One Hat Cyber Team

View File Name : modsec_audit.log

--e0082e6d-A--
[21/Jul/2025:00:08:20.012218 +0300] aH1axHhpGLoQeqBaLWCGswAAABE 165.22.235.3 44772 127.0.0.1 7081
--e0082e6d-B--
GET /.env HTTP/1.0
Host: riyadh-choc.raqmix.cloud
X-Real-IP: 165.22.235.3
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Go-http-client/1.1
Accept-Encoding: gzip

--e0082e6d-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT
ETag: "328-62a6a8c186eb7"
Accept-Ranges: bytes
Content-Length: 808
Content-Type: text/html

--e0082e6d-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "riyadh-choc.raqmix.cloud"] [uri "/.env"] [unique_id "aH1axHhpGLoQeqBaLWCGswAAABE"]
Stopwatch: 1753045700008274 4007 (- - -)
Stopwatch2: 1753045700008274 4007; combined=2274, p1=497, p2=1710, p3=0, p4=0, p5=67, sr=132, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--e0082e6d-Z--

--56fd8360-A--
[21/Jul/2025:00:08:20.523419 +0300] aH1axHhpGLoQeqBaLWCGtQAAAA0 165.22.235.3 44788 127.0.0.1 7081
--56fd8360-B--
GET /.git/config HTTP/1.0
Host: riyadh-choc.raqmix.cloud
X-Real-IP: 165.22.235.3
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Go-http-client/1.1
Accept-Encoding: gzip

--56fd8360-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT
ETag: "328-62a6a8c186eb7"
Accept-Ranges: bytes
Content-Length: 808
Content-Type: text/html

--56fd8360-H--
Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "riyadh-choc.raqmix.cloud"] [uri "/.git/config"] [unique_id "aH1axHhpGLoQeqBaLWCGtQAAAA0"]
Stopwatch: 1753045700507894 15634 (- - -)
Stopwatch2: 1753045700507894 15634; combined=13222, p1=10638, p2=2506, p3=0, p4=0, p5=78, sr=288, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--56fd8360-Z--

--d8a3b257-A--
[21/Jul/2025:00:18:23.099910 +0300] aH1dH3hpGLoQeqBaLWCN1wAAAAg 45.76.61.18 36274 127.0.0.1 7081
--d8a3b257-B--
GET /App/Runtime/Logs/Home/25_07_19.log HTTP/1.0
Host: jinansystem.com
X-Real-IP: 45.76.61.18
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4240.111 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*

--d8a3b257-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT
ETag: "3bf-4fedd0a7c7a00"
Accept-Ranges: bytes
Content-Length: 959
Content-Type: text/html

--d8a3b257-H--
Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jinansystem.com"] [uri "/App/Runtime/Logs/Home/25_07_19.log"] [unique_id "aH1dH3hpGLoQeqBaLWCN1wAAAAg"]
Stopwatch: 1753046303092611 7481 (- - -)
Stopwatch2: 1753046303092611 7481; combined=4233, p1=867, p2=3217, p3=0, p4=0, p5=148, sr=178, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--d8a3b257-Z--

--cfc05663-A--
[21/Jul/2025:00:18:23.104864 +0300] aH1dH3hpGLoQeqBaLWCN2AAAAAk 45.76.61.18 36282 127.0.0.1 7081
--cfc05663-B--
GET /Runtime/Logs/25_07_20.log HTTP/1.0
Host: jinansystem.com
X-Real-IP: 45.76.61.18
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4240.111 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*

--cfc05663-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT
ETag: "3bf-4fedd0a7c7a00"
Accept-Ranges: bytes
Content-Length: 959
Content-Type: text/html

--cfc05663-H--
Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jinansystem.com"] [uri "/Runtime/Logs/25_07_20.log"] [unique_id "aH1dH3hpGLoQeqBaLWCN2AAAAAk"]
Stopwatch: 1753046303099673 5296 (- - -)
Stopwatch2: 1753046303099673 5296; combined=3305, p1=931, p2=2292, p3=0, p4=0, p5=82, sr=289, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--cfc05663-Z--

--795d783b-A--
[21/Jul/2025:00:18:23.140073 +0300] aH1dH3hpGLoQeqBaLWCN2QAAAA8 45.76.61.18 36292 127.0.0.1 7081
--795d783b-B--
GET /Application/Runtime/Logs/25_07_19.log HTTP/1.0
Host: jinansystem.com
X-Real-IP: 45.76.61.18
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4240.111 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*

--795d783b-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT
ETag: "3bf-4fedd0a7c7a00"
Accept-Ranges: bytes
Content-Length: 959
Content-Type: text/html

--795d783b-H--
Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jinansystem.com"] [uri "/Application/Runtime/Logs/25_07_19.log"] [unique_id "aH1dH3hpGLoQeqBaLWCN2QAAAA8"]
Stopwatch: 1753046303135474 4674 (- - -)
Stopwatch2: 1753046303135474 4674; combined=2779, p1=484, p2=2219, p3=0, p4=0, p5=75, sr=158, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--795d783b-Z--

--a1e97d02-A--
[21/Jul/2025:00:18:23.232491 +0300] aH1dH3hpGLoQeqBaLWCN2gAAAAQ 45.76.61.18 36304 127.0.0.1 7081
--a1e97d02-B--
GET /Runtime/Logs/25_07_19.log HTTP/1.0
Host: jinansystem.com
X-Real-IP: 45.76.61.18
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4240.111 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*

--a1e97d02-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT
ETag: "3bf-4fedd0a7c7a00"
Accept-Ranges: bytes
Content-Length: 959
Content-Type: text/html

--a1e97d02-H--
Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jinansystem.com"] [uri "/Runtime/Logs/25_07_19.log"] [unique_id "aH1dH3hpGLoQeqBaLWCN2gAAAAQ"]
Stopwatch: 1753046303227200 5380 (- - -)
Stopwatch2: 1753046303227200 5380; combined=3257, p1=563, p2=2543, p3=0, p4=0, p5=151, sr=177, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--a1e97d02-Z--

--c14e9f7d-A--
[21/Jul/2025:00:18:23.240803 +0300] aH1dH_xJ8Ca9LcPupLFLvQAAAI8 45.76.61.18 36306 127.0.0.1 7081
--c14e9f7d-B--
GET /Application/Runtime/Logs/Home/25_07_20.log HTTP/1.0
Host: jinansystem.com
X-Real-IP: 45.76.61.18
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4240.111 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*

--c14e9f7d-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT
ETag: "3bf-4fedd0a7c7a00"
Accept-Ranges: bytes
Content-Length: 959
Content-Type: text/html

--c14e9f7d-H--
Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jinansystem.com"] [uri "/Application/Runtime/Logs/Home/25_07_20.log"] [unique_id "aH1dH_xJ8Ca9LcPupLFLvQAAAI8"]
Stopwatch: 1753046303236123 4764 (- - -)
Stopwatch2: 1753046303236123 4764; combined=2932, p1=467, p2=2379, p3=0, p4=0, p5=86, sr=153, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--c14e9f7d-Z--

--8c1ec219-A--
[21/Jul/2025:00:18:23.243898 +0300] aH1dH_xJ8Ca9LcPupLFLvwAAAIw 45.76.61.18 36314 127.0.0.1 7081
--8c1ec219-B--
GET /Application/Runtime/Logs/Admin/25_07_20.log HTTP/1.0
Host: jinansystem.com
X-Real-IP: 45.76.61.18
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4240.111 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*

--8c1ec219-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT
ETag: "3bf-4fedd0a7c7a00"
Accept-Ranges: bytes
Content-Length: 959
Content-Type: text/html

--8c1ec219-H--
Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jinansystem.com"] [uri "/Application/Runtime/Logs/Admin/25_07_20.log"] [unique_id "aH1dH_xJ8Ca9LcPupLFLvwAAAIw"]
Stopwatch: 1753046303239318 4705 (- - -)
Stopwatch2: 1753046303239318 4705; combined=2803, p1=468, p2=2238, p3=0, p4=0, p5=97, sr=148, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--8c1ec219-Z--

--c69c306c-A--
[21/Jul/2025:00:18:23.244107 +0300] aH1dH_xJ8Ca9LcPupLFLvgAAAIE 45.76.61.18 36320 127.0.0.1 7081
--c69c306c-B--
GET /Application/Runtime/Logs/Home/25_07_19.log HTTP/1.0
Host: jinansystem.com
X-Real-IP: 45.76.61.18
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4240.111 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*

--c69c306c-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT
ETag: "3bf-4fedd0a7c7a00"
Accept-Ranges: bytes
Content-Length: 959
Content-Type: text/html

--c69c306c-H--
Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jinansystem.com"] [uri "/Application/Runtime/Logs/Home/25_07_19.log"] [unique_id "aH1dH_xJ8Ca9LcPupLFLvgAAAIE"]
Stopwatch: 1753046303238114 6108 (- - -)
Stopwatch2: 1753046303238114 6108; combined=3822, p1=613, p2=3090, p3=0, p4=0, p5=119, sr=179, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--c69c306c-Z--

--642e677e-A--
[21/Jul/2025:00:18:23.247264 +0300] aH1dH3hpGLoQeqBaLWCN2wAAAAI 45.76.61.18 36330 127.0.0.1 7081
--642e677e-B--
GET /Application/Runtime/Logs/Admin/25_07_19.log HTTP/1.0
Host: jinansystem.com
X-Real-IP: 45.76.61.18
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4240.111 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*

--642e677e-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT
ETag: "3bf-4fedd0a7c7a00"
Accept-Ranges: bytes
Content-Length: 959
Content-Type: text/html

--642e677e-H--
Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jinansystem.com"] [uri "/Application/Runtime/Logs/Admin/25_07_19.log"] [unique_id "aH1dH3hpGLoQeqBaLWCN2wAAAAI"]
Stopwatch: 1753046303243620 3782 (- - -)
Stopwatch2: 1753046303243620 3782; combined=2217, p1=370, p2=1778, p3=0, p4=0, p5=69, sr=145, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--642e677e-Z--

--e94b9714-A--
[21/Jul/2025:00:18:23.249058 +0300] aH1dH3hpGLoQeqBaLWCN3AAAAAc 45.76.61.18 36332 127.0.0.1 7081
--e94b9714-B--
GET /App/Runtime/Logs/25_07_20.log HTTP/1.0
Host: jinansystem.com
X-Real-IP: 45.76.61.18
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4240.111 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*

--e94b9714-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT
ETag: "3bf-4fedd0a7c7a00"
Accept-Ranges: bytes
Content-Length: 959
Content-Type: text/html

--e94b9714-H--
Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jinansystem.com"] [uri "/App/Runtime/Logs/25_07_20.log"] [unique_id "aH1dH3hpGLoQeqBaLWCN3AAAAAc"]
Stopwatch: 1753046303245848 3275 (- - -)
Stopwatch2: 1753046303245848 3275; combined=2077, p1=401, p2=1611, p3=0, p4=0, p5=65, sr=132, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--e94b9714-Z--

--a4fd7522-A--
[21/Jul/2025:00:18:23.264057 +0300] aH1dH3hpGLoQeqBaLWCN3QAAABQ 45.76.61.18 36334 127.0.0.1 7081
--a4fd7522-B--
GET /Runtime/Logs/Home/25_07_19.log HTTP/1.0
Host: jinansystem.com
X-Real-IP: 45.76.61.18
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4240.111 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*

--a4fd7522-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT
ETag: "3bf-4fedd0a7c7a00"
Accept-Ranges: bytes
Content-Length: 959
Content-Type: text/html

--a4fd7522-H--
Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jinansystem.com"] [uri "/Runtime/Logs/Home/25_07_19.log"] [unique_id "aH1dH3hpGLoQeqBaLWCN3QAAABQ"]
Stopwatch: 1753046303260235 3888 (- - -)
Stopwatch2: 1753046303260235 3888; combined=2391, p1=375, p2=1947, p3=0, p4=0, p5=69, sr=120, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--a4fd7522-Z--

--010d3416-A--
[21/Jul/2025:00:18:23.266715 +0300] aH1dH3hpGLoQeqBaLWCN3gAAABg 45.76.61.18 36346 127.0.0.1 7081
--010d3416-B--
GET /Application/Runtime/Logs/25_07_20.log HTTP/1.0
Host: jinansystem.com
X-Real-IP: 45.76.61.18
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4240.111 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*

--010d3416-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT
ETag: "3bf-4fedd0a7c7a00"
Accept-Ranges: bytes
Content-Length: 959
Content-Type: text/html

--010d3416-H--
Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jinansystem.com"] [uri "/Application/Runtime/Logs/25_07_20.log"] [unique_id "aH1dH3hpGLoQeqBaLWCN3gAAABg"]
Stopwatch: 1753046303262895 3886 (- - -)
Stopwatch2: 1753046303262895 3886; combined=2319, p1=447, p2=1811, p3=0, p4=0, p5=61, sr=150, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--010d3416-Z--

--21282e08-A--
[21/Jul/2025:00:18:23.270679 +0300] aH1dH3hpGLoQeqBaLWCN3wAAAAs 45.76.61.18 36360 127.0.0.1 7081
--21282e08-B--
GET /App/Runtime/Logs/25_07_19.log HTTP/1.0
Host: jinansystem.com
X-Real-IP: 45.76.61.18
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4240.111 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*

