One Hat Cyber Team

View File Name : server.envapress.org.error.log

[Sun May 25 17:53:29.392330 2025] [authz_core:error] [pid 25043:tid 139900305274624] [client 64.227.70.2:49022] AH01630: client denied by server configuration: /home/envapres/public_html/server-status
[Sun May 25 17:53:29.622321 2025] [:error] [pid 25146:tid 139900254918400] [client 64.227.70.2:49092] File does not exist: /home/envapres/public_html/info.php
[Sun May 25 17:53:30.202685 2025] [authz_core:error] [pid 25042:tid 139900238132992] [client 206.81.24.74:59840] AH01630: client denied by server configuration: /home/envapres/public_html/server-status
[Sun May 25 17:53:30.247434 2025] [authz_core:error] [pid 25146:tid 139900296881920] [client 64.226.65.160:56336] AH01630: client denied by server configuration: /home/envapres/public_html/server-status
[Sun May 25 17:53:30.581016 2025] [:error] [pid 25146:tid 139900221347584] [client 206.81.24.74:59914] File does not exist: /home/envapres/public_html/info.php
[Sun May 25 17:53:30.640659 2025] [authz_core:error] [pid 25146:tid 139900229740288] [client 164.90.208.56:42014] AH01630: client denied by server configuration: /home/envapres/public_html/server-status
[Sun May 25 17:53:30.750733 2025] [:error] [pid 25146:tid 139900196169472] [client 64.226.65.160:56404] File does not exist: /home/envapres/public_html/info.php
[Sun May 25 17:53:32.072678 2025] [:error] [pid 25041:tid 139900187776768] [client 164.90.208.56:42060] File does not exist: /home/envapres/public_html/info.php
[Mon May 26 21:09:58.085673 2025] [:error] [pid 7592:tid 140406423508736] [client 170.39.217.3:54664] File does not exist: /home/envapres/public_html/phpinfo.php
[Mon May 26 21:09:58.202385 2025] [:error] [pid 7591:tid 140406473864960] [client 170.39.217.3:52243] File does not exist: /home/envapres/public_html/info.php
[Tue May 27 01:49:00.910321 2025] [:error] [pid 7592:tid 140406586521344] [client 170.39.217.201:5800] File does not exist: /home/envapres/public_html/phpinfo.php
[Tue May 27 16:47:55.794730 2025] [:error] [pid 2089:tid 140628973287168] [client 185.177.72.204:29280] File does not exist: /home/envapres/public_html/phpinfo.php
[Tue May 27 16:47:55.800991 2025] [:error] [pid 2089:tid 140628897752832] [client 185.177.72.204:29280] File does not exist: /home/envapres/public_html/info.php
[Tue May 27 16:47:55.859185 2025] [authz_core:error] [pid 2089:tid 140629136766720] [client 185.177.72.204:29280] AH01630: client denied by server configuration: /home/envapres/public_html/.htpasswd
[Tue May 27 16:47:55.865423 2025] [authz_core:error] [pid 2089:tid 140629119981312] [client 185.177.72.204:29280] AH01630: client denied by server configuration: /home/envapres/public_html/.htaccess
[Tue May 27 16:47:55.884440 2025] [:error] [pid 2089:tid 140629145159424] [client 185.177.72.204:29280] [client 185.177.72.204] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server.envapress.org"] [uri "/db_backup.sql"] [unique_id "aDXCi6-FI5N3rxuWN1Jo1wAAAAE"]
[Tue May 27 16:47:55.890638 2025] [:error] [pid 2089:tid 140628939716352] [client 185.177.72.204:29280] [client 185.177.72.204] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server.envapress.org"] [uri "/dump.sql"] [unique_id "aDXCi6-FI5N3rxuWN1Jo2AAAABE"]
[Tue May 27 16:47:56.040785 2025] [:error] [pid 2089:tid 140629145159424] [client 185.177.72.204:29280] [client 185.177.72.204] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".key"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server.envapress.org"] [uri "/private.key"] [unique_id "aDXCjK-FI5N3rxuWN1Jo8AAAAAE"]
[Tue May 27 16:47:56.046995 2025] [:error] [pid 2089:tid 140628939716352] [client 185.177.72.204:29280] [client 185.177.72.204] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".key"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server.envapress.org"] [uri "/public.key"] [unique_id "aDXCjK-FI5N3rxuWN1Jo8QAAABE"]
[Tue May 27 16:47:56.122103 2025] [:error] [pid 2089:tid 140628922930944] [client 185.177.72.204:29280] [client 185.177.72.204] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server.envapress.org"] [uri "/var/log/nginx/access.log"] [unique_id "aDXCjK-FI5N3rxuWN1Jo_QAAABM"]
