=33, p5=91, sr=257, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f9eea864-Z-- --0bb08a6e-A-- [23/Jul/2025:20:07:25.655192 +0300] aIEWzdOE1mnnEZNZOMVcaAAAANg 78.153.140.151 37258 127.0.0.1 7081 --0bb08a6e-B-- GET /.env-preview HTTP/1.0 Host: 41.128.143.88 X-Real-IP: 78.153.140.151 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/6.0; EIE10;ENUSWOL) --0bb08a6e-F-- HTTP/1.1 421 Misdirected Request Content-Length: 386 Connection: close Content-Type: text/html; charset=iso-8859-1 --0bb08a6e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.88"] [uri "/.env-preview"] [unique_id "aIEWzdOE1mnnEZNZOMVcaAAAANg"] Apache-Error: [file "ssl_engine_kernel.c"] [line 325] [level 3] AH02032: Hostname default-41_128_143_86 (default host as no SNI was provided) and hostname 41.128.143.88 provided via HTTP have no compatible SSL setup Stopwatch: 1753290445653968 1297 (- - -) Stopwatch2: 1753290445653968 1297; combined=823, p1=672, p2=0, p3=31, p4=31, p5=89, sr=189, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0bb08a6e-Z-- --c8f37f66-A-- [23/Jul/2025:20:07:26.102946 +0300] aIEWztOE1mnnEZNZOMVcbQAAAMc 78.153.140.151 37310 127.0.0.1 7081 --c8f37f66-B-- GET /.env-ids.log HTTP/1.0 Host: 41.128.143.88 X-Real-IP: 78.153.140.151 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/5.0 (Symbian/3; Series60/5.2 NokiaN8-00/014.002; Profile/MIDP-2.1 Configuration/CLDC-1.1; en-us) AppleWebKit/525 (KHTML, like Gecko) Version/3.0 BrowserNG/7.2.6.4 3gpp-gba --c8f37f66-F-- HTTP/1.1 421 Misdirected Request Content-Length: 386 Connection: close Content-Type: text/html; charset=iso-8859-1 --c8f37f66-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.88"] [uri "/.env-ids.log"] [unique_id "aIEWztOE1mnnEZNZOMVcbQAAAMc"] Apache-Error: [file "ssl_engine_kernel.c"] [line 325] [level 3] AH02032: Hostname default-41_128_143_86 (default host as no SNI was provided) and hostname 41.128.143.88 provided via HTTP have no compatible SSL setup Stopwatch: 1753290446101583 1433 (- - -) Stopwatch2: 1753290446101583 1433; combined=769, p1=607, p2=0, p3=34, p4=34, p5=93, sr=174, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c8f37f66-Z-- --997fe543-A-- [23/Jul/2025:20:07:26.546898 +0300] aIEWztOE1mnnEZNZOMVccgAAAMQ 78.153.140.151 37382 127.0.0.1 7081 --997fe543-B-- GET /.env-top.env HTTP/1.0 Host: 41.128.143.88 X-Real-IP: 78.153.140.151 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.2.2) Gecko/20100316 Firefox/3.6.2 ( .NET CLR 3.0.04506.648) --997fe543-F-- HTTP/1.1 421 Misdirected Request Content-Length: 386 Connection: close Content-Type: text/html; charset=iso-8859-1 --997fe543-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.88"] [uri "/.env-top.env"] [unique_id "aIEWztOE1mnnEZNZOMVccgAAAMQ"] Apache-Error: [file "ssl_engine_kernel.c"] [line 325] [level 3] AH02032: Hostname default-41_128_143_86 (default host as no SNI was provided) and hostname 41.128.143.88 provided via HTTP have no compatible SSL setup Stopwatch: 1753290446545387 1610 (- - -) Stopwatch2: 1753290446545387 1610; combined=910, p1=594, p2=0, p3=33, p4=57, p5=226, sr=176, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --997fe543-Z-- --9955917f-A-- [23/Jul/2025:20:17:08.765618 +0300] aIEZFNOE1mnnEZNZOMVskAAAAM0 137.184.21.103 38052 127.0.0.1 7081 --9955917f-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: riyadhchocolate.com X-Real-IP: 137.184.21.103 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-fetch-user: ?1 accept-language: en-US,en;q=0.5 referer: http://riyadhchocolate.com/wp-login.php accept-encoding: gzip, deflate, br upgrade-insecure-requests: 1 sec-fetch-dest: document user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 sec-fetch-mode: navigate sec-fetch-site: same-origin cookie: wordpress_test_cookie=WP%20Cookie%20check --9955917f-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT ETag: "328-631485999ce56" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --9955917f-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "riyadhchocolate.