⚝
One Hat Cyber Team
⚝
Your IP:
216.73.216.19
Server IP:
41.128.143.86
Server:
Linux host.raqmix.cloud 6.8.0-1025-azure #30~22.04.1-Ubuntu SMP Wed Mar 12 15:28:20 UTC 2025 x86_64
Server Software:
Apache
PHP Version:
8.3.23
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
proc
/
thread-self
/
root
/
var
/
log
/
View File Name :
modsec_audit.log
--e2bfa07a-A-- [26/Jul/2025:00:09:04.454427 +0300] aIPycO8DudYUSZDWZiUBeAAAAI0 196.251.117.23 54246 127.0.0.1 7081 --e2bfa07a-B-- GET /.env HTTP/1.0 Host: sys.own-dev.com X-Real-IP: 196.251.117.23 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 9; SM-N950F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.89 Mobile Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --e2bfa07a-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Set-Cookie: csrf_cookie_name=5663f88436ff67555da18a076053a2e1; expires=Fri, 25 Jul 2025 22:10:04 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --e2bfa07a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sys.own-dev.com"] [uri "/.env"] [unique_id "aIPycO8DudYUSZDWZiUBeAAAAI0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sys.own-dev.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753477744427874 26621 (- - -) Stopwatch2: 1753477744427874 26621; combined=2752, p1=587, p2=2057, p3=0, p4=0, p5=107, sr=160, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e2bfa07a-Z-- --f4fe0361-A-- [26/Jul/2025:00:17:38.881560 +0300] aIP0cl39MC1FqiBcsVCI9AAAAEg 109.202.99.36 51456 127.0.0.1 7081 --f4fe0361-B-- GET /api/.env HTTP/1.0 Host: restpos.raqmix.cloud X-Real-IP: 109.202.99.36 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --f4fe0361-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --f4fe0361-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "restpos.raqmix.cloud"] [uri "/api/.env"] [unique_id "aIP0cl39MC1FqiBcsVCI9AAAAEg"] Stopwatch: 1753478258878027 3616 (- - -) Stopwatch2: 1753478258878027 3616; combined=2123, p1=426, p2=1637, p3=0, p4=0, p5=60, sr=142, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f4fe0361-Z-- --b904b521-A-- [26/Jul/2025:00:17:38.890827 +0300] aIP0cl39MC1FqiBcsVCI9QAAAEU 109.202.99.36 51438 127.0.0.1 7081 --b904b521-B-- GET /wp-config.php HTTP/1.0 Host: restpos.raqmix.cloud X-Real-IP: 109.202.99.36 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --b904b521-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --b904b521-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "restpos.raqmix.cloud"] [uri "/wp-config.php"] [unique_id "aIP0cl39MC1FqiBcsVCI9QAAAEU"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'Primary script unknown' Apache-Handler: proxy:unix:/var/www/vhosts/system/restpos.raqmix.cloud/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753478258879558 11338 (- - -) Stopwatch2: 1753478258879558 11338; combined=2605, p1=498, p2=1973, p3=39, p4=32, p5=62, sr=118, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b904b521-Z-- --5971dd06-A-- [26/Jul/2025:00:17:38.935767 +0300] aIP0cu8DudYUSZDWZiUQhwAAAIA 109.202.99.36 51506 127.0.0.1 7081 --5971dd06-B-- GET /.git/HEAD HTTP/1.0 Host: restpos.raqmix.cloud X-Real-IP: 109.202.99.36 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --5971dd06-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --5971dd06-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "restpos.raqmix.cloud"] [uri "/.git/HEAD"] [unique_id "aIP0cu8DudYUSZDWZiUQhwAAAIA"] Stopwatch: 1753478258930951 4921 (- - -) Stopwatch2: 1753478258930951 4921; combined=3066, p1=558, p2=2370, p3=0, p4=0, p5=138, sr=161, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5971dd06-Z-- --e2642640-A-- [26/Jul/2025:00:17:38.945488 +0300] aIP0cl39MC1FqiBcsVCI-AAAAFI 109.202.99.36 51550 127.0.0.1 7081 --e2642640-B-- GET /database.sql HTTP/1.0 Host: restpos.raqmix.cloud X-Real-IP: 109.202.99.36 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --e2642640-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --e2642640-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||restpos.raqmix.cloud|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||restpos.raqmix.cloud|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "restpos.raqmix.cloud"] [uri "/database.sql"] [unique_id "aIP0cl39MC1FqiBcsVCI-AAAAFI"] Stopwatch: 1753478258940203 5372 (- - -) Stopwatch2: 1753478258940203 5372; combined=3178, p1=495, p2=2566, p3=0, p4=0, p5=116, sr=150, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e2642640-Z-- --d2307332-A-- [26/Jul/2025:00:17:39.022269 +0300] aIP0c-8DudYUSZDWZiUQlgAAAJg 109.202.99.36 51682 127.0.0.1 7081 --d2307332-B-- GET /.env HTTP/1.0 Host: restpos.raqmix.cloud X-Real-IP: 109.202.99.36 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --d2307332-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close X-Accel-Version: 0.01 Last-Modified: Mon, 23 Jun 2025 02:21:17 GMT ETag: "24c-63833dde33dc9" Accept-Ranges: bytes Content-Length: 588 --d2307332-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "restpos.raqmix.cloud"] [uri "/.env"] [unique_id "aIP0c-8DudYUSZDWZiUQlgAAAJg"] Stopwatch: 1753478259019210 3187 (- - -) Stopwatch2: 1753478259019210 3187; combined=1870, p1=357, p2=1344, p3=40, p4=44, p5=85, sr=115, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d2307332-Z-- --8ea3db0e-A-- [26/Jul/2025:00:17:39.023754 +0300] aIP0c-8DudYUSZDWZiUQlwAAAI8 109.202.99.36 51696 127.0.0.1 7081 --8ea3db0e-B-- GET /.svn/wc.db HTTP/1.0 Host: restpos.raqmix.cloud X-Real-IP: 109.202.99.36 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --8ea3db0e-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --8ea3db0e-H-- Message: Warning. Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||restpos.raqmix.cloud|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "restpos.raqmix.cloud"] [uri "/.svn/wc.db"] [unique_id "aIP0c-8DudYUSZDWZiUQlwAAAI8"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||restpos.raqmix.cloud|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "restpos.raqmix.cloud"] [uri "/.svn/wc.db"] [unique_id "aIP0c-8DudYUSZDWZiUQlwAAAI8"] Stopwatch: 1753478259020626 3190 (- - -) Stopwatch2: 1753478259020626 3190; combined=2114, p1=439, p2=1570, p3=0, p4=0, p5=105, sr=175, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8ea3db0e-Z-- --59174837-A-- [26/Jul/2025:00:17:39.043558 +0300] aIP0c-8DudYUSZDWZiUQmQAAAJM 109.202.99.36 51712 127.0.0.1 7081 --59174837-B-- GET /.env.production HTTP/1.0 Host: restpos.raqmix.cloud X-Real-IP: 109.202.99.36 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --59174837-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --59174837-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "restpos.raqmix.cloud"] [uri "/.env.production"] [unique_id "aIP0c-8DudYUSZDWZiUQmQAAAJM"] Stopwatch: 1753478259039652 3984 (- - -) Stopwatch2: 1753478259039652 3984; combined=2370, p1=575, p2=1724, p3=0, p4=0, p5=71, sr=134, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --59174837-Z-- --64bc6564-A-- [26/Jul/2025:00:17:39.045627 +0300] aIP0c-8DudYUSZDWZiUQmgAAAII 109.202.99.36 51720 127.0.0.1 7081 --64bc6564-B-- GET /server.key HTTP/1.0 Host: restpos.raqmix.cloud X-Real-IP: 109.202.99.36 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --64bc6564-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --64bc6564-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||restpos.raqmix.cloud|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||restpos.raqmix.cloud|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "restpos.raqmix.cloud"] [uri "/server.key"] [unique_id "aIP0c-8DudYUSZDWZiUQmgAAAII"] Stopwatch: 1753478259041082 4630 (- - -) Stopwatch2: 1753478259041082 4630; combined=2998, p1=498, p2=2415, p3=0, p4=0, p5=85, sr=155, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --64bc6564-Z-- --8088265f-A-- [26/Jul/2025:00:17:39.046195 +0300] aIP0c-8DudYUSZDWZiUQmwAAAIw 109.202.99.36 51734 127.0.0.1 7081 --8088265f-B-- GET /etc/ssl/private/server.key HTTP/1.0 Host: restpos.raqmix.cloud X-Real-IP: 109.202.99.36 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --8088265f-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --8088265f-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||restpos.raqmix.cloud|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||restpos.raqmix.cloud|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "restpos.raqmix.cloud"] [uri "/etc/ssl/private/server.key"] [unique_id "aIP0c-8DudYUSZDWZiUQmwAAAIw"] Stopwatch: 1753478259042565 3701 (- - -) Stopwatch2: 1753478259042565 3701; combined=2048, p1=406, p2=1561, p3=0, p4=0, p5=80, sr=114, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8088265f-Z-- --673bbb10-A-- [26/Jul/2025:00:17:39.149460 +0300] aIP0c-8DudYUSZDWZiUQngAAAIY 109.202.99.36 51772 127.0.0.1 7081 --673bbb10-B-- GET /web.config HTTP/1.0 Host: restpos.raqmix.cloud X-Real-IP: 109.202.99.36 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --673bbb10-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --673bbb10-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||restpos.raqmix.cloud|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "restpos.raqmix.cloud"] [uri "/web.config"] [unique_id "aIP0c-8DudYUSZDWZiUQngAAAIY"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||restpos.raqmix.cloud|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "restpos.raqmix.cloud"] [uri "/web.config"] [unique_id "aIP0c-8DudYUSZDWZiUQngAAAIY"] Stopwatch: 1753478259144737 4810 (- - -) Stopwatch2: 1753478259144737 4810; combined=3073, p1=684, p2=2205, p3=0, p4=0, p5=184, sr=154, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --673bbb10-Z-- --8b471f2f-A-- [26/Jul/2025:00:17:39.206090 +0300] aIP0c-8DudYUSZDWZiUQnwAAAIk 109.202.99.36 51786 127.0.0.1 7081 --8b471f2f-B-- GET /database_backup.sql HTTP/1.0 Host: restpos.raqmix.cloud X-Real-IP: 109.202.99.36 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --8b471f2f-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --8b471f2f-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||restpos.raqmix.cloud|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||restpos.raqmix.cloud|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "restpos.raqmix.cloud"] [uri "/database_backup.sql"] [unique_id "aIP0c-8DudYUSZDWZiUQnwAAAIk"] Stopwatch: 1753478259151801 54361 (- - -) Stopwatch2: 1753478259151801 54361; combined=100867, p1=805, p2=3822, p3=0, p4=0, p5=48167, sr=121, sw=1, l=0, gc=48072 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8b471f2f-Z-- --7938b306-A-- [26/Jul/2025:00:17:39.286989 +0300] aIP0c-8DudYUSZDWZiUQogAAAJA 109.202.99.36 51814 127.0.0.1 7081 --7938b306-B-- GET /_vti_pvt/service.pwd HTTP/1.0 Host: restpos.raqmix.cloud X-Real-IP: 109.202.99.36 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --7938b306-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --7938b306-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||restpos.raqmix.cloud|F|2"] [data ".pwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||restpos.raqmix.cloud|F|2"] [data ".pwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "restpos.raqmix.cloud"] [uri "/_vti_pvt/service.pwd"] [unique_id "aIP0c-8DudYUSZDWZiUQogAAAJA"] Stopwatch: 1753478259280713 6386 (- - -) Stopwatch2: 1753478259280713 6386; combined=3026, p1=539, p2=2413, p3=0, p4=0, p5=74, sr=139, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7938b306-Z-- --f5483626-A-- [26/Jul/2025:00:17:44.082680 +0300] aIP0eO8DudYUSZDWZiUQyQAAAJA 49.13.99.10 48368 127.0.0.1 7081 --f5483626-B-- GET /.env HTTP/1.0 Host: restpos.raqmix.cloud X-Real-IP: 49.13.99.10 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* --f5483626-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close X-Accel-Version: 0.01 Last-Modified: Mon, 23 Jun 2025 02:21:17 GMT ETag: "24c-63833dde33dc9" Accept-Ranges: bytes Content-Length: 588 --f5483626-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "restpos.raqmix.cloud"] [uri "/.env"] [unique_id "aIP0eO8DudYUSZDWZiUQyQAAAJA"] Stopwatch: 1753478264077368 5393 (- - -) Stopwatch2: 1753478264077368 5393; combined=2784, p1=572, p2=2077, p3=29, p4=30, p5=75, sr=177, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f5483626-Z-- --0a28ea3b-A-- [26/Jul/2025:00:17:44.949087 +0300] aIP0eO8DudYUSZDWZiUQzAAAAIc 149.154.161.249 48396 127.0.0.1 7081 --0a28ea3b-B-- GET /.env HTTP/1.0 Host: restpos.raqmix.cloud X-Real-IP: 149.154.161.249 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: TelegramBot (like TwitterBot) accept-encoding: deflate, gzip, br accept-language: en-US,en;q=0.5 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 cookie: euConsent=true; BCPermissionLevel=PERSONAL; BC_GDPR=11111; fhCookieConsent=true; gdpr-source=GB; gdpr_consent=YES; beget=begetok; SOCS=CAISNQgEEitib3FfaWRlbnRpdHlmcm9udGVuZHVpc2VydmVyXzIwMjMwNzIzLjA5X3AwGgJlbiACGgYIgMSBpgY --0a28ea3b-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close X-Accel-Version: 0.01 Last-Modified: Mon, 23 Jun 2025 02:21:17 GMT ETag: "24c-63833dde33dc9" Accept-Ranges: bytes Content-Length: 588 --0a28ea3b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "restpos.raqmix.cloud"] [uri "/.env"] [unique_id "aIP0eO8DudYUSZDWZiUQzAAAAIc"] Stopwatch: 1753478264930448 18768 (- - -) Stopwatch2: 1753478264930448 18768; combined=16581, p1=513, p2=15625, p3=101, p4=62, p5=279, sr=150, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0a28ea3b-Z-- --83dc3424-A-- [26/Jul/2025:00:34:05.148553 +0300] aIP4TV39MC1FqiBcsVCUwwAAAE4 93.123.109.64 54356 127.0.0.1 7081 --83dc3424-B-- GET /.git/config HTTP/1.0 Host: restpos.raqmix.cloud X-Real-IP: 93.123.109.64 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --83dc3424-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --83dc3424-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "restpos.raqmix.cloud"] [uri "/.git/config"] [unique_id "aIP4TV39MC1FqiBcsVCUwwAAAE4"] Stopwatch: 1753479245143461 5277 (- - -) Stopwatch2: 1753479245143461 5277; combined=2916, p1=641, p2=2175, p3=0, p4=0, p5=100, sr=179, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --83dc3424-Z-- --1c000141-A-- [26/Jul/2025:00:36:56.697746 +0300] aIP49u8DudYUSZDWZiUuHgAAAJQ 196.251.117.23 50802 127.0.0.1 7081 --1c000141-B-- GET /.env HTTP/1.0 Host: glamilea.com X-Real-IP: 196.251.117.23 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --1c000141-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.1.33 X-LiteSpeed-Tag: cb5_HTTP.404 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" Set-Cookie: yay_currency_widget=29035; expires=Sun, 24-Aug-2025 21:36:55 GMT; Max-Age=2592000; path=/ Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --1c000141-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glamilea.com"] [uri "/.env"] [unique_id "aIP49u8DudYUSZDWZiUuHgAAAJQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753479414268508 2429338 (- - -) Stopwatch2: 1753479414268508 2429338; combined=2800, p1=659, p2=2013, p3=0, p4=0, p5=128, sr=280, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1c000141-Z-- --4a074043-A-- [26/Jul/2025:00:55:14.206559 +0300] aIP9Qe8DudYUSZDWZiVKygAAAIc 147.182.174.99 35992 127.0.0.1 7081 --4a074043-B-- GET /.env HTTP/1.0 Host: admin.casa-eg.com X-Real-IP: 147.182.174.99 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:83.0) Gecko/20100101 Firefox/83.0 Accept-Encoding: gzip, deflate Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Upgrade-Insecure-Requests: 1 --4a074043-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private pragma: no-cache expires: -1 Set-Cookie: casa_session=7xdsyJnk3oOsi8HnDwJ5VzfZZRtf38A3emeiY06U; expires=Fri, 25-Jul-2025 23:55:14 GMT; Max-Age=7200; path=/; httponly; samesite=lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --4a074043-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "admin.casa-eg.com"] [uri "/.env"] [unique_id "aIP9Qe8DudYUSZDWZiVKygAAAIc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/admin.casa-eg.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753480513209566 997139 (- - -) Stopwatch2: 1753480513209566 997139; combined=15942, p1=13501, p2=2314, p3=0, p4=0, p5=127, sr=131, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4a074043-Z-- --449c0764-A-- [26/Jul/2025:01:09:38.655668 +0300] aIQAoe8DudYUSZDWZiVfyAAAAIE 196.251.117.23 40004 127.0.0.1 7081 --449c0764-B-- GET /.env HTTP/1.0 Host: lms.americancenter.me X-Real-IP: 196.251.117.23 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --449c0764-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.29 Cache-Control: no-cache, private pragma: no-cache expires: -1 Set-Cookie: XSRF-TOKEN=eyJpdiI6IkxJL0dKcVZoSjM5YWM4OGplZXIwYXc9PSIsInZhbHVlIjoiTzBXdTdWNEZpak5mcmkrSG80MGJFa0ZOMDJqbEt4QnhoK3FaMXgrY0N3Nkp5ME1zUURCUjZCR1VMazh5MGc1T0NBZUU0R0FlSGRmdzErVy9YdnVaNXBuRGtqRFo3VU1nZkRad2NDczhUQmZ3K05ZNDZUR1gxSjNuUC9PWnlZaHQiLCJtYWMiOiJjOTY3YWI0MGIzNzAyNjgzODBkMDNhYmNkMWZkMmZjMTBkODE5ZDg0ZWQzOTE5NTc5YmMxMTllMzgxNjE5YjA4IiwidGFnIjoiIn0%3D; expires=Sat, 26 Jul 2025 00:09:38 GMT; Max-Age=7200; path=/; secure; samesite=lax Set-Cookie: laravel_session=eyJpdiI6IkNubHFuNDR2Z1JVMWYrLzdzampPbWc9PSIsInZhbHVlIjoiTnE0eU5ISEN6d0ZNdkx6bmE4bUt6YXgwd3Vlb1V4dXNxZ1JYOUNyd0l4Q0wyVWp2ci94VEhRbUpkc2lhYzZYRStPRUdkRHdaeFdLY2UxVVIwNHZWblFyZUswWWpSaWl5Uk1ueDVhbUZrRFZPQ2pjaDBxZXllSzI5dkJ6ZEdzK3UiLCJtYWMiOiJmYWUxYTUzMjQ3ZjlkOGI0ZjVkYzY5NGMyNmQ0MTY0NDEzYjgzMjZiOTcyODE3YzRiNzU0Zjk2Njk3NzAyMWVlIiwidGFnIjoiIn0%3D; expires=Sat, 26 Jul 2025 00:09:38 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --449c0764-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lms.americancenter.me"] [uri "/.env"] [unique_id "aIQAoe8DudYUSZDWZiVfyAAAAIE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/lms.americancenter.me/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753481377633565 1022244 (- - -) Stopwatch2: 1753481377633565 1022244; combined=2747, p1=635, p2=1996, p3=0, p4=0, p5=116, sr=159, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --449c0764-Z-- --3821492b-A-- [26/Jul/2025:01:16:07.335649 +0300] aIQCJO8DudYUSZDWZiVoBgAAAJA 103.8.27.27 46154 127.0.0.1 7081 --3821492b-B-- GET /.env HTTP/1.0 Host: www.glamilea.com X-Real-IP: 103.8.27.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) --3821492b-F-- HTTP/1.1 301 Moved Permanently X-Powered-By: PHP/8.1.33 X-LiteSpeed-Tag: cb5_HTTP.404 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private X-Redirect-By: WordPress Set-Cookie: yay_currency_widget=29035; expires=Sun, 24-Aug-2025 22:16:06 GMT; Max-Age=2592000; path=/ Upgrade: h2,h2c Connection: Upgrade, close Location: https://glamilea.com/.env Content-Length: 0 Content-Type: text/html; charset=UTF-8 --3821492b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.glamilea.com"] [uri "/.env"] [unique_id "aIQCJO8DudYUSZDWZiVoBgAAAJA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753481764856179 2479666 (- - -) Stopwatch2: 1753481764856179 2479666; combined=2837, p1=1005, p2=1703, p3=0, p4=0, p5=128, sr=217, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3821492b-Z-- --9f401457-A-- [26/Jul/2025:01:16:07.412204 +0300] aIQCJO8DudYUSZDWZiVoCAAAAIk 103.8.27.27 46178 127.0.0.1 7081 --9f401457-B-- GET /laravel/.env HTTP/1.0 Host: www.glamilea.com X-Real-IP: 103.8.27.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) --9f401457-F-- HTTP/1.1 301 Moved Permanently X-Powered-By: PHP/8.1.33 X-LiteSpeed-Tag: cb5_HTTP.404 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private X-Redirect-By: WordPress Set-Cookie: yay_currency_widget=29035; expires=Sun, 24-Aug-2025 22:16:07 GMT; Max-Age=2592000; path=/ Upgrade: h2,h2c Connection: Upgrade, close Location: https://glamilea.com/laravel/.env Content-Length: 0 Content-Type: text/html; charset=UTF-8 --9f401457-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.glamilea.com"] [uri "/laravel/.env"] [unique_id "aIQCJO8DudYUSZDWZiVoCAAAAIk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753481764989565 2422771 (- - -) Stopwatch2: 1753481764989565 2422771; combined=3706, p1=738, p2=2827, p3=0, p4=0, p5=140, sr=178, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9f401457-Z-- --cec2973c-A-- [26/Jul/2025:01:16:07.418369 +0300] aIQCJe8DudYUSZDWZiVoCQAAAI4 103.8.27.27 46186 127.0.0.1 7081 --cec2973c-B-- GET /admin/.env HTTP/1.0 Host: www.glamilea.com X-Real-IP: 103.8.27.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) --cec2973c-F-- HTTP/1.1 301 Moved Permanently X-Powered-By: PHP/8.1.33 X-LiteSpeed-Tag: cb5_HTTP.404 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private X-Redirect-By: WordPress Set-Cookie: yay_currency_widget=29035; expires=Sun, 24-Aug-2025 22:16:07 GMT; Max-Age=2592000; path=/ Upgrade: h2,h2c Connection: Upgrade, close Location: https://glamilea.com/admin/.env Content-Length: 0 Content-Type: text/html; charset=UTF-8 --cec2973c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.glamilea.com"] [uri "/admin/.env"] [unique_id "aIQCJe8DudYUSZDWZiVoCQAAAI4"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753481765004616 2413896 (- - -) Stopwatch2: 1753481765004616 2413896; combined=3669, p1=682, p2=2774, p3=0, p4=0, p5=212, sr=176, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cec2973c-Z-- --85445d3a-A-- [26/Jul/2025:01:16:07.425680 +0300] aIQCJO8DudYUSZDWZiVoBwAAAJE 103.8.27.27 46166 127.0.0.1 7081 --85445d3a-B-- GET /core/.env HTTP/1.0 Host: www.glamilea.com X-Real-IP: 103.8.27.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) --85445d3a-F-- HTTP/1.1 301 Moved Permanently X-Powered-By: PHP/8.1.33 X-LiteSpeed-Tag: cb5_HTTP.404 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private X-Redirect-By: WordPress Set-Cookie: yay_currency_widget=29035; expires=Sun, 24-Aug-2025 22:16:07 GMT; Max-Age=2592000; path=/ Upgrade: h2,h2c Connection: Upgrade, close Location: https://glamilea.com/core/.env Content-Length: 0 Content-Type: text/html; charset=UTF-8 --85445d3a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.glamilea.com"] [uri "/core/.env"] [unique_id "aIQCJO8DudYUSZDWZiVoBwAAAJE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753481764859508 2566345 (- - -) Stopwatch2: 1753481764859508 2566345; combined=2783, p1=546, p2=2069, p3=0, p4=0, p5=168, sr=167, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --85445d3a-Z-- --18e9a906-A-- [26/Jul/2025:01:16:08.263076 +0300] aIQCJe8DudYUSZDWZiVoDAAAAJg 103.8.27.27 46208 127.0.0.1 7081 --18e9a906-B-- GET /laravel/.env HTTP/1.0 Host: glamilea.com X-Real-IP: 103.8.27.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) --18e9a906-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.1.33 X-LiteSpeed-Tag: cb5_HTTP.404 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" Set-Cookie: yay_currency_widget=29035; expires=Sun, 24-Aug-2025 22:16:07 GMT; Max-Age=2592000; path=/ Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --18e9a906-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glamilea.com"] [uri "/laravel/.env"] [unique_id "aIQCJe8DudYUSZDWZiVoDAAAAJg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753481765214829 3048346 (- - -) Stopwatch2: 1753481765214829 3048346; combined=3694, p1=780, p2=2781, p3=0, p4=0, p5=132, sr=196, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --18e9a906-Z-- --e0f8f32d-A-- [26/Jul/2025:01:16:08.265452 +0300] aIQCJe8DudYUSZDWZiVoDQAAAI8 103.8.27.27 46224 127.0.0.1 7081 --e0f8f32d-B-- GET /core/.env HTTP/1.0 Host: glamilea.com X-Real-IP: 103.8.27.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) --e0f8f32d-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.1.33 X-LiteSpeed-Tag: cb5_HTTP.404 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" Set-Cookie: yay_currency_widget=29035; expires=Sun, 24-Aug-2025 22:16:07 GMT; Max-Age=2592000; path=/ Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --e0f8f32d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glamilea.com"] [uri "/core/.env"] [unique_id "aIQCJe8DudYUSZDWZiVoDQAAAI8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753481765245258 3020287 (- - -) Stopwatch2: 1753481765245258 3020287; combined=3824, p1=761, p2=2929, p3=0, p4=0, p5=133, sr=172, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e0f8f32d-Z-- --b336a605-A-- [26/Jul/2025:01:16:08.339274 +0300] aIQCJe8DudYUSZDWZiVoCgAAAJI 103.8.27.27 46196 127.0.0.1 7081 --b336a605-B-- GET /admin/.env HTTP/1.0 Host: glamilea.com X-Real-IP: 103.8.27.