[Tue May 27 16:47:56.128344 2025] [:error] [pid 2089:tid 140628931323648] [client 185.177.72.204:29280] [client 185.177.72.204] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server.envapress.org"] [uri "/var/log/nginx/error.log"] [unique_id "aDXCjK-FI5N3rxuWN1Jo_gAAABI"]
[Tue May 27 16:47:56.134565 2025] [:error] [pid 2089:tid 140628880967424] [client 185.177.72.204:29280] [client 185.177.72.204] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server.envapress.org"] [uri "/var/log/apache2/access.log"] [unique_id "aDXCjK-FI5N3rxuWN1Jo_wAAABg"]
[Tue May 27 16:47:56.140824 2025] [:error] [pid 2089:tid 140628956501760] [client 185.177.72.204:29280] [client 185.177.72.204] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server.envapress.org"] [uri "/var/log/apache2/error.log"] [unique_id "aDXCjK-FI5N3rxuWN1JpAAAAAA8"]
[Wed May 28 13:13:14.713952 2025] [:error] [pid 13266:tid 140613395605248] [client 185.177.72.201:11774] File does not exist: /home/envapres/public_html/phpinfo.php
[Wed May 28 13:13:14.720151 2025] [:error] [pid 13266:tid 140613496317696] [client 185.177.72.201:11774] File does not exist: /home/envapres/public_html/info.php
[Wed May 28 13:13:14.732736 2025] [:error] [pid 13266:tid 140613412390656] [client 185.177.72.201:11774] File does not exist: /home/envapres/public_html/server-info.php
[Wed May 28 13:13:14.761729 2025] [:error] [pid 13266:tid 140613538281216] [client 185.177.72.201:11774] File does not exist: /home/envapres/public_html/wp-config.php.bak
[Wed May 28 18:03:44.177965 2025] [:error] [pid 2765:tid 140613437568768] [client 185.177.72.201:27002] File does not exist: /home/envapres/public_html/phpinfo.php
[Wed May 28 18:03:44.184200 2025] [:error] [pid 2765:tid 140613445961472] [client 185.177.72.201:27002] File does not exist: /home/envapres/public_html/info.php
[Wed May 28 18:03:44.196680 2025] [:error] [pid 2765:tid 140613504710400] [client 185.177.72.201:27002] File does not exist: /home/envapres/public_html/server-info.php
[Wed May 28 18:03:44.223754 2025] [:error] [pid 2765:tid 140613429176064] [client 185.177.72.201:27002] File does not exist: /home/envapres/public_html/wp-config.php.bak
[Wed Jun 04 04:57:26.700488 2025] [:error] [pid 11181:tid 140249908852480] [client 89.187.164.79:50184] File does not exist: /home/envapres/public_html/phpinfo.php
[Wed Jun 04 04:57:27.248493 2025] [:error] [pid 11275:tid 140250103404288] [client 89.187.164.79:50116] File does not exist: /home/envapres/public_html/test.php
[Wed Jun 04 04:57:29.263119 2025] [:error] [pid 11180:tid 140249900459776] [client 89.187.164.79:50111] File does not exist: /home/envapres/public_html/index.php
[Fri Jun 13 08:36:22.536013 2025] [:error] [pid 28034:tid 139743312430848] [client 185.177.72.210:4072] File does not exist: /home/envapres/public_html/i.php
[Fri Jun 13 08:36:22.542270 2025] [:error] [pid 28034:tid 139743295645440] [client 185.177.72.210:4072] File does not exist: /home/envapres/public_html/info.php
[Fri Jun 13 08:36:22.554767 2025] [:error] [pid 28034:tid 139743371179776] [client 185.177.72.210:4072] File does not exist: /home/envapres/public_html/p.php
[Fri Jun 13 08:36:22.567315 2025] [:error] [pid 28034:tid 139743346001664] [client 185.177.72.210:4072] File does not exist: /home/envapres/public_html/phpinfo.php
[Sat Jun 14 05:09:46.801120 2025] [:error] [pid 29706:tid 139990918960896] [client 185.177.72.210:33064] File does not exist: /home/envapres/public_html/i.php
[Sat Jun 14 05:09:46.809353 2025] [:error] [pid 29706:tid 139990986102528] [client 185.177.72.210:33064] File does not exist: /home/envapres/public_html/info.php
[Sat Jun 14 05:09:46.830392 2025] [:error] [pid 29706:tid 139990902175488] [client 185.177.72.210:33064] File does not exist: /home/envapres/public_html/p.php
[Sat Jun 14 05:09:46.847021 2025] [:error] [pid 29706:tid 139991116482304] [client 185.177.72.210:33064] File does not exist: /home/envapres/public_html/phpinfo.php