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIEZFNOE1mnnEZNZOMVskAAAAM0"] Stopwatch: 1753291028759967 5814 (- - -) Stopwatch2: 1753291028759967 5814; combined=3690, p1=692, p2=2811, p3=0, p4=0, p5=187, sr=235, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9955917f-Z-- --3c800745-A-- [23/Jul/2025:20:35:44.949745 +0300] aIEdcNOE1mnnEZNZOMWF1wAAANc 185.177.72.210 39588 127.0.0.1 7081 --3c800745-B-- GET /httpd.conf HTTP/1.0 Host: puriceutix.jac.group X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3c800745-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --3c800745-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||puriceutix.jac.group|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||puriceutix.jac.group|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "puriceutix.jac.group"] [uri "/httpd.conf"] [unique_id "aIEdcNOE1mnnEZNZOMWF1wAAANc"] Stopwatch: 1753292144904655 45244 (- - -) Stopwatch2: 1753292144904655 45244; combined=43304, p1=386, p2=42777, p3=0, p4=0, p5=141, sr=124, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3c800745-Z-- --04de8260-A-- [23/Jul/2025:20:35:45.013607 +0300] aIEdcdOE1mnnEZNZOMWF2QAAANU 185.177.72.210 39610 127.0.0.1 7081 --04de8260-B-- GET /apps/.env HTTP/1.0 Host: puriceutix.jac.group X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --04de8260-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --04de8260-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "puriceutix.jac.group"] [uri "/apps/.env"] [unique_id "aIEdcdOE1mnnEZNZOMWF2QAAANU"] Stopwatch: 1753292145009252 4441 (- - -) Stopwatch2: 1753292145009252 4441; combined=2594, p1=458, p2=2054, p3=0, p4=0, p5=81, sr=128, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --04de8260-Z-- --7d1b5261-A-- [23/Jul/2025:20:35:45.146754 +0300] aIEdcdOE1mnnEZNZOMWF2wAAANI 185.177.72.210 39626 127.0.0.1 7081 --7d1b5261-B-- GET /api/.env HTTP/1.0 Host: puriceutix.jac.group X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7d1b5261-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --7d1b5261-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "puriceutix.jac.group"] [uri "/api/.env"] [unique_id "aIEdcdOE1mnnEZNZOMWF2wAAANI"] Stopwatch: 1753292145141600 5267 (- - -) Stopwatch2: 1753292145141600 5267; combined=3123, p1=828, p2=2208, p3=0, p4=0, p5=87, sr=175, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7d1b5261-Z-- --f01daf0b-A-- [23/Jul/2025:20:35:45.208196 +0300] aIEdcdOE1mnnEZNZOMWF3QAAANY 185.177.72.210 39634 127.0.0.1 7081 --f01daf0b-B-- GET /blog/.env HTTP/1.0 Host: puriceutix.jac.group X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f01daf0b-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --f01daf0b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "puriceutix.jac.group"] [uri "/blog/.env"] [unique_id "aIEdcdOE1mnnEZNZOMWF3QAAANY"] Stopwatch: 1753292145203998 4265 (- - -) Stopwatch2: 1753292145203998 4265; combined=2500, p1=516, p2=1915, p3=0, p4=0, p5=69, sr=162, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f01daf0b-Z-- --4afbec32-A-- [23/Jul/2025:20:35:45.272167 +0300] aIEdcdOE1mnnEZNZOMWF3wAAAMo 185.177.72.210 39658 127.0.0.1 7081 --4afbec32-B-- GET /.env.production HTTP/1.0 Host: puriceutix.jac.group X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4afbec32-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --4afbec32-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "puriceutix.jac.group"] [uri "/.env.production"] [unique_id "aIEdcdOE1mnnEZNZOMWF3wAAAMo"] Stopwatch: 1753292145267691 4547 (- - -) Stopwatch2: 1753292145267691 4547; combined=2909, p1=671, p2=2104, p3=0, p4=0, p5=133, sr=159, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4afbec32-Z-- --fe933c2f-A-- [23/Jul/2025:20:35:45.335871 +0300] aIEdcdOE1mnnEZNZOMWF4AAAAMw 185.177.72.210 39668 127.0.0.1 7081 --fe933c2f-B-- GET /protected/.env HTTP/1.0 Host: puriceutix.jac.group X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --fe933c2f-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --fe933c2f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "puriceutix.jac.group"] [uri "/protected/.env"] [unique_id "aIEdcdOE1mnnEZNZOMWF4AAAAMw"] Stopwatch: 1753292145330637 5322 (- - -) Stopwatch2: 1753292145330637 