--21282e08-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT
ETag: "3bf-4fedd0a7c7a00"
Accept-Ranges: bytes
Content-Length: 959
Content-Type: text/html

--21282e08-H--
Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jinansystem.com"] [uri "/App/Runtime/Logs/25_07_19.log"] [unique_id "aH1dH3hpGLoQeqBaLWCN3wAAAAs"]
Stopwatch: 1753046303266784 3985 (- - -)
Stopwatch2: 1753046303266784 3985; combined=2342, p1=623, p2=1623, p3=0, p4=0, p5=96, sr=241, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--21282e08-Z--

--2131c409-A--
[21/Jul/2025:00:18:23.273071 +0300] aH1dH_xJ8Ca9LcPupLFLwAAAAJE 45.76.61.18 36370 127.0.0.1 7081
--2131c409-B--
GET /Runtime/Logs/Home/25_07_20.log HTTP/1.0
Host: jinansystem.com
X-Real-IP: 45.76.61.18
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4240.111 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*

--2131c409-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT
ETag: "3bf-4fedd0a7c7a00"
Accept-Ranges: bytes
Content-Length: 959
Content-Type: text/html

--2131c409-H--
Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jinansystem.com"] [uri "/Runtime/Logs/Home/25_07_20.log"] [unique_id "aH1dH_xJ8Ca9LcPupLFLwAAAAJE"]
Stopwatch: 1753046303268938 4224 (- - -)
Stopwatch2: 1753046303268938 4224; combined=2516, p1=612, p2=1825, p3=0, p4=0, p5=79, sr=147, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--2131c409-Z--

--752ef945-A--
[21/Jul/2025:00:18:23.499137 +0300] aH1dH_xJ8Ca9LcPupLFLwQAAAJY 45.76.61.18 36374 127.0.0.1 7081
--752ef945-B--
GET /App/Runtime/Logs/Home/25_07_20.log HTTP/1.0
Host: jinansystem.com
X-Real-IP: 45.76.61.18
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4240.111 Safari/537.36
Accept-Encoding: gzip, deflate
Accept: */*

--752ef945-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Wed, 23 Jul 2014 14:20:24 GMT
ETag: "3bf-4fedd0a7c7a00"
Accept-Ranges: bytes
Content-Length: 959
Content-Type: text/html

--752ef945-H--
Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jinansystem.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jinansystem.com"] [uri "/App/Runtime/Logs/Home/25_07_20.log"] [unique_id "aH1dH_xJ8Ca9LcPupLFLwQAAAJY"]
Stopwatch: 1753046303493565 5640 (- - -)
Stopwatch2: 1753046303493565 5640; combined=2570, p1=467, p2=2030, p3=0, p4=0, p5=73, sr=143, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--752ef945-Z--

--24820476-A--
[21/Jul/2025:00:48:18.298617 +0300] aH1kIPxJ8Ca9LcPupLFURgAAAJI 202.4.60.52 38330 127.0.0.1 7081
--24820476-B--
GET /wp-json/wp/v2/users HTTP/1.0
Host: glamilea.com
X-Real-IP: 202.4.60.52
X-Accel-Internal: /internal-nginx-static-location
Connection: close
accept-encoding: gzip, deflate, br
sec-fetch-user: ?1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: same-origin
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
referer: http://glamilea.com/wp-login.php
cookie: yay_currency_widget=29035; wordpress_test_cookie=WP%20Cookie%20check

--24820476-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/8.1.33
X-Robots-Tag: noindex
Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/"
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
X-WP-Total: 1
X-WP-TotalPages: 1
Allow: GET
Vary: Origin
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Type: application/json; charset=UTF-8

--24820476-H--
Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glamilea.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glamilea.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "glamilea.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aH1kIPxJ8Ca9LcPupLFURgAAAJI"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753048096133724 2165145 (- - -)
Stopwatch2: 1753048096133724 2165145; combined=4986, p1=529, p2=4283, p3=0, p4=0, p5=174, sr=175, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--24820476-Z--

--6baa0820-A--
[21/Jul/2025:00:50:08.607178 +0300] aH1kkPxJ8Ca9LcPupLFUuwAAAIA 3.237.46.75 48112 127.0.0.1 7080
--6baa0820-B--
GET /CookieAuth.dll?GetLogon?formdir=1 HTTP/1.0
Host: mail.limexfinance.org
X-Real-IP: 3.237.46.75
Connection: close
User-Agent: Mozilla/5.0 (compatible; SorterBot/1.0)
Accept-Encoding: gzip, deflate
Accept: */*

--6baa0820-F--
HTTP/1.1 404 Not Found
Content-Length: 267
Connection: close
Content-Type: text/html; charset=iso-8859-1

--6baa0820-E--

--6baa0820-H--
Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mail.limexfinance.org|F|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mail.limexfinance.org|F|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.limexfinance.org"] [uri "/CookieAuth.dll"] [unique_id "aH1kkPxJ8Ca9LcPupLFUuwAAAIA"]
Stopwatch: 1753048208602021 5249 (- - -)
Stopwatch2: 1753048208602021 5249; combined=3389, p1=546, p2=2683, p3=54, p4=33, p5=73, sr=200, sw=0, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--6baa0820-Z--

--8a1a4d59-A--
[21/Jul/2025:00:50:08.819495 +0300] aH1kkHhpGLoQeqBaLWChMAAAABg 3.237.46.75 60716 127.0.0.1 7081
--8a1a4d59-B--
GET /CookieAuth.dll?GetLogon?formdir=1 HTTP/1.0
Host: webmail.limexfinance.org
X-Real-IP: 3.237.46.75
Connection: close
User-Agent: Mozilla/5.0 (compatible; SorterBot/1.0)
Accept-Encoding: gzip, deflate
Accept: */*

--8a1a4d59-F--
HTTP/1.1 404 Not Found
Content-Length: 271
Connection: close
Content-Type: text/html; charset=iso-8859-1

--8a1a4d59-E--

--8a1a4d59-H--
Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||webmail.limexfinance.org|F|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||webmail.limexfinance.org|F|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "webmail.limexfinance.org"] [uri "/CookieAuth.dll"] [unique_id "aH1kkHhpGLoQeqBaLWChMAAAABg"]
Stopwatch: 1753048208807273 12388 (- - -)
Stopwatch2: 1753048208807273 12388; combined=3467, p1=628, p2=2676, p3=46, p4=34, p5=83, sr=170, sw=0, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--8a1a4d59-Z--

--ea9b1f75-A--
[21/Jul/2025:00:50:09.233739 +0300] aH1kkfxJ8Ca9LcPupLFUvQAAAJA 3.237.46.75 60724 127.0.0.1 7081
--ea9b1f75-B--
GET /CookieAuth.dll?GetLogon?formdir=1 HTTP/1.0
Host: webmail.limexfinance.org
X-Real-IP: 3.237.46.75
Connection: close
User-Agent: Mozilla/5.0 (compatible; SorterBot/1.0)
Accept-Encoding: gzip, deflate
Accept: */*

--ea9b1f75-F--
HTTP/1.1 404 Not Found
Content-Length: 271
Connection: close
Content-Type: text/html; charset=iso-8859-1

--ea9b1f75-E--

--ea9b1f75-H--
Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||webmail.limexfinance.org|F|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||webmail.limexfinance.org|F|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "webmail.limexfinance.org"] [uri "/CookieAuth.dll"] [unique_id "aH1kkfxJ8Ca9LcPupLFUvQAAAJA"]
Stopwatch: 1753048209228715 5087 (- - -)
Stopwatch2: 1753048209228715 5087; combined=3150, p1=534, p2=2477, p3=39, p4=31, p5=69, sr=185, sw=0, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--ea9b1f75-Z--

--8d54086c-A--
[21/Jul/2025:00:50:12.082876 +0300] aH1klPxJ8Ca9LcPupLFUwgAAAJM 3.237.46.75 48118 127.0.0.1 7080
--8d54086c-B--
GET /CookieAuth.dll?GetLogon?formdir=1 HTTP/1.0
Host: mail.limexfinance.org
X-Real-IP: 3.237.46.75
Connection: close
User-Agent: Mozilla/5.0 (compatible; SorterBot/1.0)
Accept-Encoding: gzip, deflate
Accept: */*

--8d54086c-F--
HTTP/1.1 404 Not Found
Content-Length: 267
Connection: close
Content-Type: text/html; charset=iso-8859-1

--8d54086c-E--

--8d54086c-H--
Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mail.limexfinance.org|F|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mail.limexfinance.org|F|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.limexfinance.org"] [uri "/CookieAuth.dll"] [unique_id "aH1klPxJ8Ca9LcPupLFUwgAAAJM"]
Stopwatch: 1753048212076384 6566 (- - -)
Stopwatch2: 1753048212076384 6566; combined=4209, p1=591, p2=3474, p3=41, p4=32, p5=71, sr=236, sw=0, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--8d54086c-Z--

--ce792c76-A--
[21/Jul/2025:00:50:12.207898 +0300] aH1klPxJ8Ca9LcPupLFUxQAAAIs 3.237.46.75 60796 127.0.0.1 7081
--ce792c76-B--
GET /CookieAuth.dll?GetLogon?formdir=1 HTTP/1.0
Host: webmail.limexfinance.org
X-Real-IP: 3.237.46.75
Connection: close
User-Agent: Mozilla/5.0 (compatible; SorterBot/1.0)
Accept-Encoding: gzip, deflate
Accept: */*

--ce792c76-F--
HTTP/1.1 404 Not Found
Content-Length: 271
Connection: close
Content-Type: text/html; charset=iso-8859-1

--ce792c76-E--

--ce792c76-H--
Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||webmail.limexfinance.org|F|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||webmail.limexfinance.org|F|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "webmail.limexfinance.org"] [uri "/CookieAuth.dll"] [unique_id "aH1klPxJ8Ca9LcPupLFUxQAAAIs"]
Stopwatch: 1753048212203461 4525 (- - -)
Stopwatch2: 1753048212203461 4525; combined=2916, p1=508, p2=2255, p3=43, p4=35, p5=74, sr=188, sw=1, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--ce792c76-Z--

--fa5d7017-A--
[21/Jul/2025:01:02:16.051626 +0300] aH1naPxJ8Ca9LcPupLFXewAAAIY 5.189.176.44 35418 127.0.0.1 7081
--fa5d7017-B--
GET /.env.production HTTP/1.0
Host: jac.group
X-Real-IP: 5.189.176.44
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (X11; Linux x86_64)
Range: bytes=0-4000

--fa5d7017-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Tue, 24 May 2022 15:05:06 GMT
ETag: "328-5dfc34833fcce"
Accept-Ranges: bytes
Content-Length: 808
Content-Type: text/html

--fa5d7017-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jac.group"] [uri "/.env.production"] [unique_id "aH1naPxJ8Ca9LcPupLFXewAAAIY"]
Stopwatch: 1753048936047269 4445 (- - -)
Stopwatch2: 1753048936047269 4445; combined=2566, p1=765, p2=1733, p3=0, p4=0, p5=68, sr=260, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--fa5d7017-Z--

--6481b941-A--
[21/Jul/2025:01:02:16.056428 +0300] aH1naPxJ8Ca9LcPupLFXfAAAAJM 5.189.176.44 35436 127.0.0.1 7081
--6481b941-B--
GET /.env HTTP/1.0
Host: jac.group
X-Real-IP: 5.189.176.44
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (X11; Linux x86_64)
Range: bytes=0-4000

--6481b941-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Tue, 24 May 2022 15:05:06 GMT
ETag: "328-5dfc34833fcce"
Accept-Ranges: bytes
Content-Length: 808
Content-Type: text/html

--6481b941-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jac.group"] [uri "/.env"] [unique_id "aH1naPxJ8Ca9LcPupLFXfAAAAJM"]
Stopwatch: 1753048936051898 4616 (- - -)
Stopwatch2: 1753048936051898 4616; combined=2512, p1=619, p2=1800, p3=0, p4=0, p5=93, sr=151, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--6481b941-Z--

--6d08ae6e-A--
[21/Jul/2025:01:02:16.058497 +0300] aH1naHhpGLoQeqBaLWCnrwAAABQ 5.189.176.44 35452 127.0.0.1 7081
--6d08ae6e-B--
GET /.env.save HTTP/1.0
Host: jac.group
X-Real-IP: 5.189.176.44
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (X11; Linux x86_64)
Range: bytes=0-4000

--6d08ae6e-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Tue, 24 May 2022 15:05:06 GMT
ETag: "328-5dfc34833fcce"
Accept-Ranges: bytes
Content-Length: 808
Content-Type: text/html

--6d08ae6e-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jac.group"] [uri "/.env.save"] [unique_id "aH1naHhpGLoQeqBaLWCnrwAAABQ"]
Stopwatch: 1753048936053828 4754 (- - -)
Stopwatch2: 1753048936053828 4754; combined=2907, p1=504, p2=2320, p3=0, p4=0, p5=83, sr=154, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--6d08ae6e-Z--