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) --b336a605-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.1.33 X-LiteSpeed-Tag: cb5_HTTP.404 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" Set-Cookie: yay_currency_widget=29035; expires=Sun, 24-Aug-2025 22:16:07 GMT; Max-Age=2592000; path=/ Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --b336a605-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glamilea.com"] [uri "/admin/.env"] [unique_id "aIQCJe8DudYUSZDWZiVoCgAAAJI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753481765112008 3227428 (- - -) Stopwatch2: 1753481765112008 3227428; combined=4283, p1=810, p2=3349, p3=0, p4=0, p5=124, sr=244, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b336a605-Z-- --a2d0d300-A-- [26/Jul/2025:01:16:08.384995 +0300] aIQCJV39MC1FqiBcsVCzVgAAAEo 103.8.27.27 46218 127.0.0.1 7081 --a2d0d300-B-- GET /.env HTTP/1.0 Host: glamilea.com X-Real-IP: 103.8.27.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) --a2d0d300-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.1.33 X-LiteSpeed-Tag: cb5_HTTP.404 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" Set-Cookie: yay_currency_widget=29035; expires=Sun, 24-Aug-2025 22:16:07 GMT; Max-Age=2592000; path=/ Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --a2d0d300-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glamilea.com"] [uri "/.env"] [unique_id "aIQCJV39MC1FqiBcsVCzVgAAAEo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753481765217438 3167660 (- - -) Stopwatch2: 1753481765217438 3167660; combined=3576, p1=704, p2=2789, p3=0, p4=0, p5=83, sr=171, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a2d0d300-Z-- --fd2c2802-A-- [26/Jul/2025:01:16:10.755868 +0300] aIQCKO8DudYUSZDWZiVoIQAAAJY 103.8.27.27 46462 127.0.0.1 7081 --fd2c2802-B-- GET /.env HTTP/1.0 Host: glamilea.com X-Real-IP: 103.8.27.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) Referer: https://www.glamilea.com/.env --fd2c2802-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.1.33 X-LiteSpeed-Tag: cb5_HTTP.404 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" Set-Cookie: yay_currency_widget=29035; expires=Sun, 24-Aug-2025 22:16:09 GMT; Max-Age=2592000; path=/ Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --fd2c2802-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glamilea.com"] [uri "/.env"] [unique_id "aIQCKO8DudYUSZDWZiVoIQAAAJY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753481768389460 2366528 (- - -) Stopwatch2: 1753481768389460 2366528; combined=2719, p1=541, p2=2038, p3=0, p4=0, p5=140, sr=119, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fd2c2802-Z-- --23cc9157-A-- [26/Jul/2025:01:16:10.932105 +0300] aIQCKO8DudYUSZDWZiVoJAAAAII 103.8.27.27 46498 127.0.0.1 7081 --23cc9157-B-- GET /core/.env HTTP/1.0 Host: glamilea.com X-Real-IP: 103.8.27.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) Referer: https://www.glamilea.com/core/.env --23cc9157-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.1.33 X-LiteSpeed-Tag: cb5_HTTP.404 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" Set-Cookie: yay_currency_widget=29035; expires=Sun, 24-Aug-2025 22:16:10 GMT; Max-Age=2592000; path=/ Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --23cc9157-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glamilea.com"] [uri "/core/.env"] [unique_id "aIQCKO8DudYUSZDWZiVoJAAAAII"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753481768532400 2399820 (- - -) Stopwatch2: 1753481768532400 2399820; combined=3825, p1=846, p2=2839, p3=0, p4=0, p5=140, sr=178, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --23cc9157-Z-- --441d1444-A-- [26/Jul/2025:01:16:11.004235 +0300] aIQCKF39MC1FqiBcsVCzYQAAAEE 103.8.27.27 46476 127.0.0.1 7081 --441d1444-B-- GET /admin/.env HTTP/1.0 Host: glamilea.com X-Real-IP: 103.8.27.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) Referer: https://www.glamilea.com/admin/.env --441d1444-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.1.33 X-LiteSpeed-Tag: cb5_HTTP.404 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" Set-Cookie: yay_currency_widget=29035; expires=Sun, 24-Aug-2025 22:16:10 GMT; Max-Age=2592000; path=/ Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --441d1444-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glamilea.com"] [uri "/admin/.env"] [unique_id "aIQCKF39MC1FqiBcsVCzYQAAAEE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753481768420484 2583867 (- - -) Stopwatch2: 1753481768420484 2583867; combined=2821, p1=620, p2=2053, p3=0, p4=0, p5=147, sr=165, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --441d1444-Z-- --19806823-A-- [26/Jul/2025:01:16:11.052050 +0300] aIQCKO8DudYUSZDWZiVoJgAAAIQ 103.8.27.27 46520 127.0.0.1 7081 --19806823-B-- GET /laravel/.env HTTP/1.0 Host: glamilea.com X-Real-IP: 103.8.27.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) Referer: https://www.glamilea.com/laravel/.env --19806823-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.1.33 X-LiteSpeed-Tag: cb5_HTTP.404 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" Set-Cookie: yay_currency_widget=29035; expires=Sun, 24-Aug-2025 22:16:10 GMT; Max-Age=2592000; path=/ Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --19806823-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glamilea.com"] [uri "/laravel/.env"] [unique_id "aIQCKO8DudYUSZDWZiVoJgAAAIQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753481768598953 2453195 (- - -) Stopwatch2: 1753481768598953 2453195; combined=3925, p1=809, p2=2994, p3=0, p4=0, p5=122, sr=174, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --19806823-Z-- --17085d63-A-- [26/Jul/2025:01:28:23.930197 +0300] aIQFB139MC1FqiBcsVC7DwAAAEw 196.251.70.223 44796 127.0.0.1 7081 --17085d63-B-- GET /.env HTTP/1.0 Host: crm.kime.agency X-Real-IP: 196.251.70.223 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.71 Safari/537.36 Edge/12.0 Accept-Charset: utf-8 Accept-Encoding: gzip --17085d63-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Set-Cookie: csrf_cookie_name=19e0c483ca4c0f24ff60e1441de704a9; expires=Fri, 25 Jul 2025 23:29:23 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --17085d63-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crm.kime.agency"] [uri "/.env"] [unique_id "aIQFB139MC1FqiBcsVC7DwAAAEw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.kime.agency/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753482503863914 66392 (- - -) Stopwatch2: 1753482503863914 66392; combined=2780, p1=666, p2=1988, p3=0, p4=0, p5=125, sr=216, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --17085d63-Z-- --8450e816-A-- [26/Jul/2025:01:31:06.952912 +0300] aIQFql39MC1FqiBcsVC9XwAAAFM 157.230.250.239 53038 127.0.0.1 7081 --8450e816-B-- GET /.env HTTP/1.0 Host: haddadjewellery.com X-Real-IP: 157.230.250.239 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0 accept: */* referer: http://haddadjewellery.com/.env --8450e816-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 21 Jan 2025 14:39:31 GMT ETag: "328-62c38584f0049" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --8450e816-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "haddadjewellery.com"] [uri "/.env"] [unique_id "aIQFql39MC1FqiBcsVC9XwAAAFM"] Stopwatch: 1753482666947880 5127 (- - -) Stopwatch2: 1753482666947880 5127; combined=2728, p1=796, p2=1858, p3=0, p4=0, p5=74, sr=212, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8450e816-Z-- --10e3393a-A-- [26/Jul/2025:01:31:15.621206 +0300] aIQFs-8DudYUSZDWZiV9KgAAAIU 157.230.250.239 42972 127.0.0.1 7081 --10e3393a-B-- GET /.env HTTP/1.0 Host: haddadjewellery.com X-Real-IP: 157.230.250.239 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 accept: */* referer: http://haddadjewellery.com/.env --10e3393a-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 21 Jan 2025 14:39:31 GMT ETag: "328-62c38584f0049" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --10e3393a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "haddadjewellery.com"] [uri "/.env"] [unique_id "aIQFs-8DudYUSZDWZiV9KgAAAIU"] Stopwatch: 1753482675616251 5119 (- - -) Stopwatch2: 1753482675616251 5119; combined=2801, p1=612, p2=2103, p3=0, p4=0, p5=86, sr=182, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --10e3393a-Z-- --721e0a30-A-- [26/Jul/2025:02:40:49.019449 +0300] aIQWAe8DudYUSZDWZiXuXgAAAJQ 167.172.65.184 57016 127.0.0.1 7081 --721e0a30-B-- POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.0 Host: jinansystem.com X-Real-IP: 167.172.65.184 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 32 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3 Accept-Encoding: gzip, deflate Accept: */* Content-Type: text/html --721e0a30-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --721e0a30-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||jinansystem.com|F|2"] [data "TX:0=text/html"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|jinansystem.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||jinansystem.com|F|2"] [data "TX:0=text/html"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jinansystem.com"] [uri "/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php"] [unique_id "aIQWAe8DudYUSZDWZiXuXgAAAJQ"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|jinansystem.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "jinansystem.com"] [uri "/error_docs/not_found.html"] [unique_id "aIQWAe8DudYUSZDWZiXuXgAAAJQ"] Stopwatch: 1753486849014023 5529 (- - -) Stopwatch2: 1753486849014023 5529; combined=3394, p1=839, p2=2379, p3=0, p4=0, p5=176, sr=169, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --721e0a30-Z-- --088bde6d-A-- [26/Jul/2025:02:40:50.053087 +0300] aIQWAu8DudYUSZDWZiXuZgAAAIo 167.172.65.184 57152 127.0.0.1 7081 --088bde6d-B-- POST /yii/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.0 Host: jinansystem.com X-Real-IP: 167.172.65.184 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 32 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3 Accept-Encoding: gzip, deflate Accept: */* Content-Type: text/html --088bde6d-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --088bde6d-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||jinansystem.com|F|2"] [data "TX:0=text/html"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|jinansystem.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||jinansystem.com|F|2"] [data "TX:0=text/html"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jinansystem.com"] [uri "/yii/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php"] [unique_id "aIQWAu8DudYUSZDWZiXuZgAAAIo"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|jinansystem.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "jinansystem.com"] [uri "/error_docs/not_found.html"] [unique_id "aIQWAu8DudYUSZDWZiXuZgAAAIo"] Stopwatch: 1753486850048093 5068 (- - -) Stopwatch2: 1753486850048093 5068; combined=3130, p1=665, p2=2277, p3=0, p4=0, p5=188, sr=143, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --088bde6d-Z-- --19b4d271-A-- [26/Jul/2025:02:40:51.088459 +0300] aIQWA139MC1FqiBcsVD0eAAAAEY 167.172.65.184 57292 127.0.0.1 7081 --19b4d271-B-- POST /app/laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.0 Host: jinansystem.com X-Real-IP: 167.172.65.184 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 32 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3 Accept-Encoding: gzip, deflate Accept: */* Content-Type: text/html --19b4d271-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --19b4d271-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||jinansystem.com|F|2"] [data "TX:0=text/html"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|jinansystem.