5322; combined=3166, p1=804, p2=2277, p3=0, p4=0, p5=84, sr=355, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fe933c2f-Z-- --4583f319-A-- [23/Jul/2025:20:35:45.401575 +0300] aIEdcX6zR-fOy7Xs3z-AQwAAAAU 185.177.72.210 39690 127.0.0.1 7081 --4583f319-B-- GET /config/.env HTTP/1.0 Host: puriceutix.jac.group X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4583f319-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --4583f319-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "puriceutix.jac.group"] [uri "/config/.env"] [unique_id "aIEdcX6zR-fOy7Xs3z-AQwAAAAU"] Stopwatch: 1753292145394976 6667 (- - -) Stopwatch2: 1753292145394976 6667; combined=4704, p1=628, p2=3988, p3=0, p4=0, p5=88, sr=211, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4583f319-Z-- --85aeed19-A-- [23/Jul/2025:20:35:45.464860 +0300] aIEdcdOE1mnnEZNZOMWF4wAAAMc 185.177.72.210 39700 127.0.0.1 7081 --85aeed19-B-- GET /base/.env HTTP/1.0 Host: puriceutix.jac.group X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --85aeed19-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --85aeed19-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "puriceutix.jac.group"] [uri "/base/.env"] [unique_id "aIEdcdOE1mnnEZNZOMWF4wAAAMc"] Stopwatch: 1753292145459473 5455 (- - -) Stopwatch2: 1753292145459473 5455; combined=3490, p1=503, p2=2912, p3=0, p4=0, p5=75, sr=145, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --85aeed19-Z-- --ee9f3964-A-- [23/Jul/2025:20:35:45.528074 +0300] aIEdcX6zR-fOy7Xs3z-ARAAAABI 185.177.72.210 39704 127.0.0.1 7081 --ee9f3964-B-- GET /.env.development HTTP/1.0 Host: puriceutix.jac.group X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ee9f3964-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --ee9f3964-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "puriceutix.jac.group"] [uri "/.env.development"] [unique_id "aIEdcX6zR-fOy7Xs3z-ARAAAABI"] Stopwatch: 1753292145523163 5003 (- - -) Stopwatch2: 1753292145523163 5003; combined=2761, p1=633, p2=2025, p3=0, p4=0, p5=102, sr=187, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ee9f3964-Z-- --a570817d-A-- [23/Jul/2025:20:35:45.591874 +0300] aIEdcdOE1mnnEZNZOMWF5wAAAM4 185.177.72.210 39738 127.0.0.1 7081 --a570817d-B-- GET /v2/.env HTTP/1.0 Host: puriceutix.jac.group X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a570817d-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --a570817d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "puriceutix.jac.group"] [uri "/v2/.env"] [unique_id "aIEdcdOE1mnnEZNZOMWF5wAAAM4"] Stopwatch: 1753292145586590 5373 (- - -) Stopwatch2: 1753292145586590 5373; combined=3142, p1=708, p2=2347, p3=0, p4=0, p5=87, sr=177, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a570817d-Z-- --663d7123-A-- [23/Jul/2025:20:35:45.657590 +0300] aIEdcdOE1mnnEZNZOMWF6QAAANA 185.177.72.210 39760 127.0.0.1 7081 --663d7123-B-- GET /database/.env HTTP/1.0 Host: puriceutix.jac.group X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --663d7123-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --663d7123-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "puriceutix.jac.group"] [uri "/database/.env"] [unique_id "aIEdcdOE1mnnEZNZOMWF6QAAANA"] Stopwatch: 1753292145650711 6986 (- - -) Stopwatch2: 1753292145650711 6986; combined=4299, p1=796, p2=3365, p3=0, p4=0, p5=138, sr=250, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --663d7123-Z-- --f317c115-A-- [23/Jul/2025:20:35:45.722698 +0300] aIEdcdOE1mnnEZNZOMWF6wAAAMs 185.177.72.210 39768 127.0.0.1 7081 --f317c115-B-- GET /config.yaml.bak HTTP/1.0 Host: puriceutix.jac.group X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f317c115-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --f317c115-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||puriceutix.jac.group|F|2"] [data ".yaml.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||puriceutix.jac.group|F|2"] [data ".yaml.