--03bf802d-A--
[21/Jul/2025:01:02:16.383417 +0300] aH1naHhpGLoQeqBaLWCnsQAAABY 5.189.176.44 35472 127.0.0.1 7081
--03bf802d-B--
GET /.env.production HTTP/1.0
Host: www.jac.group
X-Real-IP: 5.189.176.44
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (X11; Linux x86_64)
Range: bytes=0-4000

--03bf802d-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Tue, 24 May 2022 15:05:06 GMT
ETag: "328-5dfc34833fcce"
Accept-Ranges: bytes
Content-Length: 808
Content-Type: text/html

--03bf802d-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jac.group"] [uri "/.env.production"] [unique_id "aH1naHhpGLoQeqBaLWCnsQAAABY"]
Stopwatch: 1753048936378504 4988 (- - -)
Stopwatch2: 1753048936378504 4988; combined=3044, p1=718, p2=2260, p3=0, p4=0, p5=66, sr=190, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--03bf802d-Z--

--e28b315b-A--
[21/Jul/2025:01:02:16.482541 +0300] aH1naHhpGLoQeqBaLWCnsgAAAA4 5.189.176.44 35474 127.0.0.1 7081
--e28b315b-B--
GET /.env.save HTTP/1.0
Host: www.jac.group
X-Real-IP: 5.189.176.44
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (X11; Linux x86_64)
Range: bytes=0-4000

--e28b315b-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Tue, 24 May 2022 15:05:06 GMT
ETag: "328-5dfc34833fcce"
Accept-Ranges: bytes
Content-Length: 808
Content-Type: text/html

--e28b315b-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jac.group"] [uri "/.env.save"] [unique_id "aH1naHhpGLoQeqBaLWCnsgAAAA4"]
Stopwatch: 1753048936477998 4640 (- - -)
Stopwatch2: 1753048936477998 4640; combined=2688, p1=608, p2=2012, p3=0, p4=0, p5=68, sr=179, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--e28b315b-Z--

--7acb113c-A--
[21/Jul/2025:01:02:16.485109 +0300] aH1naPxJ8Ca9LcPupLFXfQAAAIo 5.189.176.44 35486 127.0.0.1 7081
--7acb113c-B--
GET /.env HTTP/1.0
Host: www.jac.group
X-Real-IP: 5.189.176.44
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (X11; Linux x86_64)
Range: bytes=0-4000

--7acb113c-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Tue, 24 May 2022 15:05:06 GMT
ETag: "328-5dfc34833fcce"
Accept-Ranges: bytes
Content-Length: 808
Content-Type: text/html

--7acb113c-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jac.group"] [uri "/.env"] [unique_id "aH1naPxJ8Ca9LcPupLFXfQAAAIo"]
Stopwatch: 1753048936480794 4379 (- - -)
Stopwatch2: 1753048936480794 4379; combined=2575, p1=534, p2=1972, p3=0, p4=0, p5=69, sr=172, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--7acb113c-Z--

--4daf8925-A--
[21/Jul/2025:01:04:56.327471 +0300] aH1oCHhpGLoQeqBaLWCqPwAAAA4 172.93.102.107 34450 127.0.0.1 7081
--4daf8925-B--
GET /.git/config HTTP/1.0
Host: menacore.net
X-Real-IP: 172.93.102.107
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozila/5.0
Referer: http://menacore.net/.git/config
Accept-Encoding: gzip

--4daf8925-F--
HTTP/1.1 404 Not Found
X-Powered-By: PHP/8.2.29
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: csrf_cookie_name=cd4312ddeec5fcb440a595509b70e862; expires=Sun, 20 Jul 2025 23:05:56 GMT; Max-Age=3660; path=/; HttpOnly; SameSite=Lax
Set-Cookie: sp_session=g6ee5kjnim99caki25oor3rqkju42j52; expires=Mon, 21 Jul 2025 06:04:56 GMT; Max-Age=28800; path=/; HttpOnly; SameSite=Lax
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Type: text/html; charset=utf-8

--4daf8925-H--
Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "menacore.net"] [uri "/.git/config"] [unique_id "aH1oCHhpGLoQeqBaLWCqPwAAAA4"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/menacore.net/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753049096139869 187730 (- - -)
Stopwatch2: 1753049096139869 187730; combined=2868, p1=616, p2=2142, p3=0, p4=0, p5=110, sr=206, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--4daf8925-Z--

--932d8576-A--
[21/Jul/2025:01:11:27.213578 +0300] aH1pj3hpGLoQeqBaLWCwDwAAABY 202.4.60.52 38008 127.0.0.1 7081
--932d8576-B--
GET /wp-json/wp/v2/users HTTP/1.0
Host: riyadhchocolate.com
X-Real-IP: 202.4.60.52
X-Accel-Internal: /internal-nginx-static-location
Connection: close
accept-language: en-US,en;q=0.5
referer: http://riyadhchocolate.com/wp-login.php
accept-encoding: gzip, deflate, br
upgrade-insecure-requests: 1
sec-fetch-mode: navigate
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
sec-fetch-dest: document
sec-fetch-site: same-origin
sec-fetch-user: ?1
cookie: wordpress_test_cookie=WP%20Cookie%20check

--932d8576-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT
ETag: "328-631485999ce56"
Accept-Ranges: bytes
Content-Length: 808
Content-Type: text/html

--932d8576-H--
Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riyadhchocolate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "riyadhchocolate.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aH1pj3hpGLoQeqBaLWCwDwAAABY"]
Stopwatch: 1753049487208777 4925 (- - -)
Stopwatch2: 1753049487208777 4925; combined=3131, p1=515, p2=2532, p3=0, p4=0, p5=84, sr=222, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--932d8576-Z--

--92ce5f40-A--
[21/Jul/2025:01:18:14.181211 +0300] aH1rJnhpGLoQeqBaLWC4tQAAAAQ 134.209.25.199 48032 127.0.0.1 7081
--92ce5f40-B--
GET /.env HTTP/1.0
Host: www.museduliban.com
X-Real-IP: 134.209.25.199
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Go-http-client/1.1
Accept-Encoding: gzip

--92ce5f40-F--
HTTP/1.1 503 Service Unavailable
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Tue, 18 Mar 2025 01:24:13 GMT
ETag: "396-63093c3371a9c"
Accept-Ranges: bytes
Content-Length: 918
Content-Type: text/html

--92ce5f40-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.museduliban.com"] [uri "/.env"] [unique_id "aH1rJnhpGLoQeqBaLWC4tQAAAAQ"]
Stopwatch: 1753049894179774 1697 (- - -)
Stopwatch2: 1753049894179774 1697; combined=755, p1=650, p2=0, p3=0, p4=0, p5=104, sr=165, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--92ce5f40-Z--

--2e344f05-A--
[21/Jul/2025:01:18:14.502199 +0300] aH1rJnhpGLoQeqBaLWC4uAAAAAI 134.209.25.199 48084 127.0.0.1 7081
--2e344f05-B--
GET /.git/config HTTP/1.0
Host: www.museduliban.com
X-Real-IP: 134.209.25.199
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Go-http-client/1.1
Accept-Encoding: gzip

--2e344f05-F--
HTTP/1.1 503 Service Unavailable
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Tue, 18 Mar 2025 01:24:13 GMT
ETag: "396-63093c3371a9c"
Accept-Ranges: bytes
Content-Length: 918
Content-Type: text/html

--2e344f05-H--
Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.museduliban.com"] [uri "/.git/config"] [unique_id "aH1rJnhpGLoQeqBaLWC4uAAAAAI"]
Stopwatch: 1753049894500700 1587 (- - -)
Stopwatch2: 1753049894500700 1587; combined=833, p1=747, p2=0, p3=0, p4=0, p5=85, sr=322, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--2e344f05-Z--

--87da9139-A--
[21/Jul/2025:01:39:37.125315 +0300] aH1wKXhpGLoQeqBaLWDXMQAAAAQ 208.109.242.93 59986 127.0.0.1 7080
--87da9139-B--
GET /Telerik.Web.UI.WebResource.axd?type=rau HTTP/1.0
Host: mail.hamomohsen.net
X-Real-IP: 208.109.242.93
Connection: close
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/7.0.3 Safari/7046A194A
Accept-Encoding: gzip, deflate
Accept: */*

--87da9139-F--
HTTP/1.1 404 Not Found
Content-Length: 265
Connection: close
Content-Type: text/html; charset=iso-8859-1

--87da9139-E--

--87da9139-H--
Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mail.hamomohsen.net|F|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mail.hamomohsen.net|F|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.hamomohsen.net"] [uri "/Telerik.Web.UI.WebResource.axd"] [unique_id "aH1wKXhpGLoQeqBaLWDXMQAAAAQ"]
Stopwatch: 1753051177119464 5986 (- - -)
Stopwatch2: 1753051177119464 5986; combined=3802, p1=670, p2=2825, p3=116, p4=57, p5=134, sr=221, sw=0, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--87da9139-Z--

--03f2b318-A--
[21/Jul/2025:01:46:01.465696 +0300] aH1xqXhpGLoQeqBaLWDhqAAAAA8 209.97.166.205 44996 127.0.0.1 7081
--03f2b318-B--
GET //wp-json/wp/v2/users/ HTTP/1.0
Host: first-builders.com
X-Real-IP: 209.97.166.205
X-Accel-Internal: /internal-nginx-static-location
Connection: close
Cookie: wordpress_test_cookie=WP%20Cookie%20check
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36

--03f2b318-F--
HTTP/1.1 503 Service Unavailable
X-Powered-By: PHP/8.3.23
Retry-After: 600
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Type: text/html; charset=utf-8

--03f2b318-H--
Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||first-builders.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||first-builders.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "first-builders.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aH1xqXhpGLoQeqBaLWDhqAAAAA8"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/first-builders.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753051561450845 14941 (- - -)
Stopwatch2: 1753051561450845 14941; combined=2235, p1=393, p2=1749, p3=0, p4=0, p5=93, sr=136, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--03f2b318-Z--

--36e87e3d-A--
[21/Jul/2025:01:56:22.800673 +0300] aH10FHhpGLoQeqBaLWDyzgAAAA8 196.157.105.34 55072 127.0.0.1 7081
--36e87e3d-B--
POST /?ob=open-bridge/events HTTP/1.0
Host: opalparis.store
X-Real-IP: 196.157.105.34
X-Accel-Internal: /internal-nginx-static-location
Connection: close
Content-Length: 643
content-type: text/plain;charset=UTF-8
accept: */*
sec-fetch-site: same-origin
accept-language: ar
accept-encoding: gzip, deflate, br
sec-fetch-mode: cors
origin: https://opalparis.store
user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 387.0.0.24.91 (iPhone11,6; iOS 18_5; en_US; en; scale=3.00; 1242x2688; 755087652; IABMV/1)
referer: https://opalparis.store/?fbclid=PAZXh0bgNhZW0CMTEAAaefNWppM6VeQR-kb2EbQIpBag_FTVwJ19AtzUdhgC_XJX9v1yyMnC3uED1ZwQ_aem_QBlQI_1kg8TyCL3kLRqLKQ
sec-fetch-dest: empty
cookie: _fbc=fb.1.1753052180449.PAZXh0bgNhZW0CMTEAAaefNWppM6VeQR-kb2EbQIpBag_FTVwJ19AtzUdhgC_XJX9v1yyMnC3uED1ZwQ_aem_QBlQI_1kg8TyCL3kLRqLKQ; _fbp=fb.1.1753052180458.584349967591343851; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-20%2022%3A56%3A20%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaefNWppM6VeQR-kb2EbQIpBag_FTVwJ19AtzUdhgC_XJX9v1yyMnC3uED1ZwQ_aem_QBlQI_1kg8TyCL3kLRqLKQ%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-20%2022%3A56%3A20%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaefNWppM6VeQR-kb2EbQIpBag_FTVwJ19AtzUdhgC_XJX9v1yyMnC3uED1ZwQ_aem_QBlQI_1kg8TyCL3kLRqLKQ%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_migrations=1418474375998%3D1; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaefNWppM6VeQR-kb2EbQIpBag_FTVwJ19AtzUdhgC_XJX9v1yyMnC3uED1ZwQ_aem_QBlQI_1kg8TyCL3kLRqLKQ; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20387.0.0.24.91%20%28iPhone11%2C6%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201242x2688%3B%20755087652%3B%20IABMV%2F1%29; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22

--36e87e3d-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/8.3.23
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: https://opalparis.store
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Set-Cookie: PHPSESSID=c40bnp1ao2nk8b0cephogphbq2; expires=Sat, 18 Oct 2025 22:56:22 GMT; Max-Age=7776000; path=/; domain=opalparis.store; HttpOnly; SameSite=lax
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

--36e87e3d-E--

--36e87e3d-H--
Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aH10FHhpGLoQeqBaLWDyzgAAAA8"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aH10FHhpGLoQeqBaLWDyzgAAAA8"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753052180575863 2225451 (- - -)
Stopwatch2: 1753052180575863 2225451; combined=36449, p1=1282, p2=34796, p3=179, p4=42, p5=149, sr=216, sw=1, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--36e87e3d-Z--