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||jinansystem.com|F|2"] [data "TX:0=text/html"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jinansystem.com"] [uri "/app/laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php"] [unique_id "aIQWA139MC1FqiBcsVD0eAAAAEY"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|jinansystem.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "jinansystem.com"] [uri "/error_docs/not_found.html"] [unique_id "aIQWA139MC1FqiBcsVD0eAAAAEY"] Stopwatch: 1753486851082915 5718 (- - -) Stopwatch2: 1753486851082915 5718; combined=3674, p1=829, p2=2632, p3=0, p4=0, p5=212, sr=208, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --19b4d271-Z-- --eff7f679-A-- [26/Jul/2025:02:40:52.285093 +0300] aIQWBO8DudYUSZDWZiXudwAAAJE 167.172.65.184 57480 127.0.0.1 7081 --eff7f679-B-- POST /laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.0 Host: jinansystem.com X-Real-IP: 167.172.65.184 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 32 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3 Accept-Encoding: gzip, deflate Accept: */* Content-Type: text/html --eff7f679-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --eff7f679-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||jinansystem.com|F|2"] [data "TX:0=text/html"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|jinansystem.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||jinansystem.com|F|2"] [data "TX:0=text/html"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jinansystem.com"] [uri "/laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php"] [unique_id "aIQWBO8DudYUSZDWZiXudwAAAJE"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|jinansystem.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "jinansystem.com"] [uri "/error_docs/not_found.html"] [unique_id "aIQWBO8DudYUSZDWZiXudwAAAJE"] Stopwatch: 1753486852280428 4761 (- - -) Stopwatch2: 1753486852280428 4761; combined=2884, p1=617, p2=2131, p3=0, p4=0, p5=136, sr=206, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --eff7f679-Z-- --4ae27c36-A-- [26/Jul/2025:02:40:53.576169 +0300] aIQWBe8DudYUSZDWZiXuhQAAAJU 167.172.65.184 47724 127.0.0.1 7081 --4ae27c36-B-- POST /laravel52/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.0 Host: jinansystem.com X-Real-IP: 167.172.65.184 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 32 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3 Accept-Encoding: gzip, deflate Accept: */* Content-Type: text/html --4ae27c36-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --4ae27c36-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||jinansystem.com|F|2"] [data "TX:0=text/html"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|jinansystem.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||jinansystem.com|F|2"] [data "TX:0=text/html"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jinansystem.com"] [uri "/laravel52/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php"] [unique_id "aIQWBe8DudYUSZDWZiXuhQAAAJU"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|jinansystem.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "jinansystem.com"] [uri "/error_docs/not_found.html"] [unique_id "aIQWBe8DudYUSZDWZiXuhQAAAJU"] Stopwatch: 1753486853571400 4870 (- - -) Stopwatch2: 1753486853571400 4870; combined=2992, p1=626, p2=2170, p3=0, p4=0, p5=196, sr=203, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4ae27c36-Z-- --616bf404-A-- [26/Jul/2025:02:57:26.949231 +0300] aIQZ5hjBAYhbsHpfgE0OsQAAAE0 154.82.170.116 34302 127.0.0.1 7081 --616bf404-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: casa-eg.com X-Real-IP: 154.82.170.116 X-Accel-Internal: /internal-nginx-static-location Connection: close Origin: https://casa-eg.com Referer: https://casa-eg.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Accept-Encoding: gzip, x-gzip, deflate --616bf404-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 09 Oct 2022 09:06:36 GMT ETag: "328-5ea965c36c41b" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --616bf404-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||casa-eg.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||casa-eg.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "casa-eg.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIQZ5hjBAYhbsHpfgE0OsQAAAE0"] Stopwatch: 1753487846933846 15480 (- - -) Stopwatch2: 1753487846933846 15480; combined=12523, p1=662, p2=11774, p3=0, p4=0, p5=87, sr=191, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --616bf404-Z-- --9041e059-A-- [26/Jul/2025:03:07:02.260097 +0300] aIQcJhjBAYhbsHpfgE0WHQAAAEI 192.42.116.177 58590 127.0.0.1 7081 --9041e059-B-- GET /.hgignore HTTP/1.0 Host: webmail.alc.edu.lb X-Real-IP: 192.42.116.177 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Avira/134.0.0.0 Accept: */* Accept-Language: en Accept-Encoding: gzip --9041e059-F-- HTTP/1.1 403 Forbidden Content-Length: 268 Connection: close Content-Type: text/html; charset=iso-8859-1 --9041e059-H-- Message: Warning. Matched phrase "/.hgignore" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.hgignore" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.alc.edu.lb"] [uri "/.hgignore"] [unique_id "aIQcJhjBAYhbsHpfgE0WHQAAAEI"] Stopwatch: 1753488422255958 4248 (- - -) Stopwatch2: 1753488422255958 4248; combined=2484, p1=508, p2=1853, p3=22, p4=31, p5=69, sr=143, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9041e059-Z-- --35720209-A-- [26/Jul/2025:03:21:18.536891 +0300] aIQffkDp3UzWh44vp6_TrwAAABg 192.42.116.217 57560 127.0.0.1 7081 --35720209-B-- GET /.hgignore HTTP/1.0 Host: www.alc.edu.lb X-Forwarded-Http-Host: www.alc.edu.lb:443 X-Real-IP: 192.42.116.217 Connection: close User-Agent: Mozilla/5.0 (Macintosh: Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15 Accept: */* Accept-Language: en Accept-Encoding: gzip --35720209-F-- HTTP/1.1 301 Moved Permanently Location: https://www.alcsys.odoo.com/.hgignore Content-Length: 310 Connection: close Content-Type: text/html; charset=iso-8859-1 --35720209-H-- Message: Warning. Matched phrase "/.hgignore" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.hgignore" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.alc.edu.lb"] [uri "/.hgignore"] [unique_id "aIQffkDp3UzWh44vp6_TrwAAABg"] Stopwatch: 1753489278535429 1563 (- - -) Stopwatch2: 1753489278535429 1563; combined=831, p1=655, p2=0, p3=42, p4=52, p5=82, sr=167, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --35720209-Z-- --03f3613d-A-- [26/Jul/2025:03:22:19.326803 +0300] aIQfue9O-iMYLPRl5REFIgAAAI8 88.246.193.44 35304 127.0.0.1 7081 --03f3613d-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 88.246.193.44 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 799 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en;q=0.9 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22E252 Instagram 390.0.0.28.85 (iPhone15,3; iOS 18_4_1; en_GB; en-GB; scale=3.00; 1290x2796; IABMV/1; 765313520) referer: https://opalparis.store/product-category/lingerie/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753489320665.PAZXh0bgNhZW0CMTEAAadOmArhda5JXJNPLmDpcW3-U-xQ_uz9-R__1Enj2NkbGxQCsPoUVUB8-uBtSA_aem_tIfeLIcNtdP6wanZaMKVLA; _fbp=fb.1.1751805393336.62734759182667087; sbjs_session=pgs%3D2%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Flingerie%2F; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-26%2000%3A21%3A59%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadOmArhda5JXJNPLmDpcW3-U-xQ_uz9-R__1Enj2NkbGxQCsPoUVUB8-uBtSA_aem_tIfeLIcNtdP6wanZaMKVLA%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-26%2000%3A22%3A00%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadOmArhda5JXJNPLmDpcW3-U-xQ_uz9-R__1Enj2NkbGxQCsPoUVUB8-uBtSA_aem_tIfeLIcNtdP6wanZaMKVLA%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_4_1%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22E252%20Instagram%20390.0.0.28.85%20%28iPhone15%2C3%3B%20iOS%2018_4_1%3B%20en_GB%3B%20en-GB%3B%20scale%3D3.00%3B%201290x2796%3B%20IABMV%2F1%3B%20765313520%29; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22; sbjs_migrations=1418474375998%3D1; PHPSESSID=v5g87rpia9galrid7crpvjh8uq; tk_ai=hXlybF1KibRgq%2BsbyR%2FAcdNT; ec_wishlist_code=eyJpdiI6InRFdXBUSXA1eERVMG9neDlUeXRrRVE9PSIsInZhbHVlIjoiM3UrVUp6OVVVZHkranVnOTZPVVFDUGh4YWl0S0RBOXpaeStFRUpLR2MvMzZrbUs2TTEzYnRNVTFFTy9IQzVDRy9za0luSjV1c2NmaDhWSmV1QldyMmc9PSIsIm1hYyI6ImJmZmNhOThjZGVkMGRlOWIxNDVlYTRiMDk1ODc2NzhkOTRjODc0ODlkY2U1NTIzMWVhZGJkMzU5MjZiNzE5ZDAiLCJ0YWciOiIifQ%3D%3D; botble_footprints_cookie=eyJpdiI6IjJaRjh0ZDR3by95V1RJMkdxQkthU2c9PSIsInZhbHVlIjoiaEI4MStlSnl1RkNUZ2Q2OGtUcFVXbkdvcExmYkFsRENzQVlpUkRXY1pRcU9VNDJLSlJlSWl3R0d0dXQzc1U0ZFI2ckp2YmVxTTdQWHZWVmVpMlZ1SkU1TjJ0ZnFrRERXSmhhQUtNQU5BaTNJbUdVd0Rna3B5YStENW0xd3FLRm4iLCJtYWMiOiI0YzYxNTdkOWM2ZTQzOTE1MjU1ZTdmMzQ3OTYzMmVjNmUwNjM3OTQ4Nzc5YWVkMzEwNzdjYTlkM2UyOTdhYjMzIiwidGFnIjoiIn0%3D; botble_footprints_cookie_data=eyJpdiI6InkxZ2dlTVM0WEJkUjVFK1NMZzVXQ3c9PSIsInZhbHVlIjoiMkxEZ2lrTW5mWFZyT0lTbEx4cXdpUFFQc040RnFUbEJnWExmam1QdWNEeVV0bS8yUHp0ZnQ3VFF3QkEvcVd3ZnRmeEJsajQ5R3ZYS0lmbHFXcVF4VVZ3cWh4MnRWdndqeEluTU10ajdmS1FyOU5xVnNNUjk4QXN5V3VDVXovN3hERzNCQzlQWUZNS0NLTmU2M0RvSjZwUTRDWTFPQzE2MndQNFliK1Y3Z2c3OEdOYlB3b3BhckdxaC9Ob1VhVUJkSTJtS1FjdjlkY1djand6dlZTUElqeE44R05vMm9WZlA0UGQ1ZW9tMnl0QS9pQTlBQjVIU2pHbXdCdURmRUlJTVlvRU93R0dtTHJ1SlJrMXFvSElxWXNMdWU5a0VCR3JrYXVrSUZzd2Roa0VZT2tlTExqc2syNTdHc2FoczgrUDRxNStNVkUvV290alJETUxhV1I4UGY2cWVXeVdUQzBkS2tDTWlqZHBBTSs3TktjbmE5Q0s3Y01rc2cvRFhsZDhKYld0Q21PeTRvNFU2YTJwQ2FROGd4ODNvdkdoajBWeU13NXRRYzlHMHF2a29ZaGZ2NlhERkpuNVUwYTJuRUFWVzkwb2MxeE1LVzZjdjMyYVM0bEZlaldIOVF1MUhNeEpZYVZ2bjQ5bVAvYi9vTHkyVVc0K2VtSnlJVmNyTGw1MzNXZWRGRkUvOXQrZVF4M3RtUFQ4dGZHbkhNM0NsYzhuNDFGWmVpS2hJbzE1ejZ4RlMraitDcGVRd00yQVZFQmt2a1EwVlJNbmNUVG4rMzI2ZWp0UkxBSzI0enRjU1YzaUo2dk54d0orczhveHFTL3NqaThRdGJFS003QmhtL29ucEI4enh6OHJXRXpvNmJLKzlJeDRNK1FCYm5DSEhFYUFYTXd3S0lQbVUvVFVmaTE4OGh0VXpBWXh1SkUvVTJyKzRadkpRelNyRG91QnJzekZxNzRmZUg3UCs3bmZNTVc5WkNaTTh3K1ZYYXJWWTJtTkdmaUZTNmRXZzNrbnFpcUwyWEptRVFYVCtscnppSXhBUmEyK2diczliL3JVM2RRUmVyL3l0WmRPMHBIZ216T1JMSkhSUkJHOXF5Mzc3MUR4VTZLUzZTbHFGVGg2S1FQRUZWb0E4QUE9PSIsIm1hYyI6IjFkOTJmNDYyZWRjNmYxMWFiZWE3ZjIyZGIwZWY0MjVlNDdmZmEyMWNhYTIxZGJjMzUyM2FlNDBhZjNhNWY5MWIiLCJ0YWciOiIifQ%3D%3D; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22 --03f3613d-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --03f3613d-E-- --03f3613d-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIQfue9O-iMYLPRl5REFIgAAAI8"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIQfue9O-iMYLPRl5REFIgAAAI8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753489337095658 2231323 (- - -) Stopwatch2: 1753489337095658 2231323; combined=20415, p1=974, p2=18954, p3=202, p4=58, p5=226, sr=136, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --03f3613d-Z-- --5d98d168-A-- [26/Jul/2025:03:22:36.023421 +0300] aIQfyRjBAYhbsHpfgE0iOAAAAE0 88.246.193.44 57194 127.0.0.1 7081 --5d98d168-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 88.246.193.44 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 1139 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en;q=0.9 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22E252 Instagram 390.0.0.28.85 (iPhone15,3; iOS 18_4_1; en_GB; en-GB; scale=3.00; 1290x2796; IABMV/1; 765313520) referer: https://opalparis.store/product/nuvia/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753489320665.PAZXh0bgNhZW0CMTEAAadOmArhda5JXJNPLmDpcW3-U-xQ_uz9-R__1Enj2NkbGxQCsPoUVUB8-uBtSA_aem_tIfeLIcNtdP6wanZaMKVLA; _fbp=fb.1.1751805393336.62734759182667087; sbjs_session=pgs%3D3%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct%2Fnuvia%2F; tk_qs=session_id%3D%26blog_id%3D245943483%26store_id%3D08cc8d12-0c1d-42f3-8519-7c52fd206c9a%26ui%3D%26url%3Dhttps%253A%252F%252Fopalparis.store%26landing_page%3D%26woo_version%3D9.9.5%26wp_version%3D6.8.1%26store_admin%3D0%26device%3Dmobile%26template_used%3D0%26additional_blocks_on_cart_page%3D%26additional_blocks_on_checkout_page%3D%26store_currency%3DEGP%26timezone%3D%252B00%253A00%26is_guest%3D1%26order_value%3D0%26order_total%3D0%26total_tax%3D0%26total_discount%3D0%26total_shipping%3D0%26products_count%3D0%26cart_page_contains_cart_block%3D1%26cart_page_contains_cart_shortcode%3D0%26checkout_page_contains_checkout_block%3D1%26checkout_page_contains_checkout_shortcode%3D0%26pi%3D1022%26pn%3DNuvia%26pc%3DLingerie%252FSlips%26pp%3D1200%26pt%3Dvariable%26lr%3Dhttps%253A%252F%252Fl.instagram.com%252F%26or%3Dhttps%253A%252F%252Fl.instagram.com%252F%26r3d%3Dhttps%253A%252F%252Fl.instagram.com%252F%26_en%3Dwoocommerceanalytics_product_view%26_ui%3DhXlybF1KibRgq%252BsbyR%252FAcdNT%26_ut%3Danon%26_ts%3D1753489352401%26_tz%3D-3%26_lg%3Den-GB%26_pf%3DiPhone%26_ht%3D932%26_wd%3D430%26_sx%3D0%26_sy%3D0%26_dl%3Dhttps%253A%252F%252Fopalparis.store%252Fproduct%252Fnuvia%252F%26_dr%3Dhttps%253A%252F%252Fopalparis.store%252Fproduct-category%252Flingerie%252F; woocommerce_recently_viewed=1022; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-26%2000%3A21%3A59%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadOmArhda5JXJNPLmDpcW3-U-xQ_uz9-R__1Enj2NkbGxQCsPoUVUB8-uBtSA_aem_tIfeLIcNtdP6wanZaMKVLA%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-26%2000%3A22%3A00%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadOmArhda5JXJNPLmDpcW3-U-xQ_uz9-R__1Enj2NkbGxQCsPoUVUB8-uBtSA_aem_tIfeLIcNtdP6wanZaMKVLA%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_4_1%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22E252%20Instagram%20390.0.0.28.85%20%28iPhone15%2C3%3B%20iOS%2018_4_1%3B%20en_GB%3B%20en-GB%3B%20scale%3D3.00%3B%201290x2796%3B%20IABMV%2F1%3B%20765313520%29; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22; sbjs_migrations=1418474375998%3D1; PHPSESSID=v5g87rpia9galrid7crpvjh8uq; tk_ai=hXlybF1KibRgq%2BsbyR%2FAcdNT; ec_wishlist_code=eyJpdiI6InRFdXBUSXA1eERVMG9neDlUeXRrRVE9PSIsInZhbHVlIjoiM3UrVUp6OVVVZHkranVnOTZPVVFDUGh4YWl0S0RBOXpaeStFRUpLR2MvMzZrbUs2TTEzYnRNVTFFTy9IQzVDRy9za0luSjV1c2NmaDhWSmV1QldyMmc9PSIsIm1hYyI6ImJmZmNhOThjZGVkMGRlOWIxNDVlYTRiMDk1ODc2NzhkOTRjODc0ODlkY2U1NTIzMWVhZGJkMzU5MjZiNzE5ZDAiLCJ0YWciOiIifQ%3D%3D; botble_footprints_cookie=eyJpdiI6IjJaRjh0ZDR3by95V1RJMkdxQkthU2c9PSIsInZhbHVlIjoiaEI4MStlSnl1RkNUZ2Q2OGtUcFVXbkdvcExmYkFsRENzQVlpUkRXY1pRcU9VNDJLSlJlSWl3R0d0dXQzc1U0ZFI2ckp2YmVxTTdQWHZWVmVpMlZ1SkU1TjJ0ZnFrRERXSmhhQUtNQU5BaTNJbUdVd0Rna3B5YStENW0xd3FLRm4iLCJtYWMiOiI0YzYxNTdkOWM2ZTQzOTE1MjU1ZTdmMzQ3OTYzMmVjNmUwNjM3OTQ4Nzc5YWVkMzEwNzdjYTlkM2UyOTdhYjMzIiwidGFnIjoiIn0%3D; botble_footprints_cookie_data=eyJpdiI6InkxZ2dlTVM0WEJkUjVFK1NMZzVXQ3c9PSIsInZhbHVlIjoiMkxEZ2lrTW5mWFZyT0lTbEx4cXdpUFFQc040RnFUbEJnWExmam1QdWNEeVV0bS8yUHp0ZnQ3VFF3QkEvcVd3ZnRmeEJsajQ5R3ZYS0lmbHFXcVF4VVZ3cWh4MnRWdndqeEluTU10ajdmS1FyOU5xVnNNUjk4QXN5V3VDVXovN3hERzNCQzlQWUZNS0NLTmU2M0RvSjZwUTRDWTFPQzE2MndQNFliK1Y3Z2c3OEdOYlB3b3BhckdxaC9Ob1VhVUJkSTJtS1FjdjlkY1djand6dlZTUElqeE44R05vMm9WZlA0UGQ1ZW9tMnl0QS9pQTlBQjVIU2pHbXdCdURmRUlJTVlvRU93R0dtTHJ1SlJrMXFvSElxWXNMdWU5a0VCR3JrYXVrSUZzd2Roa0VZT2tlTExqc2syNTdHc2FoczgrUDRxNStNVkUvV290alJETUxhV1I4UGY2cWVXeVdUQzBkS2tDTWlqZHBBTSs3TktjbmE5Q0s3Y01rc2cvRFhsZDhKYld0Q21PeTRvNFU2YTJwQ2FROGd4ODNvdkdoajBWeU13NXRRYzlHMHF2a29ZaGZ2NlhERkpuNVUwYTJuRUFWVzkwb2MxeE1LVzZjdjMyYVM0bEZlaldIOVF1MUhNeEpZYVZ2bjQ5bVAvYi9vTHkyVVc0K2VtSnlJVmNyTGw1MzNXZWRGRkUvOXQrZVF4M3RtUFQ4dGZHbkhNM0NsYzhuNDFGWmVpS2hJbzE1ejZ4RlMraitDcGVRd00yQVZFQmt2a1EwVlJNbmNUVG4rMzI2ZWp0UkxBSzI0enRjU1YzaUo2dk54d0orczhveHFTL3NqaThRdGJFS003QmhtL29ucEI4enh6OHJXRXpvNmJLKzlJeDRNK1FCYm5DSEhFYUFYTXd3S0lQbVUvVFVmaTE4OGh0VXpBWXh1SkUvVTJyKzRadkpRelNyRG91QnJzekZxNzRmZUg3UCs3bmZNTVc5WkNaTTh3K1ZYYXJWWTJtTkdmaUZTNmRXZzNrbnFpcUwyWEptRVFYVCtscnppSXhBUmEyK2diczliL3JVM2RRUmVyL3l0WmRPMHBIZ216T1JMSkhSUkJHOXF5Mzc3MUR4VTZLUzZTbHFGVGg2S1FQRUZWb0E4QUE9PSIsIm1hYyI6IjFkOTJmNDYyZWRjNmYxMWFiZWE3ZjIyZGIwZWY0MjVlNDdmZmEyMWNhYTIxZGJjMzUyM2FlNDBhZjNhNWY5MWIiLCJ0YWciOiIifQ%3D%3D; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22 --5d98d168-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --5d98d168-E-- --5d98d168-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIQfyRjBAYhbsHpfgE0iOAAAAE0"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIQfyRjBAYhbsHpfgE0iOAAAAE0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753489353798683 2225002 (- - -) Stopwatch2: 1753489353798683 2225002; combined=29525, p1=1557, p2=27350, p3=309, p4=56, p5=253, sr=201, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5d98d168-Z-- --74a6d142-A-- [26/Jul/2025:03:22:36.419357 +0300] aIQfyRjBAYhbsHpfgE0iNwAAAE8 88.246.193.44 57186 127.0.0.1 7081 --74a6d142-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: opalparis.store X-Real-IP: 88.246.193.44 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 826 content-type: text/plain;charset=UTF-8 accept: */* sec-fetch-site: same-origin accept-language: en-GB,en;q=0.9 accept-encoding: gzip, deflate, br sec-fetch-mode: cors origin: https://opalparis.store user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22E252 Instagram 390.0.0.28.85 (iPhone15,3; iOS 18_4_1; en_GB; en-GB; scale=3.00; 1290x2796; IABMV/1; 765313520) referer: https://opalparis.store/product/nuvia/ sec-fetch-dest: empty cookie: _fbc=fb.1.1753489320665.PAZXh0bgNhZW0CMTEAAadOmArhda5JXJNPLmDpcW3-U-xQ_uz9-R__1Enj2NkbGxQCsPoUVUB8-uBtSA_aem_tIfeLIcNtdP6wanZaMKVLA; _fbp=fb.1.1751805393336.62734759182667087; sbjs_session=pgs%3D3%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct%2Fnuvia%2F; tk_qs=session_id%3D%26blog_id%3D245943483%26store_id%3D08cc8d12-0c1d-42f3-8519-7c52fd206c9a%26ui%3D%26url%3Dhttps%253A%252F%252Fopalparis.store%26landing_page%3D%26woo_version%3D9.9.5%26wp_version%3D6.8.1%26store_admin%3D0%26device%3Dmobile%26template_used%3D0%26additional_blocks_on_cart_page%3D%26additional_blocks_on_checkout_page%3D%26store_currency%3DEGP%26timezone%3D%252B00%253A00%26is_guest%3D1%26order_value%3D0%26order_total%3D0%26total_tax%3D0%26total_discount%3D0%26total_shipping%3D0%26products_count%3D0%26cart_page_contains_cart_block%3D1%26cart_page_contains_cart_shortcode%3D0%26checkout_page_contains_checkout_block%3D1%26checkout_page_contains_checkout_shortcode%3D0%26pi%3D1022%26pn%3DNuvia%26pc%3DLingerie%252FSlips%26pp%3D1200%26pt%3Dvariable%26lr%3Dhttps%253A%252F%252Fl.instagram.com%252F%26or%3Dhttps%253A%252F%252Fl.instagram.com%252F%26r3d%3Dhttps%253A%252F%252Fl.instagram.com%252F%26_en%3Dwoocommerceanalytics_product_view%26_ui%3DhXlybF1KibRgq%252BsbyR%252FAcdNT%26_ut%3Danon%26_ts%3D1753489352401%26_tz%3D-3%26_lg%3Den-GB%26_pf%3DiPhone%26_ht%3D932%26_wd%3D430%26_sx%3D0%26_sy%3D0%26_dl%3Dhttps%253A%252F%252Fopalparis.store%252Fproduct%252Fnuvia%252F%26_dr%3Dhttps%253A%252F%252Fopalparis.store%252Fproduct-category%252Flingerie%252F; woocommerce_recently_viewed=1022; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-26%2000%3A21%3A59%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadOmArhda5JXJNPLmDpcW3-U-xQ_uz9-R__1Enj2NkbGxQCsPoUVUB8-uBtSA_aem_tIfeLIcNtdP6wanZaMKVLA%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-26%2000%3A22%3A00%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAadOmArhda5JXJNPLmDpcW3-U-xQ_uz9-R__1Enj2NkbGxQCsPoUVUB8-uBtSA_aem_tIfeLIcNtdP6wanZaMKVLA%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_4_1%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22E252%20Instagram%20390.0.0.28.85%20%28iPhone15%2C3%3B%20iOS%2018_4_1%3B%20en_GB%3B%20en-GB%3B%20scale%3D3.00%3B%201290x2796%3B%20IABMV%2F1%3B%20765313520%29; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22; sbjs_migrations=1418474375998%3D1; PHPSESSID=v5g87rpia9galrid7crpvjh8uq; tk_ai=hXlybF1KibRgq%2BsbyR%2FAcdNT; ec_wishlist_code=eyJpdiI6InRFdXBUSXA1eERVMG9neDlUeXRrRVE9PSIsInZhbHVlIjoiM3UrVUp6OVVVZHkranVnOTZPVVFDUGh4YWl0S0RBOXpaeStFRUpLR2MvMzZrbUs2TTEzYnRNVTFFTy9IQzVDRy9za0luSjV1c2NmaDhWSmV1QldyMmc9PSIsIm1hYyI6ImJmZmNhOThjZGVkMGRlOWIxNDVlYTRiMDk1ODc2NzhkOTRjODc0ODlkY2U1NTIzMWVhZGJkMzU5MjZiNzE5ZDAiLCJ0YWciOiIifQ%3D%3D; botble_footprints_cookie=eyJpdiI6IjJaRjh0ZDR3by95V1RJMkdxQkthU2c9PSIsInZhbHVlIjoiaEI4MStlSnl1RkNUZ2Q2OGtUcFVXbkdvcExmYkFsRENzQVlpUkRXY1pRcU9VNDJLSlJlSWl3R0d0dXQzc1U0ZFI2ckp2YmVxTTdQWHZWVmVpMlZ1SkU1TjJ0ZnFrRERXSmhhQUtNQU5BaTNJbUdVd0Rna3B5YStENW0xd3FLRm4iLCJtYWMiOiI0YzYxNTdkOWM2ZTQzOTE1MjU1ZTdmMzQ3OTYzMmVjNmUwNjM3OTQ4Nzc5YWVkMzEwNzdjYTlkM2UyOTdhYjMzIiwidGFnIjoiIn0%3D; botble_footprints_cookie_data=eyJpdiI6InkxZ2dlTVM0WEJkUjVFK1NMZzVXQ3c9PSIsInZhbHVlIjoiMkxEZ2lrTW5mWFZyT0lTbEx4cXdpUFFQc040RnFUbEJnWExmam1QdWNEeVV0bS8yUHp0ZnQ3VFF3QkEvcVd3ZnRmeEJsajQ5R3ZYS0lmbHFXcVF4VVZ3cWh4MnRWdndqeEluTU10ajdmS1FyOU5xVnNNUjk4QXN5V3VDVXovN3hERzNCQzlQWUZNS0NLTmU2M0RvSjZwUTRDWTFPQzE2MndQNFliK1Y3Z2c3OEdOYlB3b3BhckdxaC9Ob1VhVUJkSTJtS1FjdjlkY1djand6dlZTUElqeE44R05vMm9WZlA0UGQ1ZW9tMnl0QS9pQTlBQjVIU2pHbXdCdURmRUlJTVlvRU93R0dtTHJ1SlJrMXFvSElxWXNMdWU5a0VCR3JrYXVrSUZzd2Roa0VZT2tlTExqc2syNTdHc2FoczgrUDRxNStNVkUvV290alJETUxhV1I4UGY2cWVXeVdUQzBkS2tDTWlqZHBBTSs3TktjbmE5Q0s3Y01rc2cvRFhsZDhKYld0Q21PeTRvNFU2YTJwQ2FROGd4ODNvdkdoajBWeU13NXRRYzlHMHF2a29ZaGZ2NlhERkpuNVUwYTJuRUFWVzkwb2MxeE1LVzZjdjMyYVM0bEZlaldIOVF1MUhNeEpZYVZ2bjQ5bVAvYi9vTHkyVVc0K2VtSnlJVmNyTGw1MzNXZWRGRkUvOXQrZVF4M3RtUFQ4dGZHbkhNM0NsYzhuNDFGWmVpS2hJbzE1ejZ4RlMraitDcGVRd00yQVZFQmt2a1EwVlJNbmNUVG4rMzI2ZWp0UkxBSzI0enRjU1YzaUo2dk54d0orczhveHFTL3NqaThRdGJFS003QmhtL29ucEI4enh6OHJXRXpvNmJLKzlJeDRNK1FCYm5DSEhFYUFYTXd3S0lQbVUvVFVmaTE4OGh0VXpBWXh1SkUvVTJyKzRadkpRelNyRG91QnJzekZxNzRmZUg3UCs3bmZNTVc5WkNaTTh3K1ZYYXJWWTJtTkdmaUZTNmRXZzNrbnFpcUwyWEptRVFYVCtscnppSXhBUmEyK2diczliL3JVM2RRUmVyL3l0WmRPMHBIZ216T1JMSkhSUkJHOXF5Mzc3MUR4VTZLUzZTbHFGVGg2S1FQRUZWb0E4QUE9PSIsIm1hYyI6IjFkOTJmNDYyZWRjNmYxMWFiZWE3ZjIyZGIwZWY0MjVlNDdmZmEyMWNhYTIxZGJjMzUyM2FlNDBhZjNhNWY5MWIiLCJ0YWciOiIifQ%3D%3D; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22 --74a6d142-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.23 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://opalparis.store Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8 --74a6d142-E-- --74a6d142-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aIQfyRjBAYhbsHpfgE0iNwAAAE8"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aIQfyRjBAYhbsHpfgE0iNwAAAE8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753489353796915 2622687 (- - -) Stopwatch2: 1753489353796915 2622687; combined=33560, p1=1461, p2=31574, p3=284, p4=40, p5=201, sr=165, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --74a6d142-Z-- --0014a657-A-- [26/Jul/2025:03:40:44.884710 +0300] aIQkDEDp3UzWh44vp6_0gAAAABA 3.142.173.84 45338 127.0.0.1 7081 --0014a657-B-- GET /.git/config HTTP/1.0 Host: first-builders.com X-Real-IP: 3.142.173.84 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.1.1 Safari/605.1.15 Accept-Charset: utf-8 Accept-Encoding: gzip --0014a657-F-- HTTP/1.1 503 Service Unavailable X-Powered-By: PHP/8.3.23 Retry-After: 600 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=utf-8 --0014a657-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "first-builders.com"] [uri "/.git/config"] [unique_id "aIQkDEDp3UzWh44vp6_0gAAAABA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/first-builders.