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "puriceutix.jac.group"] [uri "/config.yaml.bak"] [unique_id "aIEdcdOE1mnnEZNZOMWF6wAAAMs"] Stopwatch: 1753292145716582 6208 (- - -) Stopwatch2: 1753292145716582 6208; combined=3765, p1=701, p2=2943, p3=0, p4=0, p5=120, sr=174, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f317c115-Z-- --8862a232-A-- [23/Jul/2025:20:35:45.786616 +0300] aIEdcX6zR-fOy7Xs3z-ARgAAABc 185.177.72.210 39788 127.0.0.1 7081 --8862a232-B-- GET /.env.bak HTTP/1.0 Host: puriceutix.jac.group X-Real-IP: 185.177.72.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8862a232-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 24 May 2022 15:05:06 GMT ETag: "328-5dfc34833fcce" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --8862a232-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||puriceutix.jac.group|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "puriceutix.jac.group"] [uri "/.env.bak"] [unique_id "aIEdcX6zR-fOy7Xs3z-ARgAAABc"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||puriceutix.jac.group|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "puriceutix.jac.group"] [uri "/.env.bak"] [unique_id "aIEdcX6zR-fOy7Xs3z-ARgAAABc"] Stopwatch: 1753292145782012 4697 (- - -) Stopwatch2: 1753292145782012 4697; combined=2883, p1=581, p2=2055, p3=0, p4=0, p5=246, sr=145, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8862a232-Z-- --cdf3bc0b-A-- [23/Jul/2025:20:37:04.430223 +0300] aIEdvtOE1mnnEZNZOMWH4wAAANY 35.245.233.30 36202 127.0.0.1 7081 --cdf3bc0b-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: glamilea.com X-Real-IP: 35.245.233.30 X-Accel-Internal: /internal-nginx-static-location Connection: close referer: http://glamilea.com/wp-login.php upgrade-insecure-requests: 1 sec-fetch-dest: document sec-fetch-site: same-origin user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 accept-language: en-US,en;q=0.5 accept-encoding: gzip, deflate, br sec-fetch-mode: navigate sec-fetch-user: ?1 cookie: yay_currency_widget=29035; wordpress_test_cookie=WP%20Cookie%20check --cdf3bc0b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.1.33 X-Robots-Tag: noindex Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin Upgrade: h2,h2c Connection: Upgrade, close Content-Type: application/json; charset=UTF-8 --cdf3bc0b-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glamilea.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glamilea.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "glamilea.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIEdvtOE1mnnEZNZOMWH4wAAANY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753292222138222 2292211 (- - -) Stopwatch2: 1753292222138222 2292211; combined=3988, p1=647, p2=3181, p3=0, p4=0, p5=159, sr=180, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cdf3bc0b-Z-- --55ba9462-A-- [23/Jul/2025:20:52:40.182618 +0300] aIEhYX6zR-fOy7Xs3z-KxgAAAA8 94.187.15.87 60660 127.0.0.1 7081 --55ba9462-B-- GET /faculty/onlineClasses.php?code=4/0AVMBsJgr9obd0ynP7xWnQdR-jsUEkD37UeAo5Y6MZJdN2xTMNa56hM7o_YRN4r21CcfzwA&scope=email%20profile%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/gmail.readonly%20https://www.googleapis.com/auth/calendar.readonly%20https://www.googleapis.com/auth/classroom.courses.readonly%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=0&hd=jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 94.187.15.87 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=gpopicp7v2mcop23m10iqt5mu2 --55ba9462-F-- HTTP/1.1 200 OK Expires: Mon, 16 Jul 1981 05:00:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 7883 Content-Type: text/html; charset=UTF-8 --55ba9462-E-- --55ba9462-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/gmail.readonly https:/www.googleapis.com/auth/calendar.readonly https:/www.googleapis.com/auth/classroom.courses.readonly https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/gmail.readonly https:/www.googleapis.com/auth/calendar.readonly https:/www.googleapis.com/auth/classroom.courses.readonly https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/faculty/onlineClasses.php"] [unique_id "aIEhYX6zR-fOy7Xs3z-KxgAAAA8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753293153142320 7040456 (- - -) Stopwatch2: 1753293153142320 7040456; combined=11288, p1=1220, p2=9742, p3=110, p4=95, p5=120, sr=776, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --55ba9462-Z--