--17ecfd7b-A--
[21/Jul/2025:01:56:33.735351 +0300] aH10H_xJ8Ca9LcPupLF6qgAAAJY 196.157.105.34 36102 127.0.0.1 7081
--17ecfd7b-B--
POST /?ob=open-bridge/events HTTP/1.0
Host: opalparis.store
X-Real-IP: 196.157.105.34
X-Accel-Internal: /internal-nginx-static-location
Connection: close
Content-Length: 1125
content-type: text/plain;charset=UTF-8
accept: */*
sec-fetch-site: same-origin
accept-language: ar
accept-encoding: gzip, deflate, br
sec-fetch-mode: cors
origin: https://opalparis.store
user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 387.0.0.24.91 (iPhone11,6; iOS 18_5; en_US; en; scale=3.00; 1242x2688; 755087652; IABMV/1)
referer: https://opalparis.store/product/midnight-flow/
sec-fetch-dest: empty
cookie: _fbc=fb.1.1753052180449.PAZXh0bgNhZW0CMTEAAaefNWppM6VeQR-kb2EbQIpBag_FTVwJ19AtzUdhgC_XJX9v1yyMnC3uED1ZwQ_aem_QBlQI_1kg8TyCL3kLRqLKQ; _fbp=fb.1.1753052180458.584349967591343851; sbjs_session=pgs%3D2%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct%2Fmidnight-flow%2F; tk_ai=YQ4X%2FxbSDWrTzDylEewiFlat; tk_qs=session_id%3D%26blog_id%3D245943483%26store_id%3D08cc8d12-0c1d-42f3-8519-7c52fd206c9a%26ui%3D%26url%3Dhttps%253A%252F%252Fopalparis.store%26landing_page%3D%26woo_version%3D9.9.5%26wp_version%3D6.8.1%26store_admin%3D0%26device%3Dmobile%26template_used%3D0%26additional_blocks_on_cart_page%3D%26additional_blocks_on_checkout_page%3D%26store_currency%3DEGP%26timezone%3D%252B00%253A00%26is_guest%3D1%26order_value%3D0%26order_total%3D0%26total_tax%3D0%26total_discount%3D0%26total_shipping%3D0%26products_count%3D0%26cart_page_contains_cart_block%3D1%26cart_page_contains_cart_shortcode%3D0%26checkout_page_contains_checkout_block%3D1%26checkout_page_contains_checkout_shortcode%3D0%26pi%3D402%26pn%3DMidnight%2520Flow%26pc%3DHome%2520Wear%252FSleep%2520shirts%26pp%3D1000%26pt%3Dvariable%26lr%3Dhttps%253A%252F%252Fl.instagram.com%252F%26or%3Dhttps%253A%252F%252Fl.instagram.com%252F%26r3d%3Dhttps%253A%252F%252Fl.instagram.com%252F%26_en%3Dwoocommerceanalytics_product_view%26_ui%3DYQ4X%252FxbSDWrTzDylEewiFlat%26_ut%3Danon%26_ts%3D1753052191574%26_tz%3D-3%26_lg%3Dar%26_pf%3DiPhone%26_ht%3D896%26_wd%3D414%26_sx%3D0%26_sy%3D0%26_dl%3Dhttps%253A%252F%252Fopalparis.store%252Fproduct%252Fmidnight-flow%252F%26_dr%3Dhttps%253A%252F%252Fopalparis.store%252F%253Ffbclid%253DPAZXh0bgNhZW0CMTEAAaefNWppM6VeQR-kb2EbQIpBag_FTVwJ19AtzUdhgC_XJX9v1yyMnC3uED1ZwQ_aem_QBlQI_1kg8TyCL3kLRqLKQ; woocommerce_recently_viewed=402; PHPSESSID=c40bnp1ao2nk8b0cephogphbq2; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-20%2022%3A56%3A20%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaefNWppM6VeQR-kb2EbQIpBag_FTVwJ19AtzUdhgC_XJX9v1yyMnC3uED1ZwQ_aem_QBlQI_1kg8TyCL3kLRqLKQ%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-20%2022%3A56%3A20%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaefNWppM6VeQR-kb2EbQIpBag_FTVwJ19AtzUdhgC_XJX9v1yyMnC3uED1ZwQ_aem_QBlQI_1kg8TyCL3kLRqLKQ%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_migrations=1418474375998%3D1; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20387.0.0.24.91%20%28iPhone11%2C6%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201242x2688%3B%20755087652%3B%20IABMV%2F1%29; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22

--17ecfd7b-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/8.3.23
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: https://opalparis.store
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

--17ecfd7b-E--

--17ecfd7b-H--
Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aH10H_xJ8Ca9LcPupLF6qgAAAJY"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aH10H_xJ8Ca9LcPupLF6qgAAAJY"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753052191721646 2013945 (- - -)
Stopwatch2: 1753052191721646 2013945; combined=17295, p1=899, p2=15815, p3=298, p4=58, p5=224, sr=161, sw=1, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--17ecfd7b-Z--

--9fe3503c-A--
[21/Jul/2025:01:56:34.131604 +0300] aH10H3hpGLoQeqBaLWDzAQAAABI 196.157.105.34 36092 127.0.0.1 7081
--9fe3503c-B--
POST /?ob=open-bridge/events HTTP/1.0
Host: opalparis.store
X-Real-IP: 196.157.105.34
X-Accel-Internal: /internal-nginx-static-location
Connection: close
Content-Length: 794
content-type: text/plain;charset=UTF-8
accept: */*
sec-fetch-site: same-origin
accept-language: ar
accept-encoding: gzip, deflate, br
sec-fetch-mode: cors
origin: https://opalparis.store
user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22F76 Instagram 387.0.0.24.91 (iPhone11,6; iOS 18_5; en_US; en; scale=3.00; 1242x2688; 755087652; IABMV/1)
referer: https://opalparis.store/product/midnight-flow/
sec-fetch-dest: empty
cookie: _fbc=fb.1.1753052180449.PAZXh0bgNhZW0CMTEAAaefNWppM6VeQR-kb2EbQIpBag_FTVwJ19AtzUdhgC_XJX9v1yyMnC3uED1ZwQ_aem_QBlQI_1kg8TyCL3kLRqLKQ; _fbp=fb.1.1753052180458.584349967591343851; sbjs_session=pgs%3D2%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct%2Fmidnight-flow%2F; tk_ai=YQ4X%2FxbSDWrTzDylEewiFlat; tk_qs=session_id%3D%26blog_id%3D245943483%26store_id%3D08cc8d12-0c1d-42f3-8519-7c52fd206c9a%26ui%3D%26url%3Dhttps%253A%252F%252Fopalparis.store%26landing_page%3D%26woo_version%3D9.9.5%26wp_version%3D6.8.1%26store_admin%3D0%26device%3Dmobile%26template_used%3D0%26additional_blocks_on_cart_page%3D%26additional_blocks_on_checkout_page%3D%26store_currency%3DEGP%26timezone%3D%252B00%253A00%26is_guest%3D1%26order_value%3D0%26order_total%3D0%26total_tax%3D0%26total_discount%3D0%26total_shipping%3D0%26products_count%3D0%26cart_page_contains_cart_block%3D1%26cart_page_contains_cart_shortcode%3D0%26checkout_page_contains_checkout_block%3D1%26checkout_page_contains_checkout_shortcode%3D0%26pi%3D402%26pn%3DMidnight%2520Flow%26pc%3DHome%2520Wear%252FSleep%2520shirts%26pp%3D1000%26pt%3Dvariable%26lr%3Dhttps%253A%252F%252Fl.instagram.com%252F%26or%3Dhttps%253A%252F%252Fl.instagram.com%252F%26r3d%3Dhttps%253A%252F%252Fl.instagram.com%252F%26_en%3Dwoocommerceanalytics_product_view%26_ui%3DYQ4X%252FxbSDWrTzDylEewiFlat%26_ut%3Danon%26_ts%3D1753052191574%26_tz%3D-3%26_lg%3Dar%26_pf%3DiPhone%26_ht%3D896%26_wd%3D414%26_sx%3D0%26_sy%3D0%26_dl%3Dhttps%253A%252F%252Fopalparis.store%252Fproduct%252Fmidnight-flow%252F%26_dr%3Dhttps%253A%252F%252Fopalparis.store%252F%253Ffbclid%253DPAZXh0bgNhZW0CMTEAAaefNWppM6VeQR-kb2EbQIpBag_FTVwJ19AtzUdhgC_XJX9v1yyMnC3uED1ZwQ_aem_QBlQI_1kg8TyCL3kLRqLKQ; woocommerce_recently_viewed=402; PHPSESSID=c40bnp1ao2nk8b0cephogphbq2; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-20%2022%3A56%3A20%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaefNWppM6VeQR-kb2EbQIpBag_FTVwJ19AtzUdhgC_XJX9v1yyMnC3uED1ZwQ_aem_QBlQI_1kg8TyCL3kLRqLKQ%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-20%2022%3A56%3A20%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAaefNWppM6VeQR-kb2EbQIpBag_FTVwJ19AtzUdhgC_XJX9v1yyMnC3uED1ZwQ_aem_QBlQI_1kg8TyCL3kLRqLKQ%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_migrations=1418474375998%3D1; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_5%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F22F76%20Instagram%20387.0.0.24.91%20%28iPhone11%2C6%3B%20iOS%2018_5%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201242x2688%3B%20755087652%3B%20IABMV%2F1%29; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22

--9fe3503c-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/8.3.23
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: https://opalparis.store
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

--9fe3503c-E--

--9fe3503c-H--
Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aH10H3hpGLoQeqBaLWDzAQAAABI"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aH10H3hpGLoQeqBaLWDzAQAAABI"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753052191716846 2414963 (- - -)
Stopwatch2: 1753052191716846 2414963; combined=18937, p1=968, p2=17339, p3=368, p4=57, p5=205, sr=172, sw=0, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--9fe3503c-Z--

--de539e24-A--
[21/Jul/2025:01:58:56.755741 +0300] aH10sHhpGLoQeqBaLWD3QgAAAAQ 185.177.72.107 42592 127.0.0.1 7081
--de539e24-B--
GET /.env HTTP/1.0
Host: first-builders.com
X-Real-IP: 185.177.72.107
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Accept-Encoding: gzip

--de539e24-F--
HTTP/1.1 503 Service Unavailable
X-Powered-By: PHP/8.3.23
Retry-After: 600
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Type: text/html; charset=utf-8

--de539e24-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "first-builders.com"] [uri "/.env"] [unique_id "aH10sHhpGLoQeqBaLWD3QgAAAAQ"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/first-builders.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753052336729573 26289 (- - -)
Stopwatch2: 1753052336729573 26289; combined=3657, p1=784, p2=2728, p3=0, p4=0, p5=144, sr=232, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--de539e24-Z--

--08210d79-A--
[21/Jul/2025:01:58:56.836621 +0300] aH10sHhpGLoQeqBaLWD3QwAAAAw 185.177.72.107 42618 127.0.0.1 7081
--08210d79-B--
GET /.env.local HTTP/1.0
Host: first-builders.com
X-Real-IP: 185.177.72.107
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Accept-Encoding: gzip

--08210d79-F--
HTTP/1.1 503 Service Unavailable
X-Powered-By: PHP/8.3.23
Retry-After: 600
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Type: text/html; charset=utf-8

--08210d79-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "first-builders.com"] [uri "/.env.local"] [unique_id "aH10sHhpGLoQeqBaLWD3QwAAAAw"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/first-builders.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753052336820941 15758 (- - -)
Stopwatch2: 1753052336820941 15758; combined=3372, p1=792, p2=2494, p3=0, p4=0, p5=86, sr=364, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--08210d79-Z--

--a2e2d64c-A--
[21/Jul/2025:01:58:56.918228 +0300] aH10sHhpGLoQeqBaLWD3RAAAABA 185.177.72.107 42624 127.0.0.1 7081
--a2e2d64c-B--
GET /.env.dev HTTP/1.0
Host: first-builders.com
X-Real-IP: 185.177.72.107
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Accept-Encoding: gzip

--a2e2d64c-F--
HTTP/1.1 503 Service Unavailable
X-Powered-By: PHP/8.3.23
Retry-After: 600
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Type: text/html; charset=utf-8

--a2e2d64c-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "first-builders.com"] [uri "/.env.dev"] [unique_id "aH10sHhpGLoQeqBaLWD3RAAAABA"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/first-builders.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753052336901514 16777 (- - -)
Stopwatch2: 1753052336901514 16777; combined=3003, p1=620, p2=2228, p3=0, p4=0, p5=154, sr=163, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--a2e2d64c-Z--

--9dc0896d-A--
[21/Jul/2025:01:58:56.993501 +0300] aH10sHhpGLoQeqBaLWD3RQAAABU 185.177.72.107 42638 127.0.0.1 7081
--9dc0896d-B--
GET /.env.development HTTP/1.0
Host: first-builders.com
X-Real-IP: 185.177.72.107
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Accept-Encoding: gzip

--9dc0896d-F--
HTTP/1.1 503 Service Unavailable
X-Powered-By: PHP/8.3.23
Retry-After: 600
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Type: text/html; charset=utf-8