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753490444866307 18531 (- - -) Stopwatch2: 1753490444866307 18531; combined=2872, p1=641, p2=2087, p3=0, p4=0, p5=144, sr=170, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0014a657-Z-- --72477f0b-A-- [26/Jul/2025:04:11:33.629037 +0300] aIQrRe9O-iMYLPRl5RErlQAAAJQ 77.90.153.170 58080 127.0.0.1 7081 --72477f0b-B-- GET /.env HTTP/1.0 Host: crm.hamomohsen.net X-Real-IP: 77.90.153.170 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 9; HMA-L29) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --72477f0b-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --72477f0b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crm.hamomohsen.net"] [uri "/.env"] [unique_id "aIQrRe9O-iMYLPRl5RErlQAAAJQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753492293163012 466133 (- - -) Stopwatch2: 1753492293163012 466133; combined=3456, p1=701, p2=2645, p3=0, p4=0, p5=109, sr=163, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --72477f0b-Z-- --a2d1ae0f-A-- [26/Jul/2025:04:24:32.286556 +0300] aIQuS0Dp3UzWh44vp689dwAAABU 94.187.21.184 49446 127.0.0.1 7081 --a2d1ae0f-B-- GET /student/onlineClasses.php?code=4/0AVMBsJjO2UP00hACMOUeTQ6pRj9YJ8FFN8P_6eIZdtcCRJ0c6HjDZal8XMafstF2dfuTmQ&scope=email%20profile%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/gmail.readonly%20https://www.googleapis.com/auth/calendar.readonly%20https://www.googleapis.com/auth/classroom.courses.readonly%20https://www.googleapis.com/auth/userinfo.profile%20openid&authuser=1&hd=students.jinan.edu.lb&prompt=consent HTTP/1.0 Host: jinansystem.com X-Real-IP: 94.187.21.184 X-Accel-Internal: /internal-nginx-static-location Connection: close sec-ch-ua: "Not)A;Brand";v="8", "Chromium";v="138", "Google Chrome";v="138" sec-ch-ua-mobile: ?1 sec-ch-ua-platform: "Android" upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Mobile Safari/537.36 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-fetch-site: cross-site sec-fetch-mode: navigate sec-fetch-user: ?1 sec-fetch-dest: document referer: https://accounts.google.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=0, i cookie: PHPSESSID=7nomp5pr51sgf088s77o5025d0 --a2d1ae0f-F-- HTTP/1.1 200 OK Expires: Mon, 16 Jul 1981 05:00:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 6907 Content-Type: text/html; charset=UTF-8 --a2d1ae0f-E-- --a2d1ae0f-H-- Message: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/gmail.readonly https:/www.googleapis.com/auth/calendar.readonly https:/www.googleapis.com/auth/classroom.courses.readonly https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||jinansystem.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/www.googleapis.com/auth/userinfo.email https:/www.googleapis.com/auth/gmail.readonly https:/www.googleapis.com/auth/calendar.readonly https:/www.googleapis.com/auth/classroom.courses.readonly https:/www.googleapis.com/auth/userinfo.profile openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "jinansystem.com"] [uri "/student/onlineClasses.php"] [unique_id "aIQuS0Dp3UzWh44vp689dwAAABU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753493067587978 4698732 (- - -) Stopwatch2: 1753493067587978 4698732; combined=16014, p1=1659, p2=14107, p3=112, p4=53, p5=82, sr=1109, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a2d1ae0f-Z-- --e0a0e625-A-- [26/Jul/2025:04:58:27.658999 +0300] aIQ2Q0Dp3UzWh44vp69wvQAAAAs 213.209.143.116 42734 127.0.0.1 7081 --e0a0e625-B-- GET /.env HTTP/1.0 Host: crm.hamomohsen.net X-Real-IP: 213.209.143.116 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 accept-encoding: gzip --e0a0e625-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --e0a0e625-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crm.hamomohsen.net"] [uri "/.env"] [unique_id "aIQ2Q0Dp3UzWh44vp69wvQAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753495107530040 129174 (- - -) Stopwatch2: 1753495107530040 129174; combined=2890, p1=622, p2=2140, p3=0, p4=0, p5=127, sr=206, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e0a0e625-Z-- --456f7643-A-- [26/Jul/2025:04:58:28.281024 +0300] aIQ2REDp3UzWh44vp69wwgAAABY 213.209.143.116 42808 127.0.0.1 7081 --456f7643-B-- GET /backup.sql HTTP/1.0 Host: crm.hamomohsen.net X-Real-IP: 213.209.143.116 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 accept-encoding: gzip --456f7643-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --456f7643-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||crm.hamomohsen.net|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||crm.hamomohsen.net|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "crm.hamomohsen.net"] [uri "/backup.sql"] [unique_id "aIQ2REDp3UzWh44vp69wwgAAABY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753495108130234 150951 (- - -) Stopwatch2: 1753495108130234 150951; combined=10795, p1=524, p2=10098, p3=0, p4=0, p5=172, sr=169, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --456f7643-Z-- --c16f6350-A-- [26/Jul/2025:04:58:28.538786 +0300] aIQ2REDp3UzWh44vp69wxgAAABU 213.209.143.116 42850 127.0.0.1 7081 --c16f6350-B-- GET /site.bak HTTP/1.0 Host: crm.hamomohsen.net X-Real-IP: 213.209.143.116 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 accept-encoding: gzip --c16f6350-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --c16f6350-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||crm.hamomohsen.net|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||crm.hamomohsen.net|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "crm.hamomohsen.net"] [uri "/site.bak"] [unique_id "aIQ2REDp3UzWh44vp69wxgAAABU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/crm.hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753495108352841 186059 (- - -) Stopwatch2: 1753495108352841 186059; combined=3008, p1=497, p2=2373, p3=0, p4=0, p5=137, sr=127, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c16f6350-Z-- --f23aa81a-A-- [26/Jul/2025:04:59:20.441881 +0300] aIQ2dUDp3UzWh44vp69yBAAAAAc 80.211.79.253 55464 127.0.0.1 7081 --f23aa81a-B-- GET /.env HTTP/1.0 Host: opalparis.store X-Real-IP: 80.211.79.253 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 Accept: */* Accept-Encoding: gzip, deflate, br --f23aa81a-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://opalparis.store/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --f23aa81a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "opalparis.store"] [uri "/.env"] [unique_id "aIQ2dUDp3UzWh44vp69yBAAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753495157985326 2456683 (- - -) Stopwatch2: 1753495157985326 2456683; combined=2908, p1=493, p2=2268, p3=0, p4=0, p5=146, sr=132, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f23aa81a-Z-- --1140fb61-A-- [26/Jul/2025:04:59:22.755561 +0300] aIQ2eEDp3UzWh44vp69yFwAAAAA 80.211.79.253 55736 127.0.0.1 7081 --1140fb61-B-- GET /administrator/.env HTTP/1.0 Host: opalparis.store X-Real-IP: 80.211.79.253 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 Accept: */* Accept-Encoding: gzip, deflate, br --1140fb61-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://opalparis.store/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --1140fb61-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "opalparis.store"] [uri "/administrator/.env"] [unique_id "aIQ2eEDp3UzWh44vp69yFwAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753495160581848 2173924 (- - -) Stopwatch2: 1753495160581848 2173924; combined=3343, p1=618, p2=2557, p3=0, p4=0, p5=167, sr=179, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1140fb61-Z-- --6124001c-A-- [26/Jul/2025:04:59:25.312475 +0300] aIQ2e0Dp3UzWh44vp69yLQAAABg 80.211.79.253 54826 127.0.0.1 7081 --6124001c-B-- GET /.env.local HTTP/1.0 Host: opalparis.store X-Real-IP: 80.211.79.253 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 Accept: */* Accept-Encoding: gzip, deflate, br --6124001c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://opalparis.store/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --6124001c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "opalparis.store"] [uri "/.env.local"] [unique_id "aIQ2e0Dp3UzWh44vp69yLQAAABg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753495163414638 1897933 (- - -) Stopwatch2: 1753495163414638 1897933; combined=2292, p1=505, p2=1654, p3=0, p4=0, p5=132, sr=147, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6124001c-Z-- --c7753f13-A-- [26/Jul/2025:04:59:28.330762 +0300] aIQ2fUDp3UzWh44vp69yQgAAAAw 80.211.79.253 55124 127.0.0.1 7081 --c7753f13-B-- GET /.env.production HTTP/1.0 Host: opalparis.store X-Real-IP: 80.211.79.253 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 Accept: */* Accept-Encoding: gzip, deflate, br --c7753f13-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://opalparis.store/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --c7753f13-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "opalparis.store"] [uri "/.env.production"] [unique_id "aIQ2fUDp3UzWh44vp69yQgAAAAw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753495165947644 2383216 (- - -) Stopwatch2: 1753495165947644 2383216; combined=4011, p1=750, p2=3087, p3=0, p4=0, p5=173, sr=248, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c7753f13-Z-- --bd59c22f-A-- [26/Jul/2025:04:59:33.627897 +0300] aIQ2gxjBAYhbsHpfgE1H_QAAAFY 80.211.79.253 55692 127.0.0.1 7081 --bd59c22f-B-- GET /wp-content/.env HTTP/1.0 Host: opalparis.store X-Real-IP: 80.211.79.253 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 Accept: */* Accept-Encoding: gzip, deflate, br --bd59c22f-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://opalparis.store/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --bd59c22f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "opalparis.store"] [uri "/wp-content/.env"] [unique_id "aIQ2gxjBAYhbsHpfgE1H_QAAAFY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753495171431839 2196161 (- - -) Stopwatch2: 1753495171431839 2196161; combined=2779, p1=659, p2=1981, p3=0, p4=0, p5=138, sr=246, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bd59c22f-Z-- --4bb12463-A-- [26/Jul/2025:05:11:37.159353 +0300] aIQ5WBjBAYhbsHpfgE1MygAAAEE 103.8.27.27 50670 127.0.0.1 7081 --4bb12463-B-- GET /core/.env HTTP/1.0 Host: www.hamomohsen.net X-Real-IP: 103.8.27.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) Range: bytes=0-4000 --4bb12463-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --4bb12463-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.hamomohsen.net"] [uri "/core/.env"] [unique_id "aIQ5WBjBAYhbsHpfgE1MygAAAEE"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning: PHP Request Startup: open_basedir restriction in effect. File(/var/cpanel/php/sessions/ea-php82) is not within the allowed path(s): (/var/www/vhosts/hamomohsen.net/:/tmp/) in Unknown on line 0' Apache-Handler: proxy:unix:/var/www/vhosts/system/hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753495896860335 299138 (- - -) Stopwatch2: 1753495896860335 299138; combined=2330, p1=498, p2=1729, p3=0, p4=0, p5=102, sr=125, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4bb12463-Z-- --f53daf12-A-- [26/Jul/2025:05:11:37.207765 +0300] aIQ5WEDp3UzWh44vp6-EfwAAAAY 103.8.27.27 50682 127.0.0.1 7081 --f53daf12-B-- GET /laravel/.env HTTP/1.0 Host: www.hamomohsen.net X-Real-IP: 103.8.27.