--9dc0896d-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "first-builders.com"] [uri "/.env.development"] [unique_id "aH10sHhpGLoQeqBaLWD3RQAAABU"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/first-builders.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753052336979332 14231 (- - -)
Stopwatch2: 1753052336979332 14231; combined=2863, p1=690, p2=2066, p3=0, p4=0, p5=107, sr=158, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--9dc0896d-Z--

--4c07a56d-A--
[21/Jul/2025:01:58:57.069986 +0300] aH10sXhpGLoQeqBaLWD3RwAAAAg 185.177.72.107 42664 127.0.0.1 7081
--4c07a56d-B--
GET /.env.prod HTTP/1.0
Host: first-builders.com
X-Real-IP: 185.177.72.107
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Accept-Encoding: gzip

--4c07a56d-F--
HTTP/1.1 503 Service Unavailable
X-Powered-By: PHP/8.3.23
Retry-After: 600
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Type: text/html; charset=utf-8

--4c07a56d-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "first-builders.com"] [uri "/.env.prod"] [unique_id "aH10sXhpGLoQeqBaLWD3RwAAAAg"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/first-builders.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753052337055430 14619 (- - -)
Stopwatch2: 1753052337055430 14619; combined=2924, p1=696, p2=2156, p3=0, p4=0, p5=72, sr=189, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--4c07a56d-Z--

--cfc94f2f-A--
[21/Jul/2025:01:58:57.147643 +0300] aH10sfxJ8Ca9LcPupLF8jQAAAIk 185.177.72.107 42674 127.0.0.1 7081
--cfc94f2f-B--
GET /.env.production HTTP/1.0
Host: first-builders.com
X-Real-IP: 185.177.72.107
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Accept-Encoding: gzip

--cfc94f2f-F--
HTTP/1.1 503 Service Unavailable
X-Powered-By: PHP/8.3.23
Retry-After: 600
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Type: text/html; charset=utf-8

--cfc94f2f-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "first-builders.com"] [uri "/.env.production"] [unique_id "aH10sfxJ8Ca9LcPupLF8jQAAAIk"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/first-builders.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753052337132285 15419 (- - -)
Stopwatch2: 1753052337132285 15419; combined=2697, p1=595, p2=2012, p3=0, p4=0, p5=89, sr=168, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--cfc94f2f-Z--

--1fbf2a7b-A--
[21/Jul/2025:02:01:17.080214 +0300] aH11PfxJ8Ca9LcPupLF-5QAAAI0 185.177.72.2 49966 127.0.0.1 7081
--1fbf2a7b-B--
GET /backend/.env HTTP/1.0
Host: museduliban.com
X-Real-IP: 185.177.72.2
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Accept-Encoding: gzip

--1fbf2a7b-F--
HTTP/1.1 503 Service Unavailable
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Tue, 18 Mar 2025 01:24:13 GMT
ETag: "396-63093c3371a9c"
Accept-Ranges: bytes
Content-Length: 918
Content-Type: text/html

--1fbf2a7b-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "museduliban.com"] [uri "/backend/.env"] [unique_id "aH11PfxJ8Ca9LcPupLF-5QAAAI0"]
Stopwatch: 1753052477078945 1352 (- - -)
Stopwatch2: 1753052477078945 1352; combined=562, p1=489, p2=0, p3=0, p4=0, p5=73, sr=138, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--1fbf2a7b-Z--

--d30b5458-A--
[21/Jul/2025:02:01:17.643377 +0300] aH11PfxJ8Ca9LcPupLF-6QAAAJM 185.177.72.2 50136 127.0.0.1 7081
--d30b5458-B--
GET /.env HTTP/1.0
Host: museduliban.com
X-Real-IP: 185.177.72.2
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Accept-Encoding: gzip

--d30b5458-F--
HTTP/1.1 503 Service Unavailable
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Tue, 18 Mar 2025 01:24:13 GMT
ETag: "396-63093c3371a9c"
Accept-Ranges: bytes
Content-Length: 918
Content-Type: text/html

--d30b5458-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "museduliban.com"] [uri "/.env"] [unique_id "aH11PfxJ8Ca9LcPupLF-6QAAAJM"]
Stopwatch: 1753052477641846 1654 (- - -)
Stopwatch2: 1753052477641846 1654; combined=691, p1=589, p2=0, p3=0, p4=0, p5=102, sr=175, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--d30b5458-Z--

--57245152-A--
[21/Jul/2025:02:01:17.706219 +0300] aH11PXhpGLoQeqBaLWD7vQAAAAY 185.177.72.2 50166 127.0.0.1 7081
--57245152-B--
GET /.env.backup HTTP/1.0
Host: museduliban.com
X-Real-IP: 185.177.72.2
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Accept-Encoding: gzip

--57245152-F--
HTTP/1.1 503 Service Unavailable
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Tue, 18 Mar 2025 01:24:13 GMT
ETag: "396-63093c3371a9c"
Accept-Ranges: bytes
Content-Length: 918
Content-Type: text/html

--57245152-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "museduliban.com"] [uri "/.env.backup"] [unique_id "aH11PXhpGLoQeqBaLWD7vQAAAAY"]
Stopwatch: 1753052477704947 1340 (- - -)
Stopwatch2: 1753052477704947 1340; combined=622, p1=460, p2=0, p3=0, p4=0, p5=162, sr=132, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--57245152-Z--

--b6e16957-A--
[21/Jul/2025:02:01:17.768616 +0300] aH11PXhpGLoQeqBaLWD7vwAAAA0 185.177.72.2 50200 127.0.0.1 7081
--b6e16957-B--
GET /.env.dev HTTP/1.0
Host: museduliban.com
X-Real-IP: 185.177.72.2
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Accept-Encoding: gzip

--b6e16957-F--
HTTP/1.1 503 Service Unavailable
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Tue, 18 Mar 2025 01:24:13 GMT
ETag: "396-63093c3371a9c"
Accept-Ranges: bytes
Content-Length: 918
Content-Type: text/html

--b6e16957-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "museduliban.com"] [uri "/.env.dev"] [unique_id "aH11PXhpGLoQeqBaLWD7vwAAAA0"]
Stopwatch: 1753052477767185 1550 (- - -)
Stopwatch2: 1753052477767185 1550; combined=777, p1=659, p2=0, p3=0, p4=0, p5=118, sr=172, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--b6e16957-Z--

--dbc3ce60-A--
[21/Jul/2025:02:01:17.795645 +0300] aH11PfxJ8Ca9LcPupLF-7AAAAIg 185.177.72.2 50210 127.0.0.1 7081
--dbc3ce60-B--
GET /backend/.env HTTP/1.0
Host: www.museduliban.com
X-Real-IP: 185.177.72.2
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Accept-Encoding: gzip

--dbc3ce60-F--
HTTP/1.1 503 Service Unavailable
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Tue, 18 Mar 2025 01:24:13 GMT
ETag: "396-63093c3371a9c"
Accept-Ranges: bytes
Content-Length: 918
Content-Type: text/html

--dbc3ce60-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.museduliban.com"] [uri "/backend/.env"] [unique_id "aH11PfxJ8Ca9LcPupLF-7AAAAIg"]
Stopwatch: 1753052477790502 5218 (- - -)
Stopwatch2: 1753052477790502 5218; combined=786, p1=618, p2=0, p3=0, p4=0, p5=167, sr=259, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--dbc3ce60-Z--

--467f7c41-A--
[21/Jul/2025:02:01:17.832338 +0300] aH11PfxJ8Ca9LcPupLF-7QAAAJQ 185.177.72.2 50222 127.0.0.1 7081
--467f7c41-B--
GET /.env.example HTTP/1.0
Host: museduliban.com
X-Real-IP: 185.177.72.2
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Accept-Encoding: gzip

--467f7c41-F--
HTTP/1.1 503 Service Unavailable
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Tue, 18 Mar 2025 01:24:13 GMT
ETag: "396-63093c3371a9c"
Accept-Ranges: bytes
Content-Length: 918
Content-Type: text/html

--467f7c41-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "museduliban.com"] [uri "/.env.example"] [unique_id "aH11PfxJ8Ca9LcPupLF-7QAAAJQ"]
Stopwatch: 1753052477830466 1969 (- - -)
Stopwatch2: 1753052477830466 1969; combined=994, p1=875, p2=0, p3=0, p4=0, p5=118, sr=234, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--467f7c41-Z--

--02502563-A--
[21/Jul/2025:02:01:17.895215 +0300] aH11PfxJ8Ca9LcPupLF-7wAAAJY 185.177.72.2 50256 127.0.0.1 7081
--02502563-B--
GET /.env.local HTTP/1.0
Host: museduliban.com
X-Real-IP: 185.177.72.2
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Accept-Encoding: gzip

--02502563-F--
HTTP/1.1 503 Service Unavailable
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Tue, 18 Mar 2025 01:24:13 GMT
ETag: "396-63093c3371a9c"
Accept-Ranges: bytes
Content-Length: 918
Content-Type: text/html

--02502563-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "museduliban.com"] [uri "/.env.local"] [unique_id "aH11PfxJ8Ca9LcPupLF-7wAAAJY"]
Stopwatch: 1753052477893927 1391 (- - -)
Stopwatch2: 1753052477893927 1391; combined=658, p1=483, p2=0, p3=0, p4=0, p5=175, sr=135, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--02502563-Z--

--14935474-A--
[21/Jul/2025:02:02:24.751461 +0300] aH11gHhpGLoQeqBaLWD8_wAAABg 45.64.99.122 34938 127.0.0.1 7081
--14935474-B--
GET /sftp-config.json HTTP/1.0
Host: raqmix.cloud
X-Real-IP: 45.64.99.122
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0
Accept-Encoding: gzip, deflate
Accept: */*

--14935474-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Sun, 29 Dec 2024 15:42:45 GMT
ETag: "328-62a6a8c186eb7"
Accept-Ranges: bytes
Content-Length: 808
Content-Type: text/html

--14935474-H--
Message: Warning. Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "raqmix.cloud"] [uri "/sftp-config.json"] [unique_id "aH11gHhpGLoQeqBaLWD8_wAAABg"]
Stopwatch: 1753052544746937 4611 (- - -)
Stopwatch2: 1753052544746937 4611; combined=2564, p1=712, p2=1788, p3=0, p4=0, p5=64, sr=220, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--14935474-Z--

--b039ab28-A--
[21/Jul/2025:02:33:38.249706 +0300] aH180fxJ8Ca9LcPupLGUIgAAAJE 103.187.5.236 55740 127.0.0.1 7081
--b039ab28-B--
GET /wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php HTTP/1.0
Host: hamomohsen.net
X-Real-IP: 103.187.5.236
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36
Accept-Encoding: gzip, deflate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Accept-Language: en-US,en;q=0.9,fr;q=0.8

--b039ab28-F--
HTTP/1.1 404 Not Found
X-Powered-By: PHP/8.3.23
Cache-Control: no-cache, private
pragma: no-cache
expires: -1
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Type: text/html; charset=UTF-8

--b039ab28-H--
Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Message: Warning. Matched phrase "wp-config.php" at ARGS:img. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||hamomohsen.net|F|2"] [data "Matched Data: wp-config.php found within ARGS:img: ../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"]
Message: Warning. String match "/wp-admin/admin-ajax.php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/27_Apps_WPPlugin.conf"] [line "3239"] [id "222050"] [rev "8"] [msg "COMODO WAF: Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress (CVE-2014-9734)||hamomohsen.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hamomohsen.net"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aH180fxJ8Ca9LcPupLGUIgAAAJE"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at ARGS:img. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||hamomohsen.net|F|2"] [data "Matched Data: wp-config.php found within ARGS:img: ../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "hamomohsen.net"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aH180fxJ8Ca9LcPupLGUIgAAAJE"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. String match "/wp-admin/admin-ajax.php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/27_Apps_WPPlugin.conf"] [line "3239"] [id "222050"] [rev "8"] [msg "COMODO WAF: Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress (CVE-2014-9734)||hamomohsen.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "hamomohsen.net"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aH180fxJ8Ca9LcPupLGUIgAAAJE"]
Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning:  PHP Request Startup: open_basedir restriction in effect. File(/var/cpanel/php/sessions/ea-php82) is not within the allowed path(s): (/var/www/vhosts/hamomohsen.net/:/tmp/) in Unknown on line 0'
Apache-Handler: proxy:unix:/var/www/vhosts/system/hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753054417994826 255016 (- - -)
Stopwatch2: 1753054417994826 255016; combined=5504, p1=639, p2=4532, p3=0, p4=0, p5=332, sr=231, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--b039ab28-Z--

--e7947335-A--
[21/Jul/2025:02:33:47.976732 +0300] aH182_xJ8Ca9LcPupLGUQAAAAJQ 103.187.5.236 49004 127.0.0.1 7081
--e7947335-B--
GET /.env HTTP/1.0
Host: hamomohsen.net
X-Real-IP: 103.187.5.236
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36
Accept-Encoding: gzip, deflate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Accept-Language: en-US,en;q=0.9,fr;q=0.8

--e7947335-F--
HTTP/1.1 404 Not Found
X-Powered-By: PHP/8.3.23
Cache-Control: no-cache, private
pragma: no-cache
expires: -1
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Type: text/html; charset=UTF-8

--e7947335-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hamomohsen.net"] [uri "/.env"] [unique_id "aH182_xJ8Ca9LcPupLGUQAAAAJQ"]
Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning:  PHP Request Startup: open_basedir restriction in effect. File(/var/cpanel/php/sessions/ea-php82) is not within the allowed path(s): (/var/www/vhosts/hamomohsen.net/:/tmp/) in Unknown on line 0'
Apache-Handler: proxy:unix:/var/www/vhosts/system/hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753054427731368 245487 (- - -)
Stopwatch2: 1753054427731368 245487; combined=3088, p1=612, p2=2251, p3=0, p4=0, p5=225, sr=205, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--e7947335-Z--

--6c9f343b-A--
[21/Jul/2025:02:33:53.555275 +0300] aH184XhpGLoQeqBaLWApAQAAAAs 103.187.5.236 56338 127.0.0.1 7081
--6c9f343b-B--
GET /api/.env HTTP/1.0
Host: hamomohsen.net
X-Real-IP: 103.187.5.236
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36
Accept-Encoding: gzip, deflate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Accept-Language: en-US,en;q=0.9,fr;q=0.8

--6c9f343b-F--
HTTP/1.1 404 Not Found
X-Powered-By: PHP/8.3.23
Cache-Control: no-cache, private
pragma: no-cache
expires: -1
Access-Control-Allow-Origin: *
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Type: text/html; charset=UTF-8

--6c9f343b-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hamomohsen.net"] [uri "/api/.env"] [unique_id "aH184XhpGLoQeqBaLWApAQAAAAs"]
Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning:  PHP Request Startup: open_basedir restriction in effect. File(/var/cpanel/php/sessions/ea-php82) is not within the allowed path(s): (/var/www/vhosts/hamomohsen.net/:/tmp/) in Unknown on line 0'
Apache-Handler: proxy:unix:/var/www/vhosts/system/hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753054433309471 245930 (- - -)
Stopwatch2: 1753054433309471 245930; combined=3850, p1=671, p2=2996, p3=0, p4=0, p5=182, sr=178, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--6c9f343b-Z--

--95920847-A--
[21/Jul/2025:02:33:59.433589 +0300] aH185_xJ8Ca9LcPupLGUcwAAAJM 103.187.5.236 57072 127.0.0.1 7081
--95920847-B--
GET /laravel/.env HTTP/1.0
Host: hamomohsen.net
X-Real-IP: 103.187.5.236
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36
Accept-Encoding: gzip, deflate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Accept-Language: en-US,en;q=0.9,fr;q=0.8

--95920847-F--
HTTP/1.1 404 Not Found
X-Powered-By: PHP/8.3.23
Cache-Control: no-cache, private
pragma: no-cache
expires: -1
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Type: text/html; charset=UTF-8

--95920847-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hamomohsen.net"] [uri "/laravel/.env"] [unique_id "aH185_xJ8Ca9LcPupLGUcwAAAJM"]
Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning:  PHP Request Startup: open_basedir restriction in effect. File(/var/cpanel/php/sessions/ea-php82) is not within the allowed path(s): (/var/www/vhosts/hamomohsen.net/:/tmp/) in Unknown on line 0'
Apache-Handler: proxy:unix:/var/www/vhosts/system/hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753054439194346 239365 (- - -)
Stopwatch2: 1753054439194346 239365; combined=2838, p1=658, p2=2010, p3=0, p4=0, p5=170, sr=261, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--95920847-Z--

--e2c94f63-A--
[21/Jul/2025:02:34:03.933780 +0300] aH1863hpGLoQeqBaLWApYwAAABM 103.187.5.236 34018 127.0.0.1 7081
--e2c94f63-B--
GET /test/.env HTTP/1.0
Host: hamomohsen.net
X-Real-IP: 103.187.5.236
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36
Accept-Encoding: gzip, deflate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Accept-Language: en-US,en;q=0.9,fr;q=0.8

--e2c94f63-F--
HTTP/1.1 404 Not Found
X-Powered-By: PHP/8.3.23
Cache-Control: no-cache, private
pragma: no-cache
expires: -1
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Type: text/html; charset=UTF-8

--e2c94f63-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hamomohsen.net"] [uri "/test/.env"] [unique_id "aH1863hpGLoQeqBaLWApYwAAABM"]
Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning:  PHP Request Startup: open_basedir restriction in effect. File(/var/cpanel/php/sessions/ea-php82) is not within the allowed path(s): (/var/www/vhosts/hamomohsen.net/:/tmp/) in Unknown on line 0'
Apache-Handler: proxy:unix:/var/www/vhosts/system/hamomohsen.net/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753054443703551 230310 (- - -)
Stopwatch2: 1753054443703551 230310; combined=2743, p1=611, p2=2003, p3=0, p4=0, p5=129, sr=228, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--e2c94f63-Z--

--782e8627-A--
[21/Jul/2025:02:42:52.019791 +0300] aH1--XhpGLoQeqBaLWA22gAAAAg 202.4.60.52 52716 127.0.0.1 7081
--782e8627-B--
GET /wp-json/wp/v2/users HTTP/1.0
Host: glamilea.com
X-Real-IP: 202.4.60.52
X-Accel-Internal: /internal-nginx-static-location
Connection: close
accept-language: en-US,en;q=0.5
referer: http://glamilea.com/wp-login.php
accept-encoding: gzip, deflate, br
upgrade-insecure-requests: 1
sec-fetch-mode: navigate
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
sec-fetch-dest: document
sec-fetch-site: same-origin
sec-fetch-user: ?1
cookie: yay_currency_widget=29035; wordpress_test_cookie=WP%20Cookie%20check

--782e8627-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/8.1.33
X-Robots-Tag: noindex
Link: <https://glamilea.com/wp-json/>; rel="https://api.w.org/"
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
X-WP-Total: 1
X-WP-TotalPages: 1
Allow: GET
Vary: Origin
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Type: application/json; charset=UTF-8

--782e8627-H--
Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glamilea.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glamilea.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "glamilea.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aH1--XhpGLoQeqBaLWA22gAAAAg"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/glamilea.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753054969586654 2433398 (- - -)
Stopwatch2: 1753054969586654 2433398; combined=3905, p1=476, p2=3235, p3=0, p4=0, p5=193, sr=170, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--782e8627-Z--

--1c77162a-A--
[21/Jul/2025:02:44:18.597911 +0300] aH1_UnhpGLoQeqBaLWA5GgAAABE 188.166.108.93 58582 127.0.0.1 7081
--1c77162a-B--
POST /php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3D0+%ADd+disable_functions%3D""+%ADd+allow_url_include%3D1+%ADd+auto_prepend_file%3Dphp://input HTTP/1.0
Host: new.glamileaclinics.com
X-Real-IP: 188.166.108.93
X-Accel-Internal: /internal-nginx-static-location
Connection: close
Content-Length: 164
User-Agent: Go-http-client/1.1
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip

--1c77162a-F--
HTTP/1.1 404 Not Found
X-Powered-By: PHP/8.3.23
Cache-Control: no-cache, private
pragma: no-cache
expires: -1
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Type: text/html; charset=UTF-8

--1c77162a-H--
Message: Warning. Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\xadd cgi.force_redirect=0 \xadd disable_functions="" \xadd allow_url_include=1 \xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||new.glamileaclinics.com|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\x5cxadd cgi.force_redirect=0 \x5cxadd disable_functions=\x22\x22 \x5cxadd allow_url_include=1 \x5cxadd auto_prepend_file=php://input: \xadd cgi.force_redirect=0 \xadd disable_functions=\x22\x22 \xadd allow_url_include=1 \xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\\\\xadd cgi.force_redirect=0 \\\\xadd disable_functions="" \\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||new.glamileaclinics.com|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\\\x5cxadd cgi.force_redirect=0 \\\\x5cxadd disable_functions=\\\\x22\\\\x22 \\\\x5cxadd allow_url_include=1 \\\\x5cxadd auto_prepend_file=php://input: \\\\xadd cgi.force_redirect=0 \\\\xadd disable_functions=\\\\x22\\\\x22 \\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "new.glamileaclinics.com"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aH1_UnhpGLoQeqBaLWA5GgAAABE"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/new.glamileaclinics.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753055058338950 259126 (- - -)
Stopwatch2: 1753055058338950 259126; combined=11786, p1=470, p2=11114, p3=0, p4=0, p5=201, sr=132, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--1c77162a-Z--

--d5e5fb3c-A--
[21/Jul/2025:02:44:22.645522 +0300] aH1_VnhpGLoQeqBaLWA5KgAAABI 188.166.108.93 58802 127.0.0.1 7081
--d5e5fb3c-B--
GET /.htaccess/.DS_Store HTTP/1.0
Host: new.glamileaclinics.com
X-Real-IP: 188.166.108.93
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Go-http-client/1.1
Accept-Encoding: gzip

--d5e5fb3c-F--
HTTP/1.1 403 Forbidden
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Tue, 17 Jun 2025 10:47:21 GMT
ETag: "31b-637c23cad36bc"
Accept-Ranges: bytes
Content-Length: 795
Content-Type: text/html

--d5e5fb3c-H--
Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "new.glamileaclinics.com"] [uri "/.htaccess/.DS_Store"] [unique_id "aH1_VnhpGLoQeqBaLWA5KgAAABI"]
Apache-Error: [file "mod_authz_core.c"] [line 879] [level 3] AH01630: client denied by server configuration: /var/www/vhosts/glamileaclinics.com/new.glamileaclinics.com/.htaccess
Stopwatch: 1753055062643978 1630 (- - -)
Stopwatch2: 1753055062643978 1630; combined=676, p1=584, p2=0, p3=0, p4=0, p5=92, sr=172, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--d5e5fb3c-Z--

--4ccd8e43-A--
[21/Jul/2025:02:44:25.810559 +0300] aH1_WXhpGLoQeqBaLWA5NwAAABE 188.166.108.93 36320 127.0.0.1 7081
--4ccd8e43-B--
GET /.env HTTP/1.0
Host: new.glamileaclinics.com
X-Real-IP: 188.166.108.93
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Go-http-client/1.1
Accept-Encoding: gzip

--4ccd8e43-F--
HTTP/1.1 404 Not Found
X-Powered-By: PHP/8.3.23
Cache-Control: no-cache, private
pragma: no-cache
expires: -1
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Type: text/html; charset=UTF-8

--4ccd8e43-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "new.glamileaclinics.com"] [uri "/.env"] [unique_id "aH1_WXhpGLoQeqBaLWA5NwAAABE"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/new.glamileaclinics.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753055065568765 241922 (- - -)
Stopwatch2: 1753055065568765 241922; combined=2879, p1=692, p2=2027, p3=0, p4=0, p5=159, sr=246, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--4ccd8e43-Z--

--2cecc222-A--
[21/Jul/2025:02:44:26.258570 +0300] aH1_WXhpGLoQeqBaLWA5OgAAABI 188.166.108.93 36330 127.0.0.1 7081
--2cecc222-B--
GET /.git/config HTTP/1.0
Host: new.glamileaclinics.com
X-Real-IP: 188.166.108.93
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Go-http-client/1.1
Accept-Encoding: gzip

--2cecc222-F--
HTTP/1.1 404 Not Found
X-Powered-By: PHP/8.3.23
Cache-Control: no-cache, private
pragma: no-cache
expires: -1
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Type: text/html; charset=UTF-8

--2cecc222-H--
Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "new.glamileaclinics.com"] [uri "/.git/config"] [unique_id "aH1_WXhpGLoQeqBaLWA5OgAAABI"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/new.glamileaclinics.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753055065997189 261484 (- - -)
Stopwatch2: 1753055065997189 261484; combined=2816, p1=629, p2=2068, p3=0, p4=0, p5=118, sr=175, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--2cecc222-Z--