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) Range: bytes=0-4000 --f53daf12-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --f53daf12-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.hamomohsen.net"] [uri "/laravel/.env"] [unique_id "aIQ5WEDp3UzWh44vp6-EfwAAAAY"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning: PHP Request Startup: open_basedir restriction in effect. File(/var/cpanel/php/sessions/ea-php82) is not within the allowed path(s): (/var/www/vhosts/hamomohsen.net/:/tmp/) in Unknown on line 0' Apache-Handler: proxy:unix:/var/www/vhosts/system/hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753495896873829 334069 (- - -) Stopwatch2: 1753495896873829 334069; combined=4260, p1=975, p2=3041, p3=0, p4=0, p5=243, sr=181, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f53daf12-Z-- --63909d39-A-- [26/Jul/2025:05:11:37.450074 +0300] aIQ5WUDp3UzWh44vp6-EggAAAAo 103.8.27.27 50724 127.0.0.1 7081 --63909d39-B-- GET /admin/.env HTTP/1.0 Host: hamomohsen.net X-Real-IP: 103.8.27.27 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) Range: bytes=0-4000 --63909d39-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --63909d39-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hamomohsen.net"] [uri "/admin/.env"] [unique_id "aIQ5WUDp3UzWh44vp6-EggAAAAo"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning: PHP Request Startup: open_basedir restriction in effect. File(/var/cpanel/php/sessions/ea-php82) is not within the allowed path(s): (/var/www/vhosts/hamomohsen.net/:/tmp/) in Unknown on line 0' Apache-Handler: proxy:unix:/var/www/vhosts/system/hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753495897131796 318380 (- - -) Stopwatch2: 1753495897131796 318380; combined=3702, p1=736, p2=2805, p3=0, p4=0, p5=160, sr=187, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --63909d39-Z-- --d1423108-A-- [26/Jul/2025:05:15:11.153898 +0300] aIQ6L-9O-iMYLPRl5RFYMgAAAI0 196.251.70.223 51854 127.0.0.1 7081 --d1423108-B-- GET /.env HTTP/1.0 Host: test.jinansystem.com X-Real-IP: 196.251.70.223 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.25 Safari/537.36 Core/1.70.3704.400 QQBrowser/10.4.3587.400 Accept-Charset: utf-8 Accept-Encoding: gzip --d1423108-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --d1423108-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.jinansystem.com"] [uri "/.env"] [unique_id "aIQ6L-9O-iMYLPRl5RFYMgAAAI0"] Stopwatch: 1753496111144577 9432 (- - -) Stopwatch2: 1753496111144577 9432; combined=6441, p1=729, p2=5601, p3=0, p4=0, p5=111, sr=246, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d1423108-Z-- --3bd3ac30-A-- [26/Jul/2025:05:29:16.384504 +0300] aIQ9fBjBAYhbsHpfgE1TvAAAAEc 196.251.70.223 47176 127.0.0.1 7081 --3bd3ac30-B-- GET /.env HTTP/1.0 Host: vivacetrading.com X-Real-IP: 196.251.70.223 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: SonyEricssonW660i/R6AD Browser/NetFront/3.3 Profile/MIDP-2.0 Configuration/CLDC-1.1 Accept-Charset: utf-8 Accept-Encoding: gzip --3bd3ac30-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 586 Content-Type: text/html; charset=UTF-8 --3bd3ac30-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vivacetrading.com"] [uri "/.env"] [unique_id "aIQ9fBjBAYhbsHpfgE1TvAAAAEc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753496956295681 88943 (- - -) Stopwatch2: 1753496956295681 88943; combined=60232, p1=57199, p2=2885, p3=0, p4=0, p5=147, sr=153, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3bd3ac30-Z-- --b727346e-A-- [26/Jul/2025:05:31:13.799958 +0300] aIQ98UDp3UzWh44vp6-jSAAAAAU 196.251.114.43 48720 127.0.0.1 7081 --b727346e-B-- GET /.git/refs/ HTTP/1.0 Host: 41.128.143.88 X-Real-IP: 196.251.114.43 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --b727346e-F-- HTTP/1.1 421 Misdirected Request Content-Length: 386 Connection: close Content-Type: text/html; charset=iso-8859-1 --b727346e-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41.128.143.88"] [uri "/.git/refs/"] [unique_id "aIQ98UDp3UzWh44vp6-jSAAAAAU"] Apache-Error: [file "ssl_engine_kernel.c"] [line 325] [level 3] AH02032: Hostname default-41_128_143_86 (default host as no SNI was provided) and hostname 41.128.143.88 provided via HTTP have no compatible SSL setup Stopwatch: 1753497073798550 1502 (- - -) Stopwatch2: 1753497073798550 1502; combined=934, p1=727, p2=0, p3=35, p4=82, p5=89, sr=181, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b727346e-Z-- --46c5773c-A-- [26/Jul/2025:05:40:56.077402 +0300] aIRAOEDp3UzWh44vp6-yOgAAAAc 77.90.153.170 33246 127.0.0.1 7081 --46c5773c-B-- GET /.env HTTP/1.0 Host: raqmix.online X-Real-IP: 77.90.153.170 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-AU) AppleWebKit/534.35 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.35 Puffin/3.9174IT Accept-Charset: utf-8 Accept-Encoding: gzip --46c5773c-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 02:47:02 GMT ETag: "328-63149f7f06f3a" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --46c5773c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "raqmix.online"] [uri "/.env"] [unique_id "aIRAOEDp3UzWh44vp6-yOgAAAAc"] Stopwatch: 1753497656027224 50304 (- - -) Stopwatch2: 1753497656027224 50304; combined=21292, p1=18400, p2=2030, p3=0, p4=0, p5=862, sr=171, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --46c5773c-Z-- --a31c624c-A-- [26/Jul/2025:05:42:07.578016 +0300] aIRAf0Dp3UzWh44vp6-0MwAAAAo 77.90.153.170 34788 127.0.0.1 7081 --a31c624c-B-- GET /.env HTTP/1.0 Host: restpos.raqmix.cloud X-Real-IP: 77.90.153.170 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; U; Android 8.1.0; zh-CN; Mi Note 3 Build/OPM1.171019.019) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.5.9.1039 Mobile Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --a31c624c-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close X-Accel-Version: 0.01 Last-Modified: Mon, 23 Jun 2025 02:21:17 GMT ETag: "24c-63833dde33dc9" Accept-Ranges: bytes Content-Length: 588 --a31c624c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "restpos.raqmix.cloud"] [uri "/.env"] [unique_id "aIRAf0Dp3UzWh44vp6-0MwAAAAo"] Stopwatch: 1753497727573009 5185 (- - -) Stopwatch2: 1753497727573009 5185; combined=2952, p1=600, p2=2203, p3=33, p4=39, p5=76, sr=171, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a31c624c-Z-- --3ee28962-A-- [26/Jul/2025:05:43:02.273920 +0300] aIRAthjBAYhbsHpfgE1Y-AAAAEg 77.90.153.170 43330 127.0.0.1 7081 --3ee28962-B-- GET /.env HTTP/1.0 Host: riyadhchocolate.com X-Real-IP: 77.90.153.170 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; U; Android 1.6; es-es; SonyEricssonX10i Build/R1FA016) AppleWebKit/528.5 (KHTML, like Gecko) Version/3.1.2 Mobile Safari/525.20.1 Accept-Charset: utf-8 Accept-Encoding: gzip --3ee28962-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT ETag: "328-631485999ce56" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --3ee28962-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "riyadhchocolate.com"] [uri "/.env"] [unique_id "aIRAthjBAYhbsHpfgE1Y-AAAAEg"] Stopwatch: 1753497782251644 22365 (- - -) Stopwatch2: 1753497782251644 22365; combined=20210, p1=18145, p2=1937, p3=0, p4=0, p5=128, sr=166, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3ee28962-Z-- --7565524e-A-- [26/Jul/2025:05:43:04.575212 +0300] aIRAuBjBAYhbsHpfgE1Y-QAAAFg 196.251.70.223 57116 127.0.0.1 7081 --7565524e-B-- GET /.env HTTP/1.0 Host: college.jinansystem.com X-Real-IP: 196.251.70.223 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.42 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --7565524e-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT ETag: "3bf-4fedd0a7c7a00" Accept-Ranges: bytes Content-Length: 959 Content-Type: text/html --7565524e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "college.jinansystem.com"] [uri "/.env"] [unique_id "aIRAuBjBAYhbsHpfgE1Y-QAAAFg"] Stopwatch: 1753497784548243 27093 (- - -) Stopwatch2: 1753497784548243 27093; combined=24815, p1=22171, p2=2507, p3=0, p4=0, p5=137, sr=179, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7565524e-Z-- --ee8f0064-A-- [26/Jul/2025:05:50:23.723105 +0300] aIRCb0Dp3UzWh44vp6-_5gAAABI 213.209.143.116 55624 127.0.0.1 7081 --ee8f0064-B-- GET /.env HTTP/1.0 Host: boneless.raqmix.cloud X-Real-IP: 213.209.143.116 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 accept-encoding: gzip --ee8f0064-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close X-Accel-Version: 0.01 X-Accel-Redirect: /internal-nginx-static-location/.env Content-Length: 0 --ee8f0064-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "boneless.raqmix.cloud"] [uri "/.env"] [unique_id "aIRCb0Dp3UzWh44vp6-_5gAAABI"] Stopwatch: 1753498223718740 4454 (- - -) Stopwatch2: 1753498223718740 4454; combined=2693, p1=577, p2=2005, p3=29, p4=27, p5=55, sr=139, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ee8f0064-Z-- --3e3a0130-A-- [26/Jul/2025:05:50:24.995801 +0300] aIRCcBjBAYhbsHpfgE1bEQAAAFI 213.209.143.116 55764 127.0.0.1 7081 --3e3a0130-B-- GET /backup.sql HTTP/1.0 Host: boneless.raqmix.cloud X-Real-IP: 213.209.143.116 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 accept-encoding: gzip --3e3a0130-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Access-Control-Allow-Methods: * Access-Control-Allow-Headers: * Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --3e3a0130-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||boneless.raqmix.cloud|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||boneless.raqmix.cloud|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "boneless.raqmix.cloud"] [uri "/backup.sql"] [unique_id "aIRCcBjBAYhbsHpfgE1bEQAAAFI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/boneless.raqmix.cloud/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753498224672780 323156 (- - -) Stopwatch2: 1753498224672780 323156; combined=2652, p1=526, p2=1998, p3=0, p4=0, p5=128, sr=132, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3e3a0130-Z-- --4b990f43-A-- [26/Jul/2025:05:50:25.418885 +0300] aIRCcUDp3UzWh44vp6-_8gAAABU 213.209.143.116 55850 127.0.0.1 7081 --4b990f43-B-- GET /site.bak HTTP/1.0 Host: boneless.raqmix.cloud X-Real-IP: 213.209.143.116 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 accept-encoding: gzip --4b990f43-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Access-Control-Allow-Methods: * Access-Control-Allow-Headers: * Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --4b990f43-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||boneless.raqmix.cloud|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||boneless.raqmix.cloud|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "boneless.raqmix.cloud"] [uri "/site.bak"] [unique_id "aIRCcUDp3UzWh44vp6-_8gAAABU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/boneless.raqmix.cloud/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753498225060420 358581 (- - -) Stopwatch2: 1753498225060420 358581; combined=2233, p1=406, p2=1695, p3=0, p4=0, p5=131, sr=120, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4b990f43-Z-- --abcd570b-A-- [26/Jul/2025:05:54:41.576635 +0300] aIRDcUDp3UzWh44vp6_GLwAAAAY 77.90.153.170 54552 127.0.0.1 7081 --abcd570b-B-- GET /.env HTTP/1.0 Host: test.americancenter.me X-Real-IP: 77.90.153.170 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36 OPR/36.0.2130.46 Accept-Charset: utf-8 Accept-Encoding: gzip --abcd570b-F-- HTTP/1.1 403 Forbidden Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 15 Oct 2015 19:30:19 GMT ETag: "3be-52229b59508c0" Accept-Ranges: bytes Content-Length: 958 Content-Type: text/html --abcd570b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.americancenter.me"] [uri "/.env"] [unique_id "aIRDcUDp3UzWh44vp6_GLwAAAAY"] Apache-Error: [file "mod_access_compat.c"] [line 350] [level 3] AH01797: client denied by server configuration: /var/www/vhosts/americancenter.me/test.americancenter.me/.env Stopwatch: 1753498481561120 15721 (- - -) Stopwatch2: 1753498481561120 15721; combined=14614, p1=14521, p2=0, p3=0, p4=0, p5=92, sr=130, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --abcd570b-Z-- --2059c95b-A-- [26/Jul/2025:06:03:57.891982 +0300] aIRFnUDp3UzWh44vp6_U7gAAAAY 165.227.173.41 56856 127.0.0.1 7081 --2059c95b-B-- GET /.env HTTP/1.0 Host: posrest.raqmix.cloud X-Real-IP: 165.227.173.41 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --2059c95b-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close X-Accel-Version: 0.01 Last-Modified: Mon, 23 Jun 2025 03:26:34 GMT ETag: "245-63834c76447d1" Accept-Ranges: bytes Content-Length: 581 --2059c95b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "posrest.raqmix.cloud"] [uri "/.env"] [unique_id "aIRFnUDp3UzWh44vp6_U7gAAAAY"] Stopwatch: 1753499037887501 4577 (- - -) Stopwatch2: 1753499037887501 4577; combined=2777, p1=613, p2=1943, p3=35, p4=42, p5=144, sr=189, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2059c95b-Z-- --6bf6cb4c-A-- [26/Jul/2025:06:03:58.060399 +0300] aIRFnkDp3UzWh44vp6_U8gAAAAM 165.227.173.41 56884 127.0.0.1 7081 --6bf6cb4c-B-- GET /.git/config HTTP/1.0 Host: posrest.raqmix.cloud X-Real-IP: 165.227.173.41 