--dc464d25-A--
[21/Jul/2025:03:05:49.832514 +0300] aH2EW3hpGLoQeqBaLWBTcAAAAAM 41.44.253.18 49536 127.0.0.1 7081
--dc464d25-B--
POST /?ob=open-bridge/events HTTP/1.0
Host: opalparis.store
X-Real-IP: 41.44.253.18
X-Accel-Internal: /internal-nginx-static-location
Connection: close
Content-Length: 643
content-type: text/plain;charset=UTF-8
accept: */*
sec-fetch-site: same-origin
accept-language: en-GB,en-US;q=0.9,en;q=0.8
accept-encoding: gzip, deflate, br
sec-fetch-mode: cors
origin: https://opalparis.store
user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_7_11 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/20H360 Instagram 389.0.0.20.89 (iPhone10,3; iOS 16_7_11; en_US; en; scale=3.00; 1125x2436; 761848126; IABMV/1)
referer: https://opalparis.store/?fbclid=PAZXh0bgNhZW0CMTEAAae0J067ltlFBh1Lsi0mU6Wt8xPpqgJetptKOf7_-ulzsH4Y9kFSNpy10DgDNA_aem_tbkDmTPqR5SBvzXpdxBudA
sec-fetch-dest: empty
cookie: _fbc=fb.1.1753056347410.PAZXh0bgNhZW0CMTEAAae0J067ltlFBh1Lsi0mU6Wt8xPpqgJetptKOf7_-ulzsH4Y9kFSNpy10DgDNA_aem_tbkDmTPqR5SBvzXpdxBudA; _fbp=fb.1.1753056347420.585471613990385638; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_current_add=fd%3D2025-07-21%2000%3A05%3A47%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAae0J067ltlFBh1Lsi0mU6Wt8xPpqgJetptKOf7_-ulzsH4Y9kFSNpy10DgDNA_aem_tbkDmTPqR5SBvzXpdxBudA%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-21%2000%3A05%3A47%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAae0J067ltlFBh1Lsi0mU6Wt8xPpqgJetptKOf7_-ulzsH4Y9kFSNpy10DgDNA_aem_tbkDmTPqR5SBvzXpdxBudA%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_migrations=1418474375998%3D1; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAae0J067ltlFBh1Lsi0mU6Wt8xPpqgJetptKOf7_-ulzsH4Y9kFSNpy10DgDNA_aem_tbkDmTPqR5SBvzXpdxBudA; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2016_7_11%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F20H360%20Instagram%20389.0.0.20.89%20%28iPhone10%2C3%3B%20iOS%2016_7_11%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201125x2436%3B%20761848126%3B%20IABMV%2F1%29; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22

--dc464d25-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/8.3.23
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: https://opalparis.store
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Set-Cookie: PHPSESSID=dgm7l5ejouh46st876gbkffjb7; expires=Sun, 19 Oct 2025 00:05:49 GMT; Max-Age=7776000; path=/; domain=opalparis.store; HttpOnly; SameSite=lax
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

--dc464d25-E--

--dc464d25-H--
Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aH2EW3hpGLoQeqBaLWBTcAAAAAM"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aH2EW3hpGLoQeqBaLWBTcAAAAAM"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753056347665446 2167284 (- - -)
Stopwatch2: 1753056347665446 2167284; combined=20219, p1=1088, p2=18559, p3=318, p4=59, p5=194, sr=228, sw=1, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--dc464d25-Z--

--b0177a4b-A--
[21/Jul/2025:03:06:04.314220 +0300] aH2EavxJ8Ca9LcPupLGnYAAAAIg 41.44.253.18 53586 127.0.0.1 7081
--b0177a4b-B--
POST /?ob=open-bridge/events HTTP/1.0
Host: opalparis.store
X-Real-IP: 41.44.253.18
X-Accel-Internal: /internal-nginx-static-location
Connection: close
Content-Length: 675
content-type: text/plain;charset=UTF-8
accept: */*
sec-fetch-site: same-origin
accept-language: en-GB,en-US;q=0.9,en;q=0.8
accept-encoding: gzip, deflate, br
sec-fetch-mode: cors
origin: https://opalparis.store
user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_7_11 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/20H360 Instagram 389.0.0.20.89 (iPhone10,3; iOS 16_7_11; en_US; en; scale=3.00; 1125x2436; 761848126; IABMV/1)
referer: https://opalparis.store/product-category/underwear/bras/
sec-fetch-dest: empty
cookie: _fbc=fb.1.1753056347410.PAZXh0bgNhZW0CMTEAAae0J067ltlFBh1Lsi0mU6Wt8xPpqgJetptKOf7_-ulzsH4Y9kFSNpy10DgDNA_aem_tbkDmTPqR5SBvzXpdxBudA; _fbp=fb.1.1753056347420.585471613990385638; sbjs_current=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_session=pgs%3D2%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fopalparis.store%2Fproduct-category%2Funderwear%2Fbras%2F; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2016_7_11%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Mobile%2F20H360%20Instagram%20389.0.0.20.89%20%28iPhone10%2C3%3B%20iOS%2016_7_11%3B%20en_US%3B%20en%3B%20scale%3D3.00%3B%201125x2436%3B%20761848126%3B%20IABMV%2F1%29; PHPSESSID=dgm7l5ejouh46st876gbkffjb7; sbjs_current_add=fd%3D2025-07-21%2000%3A05%3A47%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAae0J067ltlFBh1Lsi0mU6Wt8xPpqgJetptKOf7_-ulzsH4Y9kFSNpy10DgDNA_aem_tbkDmTPqR5SBvzXpdxBudA%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_first=typ%3Dreferral%7C%7C%7Csrc%3Dl.instagram.com%7C%7C%7Cmdm%3Dreferral%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%2F%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first_add=fd%3D2025-07-21%2000%3A05%3A47%7C%7C%7Cep%3Dhttps%3A%2F%2Fopalparis.store%2F%3Ffbclid%3DPAZXh0bgNhZW0CMTEAAae0J067ltlFBh1Lsi0mU6Wt8xPpqgJetptKOf7_-ulzsH4Y9kFSNpy10DgDNA_aem_tbkDmTPqR5SBvzXpdxBudA%7C%7C%7Crf%3Dhttps%3A%2F%2Fl.instagram.com%2F; sbjs_migrations=1418474375998%3D1; tk_lr=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_or=%22https%3A%2F%2Fl.instagram.com%2F%22; tk_r3d=%22https%3A%2F%2Fl.instagram.com%2F%22

--b0177a4b-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/8.3.23
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: https://opalparis.store
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

--b0177a4b-E--

--b0177a4b-H--
Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||opalparis.store|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opalparis.store"] [uri "/"] [unique_id "aH2EavxJ8Ca9LcPupLGnYAAAAIg"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|opalparis.store|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "opalparis.store"] [uri "/index.php"] [unique_id "aH2EavxJ8Ca9LcPupLGnYAAAAIg"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753056362189237 2125161 (- - -)
Stopwatch2: 1753056362189237 2125161; combined=18967, p1=1172, p2=17314, p3=230, p4=53, p5=197, sr=167, sw=1, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--b0177a4b-Z--

--e14d260e-A--
[21/Jul/2025:03:06:25.315101 +0300] aH2EgXhpGLoQeqBaLWBT3wAAABY 64.226.65.160 41692 127.0.0.1 7081
--e14d260e-B--
GET /.env HTTP/1.0
Host: www.riyadhchocolate.com
X-Real-IP: 64.226.65.160
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Go-http-client/1.1
Accept-Encoding: gzip

--e14d260e-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT
ETag: "328-631485999ce56"
Accept-Ranges: bytes
Content-Length: 808
Content-Type: text/html

--e14d260e-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.riyadhchocolate.com"] [uri "/.env"] [unique_id "aH2EgXhpGLoQeqBaLWBT3wAAABY"]
Stopwatch: 1753056385308529 6679 (- - -)
Stopwatch2: 1753056385308529 6679; combined=4465, p1=747, p2=3636, p3=0, p4=0, p5=82, sr=187, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--e14d260e-Z--

--68dd714c-A--
[21/Jul/2025:03:06:25.487453 +0300] aH2EgfxJ8Ca9LcPupLGnfAAAAJU 64.226.65.160 41700 127.0.0.1 7081
--68dd714c-B--
GET /.git/config HTTP/1.0
Host: www.riyadhchocolate.com
X-Real-IP: 64.226.65.160
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Go-http-client/1.1
Accept-Encoding: gzip

--68dd714c-F--
HTTP/1.1 404 Not Found
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Thu, 27 Mar 2025 00:51:10 GMT
ETag: "328-631485999ce56"
Accept-Ranges: bytes
Content-Length: 808
Content-Type: text/html

--68dd714c-H--
Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.riyadhchocolate.com"] [uri "/.git/config"] [unique_id "aH2EgfxJ8Ca9LcPupLGnfAAAAJU"]
Stopwatch: 1753056385483635 3881 (- - -)
Stopwatch2: 1753056385483635 3881; combined=2155, p1=523, p2=1564, p3=0, p4=0, p5=68, sr=143, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--68dd714c-Z--

--4c81d13a-A--
[21/Jul/2025:03:07:43.957741 +0300] aH2EznhpGLoQeqBaLWBU8gAAAAo 206.81.24.227 35058 127.0.0.1 7081
--4c81d13a-B--
GET /.env HTTP/1.0
Host: www.opalparis.store
X-Real-IP: 206.81.24.227
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Go-http-client/1.1
Accept-Encoding: gzip

--4c81d13a-F--
HTTP/1.1 301 Moved Permanently
X-Powered-By: PHP/8.3.23
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, close
Location: https://opalparis.store/.env
Content-Length: 0
Content-Type: text/html; charset=UTF-8

--4c81d13a-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.opalparis.store"] [uri "/.env"] [unique_id "aH2EznhpGLoQeqBaLWBU8gAAAAo"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753056462247663 1710211 (- - -)
Stopwatch2: 1753056462247663 1710211; combined=3450, p1=1282, p2=2036, p3=0, p4=0, p5=131, sr=164, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--4c81d13a-Z--

--efb0c30b-A--
[21/Jul/2025:03:07:45.724517 +0300] aH2E0HhpGLoQeqBaLWBU-QAAABg 206.81.24.227 57314 127.0.0.1 7081
--efb0c30b-B--
GET /.git/config HTTP/1.0
Host: www.opalparis.store
X-Real-IP: 206.81.24.227
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Go-http-client/1.1
Accept-Encoding: gzip

--efb0c30b-F--
HTTP/1.1 301 Moved Permanently
X-Powered-By: PHP/8.3.23
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, close
Location: https://opalparis.store/.git/config
Content-Length: 0
Content-Type: text/html; charset=UTF-8

--efb0c30b-H--
Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.opalparis.store"] [uri "/.git/config"] [unique_id "aH2E0HhpGLoQeqBaLWBU-QAAABg"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/opalparis.store/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753056464122476 1602116 (- - -)
Stopwatch2: 1753056464122476 1602116; combined=3079, p1=828, p2=2146, p3=0, p4=0, p5=104, sr=455, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--efb0c30b-Z--

--6ccabe4d-A--
[21/Jul/2025:03:08:25.932374 +0300] aH2E-fxJ8Ca9LcPupLGoIgAAAJA 185.177.72.111 34006 127.0.0.1 7081
--6ccabe4d-B--
GET /.env HTTP/1.0
Host: globalhealthgate.net
X-Real-IP: 185.177.72.111
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Accept-Encoding: gzip

--6ccabe4d-F--
HTTP/1.1 302 Found
X-Powered-By: PHP/8.3.23
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6InVyUHl1QXVqMUtHaHUxNnNYRW1LWnc9PSIsInZhbHVlIjoiTjd3Ui8ya21CNmExaWhya2REUEt4bURnSnBuUXFoM2Z5L3MyQklvdFZGZjBvZGlUTmRiZ01ZcU9xMFU1bVRpVFlpUHlUZ3JuMDVJZWozdk1NdlJwVE5iQXhxN2ptWXhhNXBYTXJheVhJUnYrQ21Jd3pjdFRGOHdUWTUrbk1lTVoiLCJtYWMiOiI2YjhkNTYzMzBkMjE1ODczZDgwOTQxM2Y4OGZlYjQxNWQ3Y2M5YTQ3ZGQ4ZjIzNmI2NGRhNTRmNjA3OTFjYThlIiwidGFnIjoiIn0%3D; expires=Mon, 21 Jul 2025 02:08:25 GMT; Max-Age=7200; path=/; secure; samesite=lax
Set-Cookie: ghgverozonesolutions_session=0sL1y5QRrs36pfGQtQYDNeJCrK9S2q2BPNKwtnvn; expires=Mon, 21 Jul 2025 02:08:25 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Upgrade: h2,h2c
Connection: Upgrade, close
Location: https://globalhealthgate.net
Content-Type: text/html; charset=utf-8

--6ccabe4d-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "globalhealthgate.net"] [uri "/.env"] [unique_id "aH2E-fxJ8Ca9LcPupLGoIgAAAJA"]
Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning:  PHP Request Startup: open_basedir restriction in effect. File(/opt/alt/php82/var/lib/php/session) is not within the allowed path(s): (/var/www/vhosts/globalhealthgate.net/:/tmp/) in Unknown on line 0'
Apache-Handler: proxy:unix:/var/www/vhosts/system/globalhealthgate.net/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753056505601180 331340 (- - -)
Stopwatch2: 1753056505601180 331340; combined=4457, p1=613, p2=3716, p3=0, p4=0, p5=127, sr=177, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--6ccabe4d-Z--

--49d6707d-A--
[21/Jul/2025:03:08:27.431561 +0300] aH2E-3hpGLoQeqBaLWBVZAAAAA8 185.177.72.111 34102 127.0.0.1 7081
--49d6707d-B--
GET /.env.save HTTP/1.0
Host: globalhealthgate.net
X-Real-IP: 185.177.72.111
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Accept-Encoding: gzip

--49d6707d-F--
HTTP/1.1 302 Found
X-Powered-By: PHP/8.3.23
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6ImNVemkyOStSdEVlR0hEL3NWVkZGWkE9PSIsInZhbHVlIjoiRkZQdzJWQmRpM091eUFBaU95eFlHK3hNamh5cFpIREtuU094NkQ4aXdoTi9QVXYvT0Q5a1R0VllnKzhPbEpQSm9Rck1wWGRHaU1NRkh3QWY4UDBHbnNvUi9ISXFpWjVOQ1lXT1EzWnI1bFFjdTF0QVZpbEltVEljQ09rMFN3aU4iLCJtYWMiOiJhZTBlZGZmNDJlNDI1ZmU5MTYzYTI0MTdjZTZjODNlMTgyMzBjNTk0NmMwMTY5MGM0NzFhNDBlMjE0MTUzMDI4IiwidGFnIjoiIn0%3D; expires=Mon, 21 Jul 2025 02:08:27 GMT; Max-Age=7200; path=/; secure; samesite=lax
Set-Cookie: ghgverozonesolutions_session=Ma1hC4vtJVGt6BWyP5K9d8JkI1jF2HRUFqZdtBOK; expires=Mon, 21 Jul 2025 02:08:27 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Upgrade: h2,h2c
Connection: Upgrade, close
Location: https://globalhealthgate.net
Content-Type: text/html; charset=utf-8

--49d6707d-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "globalhealthgate.net"] [uri "/.env.save"] [unique_id "aH2E-3hpGLoQeqBaLWBVZAAAAA8"]
Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning:  PHP Request Startup: open_basedir restriction in effect. File(/opt/alt/php82/var/lib/php/session) is not within the allowed path(s): (/var/www/vhosts/globalhealthgate.net/:/tmp/) in Unknown on line 0'
Apache-Handler: proxy:unix:/var/www/vhosts/system/globalhealthgate.net/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753056507093630 338018 (- - -)
Stopwatch2: 1753056507093630 338018; combined=2483, p1=601, p2=1771, p3=0, p4=0, p5=110, sr=156, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--49d6707d-Z--

--fdca5705-A--
[21/Jul/2025:03:08:28.342468 +0300] aH2E_HhpGLoQeqBaLWBVZwAAAA0 185.177.72.111 34128 127.0.0.1 7081
--fdca5705-B--
GET /.env.old HTTP/1.0
Host: globalhealthgate.net
X-Real-IP: 185.177.72.111
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Accept-Encoding: gzip

--fdca5705-F--
HTTP/1.1 302 Found
X-Powered-By: PHP/8.3.23
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkhPTjVoenB0UG5LQk5Rd2RRamdoYlE9PSIsInZhbHVlIjoiRkFvZUhFT2ZiK2Z1RTNwR3p5MDFnWDZhOUtaY2ViU09wZ0dBL2MyMEhFRFhBQ3RRd3loditiM1VpbGk3K0hoMWFBMnh0cjVncS9UT3ZURXhLczB3aTU0WTFVVzRIdEpMTFJsaG55UmJ2KzhZa3QzaG91UWdxSFhxeG1mK2tZMFAiLCJtYWMiOiIxMTg2MTRiYjEzNDVjNWFiNWRhZDM3NTk5ZTNiZDI4NTNhNWM2NzYxNzVjZWIwMjdmOGY2Yzc5ZGMwOWI1ODUzIiwidGFnIjoiIn0%3D; expires=Mon, 21 Jul 2025 02:08:28 GMT; Max-Age=7200; path=/; secure; samesite=lax
Set-Cookie: ghgverozonesolutions_session=bPeCnO82loqASrxEukRf4CDO7BC4z09WMiCkqGY7; expires=Mon, 21 Jul 2025 02:08:28 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Upgrade: h2,h2c
Connection: Upgrade, close
Location: https://globalhealthgate.net
Content-Type: text/html; charset=utf-8

--fdca5705-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||globalhealthgate.net|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "globalhealthgate.net"] [uri "/.env.old"] [unique_id "aH2E_HhpGLoQeqBaLWBVZwAAAA0"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||globalhealthgate.net|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "globalhealthgate.net"] [uri "/.env.old"] [unique_id "aH2E_HhpGLoQeqBaLWBVZwAAAA0"]
Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning:  PHP Request Startup: open_basedir restriction in effect. File(/opt/alt/php82/var/lib/php/session) is not within the allowed path(s): (/var/www/vhosts/globalhealthgate.net/:/tmp/) in Unknown on line 0'
Apache-Handler: proxy:unix:/var/www/vhosts/system/globalhealthgate.net/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753056508029062 313524 (- - -)
Stopwatch2: 1753056508029062 313524; combined=3115, p1=608, p2=2312, p3=0, p4=0, p5=194, sr=180, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--fdca5705-Z--

--f53bdd28-A--
[21/Jul/2025:03:08:34.755658 +0300] aH2FAvxJ8Ca9LcPupLGoKQAAAI0 185.177.72.111 35864 127.0.0.1 7081
--f53bdd28-B--
GET /.env.prod HTTP/1.0
Host: globalhealthgate.net
X-Real-IP: 185.177.72.111
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Accept-Encoding: gzip

--f53bdd28-F--
HTTP/1.1 302 Found
X-Powered-By: PHP/8.3.23
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkRWalIwV2RrRTQvRjNyQlJDNTlMZFE9PSIsInZhbHVlIjoidlZHSEhuRmpuc28rMkQxS1dNakNZQUJZMHYrMHVwcDdiREY5ajZ4OHF6c05ORnRicVVwZWhRUEFkeGEvb3VPdTNXQi85OS9heUVJZDUwdTFyQnJFOFVHK1VPTEdla01FK1JoeHFTVVlqUTdDczZxaU9NNkpHbmpJKy95UmY0RUciLCJtYWMiOiJlMjY4MGM1MWNiMTA5NGZlYjI1YjJjNGFmNzMzYTMwODQ5Mzc2N2ZhZDQ2YmNjNmZhNDllNmI0ZjIwMDMxMzkyIiwidGFnIjoiIn0%3D; expires=Mon, 21 Jul 2025 02:08:34 GMT; Max-Age=7200; path=/; secure; samesite=lax
Set-Cookie: ghgverozonesolutions_session=gQy5RZOLVKaQBbqX435zXnbVAjZ4DNytGxQVnnV3; expires=Mon, 21 Jul 2025 02:08:34 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Upgrade: h2,h2c
Connection: Upgrade, close
Location: https://globalhealthgate.net
Content-Type: text/html; charset=utf-8

--f53bdd28-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "globalhealthgate.net"] [uri "/.env.prod"] [unique_id "aH2FAvxJ8Ca9LcPupLGoKQAAAI0"]
Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning:  PHP Request Startup: open_basedir restriction in effect. File(/opt/alt/php82/var/lib/php/session) is not within the allowed path(s): (/var/www/vhosts/globalhealthgate.net/:/tmp/) in Unknown on line 0'
Apache-Handler: proxy:unix:/var/www/vhosts/system/globalhealthgate.net/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753056514439623 316149 (- - -)
Stopwatch2: 1753056514439623 316149; combined=2960, p1=749, p2=2066, p3=0, p4=0, p5=144, sr=178, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--f53bdd28-Z--

--f803db23-A--
[21/Jul/2025:03:08:36.141360 +0300] aH2FA_xJ8Ca9LcPupLGoLQAAAIE 185.177.72.111 35888 127.0.0.1 7081
--f803db23-B--
GET /.env.production HTTP/1.0
Host: globalhealthgate.net
X-Real-IP: 185.177.72.111
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Accept-Encoding: gzip

--f803db23-F--
HTTP/1.1 302 Found
X-Powered-By: PHP/8.3.23
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6Iklja0RpYklIQnhOeld6UUtnZXpFaEE9PSIsInZhbHVlIjoiUkJEMkFRckV4UjAvVS9EVGxPaWc4YldSc3NEaDVZU1V3ZmlXRDdVNXNNbytUT2IxdUpaSS80VkpySmRJKzVwT09CenI0K0d3ekJiQk9lNnYwZk1LeFM3ZjZtT0ZEQ3pNMDlvazF1Skc2dml2RW92ZDU0RUdyUW5RN0gwZ010Z1AiLCJtYWMiOiJlMDUzOTllMDQxZmRhOTMzOGIxNzFlMWI1ZmY4MWNiN2Q3NTg5YjBhMGJmOWZkZDM4MjRkZmMxMDI4NmU1MDQ0IiwidGFnIjoiIn0%3D; expires=Mon, 21 Jul 2025 02:08:36 GMT; Max-Age=7200; path=/; secure; samesite=lax
Set-Cookie: ghgverozonesolutions_session=rWymhTzyWbKJ8IBoCEXjMIxrzR1uGYo4yFR9jV8A; expires=Mon, 21 Jul 2025 02:08:36 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Upgrade: h2,h2c
Connection: Upgrade, close
Location: https://globalhealthgate.net
Content-Type: text/html; charset=utf-8

--f803db23-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "globalhealthgate.net"] [uri "/.env.production"] [unique_id "aH2FA_xJ8Ca9LcPupLGoLQAAAIE"]
Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning:  PHP Request Startup: open_basedir restriction in effect. File(/opt/alt/php82/var/lib/php/session) is not within the allowed path(s): (/var/www/vhosts/globalhealthgate.net/:/tmp/) in Unknown on line 0'
Apache-Handler: proxy:unix:/var/www/vhosts/system/globalhealthgate.net/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753056515815315 326126 (- - -)
Stopwatch2: 1753056515815315 326126; combined=3975, p1=1849, p2=2016, p3=0, p4=0, p5=109, sr=161, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--f803db23-Z--

--1413e427-A--
[21/Jul/2025:03:08:37.115622 +0300] aH2FBPxJ8Ca9LcPupLGoLwAAAJI 185.177.72.111 35946 127.0.0.1 7081
--1413e427-B--
GET /.env.development HTTP/1.0
Host: globalhealthgate.net
X-Real-IP: 185.177.72.111
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Accept-Encoding: gzip

--1413e427-F--
HTTP/1.1 302 Found
X-Powered-By: PHP/8.3.23
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6InNlMHUvV0crUHF4K3pMT3dya25TSGc9PSIsInZhbHVlIjoiWEMwZldldzNnZTNESEF4dlNTdnJZa0UxaHVyUnI0ejZlSFVYWko3SDhwV3dvOFRnc2dlTmJaZkliUHM1R1cyZXBmemxOOTdHL3JIUzJFRWo0WVdzU1lMaC9pa3QyQnU2UkpVUzNYK0M2OHk0NnhhblNIL1dBcGZEMGkweEN5MEIiLCJtYWMiOiIwN2JhODViZTZhNWY4YmI2ZDhhYmEwOGUwMjEyYWU4Y2IwODZjZmFkNzA0YTdmYmFlMTU2NzMzYzIxMzQxNGYzIiwidGFnIjoiIn0%3D; expires=Mon, 21 Jul 2025 02:08:37 GMT; Max-Age=7200; path=/; secure; samesite=lax
Set-Cookie: ghgverozonesolutions_session=xyFUhI9IyHI1LBqx4WrQWp1wUFWnofCTJ9KYbG1Y; expires=Mon, 21 Jul 2025 02:08:37 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Upgrade: h2,h2c
Connection: Upgrade, close
Location: https://globalhealthgate.net
Content-Type: text/html; charset=utf-8

--1413e427-H--
Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "globalhealthgate.net"] [uri "/.env.development"] [unique_id "aH2FBPxJ8Ca9LcPupLGoLwAAAJI"]
Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning:  PHP Request Startup: open_basedir restriction in effect. File(/opt/alt/php82/var/lib/php/session) is not within the allowed path(s): (/var/www/vhosts/globalhealthgate.net/:/tmp/) in Unknown on line 0'
Apache-Handler: proxy:unix:/var/www/vhosts/system/globalhealthgate.net/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753056516803027 312718 (- - -)
Stopwatch2: 1753056516803027 312718; combined=2818, p1=625, p2=2052, p3=0, p4=0, p5=140, sr=257, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--1413e427-Z--

--7f425e31-A--
[21/Jul/2025:03:11:16.081854 +0300] aH2Fo_xJ8Ca9LcPupLGo2AAAAJA 54.226.79.51 39598 127.0.0.1 7081
--7f425e31-B--
GET /.git/config HTTP/1.0
Host: vivacetrading.com
X-Real-IP: 54.226.79.51
X-Accel-Internal: /internal-nginx-static-location
Connection: close
User-Agent: Mozilla/5.0 (Fedora; Linux x86_64; rv:131.0) Gecko/20100101 Firefox/131.0
Accept-Charset: utf-8
Accept-Encoding: gzip

--7f425e31-F--
HTTP/1.1 200 OK
Upgrade: h2,h2c
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 586
Content-Type: text/html; charset=UTF-8

--7f425e31-H--
Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
Apache-Error: [file "apache2_util.c"] [line 286] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vivacetrading.com"] [uri "/.git/config"] [unique_id "aH2Fo_xJ8Ca9LcPupLGo2AAAAJA"]
Apache-Handler: proxy:unix:/var/www/vhosts/system/vivacetrading.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1753056675987422 94525 (- - -)
Stopwatch2: 1753056675987422 94525; combined=110705, p1=18686, p2=1967, p3=0, p4=0, p5=45081, sr=194, sw=0, l=0, gc=44971
Producer: ModSecurity for Apache/2.9.10 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--7f425e31-Z--