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --6bf6cb4c-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --6bf6cb4c-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "posrest.raqmix.cloud"] [uri "/.git/config"] [unique_id "aIRFnkDp3UzWh44vp6_U8gAAAAM"] Stopwatch: 1753499038052457 8025 (- - -) Stopwatch2: 1753499038052457 8025; combined=5362, p1=573, p2=4722, p3=0, p4=0, p5=66, sr=154, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6bf6cb4c-Z-- --3f9a7679-A-- [26/Jul/2025:06:05:46.759677 +0300] aIRGCkDp3UzWh44vp6_XogAAAA4 196.251.70.223 38402 127.0.0.1 7081 --3f9a7679-B-- GET /.env HTTP/1.0 Host: soor.raqmix.cloud X-Real-IP: 196.251.70.223 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; Nexus 7 Build/KTU84P) AppleWebKit/537.36 (KHTML like Gecko) Chrome/36.0.1985.135 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --3f9a7679-F-- HTTP/1.1 404 Not Found Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT ETag: "328-62a6a8c186eb7" Accept-Ranges: bytes Content-Length: 808 Content-Type: text/html --3f9a7679-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "soor.raqmix.cloud"] [uri "/.env"] [unique_id "aIRGCkDp3UzWh44vp6_XogAAAA4"] Stopwatch: 1753499146729135 30861 (- - -) Stopwatch2: 1753499146729135 30861; combined=27134, p1=23396, p2=3635, p3=0, p4=0, p5=103, sr=166, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3f9a7679-Z-- --1ee9163b-A-- [26/Jul/2025:06:15:53.514246 +0300] aIRIZ0Dp3UzWh44vp6_l4gAAAA0 13.79.49.60 59826 127.0.0.1 7081 --1ee9163b-B-- GET /wp/wp-admin/includes/class-wp-filesystem-base.php.bak HTTP/1.0 Host: glamilea.com X-Real-IP: 13.79.49.60 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: yay_currency_widget=29035; wordpress_test_cookie=WP%20Cookie%20check --1ee9163b-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.1.33 X-LiteSpeed-Tag: cb5_HTTP.404 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --1ee9163b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||glamilea.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||glamilea.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "glamilea.com"] [uri "/wp/wp-admin/includes/class-wp-filesystem-base.php.bak"] [unique_id "aIRIZ0Dp3UzWh44vp6_l4gAAAA0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753499751112132 2402304 (- - -) Stopwatch2: 1753499751112132 2402304; combined=7170, p1=519, p2=6519, p3=0, p4=0, p5=132, sr=166, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1ee9163b-Z-- --f881d307-A-- [26/Jul/2025:06:21:24.439594 +0300] aIRJtEDp3UzWh44vp6_vIwAAABU 196.251.70.223 37058 127.0.0.1 7081 --f881d307-B-- GET /.env HTTP/1.0 Host: app.jinansystem.com X-Real-IP: 196.251.70.223 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/75.0.3770.90 Chrome/75.0.3770.90 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --f881d307-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.0.30 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --f881d307-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "app.jinansystem.com"] [uri "/.env"] [unique_id "aIRJtEDp3UzWh44vp6_vIwAAABU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/app.jinansystem.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753500084076968 362733 (- - -) Stopwatch2: 1753500084076968 362733; combined=2627, p1=618, p2=1874, p3=0, p4=0, p5=134, sr=260, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f881d307-Z-- --92baa465-A-- [26/Jul/2025:06:22:11.160586 +0300] aIRJ4u9O-iMYLPRl5RGFxgAAAIc 164.90.208.56 38056 127.0.0.1 7081 --92baa465-B-- POST /php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3D0+%ADd+disable_functions%3D""+%ADd+allow_url_include%3D1+%ADd+auto_prepend_file%3Dphp://input HTTP/1.0 Host: boneless.raqmix.cloud X-Real-IP: 164.90.208.56 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 164 User-Agent: Go-http-client/1.1 Content-Type: application/x-www-form-urlencoded Accept-Encoding: gzip --92baa465-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Access-Control-Allow-Methods: * Access-Control-Allow-Headers: * Cache-Control: no-cache, private pragma: no-cache expires: -1 Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --92baa465-H-- Message: Warning. Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\xadd cgi.force_redirect=0 \xadd disable_functions="" \xadd allow_url_include=1 \xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||boneless.raqmix.cloud|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\x5cxadd cgi.force_redirect=0 \x5cxadd disable_functions=\x22\x22 \x5cxadd allow_url_include=1 \x5cxadd auto_prepend_file=php://input: \xadd cgi.force_redirect=0 \xadd disable_functions=\x22\x22 \xadd allow_url_include=1 \xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\\\\xadd cgi.force_redirect=0 \\\\xadd disable_functions="" \\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||boneless.raqmix.cloud|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\\\x5cxadd cgi.force_redirect=0 \\\\x5cxadd disable_functions=\\\\x22\\\\x22 \\\\x5cxadd allow_url_include=1 \\\\x5cxadd auto_prepend_file=php://input: \\\\xadd cgi.force_redirect=0 \\\\xadd disable_functions=\\\\x22\\\\x22 \\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "boneless.raqmix.cloud"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aIRJ4u9O-iMYLPRl5RGFxgAAAIc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/boneless.raqmix.cloud/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753500130786878 373845 (- - -) Stopwatch2: 1753500130786878 373845; combined=6928, p1=754, p2=5945, p3=0, p4=0, p5=228, sr=156, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --92baa465-Z-- --a83aaf3c-A-- [26/Jul/2025:06:22:16.955195 +0300] aIRJ6EDp3UzWh44vp6_xAgAAAAI 164.90.208.56 38220 127.0.0.1 7081 --a83aaf3c-B-- GET /.env HTTP/1.0 Host: boneless.raqmix.cloud X-Real-IP: 164.90.208.56 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --a83aaf3c-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close X-Accel-Version: 0.01 X-Accel-Redirect: /internal-nginx-static-location/.env Content-Length: 0 --a83aaf3c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "boneless.raqmix.cloud"] [uri "/.env"] [unique_id "aIRJ6EDp3UzWh44vp6_xAgAAAAI"] Stopwatch: 1753500136951083 4207 (- - -) Stopwatch2: 1753500136951083 4207; combined=2445, p1=550, p2=1780, p3=30, p4=27, p5=58, sr=157, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a83aaf3c-Z-- --3077a247-A-- [26/Jul/2025:06:22:17.146536 +0300] aIRJ6UDp3UzWh44vp6_xAwAAAA0 164.90.208.56 38232 127.0.0.1 7081 --3077a247-B-- GET /.git/config HTTP/1.0 Host: boneless.raqmix.cloud X-Real-IP: 164.90.208.56 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --3077a247-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close X-Accel-Version: 0.01 Last-Modified: Mon, 28 Aug 2023 14:39:52 GMT ETag: "177-603fcaac5de00" Accept-Ranges: bytes Content-Length: 375 --3077a247-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "boneless.raqmix.cloud"] [uri "/.git/config"] [unique_id "aIRJ6UDp3UzWh44vp6_xAwAAAA0"] Stopwatch: 1753500137142597 4004 (- - -) Stopwatch2: 1753500137142597 4004; combined=2295, p1=503, p2=1651, p3=33, p4=42, p5=65, sr=132, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3077a247-Z-- --35180e65-A-- [26/Jul/2025:06:27:08.613597 +0300] aIRLDBjBAYhbsHpfgE1oVwAAAE4 196.251.70.223 54510 127.0.0.1 7081 --35180e65-B-- GET /.env HTTP/1.0 Host: menacore.net X-Real-IP: 196.251.70.223 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Python-urllib/2.5 Accept-Charset: utf-8 Accept-Encoding: gzip --35180e65-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.29 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: csrf_cookie_name=0fae8a189ed233ea18de32115cf8e906; expires=Sat, 26 Jul 2025 04:28:08 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax Set-Cookie: sp_session=1bh6qvpmmarhv0p6vb9r3563pam5dq1s; expires=Sat, 26 Jul 2025 11:27:08 GMT; Max-Age=28800; path=/; HttpOnly; SameSite=Lax Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=utf-8 --35180e65-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "menacore.net"] [uri "/.env"] [unique_id "aIRLDBjBAYhbsHpfgE1oVwAAAE4"] Apache-Handler: proxy:unix:/var/www/vhosts/system/menacore.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753500428464150 149579 (- - -) Stopwatch2: 1753500428464150 149579; combined=7768, p1=5735, p2=1904, p3=0, p4=0, p5=128, sr=129, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --35180e65-Z-- --75f7ce43-A-- [26/Jul/2025:06:28:13.138700 +0300] aIRLTe9O-iMYLPRl5RGKbgAAAIU 40.113.91.243 56148 127.0.0.1 7081 --75f7ce43-B-- GET /wp-content/debug.log HTTP/1.0 Host: vivacetrading.com X-Real-IP: 40.113.91.243 X-Accel-Internal: /internal-nginx-static-location Connection: close --75f7ce43-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 --75f7ce43-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vivacetrading.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vivacetrading.com"] [uri "/wp-content/debug.log"] [unique_id "aIRLTe9O-iMYLPRl5RGKbgAAAIU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753500493118793 19972 (- - -) Stopwatch2: 1753500493118793 19972; combined=2765, p1=574, p2=2092, p3=0, p4=0, p5=98, sr=212, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --75f7ce43-Z-- --8ea4d349-A-- [26/Jul/2025:06:28:18.860860 +0300] aIRLUkDp3UzWh44vp6_6swAAAAw 40.113.91.243 57358 127.0.0.1 7081 --8ea4d349-B-- GET /.git/HEAD HTTP/1.0 Host: vivacetrading.com X-Real-IP: 40.113.91.243 X-Accel-Internal: /internal-nginx-static-location Connection: close --8ea4d349-F-- HTTP/1.1 200 OK Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 --8ea4d349-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vivacetrading.com"] [uri "/.git/HEAD"] [unique_id "aIRLUkDp3UzWh44vp6_6swAAAAw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753500498844664 16319 (- - -) Stopwatch2: 1753500498844664 16319; combined=2337, p1=542, p2=1668, p3=0, p4=0, p5=126, sr=126, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8ea4d349-Z-- --160ab804-A-- [26/Jul/2025:06:28:42.241750 +0300] aIRLau9O-iMYLPRl5RGLOQAAAI4 93.152.210.197 46994 127.0.0.1 7081 --160ab804-B-- GET /.env HTTP/1.0 Host: web.raqmix.net X-Real-IP: 93.152.210.197 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 9; ASUS_I005DA Build/PI; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/133.0.6943.122 Mobile Accept: */* Accept-Encoding: gzip --160ab804-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.23 Cache-Control: no-cache, private pragma: no-cache expires: -1 Set-Cookie: XSRF-TOKEN=eyJpdiI6InNxOXFiTlFFTlJ3ZWJrNlNoNGREc1E9PSIsInZhbHVlIjoidXpBVG9DUlE2RkdsdzU1YnZucnNRMFNJcGszWE9DR3J4VlBMOWNWUkpZRUM3cW1QNExMYWhvY2tUb3lxODlvUDRVc202bmZTQWxLRkU4K21zTEIrTlAwWGhUeVBoL1FrdVlEOHlaeGJCVXBheVA1Z2s2N0k2OUZ2cktqeHRURVEiLCJtYWMiOiI4MmY4MzdiNTdiMGY4MWUxOGQwNmI3Nzg3MmYxNmJjMWVlMWYyYzdmYTZiZTJiZGE1MjljODI3ZDdhZmQyNWIyIiwidGFnIjoiIn0%3D; expires=Sat, 26 Jul 2025 05:28:42 GMT; Max-Age=7200; path=/ Set-Cookie: raqweb_session=eyJpdiI6IjFQcEIzS2VEK0RKU0tsUktXNGFweWc9PSIsInZhbHVlIjoidzZTSW5WZ0hRdjlWNC8zbFA1ZVcwQ0pSN1V6cHNtdmh5VGdHR2h5REJQc2tmMFlia29kN0FhZTFZeEZqSTdYZ2VUdU0vd0pzR2o5djZmNzBmWlRZNHgwRGxKOWxmR2ZaRGh6ZWVRTlMzVEp6ejlEUnNRWFo4N2UyL1EzTkQ0TXYiLCJtYWMiOiIzNjU0ZDc0MDU4YTM4MzA2MWI5NGRjZTU0NmZhNmUxZTRiYzNhMjg1NzU0ZGMzZDBmNTllM2U5NjQwZjExNjk5IiwidGFnIjoiIn0%3D; expires=Sat, 26 Jul 2025 05:28:42 GMT; Max-Age=7200; path=/; httponly Upgrade: h2,h2c Connection: Upgrade, close Content-Type: text/html; charset=UTF-8 --160ab804-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web.raqmix.net"] [uri "/.env"] [unique_id "aIRLau9O-iMYLPRl5RGLOQAAAI4"] Apache-Handler: proxy:unix:/var/www/vhosts/system/web.raqmix.net/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1753500522088016 153836 (- - -) Stopwatch2: 1753500522088016 153836; combined=14616, p1=12615, p2=1912, p3=0, p4=0, p5=88, sr=154, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --160ab804-Z--